Cryptology ePrint Archive: Report 2016/644

Update (December 2016): Dorey et al. have pointed an attack on our first contribution, as well as an improvement for the exploitation of our second contribution. This work has been updated to reflect these advances.