{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,4]],"date-time":"2026-04-04T18:21:04Z","timestamp":1775326864395,"version":"3.50.1"},"publisher-location":"Cham","reference-count":53,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030457266","type":"print"},{"value":"9783030457273","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-45727-3_2","type":"book-chapter","created":{"date-parts":[[2020,5,1]],"date-time":"2020-05-01T05:02:33Z","timestamp":1588309353000},"page":"34-63","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["Key Recovery from Gram\u2013Schmidt Norm Leakage in Hash-and-Sign Signatures over\u00a0NTRU Lattices"],"prefix":"10.1007","author":[{"given":"Pierre-Alain","family":"Fouque","sequence":"first","affiliation":[]},{"given":"Paul","family":"Kirchner","sequence":"additional","affiliation":[]},{"given":"Mehdi","family":"Tibouchi","sequence":"additional","affiliation":[]},{"given":"Alexandre","family":"Wallet","sequence":"additional","affiliation":[]},{"given":"Yang","family":"Yu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,5,1]]},"reference":[{"issue":"1","key":"2_CR1","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BF02579403","volume":"6","author":"L Babai","year":"1986","unstructured":"Babai, L.: On Lov\u00e1sz\u2019 lattice reduction and the nearest lattice point problem. Combinatorica 6(1), 1\u201313 (1986)","journal-title":"Combinatorica"},{"key":"2_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1007\/978-3-319-04852-9_2","volume-title":"Topics in Cryptology \u2013 CT-RSA 2014","author":"S Bai","year":"2014","unstructured":"Bai, S., Galbraith, S.D.: An improved compression technique for signatures based on learning with errors. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 28\u201347. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-04852-9_2"},{"key":"2_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"354","DOI":"10.1007\/978-3-319-78375-8_12","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"G Barthe","year":"2018","unstructured":"Barthe, G., et al.: Masking the GLP lattice-based signature scheme at any order. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part II. LNCS, vol. 10821, pp. 354\u2013384. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78375-8_12"},{"key":"2_CR4","doi-asserted-by":"crossref","unstructured":"Barthe, G., Bela\u00efd, S., Espitau, T., Fouque, P.A., Rossi, M., Tibouchi, M.: GALACTICS: Gaussian sampling for lattice-based constant-time implementation of cryptographic signatures, revisited. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 2147\u20132164. ACM Press (2019)","DOI":"10.1145\/3319535.3363223"},{"key":"2_CR5","unstructured":"Bindel, N., et al.: qTESLA. Technical report, National Institute of Standards and Technology (2019). https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography\/round-2-submissions"},{"key":"2_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"494","DOI":"10.1007\/978-3-030-03326-2_17","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2018","author":"J Bootle","year":"2018","unstructured":"Bootle, J., Delaplace, C., Espitau, T., Fouque, P.-A., Tibouchi, M.: LWE without modular reduction and improved side-channel attacks against BLISS. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018, Part I. LNCS, vol. 11272, pp. 494\u2013524. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-03326-2_17"},{"key":"2_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"323","DOI":"10.1007\/978-3-662-53140-2_16","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2016","author":"L Groot Bruinderink","year":"2016","unstructured":"Groot Bruinderink, L., H\u00fclsing, A., Lange, T., Yarom, Y.: Flush, gauss, and reload \u2013 a cache attack on the BLISS lattice-based signature scheme. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 323\u2013345. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53140-2_16"},{"key":"2_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1007\/978-3-642-40041-4_3","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"L Ducas","year":"2013","unstructured":"Ducas, L., Durmus, A., Lepoint, T., Lyubashevsky, V.: Lattice signatures and bimodal Gaussians. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 40\u201356. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40041-4_3"},{"key":"2_CR9","doi-asserted-by":"crossref","unstructured":"Ducas, L., Galbraith, S., Prest, T., Yu, Y.: Integral matrix gram root and lattice Gaussian sampling without floats. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12107, pp. 608\u2013637. Springer, Cham (2020)","DOI":"10.1007\/978-3-030-45724-2_21"},{"issue":"1","key":"2_CR10","doi-asserted-by":"crossref","first-page":"238","DOI":"10.46586\/tches.v2018.i1.238-268","volume":"2018","author":"L Ducas","year":"2018","unstructured":"Ducas, L., et al.: CRYSTALS-Dilithium: a lattice-based digital signature scheme. IACR TCHES 2018(1), 238\u2013268 (2018). https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/839","journal-title":"IACR TCHES"},{"key":"2_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1007\/978-3-662-45608-8_2","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"L Ducas","year":"2014","unstructured":"Ducas, L., Lyubashevsky, V., Prest, T.: Efficient identity-based encryption over NTRU lattices. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part II. LNCS, vol. 8874, pp. 22\u201341. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45608-8_2"},{"key":"2_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"433","DOI":"10.1007\/978-3-642-34961-4_27","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"L Ducas","year":"2012","unstructured":"Ducas, L., Nguyen, P.Q.: Learning a zonotope and more: cryptanalysis of NTRUSign countermeasures. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 433\u2013450. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34961-4_27"},{"key":"2_CR13","doi-asserted-by":"crossref","unstructured":"Ducas, L., Prest, T.: Fast Fourier orthogonalization. In: ISSAC, pp. 191\u2013198 (2016)","DOI":"10.1145\/2930889.2930923"},{"key":"2_CR14","doi-asserted-by":"crossref","unstructured":"Espitau, T., Fouque, P.A., G\u00e9rard, B., Tibouchi, M.: Side-channel attacks on BLISS lattice-based signatures: exploiting branch tracing against strongSwan and electromagnetic emanations in microcontrollers. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 1857\u20131874. ACM Press, October\/November 2017","DOI":"10.1145\/3133956.3134028"},{"issue":"11","key":"2_CR15","doi-asserted-by":"publisher","first-page":"1535","DOI":"10.1109\/TC.2018.2833119","volume":"67","author":"T Espitau","year":"2018","unstructured":"Espitau, T., Fouque, P., G\u00e9rard, B., Tibouchi, M.: Loop-abort faults on lattice-based signature schemes and key exchange protocols. IEEE Trans. Comput. 67(11), 1535\u20131549 (2018). https:\/\/doi.org\/10.1109\/TC.2018.2833119","journal-title":"IEEE Trans. Comput."},{"key":"2_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/3-540-47721-7_12","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 86","author":"A Fiat","year":"1987","unstructured":"Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186\u2013194. Springer, Heidelberg (1987). https:\/\/doi.org\/10.1007\/3-540-47721-7_12"},{"key":"2_CR17","doi-asserted-by":"crossref","unstructured":"Fouque, P.A., Kirchner, P., Tibouchi, M., Wallet, A., Yu, Y.: Key Recovery from Gram-Schmidt Norm Leakage in Hash-and-Sign Signatures over NTRU Lattices. IACR Cryptology ePrint Archive, report 2019\/1180 (2019)","DOI":"10.1007\/978-3-030-45727-3_2"},{"key":"2_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"233","DOI":"10.1007\/11761679_15","volume-title":"Advances in Cryptology - EUROCRYPT 2006","author":"N Gama","year":"2006","unstructured":"Gama, N., Howgrave-Graham, N., Nguyen, P.Q.: Symplectic lattice reduction and NTRU. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 233\u2013253. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11761679_15"},{"key":"2_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-45682-1_1","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 2001","author":"C Gentry","year":"2001","unstructured":"Gentry, C., Jonsson, J., Stern, J., Szydlo, M.: Cryptanalysis of the NTRU signature scheme (NSS) from Eurocrypt 2001. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 1\u201320. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45682-1_1"},{"key":"2_CR20","doi-asserted-by":"crossref","unstructured":"Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Ladner, R.E., Dwork, C. (eds.) 40th ACM STOC, pp. 197\u2013206. ACM Press, May 2008","DOI":"10.1145\/1374376.1374407"},{"key":"2_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"299","DOI":"10.1007\/3-540-46035-7_20","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2002","author":"C Gentry","year":"2002","unstructured":"Gentry, C., Szydlo, M.: Cryptanalysis of the revised NTRU signature scheme. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 299\u2013320. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-46035-7_20"},{"key":"2_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"112","DOI":"10.1007\/BFb0052231","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201997","author":"O Goldreich","year":"1997","unstructured":"Goldreich, O., Goldwasser, S., Halevi, S.: Public-key cryptosystems from lattice reduction problems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 112\u2013131. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/BFb0052231"},{"key":"2_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"530","DOI":"10.1007\/978-3-642-33027-8_31","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2012","author":"T G\u00fcneysu","year":"2012","unstructured":"G\u00fcneysu, T., Lyubashevsky, V., P\u00f6ppelmann, T.: Practical lattice-based cryptography: a signature scheme for embedded systems. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 530\u2013547. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33027-8_31"},{"key":"2_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1007\/3-540-36563-X_9","volume-title":"Topics in Cryptology \u2014 CT-RSA 2003","author":"J Hoffstein","year":"2003","unstructured":"Hoffstein, J., Howgrave-Graham, N., Pipher, J., Silverman, J.H., Whyte, W.: NTRUSign: digital signatures using the NTRU lattice. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 122\u2013140. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36563-X_9"},{"key":"2_CR25","unstructured":"Hoffstein, J., Lieman, D., Silverman, J.H.: Polynomial rings and efficient public key authentication (1999)"},{"key":"2_CR26","volume-title":"Introduction to Mathematical Satistics","author":"RV Hogg","year":"2018","unstructured":"Hogg, R.V., McKean, J.W., Craig, A.T.: Introduction to Mathematical Satistics, 8th edn. Pearson, London (2018)","edition":"8"},{"key":"2_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"728","DOI":"10.1007\/978-3-319-76581-5_25","volume-title":"Public-Key Cryptography \u2013 PKC 2018","author":"A H\u00fclsing","year":"2018","unstructured":"H\u00fclsing, A., Lange, T., Smeets, K.: Rounded Gaussians - fast and secure constant-time sampling for lattice-based crypto. In: Abdalla, M., Dahab, R. (eds.) PKC 2018, Part II. LNCS, vol. 10770, pp. 728\u2013757. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-76581-5_25"},{"issue":"11","key":"2_CR28","doi-asserted-by":"publisher","first-page":"1561","DOI":"10.1109\/TC.2018.2814587","volume":"67","author":"A Karmakar","year":"2018","unstructured":"Karmakar, A., Roy, S.S., Reparaz, O., Vercauteren, F., Verbauwhede, I.: Constant-time discrete Gaussian sampling. IEEE Trans. Comput. 67(11), 1561\u20131571 (2018)","journal-title":"IEEE Trans. Comput."},{"key":"2_CR29","doi-asserted-by":"crossref","unstructured":"Karmakar, A., Roy, S.S., Vercauteren, F., Verbauwhede, I.: Pushing the speed limit of constant-time discrete Gaussian sampling. A case study on the Falcon signature scheme. In: DAC 2019 (2019)","DOI":"10.1145\/3316781.3317887"},{"key":"2_CR30","unstructured":"Klein, P.N.: Finding the closest lattice vector when it\u2019s unusually close. In: Shmoys, D.B. (ed.) 11th SODA, pp. 937\u2013941. ACM-SIAM, January 2000"},{"key":"2_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"598","DOI":"10.1007\/978-3-642-10366-7_35","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"V Lyubashevsky","year":"2009","unstructured":"Lyubashevsky, V.: Fiat-Shamir with aborts: applications to lattice and factoring-based signatures. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 598\u2013616. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-10366-7_35"},{"key":"2_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"738","DOI":"10.1007\/978-3-642-29011-4_43","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"V Lyubashevsky","year":"2012","unstructured":"Lyubashevsky, V.: Lattice signatures without trapdoors. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 738\u2013755. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_43"},{"key":"2_CR33","unstructured":"Lyubashevsky, V., et al.: CRYSTALS-DILITHIUM. Technical report, National Institute of Standards and Technology (2019). https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography\/round-2-submissions"},{"key":"2_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"789","DOI":"10.1007\/978-3-662-46800-5_30","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"V Lyubashevsky","year":"2015","unstructured":"Lyubashevsky, V., Prest, T.: Quadratic time, linear space algorithms for Gram-Schmidt orthogonalization and Gaussian sampling in structured lattices. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part I. LNCS, vol. 9056, pp. 789\u2013815. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_30"},{"key":"2_CR35","doi-asserted-by":"crossref","unstructured":"McCarthy, S., Howe, J., Smyth, N., Brannigan, S., O\u2019Neill, M.: BEARZ attack FALCON: implementation attacks with countermeasures on the FALCON signature scheme. In: Obaidat, M.S., Samarati, P. (eds.) SECRYPT, pp. 61\u201371 (2019)","DOI":"10.5220\/0007834800610071"},{"key":"2_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1007\/978-3-319-71045-7_12","volume-title":"Cryptography and Coding","author":"S McCarthy","year":"2017","unstructured":"McCarthy, S., Smyth, N., O\u2019Sullivan, E.: A practical implementation of identity-based encryption over NTRU lattices. In: O\u2019Neill, M. (ed.) IMACC 2017. LNCS, vol. 10655, pp. 227\u2013246. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-71045-7_12"},{"key":"2_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"700","DOI":"10.1007\/978-3-642-29011-4_41","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"D Micciancio","year":"2012","unstructured":"Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700\u2013718. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_41"},{"issue":"1","key":"2_CR38","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1137\/S0097539705447360","volume":"37","author":"D Micciancio","year":"2007","unstructured":"Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. SIAM J. Comput. 37(1), 267\u2013302 (2007)","journal-title":"SIAM J. Comput."},{"key":"2_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"455","DOI":"10.1007\/978-3-319-63715-0_16","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"D Micciancio","year":"2017","unstructured":"Micciancio, D., Walter, M.: Gaussian sampling over the integers: efficient, generic, constant-time. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part II. LNCS, vol. 10402, pp. 455\u2013485. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63715-0_16"},{"key":"2_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"271","DOI":"10.1007\/11761679_17","volume-title":"Advances in Cryptology - EUROCRYPT 2006","author":"PQ Nguyen","year":"2006","unstructured":"Nguyen, P.Q., Regev, O.: Learning a parallelepiped: cryptanalysis of GGH and NTRU signatures. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 271\u2013288. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11761679_17"},{"key":"2_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1007\/978-3-030-25510-7_4","volume-title":"Post-Quantum Cryptography","author":"T Oder","year":"2019","unstructured":"Oder, T., Speith, J., H\u00f6ltgen, K., G\u00fcneysu, T.: Towards practical microcontroller implementation of the signature scheme Falcon. In: Ding, J., Steinwandt, R. (eds.) PQCrypto 2019. LNCS, vol. 11505, pp. 65\u201380. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-25510-7_4"},{"key":"2_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1007\/978-3-642-14623-7_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2010","author":"C Peikert","year":"2010","unstructured":"Peikert, C.: An efficient and parallel Gaussian sampler for lattices. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 80\u201397. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-14623-7_5"},{"key":"2_CR43","doi-asserted-by":"crossref","unstructured":"Pessl, P., Bruinderink, L.G., Yarom, Y.: To BLISS-B or not to be: attacking strongSwan\u2019s implementation of post-quantum signatures. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 1843\u20131855. ACM Press, October\/November 2017","DOI":"10.1145\/3133956.3134023"},{"key":"2_CR44","unstructured":"Plantard, T., Sipasseuth, A., Dumondelle, C., Susilo, W.: DRS. Technical report, National Institute of Standards and Technology (2017). https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography\/round-1-submissions"},{"key":"2_CR45","unstructured":"Pornin, T.: New Efficient, Constant-Time Implementations of Falcon, August 2019. https:\/\/falcon-sign.info\/falcon-impl-20190802.pdf"},{"key":"2_CR46","unstructured":"Prest, T.: Proof-of-concept implementation of an identity-based encryption scheme over NTRU lattices (2014). https:\/\/github.com\/tprest\/Lattice-IBE"},{"key":"2_CR47","unstructured":"Prest, T., et al.: FALCON. Technical report, National Institute of Standards and Technology (2019). https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography\/round-2-submissions"},{"key":"2_CR48","unstructured":"Prest, T., Ricosset, T., Rossi, M.: Simple, fast and constant-time Gaussian sampling over the integers for Falcon. In: Second PQC Standardization Conference (2019)"},{"key":"2_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/978-3-642-20465-4_4","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2011","author":"D Stehl\u00e9","year":"2011","unstructured":"Stehl\u00e9, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 27\u201347. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-20465-4_4"},{"key":"2_CR50","unstructured":"Tibouchi, M., Wallet, A.: One bit is all it takes: a devastating timing attack on BLISS\u2019s non-constant time sign flips. Cryptology ePrint Archive, Report 2019\/898 (2019). https:\/\/eprint.iacr.org\/2019\/898"},{"key":"2_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"525","DOI":"10.1007\/978-3-030-03329-3_18","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2018","author":"Y Yu","year":"2018","unstructured":"Yu, Y., Ducas, L.: Learning strikes again: the case of the DRS signature scheme. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018, Part II. LNCS, vol. 11273, pp. 525\u2013543. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-03329-3_18"},{"key":"2_CR52","unstructured":"Zhang, Z., Chen, C., Hoffstein, J., Whyte, W.: pqNTRUSign. Technical report, National Institute of Standards and Technology (2017). https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography\/round-1-submissions"},{"key":"2_CR53","unstructured":"Zhao, R.K., Steinfeld, R., Sakzad, A.: FACCT: FAst, Compact, and Constant-Time Discrete Gaussian Sampler over Integers. IACR Cryptology ePrint Archive, report 2018\/1234 (2018)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2020"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-45727-3_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,1]],"date-time":"2023-05-01T00:05:59Z","timestamp":1682899559000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-45727-3_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030457266","9783030457273"],"references-count":53,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-45727-3_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"1 May 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EUROCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Conference on the Theory and Applications of Cryptographic Techniques","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Zagreb","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Croatia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 May 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 May 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"39","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eurocrypt2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eurocrypt.iacr.org\/2020\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"IACR websubrev","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"375","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"81","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"22% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"20","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}