{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,12]],"date-time":"2025-07-12T01:07:51Z","timestamp":1752282471029,"version":"3.37.3"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319769523"},{"type":"electronic","value":"9783319769530"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-76953-0_1","type":"book-chapter","created":{"date-parts":[[2018,3,6]],"date-time":"2018-03-06T03:13:36Z","timestamp":1520306016000},"page":"1-20","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["Breaking Ed25519 in WolfSSL"],"prefix":"10.1007","author":[{"given":"Niels","family":"Samwel","sequence":"first","affiliation":[]},{"given":"Lejla","family":"Batina","sequence":"additional","affiliation":[]},{"given":"Guido","family":"Bertoni","sequence":"additional","affiliation":[]},{"given":"Joan","family":"Daemen","sequence":"additional","affiliation":[]},{"given":"Ruggero","family":"Susella","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,3,7]]},"reference":[{"key":"1_CR1","unstructured":"ECRYPT II key recommendations (2012). \nhttps:\/\/www.keylength.com\/en\/3\/"},{"key":"1_CR2","unstructured":"The XEdDSA and VXEdDSA Signature Schemes (2017). \nhttps:\/\/signal.org\/docs\/specifications\/xeddsa\/xeddsa.pdf\n\n. Accessed 11 Sept 2017"},{"key":"1_CR3","unstructured":"Things that use Ed25519 (2017). \nhttps:\/\/ianix.com\/pub\/ed25519-deployment.html\n\n. Accessed 29 Sept 2017"},{"key":"1_CR4","unstructured":"Ambrose, C., Bos, J.W., Fay, B., Joye, M., Lochter, M., Murray, B.: Differential attacks on deterministic signatures. Cryptology ePrint Archive, report 2017\/975 (2017). \nhttps:\/\/eprint.iacr.org\/2017\/975.pdf"},{"key":"1_CR5","unstructured":"Belaid, S., Bettale, L., Dottax, E., Genelle, L., Rondepierre, F.: Differential power analysis of HMAC SHA-2 in the Hamming weight model. In: 2013 International Conference on Security and Cryptography (SECRYPT), pp. 1\u201312. IEEE (2013)"},{"key":"1_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"140","DOI":"10.1007\/978-3-642-15031-9_10","volume-title":"Cryptographic Hardware and Embedded Systems, CHES 2010","author":"O Beno\u00eet","year":"2010","unstructured":"Beno\u00eet, O., Peyrin, T.: Side-channel analysis of six SHA-3 candidates. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 140\u2013157. Springer, Heidelberg (2010). \nhttps:\/\/doi.org\/10.1007\/978-3-642-15031-9_10"},{"key":"1_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/11745853_14","volume-title":"Public Key Cryptography - PKC 2006","author":"DJ Bernstein","year":"2006","unstructured":"Bernstein, D.J.: Curve25519: new Diffie-Hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207\u2013228. Springer, Heidelberg (2006). \nhttps:\/\/doi.org\/10.1007\/11745853_14"},{"key":"1_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"389","DOI":"10.1007\/978-3-540-68164-9_26","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2008","author":"DJ Bernstein","year":"2008","unstructured":"Bernstein, D.J., Birkner, P., Joye, M., Lange, T., Peters, C.: Twisted edwards curves. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 389\u2013405. Springer, Heidelberg (2008). \nhttps:\/\/doi.org\/10.1007\/978-3-540-68164-9_26"},{"issue":"2","key":"1_CR9","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1007\/s13389-012-0027-1","volume":"2","author":"DJ Bernstein","year":"2012","unstructured":"Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.Y.: High-speed high-security signatures. J. Cryptographic Eng. 2(2), 77\u201389 (2012)","journal-title":"J. Cryptographic Eng."},{"key":"1_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1007\/978-3-540-76900-2_3","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2007","author":"DJ Bernstein","year":"2007","unstructured":"Bernstein, D.J., Lange, T.: Faster addition and doubling on elliptic curves. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 29\u201350. Springer, Heidelberg (2007). \nhttps:\/\/doi.org\/10.1007\/978-3-540-76900-2_3"},{"key":"1_CR11","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: The Keccak reference (2011). \nhttp:\/\/keccak.noekeon.org\/Keccak-reference-3.0.pdf\n\n, \nhttp:\/\/keccak.noekeon.org\/"},{"key":"1_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-540-28632-5_2","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2004","author":"E Brier","year":"2004","unstructured":"Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16\u201329. Springer, Heidelberg (2004). \nhttps:\/\/doi.org\/10.1007\/978-3-540-28632-5_2"},{"key":"1_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"398","DOI":"10.1007\/3-540-48405-1_26","volume-title":"Advances in Cryptology \u2014 CRYPTO 1999","author":"S Chari","year":"1999","unstructured":"Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398\u2013412. Springer, Heidelberg (1999). \nhttps:\/\/doi.org\/10.1007\/3-540-48405-1_26"},{"key":"1_CR14","doi-asserted-by":"crossref","unstructured":"Checkoway, S., Maskiewicz, J., Garman, C., Fried, J., Cohney, S., Green, M., Heninger, N., Weinmann, R.P., Rescorla, E., Shacham, H.: A systematic analysis of the juniper dual EC incident. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 468\u2013479. ACM (2016)","DOI":"10.1145\/2976749.2978395"},{"issue":"03","key":"1_CR15","doi-asserted-by":"publisher","first-page":"393","DOI":"10.1090\/s0273-0979-07-01153-6","volume":"44","author":"HM Edwards","year":"2007","unstructured":"Edwards, H.M.: A normal form for elliptic curves. Bull. Am. Math. Soc. 44(03), 393\u2013423 (2007). \nhttps:\/\/doi.org\/10.1090\/s0273-0979-07-01153-6","journal-title":"Bull. Am. Math. Soc."},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Goubin, L.: A sound method for switching between Boolean and arithmetic masking. In: Proceedings of Third International Workshop Cryptographic Hardware and Embedded Systems - CHES 2001, Paris, France, 14-16 May 2001, pp. 3\u201315 (2001)","DOI":"10.1007\/3-540-44709-1_2"},{"key":"1_CR17","doi-asserted-by":"crossref","unstructured":"Hastings, M., Fried, J., Heninger, N.: Weak keys remain widespread in network devices. In: Proceedings of the 2016 ACM on Internet Measurement Conference, pp. 49\u201363. ACM (2016)","DOI":"10.1145\/2987443.2987486"},{"issue":"177","key":"1_CR18","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1090\/S0025-5718-1987-0866109-5","volume":"48","author":"N Koblitz","year":"1987","unstructured":"Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203\u2013209 (1987)","journal-title":"Math. Comput."},{"key":"1_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"388","DOI":"10.1007\/3-540-48405-1_25","volume-title":"Advances in Cryptology\u2014CRYPTO 1999","author":"P Kocher","year":"1999","unstructured":"Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388\u2013397. Springer, Heidelberg (1999). \nhttps:\/\/doi.org\/10.1007\/3-540-48405-1_25"},{"key":"1_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"205","DOI":"10.1007\/978-3-540-28632-5_15","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2004","author":"K Lemke","year":"2004","unstructured":"Lemke, K., Schramm, K., Paar, C.: DPA on n-bit sized boolean and arithmetic operations and its application to IDEA, RC6, and the HMAC-construction. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 205\u2013219. Springer, Heidelberg (2004). \nhttps:\/\/doi.org\/10.1007\/978-3-540-28632-5_15"},{"key":"1_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"317","DOI":"10.1007\/978-3-540-77535-5_23","volume-title":"Information Security Applications","author":"R McEvoy","year":"2007","unstructured":"McEvoy, R., Tunstall, M., Murphy, C.C., Marnane, W.P.: Differential power analysis of HMAC based on SHA-2, and countermeasures. In: Kim, S., Yung, M., Lee, H.-W. (eds.) WISA 2007. LNCS, vol. 4867, pp. 317\u2013332. Springer, Heidelberg (2007). \nhttps:\/\/doi.org\/10.1007\/978-3-540-77535-5_23"},{"key":"1_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"417","DOI":"10.1007\/3-540-39799-X_31","volume-title":"Advances in Cryptology \u2014 CRYPTO 1985 Proceedings","author":"VS Miller","year":"1986","unstructured":"Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417\u2013426. Springer, Heidelberg (1986). \nhttps:\/\/doi.org\/10.1007\/3-540-39799-X_31"},{"issue":"2","key":"1_CR23","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1023\/A:1025436905711","volume":"30","author":"PQ Nguyen","year":"2003","unstructured":"Nguyen, P.Q., Shparlinski, I.E.: The insecurity of the elliptic curve digital signature algorithm with partially known nonces. Des. Codes Cryptogr. 30(2), 201\u2013217 (2003). \nhttps:\/\/doi.org\/10.1023\/A:1025436905711\n\n. ISSN: 1573-7586","journal-title":"Des. Codes Cryptogr."},{"key":"1_CR24","unstructured":"Pub, F.: Secure hash standard (SHS). Technical report, NIST, July 2015"},{"issue":"3","key":"1_CR25","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"CP Schnorr","year":"1991","unstructured":"Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161\u2013174 (1991). \nhttp:\/\/dx.doi.org\/10.1007\/BF00196725","journal-title":"J. Cryptol."},{"key":"1_CR26","unstructured":"Seuschek, H., Heyszl, J., De Santis, F.: A cautionary note: side-channel leakage implications of deterministic signature schemes. In: Proceedings of the Third Workshop on Cryptography and Security in Computing Systems, CS2 2016, pp. 7\u201312. ACM, New York (2016). \nhttp:\/\/doi.acm.org\/10.1145\/2858930.2858932"},{"key":"1_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"215","DOI":"10.1007\/978-3-642-29912-4_16","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"M Zohner","year":"2012","unstructured":"Zohner, M., Kasper, M., St\u00f6ttinger, M.: Butterfly-attack on Skein\u2019s modular addition. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 215\u2013230. Springer, Heidelberg (2012). \nhttps:\/\/doi.org\/10.1007\/978-3-642-29912-4_16"}],"container-title":["Lecture Notes in Computer Science","Topics in Cryptology \u2013 CT-RSA 2018"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-76953-0_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2018,3,6]],"date-time":"2018-03-06T03:14:02Z","timestamp":1520306042000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-76953-0_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319769523","9783319769530"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-76953-0_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]}}}