{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,15]],"date-time":"2026-06-15T13:34:30Z","timestamp":1781530470436,"version":"3.54.1"},"publisher-location":"Cham","reference-count":43,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030269470","type":"print"},{"value":"9783030269487","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-26948-7_2","type":"book-chapter","created":{"date-parts":[[2019,8,8]],"date-time":"2019-08-08T23:03:54Z","timestamp":1565305434000},"page":"32-61","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":64,"title":["Quantum Cryptanalysis in the RAM Model: Claw-Finding Attacks on SIKE"],"prefix":"10.1007","author":[{"given":"Samuel","family":"Jaques","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"John M.","family":"Schanck","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2019,8,1]]},"reference":[{"key":"2_CR1","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"322","DOI":"10.1007\/978-3-030-10970-7_15","volume-title":"SAC 2018","author":"G Adj","year":"2018","unstructured":"Adj, G., Cervantes-V\u00e1zquez, D., Chi-Dom\u00ednguez, J.-J., Menezes, A., Rodr\u00edguez-Henr\u00edquez, F.: On the cost of computing isogenies between supersingular elliptic curves. In: Cid, C., Jacobson Jr., M. (eds.) SAC 2018. LNCS, vol. 11349, pp. 322\u2013343. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-10970-7_15"},{"key":"2_CR2","doi-asserted-by":"publisher","first-page":"065303","DOI":"10.1088\/1751-8113\/42\/6\/065303","volume":"42","author":"R Alicki","year":"2009","unstructured":"Alicki, R., Fannes, M., Horodecki, M.: On thermalization in Kitaev\u2019s 2D model. J. Phys. A 42, 065303 (2009)","journal-title":"J. Phys. A"},{"key":"2_CR3","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1142\/S1230161210000023","volume":"17","author":"R Alicki","year":"2010","unstructured":"Alicki, R., Horodecki, M., Horodecki, P., Horodecki, R.: On thermal stability of topological qubit in Kitaev\u2019s 4d model. Open Syst. Inf. Dyn. 17, 1\u201320 (2010)","journal-title":"Open Syst. Inf. Dyn."},{"key":"2_CR4","doi-asserted-by":"publisher","first-page":"210","DOI":"10.1137\/S0097539705447311","volume":"37","author":"A Ambainis","year":"2007","unstructured":"Ambainis, A.: Quantum walk algorithm for element distinctness. SIAM J. Comput. 37, 210\u2013239 (2007)","journal-title":"SIAM J. Comput."},{"key":"2_CR5","doi-asserted-by":"publisher","first-page":"20120686","DOI":"10.1098\/rspa.2012.0686","volume":"469","author":"R Beals","year":"2013","unstructured":"Beals, R., et al.: Efficient distributed quantum computing. Proc. R. Soc. Lond. A: Math. Phys. Eng. Sci. 469, 20120686 (2013)","journal-title":"Proc. R. Soc. Lond. A: Math. Phys. Eng. Sci."},{"key":"2_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"330","DOI":"10.1007\/978-3-319-59879-6_19","volume-title":"Post-Quantum Cryptography","author":"DJ Bernstein","year":"2017","unstructured":"Bernstein, D.J., Biasse, J.-F., Mosca, M.: A low-resource quantum factoring algorithm. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 330\u2013346. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-59879-6_19"},{"key":"2_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-642-38616-9_2","volume-title":"Post-Quantum Cryptography","author":"DJ Bernstein","year":"2013","unstructured":"Bernstein, D.J., Jeffery, S., Lange, T., Meurer, A.: Quantum algorithms for the subset-sum problem. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 16\u201333. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38616-9_2"},{"key":"2_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"428","DOI":"10.1007\/978-3-319-13039-2_25","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2014","author":"J-F Biasse","year":"2014","unstructured":"Biasse, J.-F., Jao, D., Sankar, A.: A quantum algorithm for computing isogenies between supersingular elliptic curves. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 428\u2013442. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-13039-2_25"},{"key":"2_CR9","doi-asserted-by":"crossref","unstructured":"Blais, A., Huang, R.-S., Wallraff, A., Girvin, S.M., Schoelkopf, R.J.: Cavity quantum electrodynamics for superconducting electrical circuits: an architecture for quantum computation. Phys. Rev. A 69, 14 pages (2004)","DOI":"10.1103\/PhysRevA.69.062320"},{"key":"2_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"391","DOI":"10.1007\/978-3-642-22792-9_22","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"G Brassard","year":"2011","unstructured":"Brassard, G., H\u00f8yer, P., Kalach, K., Kaplan, M., Laplante, S., Salvail, L.: Merkle puzzles in a quantum world. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 391\u2013410. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22792-9_22"},{"issue":"4","key":"2_CR11","doi-asserted-by":"publisher","first-page":"043029","DOI":"10.1088\/1367-2630\/11\/4\/043029","volume":"11","author":"Sergey Bravyi","year":"2009","unstructured":"Bravyi, S., Terhal, B.: A no-go theorem for a two-dimensional self-correcting quantum memory based on stabilizer codes. New J. Phys.11 (2009)","journal-title":"New Journal of Physics"},{"key":"2_CR12","doi-asserted-by":"publisher","first-page":"045005","DOI":"10.1103\/RevModPhys.88.045005","volume":"88","author":"BJ Brown","year":"2016","unstructured":"Brown, B.J., Loss, D., Pachos, J.K., Self, C.N., Wootton, J.R.: Quantum memories at finite temperature. Rev. Modern Phys. 88, 045005 (2016)","journal-title":"Rev. Modern Phys."},{"key":"2_CR13","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1016\/j.ic.2016.02.008","volume":"250","author":"B Coecke","year":"2016","unstructured":"Coecke, B., Fritz, T., Spekkens, R.W.: A mathematical theory of resources. Inf. Comput. 250, 59\u201386 (2016)","journal-title":"Inf. Comput."},{"key":"2_CR14","doi-asserted-by":"publisher","first-page":"4452","DOI":"10.1063\/1.1499754","volume":"43","author":"E Dennis","year":"2002","unstructured":"Dennis, E., Kitaev, A., Landahl, A., Preskill, J.: Topological quantummemory. J. Math. Phys. 43, 4452\u20134505 (2002)","journal-title":"J. Math. Phys."},{"key":"2_CR15","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1098\/rspa.1989.0099","volume":"425","author":"DE Deutsch","year":"1989","unstructured":"Deutsch, D.E.: Quantum computational networks. Proc. R. Soc. Lond. A 425, 73\u201390 (1989)","journal-title":"Proc. R. Soc. Lond. A"},{"key":"2_CR16","doi-asserted-by":"publisher","first-page":"507","DOI":"10.1007\/BF01886518","volume":"16","author":"RP Feynman","year":"1986","unstructured":"Feynman, R.P.: Quantum mechanical computers. Found. Phys. 16, 507\u2013531 (1986)","journal-title":"Found. Phys."},{"key":"2_CR17","doi-asserted-by":"publisher","first-page":"032324","DOI":"10.1103\/PhysRevA.86.032324","volume":"86","author":"AG Fowler","year":"2012","unstructured":"Fowler, A.G., Mariantoni, M., Martinis, J.M., Cleland, A.N.: Surfacecodes: towards practical large-scale quantum computation. Phys. Rev. A 86, 032324 (2012)","journal-title":"Phys. Rev. A"},{"key":"2_CR18","doi-asserted-by":"publisher","first-page":"180501","DOI":"10.1103\/PhysRevLett.108.180501","volume":"108","author":"AG Fowler","year":"2012","unstructured":"Fowler, A.G., Whiteside, A.C., Hollenberg, L.C.L.: Towards practical classical processing for the surface code. Phys. Rev. Lett. 108, 180501 (2012)","journal-title":"Phys. Rev. Lett."},{"key":"2_CR19","doi-asserted-by":"publisher","first-page":"052310","DOI":"10.1103\/PhysRevA.78.052310","volume":"78","author":"V Giovannetti","year":"2008","unstructured":"Giovannetti, V., Lloyd, S., Maccone, L.: Architectures for a quantum random access memory. Phys. Rev. A 78, 052310 (2008)","journal-title":"Phys. Rev. A"},{"key":"2_CR20","unstructured":"Jao, D., et al.: Supersingular isogeny key encapsulation. Submission to NIST post-quantum project (2017). https:\/\/sike.org\/#nist-submission"},{"key":"2_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/978-3-642-25405-5_2","volume-title":"Post-Quantum Cryptography","author":"D Jao","year":"2011","unstructured":"Jao, D., De Feo, L.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 19\u201334. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25405-5_2"},{"key":"2_CR22","unstructured":"Jeffery, S.: Frameworks for quantum algorithms. Ph.D. thesis, University of Waterloo (2014)"},{"key":"2_CR23","doi-asserted-by":"publisher","first-page":"509","DOI":"10.1007\/s00453-016-0206-z","volume":"79","author":"S Jeffery","year":"2017","unstructured":"Jeffery, S., Magniez, F., De Wolf, R.: Optimal parallel quantum query algorithms. Algorithmica 79, 509\u2013529 (2017)","journal-title":"Algorithmica"},{"key":"2_CR24","doi-asserted-by":"publisher","first-page":"032305","DOI":"10.1103\/PhysRevA.95.032305","volume":"95","author":"SP Jordan","year":"2017","unstructured":"Jordan, S.P.: Fast quantum computation at arbitrarily low energy. Phys. Rev. A 95, 032305 (2017)","journal-title":"Phys. Rev. A"},{"key":"2_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-319-59879-6_5","volume-title":"Post-Quantum Cryptography","author":"G Kachigar","year":"2017","unstructured":"Kachigar, G., Tillich, J.-P.: Quantum information set decoding algorithms. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 69\u201389. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-59879-6_5"},{"key":"2_CR26","unstructured":"Karp, R.M., Ramachandran, V.: A survey of parallel algorithms for shared-memory machines, Technical report UCB\/CSD-88-408, EECS Department, University of California, Berkeley, March 1988"},{"key":"2_CR27","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1016\/S0003-4916(02)00018-0","volume":"303","author":"A Kitaev","year":"2003","unstructured":"Kitaev, A.: Fault-tolerant quantum computation by anyons. Ann. Phys. 303, 2\u201330 (2003)","journal-title":"Ann. Phys."},{"key":"2_CR28","doi-asserted-by":"crossref","unstructured":"Kitaev, A., Shen, A., Vyalyi, M.N.: Classical and Quantum Computation, no. 47. American Mathematical Society, Providence (2002)","DOI":"10.1090\/gsm\/047"},{"key":"2_CR29","doi-asserted-by":"publisher","first-page":"375","DOI":"10.1007\/s10623-015-0067-5","volume":"77","author":"T Laarhoven","year":"2015","unstructured":"Laarhoven, T., Mosca, M., van de Pol, J.: Finding shortest lattice vectors faster using quantum search. Des. Codes Crypt. 77, 375\u2013400 (2015)","journal-title":"Des. Codes Crypt."},{"key":"2_CR30","doi-asserted-by":"publisher","first-page":"941","DOI":"10.1007\/s00453-016-0267-z","volume":"79","author":"F Le Gall","year":"2017","unstructured":"Le Gall, F., Nakajima, S.: Quantum algorithm for triangle finding in sparse graphs. Algorithmica 79, 941\u2013959 (2017)","journal-title":"Algorithmica"},{"key":"2_CR31","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1137\/090745854","volume":"40","author":"F Magniez","year":"2011","unstructured":"Magniez, F., Nayak, A., Roland, J., Santha, M.: Search via quantum walk. SIAM J. Comput. 40, 142\u2013164 (2011)","journal-title":"SIAM J. Comput."},{"key":"2_CR32","doi-asserted-by":"publisher","first-page":"024004","DOI":"10.1088\/2058-9565\/aaa3a0","volume":"3","author":"R McDermott","year":"2018","unstructured":"McDermott, R., et al.: Quantum-classical interface based onsingle flux quantum digital logic. Quantum Sci. Technol. 3, 024004 (2018)","journal-title":"Quantum Sci. Technol."},{"key":"2_CR33","unstructured":"Moore, C.: Quantum circuits: Fanout, parity, and counting, arXiv preprint (1999). https:\/\/arxiv.org\/abs\/quant-ph\/9903046"},{"key":"2_CR34","unstructured":"National Institute of Standards and Technology, Submission requirements and evaluation criteria or the post-quantum cryptography standardization process (2017). https:\/\/csrc.nist.gov\/csrc\/media\/projects\/post-quantum-cryptography\/documents\/call-for-proposals-final-dec-2016.pdf"},{"issue":"3","key":"2_CR35","doi-asserted-by":"publisher","first-page":"477","DOI":"10.1017\/S0305004100019174","volume":"32","author":"R. Peierls","year":"1936","unstructured":"Peierls, R.: On Ising\u2019s model of ferromagnetism. In: Mathematical Proceedings Cambridge Philosophical Society, vol. 32, pp. 477\u2013481. Cambridge University Press, Cambridge (1936)","journal-title":"Mathematical Proceedings of the Cambridge Philosophical Society"},{"key":"2_CR36","unstructured":"Szegedy, M.: Quantum speed-up of Markov chain based algorithms. In: 2004 IEEE Symposium on Foundations of Computer Science, pp. 32\u201341, October 2004"},{"key":"2_CR37","first-page":"872","volume":"10","author":"Y Takahashi","year":"2010","unstructured":"Takahashi, Y., Tani, S., Kunihiro, N.: Quantum addition circuits and unbounded fan-out. Quantum Inf. Comput. 10, 872\u2013890 (2010)","journal-title":"Quantum Inf. Comput."},{"key":"2_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"536","DOI":"10.1007\/978-3-540-74456-6_48","volume-title":"Mathematical Foundations of Computer Science 2007","author":"S Tani","year":"2007","unstructured":"Tani, S.: An improved claw finding algorithm using quantum walk. In: Ku\u010dera, L., Ku\u010dera, A. (eds.) MFCS 2007. LNCS, vol. 4708, pp. 536\u2013547. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-74456-6_48"},{"key":"2_CR39","doi-asserted-by":"publisher","first-page":"307","DOI":"10.1103\/RevModPhys.87.307","volume":"87","author":"BM Terhal","year":"2015","unstructured":"Terhal, B.M.: Quantum error correction for quantum memories. Rev. Modern Phys. 87, 307 (2015)","journal-title":"Rev. Modern Phys."},{"key":"2_CR40","doi-asserted-by":"crossref","unstructured":"Thapliyal, H., Ranganathan, N., Ferreira, R.: Design of a comparator tree based on reversible logic. In: 2010 IEEE International Conference on Nanotechnology, pp. 1113\u20131116 (2010)","DOI":"10.1109\/NANO.2010.5697872"},{"key":"2_CR41","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1063\/1.1699419","volume":"21","author":"A Wang","year":"1950","unstructured":"Wang, A., Woo, W.D.: Static magnetic storage and delay line. J. Appl. Phys. 21, 49\u201354 (1950)","journal-title":"J. Appl. Phys."},{"key":"2_CR42","doi-asserted-by":"publisher","first-page":"106001","DOI":"10.1088\/1361-6633\/aa7e1a","volume":"80","author":"G Wendin","year":"2017","unstructured":"Wendin, G.: Quantum information processing with superconducting circuits: a review. Rep. Prog. Phys. 80, 106001 (2017)","journal-title":"Rep. Prog. Phys."},{"key":"2_CR43","doi-asserted-by":"publisher","first-page":"2746","DOI":"10.1103\/PhysRevA.60.2746","volume":"60","author":"C Zalka","year":"1999","unstructured":"Zalka, C.: Grover\u2019s quantum searching algorithm is optimal. Phys. Rev. A 60, 2746 (1999)","journal-title":"Phys. Rev. A"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2019"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-26948-7_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T10:32:06Z","timestamp":1710325926000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-26948-7_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030269470","9783030269487"],"references-count":43,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-26948-7_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"1 August 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 August 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 August 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"39","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2019\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"IACR websubrev","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"378","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"81","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"22","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}