{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T10:05:09Z","timestamp":1771668309383,"version":"3.50.1"},"reference-count":44,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2007,8,25]],"date-time":"2007-08-25T00:00:00Z","timestamp":1188000000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Des. Codes Cryptogr."],"published-print":{"date-parts":[[2007,9,21]]},"DOI":"10.1007\/s10623-007-9112-3","type":"journal-article","created":{"date-parts":[[2007,8,24]],"date-time":"2007-08-24T15:17:35Z","timestamp":1187968655000},"page":"199-212","source":"Crossref","is-referenced-by-count":15,"title":["Inferring sequences produced by a linear congruential generator on elliptic curves missing high-order bits"],"prefix":"10.1007","volume":"45","author":[{"given":"Jaime","family":"Gutierrez","sequence":"first","affiliation":[]},{"given":"\u00c1lvar","family":"Ibeas","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2007,8,25]]},"reference":[{"key":"9112_CR1","doi-asserted-by":"crossref","unstructured":"Ajtai M, Kumar R, Sivakumar D (2001) A sieve algorithm for the shortest lattice vector problem. Proc. 33rd ACM symp. on theory of comput. (STOC 2001), Association for Computing Machinery, pp 601\u2013610","DOI":"10.1145\/380752.380857"},{"key":"9112_CR2","doi-asserted-by":"crossref","unstructured":"Avanzi R, Cohen H, Doche C, Frey G, Lange T, Nguyen K (2005) Elliptic and hyperelliptic curve crytography: theory and practice. CRC Press","DOI":"10.1201\/9781420034981"},{"key":"9112_CR3","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1007\/978-3-642-59435-9_3","volume-title":"Pseudorandom sequences from elliptic curves. Finite fields with applications to coding theory. Cryptography and related areas","author":"P Beelen","year":"2002","unstructured":"Beelen P and Doumen J (2002). Pseudorandom sequences from elliptic curves. Finite fields with applications to coding theory. Cryptography and related areas. Springer-Verlag, Berlin, 37\u201352"},{"key":"9112_CR4","doi-asserted-by":"crossref","unstructured":"Blackburn SR, Gomez-Perez D, Gutierrez J, Shparlinski IE (2003) Predicting the inversive generator. Proc. coding and cryptography, IMA-03, LNCS 2898. Springer-Verlag, Berlin, pp 264\u2013275","DOI":"10.1007\/978-3-540-40974-8_21"},{"key":"9112_CR5","doi-asserted-by":"crossref","first-page":"1471","DOI":"10.1090\/S0025-5718-04-01698-9","volume":"74","author":"SR Blackburn","year":"2005","unstructured":"Blackburn SR, Gomez-Perez D, Gutierrez J and Shparlinski IE (2005). Predicting nonlinear pseudorandom number generators. Math Comput 74: 1471\u20131494","journal-title":"Math Comput"},{"issue":"12","key":"9112_CR6","first-page":"45","volume":"61","author":"SR Blackburn","year":"2006","unstructured":"Blackburn SR, Gomez-Perez D, Gutierrez J and Shparlinski IE (2006). Reconstructing noisy polynomial evaluation in residue rings. J Algorithms 61(12): 45\u201357","journal-title":"J Algorithms"},{"key":"9112_CR7","doi-asserted-by":"crossref","unstructured":"Blake I, Seroussi G, Smart N (1999) Elliptic curves in cryptography. In: London Math. Soc., Lecture note series, 265, Cambridge Univ. Press","DOI":"10.1017\/CBO9781107360211"},{"key":"9112_CR8","unstructured":"Bloemer J, May A (2003) A tool kit for finding small roots of bivariate polynomial over the integers. In: Advances in cryptology-crypto 2003, LNCS 2729. Springer Verlag 27\u201343"},{"key":"9112_CR9","doi-asserted-by":"crossref","first-page":"129","DOI":"10.1145\/58562.59305","volume":"36","author":"J Boyar","year":"1989","unstructured":"Boyar J (1989). Inferring sequences produced by pseudo-random number generators. J ACM 36: 129\u2013141","journal-title":"J ACM"},{"key":"9112_CR10","doi-asserted-by":"crossref","first-page":"177","DOI":"10.1007\/BF02252875","volume":"1","author":"J Boyar","year":"1989","unstructured":"Boyar J (1989). Inferring sequences produces by a linear congruential generator missing low-order bits. J Crypt 1: 177\u2013184","journal-title":"J Crypt"},{"key":"9112_CR11","first-page":"501","volume-title":"Contemp. cryptology","author":"EF Brickell","year":"1992","unstructured":"Brickell EF and Odlyzko AM (1992). Cryptanalysis: a survey of recent results. In: Simmons, GJ (eds) Contemp. cryptology, pp 501\u2013540. IEEE Press, NY"},{"key":"9112_CR12","first-page":"155","volume-title":"Proc.EUROCRYPT-96 LNCS 1070","author":"D Coppersmith","year":"1996","unstructured":"Coppersmith D (1996). Finding a small root of a bivariate integer equations; factoring with high bits known. In: Maurer, U (eds) Proc.EUROCRYPT-96 LNCS 1070, pp 155\u2013156. Springer-Verlag, Berlin"},{"issue":"4","key":"9112_CR13","doi-asserted-by":"crossref","first-page":"233","DOI":"10.1007\/s001459900030","volume":"10","author":"D Coppersmith","year":"1997","unstructured":"Coppersmith D (1997). Small solutions to polynomial equations and low exponent RSA vulnerabilities. J Crypt 10(4): 233\u2013260","journal-title":"J Crypt"},{"key":"9112_CR14","unstructured":"Coron J-S (2004) Finding small roots of bivariate integer polynomial equations revisted. In: Proc. advances in cryptology- Eurocrypt\u201904, LNCS 3027. Springer Verlag, 492\u2013505"},{"key":"9112_CR15","doi-asserted-by":"crossref","unstructured":"El Mahassni E, Shparlinski IE (2002) On the uniformity of distribution of congruential generators over elliptic curves. In: Proc. intern. conf. on sequences and their applications. Bergen 2001. Springer-Verlag, London pp 257\u2013264","DOI":"10.1007\/978-1-4471-0673-9_19"},{"key":"9112_CR16","doi-asserted-by":"crossref","first-page":"262","DOI":"10.1137\/0217016","volume":"17","author":"AM Frieze","year":"1988","unstructured":"Frieze AM, H\u00e5stad J, Kannan R, Lagarias JC and Shamir A (1988). Reconstructing truncated integer variables satisfying linear congruences. SIAM J Comp 17: 262\u2013280","journal-title":"SIAM J Comp"},{"key":"9112_CR17","doi-asserted-by":"crossref","unstructured":"Gomez-Perez D, Gutierrez J, Ibeas A (2005) Cryptanalysis of the quadratic generator. In: Proceedings in cryptology-INDOCRYPT 2005, LNCS 3797. Springer Verlag, Berlin pp 118\u2013129","DOI":"10.1007\/11596219_10"},{"key":"9112_CR18","unstructured":"Gomez-Perez D, Gutierrez J, Ibeas A (2006) An algorithm for finding small roots of multivariate polynomials over the integers. Faculty of Science, University of Cantabria, Preprint"},{"issue":"12","key":"9112_CR19","doi-asserted-by":"crossref","first-page":"5518","DOI":"10.1109\/TIT.2006.885451","volume":"52","author":"D Gomez-Perez","year":"2006","unstructured":"Gomez-Perez D, Gutierrez J and Ibeas A (2006). Attacking the pollard generator. IEEE Trans Inform Theory 52(12): 5518\u20135523","journal-title":"IEEE Trans Inform Theory"},{"key":"9112_CR20","unstructured":"Gong G, Lam CCY (2001) Linear recursive sequences over elliptic curves. In: Proc. intern. conf. on sequences and their applications, Bergen 2001. Springer-Verlag, London, pp 182\u2013196"},{"key":"9112_CR21","doi-asserted-by":"crossref","unstructured":"Gong G, Berson TA, Stinson DA (2000) Elliptic curve pseudorandom sequence generators. Lect. Notes in Comp. Sci., vol 1758. Springer-Verlag, Berlin 34\u201349","DOI":"10.1007\/3-540-46513-8_3"},{"key":"9112_CR22","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-642-78240-4","volume-title":"Geometric algorithms and combinatorial optimization","author":"M Gr\u00f6tschel","year":"1993","unstructured":"Gr\u00f6tschel M, Lov\u00e1sz L and Schrijver A (1993). Geometric algorithms and combinatorial optimization. Springer-Verlag, Berlin"},{"key":"9112_CR23","unstructured":"Hallgren S (1994) Linear congruential generators over elliptic curves. Preprint CS-94-143, Dept. of Comp. Sci., Cornegie Mellon Univ., pp 1\u201310"},{"key":"9112_CR24","doi-asserted-by":"crossref","first-page":"111","DOI":"10.1007\/s10623-003-6153-0","volume":"35","author":"F Hess","year":"2005","unstructured":"Hess F and Shparlinski IE (2005). On the linear complexity and multidimensional distribution of congruential generators over elliptic curves. Design Code Cryptogr 35: 111\u2013117","journal-title":"Design Code Cryptogr"},{"key":"9112_CR25","doi-asserted-by":"crossref","unstructured":"Howgrave-Graham NA (1997) Finding small roots of univariate modular equations revisited. In: Proc. 6th IMA intern. conf on cryptography and coding, Lect. Notes in Comp. Sci., vol 1355. Springer-Verlag, Berlin 131\u2013142","DOI":"10.1007\/BFb0024458"},{"key":"9112_CR26","doi-asserted-by":"crossref","unstructured":"Jochemz E, May A (2006) A Strategy for finding roots of multivariate polynomials with new applications in attacking RSA variants In: n Advances in cryptology (Asiacrypt 2006), Lecture Notes in Computer Science, Springer-Verlag","DOI":"10.1007\/11935230_18"},{"key":"9112_CR27","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1007\/s001459900042","volume":"11","author":"A Joux","year":"1998","unstructured":"Joux A and Stern J (1998). Lattice reduction: a toolbox for the cryptanalyst. J Cryptol 11: 161\u2013185","journal-title":"J Cryptol"},{"key":"9112_CR28","doi-asserted-by":"crossref","first-page":"415","DOI":"10.1287\/moor.12.3.415","volume":"12","author":"R Kannan","year":"1987","unstructured":"Kannan R (1987). Minkowski\u2019s convex body theorem and integer programming. Math Oper Res 12: 415\u2013440","journal-title":"Math Oper Res"},{"key":"9112_CR29","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1109\/TIT.1985.1056997","volume":"31","author":"DE Knuth","year":"1985","unstructured":"Knuth DE (1985). Deciphering a linear congruential encryption. IEEE Trans Inf Theory 31: 49\u201352","journal-title":"IEEE Trans Inf Theory"},{"key":"9112_CR30","doi-asserted-by":"crossref","first-page":"527","DOI":"10.1016\/0196-6774(92)90054-G","volume":"13","author":"H Krawczyk","year":"1992","unstructured":"Krawczyk H (1992). How to predict congruential generators. J Algorithms 13: 527\u2013545","journal-title":"J Algorithms"},{"key":"9112_CR31","unstructured":"Lagarias JC (1990) Pseudorandom number generators in cryptography and number theory. In: Proc. symp. in appl. math., vol.42. Amer Math Soc, Providence, RI, pp 115\u2013143"},{"key":"9112_CR32","doi-asserted-by":"crossref","first-page":"338","DOI":"10.4153\/CJM-2005-015-8","volume":"57","author":"T Lange","year":"2005","unstructured":"Lange T and Shparlinski IE (2005). Certain exponential sums and random walks on elliptic curves. Canad J Math 57: 338\u2013350","journal-title":"Canad J Math"},{"key":"9112_CR33","doi-asserted-by":"crossref","first-page":"515","DOI":"10.1007\/BF01457454","volume":"261","author":"AK Lenstra","year":"1982","unstructured":"Lenstra AK, Lenstra HW and Lov\u00e1sz L (1982). Factoring polynomials with rational coefficients. Math Annal 261: 515\u2013534","journal-title":"Math Annal"},{"key":"9112_CR34","doi-asserted-by":"crossref","unstructured":"Micciancio D, Goldwasser S (2002) Complexity of lattice problems. Kluwer Acad. Publ","DOI":"10.1007\/978-1-4615-0897-7"},{"key":"9112_CR35","doi-asserted-by":"crossref","unstructured":"Naor M, Reingold O (1997) Number theoretic constructions of efficient pseudo-random functions. In: Proc 38th IEEE symp. on found. of comp. sci., IEEE, pp 458\u2013467","DOI":"10.1109\/SFCS.1997.646134"},{"key":"9112_CR36","doi-asserted-by":"crossref","first-page":"87","DOI":"10.1007\/978-1-4612-2552-2_5","volume-title":"Monte Carlo and quasi-Monte Carlo methods in scientific computing, Lect. Notes in Statistics vol 106","author":"H Niederreiter","year":"1995","unstructured":"Niederreiter H (1995). New developments in uniform pseudorandom number and vector generation. In: Niederreiter, H and Shiue, PJ (eds) Monte Carlo and quasi-Monte Carlo methods in scientific computing, Lect. Notes in Statistics vol 106, pp 87\u2013120. Springer-Verlag, Berlin"},{"key":"9112_CR37","first-page":"3","volume-title":"Monte Carlo simulation.","author":"H Niederreiter","year":"2001","unstructured":"Niederreiter H (2001). Design and analysis of nonlinear pseudorandom number generators. In: Schueller, GI and Spanos, PD (eds) Monte Carlo simulation., pp 3\u20139. A.A. Balkema Publishers, Rotterdam"},{"key":"9112_CR38","unstructured":"Shoup V (2005) \u201cNumber theory C++ library (NTL)\u201d, version 5.4, available at http:\/\/www.shoup.net \/ntl\/"},{"key":"9112_CR39","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1007\/s002000000023","volume":"11","author":"IE Shparlinski","year":"2000","unstructured":"Shparlinski IE (2000). On the Naor-Reingold pseudo-random function from elliptic curves. Appl Algebra Eng Commun Comput 11: 27\u201334","journal-title":"Appl Algebra Eng Commun Comput"},{"key":"9112_CR40","doi-asserted-by":"crossref","unstructured":"Shparlinski IE (2003) Cryptographic applications of analytic number theory. Birkhauser","DOI":"10.1007\/978-3-0348-8037-4"},{"key":"9112_CR41","doi-asserted-by":"crossref","unstructured":"Shparlinski IE (2005) Orders of points on elliptic curves. In: Affine algebraic geometry. Amer Math Soc, pp 245\u2013252","DOI":"10.1090\/conm\/369\/06815"},{"key":"9112_CR42","doi-asserted-by":"crossref","unstructured":"Shparlinski IE (2005) Pseudorandom points on elliptic curves over finite fields. Macquarie University. Preprint","DOI":"10.1090\/conm\/369\/06815"},{"key":"9112_CR43","doi-asserted-by":"crossref","first-page":"279","DOI":"10.1023\/A:1011223204345","volume":"24","author":"IE Shparlinski","year":"2001","unstructured":"Shparlinski IE and Silverman JH (2001). On the linear complexity of the Naor-Reingold pseudorandom function from elliptic curves. Design Codes Cryptogr 24: 279\u2013289","journal-title":"Design Codes Cryptogr"},{"key":"9112_CR44","volume-title":"The arithmetic of elliptic curves","author":"JH Silverman","year":"1995","unstructured":"Silverman JH (1995). The arithmetic of elliptic curves. Springer-Verlag, Berlin"}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-007-9112-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10623-007-9112-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-007-9112-3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,13]],"date-time":"2023-05-13T22:32:30Z","timestamp":1684017150000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10623-007-9112-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007,8,25]]},"references-count":44,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2007,9,21]]}},"alternative-id":["9112"],"URL":"https:\/\/doi.org\/10.1007\/s10623-007-9112-3","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"value":"0925-1022","type":"print"},{"value":"1573-7586","type":"electronic"}],"subject":[],"published":{"date-parts":[[2007,8,25]]}}}