We show how to realize two-factor authentication for a Bitcoin wallet. To do so, we explain how to employ an ECDSA adaption of the two-party signature protocol by MacKenzie and Reiter (Int J Infâ€¦ (More)

We use two parametrizations of points on elliptic curves in generalized Edwards form x + y = c(1 + dxy) that omit the xcoordinate. The first parametrization leads to a differential addition formulaâ€¦ (More)

The key-generation algorithm for the RSA cryptosystem is specified in several standards, such as PKCS#1, IEEE 1363-2000, FIPS 186-3, ANSI X9.44, or ISO/IEC 18033-2. All of them substantially differâ€¦ (More)

We use the specific structure of the inputs to the cofactorization step in the general number field sieve (GNFS) in order to optimize the runtime for the cofactorization step on a hardware cluster.â€¦ (More)

The key-generation algorithm for the RSA cryptosystem is specified in several standards, such as PKCS#1, IEEE 1363-2000, FIPS 186-3, ANSI X9.44, or ISO/IEC 18033-2. All of them substantially differâ€¦ (More)

Probabilistic compositeness tests are of great practical importance in cryptography. Besides prominent tests (like the well-known Miller-Rabin test), there are tests that use Lucas-sequences forâ€¦ (More)

We propose a family of 6-to-4-bit S-boxes with linear branch number 3. Since they also fulfill various further desirable properties such S-boxes can serve as a building block for various blockâ€¦ (More)

We count ]B,C]-grained, k-factor integers which are simultaneously B-rough and C-smooth and have a fixed number k of prime factors. Our aim is to exploit explicit versions of the prime number theoremâ€¦ (More)