{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,6]],"date-time":"2026-06-06T16:10:04Z","timestamp":1780762204056,"version":"3.54.1"},"publisher-location":"Cham","reference-count":37,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030708801","type":"print"},{"value":"9783030708818","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-70881-8_11","type":"book-chapter","created":{"date-parts":[[2021,2,26]],"date-time":"2021-02-26T05:18:27Z","timestamp":1614316707000},"page":"163-179","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Error-Free Lattice-Based Key Encapsulation Mechanism Based on Ring-LWE"],"prefix":"10.1007","author":[{"given":"Chik How","family":"Tan","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4225-9112","authenticated-orcid":false,"given":"Theo Fanuela","family":"Prabowo","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2021,2,27]]},"reference":[{"key":"11_CR1","doi-asserted-by":"crossref","unstructured":"Ajtai, M., Dwork, C.: A public-key cryptosystem with worst-case\/average-case equivalence. In: 29th ACM STOC, pp. 284\u2013293. ACM Press, May 1997","DOI":"10.1145\/258533.258604"},{"key":"11_CR2","doi-asserted-by":"publisher","unstructured":"Ajtai, M.: The shortest vector problem in $$L_2$$ is NP-hard for randomized reductions (extended abstract). In: Vitter, J.S. (ed.) Proceedings of the Thirtieth Annual ACM Symposium on the Theory of Computing, Dallas, Texas, USA, 23\u201326 May 1998, pp. 10\u201319. ACM (1998). https:\/\/doi.org\/10.1145\/276698.276705","DOI":"10.1145\/276698.276705"},{"issue":"3","key":"11_CR3","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1515\/jmc-2015-0016","volume":"9","author":"MR Albrecht","year":"2015","unstructured":"Albrecht, M.R., Player, R., Scott, S.: On the concrete hardness of learning with errors. J. Math. Cryptol. 9(3), 169\u2013203 (2015)","journal-title":"J. Math. Cryptol."},{"key":"11_CR4","unstructured":"Alkim, E., et al.: NewHope. https:\/\/newhopecrypto.org\/data\/NewHope_2019_04_10.pdf"},{"key":"11_CR5","unstructured":"Alkim, E., et al.: FrodoKEM learning with errors key encapsulation. https:\/\/frodokem.org\/files\/FrodoKEM-specification-20190702.pdf"},{"key":"11_CR6","unstructured":"Baan, H., et al.: Round5: KEM and PKE based on (ring) learning with rounding. https:\/\/round5.org\/Supporting_Documentation\/Round5_Submission.pdf"},{"key":"11_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1007\/978-3-319-72565-9_12","volume-title":"Selected Areas in Cryptography \u2013 SAC 2017","author":"DJ Bernstein","year":"2018","unstructured":"Bernstein, D.J., Chuengsatiansup, C., Lange, T., van Vredendaal, C.: NTRU Prime: reducing attack surface at low cost. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 235\u2013260. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-72565-9_12"},{"key":"11_CR8","unstructured":"Bernstein, D.J., Chuengsatiansup, C., Lange, T., van Vredendaal, C.: NTRU Prime. NIST submission \u201cSupporting Documentation\u201d. https:\/\/ntruprime.cr.yp.to\/nist.html"},{"key":"11_CR9","unstructured":"Bernstein, D.J., Persichetti, E.: Towards KEM unification. Cryptology ePrint Archive, report 2018\/526 (2018). https:\/\/eprint.iacr.org\/2018\/526"},{"key":"11_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1007\/978-3-030-44223-1_12","volume-title":"Post-Quantum Cryptography","author":"N Bindel","year":"2020","unstructured":"Bindel, N., Schanck, J.M.: Decryption failure is more likely after success. In: Ding, J., Tillich, J.-P. (eds.) PQCrypto 2020. LNCS, vol. 12100, pp. 206\u2013225. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-44223-1_12"},{"issue":"4","key":"11_CR11","doi-asserted-by":"publisher","first-page":"506","DOI":"10.1145\/792538.792543","volume":"50","author":"A Blum","year":"2003","unstructured":"Blum, A., Kalai, A., Wasserman, H.: Noise-tolerant learning, the parity problem, and the statistical query model. J. ACM (JACM) 50(4), 506\u2013519 (2003)","journal-title":"J. ACM (JACM)"},{"key":"11_CR12","unstructured":"van Emde Boas, P.: Another NP-complete partition problem and the complexity of computing short vectors in lattices. Technical report 81-04, Mathematics Department, University of Amsterdam (1981)"},{"key":"11_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-25385-0_1","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2011","author":"Y Chen","year":"2011","unstructured":"Chen, Y., Nguyen, P.Q.: BKZ 2.0: better lattice security estimates. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 1\u201320. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25385-0_1"},{"key":"11_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-319-61273-7_3","volume-title":"Paradigms in Cryptology \u2013 Mycrypt 2016. Malicious and Exploratory Cryptology","author":"S Chatterjee","year":"2017","unstructured":"Chatterjee, S., Koblitz, N., Menezes, A., Sarkar, P.: Another look at tightness II: practical issues in cryptography. In: Phan, R.C.-W., Yung, M. (eds.) Mycrypt 2016. LNCS, vol. 10311, pp. 21\u201355. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-61273-7_3"},{"key":"11_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"329","DOI":"10.1007\/978-3-030-56880-1_12","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"D Dachman-Soled","year":"2020","unstructured":"Dachman-Soled, D., Ducas, L., Gong, H., Rossi, M.: LWE with side information: attacks and concrete security estimation. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12171, pp. 329\u2013358. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56880-1_12"},{"key":"11_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"565","DOI":"10.1007\/978-3-030-17259-6_19","volume-title":"Public-Key Cryptography \u2013 PKC 2019","author":"J-P D\u2019Anvers","year":"2019","unstructured":"D\u2019Anvers, J.-P., Guo, Q., Johansson, T., Nilsson, A., Vercauteren, F., Verbauwhede, I.: Decryption failure attacks on IND-CCA secure lattice-based schemes. In: Lin, D., Sako, K. (eds.) PKC 2019. LNCS, vol. 11443, pp. 565\u2013598. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17259-6_19"},{"key":"11_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-45727-3_1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2020","author":"J-P D\u2019Anvers","year":"2020","unstructured":"D\u2019Anvers, J.-P., Rossi, M., Virdia, F.: (One) failure is not an option: bootstrapping the search for failures in lattice-based encryption schemes. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12107, pp. 3\u201333. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45727-3_1"},{"key":"11_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1007\/978-3-319-89339-6_16","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2018","author":"J-P D\u2019Anvers","year":"2018","unstructured":"D\u2019Anvers, J.-P., Karmakar, A., Sinha Roy, S., Vercauteren, F.: Saber: module-LWR based key exchange, CPA-secure encryption and CCA-secure KEM. In: Joux, A., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2018. LNCS, vol. 10831, pp. 282\u2013305. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-89339-6_16"},{"issue":"1","key":"11_CR19","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1007\/s00145-011-9114-1","volume":"26","author":"E Fujisaki","year":"2013","unstructured":"Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. J. Cryptol. 26(1), 80\u2013101 (2013). https:\/\/doi.org\/10.1007\/s00145-011-9114-1","journal-title":"J. Cryptol."},{"key":"11_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"82","DOI":"10.1007\/978-3-030-34578-5_4","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2019","author":"Q Guo","year":"2019","unstructured":"Guo, Q., Johansson, T., Yang, J.: A novel CCA attack using decryption errors against LAC. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019. LNCS, vol. 11921, pp. 82\u2013111. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-34578-5_4"},{"key":"11_CR21","unstructured":"Hamburg, M.: Post-quantum cryptography proposal: THREEBEARS. https:\/\/www.shiftleft.org\/papers\/threebears\/nist-submission.pdf"},{"key":"11_CR22","volume-title":"Inequalities, Cambridge Mathematical Library","author":"GH Hardy","year":"1952","unstructured":"Hardy, G.H., Littlewood, J.E., P\u00f3lya, G.: Inequalities, Cambridge Mathematical Library, 2nd edn. Cambridge University Press, Cambridge (1952)","edition":"2"},{"key":"11_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1007\/978-3-319-70500-2_12","volume-title":"Theory of Cryptography","author":"D Hofheinz","year":"2017","unstructured":"Hofheinz, D., H\u00f6velmanns, K., Kiltz, E.: A modular analysis of the Fujisaki-Okamoto transformation. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10677, pp. 341\u2013371. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70500-2_12"},{"key":"11_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/BFb0054868","volume-title":"Algorithmic Number Theory","author":"J Hoffstein","year":"1998","unstructured":"Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267\u2013288. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0054868"},{"key":"11_CR25","series-title":"The IBM Research Symposia Series","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/978-1-4684-2001-2_9","volume-title":"Complexity of Computer Computations","author":"RM Karp","year":"1972","unstructured":"Karp, R.M.: Reducibility among combinatorial problems. In: Miller, R.E., Thatcher, J.W., Bohlinger, J.D. (eds.) Complexity of Computer Computations. IRSS, pp. 85\u2013103. Springer, Boston (1972). https:\/\/doi.org\/10.1007\/978-1-4684-2001-2_9"},{"key":"11_CR26","unstructured":"Lu, X., et al.: LAC: lattice-based cryptosystems. https:\/\/cs.rit.edu\/~ats9095\/csci762\/pdfs\/LAC.pdf"},{"key":"11_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-13190-5_1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2010","author":"V Lyubashevsky","year":"2010","unstructured":"Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 1\u201323. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-13190-5_1"},{"key":"11_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1007\/978-3-642-38348-9_3","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"V Lyubashevsky","year":"2013","unstructured":"Lyubashevsky, V., Peikert, C., Regev, O.: A toolkit for ring-LWE cryptography. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 35\u201354. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_3"},{"key":"11_CR29","doi-asserted-by":"publisher","unstructured":"Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. J. ACM 60(6), 1\u201335 (2013). Article no. 43. Early version in EUROCRYPT 2010. https:\/\/doi.org\/10.1145\/2535925","DOI":"10.1145\/2535925"},{"key":"11_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/BFb0055731","volume-title":"Advances in Cryptology \u2014 CRYPTO 1998","author":"P Nguyen","year":"1998","unstructured":"Nguyen, P., Stern, J.: Cryptanalysis of the Ajtai-Dwork cryptosystem. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 223\u2013242. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0055731"},{"key":"11_CR31","doi-asserted-by":"crossref","unstructured":"Peikert, C., Regev, O., Stephens-Davidowitz, N.: Pseudorandomness of ring-LWE for any ring and modulus. In: STOC, pp. 461\u2013473. ACM (2017)","DOI":"10.1145\/3055399.3055489"},{"key":"11_CR32","doi-asserted-by":"crossref","unstructured":"Regev O.: On lattices, learning with errors, random linear codes, and cryptography. In: STOC, pp. 84\u201393. ACM (2005)","DOI":"10.1145\/1060590.1060603"},{"issue":"6","key":"11_CR33","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1568318.1568324","volume":"56","author":"O Regev","year":"2009","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), 1\u201340 (2009). Preliminary version in STOC 2005","journal-title":"J. ACM"},{"key":"11_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"520","DOI":"10.1007\/978-3-319-78372-7_17","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"T Saito","year":"2018","unstructured":"Saito, T., Xagawa, K., Yamakawa, T.: Tightly-secure key-encapsulation mechanism in the quantum random oracle model. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 520\u2013551. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_17"},{"key":"11_CR35","unstructured":"Sarkar, P., Singha, S.: Verifying solutions to LWE with implications for concrete security. Adv. Math. Commun. (2020). https:\/\/www.aimsciences.org\/article\/doi\/10.3934\/amc.2020057"},{"key":"11_CR36","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/BF01581144","volume":"66","author":"C-P Schnorr","year":"1994","unstructured":"Schnorr, C.-P., Euchner, M.: Lattice basis reduction: improved practical algorithms and solving subset sum problems. Math. Program. 66, 181\u2013199 (1994). https:\/\/doi.org\/10.1007\/BF01581144","journal-title":"Math. Program."},{"key":"11_CR37","unstructured":"Xu, Z., et al.: Magnifying side-channel leakage of lattice-based cryptosystems with chosen ciphertexts: the case study of Kyber. Cryptology ePrint Archive, report 2020\/912 (2020). https:\/\/eprint.iacr.org\/2020\/912"}],"container-title":["Lecture Notes in Computer Science","Foundations and Practice of Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-70881-8_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,2,26]],"date-time":"2021-02-26T05:32:05Z","timestamp":1614317525000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-70881-8_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030708801","9783030708818"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-70881-8_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"27 February 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FPS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Foundations and Practice of Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Montreal, QC","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Canada","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 December 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 December 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fps2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.fps-symposium.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"11","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"48% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Due to the Corona pandemic this event was held virtually.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}