{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T17:35:46Z","timestamp":1767980146380,"version":"3.49.0"},"reference-count":30,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2024,10,1]],"date-time":"2024-10-01T00:00:00Z","timestamp":1727740800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,10,1]],"date-time":"2024-10-01T00:00:00Z","timestamp":1727740800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2024,10]]},"DOI":"10.1007\/s00145-024-09514-5","type":"journal-article","created":{"date-parts":[[2024,10,8]],"date-time":"2024-10-08T20:16:17Z","timestamp":1728418577000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Families of Prime-Order Endomorphism-Equipped Embedded Curves on Pairing-Friendly Curves"],"prefix":"10.1007","volume":"37","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-8878-5761","authenticated-orcid":false,"given":"Antonio","family":"Sanso","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2873-3479","authenticated-orcid":false,"given":"Youssef El","family":"Housni","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,10,8]]},"reference":[{"key":"9514_CR1","unstructured":"American National Standards Institute, Inc.: ANSI X9.62 public key cryptography for the financial services industry: the elliptic curve digital signature algorithm (ECDSA) (Nov 16 2005). https:\/\/standards.globalspec.com\/std\/1955141\/ANSI%20X9.62"},{"issue":"11","key":"9514_CR2","doi-asserted-by":"publisher","first-page":"3333","DOI":"10.1007\/s10623-022-01135-y","volume":"91","author":"DF Aranha","year":"2023","unstructured":"D.F. Aranha, Y.E. Housni, A. Guillevic, A survey of elliptic curves for proof systems. DCC 91(11), 3333\u20133378 (2023). https:\/\/doi.org\/10.1007\/s10623-022-01135-y","journal-title":"DCC"},{"key":"9514_CR3","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1090\/S0025-5718-1993-1199989-X","volume":"61","author":"AOL Atkin","year":"1993","unstructured":"A.O.L. Atkin, F. Morain, Elliptic curves and primality proving. Math. Comp 61, 29\u201368 (1993)","journal-title":"Math. Comp"},{"key":"9514_CR4","unstructured":"R. Barbulescu, S. Duquesne, Updating key size estimations for pairings. Cryptology ePrint Archive, Report 2017\/334 (2017). https:\/\/eprint.iacr.org\/2017\/334"},{"key":"9514_CR5","doi-asserted-by":"publisher","unstructured":"P.S.L.M. Barreto, B. Lynn, M. Scott, Constructing elliptic curves with prescribed embedding degrees. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 02. LNCS, vol.\u00a02576, pp. 257\u2013267. Springer, Heidelberg Sep (2003). https:\/\/doi.org\/10.1007\/3-540-36413-7_19","DOI":"10.1007\/3-540-36413-7_19"},{"key":"9514_CR6","doi-asserted-by":"publisher","unstructured":"P.S.L.M. Barreto, M. Naehrig, Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol.\u00a03897, pp. 319\u2013331. Springer, Heidelberg Aug (2006). https:\/\/doi.org\/10.1007\/11693383_22","DOI":"10.1007\/11693383_22"},{"key":"9514_CR7","unstructured":"E. Ben-Sasson, A. Chiesa, E. Tromer, M. Virza, Succinct non-interactive zero knowledge for a von neumann architecture. In: Fu, K., Jung, J. (eds.) USENIX Security 2014. pp. 781\u2013796. USENIX Association Aug (2014)"},{"issue":"2","key":"9514_CR8","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/s13389-012-0027-1","volume":"2","author":"DJ Bernstein","year":"2012","unstructured":"D.J. Bernstein, N. Duif, T. Lange, P. Schwabe, B.Y. Yang, High-speed high-security signatures. Journal of Cryptographic Engineering 2(2), 77\u201389 ( 2012). https:\/\/doi.org\/10.1007\/s13389-012-0027-1","journal-title":"Journal of Cryptographic Engineering"},{"key":"9514_CR9","doi-asserted-by":"publisher","unstructured":"G. Botrel, T. Piellard, Y.E. Housni, I. Kubjas, A. Tabaie, Consensys\/gnark: v0.9.0 Feb (2023). https:\/\/doi.org\/10.5281\/zenodo.5819104","DOI":"10.5281\/zenodo.5819104"},{"key":"9514_CR10","unstructured":"S. Bowe, BLS12-381: New Zk-SNARK elliptic curve construction (2017). https:\/\/electriccoin.co\/blog\/new-snark-curve\/"},{"key":"9514_CR11","doi-asserted-by":"publisher","unstructured":"S. Bowe, A. Chiesa, M. Green, I. Miers, P. Mishra, H. Wu, ZEXE: Enabling decentralized private computation. In: 2020 IEEE Symposium on Security and Privacy. pp. 947\u2013964. IEEE Computer Society Press May (2020). https:\/\/doi.org\/10.1109\/SP40000.2020.00050","DOI":"10.1109\/SP40000.2020.00050"},{"issue":"1","key":"9514_CR12","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1007\/s10623-004-3808-4","volume":"37","author":"F Brezing","year":"2005","unstructured":"F. Brezing, A. Weng, Elliptic curves suitable for pairing based cryptography. DCC 37(1), 133\u2013141 (2005). https:\/\/doi.org\/10.1007\/s10623-004-3808-4","journal-title":"DCC"},{"key":"9514_CR13","unstructured":"C. Cocks, R. Pinch, Identity-based cryptosystems based on the Weil pairing. Unpublished manuscript 170 (2001)"},{"key":"9514_CR14","unstructured":"zcash contributors: The halo2 zero-knowledge proving system. https:\/\/zcash.github.io\/halo2\/"},{"key":"9514_CR15","doi-asserted-by":"publisher","unstructured":"Y. El\u00a0Housni, A. Guillevic, Families of SNARK-friendly 2-chains of elliptic curves. In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT\u00a02022, Part\u00a0II. LNCS, vol. 13276, pp. 367\u2013396. Springer, Heidelberg (May\u00a0\/\u00a0Jun) (2022). https:\/\/doi.org\/10.1007\/978-3-031-07085-3_13","DOI":"10.1007\/978-3-031-07085-3_13"},{"issue":"2","key":"9514_CR16","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1007\/s00145-009-9048-z","volume":"23","author":"D Freeman","year":"2010","unstructured":"D. Freeman, M. Scott, E. Teske, A taxonomy of pairing-friendly elliptic curves. Journal of Cryptology 23(2), 224\u2013280 Apr ( 2010). https:\/\/doi.org\/10.1007\/s00145-009-9048-z","journal-title":"Journal of Cryptology"},{"issue":"4","key":"9514_CR17","doi-asserted-by":"publisher","first-page":"800","DOI":"10.1016\/j.ffa.2007.02.003","volume":"13","author":"SD Galbraith","year":"2007","unstructured":"S.D. Galbraith, J.F. McKee, P.C. Valen\u00e7a, Ordinary abelian varieties having small embedding degree. Finite Fields Their Appl. 13(4), 800\u2013814 (2007). https:\/\/doi.org\/10.1016\/j.ffa.2007.02.003","journal-title":"Finite Fields Their Appl."},{"key":"9514_CR18","doi-asserted-by":"publisher","unstructured":"R.P. Gallant, R.J. Lambert, S.A. Vanstone, Faster point multiplication on elliptic curves with efficient endomorphisms. In: Kilian, J. (ed.) CRYPTO\u00a02001. LNCS, vol.\u00a02139, pp. 190\u2013200. Springer, Heidelberg Aug (2001). https:\/\/doi.org\/10.1007\/3-540-44647-8_11","DOI":"10.1007\/3-540-44647-8_11"},{"key":"9514_CR19","unstructured":"A. Guillevic, S. Singh, On the alpha value of polynomials in the tower number field sieve algorithm. Mathematical Cryptology 1(1), 1\u201339 Feb (2021), https:\/\/journals.flvc.org\/mathcryptology\/article\/view\/125142"},{"key":"9514_CR20","unstructured":"D. Hopwood, Pluto-eris hybrid cycle of elliptic curves (2021). https:\/\/github.com\/daira\/pluto-eris"},{"key":"9514_CR21","unstructured":"D. Hopwood, S. Bowe, T. Hornby, N. Wilcox, Zcash protocol. https:\/\/zips.z.cash\/protocol\/protocol.pdf"},{"key":"9514_CR22","unstructured":"E.J. Kachisa, E.F. Schaefer, M. Scott, Constructing brezing-weng pairing friendly elliptic curves using elements in the cyclotomic field. Cryptology ePrint Archive, Report 2007\/452 (2007), https:\/\/eprint.iacr.org\/2007\/452"},{"key":"9514_CR23","doi-asserted-by":"publisher","unstructured":"E.J. Kachisa, E.F. Schaefer, M. Scott, Constructing Brezing-Weng pairing-friendly elliptic curves using elements in the cyclotomic field. In: Galbraith, S.D., Paterson, K.G. (eds.) PAIRING 2008. LNCS, vol.\u00a05209, pp. 126\u2013135. Springer, Heidelberg Sep (2008). https:\/\/doi.org\/10.1007\/978-3-540-85538-5_9","DOI":"10.1007\/978-3-540-85538-5_9"},{"key":"9514_CR24","unstructured":"A. Kosba, Z. Zhao, A. Miller, Y. Qian, H. Chan, C. Papamanthou, R. Pass, a. shelat, E. Shi, C$$\\emptyset $$c$$\\emptyset $$: A framework for building composable zero-knowledge proofs. Cryptology ePrint Archive, Report 2015\/1093 (2015), https:\/\/eprint.iacr.org\/2015\/1093"},{"key":"9514_CR25","unstructured":"S. Masson, A. Sanso, Z. Zhang, Bandersnatch: a fast elliptic curve built over the BLS12-381 scalar field. Cryptology ePrint Archive, Report 2021\/1152 (2021). https:\/\/eprint.iacr.org\/2021\/1152"},{"key":"9514_CR26","doi-asserted-by":"crossref","unstructured":"A. Miyaji, M. Nakabayashi, S. Takano, Characterization of elliptic curve traces under FR-reduction. In: Won, D. (ed.) ICISC 00. LNCS, vol.\u00a02015, pp. 90\u2013108. Springer, Heidelberg Dec (2001)","DOI":"10.1007\/3-540-45247-8_8"},{"key":"9514_CR27","doi-asserted-by":"publisher","unstructured":"J. Renes, C. Costello, L. Batina, Complete addition formulas for prime order elliptic curves. In: Fischlin, M., Coron, J.S. (eds.) EUROCRYPT\u00a02016, Part\u00a0I. LNCS, vol.\u00a09665, pp. 403\u2013428. Springer, Heidelberg May (2016). https:\/\/doi.org\/10.1007\/978-3-662-49890-3_16","DOI":"10.1007\/978-3-662-49890-3_16"},{"key":"9514_CR28","volume-title":"The arithmetic of elliptic curves, Graduate Texts in Mathematics","author":"JH Silverman","year":"1992","unstructured":"J.H. Silverman, The arithmetic of elliptic curves, Graduate Texts in Mathematics, vol.\u00a0106. Springer-Verlag, New York (1992)"},{"key":"9514_CR29","first-page":"238","volume":"273","author":"J V\u00e9lu","year":"1971","unstructured":"J. V\u00e9lu, Isog\u00e9nies entre courbes elliptiques. Comptes Rendus de l\u2019Acad\u00e9mie des Sciences de Paris 273, 238\u2013241 (1971)","journal-title":"Comptes Rendus de l\u2019Acad\u00e9mie des Sciences de Paris"},{"key":"9514_CR30","unstructured":"Zcash: What is Jubjub? https:\/\/web.archive.org\/web\/20230201163714\/https:\/\/z.cash\/technology\/jubjub\/"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-024-09514-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s00145-024-09514-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-024-09514-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,25]],"date-time":"2024-10-25T21:01:43Z","timestamp":1729890103000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s00145-024-09514-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10]]},"references-count":30,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2024,10]]}},"alternative-id":["9514"],"URL":"https:\/\/doi.org\/10.1007\/s00145-024-09514-5","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,10]]},"assertion":[{"value":"10 April 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 June 2024","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"15 July 2024","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 October 2024","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"37"}}