11. Références

11.1. Références normatives

• [Err4730] RFC Errata, "Erratum ID 4730", RFC 7748, juillet 2016, https://www.rfc-editor.org/errata/eid4730.
• [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, mars 1997, https://www.rfc-editor.org/info/rfc2119.
• [RFC7748] Langley, A., Hamburg, M., et S. Turner, "Elliptic Curves for Security", RFC 7748, DOI 10.17487/RFC7748, janvier 2016, https://www.rfc-editor.org/info/rfc7748.
• [RFC8017] Moriarty, K., Ed., Kaliski, B., Jonsson, J., et A. Rusch, "PKCS #1: RSA Cryptography Specifications Version 2.2", RFC 8017, DOI 10.17487/RFC8017, novembre 2016, https://www.rfc-editor.org/info/rfc8017.
• [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, mai 2017, https://www.rfc-editor.org/info/rfc8174.

11.2. Références informatives

• [AFQTZ14] Aranha, D. F., Fouque, P.-A., Qian, C., Tibouchi, M., et J. C. Zapalowicz, "Binary Elligator Squared", In Selected Areas in Cryptography - SAC 2014, pages 20-37, DOI 10.1007/978-3-319-13051-4_2, novembre 2014, https://doi.org/10.1007/978-3-319-13051-4_2.
• [AR13] Adj, G. et F. Rodríguez-Henríquez, "Square Root Computation over Even Extension Fields", In IEEE Transactions on Computers. vol 63 issue 11, pages 2829-2841, DOI 10.1109/TC.2013.145, novembre 2014, https://doi.org/10.1109/TC.2013.145.
• [BBJLP08] Bernstein, D. J., Birkner, P., Joye, M., Lange, T., et C. Peters, "Twisted Edwards Curves", In AFRICACRYPT 2008, pages 389-405, DOI 10.1007/978-3-540-68164-9_26, juin 2008, https://doi.org/10.1007/978-3-540-68164-9_26.
• [BCIMRT10] Brier, E., Coron, J.-S., Icart, T., Madore, D., Randriam, H., et M. Tibouchi, "Efficient Indifferentiable Hashing into Ordinary Elliptic Curves", In Advances in Cryptology - CRYPTO 2010, pages 237-254, DOI 10.1007/978-3-642-14623-7_13, août 2010, https://doi.org/10.1007/978-3-642-14623-7_13.
• [BDPV08] Bertoni, G., Daemen, J., Peeters, M., et G. Van Assche, "On the Indifferentiability of the Sponge Construction", In Advances in Cryptology - EUROCRYPT 2008, pages 181-197, DOI 10.1007/978-3-540-78967-3_11, avril 2008, https://doi.org/10.1007/978-3-540-78967-3_11.
• [BF01] Boneh, D. et M. Franklin, "Identity-Based Encryption from the Weil Pairing", In Advances in Cryptology - CRYPTO 2001, pages 213-229, DOI 10.1007/3-540-44647-8_13, août 2001, https://doi.org/10.1007/3-540-44647-8_13.
• [BHKL13] Bernstein, D. J., Hamburg, M., Krasnova, A., et T. Lange, "Elligator: elliptic-curve points indistinguishable from uniform random strings", In Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pages 967-980, DOI 10.1145/2508859.2516734, novembre 2013, https://doi.org/10.1145/2508859.2516734.
• [BLAKE2X] Aumasson, J.-P., Neves, S., Wilcox-O'Hearn, Z., et C. Winnerlein, "BLAKE2X", décembre 2016, https://blake2.net/blake2x.pdf.
• [BLMP19] Bernstein, D. J., Lange, T., Martindale, C., et L. Panny, "Quantum Circuits for the CSIDH: Optimizing Quantum Evaluation of Isogenies", In Advances in Cryptology - EUROCRYPT 2019, pages 409-441, DOI 10.1007/978-3-030-17656-3, mai 2019, https://doi.org/10.1007/978-3-030-17656-3_15.
• [BLS-SIG] Boneh, D., Gorbunov, S., Wahby, R. S., Wee, H., Wood, C. A., et Z. Zhang, "BLS Signatures", Work in Progress, Internet-Draft, draft-irtf-cfrg-bls-signature-05, 16 juin 2022, https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-bls-signature-05.
• [BLS01] Boneh, D., Lynn, B., et H. Shacham, "Short Signatures from the Weil Pairing", In Journal of Cryptology, vol 17, pages 297-319, DOI 10.1007/s00145-004-0314-9, juillet 2004, https://doi.org/10.1007/s00145-004-0314-9.
• [BLS03] Barreto, P. S. L. M., Lynn, B., et M. Scott, "Constructing Elliptic Curves with Prescribed Embedding Degrees", In Security in Communication Networks, pages 257-267, DOI 10.1007/3-540-36413-7_19, septembre 2002, https://doi.org/10.1007/3-540-36413-7_19.
• [BLS12-381] Bowe, S., "BLS12-381: New zk-SNARK Elliptic Curve Construction", mars 2017, https://electriccoin.co/blog/new-snark-curve/.
• [BM92] Bellovin, S. M. et M. Merritt, "Encrypted key exchange: password-based protocols secure against dictionary attacks", In IEEE Symposium on Security and Privacy - Oakland 1992, pages 72-84, DOI 10.1109/RISP.1992.213269, mai 1992, https://doi.org/10.1109/RISP.1992.213269.
• [BMP00] Boyko, V., MacKenzie, P., et S. Patel, "Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman", In Advances in Cryptology - EUROCRYPT 2000, pages 156-171, DOI 10.1007/3-540-45539-6_12, mai 2000, https://doi.org/10.1007/3-540-45539-6_12.
• [BN05] Barreto, P. S. L. M. et M. Naehrig, "Pairing-Friendly Elliptic Curves of Prime Order", In Selected Areas in Cryptography 2005, pages 319-331, DOI 10.1007/11693383_22, 2006, https://doi.org/10.1007/11693383_22.
• [BP17] Budroni, A. et F. Pintore, "Efficient hash maps to \mathbb{G}_2 on BLS curves", Cryptology ePrint Archive, Paper 2017/419, mai 2017, https://eprint.iacr.org/2017/419.
• [BR93] Bellare, M. et P. Rogaway, "Random oracles are practical: a paradigm for designing efficient protocols", In Proceedings of the 1993 ACM Conference on Computer and Communications Security, pages 62-73, DOI 10.1145/168588.168596, décembre 1993, https://doi.org/10.1145/168588.168596.
• [C93] Cohen, H., "A Course in Computational Algebraic Number Theory", Springer-Verlag, ISBN 9783642081422, DOI 10.1007/978-3-662-02945-9, 1993, https://doi.org/10.1007/978-3-662-02945-9.
• [CDMP05] Coron, J.-S., Dodis, Y., Malinaud, C., et P. Puniya, "Merkle-Damgård Revisited: How to Construct a Hash Function", In Advances in Cryptology -- CRYPTO 2005, pages 430-448, DOI 10.1007/11535218_26, août 2005, https://doi.org/10.1007/11535218_26.
• [CFADLNV05] Cohen, H., Frey, G., Avanzi, R., Doche, C., Lange, T., Nguyen, K., et F. Vercauteren, "Handbook of Elliptic and Hyperelliptic Curve Cryptography", Chapman and Hall / CRC, ISBN 9781584885184, 2005, https://www.crcpress.com/9781584885184.
• [CK11] Couveignes, J.-M. et J.-G. Kammerer, "The geometry of flex tangents to a cubic curve and its parameterizations", In Journal of Symbolic Computation, vol 47 issue 3, pages 266-281, DOI 10.1016/j.jsc.2011.11.003, mars 2012, https://doi.org/10.1016/j.jsc.2011.11.003.
• [F11] Farashahi, R. R., "Hashing into Hessian Curves", In AFRICACRYPT 2011, pages 278-289, DOI 10.1007/978-3-642-21969-6_17, juillet 2011, https://doi.org/10.1007/978-3-642-21969-6_17.
• [FFSTV13] Farashahi, R. R., Fouque, P.-A., Shparlinski, I. E., Tibouchi, M., et J. F. Voloch, "Indifferentiable deterministic hashing to elliptic and hyperelliptic curves", In Mathematics of Computation. vol 82, pages 491-512, DOI 10.1090/S0025-5718-2012-02606-8, 2013, https://doi.org/10.1090/S0025-5718-2012-02606-8.
• [FIPS180-4] National Institute of Standards and Technology (NIST), "Secure Hash Standard (SHS)", FIPS 180-4, DOI 10.6028/NIST.FIPS.180-4, août 2015, https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf.
• [FIPS186-4] National Institute of Standards and Technology (NIST), "Digital Signature Standard (DSS)", FIPS 186-4, DOI 10.6028/NIST.FIPS.186-4, juillet 2013, https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf.
• [FIPS202] National Institute of Standards and Technology (NIST), "SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions", FIPS 202, DOI 10.6028/NIST.FIPS.202, août 2015, https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf.
• [FJT13] Fouque, P.-A., Joux, A., et M. Tibouchi, "Injective Encodings to Elliptic Curves", In ACISP 2013, pages 203-218, DOI 10.1007/978-3-642-39059-3_14, 2013, https://doi.org/10.1007/978-3-642-39059-3_14.
• [FKR11] Fuentes-Castañeda, L., Knapp, E., et F. Rodriguez-Henriquez, "Faster Hashing to G2", In Selected Areas in Cryptography, pages 412-430, DOI 10.1007/978-3-642-28496-0_25, août 2011, https://doi.org/10.1007/978-3-642-28496-0_25.
• [FSV09] Farashahi, R. R., Shparlinski, I. E., et J. F. Voloch, "On hashing into elliptic curves", In Journal of Mathematical Cryptology, vol 3 no 4, pages 353-360, DOI 10.1515/JMC.2009.022, mars 2009, https://doi.org/10.1515/JMC.2009.022.
• [FT10] Fouque, P.-A. et M. Tibouchi, "Estimating the Size of the Image of Deterministic Hash Functions to Elliptic Curves", In Progress in Cryptology - LATINCRYPT 2010, pages 81-91, DOI 10.1007/978-3-642-14712-8_5, août 2010, https://doi.org/10.1007/978-3-642-14712-8_5.
• [FT12] Fouque, P.-A. et M. Tibouchi, "Indifferentiable Hashing to Barreto--Naehrig Curves", In Progress in Cryptology - LATINCRYPT 2012, pages 1-17, DOI 10.1007/978-3-642-33481-8_1, 2012, https://doi.org/10.1007/978-3-642-33481-8_1.
• [H20] Hamburg, M., "Indifferentiable hashing from Elligator 2", Cryptology ePrint Archive, Paper 2020/1513, 2020, https://eprint.iacr.org/2020/1513.
• [hash2curve-repo] "Hashing to Elliptic Curves", commit 664b135, juin 2022, https://github.com/cfrg/draft-irtf-cfrg-hash-to-curve.
• [Icart09] Icart, T., "How to Hash into Elliptic Curves", In Advances in Cryptology - CRYPTO 2009, pages 303-316, DOI 10.1007/978-3-642-03356-8_18, août 2009, https://doi.org/10.1007/978-3-642-03356-8_18.
• [J96] Jablon, D. P., "Strong password-only authenticated key exchange", In SIGCOMM Computer Communication Review, vol 26 issue 5, pages 5-26, DOI 10.1145/242896.242897, octobre 1996, https://doi.org/10.1145/242896.242897.
• [jubjub-fq] "zkcrypto/jubjub - fq.rs", 2019, https://github.com/zkcrypto/jubjub/pull/18.
• [KLR10] Kammerer, J.-G., Lercier, R., et G. Renault, "Encoding Points on Hyperelliptic Curves over Finite Fields in Deterministic Polynomial Time", In Pairing-Based Cryptography - Pairing 2010, pages 278-297, DOI 10.1007/978-3-642-17455-1_18, 2010, https://doi.org/10.1007/978-3-642-17455-1_18.
• [L13] Langley, A., "Implementing Elligator for Curve25519", décembre 2013, https://www.imperialviolet.org/2013/12/25/elligator.html.
• [LBB19] Lipp, B., Blanchet, B., et K. Bhargavan, "A Mechanised Cryptographic Proof of the WireGuard Virtual Private Network Protocol", In INRIA Research Report 9269, avril 2019, https://hal.inria.fr/hal-02100345/.
• [MOV96] Menezes, A. J., van Oorschot, P. C., et S. A. Vanstone, "Handbook of Applied Cryptography", CRC Press, ISBN 9780849385230, octobre 1996, http://cacr.uwaterloo.ca/hac/.
• [MRH04] Maurer, U., Renner, R., et C. Holenstein, "Indifferentiability, Impossibility Results on Reductions, and Applications to the Random Oracle Methodology", In TCC 2004: Theory of Cryptography, pages 21-39, DOI 10.1007/978-3-540-24638-1_2, février 2004, https://doi.org/10.1007/978-3-540-24638-1_2.
• [MRV99] Micali, S., Rabin, M., et S. Vadhan, "Verifiable random functions", 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039), pages 120-130, DOI 10.1109/SFFCS.1999.814584, octobre 1999, https://doi.org/10.1109/SFFCS.1999.814584.
• [MT98] Matsumoto, M. et T. Nishimura, "Mersenne twister: A 623-dimensionally equidistributed uniform pseudo-random number generator", In ACM Transactions on Modeling and Computer Simulation (TOMACS), vol 8 issue 1, pages 3-30, DOI 10.1145/272991.272995, janvier 1998, https://doi.org/10.1145/272991.272995.
• [NR97] Naor, M. et O. Reingold, "Number-theoretic constructions of efficient pseudo-random functions", In Proceedings 38th Annual Symposium on Foundations of Computer Science, pages 458-467, DOI 10.1109/SFCS.1997.646134, octobre 1997, https://doi.org/10.1109/SFCS.1997.646134.
• [OPRFs] Davidson, A., Faz-Hernandez, A., Sullivan, N., et C. A. Wood, "Oblivious Pseudorandom Functions (OPRFs) using Prime-Order Groups", Work in Progress, Internet-Draft, draft-irtf-cfrg-voprf-21, 21 février 2023, https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-voprf-21.
• [p1363.2] IEEE, "IEEE Standard Specification for Password-Based Public-Key Cryptography Techniques", IEEE 1363.2-2008, septembre 2008, https://standards.ieee.org/standard/1363_2-2008.html.
• [p1363a] IEEE, "IEEE Standard Specifications for Public-Key Cryptography - Amendment 1: Additional Techniques", IEEE 1363a-2004, mars 2004, https://standards.ieee.org/standard/1363a-2004.html.
• [P20] Pornin, T., "Efficient Elliptic Curve Operations On Microcontrollers With Finite Field Extensions", Cryptology ePrint Archive, Paper 2020/009, 2020, https://eprint.iacr.org/2020/009.
• [RCB16] Renes, J., Costello, C., et L. Batina, "Complete Addition Formulas for Prime Order Elliptic Curves", In Advances in Cryptology - EUROCRYPT 2016, pages 403-428, DOI 10.1007/978-3-662-49890-3_16, avril 2016, https://doi.org/10.1007/978-3-662-49890-3_16.
• [RFC2104] Krawczyk, H., Bellare, M., et R. Canetti, "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, DOI 10.17487/RFC2104, février 1997, https://www.rfc-editor.org/info/rfc2104.
• [RFC5869] Krawczyk, H. et P. Eronen, "HMAC-based Extract-and-Expand Key Derivation Function (HKDF)", RFC 5869, DOI 10.17487/RFC5869, mai 2010, https://www.rfc-editor.org/info/rfc5869.
• [RFC7693] Saarinen, M., Ed. et J. Aumasson, "The BLAKE2 Cryptographic Hash and Message Authentication Code (MAC)", RFC 7693, DOI 10.17487/RFC7693, novembre 2015, https://www.rfc-editor.org/info/rfc7693.
• [RFC7914] Percival, C. et S. Josefsson, "The scrypt Password-Based Key Derivation Function", RFC 7914, DOI 10.17487/RFC7914, août 2016, https://www.rfc-editor.org/info/rfc7914.
• [RFC8018] Moriarty, K., Ed., Kaliski, B., et A. Rusch, "PKCS #5: Password-Based Cryptography Specification Version 2.1", RFC 8018, DOI 10.17487/RFC8018, janvier 2017, https://www.rfc-editor.org/info/rfc8018.
• [RFC9106] Biryukov, A., Dinu, D., Khovratovich, D., et S. Josefsson, "Argon2 Memory-Hard Function for Password Hashing and Proof-of-Work Applications", RFC 9106, DOI 10.17487/RFC9106, septembre 2021, https://www.rfc-editor.org/info/rfc9106.
• [ristretto255-decaf448] de Valence, H., Grigg, J., Hamburg, M., Lovecruft, I., Tankersley, G., et F. Valsorda, "The ristretto255 and decaf448 Groups", Work in Progress, Internet-Draft, draft-irtf-cfrg-ristretto255-decaf448-07, 3 avril 2023, https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-ristretto255-decaf448-07.
• [RSS11] Ristenpart, T., Shacham, H., et T. Shrimpton, "Careful with Composition: Limitations of the Indifferentiability Framework", In Advances in Cryptology - EUROCRYPT 2011, pages 487-506, DOI 10.1007/978-3-642-20465-4_27, mai 2011, https://doi.org/10.1007/978-3-642-20465-4_27.
• [S05] Skałba, M., "Points on elliptic curves over finite fields", In Acta Arithmetica, vol 117 no 3, pages 293-301, DOI 10.4064/aa117-3-7, 2005, https://doi.org/10.4064/aa117-3-7.
• [S85] Schoof, R., "Elliptic curves over finite fields and the computation of square roots mod p", In Mathematics of Computation, vol 44 issue 170, pages 483-494, DOI 10.1090/S0025-5718-1985-0777280-6, avril 1985, https://doi.org/10.1090/S0025-5718-1985-0777280-6.
• [SAGE] The Sage Developers, "SageMath, the Sage Mathematics Software System", https://www.sagemath.org.
• [SBCDK09] Scott, M., Benger, N., Charlemagne, M., Dominguez Perez, L. J., et E. J. Kachisa, "Fast Hashing to G2 on Pairing-Friendly Curves", In Pairing-Based Cryptography - Pairing 2009, pages 102-113, DOI 10.1007/978-3-642-03298-1_8, août 2009, https://doi.org/10.1007/978-3-642-03298-1_8.
• [SEC1] Standards for Efficient Cryptography Group (SECG), "SEC 1: Elliptic Curve Cryptography", mai 2009, http://www.secg.org/sec1-v2.pdf.
• [SEC2] Standards for Efficient Cryptography Group (SECG), "SEC 2: Recommended Elliptic Curve Domain Parameters", janvier 2010, http://www.secg.org/sec2-v2.pdf.
• [SS04] Schinzel, A. et M. Skałba, "On equations y^2 = x^n + k in a finite field", In Bulletin Polish Academy of Sciences. Mathematics, vol 52 no 3, pages 223-226, DOI 10.4064/ba52-3-1, 2004, https://doi.org/10.4064/ba52-3-1.
• [SW06] Shallue, A. et C. E. van de Woestijne, "Construction of Rational Points on Elliptic Curves over Finite Fields", In Algorithmic Number Theory - ANTS 2006, pages 510-524, DOI 10.1007/11792086_36, juillet 2006, https://doi.org/10.1007/11792086_36.
• [T14] Tibouchi, M., "Elligator Squared: Uniform Points on Elliptic Curves of Prime Order as Uniform Random Strings", In Financial Cryptography and Data Security - FC 2014, pages 139-156, DOI 10.1007/978-3-662-45472-5_10, novembre 2014, https://doi.org/10.1007/978-3-662-45472-5_10.
• [TK17] Tibouchi, M. et T. Kim, "Improved elliptic curve hashing and point representation", In Designs, Codes, and Cryptography, vol 82, pages 161-177, DOI 10.1007/s10623-016-0288-2, janvier 2017, https://doi.org/10.1007/s10623-016-0288-2.
• [U07] Ulas, M., "Rational Points on Certain Hyperelliptic Curves over Finite Fields", In Bulletin Polish Academy of Science. Mathematics, vol 55 no 2, pages 97-104, DOI 10.4064/ba55-2-1, juillet 2007, https://doi.org/10.4064/ba55-2-1.
• [VR20] Vanhoef, M. et E. Ronen, "Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd", In IEEE Symposium on Security & Privacy (SP), mai 2020, https://eprint.iacr.org/2019/383.
• [VRF] Goldberg, S., Reyzin, L., Papadopoulos, D., et J. Včelák, "Verifiable Random Functions (VRFs)", Work in Progress, Internet-Draft, draft-irtf-cfrg-vrf-15, 9 août 2022, https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-15.
• [W08] Washington, L. C., "Elliptic Curves: Number Theory and Cryptography, Second Edition", Chapman and Hall / CRC, ISBN 9781420071467, avril 2008, https://www.crcpress.com/9781420071467.
• [W19] Wahby, R. S., "An explicit, generic parameterization for the Shallue--van de Woestijne map", commit e2a625f, mars 2020, https://github.com/cfrg/draft-irtf-cfrg-hash-to-curve/blob/draft-irtf-cfrg-hash-to-curve-14/doc/svdw_params.pdf.
• [WB19] Wahby, R. S. et D. Boneh, "Fast and simple constant-time hashing to the BLS12-381 elliptic curve", In IACR Transactions on Cryptographic Hardware and Embedded Systems, vol 2019 issue 4, Cryptology ePrint Archive, Paper 2019/403, DOI 10.13154/tches.v2019.i4.154-179, août 2019, https://eprint.iacr.org/2019/403.