[Bet]

T. Beth, “Efficient Zero-Knowledge Identification Scheme for Smart Cards,” Proceedings of Eurocrypt’ 88, LNCS 330, Springer-Verlag, pp.77–86 (1988).

Google Scholar[BGMW]

E.F. Brickell, D.M. Gordon, K.S. McCurley, and D. Wilson, “Fast Exponentiation with Precomputation”, to appear in the Proceedings of Eurocrypt’ 92.

[BM1]

E.F. Brickell, and K.S. McCurley, “An Interactive Identification Scheme Based on Discrete Logarithms and Factoring,” Journal of Cryptology, Vol. 5, No. 1, pp.29–39 (1992).

MATHGoogle Scholar[BM2]

E.F. Brickell, and K.S. McCurley, “Interactive Identification and Digital Signatures,” AT&T Technical Journal, pp.73–86, November/December (1991).

[BMO1]

M. Bellare, S. Micali and R. Ostrovsky, “Perfect Zero-Knowledge in Constant Rounds,” Proceedings of STOC, pp.482–493 (1990).

[BMO2]

M. Bellare, S. Micali and R. Ostrovsky, “The (True) Complexity of Statistical Zero-Knowledge.” Proceedings of STOC, pp.494–502 (1990).

[Cha]

D. Chaum, “Security without Identification: Transaction Systems to Make Big Brother Obsolete,” Comm. of the ACM, 28,10, pp.1030–1044 (1985).

CrossRefGoogle Scholar[CD]

L. Chen, I. Damgård, “Security Bounds for Parallel Versions of Identification Protocols,” Manuscript (1992).

[FeS1]

U. Feige and A. Shamir, “Witness Indistinguishable and Witness Hiding Protocols,” Proceedings of STOC, pp.416–426 (1990).

[FeS2]

U. Feige and A. Shamir, “Zero Knowledge Proofs of Knowledge in Two Rounds,” Proceedings of Crypto’ 89, LNCS 435, Springer-Verlag, pp.526–544 (1990).

CrossRefGoogle Scholar[FFS]

U. Feige, A. Fiat and A. Shamir, “Zero Knowledge Proofs of Identity,” Proceedings of STOC, pp.210–217 (1987).

[FiS]

A. Fiat and A. Shamir, “How to Prove Yourself: Practical Solutions to Identification and Signature Problems”, Proceedings of CRYPTO’ 86, LNCS 263, Springer-Verlag, pp.186–194 (1987).

Google Scholar[GGM]

O. Goldreich, S. Goldwasser, and S. Micali, “How to Construct Random Functions,” Journal of the ACM, Vol. 33, No. 4 (1986).

[GK]

O. Goldreich and H. Krawczyk “On the Composition of Zero-Knowledge Proof Systems,” Proceedings of ICALP, LNCS 443, Springer-Verlag, pp.268–282 (1990).

Google Scholar[GMRa]

S. Goldwasser, S. Micali and C. Rackoff, “The Knowledge Complexity of Interactive Proofs,” SIAM J. Comput., 18,1, pp.186–208 (1989).

CrossRefMATHMathSciNetGoogle Scholar[GMRi]

S. Goldwasser, S. Micali and R. Rivest, “A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks,” SIAM J. Comput., 17,2, pp.281–308 (1988).

CrossRefMATHMathSciNetGoogle Scholar[GQ]

L.S. Guillou, and J.J. Quisquater, “A Practical Zero-Knowledge Protocol Fitted to Security Microprocessors Minimizing both Transmission and Memory,” Proceedings of Eurocrypt’ 88, LNCS 330, Springer-Verlag, pp.123–128 (1988).

Google Scholar[HMV]

G. Harper, A.J. Menezes, S.A. Vanstone, “Public-Key Cryptosystems with Very Small Key Length”, to appear in the Proceedings of Eurocrypt’ 92.

[Kob1]

N. Koblitz,

*A Course in Number Theory and Cryptography*, Berlin: Springer-Verlag, (1987).

MATHGoogle Scholar[Kob2]

N. Koblitz, “CM-Curves with Good Cryptographic Properties,” Proceedings of Crypto’ 91 (1992).

[Kun]

D.E. Knuth, *The Art of Computer Programming*, Vol. 2, 2nd Ed. Addison-Wesley (1981).

[Mil]

V. Miller, “Uses of Elliptic Curves in Cryptography,” Proceedings of Crypto’ 85, LNCS 218, Springer-Verlag, pp.417–426 (1986).

Google Scholar[Miy]

A. Miyaji, “On Ordinary Elliptic Curve Cryptosystems,” to appear in the Proceedings of Asiacrypt’ 91, LNCS, Springer-Verlag.

Google Scholar[Mon]

P.L. Montgomery, “Modular Multiplication without Trial Division,” Math. of Computation, Vol. 44, pp.519–521 (1985).

CrossRefMATHGoogle Scholar[MOV]

A.J. Menezes, T. Okamoto, S.A. Vanstone, “Reducing Elliptic Curve Logarithms to Logarithms in a Finite Field”, Proceedings of STOC, pp.80–89 (1991).

[OhO1]

K. Ohta, and T. Okamoto, “A Modification of the Fiat-Shamir Scheme,” Proceedings of Crypto’ 88, LNCS 403, Springer-Verlag, pp.232–243 (1990).

Google Scholar[OhO2]

K. Ohta, and T. Okamoto, “A Digital Multisignature Scheme Based on the Fiat-Shamir Scheme,” to appear in the Proceedings of Asiacrypt’ 91.

[Oka]

T. Okamoto, “A Single Public-Key Authentication Scheme for Multiple Users,”

*Systems and Computers in Japan*,

*18,10*, pp.14–24 (1987), Previous version, Technical Report of IECE Japan, IN83–92 (1984).

CrossRefMathSciNetGoogle Scholar[OkO]

T. Okamoto, and K. Ohta, “Divertible Zero-Knowledge Interactive Proofs and Commutative Random Self-Reducible.” Proceedings of Eurocrypt’ 89, LNCS 434, Springer-Verlag, pp.134–149 (1990).

Google Scholar[PH]

S.C. Pohlig, and M.E. Hellman, “An Improved Algorithm for Computing Logarithmsover GF (

*p*) and Its Cryptographic Significance,” IEEE Trans. Inform. Theory, 24, pp.106–110 (1978)

CrossRefMATHMathSciNetGoogle Scholar[RSA]

R. Rivest, A. Shamir and L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”, Communications of the ACM, Vol. 21, No. 2, pp.120–126 (1978).

CrossRefMATHMathSciNetGoogle Scholar[Sch]

C.P. Schnorr, “Efficient Signature Generation by Smart Cards,” Journal of Cryptology, Vol. 4, No. 3, pp.161–174 (1991).

CrossRefMATHMathSciNetGoogle Scholar[Sha]

A. Shamir, “Identity-Based Cryptosystems and Signature Scheme,” Proceedings of Crypto’ 84, LNCS 196. Springer-Verlag, pp.47–53 (1986).

Google Scholar[SI]

K. Sakurai, and T. Itoh, “On the Discrepancy between Serial and Parallel of Zero-Knowledge Protocols,” These proceedings.

[TW]

M. Tompa and H. Woll, “Random Self-Reducibility and Zero Knowledge Interactive Proofs of Possession of Information,” Proceedings of FOCS, pp.472–482 (1987).