{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,20]],"date-time":"2026-01-20T14:36:01Z","timestamp":1768919761600,"version":"3.49.0"},"publisher-location":"Cham","reference-count":76,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030345778","type":"print"},{"value":"9783030345785","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-34578-5_10","type":"book-chapter","created":{"date-parts":[[2019,11,25]],"date-time":"2019-11-25T00:02:57Z","timestamp":1574640177000},"page":"248-277","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":86,"title":["Verifiable Delay Functions from Supersingular Isogenies and Pairings"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9321-0773","authenticated-orcid":false,"given":"Luca","family":"De Feo","sequence":"first","affiliation":[]},{"given":"Simon","family":"Masson","sequence":"additional","affiliation":[]},{"given":"Christophe","family":"Petit","sequence":"additional","affiliation":[]},{"given":"Antonio","family":"Sanso","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,11,25]]},"reference":[{"key":"10_CR1","unstructured":"Azarderakhsh, R., et al.: Supersingular isogeny key encapsulation (2017). http:\/\/sike.org"},{"key":"10_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-662-46800-5_6","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"R Barbulescu","year":"2015","unstructured":"Barbulescu, R., Gaudry, P., Guillevic, A., Morain, F.: Improving NFS for the discrete logarithm problem in non-prime finite fields. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 129\u2013155. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_6"},{"key":"10_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"319","DOI":"10.1007\/11693383_22","volume-title":"Selected Areas in Cryptography","author":"PSLM Barreto","year":"2006","unstructured":"Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319\u2013331. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11693383_22"},{"issue":"257","key":"10_CR4","doi-asserted-by":"publisher","first-page":"443","DOI":"10.1090\/S0025-5718-06-01849-7","volume":"76","author":"D Bernstein","year":"2007","unstructured":"Bernstein, D., Sorenson, J.: Modular exponentiation via the explicit Chinese remainder theorem. Math. Comput. 76(257), 443\u2013454 (2007). https:\/\/doi.org\/10.1090\/S0025-5718-06-01849-7","journal-title":"Math. Comput."},{"key":"10_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"409","DOI":"10.1007\/978-3-030-17656-3_15","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"DJ Bernstein","year":"2019","unstructured":"Bernstein, D.J., Lange, T., Martindale, C., Panny, L.: Quantum circuits for the CSIDH: optimizing quantum evaluation of isogenies. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11477, pp. 409\u2013441. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17656-3_15"},{"key":"10_CR6","doi-asserted-by":"crossref","unstructured":"Beullens, W., Kleinjung, T., Vercauteren, F.: CSI-FiSh: efficient isogeny based signatures through class group computations. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019. LNCS, vol. 11921, pp. 227\u2013247. Springer, Heidelberg (2019)","DOI":"10.1007\/978-3-030-34578-5_9"},{"key":"10_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"153","DOI":"10.1007\/978-3-030-05378-9_9","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2018","author":"J-F Biasse","year":"2018","unstructured":"Biasse, J.-F., Iezzi, A., Jacobson, M.J.: A note on the security of CSIDH. In: Chakraborty, D., Iwata, T. (eds.) INDOCRYPT 2018. LNCS, vol. 11356, pp. 153\u2013168. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-05378-9_9"},{"key":"10_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"428","DOI":"10.1007\/978-3-319-13039-2_25","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2014","author":"J-F Biasse","year":"2014","unstructured":"Biasse, J.-F., Jao, D., Sankar, A.: A quantum algorithm for computing isogenies between supersingular elliptic curves. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 428\u2013442. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-13039-2_25"},{"key":"10_CR9","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511546570","volume-title":"Advances in Elliptic Curve Cryptography, London Mathematical Society Lecture Note Series","author":"IF Blake","year":"2005","unstructured":"Blake, I.F., Seroussi, G., Smart, N., et al.: Advances in Elliptic Curve Cryptography, London Mathematical Society Lecture Note Series, vol. 317. Cambridge University Press, New York (2005)"},{"key":"10_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"757","DOI":"10.1007\/978-3-319-96884-1_25","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"D Boneh","year":"2018","unstructured":"Boneh, D., Bonneau, J., B\u00fcnz, B., Fisch, B.: Verifiable delay functions. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 757\u2013788. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96884-1_25"},{"key":"10_CR11","unstructured":"Boneh, D., B\u00fcnz, B., Fisch, B.: A survey of two verifiable delay functions. Cryptology ePrint Archive, Report 2018\/712 (2018). https:\/\/eprint.iacr.org\/2018\/712"},{"issue":"4","key":"10_CR12","doi-asserted-by":"publisher","first-page":"297","DOI":"10.1007\/s00145-004-0314-9","volume":"17","author":"D Boneh","year":"2004","unstructured":"Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. J. Cryptol. 17(4), 297\u2013319 (2004). https:\/\/doi.org\/10.1007\/s00145-004-0314-9","journal-title":"J. Cryptol."},{"key":"10_CR13","unstructured":"Bonnetain, X., Schrottenloher, A.: Quantum security analysis of CSIDH and ordinary isogeny-based schemes. Cryptology ePrint Archive, Report 2018\/537 (2018). https:\/\/eprint.iacr.org\/2018\/537"},{"key":"10_CR14","unstructured":"Broker, R.M., Charles, D.X., Lauter, K.E.: Cryptographic applications of efficiently evaluating large degree isogenies, US Patent 8,250,367, August 2012"},{"key":"10_CR15","doi-asserted-by":"crossref","unstructured":"Buchmann, J., Hamdy, S.: A survey on IQ cryptography. In: Proceedings of Public Key Cryptography and Computational Number Theory, pp. 1\u201315 (2001)","DOI":"10.1515\/9783110881035.1"},{"key":"10_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"395","DOI":"10.1007\/978-3-030-03332-3_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2018","author":"W Castryck","year":"2018","unstructured":"Castryck, W., Lange, T., Martindale, C., Panny, L., Renes, J.: CSIDH: an efficient post-quantum commutative group action. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11274, pp. 395\u2013427. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-03332-3_15"},{"issue":"1","key":"10_CR17","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/s00145-007-9002-x","volume":"22","author":"DX Charles","year":"2009","unstructured":"Charles, D.X., Goren, E.Z., Lauter, K.E.: Cryptographic hash functions from expander graphs. J. Cryptol. 22(1), 93\u2013113 (2009). https:\/\/doi.org\/10.1007\/s00145-007-9002-x","journal-title":"J. Cryptol."},{"issue":"1","key":"10_CR18","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1515\/jmc-2012-0016","volume":"8","author":"A Childs","year":"2014","unstructured":"Childs, A., Jao, D., Soukharev, V.: Constructing elliptic curve isogenies in quantum subexponential time. J. Math. Cryptol. 8(1), 1\u201329 (2014)","journal-title":"J. Math. Cryptol."},{"key":"10_CR19","unstructured":"Cohen, B.: Proofs of space and time. In: Blockchain Protocol Analysis and Security Engineering (2017). https:\/\/cyber.stanford.edu\/sites\/default\/files\/bramcohen.pdf"},{"key":"10_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"451","DOI":"10.1007\/978-3-319-78375-8_15","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"B Cohen","year":"2018","unstructured":"Cohen, B., Pietrzak, K.: Simple proofs of sequential work. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 451\u2013467. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78375-8_15"},{"key":"10_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"572","DOI":"10.1007\/978-3-662-53018-4_21","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"C Costello","year":"2016","unstructured":"Costello, C., Longa, P., Naehrig, M.: Efficient algorithms for supersingular isogeny Diffie-Hellman. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 572\u2013601. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_21"},{"key":"10_CR22","doi-asserted-by":"publisher","DOI":"10.1002\/9781118032756","volume-title":"Primes of the form $$x^2 + ny^2$$: Fermat, Class Field Theory, and Complex Multiplication","author":"DA Cox","year":"1997","unstructured":"Cox, D.A.: Primes of the form $$x^2 + ny^2$$: Fermat, Class Field Theory, and Complex Multiplication. Wiley, New York (1997)"},{"key":"10_CR23","unstructured":"De Feo, L.: Mathematics of isogeny based cryptography (2017). http:\/\/arxiv.org\/abs\/1711.04062"},{"key":"10_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"759","DOI":"10.1007\/978-3-030-17659-4_26","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"L De Feo","year":"2019","unstructured":"De Feo, L., Galbraith, S.D.: SeaSign: compact isogeny signatures from class group actions. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11478, pp. 759\u2013789. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17659-4_26"},{"issue":"3","key":"10_CR25","doi-asserted-by":"crossref","first-page":"209","DOI":"10.1515\/jmc-2012-0015","volume":"8","author":"L De Feo","year":"2014","unstructured":"De Feo, L., Jao, D., Pl\u00fbt, J.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. J. Math. Cryptol. 8(3), 209\u2013247 (2014)","journal-title":"J. Math. Cryptol."},{"issue":"2","key":"10_CR26","doi-asserted-by":"publisher","first-page":"425","DOI":"10.1007\/s10623-014-0010-1","volume":"78","author":"C Delfs","year":"2016","unstructured":"Delfs, C., Galbraith, S.D.: Computing isogenies between supersingular elliptic curves over $$\\mathbb{F}_p$$. Des. Codes Crypt. 78(2), 425\u2013440 (2016). https:\/\/doi.org\/10.1007\/s10623-014-0010-1","journal-title":"Des. Codes Crypt."},{"key":"10_CR27","unstructured":"Doliskani, J., Pereira, G.C.C.F., Barreto, P.S.L.M.: Faster cryptographic hash function from supersingular isogeny graphs. Cryptology ePrint Archive, Report 2017\/1202 (2017). https:\/\/eprint.iacr.org\/2017\/1202"},{"key":"10_CR28","unstructured":"Drake, J.: Minimal VDF randomness beacon. Ethereum Res. (2018). https:\/\/ethresear.ch\/t\/minimal-vdf-randomness-beacon\/3566"},{"key":"10_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/3-540-48071-4_10","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 92","author":"C Dwork","year":"1993","unstructured":"Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139\u2013147. Springer, Heidelberg (1993). https:\/\/doi.org\/10.1007\/3-540-48071-4_10"},{"key":"10_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"329","DOI":"10.1007\/978-3-319-78372-7_11","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"K Eisentr\u00e4ger","year":"2018","unstructured":"Eisentr\u00e4ger, K., Hallgren, S., Lauter, K., Morrison, T., Petit, C.: Supersingular isogeny graphs and endomorphism rings: reductions and solutions. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 329\u2013368. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_11"},{"issue":"2","key":"10_CR31","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1007\/s00145-009-9048-z","volume":"23","author":"D Freeman","year":"2010","unstructured":"Freeman, D., Scott, M., Teske, E.: A taxonomy of pairing-friendly elliptic curves. J. Cryptol. 23(2), 224\u2013280 (2010). https:\/\/doi.org\/10.1007\/s00145-009-9048-z","journal-title":"J. Cryptol."},{"key":"10_CR32","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9781139012843","volume-title":"Mathematics of Public Key Cryptography","author":"SD Galbraith","year":"2012","unstructured":"Galbraith, S.D.: Mathematics of Public Key Cryptography. Cambridge University Press, New York (2012)"},{"key":"10_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1007\/3-540-46035-7_3","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2002","author":"SD Galbraith","year":"2002","unstructured":"Galbraith, S.D., Hess, F., Smart, N.P.: Extending the GHS weil descent attack. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 29\u201344. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-46035-7_3"},{"issue":"12","key":"10_CR34","doi-asserted-by":"publisher","first-page":"5719","DOI":"10.1109\/TIT.2008.2006431","volume":"54","author":"SD Galbraith","year":"2008","unstructured":"Galbraith, S.D., Hess, F., Vercauteren, F.: Aspects of pairing inversion. IEEE Trans. Inf. Theor. 54(12), 5719\u20135728 (2008). https:\/\/doi.org\/10.1109\/TIT.2008.2006431","journal-title":"IEEE Trans. Inf. Theor."},{"key":"10_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-662-53887-6_3","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"SD Galbraith","year":"2016","unstructured":"Galbraith, S.D., Petit, C., Shani, B., Ti, Y.B.: On the security of supersingular isogeny cryptosystems. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 63\u201391. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53887-6_3"},{"key":"10_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-70694-8_1","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"SD Galbraith","year":"2017","unstructured":"Galbraith, S.D., Petit, C., Silva, J.: Identification protocols and signature schemes based on supersingular isogeny problems. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 3\u201333. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70694-8_1"},{"issue":"2","key":"10_CR37","doi-asserted-by":"publisher","first-page":"429","DOI":"10.1006\/jabr.1997.7028","volume":"194","author":"RM Guralnick","year":"1997","unstructured":"Guralnick, R.M., M\u00fcller, P.: Exceptional polynomials of affine type. J. Algebra 194(2), 429\u2013454 (1997). https:\/\/doi.org\/10.1006\/jabr.1997.7028","journal-title":"J. Algebra"},{"key":"10_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/978-3-642-25405-5_2","volume-title":"Post-Quantum Cryptography","author":"D Jao","year":"2011","unstructured":"Jao, D., De Feo, L.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 19\u201334. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25405-5_2"},{"key":"10_CR39","unstructured":"Jao, D., LeGrow, J., Leonardi, C., Ruiz-Lopez, L.: A polynomial quantum space attack on CRS and CSIDH. In: MathCrypt 2018 (2018)"},{"key":"10_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"219","DOI":"10.1007\/978-3-642-14518-6_19","volume-title":"Algorithmic Number Theory","author":"D Jao","year":"2010","unstructured":"Jao, D., Soukharev, V.: A subexponential algorithm for evaluating large degree isogenies. In: Hanrot, G., Morain, F., Thom\u00e9, E. (eds.) ANTS 2010. LNCS, vol. 6197, pp. 219\u2013233. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-14518-6_19"},{"key":"10_CR41","unstructured":"Jao, D.Y., Montgomery, P.L., Venkatesan, R., Boyko, V.: Systems and methods for generation and validation of isogeny-based signatures, US Patent 7,617,397, November 2009"},{"key":"10_CR42","unstructured":"Jao, D.Y., Venkatesan, R.: Use of isogenies for design of cryptosystems, US Patent 7,499,544, March 2009"},{"issue":"5","key":"10_CR43","doi-asserted-by":"publisher","first-page":"1714","DOI":"10.1137\/080734467","volume":"39","author":"M Kirschmer","year":"2010","unstructured":"Kirschmer, M., Voight, J.: Algorithmic enumeration of ideal classes for quaternion orders. SIAM J. Comput. 39(5), 1714\u20131747 (2010). https:\/\/doi.org\/10.1137\/080734467","journal-title":"SIAM J. Comput."},{"key":"10_CR44","unstructured":"Kitaev, A.Y.: Quantum measurements and the Abelian stabilizer problem. arXiv preprint quant-ph\/9511026 (1995). https:\/\/arxiv.org\/abs\/quant-ph\/9511026"},{"key":"10_CR45","unstructured":"Kohel, D.: Endomorphism rings of elliptic curves over finite fields. Ph.D. thesis, University of California at Berkley (1996)"},{"issue":"A","key":"10_CR46","doi-asserted-by":"publisher","first-page":"418","DOI":"10.1112\/S1461157014000151","volume":"17","author":"DR Kohel","year":"2014","unstructured":"Kohel, D.R., Lauter, K., Petit, C., Tignol, J.P.: On the quaternion-isogeny path problem. LMS J. Comput. Math. 17(A), 418\u2013432 (2014)","journal-title":"LMS J. Comput. Math."},{"key":"10_CR47","unstructured":"Koshiba, T., Takashima, K.: Pairing cryptography meets isogeny: a new framework of isogenous pairing groups. Cryptology ePrint Archive, Report 2016\/1138 (2016). https:\/\/eprint.iacr.org\/2016\/1138"},{"key":"10_CR48","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-12146-4_1","volume-title":"Information Security and Cryptology \u2013 ICISC 2018","author":"T Koshiba","year":"2019","unstructured":"Koshiba, T., Takashima, K.: New assumptions on isogenous pairing groups with applications to attribute-based encryption. In: Lee, K. (ed.) ICISC 2018. LNCS, vol. 11396, pp. 3\u201319. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-12146-4_1"},{"issue":"1","key":"10_CR49","doi-asserted-by":"publisher","first-page":"170","DOI":"10.1137\/S0097539703436345","volume":"35","author":"G Kuperberg","year":"2005","unstructured":"Kuperberg, G.: A subexponential-time quantum algorithm for the dihedral hidden subgroup problem. SIAM J. Comput. 35(1), 170\u2013188 (2005)","journal-title":"SIAM J. Comput."},{"key":"10_CR50","doi-asserted-by":"publisher","unstructured":"Kuperberg, G.: Another subexponential-time quantum algorithm for the dihedral hidden subgroup problem. In: Severini, S., Brandao, F. (eds.) 8th Conference on the Theory of Quantum Computation, Communication and Cryptography (TQC 2013). Leibniz International Proceedings in Informatics (LIPIcs), vol. 22, pp. 20\u201334. Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik, Dagstuhl (2013). https:\/\/doi.org\/10.4230\/LIPIcs.TQC.2013.20","DOI":"10.4230\/LIPIcs.TQC.2013.20"},{"key":"10_CR51","unstructured":"Lenstra, A.K., Wesolowski, B.: A random zoo: sloth, unicorn, and trx. IACR Cryptology ePrint Archive 2015, 366 (2015). https:\/\/doi.org\/cr.org\/2015\/366"},{"key":"10_CR52","unstructured":"Long, L.: Binary quadratic forms. Chia Network (2018). https:\/\/github.com\/Chia-Network\/vdf-competition\/blob\/master\/classgroups.pdf"},{"key":"10_CR53","doi-asserted-by":"crossref","unstructured":"Mahmoody, M., Moran, T., Vadhan, S.: Publicly verifiable proofs of sequential work. In: Proceedings of the 4th Conference on Innovations in Theoretical Computer Science, pp. 373\u2013388. ACM (2013)","DOI":"10.1145\/2422436.2422479"},{"key":"10_CR54","doi-asserted-by":"publisher","unstructured":"Menezes, A., Vanstone, S., Okamoto, T.: Reducing elliptic curve logarithms to logarithms in a finite field. In: Proceedings of the Twenty-Third Annual ACM Symposium on Theory of Computing, STOC 1991, pp. 80\u201389. ACM, New York (1991). https:\/\/doi.org\/10.1145\/103418.103434","DOI":"10.1145\/103418.103434"},{"key":"10_CR55","unstructured":"Mestre, J.F.: La m\u00e9thode des graphes. Exemples et applications. In: Proceedings of the International Conference on Class Numbers and Fundamental Units of Algebraic Number Fields (Katata, 1986). Nagoya University, Nagoya (1986). http:\/\/boxen.math.washington.edu\/msri06\/refs\/mestre-method-of-graphs\/mestre-fr.pdf"},{"key":"10_CR56","doi-asserted-by":"publisher","unstructured":"Micali, S., Rabin, M., Vadhan, S.: Verifiable random functions. In: 40th Annual Symposium on Foundations of Computer Science (Cat. No. 99CB37039), pp. 120\u2013130, October 1999. https:\/\/doi.org\/10.1109\/SFFCS.1999.814584","DOI":"10.1109\/SFFCS.1999.814584"},{"key":"10_CR57","unstructured":"Petit, C., Lauter, K.: Hard and easy problems for supersingular isogeny graphs. Cryptology ePrint Archive, Report 2017\/962 (2017). http:\/\/eprint.iacr.org\/2017\/962"},{"issue":"1","key":"10_CR58","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/s12095-017-0264-3","volume":"10","author":"C Pierrot","year":"2018","unstructured":"Pierrot, C., Wesolowski, B.: Malleability of the Blockchain\u2019s entropy. Crypt. Commun. 10(1), 211\u2013233 (2018). https:\/\/doi.org\/10.1007\/s12095-017-0264-3","journal-title":"Crypt. Commun."},{"key":"10_CR59","doi-asserted-by":"publisher","unstructured":"Pietrzak, K.: Simple verifiable delay functions. In: Blum, A. (ed.) 10th Innovations in Theoretical Computer Science Conference (ITCS 2019). Leibniz International Proceedings in Informatics (LIPIcs), vol. 124, pp. 60:1\u201360:15. Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik, Dagstuhl (2018). https:\/\/doi.org\/10.4230\/LIPIcs.ITCS.2019.60","DOI":"10.4230\/LIPIcs.ITCS.2019.60"},{"issue":"1","key":"10_CR60","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1090\/S0273-0979-1990-15918-X","volume":"23","author":"Arnold K. Pizer","year":"1990","unstructured":"Pizer, A.K.: Ramanujan graphs and Hecke operators. Bull. Am. Math. Soc. (N.S.) 23(1) (1990). https:\/\/doi.org\/10.1090\/S0273-0979-1990-15918-X","journal-title":"Bulletin of the American Mathematical Society"},{"key":"10_CR61","doi-asserted-by":"crossref","unstructured":"Pizer, A.K.: Ramanujan graphs. In: Computational Perspectives on Number Theory (Chicago, IL, 1995), AMS\/IP Studies in Advanced Mathematics, vol. 7. American Mathematical Society, Providence (1998)","DOI":"10.1090\/amsip\/007\/08"},{"issue":"2","key":"10_CR62","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1016\/0022-0000(83)90042-9","volume":"27","author":"MO Rabin","year":"1983","unstructured":"Rabin, M.O.: Transaction protection by beacons. J. Comput. Syst. Sci. 27(2), 256\u2013267 (1983). https:\/\/doi.org\/10.1016\/0022-0000(83)90042-9","journal-title":"J. Comput. Syst. Sci."},{"key":"10_CR63","unstructured":"Regev, O.: A subexponential time algorithm for the dihedral hidden subgroup problem with polynomial space. arXiv:quant-ph\/0406151, June 2004. http:\/\/arxiv.org\/abs\/quant-ph\/0406151"},{"key":"10_CR64","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1007\/978-3-319-79063-3_11","volume-title":"Post-Quantum Cryptography","author":"J Renes","year":"2018","unstructured":"Renes, J.: Computing isogenies between montgomery curves using the\u00a0action\u00a0of\u00a0(0, 0). In: Lange, T., Steinwandt, R. (eds.) PQCrypto 2018. LNCS, vol. 10786, pp. 229\u2013247. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-79063-3_11"},{"key":"10_CR65","unstructured":"Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto. Technical report, Cambridge, MA, USA (1996)"},{"key":"10_CR66","series-title":"Graduate Texts in Mathematics","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-09494-6","volume-title":"The Arithmetic of Elliptic Curves","author":"JH Silverman","year":"2009","unstructured":"Silverman, J.H.: The Arithmetic of Elliptic Curves. GTM, vol. 106. Springer, New York (2009). https:\/\/doi.org\/10.1007\/978-0-387-09494-6"},{"key":"10_CR67","unstructured":"Sutherland, A.: Elliptic curves. Lecture Notes From a Course (18.783) at MIT (2017). http:\/\/math.mit.edu\/classes\/18.783\/2017\/lectures"},{"key":"10_CR68","doi-asserted-by":"crossref","unstructured":"Syta, E., et al.: Scalable bias-resistant distributed randomness. In: IEEE Symposium on Security and Privacy, pp. 444\u2013460. IEEE Computer Society (2017)","DOI":"10.1109\/SP.2017.45"},{"key":"10_CR69","unstructured":"The Sage Developers: SageMath, the Sage Mathematics Software System (Version 8.0) (2018). https:\/\/www.sagemath.org"},{"key":"10_CR70","first-page":"238","volume":"273","author":"J V\u00e9lu","year":"1971","unstructured":"V\u00e9lu, J.: Isog\u00e9nies entre courbes elliptiques. Comptes Rendus de l\u2019Acad\u00e9mie des Sciences de Paris 273, 238\u2013241 (1971)","journal-title":"Comptes Rendus de l\u2019Acad\u00e9mie des Sciences de Paris"},{"key":"10_CR71","series-title":"Lecture Notes in Mathematics","doi-asserted-by":"publisher","DOI":"10.1007\/BFb0091027","volume-title":"Arithm\u00e9tique des Alg\u00e8bres de Quaternions","author":"M-F Vign\u00e9ras","year":"1980","unstructured":"Vign\u00e9ras, M.-F.: Arithm\u00e9tique des Alg\u00e8bres de Quaternions. LNM, vol. 800. Springer, Heidelberg (1980). https:\/\/doi.org\/10.1007\/BFb0091027"},{"key":"10_CR72","unstructured":"Voight, J.: Quaternion Algebras (2018). https:\/\/math.dartmouth.edu\/~jvoight\/quat-book.pdf"},{"key":"10_CR73","doi-asserted-by":"publisher","DOI":"10.1201\/9781420071474","volume-title":"Elliptic Curves: Number Theory and Cryptography","author":"LC Washington","year":"2008","unstructured":"Washington, L.C.: Elliptic Curves: Number Theory and Cryptography, 2nd edn. CRC Press, New York (2008)","edition":"2"},{"issue":"4","key":"10_CR74","doi-asserted-by":"publisher","first-page":"521","DOI":"10.24033\/asens.1183","volume":"2","author":"WC Waterhouse","year":"1969","unstructured":"Waterhouse, W.C.: Abelian varieties over finite fields. Annales Scientifiques de l\u2019\u00c9cole Normale Sup\u00e9rieure 2(4), 521\u2013560 (1969)","journal-title":"Annales Scientifiques de l\u2019\u00c9cole Normale Sup\u00e9rieure"},{"key":"10_CR75","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"379","DOI":"10.1007\/978-3-030-17659-4_13","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"B Wesolowski","year":"2019","unstructured":"Wesolowski, B.: Efficient verifiable delay functions. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11478, pp. 379\u2013407. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17659-4_13"},{"key":"10_CR76","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1007\/978-3-319-70972-7_9","volume-title":"Financial Cryptography and Data Security","author":"Y Yoo","year":"2017","unstructured":"Yoo, Y., Azarderakhsh, R., Jalali, A., Jao, D., Soukharev, V.: A post-quantum digital signature scheme based on supersingular isogenies. In: Kiayias, A. (ed.) FC 2017. LNCS, vol. 10322, pp. 163\u2013181. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70972-7_9"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2019"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-34578-5_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T10:52:29Z","timestamp":1710327149000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-34578-5_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030345778","9783030345785"],"references-count":76,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-34578-5_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"25 November 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Kobe","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Japan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 December 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 December 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2019\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"IACR Web submission software","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"307","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"71","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}