Imperfect forward secrecy: How Diffie-Hellman fails in practice

D Adrian, K Bhargavan, Z Durumeric… - Proceedings of the …, 2015 - dl.acm.org
We investigate the security of Diffie-Hellman key exchange as used in popular Internet
protocols and find it to be less secure than widely believed. First, we present Logjam, a …

Factorization of a 768-bit RSA modulus

T Kleinjung, K Aoki, J Franke, AK Lenstra… - Advances in Cryptology …, 2010 - Springer
Factorization of a 768-Bit RSA Modulus Page 1 Factorization of a 768-Bit RSA Modulus
Thorsten Kleinjung 1 , Kazumaro Aoki 2 , Jens Franke 3 , Arjen K. Lenstra 1 , Emmanuel …

[图书][B] Advances in elliptic curve cryptography

IF Blake, G Seroussi, NP Smart - 2005 - books.google.com
Since the appearance of the authors' first volume on elliptic curve cryptography in 1999
there has been tremendous progress in the field. In some topics, particularly point counting …

Fast constant-time gcd computation and modular inversion

DJ Bernstein, BY Yang - IACR Transactions on Cryptographic …, 2019 - tches.iacr.org
This paper introduces streamlined constant-time variants of Euclid's algorithm, both for
polynomial inputs and for integer inputs. As concrete applications, this paper saves time in …

On the complexity of computing determinants

E Kaltofen, G Villard - Computational complexity, 2005 - Springer
We present new baby steps/giant steps algorithms of asymptotically fast running time for
dense matrix problems. Our algorithms compute the determinant, characteristic polynomial …

A new algebraic approach to the regular syndrome decoding problem and implications for PCG constructions

P Briaud, M Øygarden - Annual International Conference on the Theory …, 2023 - Springer
Abstract The Regular Syndrome Decoding (RSD) problem, a variant of the Syndrome
Decoding problem with a particular error distribution, was introduced almost 20 years ago by …

On the complexity of polynomial matrix computations

P Giorgi, CP Jeannerod, G Villard - Proceedings of the 2003 …, 2003 - dl.acm.org
We study the link between the complexity of polynomial matrix multiplication and the
complexity of solving other basic linear algebra problems on polynomial matrices. By …

A double large prime variation for small genus hyperelliptic index calculus

P Gaudry, E Thomé, N Thériault, C Diem - Mathematics of computation, 2007 - ams.org
In this article, we examine how the index calculus approach for computing discrete
logarithms in small genus hyperelliptic curves can be improved by introducing a double …

The hardness of LPN over any integer ring and field for PCG applications

H Liu, X Wang, K Yang, Y Yu - … International Conference on the Theory and …, 2024 - Springer
Learning parity with noise (LPN) has been widely studied and used in cryptography. It was
recently brought to new prosperity since Boyle et al.(CCS'18), putting LPN to a central role in …

Comparing the difficulty of factorization and discrete logarithm: a 240-digit experiment

F Boudot, P Gaudry, A Guillevic, N Heninger… - Advances in Cryptology …, 2020 - Springer
We report on two new records: the factorization of RSA-240, a 795-bit number, and a
discrete logarithm computation over a 795-bit prime field. Previous records were the …