{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,28]],"date-time":"2026-03-28T04:15:47Z","timestamp":1774671347461,"version":"3.50.1"},"publisher-location":"Cham","reference-count":42,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319706962","type":"print"},{"value":"9783319706979","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-70697-9_10","type":"book-chapter","created":{"date-parts":[[2017,11,17]],"date-time":"2017-11-17T18:27:49Z","timestamp":1510943269000},"page":"273-302","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":20,"title":["qDSA: Small and Secure Digital Signatures with Curve-Based Diffie\u2013Hellman Key Pairs"],"prefix":"10.1007","author":[{"given":"Joost","family":"Renes","sequence":"first","affiliation":[]},{"given":"Benjamin","family":"Smith","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,11,18]]},"reference":[{"key":"10_CR1","unstructured":"Accredited Standards Committee X9: American National Standard X9.62-1999, Public key cryptography for the financial services industry: the elliptic curve digital signature algorithm (ECDSA). Technical report. ANSI (1999)"},{"key":"10_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"332","DOI":"10.1007\/978-3-319-49445-6_19","volume-title":"Security, Privacy, and Applied Cryptography Engineering","author":"E Alkim","year":"2016","unstructured":"Alkim, E., Jakubeit, P., Schwabe, P.: NewHope on ARM cortex-M. In: Carlet, C., Hasan, M.A., Saraswat, V. (eds.) SPACE 2016. LNCS, vol. 10076, pp. 332\u2013349. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-49445-6_19"},{"issue":"75","key":"10_CR3","doi-asserted-by":"publisher","first-page":"342","DOI":"10.2307\/1970178","volume":"2","author":"WL Baily Jr","year":"1962","unstructured":"Baily Jr., W.L.: On the theory of $$\\theta $$-functions, the moduli of abelian varieties, and the moduli of curves. Ann. Math. 2(75), 342\u2013381 (1962)","journal-title":"Ann. Math."},{"key":"10_CR4","unstructured":"Bernstein, D.J., Lange, T.: eBACS: ECRYPT Benchmarking of Cryptographic Systems. https:\/\/bench.cr.yp.to\/index.html"},{"key":"10_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/11745853_14","volume-title":"Public Key Cryptography - PKC 2006","author":"DJ Bernstein","year":"2006","unstructured":"Bernstein, D.J.: Curve25519: new Diffie-Hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207\u2013228. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11745853_14"},{"key":"10_CR6","unstructured":"Bernstein, D.J.: Elliptic vs. hyperelliptic, part 1 (2006)"},{"key":"10_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"317","DOI":"10.1007\/978-3-662-45611-8_17","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"DJ Bernstein","year":"2014","unstructured":"Bernstein, D.J., Chuengsatiansup, C., Lange, T., Schwabe, P.: Kummer strikes back: new DH speed records. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 317\u2013337. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_17"},{"issue":"2","key":"10_CR8","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/s13389-012-0027-1","volume":"2","author":"DJ Bernstein","year":"2012","unstructured":"Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-speed high-security signatures. J. Cryptogr. Eng. 2(2), 77\u201389 (2012)","journal-title":"J. Cryptogr. Eng."},{"key":"10_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1007\/978-3-642-33481-8_9","volume-title":"Progress in Cryptology \u2013 LATINCRYPT 2012","author":"DJ Bernstein","year":"2012","unstructured":"Bernstein, D.J., Lange, T., Schwabe, P.: The security impact of a new cryptographic library. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 159\u2013176. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33481-8_9"},{"key":"10_CR10","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: The Keccak sponge function family (2016)"},{"key":"10_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"194","DOI":"10.1007\/978-3-642-38348-9_12","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"JW Bos","year":"2013","unstructured":"Bos, J.W., Costello, C., Hisil, H., Lauter, K.E.: Fast cryptography in genus 2. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 194\u2013210. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_12"},{"key":"10_CR12","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511526084","volume-title":"Prolegomena to a Middlebrow Arithmetic of Curves of Genus 2","author":"JWS Cassels","year":"1996","unstructured":"Cassels, J.W.S., Flynn, E.V.: Prolegomena to a Middlebrow Arithmetic of Curves of Genus 2, vol. 230. Cambridge University Press, Cambridge (1996)"},{"key":"10_CR13","doi-asserted-by":"publisher","first-page":"385","DOI":"10.1016\/0196-8858(86)90023-0","volume":"7","author":"DV Chudnovsky","year":"1986","unstructured":"Chudnovsky, D.V., Chudnovsky, G.V.: Sequences of numbers generated by addition in formal groups and new primality and factorization tests. Adv. Appl. Math. 7, 385\u2013434 (1986)","journal-title":"Adv. Appl. Math."},{"key":"10_CR14","unstructured":"Chung, P.-N., Costello, C., Smith, B.: Fast, uniform, and compact scalar multiplication for elliptic curves and genus 2 jacobians with applications to signature schemes. Cryptology ePrint Archive, Report 2015\/983 (2015)"},{"key":"10_CR15","unstructured":"Cosset, R.: Applications des fonctions theta \u00e0 la cryptographie sur les courbes hyperelliptiques. Ph.D. thesis, Universit\u00e9 Henri Poincar\u00e9 - Nancy I (2011)"},{"issue":"6","key":"10_CR16","doi-asserted-by":"publisher","first-page":"644","DOI":"10.1109\/TIT.1976.1055638","volume":"22","author":"W Diffie","year":"1976","unstructured":"Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theor. 22(6), 644\u2013654 (1976)","journal-title":"IEEE Trans. Inf. Theor."},{"issue":"2","key":"10_CR17","doi-asserted-by":"publisher","first-page":"493","DOI":"10.1007\/s10623-015-0087-1","volume":"77","author":"M D\u00fcll","year":"2015","unstructured":"D\u00fcll, M., Haase, B., Hinterw\u00e4lder, G., Hutter, M., Paar, C., S\u00e1nchez, A.H., Schwabe, P.: High-speed curve25519 on 8-bit, 16-bit and 32-bit microcontrollers. Des. Codes Cryptogr. 77(2), 493\u2013514 (2015)","journal-title":"Des. Codes Cryptogr."},{"key":"10_CR18","doi-asserted-by":"crossref","unstructured":"Dworkin, M.J.: SHA-3 standard: Permutation-based hash and extendable-output functions. Technical report. National Institute of Standards and Technology (NIST) (2015)","DOI":"10.6028\/NIST.FIPS.202"},{"key":"10_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/3-540-47721-7_12","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 86","author":"A Fiat","year":"1987","unstructured":"Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186\u2013194. Springer, Heidelberg (1987). https:\/\/doi.org\/10.1007\/3-540-47721-7_12"},{"key":"10_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1007\/3-540-39568-7_2","volume-title":"Advances in Cryptology","author":"TE Gamal","year":"1985","unstructured":"Gamal, T.E.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10\u201318. Springer, Heidelberg (1985). https:\/\/doi.org\/10.1007\/3-540-39568-7_2"},{"issue":"3","key":"10_CR21","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1515\/JMC.2007.012","volume":"1","author":"P Gaudry","year":"2007","unstructured":"Gaudry, P.: Fast genus 2 arithmetic based on theta functions. J. Math. Cryptol. 1(3), 243\u2013265 (2007)","journal-title":"J. Math. Cryptol."},{"issue":"4","key":"10_CR22","doi-asserted-by":"publisher","first-page":"368","DOI":"10.1016\/j.jsc.2011.09.003","volume":"47","author":"P Gaudry","year":"2012","unstructured":"Gaudry, P., Schost, E.: Genus 2 point counting over prime fields. J. Symb. Comput. 47(4), 368\u2013400 (2012)","journal-title":"J. Symb. Comput."},{"key":"10_CR23","unstructured":"Hamburg, M.: Fast and compact elliptic-curve cryptography. Cryptology ePrint Archive, Report 2012\/309 (2012)"},{"key":"10_CR24","unstructured":"Hamburg, M.: The STROBE protocol framework. Cryptology ePrint Archive, Report 2017\/003 (2017)"},{"key":"10_CR25","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-14303-8","volume-title":"Efficient Secure Two-Party Protocols","author":"C Hazay","year":"2010","unstructured":"Hazay, C., Lindell, Y.: Efficient Secure Two-Party Protocols. Springer, Heidelberg (2010)"},{"key":"10_CR26","volume-title":"Kummer\u2019s Quartic Surface","author":"RWHT Hudson","year":"1905","unstructured":"Hudson, R.W.H.T.: Kummer\u2019s Quartic Surface. Cambridge University Press, Cambridge (1905)"},{"key":"10_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/978-3-642-38553-7_9","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2013","author":"M Hutter","year":"2013","unstructured":"Hutter, M., Schwabe, P.: NaCl on 8-Bit AVR microcontrollers. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 156\u2013172. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38553-7_9"},{"key":"10_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"438","DOI":"10.1007\/978-3-319-07536-5_26","volume-title":"Applied Cryptography and Network Security","author":"S Karati","year":"2014","unstructured":"Karati, S., Das, A.: Faster batch verification of standard ECDSA signatures using summation polynomials. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 438\u2013456. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-07536-5_26"},{"key":"10_CR29","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1090\/S0025-5718-1987-0866109-5","volume":"48","author":"N Koblitz","year":"1987","unstructured":"Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48, 203\u2013209 (1987)","journal-title":"Math. Comput."},{"key":"10_CR30","doi-asserted-by":"crossref","unstructured":"Liu, Z., Longa, P., Pereira, G., Reparaz, O., Seo, H.: Four$$\\mathbb{Q}$$ on embedded devices with strong countermeasures against side-channel attacks. Cryptology ePrint Archive, Report 2017\/434 (2017)","DOI":"10.1007\/978-3-319-66787-4_32"},{"key":"10_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"417","DOI":"10.1007\/3-540-39799-X_31","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201985 Proceedings","author":"VS Miller","year":"1986","unstructured":"Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417\u2013426. Springer, Heidelberg (1986). https:\/\/doi.org\/10.1007\/3-540-39799-X_31"},{"key":"10_CR32","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1090\/S0025-5718-1987-0866113-7","volume":"48","author":"PL Montgomery","year":"1987","unstructured":"Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Math. Comput. 48, 243\u2013264 (1987)","journal-title":"Math. Comput."},{"key":"10_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/BFb0053426","volume-title":"EUROCRYPT 1994","author":"D Naccache","year":"1995","unstructured":"Naccache, D., M\u2019Ra\u00efhi, D., Vaudenay, S., Raphaeli, D.: Can D.S.A. be improved? \u2014 complexity trade-offs with the digital signature standard \u2014. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 77\u201385. Springer, Heidelberg (1995). https:\/\/doi.org\/10.1007\/BFb0053426"},{"key":"10_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1007\/978-3-319-24126-5_17","volume-title":"Security, Privacy, and Applied Cryptography Engineering","author":"E Nascimento","year":"2015","unstructured":"Nascimento, E., L\u00f3pez, J., Dahab, R.: Efficient and secure elliptic curve cryptography for 8-bit AVR microcontrollers. In: Chakraborty, R.S., Schwabe, P., Solworth, J. (eds.) SPACE 2015. LNCS, vol. 9354, pp. 289\u2013309. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-24126-5_17"},{"key":"10_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1007\/3-540-44709-1_12","volume-title":"Cryptographic Hardware and Embedded Systems \u2014 CHES 2001","author":"K Okeya","year":"2001","unstructured":"Okeya, K., Sakurai, K.: Efficient elliptic curve cryptosystems from a scalar multiplication algorithm with recovery of the y-coordinate on a montgomery-form elliptic curve. In: Ko\u00e7, \u00c7.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 126\u2013141. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44709-1_12"},{"key":"10_CR36","unstructured":"Perrin, T.: The XEdDSA and VXEdDSA Signature Schemes. https:\/\/whispersystems.org\/docs\/specifications\/xeddsa\/"},{"key":"10_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1007\/3-540-68339-9_33","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201996","author":"D Pointcheval","year":"1996","unstructured":"Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387\u2013398. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68339-9_33"},{"issue":"3","key":"10_CR38","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1007\/s001450010003","volume":"13","author":"D Pointcheval","year":"2000","unstructured":"Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3), 361\u2013396 (2000)","journal-title":"J. Cryptol."},{"key":"10_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"301","DOI":"10.1007\/978-3-662-53140-2_15","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2016","author":"J Renes","year":"2016","unstructured":"Renes, J., Schwabe, P., Smith, B., Batina, L.: $$\\mu $$Kummer: efficient hyperelliptic signatures and key exchange on microcontrollers. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 301\u2013320. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53140-2_15"},{"key":"10_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"239","DOI":"10.1007\/0-387-34805-0_22","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 89 Proceedings","author":"CP Schnorr","year":"1990","unstructured":"Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239\u2013252. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34805-0_22"},{"key":"10_CR41","unstructured":"Semaev, I.A.: Summation polynomials and the discrete logarithm problem on elliptic curves. IACR Cryptology ePrint Archive 2004, 31 (2004)"},{"key":"10_CR42","unstructured":"Stahlke, C.: Point compression on jacobians of hyperelliptic curves over $$\\mathbb{F}_q$$. Cryptology ePrint Archive, Report 2004\/030 (2004)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2017"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-70697-9_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T15:28:01Z","timestamp":1710343681000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-70697-9_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319706962","9783319706979"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-70697-9_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"18 November 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Hong Kong","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 December 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 December 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/asiacrypt.iacr.org\/2017\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}