{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T12:11:13Z","timestamp":1725883873956},"publisher-location":"Cham","reference-count":37,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319566191"},{"type":"electronic","value":"9783319566207"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-56620-7_7","type":"book-chapter","created":{"date-parts":[[2017,3,31]],"date-time":"2017-03-31T02:29:18Z","timestamp":1490927358000},"page":"185-201","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":17,"title":["Computation of a 768-Bit Prime Field Discrete Logarithm"],"prefix":"10.1007","author":[{"given":"Thorsten","family":"Kleinjung","sequence":"first","affiliation":[]},{"given":"Claus","family":"Diem","sequence":"additional","affiliation":[]},{"given":"Arjen K.","family":"Lenstra","sequence":"additional","affiliation":[]},{"given":"Christine","family":"Priplata","sequence":"additional","affiliation":[]},{"given":"Colin","family":"Stahlke","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,4,1]]},"reference":[{"key":"7_CR1","doi-asserted-by":"crossref","unstructured":"Adleman, L.: A subexponential algorithm for the discrete logarithm problem with applications to cryptography. In: FOCS, pp. 55\u201360 (1979)","DOI":"10.1109\/SFCS.1979.2"},{"key":"7_CR2","doi-asserted-by":"crossref","unstructured":"Adrian, D., Bhargavan, K., Durumeric, Z., Gaudry, P., Green, M., Halderman, J.A., Heninger, N., Springall, D., Thom\u00e9, E., Valenta, L., VanderSloot, B., Wustrow, E., Zanella-B\u00e9guelin, S., Zimmermann, P.: Imperfect forward secrecy: how Diffie-Hellman fails in practice. In: 22nd ACM Conference on Computer and Communications Security, October 2015 (2015)","DOI":"10.1145\/2810103.2813707"},{"key":"7_CR3","unstructured":"Bailey, D.V., Baldwin, B., Batina, L., Bernstein, D.J., Birkner, P., Bos, J.W., van Damme, G., de Meulenaer, G., Fan, J., G\u00fcneysu, T., Gurkaynak, F., Kleinjung, T., Lange, T., Mentens, N., Paar, C., Regazzoni, F., Schwabe, P., Uhsadel, L.: The certicom challenges ECC2-X. Special-Purpose Hardware for Attacking Cryptographic Systems - SHARCS 2009 (2009). \n http:\/\/www.hyperelliptic.org\/tanja\/SHARCS\/record2.pdf"},{"key":"7_CR4","unstructured":"Bernstein, D.J.: How to find small factors of integers, june 2002. \n http:\/\/cr.yp.to\/papers.html"},{"key":"7_CR5","unstructured":"Bernstein, D.J., Chou, T., Chuengsatiansup, C., H\u00fclsing, A., Lange, T., Niederhagen, R., van Vredendaal, C.: How to manipulate curve standards: a white paper for the black hat. Cryptology ePrint Archive, Report 2014\/571 (2014). \n http:\/\/eprint.iacr.org\/2014\/571"},{"key":"7_CR6","unstructured":"Bos, J.W., Kaihara, M.E., Kleinjung, T., Lenstra, A.K., Montgomery, P.L.: On the security of 1024-bit RSA and 160-bit elliptic curve cryptography. Cryptology ePrint Archive, Report 2009\/389 (2009). \n http:\/\/eprint.iacr.org\/"},{"key":"7_CR7","unstructured":"Bouvier, C., Gaudry, P., Imbert, L., Hamza, J., Thom\u00e9, E.: Discrete logarithms in GF(p) - 180 digits. NMBRTHRY list, 11\/6\/2014"},{"key":"7_CR8","series-title":"Lecture Notes in Mathematics","doi-asserted-by":"publisher","first-page":"50","DOI":"10.1007\/BFb0091539","volume-title":"The development of the number field sieve","author":"JP Buhler","year":"1993","unstructured":"Buhler, J.P., Lenstra Jr., H.W., Pomerance, C.: Factoring integers with the number field sieve. In: Lenstra, A.K., Lenstra, H.W. (eds.) The development of the number field sieve. LNM, vol. 1554, pp. 50\u201394. Springer, Heidelberg (1993). doi:\n 10.1007\/BFb0091539"},{"issue":"3","key":"7_CR9","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/BF00198464","volume":"6","author":"D Coppersmith","year":"1993","unstructured":"Coppersmith, D.: Modifications to the number field sieve. J. Cryptol. 6(3), 169\u2013180 (1993)","journal-title":"J. Cryptol."},{"issue":"205","key":"7_CR10","first-page":"333","volume":"62","author":"D Coppersmith","year":"1994","unstructured":"Coppersmith, D.: Solving homogeneous linear equations over GF(2) via block Wiedemann algorithm. Math. Comput. 62(205), 333\u2013350 (1994)","journal-title":"Math. Comput."},{"key":"7_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1007\/3-540-39568-7_2","volume-title":"Advances in Cryptology","author":"T ElGamal","year":"1985","unstructured":"ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10\u201318. Springer, Heidelberg (1985). doi:\n 10.1007\/3-540-39568-7_2"},{"key":"7_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"194","DOI":"10.1007\/978-3-540-24847-7_14","volume-title":"Algorithmic Number Theory - ANTS-VI","author":"J Franke","year":"2004","unstructured":"Franke, J., Kleinjung, T., Morain, F., Wirth, T.: Proving the primality of very large numbers with fastECPP. In: Buell, D.A. (ed.) Algorithmic Number Theory - ANTS-VI. Lecture Notes in Computer Science, vol. 3076, pp. 194\u2013207. Springer, Heidelberg (2004)"},{"key":"7_CR13","doi-asserted-by":"publisher","first-page":"124","DOI":"10.1137\/0406010","volume":"6","author":"DM Gordon","year":"1993","unstructured":"Gordon, D.M.: Discrete logarithms in GF\n \n \n \n $$(p)$$\n using the number field sieve. SIAM J. Discret. Math. 6, 124\u2013138 (1993)","journal-title":"SIAM J. Discret. Math."},{"key":"7_CR14","unstructured":"Granger, R., Kleinjung, T., Zumbr\u00e4gel, J.: Discrete Logarithms in \n \n \n \n $$GF(2^{9234})$$\n . NMBRTHRY list, 31\/1\/2014"},{"key":"7_CR15","unstructured":"IETF. RFC 2409, November 1998. \n https:\/\/tools.ietf.org\/html\/rfc2409"},{"key":"7_CR16","unstructured":"IETF. RFC 4306, December 2005. \n https:\/\/tools.ietf.org\/html\/rfc4306"},{"issue":"242","key":"7_CR17","doi-asserted-by":"publisher","first-page":"953","DOI":"10.1090\/S0025-5718-02-01482-5","volume":"72","author":"A Joux","year":"2003","unstructured":"Joux, A., Lercier, R.: Improvements to the general number field sieve for discrete logarithms in prime fields. A comparison with the Gaussian integer method. Math. Comput. 72(242), 953\u2013967 (2003). (electronic)","journal-title":"Math. Comput."},{"key":"7_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"378","DOI":"10.1007\/978-3-662-45611-8_20","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"A Joux","year":"2014","unstructured":"Joux, A., Pierrot, C.: Improving the polynomial time precomputation of frobenius representation discrete logarithm algorithms. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 378\u2013397. Springer, Heidelberg (2014). doi:\n 10.1007\/978-3-662-45611-8_20"},{"key":"7_CR19","first-page":"777","volume":"64","author":"E Kaltofen","year":"1995","unstructured":"Kaltofen, E.: Analysis of Coppersmith\u2019s block Wiedemann algorithm for the parallel solution of sparse linear systems. Math. Comput. 64, 777\u2013806 (1995)","journal-title":"Math. Comput."},{"key":"7_CR20","unstructured":"Kleinjung, T.: Discrete logarithms in GF(\n \n \n \n $$2^{1279}$$\n ). NMBRTHRY list, 17\/10\/2014"},{"key":"7_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"333","DOI":"10.1007\/978-3-642-14623-7_18","volume-title":"Advances in Cryptology \u2013 CRYPTO 2010","author":"T Kleinjung","year":"2010","unstructured":"Kleinjung, T., Aoki, K., Franke, J., Lenstra, A.K., Thom\u00e9, E., Bos, J.W., Gaudry, P., Kruppa, A., Montgomery, P.L., Osvik, D.A., te Riele, H., Timofeev, A., Zimmermann, P.: Factorization of a 768-bit RSA modulus. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 333\u2013350. Springer, Heidelberg (2010). doi:\n 10.1007\/978-3-642-14623-7_18"},{"key":"7_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"358","DOI":"10.1007\/978-3-662-45611-8_19","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"T Kleinjung","year":"2014","unstructured":"Kleinjung, T., Bos, J.W., Lenstra, A.K.: Mersenne factorization factory. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 358\u2013377. Springer, Heidelberg (2014). doi:\n 10.1007\/978-3-662-45611-8_19"},{"key":"7_CR23","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1007\/s10586-010-0149-0","volume":"15","author":"T Kleinjung","year":"2012","unstructured":"Kleinjung, T., Bos, J.W., Lenstra, A.K., Osvik, D.A., Aoki, K., Contini, S., Franke, J., Thom\u00e9, E., Jermini, P., Thi\u00e9mard, M., Leyland, P., Montgomery, P.L., Timofeev, A., Stockinger, H.: A heterogeneous computing environment to solve the 768-bit RSA challenge. Cluster Comput. 15, 53\u201368 (2012)","journal-title":"Cluster Comput."},{"key":"7_CR24","unstructured":"Kraitchik, M.: Th\u00e9orie des nombres, Tome I. Gauthiers-Villars, Paris (1922)"},{"key":"7_CR25","unstructured":"Kraitchik, M.: Recherches sur le th\u00e9orie des nombres, Tome I. Gauthiers-Villars, Paris (1924)"},{"key":"7_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1007\/3-540-45682-1_5","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 2001","author":"AK Lenstra","year":"2001","unstructured":"Lenstra, A.K.: Unbelievable security: matching AES security using public key systems. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 67\u201386. Springer, Heidelberg (2001). doi:\n 10.1007\/3-540-45682-1_5"},{"key":"7_CR27","unstructured":"Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C.: Ron was wrong, Whit is right. Cryptology ePrint Archive, Report 2012\/064 (2012). \n http:\/\/eprint.iacr.org\/2012\/064"},{"key":"7_CR28","series-title":"Lecture Notes in Mathematics","volume-title":"The development of the number field sieve","year":"1993","unstructured":"Lenstra, A.K., Lenstra Jr., H.W. (eds.): The development of the number field sieve. LNM, vol. 1554. Springer, Heidelberg (1993)"},{"issue":"203","key":"7_CR29","doi-asserted-by":"publisher","first-page":"319","DOI":"10.1090\/S0025-5718-1993-1182953-4","volume":"61","author":"AK Lenstra","year":"1993","unstructured":"Lenstra, A.K., Lenstra Jr., H.W., Manasse, M.S., Pollard, J.M.: The factorization of the ninth Fermat number. Math. Comput. 61(203), 319\u2013349 (1993)","journal-title":"Math. Comput."},{"key":"7_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"355","DOI":"10.1007\/3-540-46885-4_35","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 1989","author":"AK Lenstra","year":"1990","unstructured":"Lenstra, A.K., Manasse, M.S.: Factoring by electronic mail. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 355\u2013371. Springer, Heidelberg (1990). doi:\n 10.1007\/3-540-46885-4_35"},{"issue":"4","key":"7_CR31","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1007\/s00145-001-0009-4","volume":"14","author":"AK Lenstra","year":"2001","unstructured":"Lenstra, A.K., Verheul, E.R.: Selecting cryptographic key sizes. J. Cryptol. 14(4), 255\u2013293 (2001)","journal-title":"J. Cryptol."},{"key":"7_CR32","unstructured":"Lenstra, A.K., Wesolowski, B.: A random zoo: sloth, unicorn, and trx. Cryptology ePrint Archive, Report 2015\/366, 2015. \n http:\/\/eprint.iacr.org\/2015\/366\n \n , to appear in the International Journal of Applied Cryptology as Trustworthy public randomness with sloth, unicorn, and trx"},{"issue":"12","key":"7_CR33","first-page":"1473","volume":"43","author":"C Pomerance","year":"1996","unstructured":"Pomerance, C.: A tale of two sieves. Not. AMS 43(12), 1473\u20131485 (1996)","journal-title":"Not. AMS"},{"issue":"2","key":"7_CR34","first-page":"120","volume":"21","author":"RL Rivest","year":"1978","unstructured":"Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signature and public-key cryptosystems. Commun. Assoc. Comput. Mach. 21(2), 120\u2013126 (1978)","journal-title":"Commun. Assoc. Comput. Mach."},{"issue":"2","key":"7_CR35","doi-asserted-by":"publisher","first-page":"140","DOI":"10.1016\/j.jalgor.2004.11.004","volume":"57","author":"O Schirokauer","year":"2005","unstructured":"Schirokauer, O.: Virtual logarithms. J. Algorithm. 57(2), 140\u2013147 (2005)","journal-title":"J. Algorithm."},{"key":"7_CR36","unstructured":"U.S. Department of Commerce\/National Institute of Standards and Technology. Digital Signature Standard (DSS). FIPS-186-4 (2013). \n http:\/\/nvlpubs.nist.gov\/nistpubs\/FIPS\/NIST.FIPS.186-4.pdf"},{"key":"7_CR37","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1109\/TIT.1986.1057137","volume":"32","author":"D Wiedemann","year":"1986","unstructured":"Wiedemann, D.: Solving sparse linear equations over finite fields. IEEE Trans. Inf. Theory 32, 54\u201362 (1986)","journal-title":"IEEE Trans. Inf. Theory"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2017"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-56620-7_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,10]],"date-time":"2020-04-10T00:04:51Z","timestamp":1586477091000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-56620-7_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319566191","9783319566207"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-56620-7_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"1 April 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EUROCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Conference on the Theory and Applications of Cryptographic Techniques","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Paris","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 April 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 May 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"36","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eurocrypt2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eurocrypt2017.di.ens.fr\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}