{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T01:57:55Z","timestamp":1774490275795,"version":"3.50.1"},"publisher-location":"Cham","reference-count":52,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030992767","type":"print"},{"value":"9783030992774","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-030-99277-4_3","type":"book-chapter","created":{"date-parts":[[2022,3,26]],"date-time":"2022-03-26T17:12:16Z","timestamp":1648314736000},"page":"47-67","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["The Boneh-Katz Transformation, Revisited: Pseudorandom\/Obliviously-Samplable PKE from Lattices and Codes and Its Application"],"prefix":"10.1007","author":[{"given":"Keita","family":"Xagawa","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,3,27]]},"reference":[{"key":"3_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"553","DOI":"10.1007\/978-3-642-13190-5_28","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2010","author":"S Agrawal","year":"2010","unstructured":"Agrawal, S., Boneh, D., Boyen, X.: Efficient lattice (H)IBE in the standard model. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 553\u2013572. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-13190-5_28"},{"key":"3_CR2","doi-asserted-by":"crossref","unstructured":"Ajtai, M.: Generating hard instances of lattice problems (extended abstract). In: 28th ACM STOC, pp. 99\u2013108, May 1996","DOI":"10.1145\/237814.237838"},{"key":"3_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1007\/11554868_6","volume-title":"Progress in Cryptology \u2013 Mycrypt 2005","author":"D Augot","year":"2005","unstructured":"Augot, D., Finiasz, M., Sendrier, N.: A family of fast syndrome based cryptographic hash functions. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005. LNCS, vol. 3715, pp. 64\u201383. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11554868_6"},{"key":"3_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"566","DOI":"10.1007\/3-540-45682-1_33","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 2001","author":"M Bellare","year":"2001","unstructured":"Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-privacy in public-key encryption. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 566\u2013582. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45682-1_33"},{"key":"3_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1007\/BFb0055718","volume-title":"Advances in Cryptology \u2014 CRYPTO 1998","author":"M Bellare","year":"1998","unstructured":"Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26\u201345. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0055718"},{"key":"3_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"644","DOI":"10.1007\/978-3-319-76581-5_22","volume-title":"Public-Key Cryptography \u2013 PKC 2018","author":"F Benhamouda","year":"2018","unstructured":"Benhamouda, F., Blazy, O., Ducas, L., Quach, W.: Hash proof systems over lattices revisited. In: Abdalla, M., Dahab, R. (eds.) PKC 2018. LNCS, vol. 10770, pp. 644\u2013674. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-76581-5_22"},{"key":"3_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1007\/978-3-319-78381-9_2","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"S Berndt","year":"2018","unstructured":"Berndt, S., Li\u015bkiewicz, M.: On the gold standard for security of\u00a0universal steganography. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10820, pp. 29\u201360. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78381-9_2"},{"key":"3_CR8","unstructured":"Blum, M.: Coin flipping by telephone. In: CRYPTO 1981, vol. ECE Report 82-04, pp. 11\u201315 (1981)"},{"issue":"5","key":"3_CR9","doi-asserted-by":"publisher","first-page":"1301","DOI":"10.1137\/S009753970544713X","volume":"36","author":"D Boneh","year":"2007","unstructured":"Boneh, D., Canetti, R., Halevi, S., Katz, J.: Chosen-ciphertext security from identity-based encryption. SIAM J. Comput. 36(5), 1301\u20131328 (2007)","journal-title":"SIAM J. Comput."},{"key":"3_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1007\/978-3-540-30574-3_8","volume-title":"Topics in Cryptology \u2013 CT-RSA 2005","author":"D Boneh","year":"2005","unstructured":"Boneh, D., Katz, J.: Improved efficiency for CCA-secure cryptosystems built using identity-based encryption. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 87\u2013103. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/978-3-540-30574-3_8"},{"issue":"3","key":"3_CR11","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1504\/IJACT.2009.023466","volume":"1","author":"C Boyd","year":"2009","unstructured":"Boyd, C., Cliff, Y., Gonz\u00e1lez Nieto, J.M., Paterson, K.G.: One-round key exchange in the standard model. Int. J. Appl. Cryptogr. 1(3), 181\u2013199 (2009)","journal-title":"Int. J. Appl. Cryptogr."},{"key":"3_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"619","DOI":"10.1007\/978-3-030-17659-4_21","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"Z Brakerski","year":"2019","unstructured":"Brakerski, Z., Lyubashevsky, V., Vaikuntanathan, V., Wichs, D.: Worst-case hardness for LPN and cryptographic hashing via code smoothing. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11478, pp. 619\u2013635. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17659-4_21"},{"key":"3_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/3-540-44987-6_7","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2001","author":"J Camenisch","year":"2001","unstructured":"Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93\u2013118. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44987-6_7"},{"key":"3_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/3-540-44647-8_2","volume-title":"Advances in Cryptology \u2014 CRYPTO 2001","author":"R Canetti","year":"2001","unstructured":"Canetti, R., Fischlin, M.: Universally composable commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 19\u201340. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44647-8_2"},{"key":"3_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"179","DOI":"10.1007\/978-3-662-53015-3_7","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"I Cascudo","year":"2016","unstructured":"Cascudo, I., Damg\u00e5rd, I., David, B., D\u00f6ttling, N., Nielsen, J.B.: Rate-1, linear time and additively homomorphic UC commitments. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 179\u2013207. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53015-3_7"},{"issue":"4","key":"3_CR16","doi-asserted-by":"publisher","first-page":"601","DOI":"10.1007\/s00145-011-9105-2","volume":"25","author":"D Cash","year":"2012","unstructured":"Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. J. Cryptol. 25(4), 601\u2013639 (2012)","journal-title":"J. Cryptol."},{"key":"3_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/BFb0055717","volume-title":"Advances in Cryptology \u2014 CRYPTO 1998","author":"R Cramer","year":"1998","unstructured":"Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13\u201325. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0055717"},{"key":"3_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"432","DOI":"10.1007\/3-540-44598-6_27","volume-title":"Advances in Cryptology \u2014 CRYPTO 2000","author":"I Damg\u00e5rd","year":"2000","unstructured":"Damg\u00e5rd, I., Nielsen, J.B.: Improved non-committing encryption schemes based on a general complexity assumption. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 432\u2013450. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-44598-6_27"},{"key":"3_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1007\/978-3-662-46800-5_5","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"Y Dodis","year":"2015","unstructured":"Dodis, Y., Ganesh, C., Golovnev, A., Juels, A., Ristenpart, T.: A formal treatment of backdoored pseudorandom generators. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 101\u2013126. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_5"},{"key":"3_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"768","DOI":"10.1007\/978-3-030-45724-2_26","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2020","author":"N D\u00f6ttling","year":"2020","unstructured":"D\u00f6ttling, N., Garg, S., Hajiabadi, M., Masny, D., Wichs, D.: Two-round oblivious transfer from CDH or LPN. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12106, pp. 768\u2013797. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45724-2_26"},{"key":"3_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"485","DOI":"10.1007\/978-3-642-34961-4_30","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"N D\u00f6ttling","year":"2012","unstructured":"D\u00f6ttling, N., M\u00fcller-Quade, J., Nascimento, A.C.A.: IND-CCA secure cryptography based on a variant of the LPN problem. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 485\u2013503. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34961-4_30"},{"key":"3_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"240","DOI":"10.1007\/978-3-642-00862-7_16","volume-title":"Topics in Cryptology \u2013 CT-RSA 2009","author":"R Dowsley","year":"2009","unstructured":"Dowsley, R., M\u00fcller-Quade, J., Nascimento, A.C.A.: A CCA2 secure public key encryption scheme based on the McEliece assumptions in the standard model. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 240\u2013251. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-00862-7_16"},{"key":"3_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"381","DOI":"10.1007\/978-3-642-13190-5_20","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2010","author":"S Fehr","year":"2010","unstructured":"Fehr, S., Hofheinz, D., Kiltz, E., Wee, H.: Encryption schemes secure against chosen-ciphertext selective opening attacks. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 381\u2013402. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-13190-5_20"},{"key":"3_CR24","doi-asserted-by":"crossref","unstructured":"Fujioka, A., Suzuki, K., Xagawa, K., Yoneyama, K.: Practical and post-quantum authenticated key exchange from one-way secure key encapsulation mechanism. In: ASIACCS 2013, pp. 83\u201394. ACM Press, May 2013","DOI":"10.1145\/2484313.2484323"},{"issue":"3","key":"3_CR25","doi-asserted-by":"publisher","first-page":"469","DOI":"10.1007\/s10623-014-9972-2","volume":"76","author":"A Fujioka","year":"2014","unstructured":"Fujioka, A., Suzuki, K., Xagawa, K., Yoneyama, K.: Strongly secure authenticated key exchange from factoring, codes, and lattices. Des. Codes Crypt. 76(3), 469\u2013504 (2014). https:\/\/doi.org\/10.1007\/s10623-014-9972-2","journal-title":"Des. Codes Crypt."},{"key":"3_CR26","unstructured":"Goldreich, O., Goldwasser, S., Halevi, S.: Collision-free hashing from lattice problems. Cryptology ePrint Archive, Report 1996\/009 (1996). https:\/\/eprint.iacr.org\/1996\/009"},{"issue":"2","key":"3_CR27","doi-asserted-by":"publisher","first-page":"270","DOI":"10.1016\/0022-0000(84)90070-9","volume":"28","author":"S Goldwasser","year":"1984","unstructured":"Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270\u2013299 (1984)","journal-title":"J. Comput. Syst. Sci."},{"key":"3_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1007\/11523468_26","volume-title":"Automata, Languages and Programming","author":"N Hopper","year":"2005","unstructured":"Hopper, N.: On steganographic chosen covertext security. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 311\u2013323. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11523468_26"},{"key":"3_CR29","unstructured":"Horel, T., Park, S., Richelson, S., Vaikuntanathan, V.: How to subvert backdoored encryption: security against adversaries that decrypt all ciphertexts. In: ITCS 2019. LIPIcs, vol. 124, pp. 42:1\u201342:20, January 2019"},{"key":"3_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"466","DOI":"10.1007\/978-3-642-17373-8_27","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"Y Ishai","year":"2010","unstructured":"Ishai, Y., Kumarasubramanian, A., Orlandi, C., Sahai, A.: On invertible sampling and adaptive security. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 466\u2013482. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17373-8_27"},{"key":"3_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"581","DOI":"10.1007\/11681878_30","volume-title":"Theory of Cryptography","author":"E Kiltz","year":"2006","unstructured":"Kiltz, E.: Chosen-ciphertext security from tag-based encryption. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 581\u2013600. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11681878_30"},{"key":"3_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-54631-0_1","volume-title":"Public-Key Cryptography \u2013 PKC 2014","author":"E Kiltz","year":"2014","unstructured":"Kiltz, E., Masny, D., Pietrzak, K.: Simple chosen-ciphertext security from low-noise LPN. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 1\u201318. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-642-54631-0_1"},{"key":"3_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-030-26954-8_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"F Kitagawa","year":"2019","unstructured":"Kitagawa, F., Matsuda, T., Tanaka, K.: CCA security and trapdoor functions via key-dependent-message security. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11694, pp. 33\u201364. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26954-8_2"},{"key":"3_CR34","doi-asserted-by":"crossref","unstructured":"Kitagawa, F., Matsuda, T., Tanaka, K.: CCA security and trapdoor functions via key-dependent-message security. Cryptology ePrint Archive, Report 2019\/291 (2019). June 2021 version","DOI":"10.1007\/978-3-030-26954-8_2"},{"key":"3_CR35","unstructured":"Krawczyk, H., Rabin, T.: Chameleon signatures. In: NDSS 2000, February 2000"},{"key":"3_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-662-46447-2_1","volume-title":"Public-Key Cryptography \u2013 PKC 2015","author":"S Liu","year":"2015","unstructured":"Liu, S., Paterson, K.G.: Simulation-based selective opening CCA security for pke from key encapsulation mechanisms. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 3\u201326. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46447-2_1"},{"key":"3_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"171","DOI":"10.1007\/978-3-540-24638-1_10","volume-title":"Theory of Cryptography","author":"P MacKenzie","year":"2004","unstructured":"MacKenzie, P., Reiter, M.K., Yang, K.: Alternatives to non-malleability: definitions, constructions, and applications. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 171\u2013190. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24638-1_10"},{"key":"3_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"465","DOI":"10.1007\/978-3-642-22792-9_26","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"D Micciancio","year":"2011","unstructured":"Micciancio, D., Mol, P.: Pseudorandom knapsacks and the sample complexity of LWE search-to-decision reductions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 465\u2013484. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22792-9_26"},{"key":"3_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"700","DOI":"10.1007\/978-3-642-29011-4_41","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"D Micciancio","year":"2012","unstructured":"Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700\u2013718. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_41"},{"key":"3_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1007\/978-3-540-30108-0_21","volume-title":"Computer Security \u2013 ESORICS 2004","author":"B M\u00f6ller","year":"2004","unstructured":"M\u00f6ller, B.: A public-key encryption scheme with pseudo-random ciphertexts. In: Samarati, P., Ryan, P., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 335\u2013351. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-30108-0_21"},{"key":"3_CR41","doi-asserted-by":"crossref","unstructured":"Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: STOC 1989, pp. 33\u201343, May 1989","DOI":"10.1145\/73007.73011"},{"key":"3_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"354","DOI":"10.1007\/978-3-540-85538-5_23","volume-title":"Pairing-Based Cryptography \u2013 Pairing 2008","author":"KG Paterson","year":"2008","unstructured":"Paterson, K.G., Srinivasan, S.: Security and anonymity of identity-based encryption with multiple trusted authorities. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 354\u2013375. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85538-5_23"},{"key":"3_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"433","DOI":"10.1007\/3-540-46766-1_35","volume-title":"Advances in Cryptology \u2014 CRYPTO 1991","author":"C Rackoff","year":"1992","unstructured":"Rackoff, C., Simon, D.R.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433\u2013444. Springer, Heidelberg (1992). https:\/\/doi.org\/10.1007\/3-540-46766-1_35"},{"key":"3_CR44","doi-asserted-by":"crossref","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), 34:1\u201334:40 (2009)","DOI":"10.1145\/1568318.1568324"},{"key":"3_CR45","doi-asserted-by":"crossref","unstructured":"Sahai, A., Waters, B.: How to use indistinguishability obfuscation: deniable encryption, and more. In: STOC 2014, pp. 475\u2013484, May\/June 2014","DOI":"10.1145\/2591796.2591825"},{"key":"3_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"422","DOI":"10.1007\/978-3-540-46588-1_28","volume-title":"Public Key Cryptography","author":"K Sako","year":"2000","unstructured":"Sako, K.: An auction protocol which hides bids of losers. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 422\u2013432. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/978-3-540-46588-1_28"},{"key":"3_CR47","doi-asserted-by":"crossref","unstructured":"Schwabe, P., Stebila, D., Wiggers, T.: Post-quantum TLS without handshake signatures. In: ACM CCS 2020, pp. 1461\u20131480 (2020)","DOI":"10.1145\/3372297.3423350"},{"key":"3_CR48","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"323","DOI":"10.1007\/978-3-540-24676-3_20","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"L von Ahn","year":"2004","unstructured":"von Ahn, L., Hopper, N.J.: Public-key steganography. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 323\u2013341. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24676-3_20"},{"key":"3_CR49","unstructured":"Xagawa, K.: The Boneh-Katz transformation, revisited: pseudorandom\/obliviously-samplable PKE from lattices and codes and its application. Cryptology ePrint Archive, Report 2021\/740 (2021). https:\/\/eprint.iacr.org\/2021\/740"},{"key":"3_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1007\/978-3-319-59879-6_3","volume-title":"Post-Quantum Cryptography","author":"Y Yoshida","year":"2017","unstructured":"Yoshida, Y., Morozov, K., Tanaka, K.: CCA2 key-privacy for code-based encryption in the standard model. In: Lange, T., Takagi, T. (eds.) PQCrypto 2017. LNCS, vol. 10346, pp. 35\u201350. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-59879-6_3"},{"key":"3_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"214","DOI":"10.1007\/978-3-662-53018-4_9","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"Yu Yu","year":"2016","unstructured":"Yu, Yu., Zhang, J.: Cryptography with auxiliary input and trapdoor from constant-noise LPN. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 214\u2013243. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_9"},{"key":"3_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-34621-8_1","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2019","author":"Yu Yu","year":"2019","unstructured":"Yu, Yu., Zhang, J., Weng, J., Guo, C., Li, X.: Collision resistant hashing from sub-exponential learning parity with noise. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019. LNCS, vol. 11922, pp. 3\u201324. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-34621-8_1"}],"container-title":["Lecture Notes in Computer Science","Selected Areas in Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-99277-4_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T01:04:28Z","timestamp":1774487068000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-99277-4_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783030992767","9783030992774"],"references-count":52,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-99277-4_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"27 March 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SAC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Selected Areas in Cryptography","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 September 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 October 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sacrypt2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.sac2021.ca\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"60","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Papers authored by PC members underwent 5 reviews.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}