{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T08:26:47Z","timestamp":1772180807308,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642046414","type":"print"},{"value":"9783642046421","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-04642-1_17","type":"book-chapter","created":{"date-parts":[[2009,11,9]],"date-time":"2009-11-09T07:05:26Z","timestamp":1257750326000},"page":"198-213","source":"Crossref","is-referenced-by-count":6,"title":["Zero-Knowledge Protocols for NTRU: Application to Identification and Proof of Plaintext Knowledge"],"prefix":"10.1007","author":[{"given":"Keita","family":"Xagawa","sequence":"first","affiliation":[]},{"given":"Keisuke","family":"Tanaka","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"17_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/3-540-45708-9_11","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"M. Bellare","year":"2002","unstructured":"Bellare, M., Palacio, A.: GQ and Schnorr identification schemes: Proofs of security against impersonation under active and concurrent attacks. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol.\u00a02442, pp. 162\u2013177. Springer, Heidelberg (2002)"},{"issue":"1","key":"17_CR2","doi-asserted-by":"publisher","first-page":"367","DOI":"10.1109\/18.651067","volume":"44","author":"A. Canteaut","year":"1998","unstructured":"Canteaut, A., Chabaud, F.: A new algorithm for finding minimum-weight words in a linear code: Application to McEliece\u2019s cryptosystem and to narrow-sense BCH codes of length 511. IEEE Transactions on Information Theory\u00a044(1), 367\u2013378 (1998)","journal-title":"IEEE Transactions on Information Theory"},{"key":"17_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"52","DOI":"10.1007\/3-540-69053-0_5","volume-title":"Advances in Cryptology - EUROCRYPT \u201997","author":"D. Coppersmith","year":"1997","unstructured":"Coppersmith, D., Shamir, A.: Lattice attacks on NTRU. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol.\u00a01233, pp. 52\u201361. Springer, Heidelberg (1997)"},{"issue":"3","key":"17_CR4","doi-asserted-by":"publisher","first-page":"1143","DOI":"10.1109\/18.669255","volume":"44","author":"I.B. Damg\u00e5rd","year":"1998","unstructured":"Damg\u00e5rd, I.B., Pedersen, T.P., Pfitzmann, B.: Statistical secrecy and multibit commitments. IEEE Transactions on Information Theory\u00a044(3), 1143\u20131151 (1998)","journal-title":"IEEE Transactions on Information Theory"},{"key":"17_CR5","doi-asserted-by":"crossref","unstructured":"Gaborit, P., Girault, M.: Lightweight code-based identification and signature. In: ISIT 2007, pp. 191\u2013195 (2007)","DOI":"10.1109\/ISIT.2007.4557225"},{"issue":"3","key":"17_CR6","doi-asserted-by":"publisher","first-page":"540","DOI":"10.1006\/jcss.1999.1686","volume":"60","author":"O. Goldreich","year":"2000","unstructured":"Goldreich, O., Goldwasser, S.: On the limits of nonapproximability of lattice problems. Journal of Computer and System Sciences\u00a060(3), 540\u2013563 (2000)","journal-title":"Journal of Computer and System Sciences"},{"key":"17_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"216","DOI":"10.1007\/0-387-34799-2_16","volume-title":"Advances in Cryptology - CRYPTO \u201988","author":"L.C. Guillou","year":"1990","unstructured":"Guillou, L.C., Quisquater, J.-J.: A \u201cparadoxical\u201d identity-based signature scheme resulting from zero-knowledge. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol.\u00a0403, pp. 216\u2013231. Springer, Heidelberg (1990)"},{"key":"17_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"201","DOI":"10.1007\/3-540-68697-5_16","volume-title":"Advances in Cryptology - CRYPTO \u201996","author":"S. Halevi","year":"1996","unstructured":"Halevi, S., Micali, S.: Practical and provably-secure commitment scheme from collision-free hashing. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol.\u00a01109, pp. 201\u2013215. Springer, Heidelberg (1996)"},{"key":"17_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"437","DOI":"10.1007\/978-3-642-01957-9_27","volume-title":"ACNS 2009","author":"P.S. Hirschhorn","year":"2009","unstructured":"Hirschhorn, P.S., Hoffstein, J., Howgrave-Graham, N., Whyte, W.: Choosing NTRUEncrypt parameters in light of combined lattice reduction and MITM approaches. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol.\u00a05536, pp. 437\u2013455. Springer, Heidelberg (2009)"},{"key":"17_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1007\/3-540-36563-X_9","volume-title":"Topics in Cryptology - CT-RSA 2003","author":"J. Hoffstein","year":"2003","unstructured":"Hoffstein, J., Howgrave-Graham, N., Pipher, J., Silverman, J.H., Whyte, W.: NTRUSign: Digital signature using the NTRU lattice. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol.\u00a02612, pp. 122\u2013140. Springer, Heidelberg (2003)"},{"key":"17_CR11","unstructured":"Hoffstein, J., Howgrave-Graham, N., Pipher, J., Silverman, J.H., Whyte, W.: Hybrid lattice reduction and meet in the middle resistant parameter selection for NTRUEncrypt (2007)"},{"key":"17_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/BFb0054868","volume-title":"Algorithmic Number Theory","author":"J. Hoffstein","year":"1998","unstructured":"Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: A ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol.\u00a01423, pp. 267\u2013288. Springer, Heidelberg (1998)"},{"key":"17_CR13","unstructured":"Hoffstein, J., Silverman, J.: Optimizations for NTRU (2000)"},{"key":"17_CR14","doi-asserted-by":"crossref","unstructured":"Howgrave-Graham, N., Silverman, J.H., Whyte, W.: Choosing parameter sets for NTRUEncrypt with NAEP and SVES-3 (2005)","DOI":"10.1007\/978-3-540-30574-3_10"},{"key":"17_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/3-540-39200-9_13","volume-title":"Advances in Cryptology \u2013 EUROCRPYT 2003","author":"J. Katz","year":"2003","unstructured":"Katz, J.: Efficient and non-malleable proofs of plaintext knowledge and applications. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol.\u00a02656, pp. 211\u2013228. Springer, Heidelberg (2003)"},{"key":"17_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"372","DOI":"10.1007\/978-3-540-89255-7_23","volume-title":"Advances in Cryptology - ASIACRYPT 2008","author":"A. Kawachi","year":"2008","unstructured":"Kawachi, A., Tanaka, K., Xagawa, K.: Concurrently secure identification schemes based on the worst-case hardness of lattice problems. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol.\u00a05350, pp. 372\u2013389. Springer, Heidelberg (2008)"},{"key":"17_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/978-3-540-78440-1_10","volume-title":"Public Key Cryptography \u2013 PKC 2008","author":"V. Lyubashevsky","year":"2008","unstructured":"Lyubashevsky, V.: Lattice-based identification schemes secure under active attacks. In: Cramer, R. (ed.) PKC 2008. LNCS, vol.\u00a04939, pp. 162\u2013179. Springer, Heidelberg (2008)"},{"key":"17_CR18","unstructured":"Lyubashevsky, V.: Towards Practical Lattice-Based Cryptography. PhD thesis, University of California, San Diego (2008)"},{"key":"17_CR19","doi-asserted-by":"crossref","DOI":"10.1007\/978-1-4615-0897-7","volume-title":"Complexity of Lattice Problems: a cryptographic perspective","author":"D. Micciancio","year":"2002","unstructured":"Micciancio, D., Goldwasser, S.: Complexity of Lattice Problems: a cryptographic perspective. Kluwer Academic Publishers, Dordrecht (2002)"},{"key":"17_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"282","DOI":"10.1007\/978-3-540-45146-4_17","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"D. Micciancio","year":"2003","unstructured":"Micciancio, D., Vadhan, S.: Statistical zero-knowledge proofs with efficient provers: Lattice problems and more. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 282\u2013298. Springer, Heidelberg (2003)"},{"key":"17_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1007\/978-3-540-78440-1_2","volume-title":"Public Key Cryptography \u2013 PKC 2008","author":"P. Mol","year":"2008","unstructured":"Mol, P., Yung, M.: Recovering NTRU secret key from inversion oracles. In: Cramer, R. (ed.) PKC 2008. LNCS, vol.\u00a04939, pp. 18\u201336. Springer, Heidelberg (2008)"},{"key":"17_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"536","DOI":"10.1007\/978-3-540-85174-5_30","volume-title":"Advances in Cryptology \u2013 CRYPTO 2008","author":"C. Peikert","year":"2008","unstructured":"Peikert, C., Vaikuntanathan, V.: Non-interactive statistical zero-knowledge for lattice problems. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol.\u00a05157, pp. 536\u2013553. Springer, Heidelberg (2008)"},{"issue":"1","key":"17_CR23","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1023\/A:1021835718426","volume":"28","author":"D. Pointcheval","year":"2003","unstructured":"Pointcheval, D., Poupard, G.: A new NP-complete problem and public-key identification. Designs, Codes and Cryptography\u00a028(1), 5\u201331 (2003)","journal-title":"Designs, Codes and Cryptography"},{"issue":"3","key":"17_CR24","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"C.-P. Schnorr","year":"1991","unstructured":"Schnorr, C.-P.: Efficient signature generation by smart cards. Journal of Cryptology\u00a04(3), 161\u2013174 (1991)","journal-title":"Journal of Cryptology"},{"key":"17_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"606","DOI":"10.1007\/0-387-34805-0_54","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"A. Shamir","year":"1990","unstructured":"Shamir, A.: An efficient identification scheme based on permuted kernels (extended abstract). In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 606\u2013609. Springer, Heidelberg (1990)"},{"issue":"6","key":"17_CR26","doi-asserted-by":"publisher","first-page":"749","DOI":"10.1109\/18.556672","volume":"42","author":"J. Stern","year":"1996","unstructured":"Stern, J.: A new paradigm for public key identification. IEEE Transactions on Information Theory\u00a042(6), 749\u2013765 (1996)","journal-title":"IEEE Transactions on Information Theory"},{"key":"17_CR27","unstructured":"Whyte, W., Howgrave-Graham, N., Hoffstein, J., Pipher, J., Silverman, J.H., Hirschhorn, P.: IEEE P1363.1\/D12 draft standard for public-key cryptographic techniques based on hard problems over lattices (October 2008)"}],"container-title":["Lecture Notes in Computer Science","Provable Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-04642-1_17.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,23]],"date-time":"2020-11-23T21:42:56Z","timestamp":1606167776000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-04642-1_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642046414","9783642046421"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-04642-1_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2009]]}}}