We present a polynomial-time algorithm that provably recovers the signer's secret DSA key when a few consecutive bits of the random nonces k (used at each signature generation) are known for a number of DSA signatures at most linear in log q, under a reasonable assumption on the hash function used in DSA.Expand

Nguyen and Shparlinski have recently presented a polynomial-time algorithm that provably recovers the signer's secret DSA key when a few consecutive bits of the random nonces k (used at each signature generation) are known for a number of DSA signatures at most linear in log q.Expand

The means for simultaneous scouring of metal surfaces contains a waste product in manufacture of fodder yeast, citric acid, ammonium citrate, aqueous solution of sodium gluconate, sulphonated ricinic… Expand

A study of certain Hamiltonian systems has lead Y. Long to conjecture the existence of infinitely many primes of the form $p=2[\alpha n]+1$, where $1 0$ depends only on $\alpha$. We also prove a… Expand

We show that just predicting one bit of the Elliptic Curve Diffie-Hellman secret in a family of curves is as hard as computing the entire secret.Expand

In the paper an upper bound is established for certain exponential sums, analogous to Gaussian sums, defined on the points of an elliptic curve over a prime finite field.Expand

A polynomial time algorithm for recovering a “hidden” element α of a finite field of p elements from rather short strings of the most significant bits of the remainder modulo p of αt for several values of t selected uniformly at random.Expand

We show that the elliptic curve analogue of the linear congruential generator of pseudorandom numbers produces sequences with high linear complexity and good multidimensional distribution.Expand