{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,7]],"date-time":"2026-05-07T04:25:58Z","timestamp":1778127958041,"version":"3.51.4"},"publisher-location":"Cham","reference-count":42,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319706931","type":"print"},{"value":"9783319706948","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-70694-8_1","type":"book-chapter","created":{"date-parts":[[2017,11,29]],"date-time":"2017-11-29T08:53:53Z","timestamp":1511945633000},"page":"3-33","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":92,"title":["Identification Protocols and Signature Schemes Based on Supersingular Isogeny Problems"],"prefix":"10.1007","author":[{"given":"Steven D.","family":"Galbraith","sequence":"first","affiliation":[]},{"given":"Christophe","family":"Petit","sequence":"additional","affiliation":[]},{"given":"Javier","family":"Silva","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,11,30]]},"reference":[{"key":"1_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"418","DOI":"10.1007\/3-540-46035-7_28","volume-title":"Advances in Cryptology\u2014EUROCRYPT 2002","author":"M Abdalla","year":"2002","unstructured":"Abdalla, M., An, J.H., Bellare, M., Namprempre, C.: From identification to signatures via the fiat-shamir transform: minimizing assumptions for security and forward-security. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 418\u2013433. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-46035-7_28"},{"issue":"4","key":"1_CR2","doi-asserted-by":"publisher","first-page":"585","DOI":"10.1142\/S0219199707002551","volume":"9","author":"N Alon","year":"2007","unstructured":"Alon, N., Benjamini, I., Lubetzky, E., Sodin, S.: Non-backtracking random walks mix faster. Commun. Contemp. Math. 9(4), 585\u2013603 (2007)","journal-title":"Commun. Contemp. Math."},{"key":"1_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"435","DOI":"10.1007\/978-3-662-53890-6_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"M Bellare","year":"2016","unstructured":"Bellare, M., Poettering, B., Stebila, D.: From identification to signatures, tightly: a framework and generic transforms. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 435\u2013464. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53890-6_15"},{"key":"1_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"428","DOI":"10.1007\/978-3-319-13039-2_25","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2014","author":"J-F Biasse","year":"2014","unstructured":"Biasse, J.-F., Jao, D., Sankar, A.: A quantum algorithm for computing isogenies between supersingular elliptic curves. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 428\u2013442. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-13039-2_25"},{"issue":"5","key":"1_CR5","doi-asserted-by":"publisher","first-page":"815","DOI":"10.1016\/j.jnt.2009.11.003","volume":"131","author":"G Bisson","year":"2011","unstructured":"Bisson, G., Sutherland, A.V.: Computing the endomorphism ring of an ordinary elliptic curve over a finite field. J. Number Theory 131(5), 815\u2013831 (2011)","journal-title":"J. Number Theory"},{"issue":"1","key":"1_CR6","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/s00145-007-9002-x","volume":"22","author":"DX Charles","year":"2009","unstructured":"Charles, D.X., Lauter, K.E., Goren, E.Z.: Cryptographic hash functions from expander graphs. J. Cryptol. 22(1), 93\u2013113 (2009)","journal-title":"J. Cryptol."},{"issue":"1","key":"1_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1515\/jmc-2012-0016","volume":"8","author":"AM Childs","year":"2014","unstructured":"Childs, A.M., Jao, D., Soukharev, V.: Constructing elliptic curve isogenies in quantum subexponential time. J. Math. Cryptol. 8(1), 1\u201329 (2014)","journal-title":"J. Math. Cryptol."},{"key":"1_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"572","DOI":"10.1007\/978-3-662-53018-4_21","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"C Costello","year":"2016","unstructured":"Costello, C., Longa, P., Naehrig, M.: Efficient algorithms for supersingular isogeny Diffie-Hellman. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 572\u2013601. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_21"},{"key":"1_CR9","unstructured":"Damg\u00e5rd, I.: On $$\\sigma $$-protocols. University of Aarhus, Department for Computer Science, Lecture Notes (2010)"},{"issue":"1","key":"1_CR10","doi-asserted-by":"publisher","first-page":"273","DOI":"10.1007\/BF02684373","volume":"43","author":"P Deligne","year":"1974","unstructured":"Deligne, P.: La conjecture de Weil. I. Publications Math\u00e9matiques de l\u2019Institut des Hautes \u00c9tudes Scientifiques 43(1), 273\u2013307 (1974)","journal-title":"I. Publications Math\u00e9matiques de l\u2019Institut des Hautes \u00c9tudes Scientifiques"},{"key":"1_CR11","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1007\/BF02940746","volume":"14","author":"M Deuring","year":"1941","unstructured":"Deuring, M.: Die Typen der Multiplikatorenringe elliptischer Funktionenk\u00f6rper. Abhandlungen aus dem Mathematischen Seminar der Universit\u00e4t Hamburg 14, 197\u2013272 (1941). https:\/\/doi.org\/10.1007\/BF02940746","journal-title":"Abhandlungen aus dem Mathematischen Seminar der Universit\u00e4t Hamburg"},{"key":"1_CR12","first-page":"123","volume":"55","author":"L Dewaghe","year":"1999","unstructured":"Dewaghe, L.: Isog\u00e9nie entre courbes elliptiques. Util. Math. 55, 123\u2013127 (1999)","journal-title":"Util. Math."},{"issue":"2","key":"1_CR13","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/BF02351717","volume":"1","author":"U Feige","year":"1988","unstructured":"Feige, U., Fiat, A., Shamir, A.: Zero-knowledge proofs of identity. J. Cryptol. 1(2), 77\u201394 (1988)","journal-title":"J. Cryptol."},{"issue":"3","key":"1_CR14","doi-asserted-by":"crossref","first-page":"209","DOI":"10.1515\/jmc-2012-0015","volume":"8","author":"L De Feo","year":"2014","unstructured":"De Feo, L., Jao, D., Pl\u00fbt, J.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. J. Math. Cryptol. 8(3), 209\u2013247 (2014)","journal-title":"J. Math. Cryptol."},{"key":"1_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/3-540-47721-7_12","volume-title":"Advances in Cryptology \u2014 CRYPTO 1986","author":"A Fiat","year":"1987","unstructured":"Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186\u2013194. Springer, Heidelberg (1987). https:\/\/doi.org\/10.1007\/3-540-47721-7_12"},{"key":"1_CR16","doi-asserted-by":"publisher","first-page":"118","DOI":"10.1112\/S1461157000000097","volume":"2","author":"SD Galbraith","year":"1999","unstructured":"Galbraith, S.D.: Constructing isogenies between elliptic curves over finite fields. LMS J. Comput. Math 2, 118\u2013138 (1999)","journal-title":"LMS J. Comput. Math"},{"key":"1_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-662-53887-6_3","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"SD Galbraith","year":"2016","unstructured":"Galbraith, S.D., Petit, C., Shani, B., Ti, Y.B.: On the security of supersingular isogeny cryptosystems. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 63\u201391. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53887-6_3"},{"key":"1_CR18","unstructured":"Galbraith, S.D., Petit, C., Silva, J.: Signature schemes based on supersingular isogeny problems. Cryptology ePrint Archive, Report 2016\/1154 (2016). http:\/\/eprint.iacr.org\/2016\/1154"},{"key":"1_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/978-3-319-59879-6_6","volume-title":"Post-Quantum Cryptography","author":"A G\u00e9lin","year":"2017","unstructured":"G\u00e9lin, A., Wesolowski, B.: Loop-abort faults on supersingular isogeny cryptosystems. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 93\u2013106. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-59879-6_6"},{"key":"1_CR20","doi-asserted-by":"publisher","first-page":"439","DOI":"10.1090\/S0273-0979-06-01126-8","volume":"43","author":"S Hoory","year":"2006","unstructured":"Hoory, S., Linial, N., Wigderson, A.: Expander graphs and their applications. Bull. Amer. Math. Soc. 43, 439\u2013561 (2006)","journal-title":"Bull. Amer. Math. Soc."},{"key":"1_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/978-3-642-25405-5_2","volume-title":"Post-Quantum Cryptography","author":"D Jao","year":"2011","unstructured":"Jao, D., De Feo, L.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 19\u201334. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25405-5_2"},{"key":"1_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"160","DOI":"10.1007\/978-3-319-11659-4_10","volume-title":"Post-Quantum Cryptography","author":"D Jao","year":"2014","unstructured":"Jao, D., Soukharev, V.: Isogeny-based quantum-resistant undeniable signatures. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 160\u2013179. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-11659-4_10"},{"key":"1_CR23","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-27712-7","volume-title":"Digital Signatures","author":"J Katz","year":"2010","unstructured":"Katz, J.: Digital Signatures. Springer, Heidelberg (2010)"},{"issue":"6","key":"1_CR24","doi-asserted-by":"publisher","first-page":"1767","DOI":"10.1137\/08073408X","volume":"40","author":"KS Kedlaya","year":"2011","unstructured":"Kedlaya, K.S., Umans, C.: Fast polynomial factorization and modular composition. SIAM J. Comput. 40(6), 1767\u20131802 (2011)","journal-title":"SIAM J. Comput."},{"key":"1_CR25","unstructured":"Kohel, D.: Endomorphism rings of elliptic curves over finite fields. Ph.D. thesis, University of California, Berkeley (1996)"},{"key":"1_CR26","doi-asserted-by":"publisher","first-page":"418","DOI":"10.1112\/S1461157014000151","volume":"17A","author":"D Kohel","year":"2014","unstructured":"Kohel, D., Lauter, K., Petit, C., Tignol, J.-P.: On the quaternion $$\\ell $$-isogeny path problem. LMS J. Comput. Math. 17A, 418\u2013432 (2014)","journal-title":"LMS J. Comput. Math."},{"issue":"4","key":"1_CR27","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1145\/1597036.1597050","volume":"5","author":"PQ Nguyen","year":"2009","unstructured":"Nguyen, P.Q., Stehl\u00e9, D.: Low-dimensional lattice basis reduction revisited. ACM Trans. Algorithms 5(4), 46 (2009)","journal-title":"ACM Trans. Algorithms"},{"key":"1_CR28","unstructured":"Petit, C.: On the quaternion $$\\ell $$-isogeny problem. Presentation slides from a talk at the University of Neuch\u00e2tel, March 2015"},{"key":"1_CR29","doi-asserted-by":"crossref","unstructured":"Petit, C.: Faster algorithms for isogeny problems using torsion point images. In: ASIACRYPT 2017 (2017, to appear). http:\/\/eprint.iacr.org\/2017\/571","DOI":"10.1007\/978-3-319-70697-9_12"},{"issue":"1","key":"1_CR30","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1090\/S0273-0979-1990-15918-X","volume":"23","author":"AK Pizer","year":"1990","unstructured":"Pizer, A.K.: Ramanujan graphs and Hecke operators. Bull. Am. Math. Soc. 23(1), 127\u2013137 (1990)","journal-title":"Bull. Am. Math. Soc."},{"key":"1_CR31","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4757-1920-8","volume-title":"The Arithmetic of Elliptic Curves","author":"JH Silverman","year":"1986","unstructured":"Silverman, J.H.: The Arithmetic of Elliptic Curves. Springer, Heidelberg (1986)"},{"key":"1_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-319-59879-6_7","volume-title":"Post-Quantum Cryptography","author":"YB Ti","year":"2017","unstructured":"Ti, Y.B.: Fault attack on supersingular isogeny cryptosystems. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 107\u2013122. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-59879-6_7"},{"key":"1_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"755","DOI":"10.1007\/978-3-662-46803-6_25","volume-title":"Advances in Cryptology - EUROCRYPT 2015","author":"D Unruh","year":"2015","unstructured":"Unruh, D.: Non-interactive zero-knowledge proofs in the quantum random oracle model. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 755\u2013784. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46803-6_25"},{"key":"1_CR34","doi-asserted-by":"crossref","unstructured":"Unruh, D.: Post-quantum security of Fiat-Shamir. In: ASIACRYPT 2017 (2017, to appear). https:\/\/eprint.iacr.org\/2017\/398","DOI":"10.1007\/978-3-319-70694-8_3"},{"key":"1_CR35","unstructured":"Venturi, D.: Zero-knowledge proofs and applications. University of Rome, Lecture Notes (2015)"},{"key":"1_CR36","doi-asserted-by":"publisher","DOI":"10.1007\/BFb0091027","volume-title":"Arithm\u00e9tique des alg\u00e9bres de quaternions","author":"M-F Vign\u00e9ras","year":"1980","unstructured":"Vign\u00e9ras, M.-F.: Arithm\u00e9tique des alg\u00e9bres de quaternions. Springer, Heidelberg (1980)"},{"key":"1_CR37","unstructured":"Voight, J.: Quaternion algebras (2017). https:\/\/math.dartmouth.edu\/~jvoight\/quat-book.pdf"},{"key":"1_CR38","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1007\/BF01272074","volume":"2","author":"J von zur Gathen","year":"1992","unstructured":"von zur Gathen, J., Shoup, V.: Computing Frobenius maps and factoring polynomials. Comput. Complex. 2, 187\u2013224 (1992)","journal-title":"Comput. Complex."},{"key":"1_CR39","first-page":"238","volume":"273","author":"J V\u00e9lu","year":"1971","unstructured":"V\u00e9lu, J.: Isog\u00e9nies entre courbes elliptiques. Commun. de l\u2019Acad\u00e9mie royale des Sci. de Paris 273, 238\u2013241 (1971)","journal-title":"Commun. de l\u2019Acad\u00e9mie royale des Sci. de Paris"},{"key":"1_CR40","first-page":"521","volume":"2","author":"WC Waterhouse","year":"1969","unstructured":"Waterhouse, W.C.: Abelian varieties over finite fields. Ann. scientifiques de l\u2019ENS 2, 521\u2013560 (1969)","journal-title":"Ann. scientifiques de l\u2019ENS"},{"issue":"2","key":"1_CR41","first-page":"292","volume":"5","author":"S Xi","year":"2012","unstructured":"Xi, S., Tian, H., Wang, Y.: Toward quantum-resistant strong designated verifier signature from isogenies. Int. J. Grid Util. Comput. 5(2), 292\u2013296 (2012)","journal-title":"Int. J. Grid Util. Comput."},{"key":"1_CR42","doi-asserted-by":"crossref","unstructured":"Yoo, Y., Azarderakhsh, R., Jalali, A., Jao, D., Soukharev, V.: A post-quantum digital signature scheme based on supersingular isogenies. In: Financial Crypto 2017 (2017)","DOI":"10.1007\/978-3-319-70972-7_9"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2017"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-70694-8_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,12]],"date-time":"2024-03-12T12:16:03Z","timestamp":1710245763000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-70694-8_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319706931","9783319706948"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-70694-8_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"30 November 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Hong Kong","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 December 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 December 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/asiacrypt.iacr.org\/2017\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}