# D. Bernstein

Author pages are created from data sourced from our academic publisher partnerships and public sources.

- Publications
- Influence

Curve25519: New Diffie-Hellman Speed Records

- D. Bernstein
- Computer Science
- Public Key Cryptography
- 24 April 2006

This paper explains the design and implementation of a high-security elliptic-curve-Diffie-Hellman function achieving record-setting speeds: e.g., 832457 Pentium III cycles (with several side… Expand

Cache-timing attacks on AES

- D. Bernstein
- Computer Science
- 2005

This paper demonstrates complete AES key recovery from known-plaintext timings of a network server on another computer. This attack should be blamed on the AES design, not on the particular AES… Expand

- 695
- 86

Twisted Edwards Curves

- D. Bernstein, P. Birkner, M. Joye, T. Lange, C. Peters
- Computer Science, Mathematics
- AFRICACRYPT
- 11 June 2008

This paper introduces "twisted Edwards curves," a generalization of the recently introduced Edwards curves; shows that twisted Edwards curves include more curves over finite fields, and in particular… Expand

High-speed high-security signatures

- D. Bernstein, N. Duif, T. Lange, P. Schwabe, B. Yang
- Computer Science, Psychology
- Journal of Cryptographic Engineering
- 14 August 2012

This paper shows that a $390 mass-market quad-core 2.4GHz Intel Westmere (Xeon E5620) CPU can create 109000 signatures per second and verify 71000 signatures per second on an elliptic curve at a 2128… Expand

Faster Addition and Doubling on Elliptic Curves

- D. Bernstein, T. Lange
- Computer Science, Mathematics
- ASIACRYPT
- 2 December 2007

Edwards recently introduced a new normal form for elliptic curves. Every elliptic curve over a non-binary field is birationally equivalent to a curve in Edwards form over an extension of the field,… Expand

The Salsa20 Family of Stream Ciphers

- D. Bernstein
- Computer Science
- The eSTREAM Finalists
- 1 April 2008

Salsa20 is a family of 256-bit stream ciphers designed in 2005 and submitted to eSTREAM, the ECRYPT Stream Cipher Project. Salsa20 has progressed to the third round of eSTREAM without any changes.… Expand

The Poly1305-AES Message-Authentication Code

- D. Bernstein
- Computer Science
- FSE
- 21 February 2005

Poly1305-AES is a state-of-the-art message-authentication code suitable for a wide variety of applications. Poly1305-AES computes a 16-byte authenticator of a variable-length message, using a 16-byte… Expand

Attacking and defending the McEliece cryptosystem

- D. Bernstein, T. Lange, C. Peters
- Mathematics, Computer Science
- IACR Cryptol. ePrint Arch.
- 17 October 2008

This paper presents several improvements to Stern's attack on the McEliece cryptosystem and achieves results considerably better than Canteaut et al. This paper shows that the system with the… Expand

SPHINCS: Practical Stateless Hash-Based Signatures

- D. Bernstein, Daira Hopwood, +5 authors Zooko Wilcox-O'Hearn
- Computer Science
- EUROCRYPT
- 26 April 2015

This paper introduces a high-security post-quantum stateless hash-based signature scheme that signs hundreds of messages per second on a modern 4-core 3.5GHz Intel CPU. Signatures are 41 KB, public… Expand

Binary Edwards Curves

- D. Bernstein, T. Lange, R. R. Farashahi
- Computer Science, Mathematics
- CHES
- 10 August 2008

This paper presents a new shape for ordinary elliptic curves over fields of characteristic 2. Using the new shape, this paper presents the first complete addition formulas for binary elliptic curves,… Expand