1.

L. M. Adleman, A subexponential algorithm for the discrete logarithm problem with applications to cryptography, *Proc. 20th IEEE Found. Comp. Sci. Symp.* (1979), 55–60.

2.

L. M. Adleman, C. Pomerance and R. S. Rumely, On distinguishing prime numbers from composite numbers,

*Annals Math*.

*117* (1983), 173–206.

CrossRefMathSciNetGoogle Scholar3.

B. Arazi, Sequences constructed by operations modulo 2^{n}−1 or modulo 2^{n} and their application in evaluating the complexity of a log operation over *GF*(2^{n}), preprint.

4.

C. P. Arnold, M. I. Parr, and M. B. Dewe, An efficient parallel algorithm for the solution of large sparse linear matrix equations,

*IEEE Trans. on Computers*,

*C-32* (1983), 265–272.

CrossRefGoogle Scholar5.

E. Bach, Discrete logarithms and factoring, to be published.

6.

V. A. Barker, ed., *Sparse Matrix Techniques*, Lecture Notes in Mathematics #572, Springer-Verlag, 1977.

7.

E. R. Berlekamp, Factoring polynomials over large finite fields,

*Math. Comp. 24* (1970), 713–735.

CrossRefMathSciNetGoogle Scholar8.

I. F. Blake, R. Fuji-Hara, R. C. Mullin, and S. A. Vanstone, Computing logarithms in finite fields of characteristic two,

*SIAM J. Alg. Disc. Methods*,

*5* (1984), 276–285.

MATHMathSciNetCrossRefGoogle Scholar9.

M. Blum and S. Micali, How to generate cryptographically strong sequences of pseudo random bits, *SIAM J. Comp.*, to appear.

10.

A. Borodin and I. Munro, *The Computational Complexity of Algebraic and Numeric Problems*, American Elsevier, 1975.

11.

A. Brameller, R. N. Allan, and Y. M. Hamam, *Sparsity*, Pitman 1976.

12.

E. F. Brickell, A fast modular multiplication algorithm with applications to two key crytography, pp. 51–60 in *Advances in Cryptology: Proceedings of CRYPTO’ 82*, D. Chaum, R. Rivest, and A. Sherman, eds., Plenum Press, 1983.

13.

E. F. Brickell and J. H. Moore, Some remarks on the Herlestam-Johannesson algorithm for computing logarithms over *GF*(2^{n}), pp. 15–20, in *Advances in Cryptology: Proceedings of CRYPTO’ 82*, D. Chaum, R. Rivest and A. Sherman, eds., Plenum Press, 1983.

14.

J. Brillhart, D. H. Lehmer, J. L. Selfridge, B. Tuckerman, and S. S. Wagstaff, Jr., *Factorizations of b*
^{n} ± 1, *b* = 2, 3, 5, 6, 7, 10, 11, 12 *up to High Powers*, Am. Math. Society, 1983.

15.

N. G. de Bruijn, *Asymptotic Methods in Analysis*, North-Holland. 1958

16.

D. G. Cantor and H. Zassenhaus, A new algorithm for factoring polynomials over finite fields,

*Math. Comp. 36* (1981), 587–592.

MATHCrossRefMathSciNetGoogle Scholar17.

H. Cohen and H. W. Lenstra, Jr., Primality testing and Jacobi sums,

*Math. Comp.*,

*42* (1984), 297–330.

MATHCrossRefMathSciNetGoogle Scholar18.

D. Coppersmith, Evaluating logarithms in *GF*(2^{n}), pp. 201–207 in *Proc. 16th ACM Symp. Theory of Computing*, 1984.

19.

D. Coppersmith, Fast evaluation of logarithms in fields of characteristic two,

*IEEE Trans. Inform. Theory* IT-30 (1984), 587–594.

CrossRefMathSciNetGoogle Scholar20.

D. Coppersmith and A. M. Odlyzko, manuscript in preparation.

21.

D. Coppersmith and S. Winograd, On the asymptotic complexity of matrix multiplication,

*SIAM J. Comp. 11* (1982), 472–492.

MATHCrossRefMathSciNetGoogle Scholar22.

J. A. Davis, D. B. Holdridge, and G. J. Simmons, Status report on factoring (at the Sandia National Laboratories), to appear in Proc. EUROCRYPT 84.

23.

W. Diffie and M. E. Hellman, New directions in cryptography,

*IEEE Trans. Inform. Theory*, IT-22 (1976), 644–654.

CrossRefMathSciNetGoogle Scholar24.

W. Diffie and M. E. Hellman, Exhaustive cryptanalysis of the NBS Data Encryption Standard,

*Computer 10* (1977), 74–84.

CrossRefGoogle Scholar25.

T. ElGamal, A subexponential-time algorithm for computing discrete logarithms over *GF*(*p*
^{2}), *IEEE Trans. Inform. Theory*, to appear.

26.

T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithms, *IEEE Trans. Inform. Theory*, to appear.

27.

A. George and J. W.-H. Liu, *Computer Solution of Large Sparse Positive Definite Systems*, Prentice-Hall, 1981.

28.

S. Golomb, *Shift-register Sequences*, Holden-Day, 1967.

29.

F. G. Gustavson, Analysis of the Berlekamp-Massey feedback shift-register synthesis algorithm,

*IBM J. Res. Dev. 20* (1976), 204–212.

MATHMathSciNetCrossRefGoogle Scholar30.

M. E. Hellman and J. M. Reyneri, Fast computation of discrete logarithms in *GF*(*q*), pp. 3–13 in *Advances in Cryptography: Proceedings of CRYPTO’ 82*, D. Chaum, R. Rivest, and A. Sherman, eds., Plenum Press, 1983.

31.

D. Hensley, The number of positive integers ⩽ *x* and free of prime factors > *y*, preprint.

32.

T. Herlestam and R. Johannesson, On computing logarithms over

*GF*(2

^{p}),

*BIT 21* (1981), 326–334.

MATHCrossRefMathSciNetGoogle Scholar33.

M. R. Hestenes and E. Stiefel, Methods of conjugate gradients for solving linear systems,

*J. Res. Nat. Bureau of Standards 49* (1952), 409–436.

MATHMathSciNetGoogle Scholar34.

A. Hildebrand, On the number of positive integers ⩽ *x* and free of prime factors > *y*, to be published.

35.

J. Ja’ Ja’ and S. Venkatesan, On the complexity of a parity problem related to coding theory, Pennsylvania State Univ. Computer Sci. Report CS-81-5 (1981).

36.

D. E. Knuth, *The Art of Computer Programming*: *Vol. 2*, Seminumerical Algorithms, 2nd ed., Addison-Wesley 1981.

37.

A. G. Konheim, *Cryptography: A Primer*, Wiley, 19981.

38.

J. Kowalchuk, B. P. Schanning, and S. Powers, Communication privacy: Integration of public and secret key cryptography,

*NTC Conference Record*, Vol. 3, pp. 49.1.1–49.1.5, Dec. 1980.

Google Scholar39.

C. Lanczos, Solution of systems of linear equations by minimized iterations,

*J. Res. Nat. Bureau of Standards 49* (1952), 33–53.

MathSciNetGoogle Scholar40.

D. L. Long, Random equivalence of factorization and computation of orders, *Theoretical Comp. Sci.*, to appear.

41.

D. L. Long and A. Wigderson, How discreet is the discrete log?, pp. 413–420 in *Proc. 15-th ACM Symp. Theory of Computing*, 1983.

42.

F. J. MacWilliams and N. J. A. Sloane, *The Theory of Error-Correcting Codes*, North-Holland, 1977.

43.

H. Maier, On integers free of large prime divisors, to be published.

44.

J. L. Massey, Shift-register synthesis and BCH decoding,

*IEEE Trans. Inform. Theory IT-15* (1969), 122–127.

Google Scholar45.

J. L. Massey, Logarithms in finite cyclic groups — cryptographic issues, pp. 17–25 in *Proc. 4th Benelux Symp. on Inform. Theory*, Leuven, Belgium, May 1983.

46.

R. Merkle, Secrecy, authentication, and public key systems, Ph.D. dissertation, Dept. of Electrical Engineering, Stanford Univ., 1979.

47.

J. C. P. Miller, On factorization, with a suggested new approach,

*Math. Comp. 29* (1975), 155–172.

CrossRefMathSciNetGoogle Scholar48.

R. C. Mullin and S. A. Vanstone, manuscript in preparation.

49.

R. W. K. Odoni, V. Varadharajan, and P. W. Sanders, Public key distribution in matrix rings,

*Electronics Letters 20* (1984), 386–387.

CrossRefGoogle Scholar50.

H. Ong, C. P. Schnorr, and A. Shamir, An efficient signature scheme based on quadratic forms, pp. 208–216 in *Proc. 16th ACM Symp. Theory of Comp.*, 1984.

51.

S. C. Pohlig and M. Hellman, An improved algorithm for computing logarithms over

*GF*(

*p*) and its cryptographic significance,

*IEEE Trans. Inform. Theory* IT-24 (1978), 106–110.

CrossRefMathSciNetGoogle Scholar52.

J. Pollard, Monte Carlo methods for index computations (mod

*p*),

*Math. Comp. 32* (1978), 918–924.

MATHCrossRefMathSciNetGoogle Scholar53.

C. Pomerance, Analysis and comparison of some integer factoring algorithms, pp. 89–139 in *Computational Methods in Number Theory: Part 1*, H. W. Lenstra, Jr., and R. Tijdeman, eds., Math. Centre Tract 154, Math. Centre Amsterdam, 1982.

54.

G. B. Purdy, A high security log-in procedure,

*Comm. ACM 17* (1974), 442–445.

CrossRefMathSciNetGoogle Scholar55.

M. O. Rabin, Probabilistic algorithms in finite fields,

*SIAM J. Comp. 9* (1980), 273–280.

MATHCrossRefMathSciNetGoogle Scholar56.

J. A. Reeds and N. J. A. Sloane, Shift-register synthesis (modulo *m*), *SIAM J. Comp.*, to appear.

57.

J. E. Sachs and S. Berkovits, Probabilistic analysis and performance modelling of the “Swedish” algorithm and modifications, to be published.

58.

J. Sattler and C. P. Schnorr, Generating random walks in groups, preprint.

59.

B. P. Schanning, Data encryption with public key distribution, *EASCON Conf. Rec.*, Washington, D.C., Oct. 1979, pp. 653–660.

60.

C. P. Schnorr and H. W. Lenstra, Jr., A Monte Carlo factoring algorithm with linear storage,

*Math. Comp. 43* (1984), 289–311.

MATHCrossRefMathSciNetGoogle Scholar61.

R. Schreiber, A new implementation of sparse gaussian elimination,

*ACM Trans. Math. Software 8* (1982), 256–276.

MATHCrossRefMathSciNetGoogle Scholar62.

J. W. Smith and S. S. Wagstaff, Jr., An extended precision operand computer, pp. 209–216 in *Proc. 21st Southeast Region. ACM Conference*, 1983.

63.

P. K. S. Wah and M. Z. Wang, Realization and application of the Massey-Omura lock, pp. 175–182 in *Proc. Intern. Zurich Seminar*, March 6–8, 1984.

64.

A. L. Wells, Jr., A polynomial form for logarithms modulo a prime, *IEEE Trans. Inform. Theory*, to appear.

65.

A. E. Western and J. C. P. Miller, *Tables of Indices and Primitive Roots*, Royal Society Mathematical Tables, vol. 9, Cambridge Univ. Press, 1968.

66.

D. Wiedemann, Solving sparse linear equations over finite fields, manuscript in preparation.

67.

R. M. Willett, Finding logarithms over large finite fields, in preparation.

68.

H. C. Williams and B. Schmid, Some remarks concerning the M.I.T. public-key system,

*BIT 19* (1979), 525–538.

MATHCrossRefMathSciNetGoogle Scholar69.

K. Yiu and K. Peterson, A single-chip VLSI implementation of the discrete exponential public key distribution system, *Proc. GLOBCOM-82*, IEEE 1982, pp. 173–179.

70.

N. Zierler, A conversion algorithm for logarithms on

*GF*(2

^{n}),

*J. Pure Appl. Algebra 4* (1974), 353–356.

CrossRefMathSciNetMATHGoogle Scholar71.

N. Zierler and J. Brillhart, On primitive trinomials (mod 2),

*Inform. Control 13* (1968), 541–554.

MATHCrossRefMathSciNetGoogle Scholar72.

N. Zierler and J. Brillhart, On primitive trinomials (mod 2), II.,

*Inform. Control 14* (1969), 566–569.

MATHCrossRefMathSciNetGoogle Scholar