[1] Brown, D. R. L., The exact security of ECDSA, preprint, 2000.
[2] Demytko, N., A new elliptic curve based analogue of RSA, In: Tor Helleseth (ed.), Advances
in Cryptology-Eurocrypt, 93, Lofthus, Norway, Springer-Verlag, 40–49, 1994.
[3] Diffie, W., Hellman, M., New directions in cryptography, IEEE Transactions on Information
Theory, 22 (1976), no.6, 644–654.
[4] ElGamal, T., A public-key cryptosystem and a signature scheme based on the discrete logarithm,
IEEE Transactions of Information Theory, 31 (1985), no. 4, 469–472.
[5] El Mahassni, E., Nguyen, P. Q., Shparlinski, I. E., The insecuriry of Nyberg-Rueppel and other
DSA-like signature schemes with partially known nonces, Workshop on Lattices and Cryptography, Boston, MA., 2001.
[6] Frey, G., Muller, M., Ruck, G. H., The Tate pairing and discrete logarithm applied to elliptic
curve cryptosystems, IEEE Trans. Inform. Theory, 45 (1998), 1717–1719.
[7] Imai, H., Zheng, Y., Efficient signcryption schemes on elliptic curves, IFIP/SEC 98, the 14th
Interantional Information Security conference, Vienna and Budapest, 1998.
[8] Joye, M., Quisquater, J. J., Takagi, T., How to choose secret parameters for RSA-type cryptosystems over elliptic curves, Technical Report TI-35/97, Technische Universitat Darmstadt,
1997.
[9] Koblitz, N., Elliptic curve cryptosystems, Mathematics of Computation, 48 (1987), 203–209.
[10] Koblitz, N., Hyperelliptic cryptosystems, Journal of Cryptology, 1 (1989), 139–150.
[11] Koyama, K., Kuwakado, K., Security of RSA-type cryptosystems over elliptic curves against
the Hastad attack, Electronics Letters, 30 (1994), no.22, 1834–1844.
[12] Koyama, K., Fast RSA-type schemes based on singular cubic curves y^2+axy = x ٣
(mod n),
In: Saint-Malo, France, Louis C. Guillou & Jean-Jacques Quisquater (eds.), Advances in
Cryptology-Eurocrypt 95, Springer-Verlag, 329–340, 1995.
[13] Kurosawa, K., Okada, K., Tsujii, S., Low exponent attack against elliptic curve RSA, LNCS
917, Advances in Cryptology-Asiacrypt, 94 (1995), 376–383.
[14] Law, L., Menezes, A. J., Qu, M., Solinas, J., Vanstone, S. A., An efficient protocol for authenticated key agreement, Technical Report CORR 98–05, University of Waterloo, Ontario,
Canada, March, 1998.
[15] Massey, J. L., Omura, J. K., Method and apparatus for maintaining the privacy of digital messages conveyed by public transmission, U.S. Patent, 4 (1986), 567–600.
[16] Menezes, A. J., Qu, M., Vanstone, S. A., Some new key agreement protocols providing mutual
implicit authentication, Selected Areas in Cryptology-SAC., 95, 22–32.
[17] Miller, V. S., Uses of elliptic curves in cryptography, In: Hugh C. Williams (ed.), Advances
in Cryptology-CRYPTO, 85 (218), Lecture Notes in Computer Science, Berlin, 417–426, 1986.
[18] National Institute of Standards and Technology (NIST), Secure hash standard. Federal Information Processing Standard, FIPS-180-1, 1995.
[19] National Institute of Standards and Technology (NIST), Announcing Request for Candidate
Algorithm Nominations for a New Cryptographic Hash Algorithm (SHA-3) Family. Federal
Register, 27(212): 62212–62220, 2007.
[20] Nyberg, K., Rueppel, R. A., Message recovery for signature schemes based on discrete logarithm problem, Designs, Codes and Cryptography, 7 (1996), 61–81.
[21] Rabin, M. O., Digitalized Signatures and Public Key Functions as Intractable as Factorisation,
Massachusetts Institute of Technology, 1979.
[22] Rivest, R. L., Shamir, A., Adleman, L., A Method for Obtaining Digital Signatures and PublicKey Cryptosystems, Communications of the ACM., 21 (1978), no.2, 120–126.
[23] Rubin, K., Silverberg, A., Torus-based cryptography, In: Dan Boneh (ed.), Advances in
Cryptology-CRYPTO, 3(2729) of Lecture Notes in Computer Science, Springer-Verlag, 349–
365, 2003.
[24] Silverman, J. H., The Arithmetic of Elliptic Curves, Graduate Texts in Mathematics 106,
Springer-Verlag, New York, 1986.
[25] Smart, N., The discrete logarithm problem on elliptic curves of trace one, HP-LABS Technical
Report (Number HPL-97-128), preprint, 1997.
[26] Waterhouse, E., Abelian varieties over finite fields, Ann. Sci., Ecole Normale Superieure, 2
(1969), 521–560.
[27] Zheng, Y., Shortened digital signature, signcryption and compact and unforgeable key agreement schemes, submitted to IEEE P1363a-Standard Specifications for Public-Key Cryptography: Additional techniques, 1998.