{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T02:31:16Z","timestamp":1742956276659,"version":"3.40.3"},"publisher-location":"Cham","reference-count":105,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783031229114"},{"type":"electronic","value":"9783031229121"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-22912-1_27","type":"book-chapter","created":{"date-parts":[[2022,12,31]],"date-time":"2022-12-31T15:38:49Z","timestamp":1672501129000},"page":"617-643","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A One-Time Single-bit Fault Leaks All Previous NTRU-HRSS Session Keys to\u00a0a\u00a0Chosen-Ciphertext Attack"],"prefix":"10.1007","author":[{"given":"Daniel J.","family":"Bernstein","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,1,1]]},"reference":[{"key":"27_CR1","unstructured":"\u2014 (no editor), IEEE international conference on communications, ICC 2017, IEEE, 2017. See [38]"},{"key":"27_CR2","unstructured":"Gorjan Alagic, Daniel Apon, David Cooper, Quynh Dang, Thinh Dang, John Kelsey, Jacob Lichtinger, Carl Miller, Dustin Moody, Rene Peralta, Ray Perlner, Angela Robinson, Daniel Smith-Tone, Yi-Kai Liu, Status report on the third round of the NIST Post-Quantum Cryptography Standardization Process (2022). NISTIR 8413. Cited in \u00a71.1, \u00a73.14, \u00a73.14, \u00a74.2"},{"key":"27_CR3","unstructured":"Roberto Avanzi, Joppe Bos, L\u00e9o Ducas, Eike Kiltz, Tancrede Lepoint, Vadim Lyubashevsky, John M. Schanck, Peter Schwabe, Gregor Seiler, Damien Stehl\u00e9, CRYSTALS-Kyber: Algorithm specifications and supporting documentation (2020). Cited in \u00a73.14"},{"key":"27_CR4","doi-asserted-by":"crossref","unstructured":"Ciprian Baetu, F. Bet\u00fcl Durak, Lo\u00efs Huguenin-Dumittan, Abdullah Talayhan, Serge Vaudenay, Misuse attacks on post-quantum cryptosystems, in Eurocrypt 2019 [61] (2019), 747\u2013776. Cited in \u00a73.7","DOI":"10.1007\/978-3-030-17656-3_26"},{"key":"27_CR5","doi-asserted-by":"crossref","unstructured":"Mihir Bellare (editor), Advances in cryptology\u2014CRYPTO 2000, LNCS, 1880, Springer, 2000. See [62]","DOI":"10.1007\/3-540-44598-6"},{"key":"27_CR6","doi-asserted-by":"crossref","unstructured":"Mihir Bellare, Hannah Davis, Felix G\u00fcnther, Separate your domains: NIST PQC KEMs, oracle cloning and read-only indifferentiability, in Eurocrypt 2020 [32] (2020), 3\u201332. Cited in \u00a73.10","DOI":"10.1007\/978-3-030-45724-2_1"},{"key":"27_CR7","doi-asserted-by":"crossref","unstructured":"Mihir Bellare, Dennis Hofheinz, Eike Kiltz, Subtleties in the definition of IND-CCA: when and how should challenge decryption be disallowed?, Journal of Cryptology 28 (2015), 29\u201348. Cited in \u00a73.4","DOI":"10.1007\/s00145-013-9167-4"},{"key":"27_CR8","unstructured":"Daniel J. Bernstein, Re: Current consensus on ECC (2001). Cited in \u00a71.1"},{"key":"27_CR9","doi-asserted-by":"crossref","unstructured":"Daniel J. Bernstein, Curve25519: new Diffie-Hellman speed records, in PKC 2006 [103] (2006), 207\u2013228. Cited in \u00a71.1","DOI":"10.1007\/11745853_14"},{"key":"27_CR10","unstructured":"Daniel J. Bernstein, A subfield-logarithm attack against ideal lattices (2014). Cited in \u00a73.3"},{"key":"27_CR11","unstructured":"Daniel J. Bernstein, How to design an elliptic-curve signature system (2014). Cited in \u00a72.4"},{"key":"27_CR12","unstructured":"Daniel J. Bernstein, Comparing proofs of security for lattice-based encryption (2019). Second PQC Standardization Conference. Cited in \u00a73.2"},{"key":"27_CR13","unstructured":"Daniel J. Bernstein, On the looseness of FO derandomization (2021). Cited in \u00a73.14"},{"key":"27_CR14","unstructured":"Daniel J. Bernstein, Understanding binary-Goppa decoding (2022). Cited in \u00a73.8, \u00a73.8, \u00a73.8"},{"key":"27_CR15","unstructured":"Daniel J. Bernstein, libsecded (software package) (2022). Cited in \u00a74.6"},{"key":"27_CR16","unstructured":"Daniel J. Bernstein, attackntrw (software package) (2022). Cited in \u00a74"},{"key":"27_CR17","doi-asserted-by":"crossref","unstructured":"Daniel J. Bernstein, Leon Groot Bruinderink, Tanja Lange, Lorenz Panny, HILA5 Pindakaas: On the CCA security of lattice-based encryption with error correction, in Africacrypt 2018 [64] (2018), 203\u2013216. Cited in \u00a73.7","DOI":"10.1007\/978-3-319-89339-6_12"},{"key":"27_CR18","unstructured":"Daniel J. Bernstein, Tanja Lange (editors), eBACS: ECRYPT Benchmarking of Cryptographic Systems (2022). Accessed 25 August 2022. Cited in \u00a74.2"},{"key":"27_CR19","unstructured":"Daniel J. Bernstein, Edoardo Persichetti, Towards KEM unification (2018). Cited in \u00a73.12, \u00a74.4"},{"key":"27_CR20","doi-asserted-by":"crossref","unstructured":"Eli Biham (editor), Fast software encryption, 4th international workshop, FSE \u201997, LNCS, 1267, Springer, 1997. See [91]","DOI":"10.1007\/BFb0052329"},{"key":"27_CR21","doi-asserted-by":"crossref","unstructured":"Eli Biham, Lior Neumann, Breaking the Bluetooth pairing\u2014the fixed coordinate invalid curve attack, in SAC 2019 [84] (2019), 250\u2013273. Cited in \u00a71.1","DOI":"10.1007\/978-3-030-38471-5_11"},{"key":"27_CR22","doi-asserted-by":"crossref","unstructured":"Nina Bindel, Douglas Stebila, Shannon Veitch, Improved attacks against key reuse in learning with errors key exchange, in Latincrypt 2021 [74] (2021), 168\u2013188. Cited in \u00a73.7","DOI":"10.1007\/978-3-030-88238-9_9"},{"key":"27_CR23","doi-asserted-by":"crossref","unstructured":"Mario Blaum, Patrick G. Farrell, Henk C. A. van Tilborg (editors), Information, coding and mathematics, Kluwer International Series in Engineering and Computer Science, 687, Kluwer, 2002. MR 2005a:94003. See [101]","DOI":"10.1007\/978-1-4757-3585-7"},{"key":"27_CR24","doi-asserted-by":"crossref","unstructured":"Daniel Bleichenbacher, Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1, in Crypto 1998 [70] (1998), 1\u201312. Cited in \u00a71","DOI":"10.1007\/BFb0055716"},{"key":"27_CR25","unstructured":"Hanno B\u00f6ck, Juraj Somorovsky, Craig Young, Return of Bleichenbacher\u2019s oracle threat (ROBOT), in [43] (2018), 817\u2013849. Cited in \u00a71"},{"key":"27_CR26","doi-asserted-by":"crossref","unstructured":"Dan Boneh (editor), Advances in cryptology\u2014CRYPTO 2003, LNCS, 2729, Springer, 2003. See [56]","DOI":"10.1007\/b11817"},{"key":"27_CR27","unstructured":"Dan Boneh, Richard A. DeMillo, Richard J. Lipton, On the importance of checking cryptographic protocols for faults (extended abstract), in Eurocrypt 1997 [47] (1997), 37\u201351; see also newer version [28]. Cited in \u00a72.3, \u00a72.3, \u00a72.3, \u00a72.3, \u00a72.4, \u00a72.4, \u00a72.5, \u00a72.5, \u00a72.5"},{"key":"27_CR28","doi-asserted-by":"crossref","unstructured":"Dan Boneh, Richard A. DeMillo, Richard J. Lipton, On the importance of eliminating errors in cryptographic computations, Journal of Cryptology 14 (2001), 101\u2013119; see also older version [27]","DOI":"10.1007\/s001450010016"},{"key":"27_CR29","doi-asserted-by":"crossref","unstructured":"Joe P. Buhler (editor), Algorithmic number theory, third international symposium, ANTS-III, LNCS, 1423, Springer, 1998. See [52]","DOI":"10.1007\/BFb0054849"},{"key":"27_CR30","unstructured":"Kevin Butler, Kurt Thomas (editors), 31st USENIX Security Symposium, USENIX Association, 2022. See [96]"},{"key":"27_CR31","doi-asserted-by":"crossref","unstructured":"L. Jean Camp, Stephen Lewis (editors), Economics of information security, Advances in Information Security, 12, Springer, 2004. See [80]","DOI":"10.1007\/b116816"},{"key":"27_CR32","doi-asserted-by":"crossref","unstructured":"Anne Canteaut, Yuval Ishai (editors), Advances in cryptology\u2014EUROCRYPT 2020, LNCS, 12106, Springer, 2020. See [6]","DOI":"10.1007\/978-3-030-45727-3"},{"key":"27_CR33","doi-asserted-by":"crossref","unstructured":"Anne Canteaut, Fran\u00e7ois-Xavier Standaert (editors), Advances in cryptology\u2014EUROCRYPT 2021, LNCS, 12697, Springer, 2021. See [34]","DOI":"10.1007\/978-3-030-77870-5"},{"key":"27_CR34","doi-asserted-by":"crossref","unstructured":"Pierre-Louis Cayrel, Brice Colombier, Vlad-Florin Dragoi, Alexandre Menu, Lilian Bossuet, Message-recovery laser fault injection attack on the Classic McEliece cryptosystem, in [33] (2021), 438\u2013467. Cited in \u00a72.2","DOI":"10.1007\/978-3-030-77886-6_15"},{"key":"27_CR35","unstructured":"Cong Chen, Oussama Danba, Jeffrey Hoffstein, Andreas Hulsing, Joost Rijneveld, John M. Schanck, Peter Schwabe, William Whyte, Zhenfei Zhang, NTRU: algorithm specifications and supporting documentation (2019). Cited in \u00a74.4"},{"key":"27_CR36","doi-asserted-by":"crossref","unstructured":"Mauro Conti, Jianying Zhou, Emiliano Casalicchio, Angelo Spognardi (editors), Applied cryptography and network security\u201418th international conference, ACNS 2020, LNCS, 12146, Springer, 2020. See [59]","DOI":"10.1007\/978-3-030-57808-4"},{"key":"27_CR37","doi-asserted-by":"crossref","unstructured":"Alexander W. Dent, A designer\u2019s guide to KEMs, in Cirencester 2003 [83] (2003), 133\u2013151. Cited in \u00a73.10","DOI":"10.1007\/978-3-540-40974-8_12"},{"key":"27_CR38","doi-asserted-by":"crossref","unstructured":"Jintai Ding, Saed Alsayigh, R. V. Saraswathy, Scott R. Fluhrer, Xiaodong Lin, Leakage of signal function with reused keys in RLWE key exchange, in ICC 2017 [1] (2017), 1\u20136. Cited in \u00a73.7","DOI":"10.1109\/ICC.2017.7996806"},{"key":"27_CR39","unstructured":"Jintai Ding, Joshua Deaton, Kurt Schmidt, Vishakha, Zheng Zhang, A simple and efficient key reuse attack on NTRU cryptosystem (2019). Cited in \u00a73.7"},{"key":"27_CR40","doi-asserted-by":"crossref","unstructured":"Jintai Ding, Scott R. Fluhrer, Saraswathy RV, Complete attack on RLWE key exchange with reused keys, without signal leakage, in ACISP 2018 [97] (2018), 467\u2013486. Cited in \u00a73.7","DOI":"10.1007\/978-3-319-93638-3_27"},{"key":"27_CR41","unstructured":"John R. Douceur, Albert G. Greenberg, Thomas Bonald, Jason Nieh (editors), Proceedings of the eleventh international joint conference on measurement and modeling of computer systems, SIGMETRICS\/Performance 2009, ACM, 2009. See [93]"},{"key":"27_CR42","doi-asserted-by":"crossref","unstructured":"Orr Dunkelman, Stefan Dziembowski (editors), Advances in cryptology\u2014EUROCRYPT 2022, LNCS, 13277, Springer, 2022. See [60]","DOI":"10.1007\/978-3-031-07085-3"},{"key":"27_CR43","doi-asserted-by":"crossref","unstructured":"William Enck, Adrienne Porter Felt (editors), 27th USENIX security symposium, USENIX Security 2018, Baltimore, MD, USA, August 15-17, 2018, USENIX Association, 2018. See [25]","DOI":"10.1109\/MSEC.2019.2915397"},{"key":"27_CR44","doi-asserted-by":"crossref","unstructured":"Wieland Fischer, Naofumi Homma (editors), Cryptographic hardware and embedded systems\u2014CHES 2017, LNCS, 10529, Springer, 2017. See [57]","DOI":"10.1007\/978-3-319-66787-4"},{"key":"27_CR45","unstructured":"Scott R. Fluhrer, Cryptanalysis of ring-LWE based key exchange with key share reuse (2016). Cited in \u00a73.7"},{"key":"27_CR46","doi-asserted-by":"crossref","unstructured":"Eiichiro Fujisaki, Tatsuaki Okamoto, Secure integration of asymmetric and symmetric encryption schemes, in Crypto 1999 [102] (1999), 537\u2013554. Cited in \u00a73.8","DOI":"10.1007\/3-540-48405-1_34"},{"key":"27_CR47","doi-asserted-by":"crossref","unstructured":"Walter Fumy (editor), Advances in cryptology\u2014EUROCRYPT \u201997, LNCS, 1233, Springer, 1997. See [27]","DOI":"10.1007\/3-540-69053-0"},{"key":"27_CR48","doi-asserted-by":"crossref","unstructured":"Debin Gao, Qi Li, Xiaohong Guan, Xiaofeng Liao (editors), Information and communications security\u201423rd international conference, ICICS 2021, LNCS, 12919, Springer, 2021. See [105]","DOI":"10.1007\/978-3-030-88052-1"},{"key":"27_CR49","unstructured":"J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, Edward W. Felten, Lest we remember: cold boot attacks on encryption keys, in USENIX Security 2008 [82] (2008), 45\u201360. Cited in \u00a72.6, \u00a72.6, \u00a72.6, \u00a72.6"},{"key":"27_CR50","doi-asserted-by":"crossref","unstructured":"Chris Hall, Ian Goldberg, Bruce Schneier, Reaction attacks against several public-key cryptosystems, in ICICS 1999 [100] (1999), 2\u201312. Cited in \u00a73.6, \u00a73.6, \u00a73.6","DOI":"10.1007\/978-3-540-47942-0_2"},{"key":"27_CR51","doi-asserted-by":"crossref","unstructured":"Martin Hirt, Adam D. Smith (editors), Theory of cryptography\u201414th international conference, TCC 2016-B, LNCS, 9986, 2016. See [98]","DOI":"10.1007\/978-3-662-53644-5"},{"key":"27_CR52","doi-asserted-by":"crossref","unstructured":"Jeffrey Hoffstein, Jill Pipher, Joseph H. Silverman, NTRU: a ring-based public key cryptosystem, in ANTS III [29] (1998), 267\u2013288. Cited in \u00a73.3, \u00a73.3","DOI":"10.1007\/BFb0054868"},{"key":"27_CR53","unstructured":"Jeffrey Hoffstein, Jill Pipher, Joseph H. Silverman, NTRU: a new high speed public key cryptosystem (2016). Circulated at Crypto 1996, put online in 2016. Cited in \u00a73.3"},{"key":"27_CR54","unstructured":"Jeffrey Hoffstein, Joseph H. Silverman, Reaction attacks against the NTRU public key cryptosystem (2000). Cited in \u00a73.7, \u00a74.5"},{"key":"27_CR55","doi-asserted-by":"crossref","unstructured":"Dennis Hofheinz, Kathrin H\u00f6velmanns, Eike Kiltz, A modular analysis of the Fujisaki-Okamoto transformation, in TCC 2017-1 [65] (2017), 341\u2013371. Cited in \u00a73.11, \u00a73.12","DOI":"10.1007\/978-3-319-70500-2_12"},{"key":"27_CR56","doi-asserted-by":"crossref","unstructured":"Nick Howgrave-Graham, Phong Q. Nguyen, David Pointcheval, John Proos, Joseph H. Silverman, Ari Singer, William Whyte, The impact of decryption failures on the security of NTRU encryption, in Crypto 2003 [26] (2003), 226\u2013246. Cited in \u00a73.7","DOI":"10.1007\/978-3-540-45146-4_14"},{"key":"27_CR57","doi-asserted-by":"crossref","unstructured":"Andreas H\u00fclsing, Joost Rijneveld, John M. Schanck, Peter Schwabe, High-speed key encapsulation from NTRU, in [44] (2017), 232\u2013252. Cited in \u00a74.4","DOI":"10.1007\/978-3-319-66787-4_12"},{"key":"27_CR58","unstructured":"Andreas H\u00fclsing, Joost Rijneveld, John M. Schanck, Peter Schwabe, NTRU-HRSS-KEM: algorithm specifications and supporting documentation (2017). Cited in \u00a74.4"},{"key":"27_CR59","doi-asserted-by":"crossref","unstructured":"Lo\u00efs Huguenin-Dumittan, Serge Vaudenay, Classical misuse attacks on NIST round 2 PQC\u2014the power of rank-based schemes, in ACNS 2020 [36] (2020), 208\u2013227. Cited in \u00a73.7","DOI":"10.1007\/978-3-030-57808-4_11"},{"key":"27_CR60","doi-asserted-by":"crossref","unstructured":"Lo\u00efs Huguenin-Dumittan, Serge Vaudenay, On IND-qCCA security in the ROM and its applications: CPA security is sufficient for TLS 1.3, in Eurocrypt 2022 [42] (2022), 613\u2013642. Cited in \u00a71","DOI":"10.1007\/978-3-031-07082-2_22"},{"key":"27_CR61","doi-asserted-by":"crossref","unstructured":"Yuval Ishai, Vincent Rijmen (editors), Advances in cryptology\u2014EUROCRYPT 2019, LNCS, 11477, Springer, 2019. See [4]","DOI":"10.1007\/978-3-030-17653-2"},{"key":"27_CR62","doi-asserted-by":"crossref","unstructured":"\u00c9liane Jaulmes, Antoine Joux, A chosen-ciphertext attack against NTRU, in Crypto 2000 [5] (2000), 20\u201335. Cited in \u00a73.7","DOI":"10.1007\/3-540-44598-6_2"},{"key":"27_CR63","doi-asserted-by":"crossref","unstructured":"Simon Josefsson, Ilari Liusvaara, Edwards-curve digital signature algorithm (EdDSA) (2017). Cited in \u00a72.4","DOI":"10.17487\/RFC8032"},{"key":"27_CR64","doi-asserted-by":"crossref","unstructured":"Antoine Joux, Abderrahmane Nitaj, Tajjeeddine Rachidi (editors), Progress in cryptology\u2014AFRICACRYPT 2018, LNCS, 10831, Springer, 2018. See [17]","DOI":"10.1007\/978-3-319-89339-6"},{"key":"27_CR65","doi-asserted-by":"crossref","unstructured":"Yael Kalai, Leonid Reyzin (editors), Theory of cryptography\u201415th international conference, TCC 2017, LNCS, 10677, Springer, 2017. See [55]","DOI":"10.1007\/978-3-319-70503-3"},{"key":"27_CR66","doi-asserted-by":"crossref","unstructured":"Burt Kaliski, PKCS #1: RSA encryption version 1.5 (1998). Cited in \u00a72.4","DOI":"10.17487\/rfc2313"},{"key":"27_CR67","unstructured":"Matthias Kannwischer, Remove schemes that are no longer under consideration by NIST (2022). Cited in \u00a74.2"},{"key":"27_CR68","doi-asserted-by":"crossref","unstructured":"Jonathan Katz, Yehuda Lindell, Introduction to modern cryptography: principles and protocols, Chapman & Hall\/CRC, 2007. Cited in \u00a71.1","DOI":"10.1201\/9781420010756"},{"key":"27_CR69","unstructured":"Neal Koblitz, The uneasy relationship between mathematics and cryptography, Notices of the American Mathematical Society 54 (2007), 972\u2013979. Cited in \u00a74.4, \u00a74.4"},{"key":"27_CR70","doi-asserted-by":"crossref","unstructured":"Hugo Krawczyk (editor), Advances in cryptology\u2014CRYPTO \u201998, LNCS, 1462, Springer, 1998. See [24]","DOI":"10.1007\/BFb0055715"},{"key":"27_CR71","unstructured":"Adam Langley, CECPQ2 (2018). Cited in \u00a71"},{"key":"27_CR72","unstructured":"Arjen K. Lenstra, Memo on RSA signature generation in the presence of faults (1996). Cited in \u00a72.3, \u00a72.5"},{"key":"27_CR73","unstructured":"Joseph K. Liu, Hui Cui (editors), Information security and privacy\u201425th Australasian conference, ACISP 2020, LNCS, 12248, Springer, 2020. See [81]"},{"key":"27_CR74","doi-asserted-by":"crossref","unstructured":"Patrick Longa, Carla R\u00e0fols (editors), Progress in cryptology\u2014LATINCRYPT 2021, LNCS, 12912, Springer, 2021. See [22]","DOI":"10.1007\/978-3-030-88238-9"},{"key":"27_CR75","unstructured":"Vadim Lyubashevsky, OFFICIAL COMMENT: CRYSTALS-DILITHIUM (2018). Cited in \u00a71.1"},{"key":"27_CR76","unstructured":"Robert J. McEliece, A public-key cryptosystem based on algebraic coding theory (1978), 114\u2013116. JPL DSN Progress Report. Cited in \u00a73.3, \u00a73.3"},{"key":"27_CR77","unstructured":"Alfred Menezes, Evaluation of security level of cryptography: RSA signature schemes (PKCS#1 v1.5, ANSI X9.31, ISO 9796) (2002). Cited in \u00a71"},{"key":"27_CR78","unstructured":"National Institute of Standards and Technology, Submission requirements and evaluation criteria for the post-quantum cryptography standardization process (2016). Cited in \u00a71"},{"key":"27_CR79","doi-asserted-by":"crossref","unstructured":"Jesper Buus Nielsen, Vincent Rijmen (editors), Advances in cryptology\u2014EUROCRYPT 2018, LNCS, 10822, Springer, 2018. See [92]","DOI":"10.1007\/978-3-319-78372-7"},{"key":"27_CR80","doi-asserted-by":"crossref","unstructured":"Andrew M. Odlyzko, Privacy, economics, and price discrimination on the internet, in [31] (2004), 187\u2013211. Cited in \u00a74.6","DOI":"10.1007\/1-4020-8090-5_15"},{"key":"27_CR81","doi-asserted-by":"crossref","unstructured":"Satoshi Okada, Yuntao Wang, Tsuyoshi Takagi, Improving key mismatch attack on NewHope with fewer queries, in ACISP 2020 [73] (2020), 505\u2013524. Cited in \u00a73.7","DOI":"10.1007\/978-3-030-55304-3_26"},{"key":"27_CR82","unstructured":"Paul C. van Oorschot (editor), Proceedings of the 17th USENIX security symposium, USENIX Association, 2008. See [49]"},{"key":"27_CR83","doi-asserted-by":"crossref","unstructured":"Kenneth G. Paterson (editor), Cryptography and coding, 9th IMA international conference, LNCS, 2898, Springer, 2003. See [37]","DOI":"10.1007\/b93924"},{"key":"27_CR84","doi-asserted-by":"crossref","unstructured":"Kenneth G. Paterson, Douglas Stebila (editors), Selected areas in cryptography\u2014SAC 2019, LNCS, 11959, Springer, 2020. See [21]","DOI":"10.1007\/978-3-030-38471-5"},{"key":"27_CR85","unstructured":"Trevor Perrin, The XEdDSA and VXEdDSA signature schemes (2016). Cited in \u00a72.4"},{"key":"27_CR86","unstructured":"Edoardo Persichetti, Improving the efficiency of code-based cryptography, Ph.D. thesis, 2012. Cited in \u00a73.11"},{"key":"27_CR87","doi-asserted-by":"crossref","unstructured":"Bart Preneel (editor), Advances in cryptology\u2014EUROCRYPT 2000, LNCS, 1807, Springer, 2000. See [95]","DOI":"10.1007\/3-540-45539-6"},{"key":"27_CR88","doi-asserted-by":"crossref","unstructured":"Yue Qin, Chi Cheng, Xiaohan Zhang, Yanbin Pan, Lei Hu, Jintai Ding, A systematic approach and analysis of key mismatch attacks on lattice-based NIST candidate KEMs, in Asiacrypt 2021 [99] (2021), 92\u2013121. Cited in \u00a73.7","DOI":"10.1007\/978-3-030-92068-5_4"},{"key":"27_CR89","doi-asserted-by":"crossref","unstructured":"Yue Qin, Ruoyu Ding, Chi Cheng, Nina Bindel, Yanbin Pan, Jintai Ding, Light the signal: optimization of signal leakage attacks against LWE-based key exchange (2022). Cited in \u00a73.7","DOI":"10.1007\/978-3-031-17140-6_33"},{"key":"27_CR90","doi-asserted-by":"crossref","unstructured":"Prasanna Ravi, Martianus Frederic Ezerman, Shivam Bhasin, Anupam Chattopadhyay, Sujoy Sinha Roy, Will you cross the threshold for me? Generic side-channel assisted chosen-ciphertext attacks on NTRU-based KEMs, IACR Transactions on Cryptographic Hardware and Embedded Systems 2022.1 (2022), 722\u2013761. Cited in \u00a73.13","DOI":"10.46586\/tches.v2022.i1.722-761"},{"key":"27_CR91","doi-asserted-by":"crossref","unstructured":"Ronald L. Rivest, All-or-nothing encryption and the package transform, in FSE 1997 [20] (1997), 210\u2013218. Cited in \u00a73.5","DOI":"10.1007\/BFb0052348"},{"key":"27_CR92","doi-asserted-by":"crossref","unstructured":"Tsunekazu Saito, Keita Xagawa, Takashi Yamakawa, Tightly-secure key-encapsulation mechanism in the quantum random oracle model, in Eurocrypt 2018 [79] (2018), 520\u2013551. Cited in \u00a74.4, \u00a74.4, \u00a74.4, \u00a74.4","DOI":"10.1007\/978-3-319-78372-7_17"},{"key":"27_CR93","doi-asserted-by":"crossref","unstructured":"Bianca Schroeder, Eduardo Pinheiro, Wolf-Dietrich Weber, DRAM errors in the wild: a large-scale field study, in [41] (2009), 193\u2013204. Cited in \u00a71.2, \u00a71.2, \u00a71.2","DOI":"10.1145\/2492101.1555372"},{"key":"27_CR94","unstructured":"Mark Seaborn, Thomas Dullien, Exploiting the DRAM rowhammer bug to gain kernel privileges (2015). Cited in \u00a72.2"},{"key":"27_CR95","doi-asserted-by":"crossref","unstructured":"Victor Shoup, Using hash functions as a hedge against chosen ciphertext attack, in Eurocrypt 2000 [87] (2000), 275\u2013288. Cited in \u00a73.5","DOI":"10.1007\/3-540-45539-6_19"},{"key":"27_CR96","unstructured":"George Arnold Sullivan, Jackson Sippe, Nadia Heninger, Eric Wustrow, Open to a fault: On the passive compromise of TLS keys via transient errors, in USENIX Security 2022 [30] (2022), 233\u2013250. Cited in \u00a72.3, \u00a72.3, \u00a72.3, \u00a72.3"},{"key":"27_CR97","doi-asserted-by":"crossref","unstructured":"Willy Susilo, Guomin Yang (editors), Information security and privacy\u201423rd Australasian conference, ACISP 2018, LNCS, 10946, Springer, 2018. See [40]","DOI":"10.1007\/978-3-319-93638-3"},{"key":"27_CR98","doi-asserted-by":"crossref","unstructured":"Ehsan Ebrahimi Targhi, Dominique Unruh, Post-quantum security of the Fujisaki-Okamoto and OAEP transforms, in [51] (2016), 192\u2013216. Cited in \u00a74.4","DOI":"10.1007\/978-3-662-53644-5_8"},{"key":"27_CR99","doi-asserted-by":"crossref","unstructured":"Mehdi Tibouchi, Huaxiong Wang (editors), Advances in cryptology\u2014ASIACRYPT 2021, LNCS, 13093, Springer, 2021. See [88]","DOI":"10.1007\/978-3-030-92078-4"},{"key":"27_CR100","doi-asserted-by":"crossref","unstructured":"Vijay Varadharajan, Yi Mu (editors), Information and communication security, second international conference, ICICS\u201999, Springer, 1999. See [50]","DOI":"10.1007\/b72329"},{"key":"27_CR101","doi-asserted-by":"crossref","unstructured":"Eric R. Verheul, Jeroen M. Doumen, Henk C. A. van Tilborg, Sloppy Alice attacks! Adaptive chosen ciphertext attacks on the McEliece public-key cryptosystem, in [23] (2002), 99\u2013119. MR 2005b:94041. Cited in \u00a73.6, \u00a73.6, \u00a73.6","DOI":"10.1007\/978-1-4757-3585-7_7"},{"key":"27_CR102","doi-asserted-by":"crossref","unstructured":"Michael J. Wiener (editor), Advances in cryptology\u2014CRYPTO \u201999, LNCS, 1666, Springer, 1999. See [46]","DOI":"10.1007\/3-540-48405-1"},{"key":"27_CR103","doi-asserted-by":"crossref","unstructured":"Moti Yung, Yevgeniy Dodis, Aggelos Kiayias, Tal Malkin (editors), Public key cryptography\u20149th international conference on theory and practice in public-key cryptography, LNCS, 3958, Springer, 2006. See [9]","DOI":"10.1007\/11745853"},{"key":"27_CR104","doi-asserted-by":"crossref","unstructured":"Meilin Zhang, Vladimir M. Stojanovic, Paul Ampadu, Reliable ultra-low-voltage cache design for many-core systems, IEEE Transactions on Circuits and Systems II: Express Briefs 59 (2012), 858\u2013862. Cited in \u00a71.2","DOI":"10.1109\/TCSII.2012.2231013"},{"key":"27_CR105","doi-asserted-by":"crossref","unstructured":"Xiaohan Zhang, Chi Cheng, Ruoyu Ding, Small leaks sink a great ship: an evaluation of key reuse resilience of PQC third round finalist NTRU-HRSS, in ICICS 2021 [48] (2021), 283\u2013300. Cited in \u00a73.7","DOI":"10.1007\/978-3-030-88052-1_17"}],"container-title":["Lecture Notes in Computer Science","Progress in Cryptology \u2013 INDOCRYPT 2022"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-22912-1_27","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,12,31]],"date-time":"2022-12-31T15:43:31Z","timestamp":1672501411000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-22912-1_27"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031229114","9783031229121"],"references-count":105,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-22912-1_27","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"1 January 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"INDOCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Cryptology in India","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Kolkata","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 December 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 December 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"indocrypt2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.tcgcrest.org\/indocrypt-2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"74","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"31","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"42% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.22","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.59","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}