{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T16:41:18Z","timestamp":1773247278983,"version":"3.50.1"},"publisher-location":"Cham","reference-count":31,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030442224","type":"print"},{"value":"9783030442231","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-44223-1_23","type":"book-chapter","created":{"date-parts":[[2020,4,9]],"date-time":"2020-04-09T23:04:06Z","timestamp":1586473446000},"page":"425-444","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":62,"title":["Improved Quantum Circuits for Elliptic Curve Discrete Logarithms"],"prefix":"10.1007","author":[{"given":"Thomas","family":"H\u00e4ner","sequence":"first","affiliation":[]},{"given":"Samuel","family":"Jaques","sequence":"additional","affiliation":[]},{"given":"Michael","family":"Naehrig","sequence":"additional","affiliation":[]},{"given":"Martin","family":"Roetteler","sequence":"additional","affiliation":[]},{"given":"Mathias","family":"Soeken","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,4,10]]},"reference":[{"issue":"6","key":"23_CR1","doi-asserted-by":"publisher","first-page":"818","DOI":"10.1109\/TCAD.2013.2244643","volume":"32","author":"M Amy","year":"2013","unstructured":"Amy, M., Maslov, D., Mosca, M., Roetteler, M.: A meet-in-the-middle algorithm for fast synthesis of depth-optimal quantum circuits. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 32(6), 818\u2013830 (2013)","journal-title":"IEEE Trans. Comput. Aided Des. Integr. Circuits Syst."},{"issue":"4","key":"23_CR2","first-page":"041015","volume":"8","author":"R Babbush","year":"2018","unstructured":"Babbush, R., et al.: Encoding electronic spectra in quantum circuits with linear T complexity. Phys. Rev. X 8(4), 041015 (2018). arXiv: quant-ph\/1805.03662","journal-title":"Phys. Rev. X"},{"key":"23_CR3","unstructured":"Barenco, A., et al.: Elementary gates for quantum computation. Phys. Rev. A 52(5), 3457\u20133467 (1995). arXiv: quant-ph\/9503016"},{"issue":"6","key":"23_CR4","doi-asserted-by":"publisher","first-page":"525","DOI":"10.1147\/rd.176.0525","volume":"17","author":"CH Bennett","year":"1973","unstructured":"Bennett, C.H.: Logical reversibility of computation. IBM J. Res. Dev. 17(6), 525\u2013532 (1973)","journal-title":"IBM J. Res. Dev."},{"issue":"4","key":"23_CR5","doi-asserted-by":"publisher","first-page":"766","DOI":"10.1137\/0218053","volume":"18","author":"CH Bennett","year":"1989","unstructured":"Bennett, C.H.: Time\/space trade-offs for reversible computation. SIAM J. Comput. 18(4), 766\u2013776 (1989)","journal-title":"SIAM J. Comput."},{"key":"23_CR6","unstructured":"Bernstein, D.J., Lange, T.: (2007). https:\/\/www.hyperelliptic.org\/EFD"},{"issue":"3","key":"23_CR7","doi-asserted-by":"crossref","first-page":"340","DOI":"10.46586\/tches.v2019.i3.340-398","volume":"2019","author":"DJ Bernstein","year":"2019","unstructured":"Bernstein, D.J., Yang, B.-Y.: Fast constant-time GCD computation and modular inversion. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(3), 340\u2013398 (2019)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"23_CR8","unstructured":"Cuccaro, S.A., Draper, T.G., Kutin, S.A., Moulton, D.P.: A new quantum ripple-carry addition circuit (2004). arXiv:quant-ph\/0410184"},{"key":"23_CR9","unstructured":"Draper, T.G., Kutin, S.A., Rains, E.M., Svore, K.M.: A logarithmic-depth quantum carry-lookahead adder, June 2004. arXiv: quant-ph\/0406142"},{"key":"23_CR10","doi-asserted-by":"publisher","first-page":"032324","DOI":"10.1103\/PhysRevA.86.032324","volume":"86","author":"AG Fowler","year":"2012","unstructured":"Fowler, A.G., Mariantoni, M., Martinis, J.M., Cleland, A.N.: Surface codes: towards practical large-scale quantum computation. Phys. Rev. A 86, 032324 (2012)","journal-title":"Phys. Rev. A"},{"key":"23_CR11","unstructured":"Gheorghiu, V., Mosca, M.: Benchmarking the quantum cryptanalysis of symmetric, public-key and hash-based cryptographic schemes (2019)"},{"key":"23_CR12","doi-asserted-by":"publisher","first-page":"74","DOI":"10.22331\/q-2018-06-18-74","volume":"2","author":"C Gidney","year":"2018","unstructured":"Gidney, C.: Halving the cost of quantum addition. Quantum 2, 74 (2018)","journal-title":"Quantum"},{"key":"23_CR13","unstructured":"Gidney, C.: Windowed quantum arithmetic (2019). arXiv: quant-ph\/1905.07682"},{"key":"23_CR14","unstructured":"Gidney, C., Eker\u00e5, M.: How to factor 2048 bit RSA integers in 8 hours using 20 million noisy qubits, May 2019. arXiv: quant-ph\/1905.09749"},{"issue":"17","key":"23_CR15","doi-asserted-by":"publisher","first-page":"3228","DOI":"10.1103\/PhysRevLett.76.3228","volume":"76","author":"R Griffiths","year":"1996","unstructured":"Griffiths, R., Niu, C.-S.: Semiclassical Fourier transform for quantum computation. Phys. Rev. Lett. 76(17), 3228\u20133231 (1996)","journal-title":"Phys. Rev. Lett."},{"issue":"2","key":"23_CR16","doi-asserted-by":"publisher","first-page":"022328","DOI":"10.1103\/PhysRevA.87.022328","volume":"87","author":"C Jones","year":"2013","unstructured":"Jones, C.: Low-overhead constructions for the fault-tolerant Toffoli gate. Phys. Rev. A 87(2), 022328 (2013)","journal-title":"Phys. Rev. A"},{"issue":"8","key":"23_CR17","doi-asserted-by":"publisher","first-page":"1064","DOI":"10.1109\/12.403725","volume":"44","author":"BS Kaliski","year":"1995","unstructured":"Kaliski, B.S.: The Montgomery inverse and its applications. IEEE Trans. Comput. 44(8), 1064\u20131065 (1995)","journal-title":"IEEE Trans. Comput."},{"key":"23_CR18","unstructured":"Meuli, G., Soeken, M., Campbell, E., Roetteler, M., De Micheli, G.: The role of multiplicative complexity in compiling low T-count oracle circuits (2019). arXiv: quant-ph\/1908.01609"},{"key":"23_CR19","doi-asserted-by":"crossref","unstructured":"Meuli, G., Soeken, M., Roetteler, M., Bj\u00f8rner, N., De Micheli, G.: Reversible pebbling game for quantum memory management. In: Design, Automation & Test in Europe Conference, pp. 288\u2013291 (2019)","DOI":"10.23919\/DATE.2019.8715092"},{"issue":"170","key":"23_CR20","doi-asserted-by":"publisher","first-page":"519","DOI":"10.1090\/S0025-5718-1985-0777282-X","volume":"44","author":"PL Montgomery","year":"1985","unstructured":"Montgomery, P.L.: Modular multiplication without trial division. Math. Comput. 44(170), 519\u2013521 (1985)","journal-title":"Math. Comput."},{"key":"23_CR21","unstructured":"Moore, C.: Quantum circuits: fanout, parity, and counting (1999). arXiv: quant-ph\/9903046"},{"key":"23_CR22","volume-title":"Quantum Computation and Quantum Information","author":"MA Nielsen","year":"2000","unstructured":"Nielsen, M.A., Chuang, I.L.: Quantum Computation and Quantum Information. Cambridge University Press, Cambridge (2000)"},{"key":"23_CR23","doi-asserted-by":"crossref","unstructured":"Proos, J., Zalka, C.: Shor\u2019s discrete logarithm quantum algorithm for elliptic curves, January 2003. arXiv: quant-ph\/0301141","DOI":"10.26421\/QIC3.4-3"},{"key":"23_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1007\/978-3-319-70697-9_9","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"M Roetteler","year":"2017","unstructured":"Roetteler, M., Naehrig, M., Svore, K.M., Lauter, K.: Quantum resource estimates for computing elliptic curve discrete logarithms. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 241\u2013270. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70697-9_9"},{"issue":"4","key":"23_CR25","doi-asserted-by":"publisher","first-page":"042302","DOI":"10.1103\/PhysRevA.87.042302","volume":"87","author":"P Selinger","year":"2013","unstructured":"Selinger, P.: Quantum circuits of T-depth one. Phys. Rev. A 87(4), 042302 (2013). arXiv: 1210.0974","journal-title":"Phys. Rev. A"},{"key":"23_CR26","unstructured":"Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: FOCS 1994, pp. 124\u2013134 (1994)"},{"issue":"5","key":"23_CR27","doi-asserted-by":"publisher","first-page":"1484","DOI":"10.1137\/S0097539795293172","volume":"26","author":"PW Shor","year":"1997","unstructured":"Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484\u20131509 (1997)","journal-title":"SIAM J. Comput."},{"key":"23_CR28","doi-asserted-by":"crossref","unstructured":"Svore, K.M., et al.: Q#: enabling scalable quantum computing and development with a high-level DSL. In: RWDSL@CGO 2018 (2018)","DOI":"10.1145\/3183895.3183901"},{"key":"23_CR29","first-page":"10","volume":"10","author":"Y Takahashi","year":"2009","unstructured":"Takahashi, Y., Tani, S., Kunihiro, N.: Quantum addition circuits and unbounded fan-out. Quantum Inf. Comput. 10, 10 (2009)","journal-title":"Quantum Inf. Comput."},{"key":"23_CR30","doi-asserted-by":"crossref","unstructured":"Testa, E., Soeken, M., Amar\u00f9, L.G., De Micheli, G.: Reducing the multiplicative complexity in logic networks for cryptography and security applications. In: Design Automation Conference, p. 74 (2019)","DOI":"10.1145\/3316781.3317893"},{"key":"23_CR31","unstructured":"U.S. Department of Commerce\/National Institute of Standards and Technology. Digital signature standard (DSS). FIPS-186-4 (2013). http:\/\/nvlpubs.nist.gov\/nistpubs\/FIPS\/NIST.FIPS.186-4.pdf"}],"container-title":["Lecture Notes in Computer Science","Post-Quantum Cryptography"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-44223-1_23","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,10,20]],"date-time":"2022-10-20T23:55:09Z","timestamp":1666310109000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-44223-1_23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030442224","9783030442231"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-44223-1_23","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"10 April 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"PQCrypto","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Post-Quantum Cryptography","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Paris","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 April 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 April 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"pqcrypto2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/pqcrypto2020.inria.fr\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"86","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"29","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}