| cr.yp.to/papers.html#dspr |
36pp |
2019.05.13 |
|
|
2019.05.13
[PDF]
|
Daniel J. Bernstein, Andreas Hülsing.
"Decisional second-preimage resistance: When does SPR imply PRE?"
|
| cr.yp.to/papers.html#safegcd |
59pp |
2019.03.05 |
refereed |
|
2019.04.13
[PDF]
[more]
|
Daniel J. Bernstein, Bo-Yin Yang.
"Fast constant-time gcd computation and modular inversion."
CHES 2019, to appear.
|
| cr.yp.to/papers.html#qisog |
56pp |
2018.10.31 |
refereed |
|
2019.03.05
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange, Chloe Martindale, Lorenz Panny.
"Quantum circuits for the CSIDH: optimizing quantum evaluation of isogenies."
EUROCRYPT 2019,
edited by Vincent Rijmen, Yuval Ishai.
|
| cr.yp.to/papers.html#tightkem |
37pp |
2018.05.28 |
|
|
2018.05.28
[PDF]
|
Daniel J. Bernstein, Edoardo Persichetti.
"Towards KEM unification."
|
| cr.yp.to/papers.html#divergence |
10pp |
2017.12.12 |
|
|
2018.04.30
[PDF]
[more]
|
Daniel J. Bernstein.
"Divergence bounds for random fixed-weight vectors obtained by sorting."
|
| cr.yp.to/papers.html#holographic |
11pp |
2016.03.26 |
|
|
2018.03.12
[PDF]
[old PDF]
|
Daniel J. Bernstein.
"Is the security of quantum cryptography guaranteed by the laws of physics?"
|
| cr.yp.to/papers.html#hila5 |
14pp |
2017.12.18 |
refereed |
printed |
2018.03.08
[PDF]
[old PDF]
|
Daniel J. Bernstein, Leon Groot Bruinderink, Tanja Lange, Lorenz Panny.
"HILA5 Pindakaas: On the CCA security of lattice-based encryption with error correction."
Pages 203–216 in
Progress in cryptology, AFRICACRYPT 2018, 10th international conference on cryptology in Africa, Marrakesh, Morocco, May 7–9, 2018, proceedings,
edited by Antoine Joux, Abderrahmane Nitaj, Tajjeeddine Rachidi.
Lecture Notes in Computer Science 10831,
Springer, 2018.
ISBN 978-3-319-89338-9.
|
| cr.yp.to/papers.html#groverxl |
21pp |
2017.12.15 |
refereed |
printed |
2017.12.15
[PDF]
|
Daniel J. Bernstein, Bo-Yin Yang.
"Asymptotically faster quantum algorithms to solve multivariate quadratic equations."
Pages 1–20 in
Post-quantum cryptography—9th international conference, PQCrypto 2018, Fort Lauderdale, FL, USA, April 9–11, 2018, proceedings,
edited by Tanja Lange, Rainer Steinwandt.
Lecture Notes in Computer Science 10786,
Springer, 2018.
ISBN 978-3-319-79062-6.
|
| cr.yp.to/papers.html#groverrho |
11pp |
2017.08.18 |
refereed |
printed |
2017.08.18
[PDF]
|
Gustavo Banegas, Daniel J. Bernstein.
"Low-communication parallel quantum multi-target preimage search."
Pages 325–335 in
Selected Areas in Cryptography—SAC 2017, 24th international conference, Ottawa, ON, Canada, August 16–18, 2017, revised selected papers,
edited by Carlisle Adams, Jan Camenisch.
Lecture Notes in Computer Science 10719,
Springer, 2018.
ISBN 978-3-319-72564-2.
|
| cr.yp.to/papers.html#ntruprime |
55pp |
2016.05.11 |
refereed |
printed |
2017.08.16
[PDF]
[more]
|
Daniel J. Bernstein, Chitchanok Chuengsatiansup, Tanja Lange, Christine van Vredendaal.
"NTRU Prime: reducing attack surface at low cost."
Pages 235–260 in
Selected Areas in Cryptography—SAC 2017, 24th international conference, Ottawa, ON, Canada, August 16–18, 2017, revised selected papers,
edited by Carlisle Adams, Jan Camenisch.
Lecture Notes in Computer Science 10719,
Springer, 2018.
ISBN 978-3-319-72564-2.
|
| cr.yp.to/papers.html#slidingright |
21pp |
2017.06.27 |
refereed |
printed |
2017.06.28
[PDF]
|
Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, Yuval Yarom.
"Sliding right into disaster: Left-to-right sliding windows leak."
Pages 555–576 in
Cryptographic hardware and embedded systems—CHES 2017—19th international conference, Taipei, Taiwan, September 25–28, 2017, proceedings,
edited by Wieland Fischer, Naofumi Homma.
Lecture Notes in Computer Science 10529,
Springer, 2017.
ISBN 978-3-319-66786-7.
|
| cr.yp.to/papers.html#gimli |
35pp |
2017.06.27 |
refereed |
printed |
2017.06.27
[PDF]
[more]
|
Daniel J. Bernstein, Stefan Kölbl, Stefan Lucks, Pedro Maat Costa Massolino, Florian Mendel, Kashif Nawaz, Tobias Schneider, Peter Schwabe, François-Xavier Standaert, Yosuke Todo, Benoît Viguier.
"Gimli: a cross-platform permutation."
Pages 299–320 in
Cryptographic hardware and embedded systems—CHES 2017—19th international conference, Taipei, Taiwan, September 25–28, 2017, proceedings,
edited by Wieland Fischer, Naofumi Homma.
Lecture Notes in Computer Science 10529,
Springer, 2017.
ISBN 978-3-319-66786-7.
|
| cr.yp.to/papers.html#multiquad |
55pp |
2017.05.01 |
refereed |
printed |
2017.05.01
[PDF]
[more]
|
Jens Bauch, Daniel J. Bernstein, Henry de Valence, Tanja Lange, Christine van Vredendaal.
"Short generators without quantum computers: the case of multiquadratics."
Pages 27–59 in
Advances in cryptology—EUROCRYPT 2017—36th annual international conference on the theory and applications of cryptographic techniques, Paris, France, April 30–May 4, 2017, proceedings, part I,
edited by Jean-Sébastien Coron, Jesper Buus Nielsen.
Lecture Notes in Computer Science 10210,
Springer, 2017.
ISBN 978-3-319-56619-1.
|
| cr.yp.to/papers.html#pqrsa |
20pp |
2017.04.19 |
refereed |
printed |
2017.04.19
[PDF]
|
Daniel J. Bernstein, Nadia Heninger, Paul Lou, Luke Valenta.
"Post-quantum RSA."
Pages 311–329 in
Post-quantum cryptography—8th international workshop, PQCrypto 2017, Utrecht, the Netherlands, June 26–28, 2017, proceedings,
edited by Tanja Lange, Tsuyoshi Takagi.
Lecture Notes in Computer Science 10346,
Springer, 2017.
ISBN 978-3-319-59878-9.
|
| cr.yp.to/papers.html#grovernfs |
17pp |
2017.04.19 |
refereed |
printed |
2017.04.19
[PDF]
|
Daniel J. Bernstein, Jean-François Biasse, Michele Mosca.
"A low-resource quantum factoring algorithm."
Pages 330–346 in
Post-quantum cryptography—8th international workshop, PQCrypto 2017, Utrecht, the Netherlands, June 26–28, 2017, proceedings,
edited by Tanja Lange, Tsuyoshi Takagi.
Lecture Notes in Computer Science 10346,
Springer, 2017.
ISBN 978-3-319-59878-9.
|
| cr.yp.to/papers.html#fallout |
20pp |
2017.04.09 |
refereed |
printed |
2017.04.09
[PDF]
|
Daniel J. Bernstein, Tanja Lange.
"Post-quantum cryptography—dealing with the fallout of physics success."
Nature 549 (2017), 188–194.
Journal version has the title without the subtitle.
|
| cr.yp.to/papers.html#montladder |
37pp |
2017.03.30 |
refereed |
printed |
2017.03.30
[PDF]
|
Daniel J. Bernstein, Tanja Lange.
"Montgomery curves and the Montgomery ladder."
Pages 82–115 in
Topics in computational number theory inspired by Peter L. Montgomery,
edited by Joppe W. Bos, Arjen K. Lenstra.
Cambridge University Press, 2017.
ISBN 978-1107109353.
|
| cr.yp.to/papers.html#dagger |
38pp |
2017.01.13 |
|
|
2017.01.13
[PDF]
[more]
|
Daniel J. Bernstein, Chitchanok Chuengsatiansup, Tanja Lange.
"Double-base scalar multiplication revisited."
|
| cr.yp.to/papers.html#sect113r2 |
29pp |
2016.04.14 |
|
|
2016.08.06
[PDF]
[old PDF]
|
Daniel J. Bernstein, Susanne Engels, Tanja Lange, Ruben Niederhagen, Christof Paar, Peter Schwabe, Ralf Zimmermann.
"Faster elliptic-curve discrete logarithms on FPGAs."
|
| cr.yp.to/papers.html#amac |
35pp |
2016.02.15 |
refereed |
printed |
2016.02.28
[PDF]
|
Mihir Bellare, Daniel J. Bernstein, Stefano Tessaro.
"Hash-function based PRFs: AMAC and its multi-user security."
Pages 566–595 in
Advances in cryptology—EUROCRYPT 2016—35th annual international conference on the theory and applications of cryptographic techniques, Vienna, Austria, May 8–12, 2016, proceedings, part I,
edited by Marc Fischlin, Jean-Sébastien Coron.
Lecture Notes in Computer Science 9665,
Springer, 2016.
ISBN 978-3-662-49889-7.
|
| cr.yp.to/papers.html#nistecc |
27pp |
2016.01.06 |
|
|
2016.01.06
[PDF]
|
Daniel J. Bernstein, Tanja Lange.
"Failures in NIST's ECC standards."
|
| cr.yp.to/papers.html#multischnorr |
19pp |
2015.10.12 |
|
|
2015.10.12
[PDF]
[more]
|
Daniel J. Bernstein.
"Multi-user Schnorr security, revisited."
|
| cr.yp.to/papers.html#bada55 |
44pp |
2014.07.22 |
refereed |
printed |
2015.09.27
[PDF]
[more]
|
Daniel J. Bernstein, Tung Chou, Chitchanok Chuengsatiansup, Andreas Hülsing, Eran Lambooij, Tanja Lange, Ruben Niederhagen, Christine van Vredendaal.
"How to manipulate curve standards: a white paper for the black hat."
Pages 109–139 in
Security standardisation research—second international conference, SSR 2015, Tokyo, Japan, December 15–16, 2015, proceedings,
edited by Liqun Chen, Shin'ichiro Matsuo.
Lecture Notes in Computer Science 9497,
Springer, 2015.
ISBN 978-3-319-27151-4.
|
| cr.yp.to/papers.html#hessian |
28pp |
2015.08.04 |
refereed |
printed |
2015.08.04
[PDF]
|
Daniel J. Bernstein, Chitchanok Chuengsatiansup, David Kohel, Tanja Lange.
"Twisted Hessian curves."
Pages 1–26 in
Progress in cryptology—LATINCRYPT 2015, 4th international conference on cryptology and information security in Latin America, Guadalajara, Mexico, August 23–26, 2015, proceedings,
edited by Kristin Lauter, Francisco Rodríguez-Henríquez.
Lecture Notes in Computer Science 9230,
Springer, 2015.
ISBN 978-3-319-22173-1.
Erratum: At the end of the proof of Theorem 4.4,
$27a^3X_1^9 = dX_1^3Y_1^3Z_1^3 = da^2X_1^3$
should say
$27a^3X_1^9 = d^3X_1^3Y_1^3Z_1^3 = d^3a^2X_1^3$.
|
| cr.yp.to/papers.html#dual-ec |
25pp |
2015.07.31 |
|
printed |
2015.07.31
[PDF]
|
Daniel J. Bernstein, Tanja Lange, Ruben Niederhagen.
"Dual EC: a standardized back door."
Pages 256–281 in
The new codebreakers: essays dedicated to David Kahn on the occasion of his 85th birthday,
edited by Peter Y. A. Ryan, David Naccache, Jean-Jacques Quisquater.
Lecture Notes in Computer Science 9100,
Springer, 2015.
ISBN 978-3-662-49300-7.
|
| cr.yp.to/papers.html#cpupuf |
25pp |
2015.07.29 |
refereed |
printed |
2015.07.29
[PDF]
|
Pol Van Aubel, Daniel J. Bernstein, Ruben Niederhagen.
"Investigating SRAM PUFs in large CPUs and GPUs."
Pages 228–247 in
Security, privacy, and applied cryptography engineering—5th international conference, SPACE 2015, Jaipur, India, October 3–7, 2015, proceedings,
edited by Rajat Subhra Chakraborty, Peter Schwabe, Jon A. Solworth.
Lecture Notes in Computer Science 9354,
Springer, 2015.
ISBN 978-3-319-24125-8.
|
| cr.yp.to/papers.html#eddsa |
5pp |
2015.07.04 |
|
|
2015.07.04
[PDF]
[more]
|
Daniel J. Bernstein, Simon Josefsson, Tanja Lange, Peter Schwabe, Bo-Yin Yang.
"EdDSA for more curves."
|
| cr.yp.to/papers.html#pro |
25pp |
2015.03.08 |
|
|
2015.03.08
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange, Christine van Vredendaal.
"Tighter, faster, simpler side-channel security evaluations beyond computing power."
|
| cr.yp.to/papers.html#obviouscation |
27pp |
2015.02.23 |
refereed |
printed |
2015.02.23
[PDF]
[more]
|
Daniel J. Bernstein, Andreas Hülsing, Tanja Lange, Ruben Niederhagen.
"Bad directions in cryptographic hash functions."
Pages 488–508 in
Information security and privacy—20th Australasian conference, ACISP 2015, Brisbane, QLD, Australia, June 29–July 1, 2015, proceedings,
edited by Ernest Foo, Douglas Stebila.
Lecture Notes in Computer Science 9144,
Springer, 2015.
ISBN 978-3-319-19961-0.
|
| cr.yp.to/papers.html#sphincs |
30pp |
2014.10.01 |
refereed |
printed |
2015.02.02
[PDF]
[more]
|
Daniel J. Bernstein, Daira Hopwood, Andreas Hülsing, Tanja Lange, Ruben Niederhagen, Louiza Papachristodoulou, Michael Schneider, Peter Schwabe, Zooko Wilcox-O'Hearn.
"SPHINCS: practical stateless hash-based signatures."
Pages 368–397 in
Advances in cryptology—EUROCRYPT 2015—34th annual international conference on the theory and applications of cryptographic techniques, Sofia, Bulgaria, April 26–30, 2015, proceedings, part I,
edited by Elisabeth Oswald, Marc Fischlin.
Lecture Notes in Computer Science 9056,
Springer, 2015.
ISBN 978-3-662-46799-2.
|
| cr.yp.to/papers.html#batchnfs |
24pp |
2014.11.09 |
refereed |
printed |
2014.11.09
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange.
"Batch NFS."
Pages 38–58 in
Selected areas in cryptography—SAC 2014—21st international conference, Montreal, QC, Canada, August 14–15, 2014, revised selected papers,
edited by Antoine Joux, Amr M. Youssef.
Lecture Notes in Computer Science 8781,
Springer, 2014.
ISBN 978-3-319-13050-7.
|
| cr.yp.to/papers.html#kummer |
34pp |
2014.02.18 |
refereed |
printed |
2014.10.28
[PDF]
|
Daniel J. Bernstein, Chitchanok Chuengsatiansup, Tanja Lange, Peter Schwabe.
"Kummer strikes back: new DH speed records."
Pages 317–337 in
Advances in cryptology—ASIACRYPT 2014—20th international conference on the theory and application of cryptology and information security, Kaoshiung, Taiwan, December 7–11, 2014, proceedings, part 1,
edited by Palash Sarkar, Tetsu Iwata.
Lecture Notes in Computer Science 8873,
Springer, 2014.
ISBN 978-3-662-45610-1.
|
| cr.yp.to/papers.html#auth256 |
20pp |
2014.09.18 |
refereed |
printed |
2014.09.18
[PDF]
[more]
|
Daniel J. Bernstein, Tung Chou.
"Faster binary-field multiplication and faster binary-field MACs."
Pages 92–111 in
Selected areas in cryptography—SAC 2014—21st international conference, Montreal, QC, Canada, August 14–15, 2014, revised selected papers,
edited by Antoine Joux, Amr M. Youssef.
Lecture Notes in Computer Science 8781,
Springer, 2014.
ISBN 978-3-319-13050-7.
|
| cr.yp.to/papers.html#tweetnacl |
18pp |
2013.12.29 |
refereed |
printed |
2014.09.17
[PDF]
[more]
|
Daniel J. Bernstein, Bernard van Gastel, Wesley Janssen, Tanja Lange, Peter Schwabe, Sjaak Smetsers.
"TweetNaCl: a crypto library in 100 tweets."
Pages 64–83 in
Progress in cryptology—LATINCRYPT 2014—third international conference on cryptology and information security in Latin America, Florianópolis, Brazil, September 17–19, 2014, revised selected papers,
edited by Diego F. Aranha, Alfred Menezes.
Lecture Notes in Computer Science 8895,
Springer, 2015.
ISBN 978-3-319-16294-2.
|
| cr.yp.to/papers.html#curve41417 |
19pp |
2014.07.06 |
refereed |
printed |
2014.07.06
[PDF]
|
Daniel J. Bernstein, Chitchanok Chuengsatiansup, Tanja Lange.
"Curve41417: Karatsuba revisited."
Pages 316–334 in
Cryptographic hardware and embedded systems—CHES 2014—16th international workshop, Busan, South Korea, September 23–26, 2014, proceedings,
edited by Lejla Batina, Matthew Robshaw.
Lecture Notes in Computer Science 8731,
Springer, 2014.
ISBN 978-3-662-44708-6.
Typo: the displayed value of 2^411-ell is missing a final digit 9.
See safecurves.cr.yp.to for computer-verified curve information.
|
| cr.yp.to/papers.html#dualectls |
17pp |
2014.04.07 |
refereed |
printed |
2014.06.06
[PDF]
[more]
|
Stephen Checkoway, Matt Fredrikson, Ruben Niederhagen, Adam Everspaugh, Matt Green, Tanja Lange, Tom Ristenpart, Daniel J. Bernstein, Jake Maskiewicz, Hovav Shacham.
"On the practical exploitability of Dual EC in TLS implementations."
Pages 319–335 in
Proceedings of the 23rd USENIX Security Symposium,
edited by Kevin Fu.
USENIX Association, 2014.
|
| cr.yp.to/papers.html#hyperand |
21pp |
2014.05.27 |
refereed |
printed |
2014.05.27
[PDF]
|
Daniel J. Bernstein, Tanja Lange.
"Hyper-and-elliptic-curve cryptography."
LMS Journal of Computation and Mathematics 17 (2014), 181–202.
Special journal issue for proceedings of Algorithmic number theory symposium.
|
| cr.yp.to/papers.html#minimalt |
13pp |
2013.05.22 |
refereed |
printed |
2013.10.31
[PDF]
[more]
|
W. Michael Petullo, Xu Zhang, Jon A. Solworth, Daniel J. Bernstein, Tanja Lange.
"MinimaLT: Minimal-latency networking through better security."
Pages 425–438 in
2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4–8, 2013,
edited by Ahmad-Reza Sadeghi, Virgil D. Gligor, Moti Yung.
ACM, 2013.
ISBN 978-1-4503-2477-9.
|
| cr.yp.to/papers.html#smartfacts |
20pp |
2013.09.16 |
refereed |
printed |
2013.09.16
[PDF]
[more]
|
Daniel J. Bernstein, Yun-An Chang, Chen-Mou Cheng, Li-Ping Chou, Nadia Heninger, Tanja Lange, Nicko van Someren.
"Factoring RSA keys from certified smart cards: Coppersmith in the wild."
Pages 341–360 in
Advances in cryptology—ASIACRYPT 2013—19th international conference on the theory and application of cryptology and information security, Bengaluru, India, December 1–5, 2013, proceedings, part II,
edited by Kazue Sako, Palash Sarkar.
Lecture Notes in Computer Science 8270,
Springer, 2013.
ISBN 978-3-642-42044-3.
|
| cr.yp.to/papers.html#nonuniform |
53pp |
2012.06.04 |
refereed |
printed |
2013.09.14
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange.
"Non-uniform cracks in the concrete: the power of free precomputation."
Pages 321–340 in
Advances in cryptology—ASIACRYPT 2013—19th international conference on the theory and application of cryptology and information security, Bengaluru, India, December 1–5, 2013, proceedings, part II,
edited by Kazue Sako, Palash Sarkar.
Lecture Notes in Computer Science 8270,
Springer, 2013.
ISBN 978-3-642-42044-3.
|
| cr.yp.to/papers.html#elligator |
13pp |
2013.05.27 |
refereed |
printed |
2013.08.28
[PDF]
[more]
|
Daniel J. Bernstein, Mike Hamburg, Anna Krasnova, Tanja Lange.
"Elligator: Elliptic-curve points indistinguishable from uniform random strings."
Pages 967–979 in
2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4–8, 2013,
edited by Ahmad-Reza Sadeghi, Virgil D. Gligor, Moti Yung.
ACM, 2013.
ISBN 978-1-4503-2477-9.
|
| cr.yp.to/papers.html#rc4biases |
31pp |
2013.07.08 |
refereed |
printed |
2013.07.08
[PDF]
|
Nadhem J. AlFardan, Daniel J. Bernstein, Kenneth G. Paterson, Bertram Poettering, Jacob C. N. Schuldt.
"On the security of RC4 in TLS and WPA."
Pages 305–320 in
Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14–16, 2013,
edited by Samuel T. King.
USENIX Association, 2013.
ISBN 978-1-931971-03-4.
Conference version is titled ``On the security of RC4 in TLS''
and does not include WPA analysis.
|
| cr.yp.to/papers.html#mcbits |
26pp |
2013.06.16 |
refereed |
printed |
2013.06.16
[PDF]
[more]
|
Daniel J. Bernstein, Tung Chou, Peter Schwabe.
"McBits: fast constant-time code-based cryptography."
Pages 250–272 in
Cryptographic hardware and embedded systems—CHES 2013—15th international workshop, Santa Barbara, CA, USA, August 20–23, 2013, proceedings,
edited by Guido Bertoni, Jean-Sébastien Coron.
Lecture Notes in Computer Science 8086,
Springer, 2013.
ISBN 978-3-642-40348-4.
|
| cr.yp.to/papers.html#qsubsetsum |
18pp |
2013.04.07 |
refereed |
printed |
2013.04.07
[PDF]
[more]
|
Daniel J. Bernstein, Stacey Jeffery, Tanja Lange, Alexander Meurer.
"Quantum algorithms for the subset-sum problem."
Pages 16–33 in
Post-quantum cryptography—5th international workshop, PQCrypto 2013, Limoges, France, June 4–7, 2013, proceedings,
edited by Philippe Gaborit.
Lecture Notes in Computer Science 7932,
Springer, 2013.
ISBN 978-3-642-38615-2.
|
| cr.yp.to/papers.html#badbatch |
20pp |
2012.09.19 |
refereed |
printed |
2012.09.19
[PDF]
[more]
|
Daniel J. Bernstein, Jeroen Doumen, Tanja Lange, Jan-Jaap Oosterwijk.
"Faster batch forgery identification."
Pages 454–473 in
Progress in cryptology—INDOCRYPT 2012, 13th international conference on cryptology in India, Kolkata, India, December 9–12, 2012, proceedings,
edited by Steven D. Galbraith, Mridul Nandi.
Lecture Notes in Computer Science 7668,
Springer, 2012.
ISBN 978-3-642-34930-0.
|
| cr.yp.to/papers.html#cuberoot |
22pp |
2012.08.12 |
refereed |
printed |
2012.09.19
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange.
"Computing small discrete logarithms faster."
Pages 317–338 in
Progress in cryptology—INDOCRYPT 2012, 13th international conference on cryptology in India, Kolkata, India, December 9–12, 2012, proceedings,
edited by Steven D. Galbraith, Mridul Nandi.
Lecture Notes in Computer Science 7668,
Springer, 2012.
ISBN 978-3-642-34930-0.
|
| cr.yp.to/papers.html#siphash |
20pp |
2012.06.20 |
refereed |
printed |
2012.09.18
[PDF]
|
Jean-Philippe Aumasson, Daniel J. Bernstein.
"SipHash: a fast short-input PRF."
Pages 489–508 in
Progress in cryptology—INDOCRYPT 2012, 13th international conference on cryptology in India, Kolkata, India, December 9–12, 2012, proceedings,
edited by Steven D. Galbraith, Mridul Nandi.
Lecture Notes in Computer Science 7668,
Springer, 2012.
ISBN 978-3-642-34930-0.
2012.06.20 version:
Workshop Record of DIAC 2012: Directions in Authenticated Ciphers.
|
| cr.yp.to/papers.html#coolnacl |
18pp |
2011.12.01 |
refereed |
printed |
2012.07.25
[PDF]
|
Daniel J. Bernstein, Tanja Lange, Peter Schwabe.
"The security impact of a new cryptographic library."
Pages 159–176 in
Progress in cryptology—LATINCRYPT 2012—2nd international conference on cryptology and information security in Latin America, Santiago, Chile, October 7–10, 2012, proceedings,
edited by Alejandro Hevia, Gregory Neven.
Lecture Notes in Computer Science 7533,
Springer, 2012.
ISBN 978-3-642-33480-1.
|
| cr.yp.to/papers.html#grumpy |
19pp |
2012.06.02 |
refereed |
printed |
2012.07.09
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange.
"Two grumpy giants and a baby."
Pages 87–111 in
ANTS X: proceedings of the tenth algorithmic number theory symposium, San Diego 2012,
edited by Everett W. Howe, Kiran S. Kedlaya.
Mathematical Sciences Publishers, 2013.
ISBN 978-1-935107-01-9.
|
| cr.yp.to/papers.html#bunny |
12pp |
2012.06.21 |
refereed |
printed |
2012.06.21
[PDF]
|
Daniel J. Bernstein, Tanja Lange.
"Never trust a bunny."
Pages 137–148 in
Radio frequency identification. Security and privacy issues—8th international workshop, RFIDSec 2012, Nijmegen, The Netherlands, July 2–3, 2012, revised selected papers,
edited by Jaap-Henk Hoepman, Ingrid Verbauwhede.
Lecture Notes in Computer Science 7739,
Springer, 2013.
ISBN 978-3-642-36139-5.
|
| cr.yp.to/papers.html#neoncrypto |
15pp |
2012.03.20 |
refereed |
printed |
2012.03.20
[PDF]
|
Daniel J. Bernstein, Peter Schwabe.
"NEON crypto."
Pages 320–339 in
Cryptographic hardware and embedded systems, CHES 2012, 14th international workshop, Leuven, Belgium, September 9–12, 2012, proceedings,
edited by Emmanuel Prouff, Patrick Schaumont.
Lecture Notes in Computer Science 7428,
Springer, 2012.
ISBN 978-3-642-33026-1.
|
| cr.yp.to/papers.html#gpuasm |
10pp |
2012.03.13 |
refereed |
|
2012.03.13
[PDF]
|
Daniel J. Bernstein, Hsieh-Chung Chen, Chen-Mou Cheng, Tanja Lange, Ruben Niederhagen, Peter Schwabe, Bo-Yin Yang.
"Usable assembly language for GPUs: a success story."
Workshop Record of SHARCS 2012: Special-Purpose Hardware for Attacking Cryptographic Systems.
|
| cr.yp.to/papers.html#shootout |
13pp |
2012.01.03 |
refereed |
|
2012.02.19
[PDF]
|
Daniel J. Bernstein, Tanja Lange.
"The new SHA-3 software shootout."
Third SHA-3 Candidate Conference.
|
| cr.yp.to/papers.html#sha3opt |
8pp |
2012.01.04 |
|
|
2012.01.04
[PDF]
|
Daniel J. Bernstein.
"Optimization failures in SHA-3 software."
|
| cr.yp.to/papers.html#gpuecc2k |
19pp |
2012.01.02 |
refereed |
printed |
2012.01.02
[PDF]
|
Daniel J. Bernstein, Hsieh-Chung Chen, Chen-Mou Cheng, Tanja Lange, Ruben Niederhagen, Peter Schwabe, Bo-Yin Yang.
"ECC2K-130 on NVIDIA GPUs."
Pages 328–346 in
Progress in cryptology—INDOCRYPT 2010—11th international conference on cryptology in India, Hyderabad, India, December 12–15, 2010, proceedings,
edited by Guang Gong, Kishan Chand Gupta.
Lecture Notes in Computer Science 6498,
Springer, 2010.
ISBN 978-3-642-17400-1.
|
| cr.yp.to/papers.html#eecm |
41pp |
2008.01.09 |
refereed |
printed |
2011.10.08
[PDF]
[more]
|
Daniel J. Bernstein, Peter Birkner, Tanja Lange, Christiane Peters.
"ECM using Edwards curves."
Mathematics of Computation 82 (2013), 1139–1179.
|
| cr.yp.to/papers.html#ed25519 |
23pp |
2011.07.05 |
refereed |
printed |
2011.09.26
[PDF]
[more]
|
Daniel J. Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, Bo-Yin Yang.
"High-speed high-security signatures."
Pages 124–142 in
Cryptographic hardware and embedded systems—CHES 2011, 13th international workshop, Nara, Japan, September 28–October 1, 2011, proceedings,
edited by Bart Preneel, Tsuyoshi Takagi.
Lecture Notes in Computer Science 6917,
Springer, 2011.
ISBN 978-3-642-23950-2.
Journal version:
Journal of Cryptographic Engineering 2 (2012), 77–89.
|
| cr.yp.to/papers.html#wild2 |
13pp |
2011.09.15 |
refereed |
printed |
2011.09.15
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange, Christiane Peters.
"Wild McEliece incognito."
Pages 244–254 in
Post-quantum cryptography—4th international workshop, PQCrypto 2011, Taipei, Taiwan, November 29–December 2, 2011, proceedings,
edited by Bo-Yin Yang.
Lecture Notes in Computer Science 7071,
Springer, 2011.
ISBN 978-3-642-25404-8.
|
| cr.yp.to/papers.html#simplelist |
17pp |
2011.03.20 |
refereed |
printed |
2011.09.15
[PDF]
[more]
|
Daniel J. Bernstein.
"Simplified high-speed high-distance list decoding for alternant codes."
Pages 200–216 in
Post-quantum cryptography—4th international workshop, PQCrypto 2011, Taipei, Taiwan, November 29–December 2, 2011, proceedings,
edited by Bo-Yin Yang.
Lecture Notes in Computer Science 7071,
Springer, 2011.
ISBN 978-3-642-25404-8.
|
| cr.yp.to/papers.html#rfsb |
19pp |
2011.02.14 |
refereed |
printed |
2011.05.08
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange, Christiane Peters, Peter Schwabe.
"Really fast syndrome-based hashing."
Pages 134–152 in
Progress in cryptology—AFRICACRYPT 2011—4th international conference on cryptology in Africa, Dakar, Senegal, July 5–7, 2011, proceedings,
edited by Abderrahmane Nitaj, David Pointcheval.
Lecture Notes in Computer Science 6737,
Springer, 2011.
ISBN 978-3-642-21968-9.
|
| cr.yp.to/papers.html#2reg |
18pp |
2011.03.09 |
refereed |
printed |
2011.03.09
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange, Christiane Peters, Peter Schwabe.
"Faster 2-regular information-set decoding."
Pages 81–98 in
Coding and cryptology—third international workshop, IWCC 2011, Qingdao, China, May 30–June 3, 2011, proceedings,
edited by Yeow Meng Chee, Zhenbo Guo, San Ling, Fengjing Shao, Yuansheng Tang, Huaxiong Wang, Chaoping Xing.
Lecture Notes in Computer Science 6639,
Springer, 2011.
ISBN 978-3-642-20900-0.
|
| cr.yp.to/papers.html#ballcoll |
26pp |
2010.11.17 |
refereed |
printed |
2011.03.07
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange, Christiane Peters.
"Smaller decoding exponents: ball-collision decoding."
Pages 743–760 in
Advances in cryptology—CRYPTO 2011—31st annual cryptology conference, Santa Barbara, CA, USA, August 14–18, 2011, proceedings,
edited by Phillip Rogaway.
Lecture Notes in Computer Science 6841,
Springer, 2011.
ISBN 978-3-642-22791-2.
|
| cr.yp.to/papers.html#goppalist |
19pp |
2008.07.06 |
refereed |
printed |
2011.03.03
[PDF]
[more]
|
Daniel J. Bernstein.
"List decoding for binary Goppa codes."
Pages 62–80 in
Coding and cryptology—third international workshop, IWCC 2011, Qingdao, China, May 30–June 3, 2011, proceedings,
edited by Yeow Meng Chee, Zhenbo Guo, San Ling, Fengjing Shao, Yuansheng Tang, Huaxiong Wang, Chaoping Xing.
Lecture Notes in Computer Science 6639,
Springer, 2011.
ISBN 978-3-642-20900-0.
|
| cr.yp.to/papers.html#xsalsa |
14pp |
2008.11.28 |
refereed |
|
2011.02.04
[PDF]
[more]
|
Daniel J. Bernstein.
"Extending the Salsa20 nonce."
Workshop Record of Symmetric Key Encryption Workshop 2011.
|
| cr.yp.to/papers.html#negation |
26pp |
2011.01.02 |
refereed |
printed |
2011.01.02
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange, Peter Schwabe.
"On the correct use of the negation map in the Pollard rho method."
Pages 128–146 in
Public key cryptography—PKC 2011—14th international conference on practice and theory in public key cryptography, Taormina, Italy, March 6–9, 2011, proceedings,
edited by Dario Catalano, Nelly Fazio, Rosario Gennaro, Antonio Nicolosi.
Lecture Notes in Computer Science 6571,
Springer, 2011.
ISBN 978-3-642-19378-1.
|
| cr.yp.to/papers.html#quantumsha3 |
7pp |
2010.11.12 |
|
|
2010.11.12
[PDF]
[more]
|
Daniel J. Bernstein.
"Quantum attacks against Blue Midnight Wish, ECHO, Fugue, Grøstl, Hamsi, JH, Keccak, Shabal, SHAvite-3, SIMD, and Skein."
|
| cr.yp.to/papers.html#wild |
18pp |
2010.07.21 |
refereed |
printed |
2010.10.07
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange, Christiane Peters.
"Wild McEliece."
Pages 143–158 in
Selected areas in cryptography—17th international workshop, SAC 2010, Waterloo, Ontario, Canada, August 12–13, 2010, revised selected papers,
edited by Alex Biryukov, Guang Gong, Douglas R. Stinson.
Lecture Notes in Computer Science 6544,
Springer, 2011.
ISBN 978-3-642-19573-0.
|
| cr.yp.to/papers.html#completed |
15pp |
2009.11.25 |
refereed |
printed |
2010.10.06
[PDF]
|
Daniel J. Bernstein, Tanja Lange.
"A complete set of addition laws for incomplete Edwards curves."
Journal of Number Theory 131 (2011), 858–872.
|
| cr.yp.to/papers.html#interop |
5pp |
2010.09.15 |
|
|
2010.09.15
[PDF]
[more]
|
Daniel J. Bernstein.
"SHA-3 interoperability."
|
| cr.yp.to/papers.html#bestat |
5pp |
2010.09.06 |
|
|
2010.09.06
[PDF]
[more]
|
Daniel J. Bernstein.
"Visualizing area-time tradeoffs for SHA-3."
|
| cr.yp.to/papers.html#a1ecm |
20pp |
2010.06.14 |
refereed |
printed |
2010.06.14
[PDF]
[more]
|
Daniel J. Bernstein, Peter Birkner, Tanja Lange.
"Starfish on strike."
Pages 61–80 in
Progress in cryptology—LATINCRYPT 2010, first international conference on cryptology and information security in Latin America, Puebla, Mexico, August 8–11, 2010, proceedings,
edited by Michel Abdalla, Paulo S. L. M. Barreto.
Lecture Notes in Computer Science 6212,
Springer, 2010.
ISBN 978-3-642-14711-1.
Typo in the proof of Theorem 5.1: the displayed ...=d should be -...=d.
|
| cr.yp.to/papers.html#opb |
17pp |
2010.02.09 |
refereed |
printed |
2010.04.13
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange.
"Type-II optimal polynomial bases."
Pages 41–61 in
Arithmetic of finite fields: third international workshop, WAIFI 2010, Istanbul, Turkey, June 27–30, 2010, proceedings,
edited by M. Anwar Hasan, Tor Helleseth.
Lecture Notes in Computer Science 6087,
Springer, 2010.
ISBN 978-3-642-13796-9.
|
| cr.yp.to/papers.html#grovercode |
8pp |
2009.11.23 |
refereed |
printed |
2010.03.03
[PDF]
[more]
|
Daniel J. Bernstein.
"Grover vs. McEliece."
Pages 73–80 in
Post-quantum cryptography: third international workshop, PQCrypto 2010, Darmstadt, Germany, May 25–28, 2010, proceedings,
edited by Nicolas Sendrier.
Lecture Notes in Computer Science 6061,
Springer, 2010.
ISBN 978-3-642-12928-5.
|
| cr.yp.to/papers.html#ecc2k130 |
20pp |
2009.11.05 |
|
|
2009.11.18
[PDF]
[more]
|
Daniel V. Bailey, Lejla Batina, Daniel J. Bernstein, Peter Birkner, Joppe W. Bos, Hsieh-Chung Chen, Chen-Mou Cheng, Gauthier van Damme, Giacomo de Meulenaer, Luis Julian Dominguez Perez, Junfeng Fan, Tim Gueneysu, Frank Gurkaynak, Thorsten Kleinjung, Tanja Lange, Nele Mentens, Ruben Niederhagen, Christof Paar, Francesco Regazzoni, Peter Schwabe, Leif Uhsadel, Anthony Van Herrewege, Bo-Yin Yang.
"Breaking ECC2K-130."
|
| cr.yp.to/papers.html#linearmod2 |
16pp |
2009.08.30 |
refereed |
|
2009.10.05
[PDF]
[more]
|
Daniel J. Bernstein.
"Optimizing linear maps modulo 2."
Workshop Record of SPEED-CC: Software Performance Enhancement for Encryption and Decryption
and Cryptographic Compilers.
|
| cr.yp.to/papers.html#fsbday |
21pp |
2009.06.17 |
refereed |
printed |
2009.10.03
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange, Ruben Niederhagen, Christiane Peters, Peter Schwabe.
"FSBday: implementing Wagner's generalized birthday attack against the SHA-3 round-1 candidate FSB."
Pages 18–38 in
Progress in cryptology—INDOCRYPT 2009, 10th international conference on cryptology in India, New Delhi, India, December 13–16, 2009, proceedings,
edited by Bimal Roy, Nicolas Sendrier.
Lecture Notes in Computer Science 5922,
Springer, 2009.
ISBN 978-3-642-10627-9.
Previous version:
Workshop Record of SHARCS'09: Special-purpose Hardware for Attacking Cryptographic Systems.
|
| cr.yp.to/papers.html#pc109 |
14pp |
2009.09.01 |
refereed |
|
2009.09.01
[PDF]
[more]
|
Daniel J. Bernstein, Hsueh-Chung Chen, Ming-Shing Chen, Chen-Mou Cheng, Chun-Hung Hsiao, Tanja Lange, Zong-Cing Lin, Bo-Yin Yang.
"The billion-mulmod-per-second PC."
Workshop Record of SHARCS'09: Special-purpose Hardware for Attacking Cryptographic Systems.
|
| cr.yp.to/papers.html#ecc2x |
32pp |
2009.09.01 |
refereed |
|
2009.09.01
[PDF]
[more]
|
Daniel V. Bailey, Brian Baldwin, Lejla Batina, Daniel J. Bernstein, Peter Birkner, Joppe W. Bos, Gauthier van Damme, Giacomo de Meulenaer, Junfeng Fan, Tim Gueneysu, Frank Gurkaynak, Thorsten Kleinjung, Tanja Lange, Nele Mentens, Christof Paar, Francesco Regazzoni, Peter Schwabe, Leif Uhsadel.
"The Certicom challenges ECC2-X."
Workshop Record of SHARCS'09: Special-purpose Hardware for Attacking Cryptographic Systems.
|
| cr.yp.to/papers.html#collisioncost |
12pp |
2009.05.17 |
refereed |
|
2009.08.23
[PDF]
[more]
|
Daniel J. Bernstein.
"Cost analysis of hash collisions: Will quantum computers make SHARCS obsolete?"
Workshop Record of SHARCS'09: Special-purpose Hardware for Attacking Cryptographic Systems.
|
| cr.yp.to/papers.html#bbe |
21pp |
2009.06.04 |
refereed |
printed |
2009.06.04
[PDF]
[more]
|
Daniel J. Bernstein.
"Batch binary Edwards."
Pages 317–336 in
Advances in cryptology—Crypto 2009, 29th annual international cryptology conference, Santa Barbara, CA, USA, August 16–20, 2009, proceedings,
edited by Shai Halevi.
Lecture Notes in Computer Science 5677,
Springer, 2009.
ISBN 978-3-642-03355-1.
|
| cr.yp.to/papers.html#naclcrypto |
45pp |
2009.03.10 |
|
|
2009.03.10
[PDF]
|
Daniel J. Bernstein.
"Cryptography in NaCl."
|
| cr.yp.to/papers.html#gpuecm |
20pp |
2008.11.11 |
refereed |
printed |
2009.01.27
[PDF]
[more]
|
Daniel J. Bernstein, Tien-Ren Chen, Chen-Mou Cheng, Tanja Lange, Bo-Yin Yang.
"ECM on graphics cards."
Pages 483–501 in
Advances in cryptology—EUROCRYPT 2009, 28th annual international conference on the theory and applications of cryptographic techniques, Cologne, Germany, April 26–30, 2009, proceedings,
edited by Antoine Joux.
Lecture Notes in Computer Science 5479,
Springer, 2009.
ISBN 978-3-642-01000-2.
|
| cr.yp.to/papers.html#decoco |
13pp |
|
refereed |
|
2009
|
Daniel J. Bernstein, Tanja Lange, Christiane Peters, Henk van Tilborg.
"Explicit bounds for generic decoding algorithms for code-based cryptography."
Proceedings of WCC 2009.
|
| cr.yp.to/papers.html#aesspeed |
15pp |
2008.09.08 |
refereed |
printed |
2008.09.26
[PDF]
[more]
|
Daniel J. Bernstein, Peter Schwabe.
"New AES software speed records."
Pages 322–336 in
Progress in cryptology—INDOCRYPT 2008, 9th international conference on cryptology in India, Kharagpur, India, December 14–17, 2008, proceedings,
edited by Dipanwita Roy Chowdhury, Vincent Rijmen, Abhijit Das.
Lecture Notes in Computer Science 5365,
Springer, 2008.
ISBN 978-3-540-89753-8.
|
| cr.yp.to/papers.html#mceliece |
16pp |
2008.07.22 |
refereed |
printed |
2008.08.07
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange, Christiane Peters.
"Attacking and defending the McEliece cryptosystem."
Pages 31–46 in
Post-quantum cryptography: second international workshop, PQCrypto 2008, Cincinnati, OH, USA, October 17–19, 2008, proceedings,
edited by Johannes Buchmann, Jintai Ding.
Springer, 2008.
ISBN 978-3-540-88402-6.
|
| cr.yp.to/papers.html#edwards2 |
23pp |
2008.04.15 |
refereed |
printed |
2008.06.11
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange, Reza Rezaeian Farashahi.
"Binary Edwards curves."
Pages 244–265 in
Cryptographic hardware and embedded systems—CHES 2008, 10th international workshop, Washington, D.C., USA, August 10–13, 2008, proceedings,
edited by Elisabeth Oswald, Pankaj Rohatgi.
Lecture Notes in Computer Science 5154,
Springer, 2008.
ISBN 978-3-540-85052-6.
|
| cr.yp.to/papers.html#multapps |
60pp |
2003.01.19 |
refereed |
printed |
2008.05.15
[PDF]
[more]
|
Daniel J. Bernstein.
"Fast multiplication and its applications."
Pages 325–384 in
Algorithmic number theory: lattices, number fields, curves and cryptography,
edited by Joe Buhler, Peter Stevenhagen.
Cambridge University Press, 2008.
ISBN 978-0521808545.
|
| cr.yp.to/papers.html#smallheight |
26pp |
2003.09.18 |
refereed |
printed |
2008.05.02
[PDF]
[more]
|
Daniel J. Bernstein.
"Reducing lattice bases to find small-height values of univariate polynomials."
Pages 421–446 in
Algorithmic number theory: lattices, number fields, curves and cryptography,
edited by Joe Buhler, Peter Stevenhagen.
Cambridge University Press, 2008.
ISBN 978-0521808545.
|
| cr.yp.to/papers.html#forgery |
15pp |
2001.07.31 |
refereed |
printed |
2008.05.01
[PDF]
[more]
|
Daniel J. Bernstein.
"Protecting communications against forgery."
Pages 535–549 in
Algorithmic number theory: lattices, number fields, curves and cryptography,
edited by Joe Buhler, Peter Stevenhagen.
Cambridge University Press, 2008.
ISBN 978-0521808545.
Erratum: The conjecture on page 539 is quantitatively incorrect
(as are many analogous conjectures in the literature)
for the most obvious definition of "steps".
There exists an attack algorithm with a considerably better tradeoff
between success probability and number of steps,
even though no feasible method is known to find that algorithm.
|
| cr.yp.to/papers.html#phase3speed |
13pp |
2008.02.25 |
|
|
2008.03.31
[PDF]
[more]
|
Daniel J. Bernstein.
"Which phase-3 eSTREAM ciphers provide the best software speeds?"
|
| cr.yp.to/papers.html#broken |
35pp |
2008.02.21 |
|
|
2008.03.30
[PDF]
[more]
|
Daniel J. Bernstein.
"Which eSTREAM ciphers have been broken?"
|
| cr.yp.to/papers.html#twisted |
17pp |
2008.01.08 |
refereed |
printed |
2008.03.13
[PDF]
[more]
|
Daniel J. Bernstein, Peter Birkner, Marc Joye, Tanja Lange, Christiane Peters.
"Twisted Edwards curves."
Pages 389–405 in
Progress in cryptology—AFRICACRYPT 2008, first international conference on cryptology in Africa, Casablanca, Morocco, June 11–14, 2008, proceedings,
edited by Serge Vaudenay.
Lecture Notes in Computer Science 5023,
Springer, 2008.
ISBN 978-3-540-68159-5.
|
| cr.yp.to/papers.html#rwtight |
18pp |
2003.09.26 |
refereed |
printed |
2008.02.01
[PDF]
[more]
|
Daniel J. Bernstein.
"Proving tight security for Rabin-Williams signatures."
Pages 70–87 in
Advances in cryptology—EUROCRYPT 2008, 27th annual international conference on the theory and applications of cryptographic techniques, Istanbul, Turkey, April 13–17, 2008, proceedings,
edited by Nigel Smart.
Lecture Notes in Computer Science 4965,
Springer, 2008.
ISBN 978-3-540-78966-6.
|
| cr.yp.to/papers.html#rwsota |
11pp |
2008.01.31 |
|
|
2008.01.31
[PDF]
[more]
|
Daniel J. Bernstein.
"RSA signatures and Rabin-Williams signatures: the state of the art."
|
| cr.yp.to/papers.html#chacha |
6pp |
2008.01.20 |
refereed |
|
2008.01.28
[PDF]
[more]
|
Daniel J. Bernstein.
"ChaCha, a variant of Salsa20."
Workshop Record of SASC 2008: The State of the Art of Stream Ciphers.
|
| cr.yp.to/papers.html#salsafamily |
15pp |
2007.12.25 |
|
printed |
2007.12.25
[PDF]
[more]
|
Daniel J. Bernstein.
"The Salsa20 family of stream ciphers."
Pages 84–97 in
New stream cipher designs: the eSTREAM finalists,
edited by Matthew Robshaw, Olivier Billet.
Lecture Notes in Computer Science 4986,
Springer, 2008.
ISBN 978-3-540-68350-6.
Paper invited by book editors.
|
| cr.yp.to/papers.html#efd |
19pp |
2007.12.04 |
refereed |
printed |
2007.12.04
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange.
"Analysis and optimization of elliptic-curve single-scalar multiplication."
Pages 1–19 in
Finite fields and applications: Eighth international conference on finite fields and applications, July 9–13, 2007, Melbourne, Australia,
edited by Gary L. Mullen, Daniel Panario, Igor E. Shparlinski.
Contemporary Mathematics 461,
American Mathematical Society, 2008.
ISBN 978-0-8218-4309-3.
|
| cr.yp.to/papers.html#qmailsec |
10pp |
2007.11.01 |
|
printed |
2007.11.01
[PDF]
|
Daniel J. Bernstein.
"Some thoughts on security after ten years of qmail 1.0."
Proceedings of Computer Security Architecture Workshop (CSAW) 2007.
Paper invited by conference organizers.
|
| cr.yp.to/papers.html#doublebase |
16pp |
2007.10.28 |
refereed |
printed |
2007.10.28
[PDF]
[more]
|
Daniel J. Bernstein, Peter Birkner, Tanja Lange, Christiane Peters.
"Optimizing double-base elliptic-curve single-scalar multiplication."
Pages 167–182 in
Progress in cryptology—INDOCRYPT 2007, 8th international conference on cryptology in India, Chennai, India, December 9–13, 2007, proceedings,
edited by Kannan Srinathan, Chandrasekaran Pandu Rangan, Moti Yung.
Lecture Notes in Computer Science 4859,
Springer, 2007.
ISBN 978-3-540-77025-1.
|
| cr.yp.to/papers.html#pema |
14pp |
2007.10.22 |
|
|
2007.10.22
[PDF]
[more]
|
Daniel J. Bernstein.
"Polynomial evaluation and message authentication."
|
| cr.yp.to/papers.html#inverted |
8pp |
2007.10.09 |
|
printed |
2007.10.09
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange.
"Inverted Edwards coordinates."
Pages 20–27 in
Applied Algebra, Algebraic Algorithms and Error-Correcting Codes, 17th International Symposium, AAECC-17, Bangalore, India, December 16–20, 2007, Proceedings,
edited by Serdar Boztas, Hsiao-feng Lu.
Lecture Notes in Computer Science 4851,
Springer, 2007.
ISBN 978-3-540-77223-1.
Paper invited from Lange by conference organizers.
|
| cr.yp.to/papers.html#tangentfft |
10pp |
2007.08.09 |
refereed |
printed |
2007.09.19
[PDF]
[more]
|
Daniel J. Bernstein.
"The tangent FFT."
Pages 291–300 in
Applied Algebra, Algebraic Algorithms and Error-Correcting Codes, 17th International Symposium, AAECC-17, Bangalore, India, December 16–20, 2007, Proceedings,
edited by Serdar Boztas, Hsiao-feng Lu.
Lecture Notes in Computer Science 4851,
Springer, 2007.
ISBN 978-3-540-77223-1.
|
| cr.yp.to/papers.html#newelliptic |
20pp |
2007.04.10 |
refereed |
printed |
2007.09.06
[PDF]
[more]
|
Daniel J. Bernstein, Tanja Lange.
"Faster addition and doubling on elliptic curves."
Pages 29–50 in
Advances in cryptology—ASIACRYPT 2007, 13th international conference on the theory and application of cryptology and information security, Kuching, Malaysia, December 2–6, 2007, proceedings,
edited by Kaoru Kurosawa.
Lecture Notes in Computer Science 4833,
Springer, 2007.
ISBN 978-3-540-76899-9.
|
| cr.yp.to/papers.html#genbday |
8pp |
2007.07.19 |
refereed |
|
2007.09.04
[PDF]
[more]
|
Daniel J. Bernstein.
"Better price-performance ratios for generalized birthday attacks."
Workshop Record of SHARCS'07: Special-purpose Hardware for Attacking Cryptographic Systems.
|
| cr.yp.to/papers.html#antiquad |
19pp |
2007.03.03 |
refereed |
printed |
2007.08.17
[PDF]
[more]
|
Bo-Yin Yang, Owen Chia-Hsin Chen, Daniel J. Bernstein, Jiun-Ming Chen.
"Analysis of QUAD."
Pages 290–308 in
Fast software encryption: 14th international workshop, FSE 2007, Luxembourg, Luxembourg, March 26–28, 2007, revised selected papers,
edited by Alex Biryukov.
Lecture Notes in Computer Science 4593,
Springer, 2007.
ISBN 978-3-540-74617-1.
|
| cr.yp.to/papers.html#cipherdag |
2pp |
2007.06.30 |
refereed |
|
2007.06.30
[PDF]
[more]
|
Daniel J. Bernstein.
"Cipher DAGs."
Workshop Record of ECRYPT Workshop on Tools for Cryptanalysis 2007.
|
| cr.yp.to/papers.html#expandxor |
10pp |
2007.04.11 |
refereed |
|
2007.05.03
[PDF]
[more]
|
Daniel J. Bernstein.
"What output size resists collisions in a xor of independent expansions?"
Workshop Record of ECRYPT Workshop on Hash Functions 2007.
|
| cr.yp.to/papers.html#aecycles |
13pp |
2007.01.11 |
refereed |
|
2007.01.18
[PDF]
[more]
|
Daniel J. Bernstein.
"Cycle counts for authenticated encryption."
Workshop Record of SASC 2007: The State of the Art of Stream Ciphers.
|
| cr.yp.to/papers.html#kdvseries |
4pp |
2006.10.19 |
|
|
2006.10.19
[PDF]
[more]
|
Daniel J. Bernstein.
"Using fast power-series arithmetic in the Kedlaya-Denef-Vercauteren algorithm."
|
| cr.yp.to/papers.html#powers2 |
4pp |
2004.06.30 |
refereed |
printed |
2006.09.14
[PDF]
[more]
|
Daniel J. Bernstein, Hendrik W. Lenstra, Jr., Jonathan Pila.
"Detecting perfect powers by factoring into coprimes."
Mathematics of Computation 76 (2007), 385–388.
|
| cr.yp.to/papers.html#meecrt |
12pp |
2003.08.15 |
refereed |
printed |
2006.09.14
[PDF]
[more]
|
Daniel J. Bernstein, Jonathan P. Sorenson.
"Modular exponentiation via the explicit Chinese remainder theorem."
Mathematics of Computation 76 (2007), 443–454.
|
| cr.yp.to/papers.html#quartic |
15pp |
2003.01.28 |
refereed |
printed |
2006.09.14
[PDF]
[more]
|
Daniel J. Bernstein.
"Proving primality in essentially quartic random time."
Mathematics of Computation 76 (2007), 389–403.
|
| cr.yp.to/papers.html#curvezero |
13pp |
2006.07.21 |
|
|
2006.07.26
[PDF]
[more]
|
Daniel J. Bernstein.
"Can we avoid tests for zero in fast elliptic-curve arithmetic?"
|
| cr.yp.to/papers.html#zkcrypt |
4pp |
2006.03.02 |
|
|
2006.03.02
[PDF]
[more]
|
Daniel J. Bernstein.
"Does ZK-Crypt version 1 flunk a repetition test?"
|
| cr.yp.to/papers.html#diffchain |
16pp |
2006.02.19 |
|
|
2006.02.19
[PDF]
[more]
|
Daniel J. Bernstein.
"Differential addition chains."
|
| cr.yp.to/papers.html#curve25519 |
22pp |
2005.11.15 |
refereed |
printed |
2006.02.09
[PDF]
[more]
|
Daniel J. Bernstein.
"Curve25519: new Diffie-Hellman speed records."
Pages 207–228 in
Public key cryptography—PKC 2006, 9th international conference on theory and practice in public-key cryptography, New York, NY, USA, April 24–26, 2006, proceedings,
edited by Moti Yung, Yevgeniy Dodis, Aggelos Kiayias, Tal Malkin.
Lecture Notes in Computer Science 3958,
Springer, 2006.
ISBN 3-540-33851-9.
|
| cr.yp.to/papers.html#stream256 |
14pp |
2005.12.23 |
refereed |
|
2006.01.23
[PDF]
[more]
|
Daniel J. Bernstein.
"Comparison of 256-bit stream ciphers at the beginning of 2006."
Workshop Record of SASC 2006: Stream Ciphers Revisited.
|
| cr.yp.to/papers.html#abccong |
5pp |
2003.03.14 |
refereed |
printed |
2005.12.24
[PDF]
[more]
|
Daniel J. Bernstein.
"Sharper ABC-based bounds for congruent polynomials."
Journal de Théorie des Nombres de Bordeaux 17 (2005), 721–725.
|
| cr.yp.to/papers.html#bruteforce |
10pp |
2005.04.25 |
refereed |
|
2005.04.25
[PDF]
[more]
|
Daniel J. Bernstein.
"Understanding brute force."
ECRYPT STVL Workshop on Symmetric Key Encryption.
|
| cr.yp.to/papers.html#cachetiming |
37pp |
2004.11.11 |
|
|
2005.04.14
[PDF]
[more]
|
Daniel J. Bernstein.
"Cache-timing attacks on AES."
|
| cr.yp.to/papers.html#poly1305 |
18pp |
2004.11.01 |
refereed |
printed |
2005.03.29
[PDF]
[more]
|
Daniel J. Bernstein.
"The Poly1305-AES message-authentication code."
Pages 32–49 in
Fast software encryption: 12th international workshop, FSE 2005, Paris, France, February 21–23, 2005, revised selected papers,
edited by Henri Gilbert, Helena Handschuh.
Lecture Notes in Computer Science 3557,
Springer, 2005.
ISBN 3-540-26541-4.
|
| cr.yp.to/papers.html#permutations |
10pp |
2005.03.23 |
|
|
2005.03.23
[PDF]
[more]
|
Daniel J. Bernstein.
"Stronger security bounds for permutations."
To be incorporated into author's
High-speed cryptography book.
|
| cr.yp.to/papers.html#securitywcs |
17pp |
2004.10.19 |
refereed |
printed |
2005.02.27
[PDF]
[more]
|
Daniel J. Bernstein.
"Stronger security bounds for Wegman-Carter-Shoup authenticators."
Pages 164–180 in
Advances in Cryptology—EUROCRYPT 2005, 24th annual international conference on the theory and applications of cryptographic techniques, Aarhus, Denmark, May 22–26, 2005, proceedings,
edited by Ronald Cramer.
Lecture Notes in Computer Science 3494,
Springer, 2005.
ISBN 3-540-25910-4.
|
| cr.yp.to/papers.html#easycbc |
6pp |
2005.01.09 |
|
|
2005.01.09
[PDF]
[more]
|
Daniel J. Bernstein.
"A short proof of the unpredictability of cipher block chaining."
|
| cr.yp.to/papers.html#dcba |
30pp |
1996.05.12 |
refereed |
printed |
2005.01
[PDF]
[more]
|
Daniel J. Bernstein.
"Factoring into coprimes in essentially linear time."
Journal of Algorithms 54 (2005), 1–30.
|
| cr.yp.to/papers.html#prime2004 |
15pp |
2004.02.12 |
|
|
2004.12.23
[PDF]
[more]
|
Daniel J. Bernstein.
"Distinguishing prime numbers from composite numbers: the state of the art in 2004."
|
| cr.yp.to/papers.html#dcba2 |
4pp |
2004.10.09 |
|
|
2004.11.03
[PDF]
[more]
|
Daniel J. Bernstein.
"Research announcement: Faster factorization into coprimes."
|
| cr.yp.to/papers.html#hash127 |
21pp |
1999.04.04 |
|
|
2004.09.18
[PDF]
[more]
|
Daniel J. Bernstein.
"Floating-point arithmetic and message authentication."
To be incorporated into author's
High-speed cryptography book.
|
| cr.yp.to/papers.html#scaledmod |
8pp |
2004.08.20 |
|
|
2004.08.20
[PDF]
[more]
|
Daniel J. Bernstein.
"Scaled remainder trees."
|
| cr.yp.to/papers.html#focus |
8pp |
2001.12.31 |
refereed |
printed |
2004.06.10
[more]
|
Daniel J. Bernstein.
"Doubly focused enumeration of locally square polynomial values."
Pages 69–76 in
High primes and misdemeanours: lectures in honour of the 60th birthday of Hugh Cowie Williams,
edited by Alf van der Poorten, Andreas Stein.
Fields Institute Communications 41,
American Mathematical Society, 2004.
ISBN 0-8218-3353-7.
|
| cr.yp.to/papers.html#smoothparts |
7pp |
2004.05.10 |
|
|
2004.05.10
[PDF]
[more]
|
Daniel J. Bernstein.
"How to find smooth parts of integers."
|
| cr.yp.to/papers.html#primesieves |
8pp |
1999.05.05 |
refereed |
printed |
2004.04
[PDF]
[more]
|
A. O. L. Atkin, Daniel J. Bernstein.
"Prime sieves using binary quadratic forms."
Mathematics of Computation 73 (2004), 1023–1030.
|
| cr.yp.to/papers.html#fastnewton |
13pp |
1998.06.27 |
|
|
2004.03.09
[PDF]
[more]
|
Daniel J. Bernstein.
"Removing redundancy in high-precision Newton iteration."
|
| cr.yp.to/papers.html#logagm |
8pp |
2003.07.17 |
|
|
2003.07.17
[PDF]
[more]
|
Daniel J. Bernstein.
"Computing logarithm intervals with the arithmetic-geometric-mean iteration."
|
| cr.yp.to/papers.html#logfloor |
4pp |
2003.06.29 |
|
|
2003.06.30
[PDF]
[more]
|
Daniel J. Bernstein.
"Computing logarithm floors in essentially linear time."
|
| cr.yp.to/papers.html#aks |
15pp |
2002.08.09 |
|
|
2003.01.25
[PDF]
[more]
|
Daniel J. Bernstein.
"Proving primality after Agrawal-Kayal-Saxena."
|
| cr.yp.to/papers.html#psi |
18pp |
2000.11.03 |
refereed |
printed |
2002.10.01
[PDF]
[more]
|
Daniel J. Bernstein.
"Arbitrarily tight bounds on the distribution of smooth integers."
Pages 49–66 in
Number theory for the Millennium volume 1,
edited by Michael A. Bennett, Bruce C. Berndt, Nigel Boston, Harold G. Diamond, Adolf J. Hildebrand, Walter Philipp.
A. K. Peters, 2002.
ISBN 1-56881-126-8.
|
| cr.yp.to/papers.html#sf |
15pp |
2000.06.22 |
|
|
2002.09.23
[PDF]
[more]
|
Daniel J. Bernstein.
"How to find small factors of integers."
Now being revamped in light of smoothparts results.
|
| cr.yp.to/papers.html#pippenger |
21pp |
2001.12.18 |
|
|
2002.01.18
[PDF]
[more]
|
Daniel J. Bernstein.
"Pippenger's exponentiation algorithm."
To be incorporated into author's
High-speed cryptography book.
Error pointed out by Sam Hocevar: the example in Figure 4 needs 2 and is thus of length 18.
|
| cr.yp.to/papers.html#nonsquare |
3pp |
|
|
|
2001.12.20
[PDF]
[more]
|
Daniel J. Bernstein.
"Faster algorithms to find non-squares modulo worst-case integers."
|
| cr.yp.to/papers.html#sqroot |
10pp |
|
|
|
2001.11.23
[PDF]
[more]
|
Daniel J. Bernstein.
"Faster square roots in annoying finite fields."
To be incorporated into author's
High-speed cryptography book.
|
| cr.yp.to/papers.html#nfscircuit |
11pp |
|
|
|
2001.11.09
[PDF]
[more]
|
Daniel J. Bernstein.
"Circuits for integer factorization: a proposal."
Excerpted from DMS-0140542 grant proposal.
|
| cr.yp.to/papers.html#m3 |
19pp |
|
refereed |
|
2001.08.11
[PDF]
[more]
|
Daniel J. Bernstein.
"Multidigit multiplication for mathematicians."
Accepted to Advances in Applied Mathematics,
but withdrawn by author to prevent irreparable mangling by Academic Press.
|
| cr.yp.to/papers.html#sortedsums |
6pp |
1998.06.29 |
refereed |
printed |
2001.01
[PDF]
[more]
|
Daniel J. Bernstein.
"Enumerating solutions to p(a)+q(b)=r(c)+s(d)."
Mathematics of Computation 70 (2001), 389–394.
|
| cr.yp.to/papers.html#sigs |
11pp |
|
refereed |
|
2000.08.09
[PDF]
[more]
|
Daniel J. Bernstein.
"A secure public-key signature system with extremely fast verification."
Accepted to Journal of Cryptology,
but withdrawn to be incorporated into author's
High-speed cryptography book.
|
| cr.yp.to/papers.html#unipat |
6pp |
|
|
|
2000.08.06
[PDF]
[more]
|
Daniel J. Bernstein.
"A simple universal pattern-matching automaton."
|
| cr.yp.to/papers.html#hash127-abs |
2pp |
|
|
|
1999.04.04
[PDF]
[more]
|
Daniel J. Bernstein.
"Guaranteed message authentication faster than MD5 (abstract)."
|
| cr.yp.to/papers.html#stretch |
8pp |
|
refereed |
printed |
1999
[PDF]
[more]
|
Daniel J. Bernstein.
"How to stretch random functions: the security of protected counter sums."
Journal of Cryptology 12 (1999), 185–192.
|
| cr.yp.to/papers.html#compose |
3pp |
|
refereed |
printed |
1998.09
[PDF]
[more]
|
Daniel J. Bernstein.
"Composing power series over a finite ring in essentially linear time."
Journal of Symbolic Computation 26 (1998), 339–341.
|
| cr.yp.to/papers.html#psi-abs |
3pp |
|
refereed |
printed |
1998.07.01
[PDF]
[more]
|
Daniel J. Bernstein.
"Bounding smooth integers (extended abstract)."
Pages 128–130 in
Algorithmic number theory: third international symposium, ANTS-III, Portland, Oregon, USA, June 21–25, 1998, proceedings,
edited by Joe Buhler.
Lecture Notes in Computer Science 1423,
Springer, 1998.
ISBN 3-540-64657-4.
|
| cr.yp.to/papers.html#powers |
31pp |
1995.05 |
refereed |
printed |
1998.07
[PDF]
[more]
|
Daniel J. Bernstein.
"Detecting perfect powers in essentially linear time."
Mathematics of Computation 67 (1998), 1253–1283.
|
| cr.yp.to/papers.html#calculus |
12pp |
|
|
|
1997.04.03
[PDF]
[more]
|
Daniel J. Bernstein.
"Calculus for mathematicians."
|
| cr.yp.to/papers.html#3x1conjmap |
16pp |
|
refereed |
printed |
1996.11
[more]
|
Daniel J. Bernstein, Jeffrey C. Lagarias.
"The 3x+1 conjugacy map."
Canadian Journal of Mathematics 48 (1996), 1154–1169.
|
| cr.yp.to/papers.html#fastgcd |
|
|
|
|
1996.06.28
[more]
|
Daniel J. Bernstein.
"Kronecker matrices and polynomial GCDs."
Superseded by multapps.
|
| cr.yp.to/papers.html#fiall |
8pp |
|
refereed |
printed |
1996.06.01
[PDF]
[more]
|
Daniel J. Bernstein.
"Fast ideal arithmetic via lazy localization."
Pages 27–34 in
Algorithmic number theory: second international symposium, ANTS-II, Talence, France, May 18–23, 1996, proceedings,
edited by Henri Cohen.
Lecture Notes in Computer Science 1122,
Springer, 1996.
ISBN 3-540-61581-4.
|
| cr.yp.to/papers.html#mmecrt |
7pp |
|
|
printed |
1995.05
[PDF]
[more]
|
Daniel J. Bernstein.
"Multidigit modular multiplication with the Explicit Chinese Remainder Theorem."
Chapter 4, Ph.D. thesis,
University of California at Berkeley.
|
| cr.yp.to/papers.html#mlnfs |
5pp |
|
|
printed |
1995.05
[PDF]
[more]
|
Daniel J. Bernstein.
"The multiple-lattice number field sieve."
Chapter 3, Ph.D. thesis,
University of California at Berkeley.
|
| cr.yp.to/papers.html#epsi |
4pp |
|
|
printed |
1995.05
[PDF]
[more]
|
Daniel J. Bernstein.
"Enumerating and counting smooth integers."
Chapter 2, Ph.D. thesis,
University of California at Berkeley.
|
| cr.yp.to/papers.html#231 |
4pp |
|
refereed |
printed |
1994.02
[more]
|
Daniel J. Bernstein.
"A non-iterative 2-adic statement of the 3N+1 conjecture."
Proceedings of the American Mathematical Society 121 (1994), 405–408.
|
| cr.yp.to/papers.html#nfsi |
24pp |
|
|
printed |
1993.01
[more]
|
Daniel J. Bernstein, Arjen K. Lenstra.
"A general number field sieve implementation."
Pages 103–126 in
The development of the number field sieve,
edited by Arjen K. Lenstra, Hendrik W. Lenstra, Jr.
Lecture Notes in Mathematics 1554,
Springer, 1993.
ISBN 3-540-57013-6.
|
| cr.yp.to/papers.html#westinghouse |
21pp |
|
|
|
1987
[scanned]
[more]
|
Daniel J. Bernstein.
"New fast algorithms for pi and e."
Fifth-place paper for the nationwide 1987 Westinghouse Science Talent Search.
Distributed widely at the Ramanujan Centenary Conference.
|
| cr.yp.to/papers.html#dal |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"The ubiquitous dal function."
|
| cr.yp.to/papers.html#c3 |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"The complexity of complex convolution."
|
| cr.yp.to/papers.html#abc |
|
|
|
|
[more]
|
Daniel J. Bernstein, Bruce E. Kaskel.
"The ABC polygon."
|
| cr.yp.to/papers.html#surf |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"SURF: Simple Unpredictable Random Function."
|
| cr.yp.to/papers.html#senfs |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"Superelliptic integrals and the number-field sieve."
|
| cr.yp.to/papers.html#huptrie |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"Saving space and time in hash tries."
|
| cr.yp.to/papers.html#hblcs |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"Predicting a linear congruential sequence from its high bits."
|
| cr.yp.to/papers.html#mimd |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"Matrix inversion made difficult."
|
| cr.yp.to/papers.html#fastgraeffe |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"High-precision roots of high-degree polynomials."
|
| cr.yp.to/papers.html#gge |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"Generalized Gaussian elimination."
|
| cr.yp.to/papers.html#zmult |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"Faster multiplication of integers."
|
| cr.yp.to/papers.html#nistp224 |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"Fast point multiplication on the NIST P-224 elliptic curve."
To be incorporated into author's
High-speed cryptography book.
|
| cr.yp.to/papers.html#smoothdep |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"Estimating the dependence time for smooth integers."
|
| cr.yp.to/papers.html#decompress |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"Data decompression."
|
| cr.yp.to/papers.html#nfspoly |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"Controlling three coefficients in number-field-sieve polynomials."
|
| cr.yp.to/papers.html#rings |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"Commutative rings."
|
| cr.yp.to/papers.html#zeroseek |
|
|
|
|
[more]
|
Daniel J. Bernstein.
"A fast journaling filesystem."
|