{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,6]],"date-time":"2025-12-06T04:56:08Z","timestamp":1764996968385,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":42,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642359989"},{"type":"electronic","value":"9783642359996"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-35999-6_17","type":"book-chapter","created":{"date-parts":[[2013,1,2]],"date-time":"2013-01-02T01:51:55Z","timestamp":1357091515000},"page":"252-274","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["Attacking (EC)DSA Given Only an Implicit Hint"],"prefix":"10.1007","author":[{"given":"Jean-Charles","family":"Faug\u00e8re","sequence":"first","affiliation":[]},{"given":"Christopher","family":"Goyet","sequence":"additional","affiliation":[]},{"given":"Gu\u00e9na\u00ebl","family":"Renault","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"17_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"147","DOI":"10.1007\/3-540-48329-2_13","volume-title":"Advances in Cryptology - CRYPTO \u201993","author":"L.M. Adleman","year":"1994","unstructured":"Adleman, L.M., DeMarrais, J.: A Subexponential Algorithm for Discrete Logarithms over All Finite Fields. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol.\u00a0773, pp. 147\u2013158. Springer, Heidelberg (1994)"},{"key":"17_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1007\/3-540-58691-1_39","volume-title":"Algorithmic Number Theory","author":"L.M. Adleman","year":"1994","unstructured":"Adleman, L.M., DeMarrais, J., Huang, M.-D.A.: A Subexponential Algorithm for Discrete Logarithms over the Rational Subgroup of the Jacobians of Large Genus Hyperelliptic Curves over Finite Fields. In: Huang, M.-D.A., Adleman, L.M. (eds.) ANTS 1994. LNCS, vol.\u00a0877, pp. 28\u201340. Springer, Heidelberg (1994)"},{"issue":"1-2","key":"17_CR3","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1016\/S0304-3975(99)00061-4","volume":"226","author":"L.M. Adleman","year":"1999","unstructured":"Adleman, L.M., DeMarrais, J., Huang, M.-D.A.: A Subexponential Algorithm for Discrete Logarithms over Hyperelliptic Curves of Large Genus over GF(q). Theoretical Computer Science\u00a0226(1-2), 7\u201318 (1999)","journal-title":"Theoretical Computer Science"},{"key":"17_CR4","doi-asserted-by":"crossref","unstructured":"Ajtai, M.: The shortest vector problem in l\n                  2 is np-hard for randomized reductions (extended abstract). In: Proceedings of the 30th Symposium on the Theory of computing (STOC 1998), pp. 10\u201319. ACM Press (1998)","DOI":"10.1145\/276698.276705"},{"key":"17_CR5","unstructured":"Ajtai, M.: Generating random lattices according to the invariant distribution. draft (March 2006)"},{"key":"17_CR6","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1006\/jsco.1996.0125","volume":"24","author":"W. Bosma","year":"1997","unstructured":"Bosma, W., Cannon, J., Playoust, C.: The MAGMA algebra system: the user language. J. Symb. Comput.\u00a024, 235\u2013265 (1997)","journal-title":"J. Symb. Comput."},{"key":"17_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"277","DOI":"10.1007\/BFb0052242","volume-title":"Advances in Cryptology - CRYPTO \u201997","author":"M. Bellare","year":"1997","unstructured":"Bellare, M., Goldwasser, S., Micciancio, D.: \u201cPseudo-random\u201d Number Generation within Cryptographic Algorithms: The DSS Case. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol.\u00a01294, pp. 277\u2013291. Springer, Heidelberg (1997)"},{"key":"17_CR8","unstructured":"Brown, R.G.: DieHarder: A Random Number Test Suite. C program archive dieharder, version 3.29.4b (2011), \n                      http:\/\/www.phy.duke.edu\/~rgb\/General\/dieharder.php"},{"key":"17_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"178","DOI":"10.1007\/3-540-68339-9_16","volume-title":"Advances in Cryptology - EUROCRYPT \u201996","author":"D. Coppersmith","year":"1996","unstructured":"Coppersmith, D.: Finding a Small Root of a Bivariate Integer Equation; Factoring with High Bits Known. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol.\u00a01070, pp. 178\u2013189. Springer, Heidelberg (1996)"},{"key":"17_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1007\/3-540-39568-7_2","volume-title":"Advances in Cryptology","author":"T. El Gamal","year":"1985","unstructured":"El Gamal, T.: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol.\u00a0196, pp. 10\u201318. Springer, Heidelberg (1985)"},{"key":"17_CR11","unstructured":"FIPS. Digital Signature Standard (DSS). National Institute of Standards and Technology, NIST (1994)"},{"key":"17_CR12","unstructured":"FIPS. Digital Signature Standard (DSS). pub-NIST, pub-NIST:adr (2009)"},{"key":"17_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"70","DOI":"10.1007\/978-3-642-13013-7_5","volume-title":"Public Key Cryptography \u2013 PKC 2010","author":"J.-C. Faug\u00e8re","year":"2010","unstructured":"Faug\u00e8re, J.-C., Marinier, R., Renault, G.: Implicit Factoring with Shared Most Significant and Middle Bits. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol.\u00a06056, pp. 70\u201387. Springer, Heidelberg (2010)"},{"key":"17_CR14","unstructured":"Gillet, A., Joye, M., Quisquater, J.-J.: Cautionary note for protocols designers: Security proof is not enough. In: Orman, H., Meadows, C. (eds.) DIMACS Workshop on Design and Formal Verification of Security Protocols (January 1997)"},{"issue":"3","key":"17_CR15","doi-asserted-by":"publisher","first-page":"283","DOI":"10.1023\/A:1011214926272","volume":"23","author":"N. Howgrave-Graham","year":"2001","unstructured":"Howgrave-Graham, N., Smart, N.P.: Lattice Attacks on Digital Signature Schemes. Des. Codes Cryptography\u00a023(3), 283\u2013290 (2001)","journal-title":"Des. Codes Cryptography"},{"issue":"1","key":"17_CR16","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1007\/s102070100002","volume":"1","author":"D. Johnson","year":"2001","unstructured":"Johnson, D., Menezes, A., Vanstone, S.A.: The Elliptic Curve Digital Signature Algorithm (ECDSA). Intern. J. of Information Security\u00a01(1), 36\u201363 (2001)","journal-title":"Intern. J. of Information Security"},{"issue":"3","key":"17_CR17","doi-asserted-by":"publisher","first-page":"649","DOI":"10.2307\/1971363","volume":"126","author":"H.W. Lenstra","year":"1987","unstructured":"Lenstra, H.W.: Factoring Integers with Elliptic Curves. The Annals of Mathematics\u00a0126(3), 649\u2013673 (1987)","journal-title":"The Annals of Mathematics"},{"key":"17_CR18","series-title":"Lecture Notes in Mathematics","doi-asserted-by":"publisher","DOI":"10.1007\/BFb0091534","volume-title":"The Development of the Number Field Sieve","author":"A.K. Lenstra","year":"1993","unstructured":"Lenstra, A.K., Lenstra, H.W.: The Development of the Number Field Sieve. Lecture Notes in Mathematics, vol.\u00a01554. Springer, Berlin (1993)"},{"issue":"4","key":"17_CR19","doi-asserted-by":"publisher","first-page":"515","DOI":"10.1007\/BF01457454","volume":"261","author":"A. Lenstra","year":"1982","unstructured":"Lenstra, A., Lenstra, H., Lov\u00e1sz, L.: Factoring polynomials with rational coefficients. Mathematische Annalen\u00a0261(4), 515\u2013534 (1982)","journal-title":"Mathematische Annalen"},{"key":"17_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"428","DOI":"10.1007\/978-3-540-28632-5_31","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2004","author":"P.J. Leadbitter","year":"2004","unstructured":"Leadbitter, P.J., Page, D.L., Smart, N.P.: Attacking DSA Under a Repeated Bits Assumption. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol.\u00a03156, pp. 428\u2013440. Springer, Heidelberg (2004)"},{"key":"17_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1007\/3-540-44670-2_9","volume-title":"Cryptography and Lattices","author":"E. El Mahassni","year":"2001","unstructured":"El Mahassni, E., Nguy\u00ean, P.Q., Shparlinski, I.E.: The Insecurity of Nyberg-Rueppel and Other DSA-Like Signature Schemes with Partially Known Nonces. In: Silverman, J.H. (ed.) CaLC 2001. LNCS, vol.\u00a02146, pp. 97\u2013109. Springer, Heidelberg (2001)"},{"key":"17_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-00468-1_1","volume-title":"Public Key Cryptography \u2013 PKC 2009","author":"A. May","year":"2009","unstructured":"May, A., Ritzenhofen, M.: Implicit Factoring: On Polynomial Time Factoring Given Only an Implicit Hint. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol.\u00a05443, pp. 1\u201314. Springer, Heidelberg (2009)"},{"key":"17_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-540-30580-4_3","volume-title":"Public Key Cryptography - PKC 2005","author":"D. Naccache","year":"2005","unstructured":"Naccache, D., Nguy\u00ean, P.Q., Tunstall, M., Whelan, C.: Experimenting with Faults, Lattices and the DSA. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol.\u00a03386, pp. 16\u201328. Springer, Heidelberg (2005)"},{"key":"17_CR24","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1007\/s00145-002-0021-3","volume":"15","author":"P.Q. Nguy\u00ean","year":"2002","unstructured":"Nguy\u00ean, P.Q., Shparlinski, I.: The Insecurity of the Digital Signature Algorithm with Partially Known Nonces. Journal of Cryptology\u00a015, 151\u2013176 (2002)","journal-title":"Journal of Cryptology"},{"issue":"2","key":"17_CR25","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1023\/A:1025436905711","volume":"30","author":"P.Q.. Nguy\u00ean","year":"2003","unstructured":"Nguy\u00ean, P.Q., Shparlinski, I.: The Insecurity of the Elliptic Curve Digital Signature Algorithm with Partially Known Nonces. Designs, Codes and Cryptography\u00a030(2), 201\u2013217 (2003)","journal-title":"Designs, Codes and Cryptography"},{"key":"17_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"215","DOI":"10.1007\/11426639_13","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"P.Q. Nguy\u00ean","year":"2005","unstructured":"Nguy\u00ean, P.Q., Stehl\u00e9, D.: Floating-Point LLL Revisited. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol.\u00a03494, pp. 215\u2013233. Springer, Heidelberg (2005)"},{"key":"17_CR27","doi-asserted-by":"crossref","unstructured":"Nguy\u00ean, P.Q., Vall\u00e9e, B.: Hermite\u2019s Constant and Lattice Algorithms. Information Security and Cryptography. Springer (2009)","DOI":"10.1007\/978-3-642-02295-1_2"},{"key":"17_CR28","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1016\/S0747-7171(87)80061-5","volume":"4","author":"M. Pohst","year":"1987","unstructured":"Pohst, M.: A Modification of the LLL Reduction Algorithm. Journal of Symbolic Computation\u00a04, 123\u2013127 (1987)","journal-title":"Journal of Symbolic Computation"},{"key":"17_CR29","doi-asserted-by":"crossref","unstructured":"Pollard, J.M.: Monte Carlo methods for index computation (mod p) \u00a032, 918\u2013924 (1978)","DOI":"10.2307\/2006496"},{"key":"17_CR30","doi-asserted-by":"crossref","unstructured":"Pollard, J.M.: Kangaroos, Monopoly and discrete logarithms \u00a013, 437\u2013447 (2000)","DOI":"10.1007\/s001450010010"},{"key":"17_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/3-540-39757-4_17","volume-title":"Advances in Cryptology","author":"C. Pomerance","year":"1985","unstructured":"Pomerance, C.: The Quadratic Sieve Factoring Algorithm. In: Beth, T., Cot, N., Ingemarsson, I. (eds.) EUROCRYPT 1984. LNCS, vol.\u00a0209, pp. 169\u2013182. Springer, Heidelberg (1985)"},{"key":"17_CR32","unstructured":"Poulakis, D.: Some lattices attacks on dsa and ecdsa. Cryptology ePrint Archive, Report 2009\/363 (2009), \n                      http:\/\/eprint.iacr.org\/"},{"key":"17_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-39805-8_3","volume-title":"Advances in Cryptology - EUROCRYPT \u201985","author":"R.L. Rivest","year":"1986","unstructured":"Rivest, R.L., Shamir, A.: Efficient Factoring Based on Partial Information. In: Pichler, F. (ed.) EUROCRYPT 1985. LNCS, vol.\u00a0219, pp. 31\u201334. Springer, Heidelberg (1986)"},{"key":"17_CR34","unstructured":"Rukhin, A., Soto, J., Nechvatal, J., Smid, M., Barker, E., Leigh, S., Levenson, M., Vangel, M., Banks, D., Heckert, A., Dray, J., Vo, S.: A Statistical Test Suite of Random and Pseudorandom Number Generators for Cryptographic Applications. Tech. rep., National Institute of Standards and Technology (NIST), Special Publication 800-22 Revision\u00a01a (2010), \n                      http:\/\/csrc.nist.gov\/groups\/ST\/toolkit\/rng\/documentation_software.html"},{"key":"17_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"239","DOI":"10.1007\/0-387-34805-0_22","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"C.-P. Schnorr","year":"1990","unstructured":"Schnorr, C.-P.: Efficient Identification and Signatures for Smart Cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 239\u2013252. Springer, Heidelberg (1990)"},{"key":"17_CR36","first-page":"415","volume-title":"Proceedings of Symposia in Pure Mathematics","author":"D. Shanks","year":"1971","unstructured":"Shanks, D.: Class number, a theory of factorization, and genera. In: Proceedings of Symposia in Pure Mathematics, vol.\u00a020, pp. 415\u2013440. American Mathematical Society, Providence (1971)"},{"key":"17_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","volume-title":"Advances in Cryptology - EUROCRYPT \u201997","author":"V. Shoup","year":"1997","unstructured":"Shoup, V.: Lower Bounds for Discrete Logarithms and Related Problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol.\u00a01233, pp. 256\u2013266. Springer, Heidelberg (1997)"},{"key":"17_CR38","unstructured":"Skorobogatov, S.P.: Semi-invasive attacks - A new approach to hardware security analysis. PhD thesis, University of Cambridge (2005)"},{"issue":"2","key":"17_CR39","doi-asserted-by":"publisher","first-page":"205","DOI":"10.3934\/amc.2009.3.205","volume":"3","author":"S. Sarkar","year":"2009","unstructured":"Sarkar, S., Maitra, S.: Further Results on Implicit Factoring in Polynomial Time. Advances in Mathematics of Communications\u00a03(2), 205\u2013217 (2009)","journal-title":"Advances in Mathematics of Communications"},{"issue":"5","key":"17_CR40","doi-asserted-by":"crossref","first-page":"1255","DOI":"10.1093\/ietfec\/e89-a.5.1255","volume":"89-A","author":"K. Takashima","year":"2006","unstructured":"Takashima, K.: Practical Application of Lattice Basis Reduction Algorithm to Side-Channel Analysis on (EC)DSA. IEICE Transactions\u00a089-A(5), 1255\u20131262 (2006)","journal-title":"IEICE Transactions"},{"key":"17_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1007\/11604938_20","volume-title":"Information Security Applications","author":"K. Takashima","year":"2006","unstructured":"Takashima, K.: Practical Modifications of Leadbitter et al.\u2019s Repeated-Bits Side-Channel Analysis on (EC)DSA. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol.\u00a03786, pp. 259\u2013270. Springer, Heidelberg (2006)"},{"key":"17_CR42","unstructured":"Teske, E.: Square-Root Algorithms For The Discrete Logarithm Problem (a Survey). In: Public Key Cryptography and Computational Number Theory, pp. 283\u2013301. Walter de Gruyter (2001)"}],"container-title":["Lecture Notes in Computer Science","Selected Areas in Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-35999-6_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,9,1]],"date-time":"2021-09-01T00:26:38Z","timestamp":1630455998000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-642-35999-6_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642359989","9783642359996"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-35999-6_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]},"assertion":[{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}