{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T12:26:07Z","timestamp":1773231967461,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":47,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642403484","type":"print"},{"value":"9783642403491","type":"electronic"}],"license":[{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2013,1,1]],"date-time":"2013-01-01T00:00:00Z","timestamp":1356998400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-40349-1_19","type":"book-chapter","created":{"date-parts":[[2013,7,19]],"date-time":"2013-07-19T14:36:58Z","timestamp":1374244618000},"page":"331-348","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":24,"title":["High-Performance Scalar Multiplication Using 8-Dimensional GLV\/GLS Decomposition"],"prefix":"10.1007","author":[{"given":"Joppe W.","family":"Bos","sequence":"first","affiliation":[]},{"given":"Craig","family":"Costello","sequence":"additional","affiliation":[]},{"given":"Huseyin","family":"Hisil","sequence":"additional","affiliation":[]},{"given":"Kristin","family":"Lauter","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"19_CR1","unstructured":"Acar, T., Shumow, D.: Modular reduction without pre-computation for special moduli. Technical report, Microsoft Research (2010)"},{"issue":"1-2","key":"19_CR2","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1016\/S0304-3975(99)00061-4","volume":"226","author":"L. Adleman","year":"1999","unstructured":"Adleman, L., DeMarrais, J., Huang, M.: A subexponential algorithm for discrete logarithms over hyperelliptic curves of large genus over GF(q). Theoretical Computer Science\u00a0226(1-2), 7\u201318 (1999)","journal-title":"Theoretical Computer Science"},{"key":"19_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1007\/978-3-642-20465-4_5","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2011","author":"D.F. Aranha","year":"2011","unstructured":"Aranha, D.F., Karabina, K., Longa, P., Gebotys, C.H., L\u00f3pez, J.: Faster explicit formulas for computing pairings over ordinary curves. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol.\u00a06632, pp. 48\u201368. Springer, Heidelberg (2011)"},{"key":"19_CR4","unstructured":"Beagle Board. BeagleBoard-xM System Reference Manual (2013), \n                      http:\/\/beagleboard.org\/static\/BBxMSRM_latest.pdf"},{"key":"19_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/11745853_14","volume-title":"Public Key Cryptography - PKC 2006","author":"D.J. Bernstein","year":"2006","unstructured":"Bernstein, D.J.: Curve25519: New Diffie-Hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol.\u00a03958, pp. 207\u2013228. Springer, Heidelberg (2006)"},{"key":"19_CR6","unstructured":"Bernstein, D.J., Lange, T. (eds.): eBACS: ECRYPT Benchmarking of Cryptographic Systems, \n                      http:\/\/bench.cr.yp.to\n                     (accessed March 1, 2013)"},{"key":"19_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"320","DOI":"10.1007\/978-3-642-33027-8_19","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2012","author":"D.J. Bernstein","year":"2012","unstructured":"Bernstein, D.J., Schwabe, P.: NEON crypto. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol.\u00a07428, pp. 320\u2013339. Springer, Heidelberg (2012)"},{"key":"19_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"194","DOI":"10.1007\/978-3-642-38348-9_12","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"J.W. Bos","year":"2013","unstructured":"Bos, J.W., Costello, C., Hisil, H., Lauter, K.: Fast cryptography in genus 2. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol.\u00a07881, pp. 194\u2013210. Springer, Heidelberg (2013)"},{"key":"19_CR9","doi-asserted-by":"crossref","unstructured":"Bos, J.W., Costello, C., Hisil, H., Lauter, K.: High-performance scalar multiplication using 8-dimensional GLV\/GLS decomposition. Cryptology ePrint Archive, Report 2013\/146 (2013), \n                      http:\/\/eprint.iacr.org\/","DOI":"10.1007\/978-3-642-40349-1_19"},{"issue":"1","key":"19_CR10","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1017\/S000497270003207X","volume":"58","author":"J. Buhler","year":"1998","unstructured":"Buhler, J., Koblitz, N.: Lattice basis reduction, Jacobi sums and hyperelliptic cryptosystems. Bul. of the Australian Mathematical Society\u00a058(1), 147\u2013154 (1998)","journal-title":"Bul. of the Australian Mathematical Society"},{"issue":"1","key":"19_CR11","first-page":"1","volume":"18","author":"C. Diem","year":"2003","unstructured":"Diem, C.: The GHS attack in odd characteristic. J. Ramanujan Math. Soc.\u00a018(1), 1\u201332 (2003)","journal-title":"J. Ramanujan Math. Soc."},{"issue":"01","key":"19_CR12","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1112\/S0010437X10005075","volume":"147","author":"C. Diem","year":"2011","unstructured":"Diem, C.: On the discrete logarithm problem in elliptic curves. Compositio Mathematica\u00a0147(01), 75\u2013104 (2011)","journal-title":"Compositio Mathematica"},{"issue":"6","key":"19_CR13","doi-asserted-by":"publisher","first-page":"644","DOI":"10.1109\/TIT.1976.1055638","volume":"22","author":"W. Diffie","year":"1976","unstructured":"Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory\u00a022(6), 644\u2013654 (1976)","journal-title":"IEEE Transactions on Information Theory"},{"key":"19_CR14","unstructured":"Faz-Hernandez, A., Longa, P., Sanchez, A.H.: Keep calm and stay with one (and p\u2009> 3). Cryptology ePrint Archive, Report 2013\/158 (2013)"},{"key":"19_CR15","unstructured":"Frey, G.: How to disguise an elliptic curve (Weil descent). Talk at ECC: slides available at \n                      http:\/\/cacr.uwaterloo.ca\/conferences\/1998\/ecc98\/frey.ps\n                     (September 1998)"},{"issue":"1","key":"19_CR16","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1016\/S0166-218X(02)00443-2","volume":"128","author":"S.D. Galbraith","year":"2003","unstructured":"Galbraith, S.D.: Weil descent of Jacobians. Discrete Applied Mathematics\u00a0128(1), 165\u2013180 (2003)","journal-title":"Discrete Applied Mathematics"},{"issue":"3","key":"19_CR17","doi-asserted-by":"publisher","first-page":"446","DOI":"10.1007\/s00145-010-9065-y","volume":"24","author":"S.D. Galbraith","year":"2011","unstructured":"Galbraith, S.D., Lin, X., Scott, M.: Endomorphisms for faster elliptic curve cryptography on a large class of curves. J. Cryptology\u00a024(3), 446\u2013469 (2011)","journal-title":"J. Cryptology"},{"key":"19_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"190","DOI":"10.1007\/3-540-44647-8_11","volume-title":"Advances in Cryptology - CRYPTO 2001","author":"R.P. Gallant","year":"2001","unstructured":"Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Faster point multiplication on elliptic curves with efficient endomorphisms. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol.\u00a02139, pp. 190\u2013200. Springer, Heidelberg (2001)"},{"key":"19_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/3-540-45539-6_2","volume-title":"Advances in Cryptology - EUROCRYPT 2000","author":"P. Gaudry","year":"2000","unstructured":"Gaudry, P.: An algorithm for solving the discrete log problem on hyperelliptic curves. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol.\u00a01807, pp. 19\u201334. Springer, Heidelberg (2000)"},{"issue":"3","key":"19_CR20","first-page":"243","volume":"1","author":"P. Gaudry","year":"2007","unstructured":"Gaudry, P.: Fast genus 2 arithmetic based on theta functions. Journal of Mathematical Cryptology JMC\u00a01(3), 243\u2013265 (2007)","journal-title":"Journal of Mathematical Cryptology JMC"},{"issue":"12","key":"19_CR21","doi-asserted-by":"publisher","first-page":"1690","DOI":"10.1016\/j.jsc.2008.08.005","volume":"44","author":"P. Gaudry","year":"2009","unstructured":"Gaudry, P.: Index calculus for abelian varieties of small dimension and the elliptic curve discrete logarithm problem. J. Symb. Comput.\u00a044(12), 1690\u20131702 (2009)","journal-title":"J. Symb. Comput."},{"issue":"1","key":"19_CR22","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/s00145-001-0011-x","volume":"15","author":"P. Gaudry","year":"2002","unstructured":"Gaudry, P., Hess, F., Smart, N.P.: Constructive and destructive facets of Weil descent on elliptic curves. J. Cryptology\u00a015(1), 19\u201346 (2002)","journal-title":"J. Cryptology"},{"issue":"257","key":"19_CR23","doi-asserted-by":"publisher","first-page":"475","DOI":"10.1090\/S0025-5718-06-01900-4","volume":"76","author":"P. Gaudry","year":"2007","unstructured":"Gaudry, P., Thom\u00e9, E., Th\u00e9riault, N., Diem, C.: A double large prime variation for small genus hyperelliptic index calculus. Math. Comput.\u00a076(257), 475\u2013492 (2007)","journal-title":"Math. Comput."},{"issue":"5","key":"19_CR24","doi-asserted-by":"publisher","first-page":"1068","DOI":"10.1093\/imrn\/rnr052","volume":"2012","author":"E.Z. Goren","year":"2012","unstructured":"Goren, E.Z., Lauter, K.E.: Genus 2 curves with complex multiplication. International Mathematics Research Notices\u00a02012(5), 1068\u20131142 (2012)","journal-title":"International Mathematics Research Notices"},{"key":"19_CR25","unstructured":"Hamburg, M.: Fast and compact elliptic-curve cryptography. Cryptology ePrint Archive, Report 2012\/309 (2012), \n                      http:\/\/eprint.iacr.org\/"},{"key":"19_CR26","unstructured":"Iijima, T., Momose, F., Chao, J.: Classification of elliptic\/hyperelliptic curves with weak coverings against GHS attack without isogeny condition. Cryptology ePrint Archive, Report 2009\/613 (2009), \n                      http:\/\/eprint.iacr.org\/"},{"key":"19_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/978-3-642-29889-9_4","volume-title":"Financial Cryptography and Data Security","author":"E. K\u00e4sper","year":"2012","unstructured":"K\u00e4sper, E.: Fast elliptic curve cryptography in OpenSSL. In: Danezis, G., Dietrich, S., Sako, K. (eds.) FC 2011 Workshops. LNCS, vol.\u00a07126, pp. 27\u201339. Springer, Heidelberg (2012)"},{"key":"19_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"166","DOI":"10.1007\/978-3-642-13797-6_12","volume-title":"Arithmetic of Finite Fields","author":"M. Kne\u017eevi\u0107","year":"2010","unstructured":"Kne\u017eevi\u0107, M., Vercauteren, F., Verbauwhede, I.: Speeding up bipartite modular multiplication. In: Hasan, M.A., Helleseth, T. (eds.) WAIFI 2010. LNCS, vol.\u00a06087, pp. 166\u2013179. Springer, Heidelberg (2010)"},{"issue":"177","key":"19_CR29","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1090\/S0025-5718-1987-0866109-5","volume":"48","author":"N. Koblitz","year":"1987","unstructured":"Koblitz, N.: Elliptic curve cryptosystems. Mathematics of Computation\u00a048(177), 203\u2013209 (1987)","journal-title":"Mathematics of Computation"},{"key":"19_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1007\/3-540-68697-5_9","volume-title":"Advances in Cryptology - CRYPTO \u201996","author":"P.C. Kocher","year":"1996","unstructured":"Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol.\u00a01109, pp. 104\u2013113. Springer, Heidelberg (1996)"},{"key":"19_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-49649-1_1","volume-title":"Advances in Cryptology - ASIACRYPT\u201998","author":"A.K. Lenstra","year":"1998","unstructured":"Lenstra, A.K.: Generating RSA moduli with a predetermined portion. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol.\u00a01514, pp. 1\u201310. Springer, Heidelberg (1998)"},{"key":"19_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1007\/3-540-48658-5_11","volume-title":"Advances in Cryptology - CRYPTO \u201994","author":"C.H. Lim","year":"1994","unstructured":"Lim, C.H., Lee, P.J.: More flexible exponentiation with precomputation. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol.\u00a0839, pp. 95\u2013107. Springer, Heidelberg (1994)"},{"key":"19_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"718","DOI":"10.1007\/978-3-642-34961-4_43","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"P. Longa","year":"2012","unstructured":"Longa, P., Sica, F.: Four-dimensional Gallant-Lambert-Vanstone scalar multiplication. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol.\u00a07658, pp. 718\u2013739. Springer, Heidelberg (2012)"},{"key":"19_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"417","DOI":"10.1007\/3-540-39799-X_31","volume-title":"Advances in Cryptology","author":"V.S. Miller","year":"1986","unstructured":"Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol.\u00a0218, pp. 417\u2013426. Springer, Heidelberg (1986)"},{"key":"19_CR35","unstructured":"Momose, F., Chao, J.: Scholten forms and elliptic\/hyperelliptic curves with weak Weil restrictions. Cryptology ePrint Archive, Report 2005\/277 (2005)"},{"issue":"170","key":"19_CR36","doi-asserted-by":"publisher","first-page":"519","DOI":"10.1090\/S0025-5718-1985-0777282-X","volume":"44","author":"P.L. Montgomery","year":"1985","unstructured":"Montgomery, P.L.: Modular multiplication without trial division. Mathematics of Computation\u00a044(170), 519\u2013521 (1985)","journal-title":"Mathematics of Computation"},{"issue":"177","key":"19_CR37","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1090\/S0025-5718-1987-0866113-7","volume":"48","author":"P.L. Montgomery","year":"1987","unstructured":"Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Mathematics of Computation\u00a048(177), 243\u2013264 (1987)","journal-title":"Mathematics of Computation"},{"key":"19_CR38","doi-asserted-by":"crossref","unstructured":"Morozov, S., Tergino, C., Schaumont, P.: System integration of elliptic curve cryptography on an OMAP platform. In: IEEE 9th Symposium on Application Specific Processors \u2013 SASP, pp. 52\u201357. IEEE Computer Society (2011)","DOI":"10.1109\/SASP.2011.5941077"},{"key":"19_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"285","DOI":"10.1007\/978-3-642-14518-6_23","volume-title":"Algorithmic Number Theory","author":"K.-I. Nagao","year":"2010","unstructured":"Nagao, K.-I.: Decomposition attack for the Jacobian of a hyperelliptic curve over an extension field. In: Hanrot, G., Morain, F., Thom\u00e9, E. (eds.) ANTS-IX 2010. LNCS, vol.\u00a06197, pp. 285\u2013300. Springer, Heidelberg (2010)"},{"key":"19_CR40","unstructured":"National Institute of Standards and Technology. Special publication 800-57: Recommendation for key management part 1: General (revised), \n                      http:\/\/csrc.nist.gov\/publications\/nistpubs\/800-57\/sp800-57-Part1-revised2_Mar08-2007.pdf"},{"key":"19_CR41","unstructured":"National Security Agency. The case for elliptic curve cryptography (2009), \n                      http:\/\/www.nsa.gov\/business\/programs\/elliptic_curve.shtml"},{"key":"19_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1007\/3-540-46035-7_13","volume-title":"Advances in Cryptology - EUROCRYPT 2002","author":"Y.-H. Park","year":"2002","unstructured":"Park, Y.-H., Jeong, S., Lim, J.: Speeding up point multiplication on hyperelliptic curves with efficiently-computable endomorphisms. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol.\u00a02332, pp. 197\u2013208. Springer, Heidelberg (2002)"},{"issue":"143","key":"19_CR43","first-page":"918","volume":"32","author":"J.M. Pollard","year":"1978","unstructured":"Pollard, J.M.: Monte Carlo methods for index computation (mod p). Mathematics of Computation\u00a032(143), 918\u2013924 (1978)","journal-title":"Mathematics of Computation"},{"key":"19_CR44","unstructured":"Solinas, J.A.: Generalized Mersenne numbers. Technical Report CORR 99\u201339, Centre for Applied Cryptographic Research, University of Waterloo (1999)"},{"issue":"3","key":"19_CR45","first-page":"218","volume":"18","author":"N. Th\u00e9riault","year":"2003","unstructured":"Th\u00e9riault, N.: Weil descent attack for Kummer extensions. J. Ramanujan Math. Soc.\u00a018(3), 218\u2013312 (2003)","journal-title":"J. Ramanujan Math. Soc."},{"key":"19_CR46","unstructured":"U.S. Department of Commerce\/National Institute of Standards and Technology. Digital Signature Standard (DSS). FIPS-186-3 (2009), \n                      http:\/\/csrc.nist.gov\/publications\/fips\/fips186-3\/fips_186-3.pdf"},{"issue":"21","key":"19_CR47","doi-asserted-by":"publisher","first-page":"1831","DOI":"10.1049\/el:19991230","volume":"35","author":"C.D. Walter","year":"1999","unstructured":"Walter, C.D.: Montgomery exponentiation needs no final subtractions. Electronics Letters\u00a035(21), 1831\u20131832 (1999)","journal-title":"Electronics Letters"}],"container-title":["Lecture Notes in Computer Science","Cryptographic Hardware and Embedded Systems - CHES 2013"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-40349-1_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,9,1]],"date-time":"2021-09-01T00:37:04Z","timestamp":1630456624000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-642-40349-1_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642403484","9783642403491"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-40349-1_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013]]},"assertion":[{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}