{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T05:20:36Z","timestamp":1742966436941,"version":"3.40.3"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031455124"},{"type":"electronic","value":"9783031455131"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-45513-1_4","type":"book-chapter","created":{"date-parts":[[2023,10,10]],"date-time":"2023-10-10T22:01:53Z","timestamp":1696975313000},"page":"67-82","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Improved Key-Recovery Attacks Under Imperfect SCA Oracle for\u00a0Lattice-Based KEMs"],"prefix":"10.1007","author":[{"given":"Wenhao","family":"Shi","sequence":"first","affiliation":[]},{"given":"Jiang","family":"Han","sequence":"additional","affiliation":[]},{"given":"Haodong","family":"Jiang","sequence":"additional","affiliation":[]},{"given":"Zhi","family":"Ma","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,10,11]]},"reference":[{"key":"4_CR1","unstructured":"Avanzi, R., et al.: Crystals-kyber algorithm specifications and supporting documentation. NIST PQC Round 2(4), 1\u201343 (2017)"},{"key":"4_CR2","volume-title":"Status report on the third round of the NIST post-quantum cryptography standardization process","author":"G Alagic","year":"2022","unstructured":"Alagic, G., et al.: Status report on the third round of the NIST post-quantum cryptography standardization process. US Department of Commerce, NIST (2022)"},{"key":"4_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1007\/3-540-68697-5_9","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201996","author":"PC Kocher","year":"1996","unstructured":"Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104\u2013113. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68697-5_9"},{"key":"4_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"359","DOI":"10.1007\/978-3-030-56880-1_13","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"Q Guo","year":"2020","unstructured":"Guo, Q., Johansson, T., Nilsson, A.: A key-recovery timing attack on post-quantum primitives using the Fujisaki-Okamoto transformation and its application on FrodoKEM. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12171, pp. 359\u2013386. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56880-1_13"},{"key":"4_CR5","doi-asserted-by":"crossref","unstructured":"Bhasin, S., D\u2018anvers, J.P., Heinz, D., P\u00f6ppelmann, T., Van Beirendonck, M.: Attacking and defending masked polynomial comparison for lattice-based cryptography. In: IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 334\u2013359, 2021. https:\/\/eprint.iacr.org\/2021\/104","DOI":"10.46586\/tches.v2021.i3.334-359"},{"key":"4_CR6","doi-asserted-by":"crossref","unstructured":"Ueno, R., Xagawa, K., Tanaka, Y., Ito, A., Takahashi, J., Homma, N.: Curse of re-encryption: A generic power\/EM analysis on post-quantum KEMs. In: IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 296\u2013322, 2022 (2021)","DOI":"10.46586\/tches.v2022.i1.296-322"},{"key":"4_CR7","doi-asserted-by":"crossref","unstructured":"Guo, Q., Hlauschek, C., Johansson, T., Lahr, N., Nilsson, A., Schr\u00f6der, R.L.: Don\u2019t reject this: Key-recovery timing attacks due to rejection-sampling in HQC and bike. In: IACR Transactions on Cryptographic Hardware and Embedded Systems, 2022(3), 223\u2013263 (2022)","DOI":"10.46586\/tches.v2022.i3.223-263"},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"D\u2019Anvers, J.P., Tiepelt, M., Vercauteren, F., Verbauwhede, I.: Timing attacks on error correcting codes in post-quantum schemes. In: Proceedings of ACM Workshop on Theory of Implementation Security Workshop, pp. 2\u20139 (2019)","DOI":"10.1145\/3338467.3358948"},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Xu, Z., Pemberton, O., Roy, S.S., Oswald, D., Yao, W., Zheng, Z.: Magnifying side-channel leakage of lattice-based cryptosystems with chosen ciphertexts: The case study of kyber. IEEE Transactions on Computers (Early Access) (2021)","DOI":"10.1109\/TC.2021.3122997"},{"key":"4_CR10","doi-asserted-by":"crossref","unstructured":"Ravi, P., Ezerman, M.F., Bhasin, S., Chattopadhyay, A., Roy, S.S.: Will you cross the threshold for me? - generic side-channel assisted chosen-ciphertext attacks on ntru-based kems. IACR Trans. Cryptograph. Hardware Embedded Syst. pp. 722\u2013761 (2022)","DOI":"10.46586\/tches.v2022.i1.722-761"},{"key":"4_CR11","doi-asserted-by":"crossref","unstructured":"Ravi, P., Roy, S.S., Chattopadhyay, A., Bhasin, S.: Generic side-channel attacks on CCA-secure lattice-based PKE and KEM schemes. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2020(3), 307\u2013335 (2020)","DOI":"10.46586\/tches.v2020.i3.307-335"},{"issue":"1","key":"4_CR12","first-page":"89","volume":"2023","author":"M Shen","year":"2023","unstructured":"Shen, M., Cheng, C., Zhang, X., Guo, Q., Jiang, T.: Find the bad apples:an efficient method for perfectkey recovery under imperfect SCA oracles- a case study of kyber. IACR Trans. Cryptograph. Hardware Embedded Syst. (TCHES) 2023(1), 89\u2013112 (2023)","journal-title":"IACR Trans. Cryptograph. Hardware Embedded Syst. (TCHES)"},{"key":"4_CR13","doi-asserted-by":"crossref","unstructured":"Ajtai, M., Kumar, R., Sivakumar, D.: A sieve algorithm for the shortest lattice vector problem. In: Symposium on the Theory of Computing (2001)","DOI":"10.1145\/380752.380857"},{"key":"4_CR14","doi-asserted-by":"crossref","unstructured":"Becker, A., Ducas, L., Gama, N., Laarhoven, T.: New directions in nearest neighbor searching with applications to lattice sieving. In: Proceedings of the Twenty-Seventh Annual ACM-SIAM Symposium on Discrete Algorithms, SODA \u201916, pp. 10\u201324, USA (2016). Society for Industrial and Applied Mathematics","DOI":"10.1137\/1.9781611974331.ch2"},{"key":"4_CR15","first-page":"522","volume":"2015","author":"A Becker","year":"2015","unstructured":"Becker, A., Gama, N., Joux, A.: Speeding-up lattice sieving without increasing the memory, using sub-quadratic nearest neighbor search. IACR Cryptol. ePrint Arch. 2015, 522 (2015)","journal-title":"IACR Cryptol. ePrint Arch."},{"issue":"2","key":"4_CR16","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1515\/JMC.2008.009","volume":"2","author":"PQ Nguyen","year":"2008","unstructured":"Nguyen, P.Q., Vidick, T.: Sieve algorithms for the shortest vector problem are practical. J. Math. Cryptol. 2(2), 181\u2013207 (2008)","journal-title":"J. Math. Cryptol."},{"key":"4_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-662-47989-6_1","volume-title":"Advances in Cryptology \u2013 CRYPTO 2015","author":"T Laarhoven","year":"2015","unstructured":"Laarhoven, T.: Sieving for shortest vectors in lattices using angular locality-sensitive hashing. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 3\u201322. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-47989-6_1"},{"key":"4_CR18","doi-asserted-by":"crossref","unstructured":"Schnorr, C.P., Euchner, M.: Lattice basis reduction: Improved practical algorithms and solving subset sum problems. In: Budach, L., (ed), Fundamentals of Computation Theory, pages 68\u201385, Springer Berlin, Heidelberg (1991)","DOI":"10.1007\/3-540-54458-5_51"},{"issue":"2","key":"4_CR19","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1016\/0304-3975(87)90064-8","volume":"53","author":"CP Schnorr","year":"1987","unstructured":"Schnorr, C.P.: A hierarchy of polynomial time lattice basis reduction algorithms. Theoret. Comput. Sci. 53(2), 201\u2013224 (1987)","journal-title":"Theoret. Comput. Sci."},{"key":"4_CR20","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1515\/jmc-2015-0016","volume":"9","author":"MR Albrecht","year":"2015","unstructured":"Albrecht, M.R., Player, R., Scott, S.: On the concrete hardness of learning with errors. J. Math. Cryptol. 9, 169\u2013203 (2015)","journal-title":"J. Math. Cryptol."},{"key":"4_CR21","unstructured":"Chen, Y.: Lattice reduction and concrete security of fully homomorphic encryption. PhD thesis, l\u2019Universit\u00e9 Paris Diderot, (2013). http:\/\/www.di.ens.fr\/~ychen\/research\/these.pdf"},{"key":"4_CR22","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Proceedings of the Annual ACM Symposium on Theory of Computing, pp. 84\u201393, 2005. 13th Color Imaging Conference: Color Science, Systems, Technologies, and Applications; Conference date: 07\u201311-2005 Through 11\u201311-2005"},{"key":"4_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/BFb0054868","volume-title":"Algorithmic Number Theory","author":"J Hoffstein","year":"1998","unstructured":"Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267\u2013288. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0054868"},{"key":"4_CR24","unstructured":"Har-Peled, S., Indyk, P., Motwani, R.: Approximate nearest neighbors: towards removing the curse of dimensionality. In: Symposium on the Theory of Computing (1998)"},{"key":"4_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/978-3-642-36095-4_19","volume-title":"Topics in Cryptology \u2013 CT-RSA 2013","author":"M Liu","year":"2013","unstructured":"Liu, M., Nguyen, P.Q.: Solving BDD by enumeration: an update. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 293\u2013309. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-36095-4_19"},{"key":"4_CR26","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BF02579403","volume":"6","author":"L Babai","year":"1986","unstructured":"Babai, L.: On Lov\u00e1sz\u2019 lattice reduction and the nearest lattice point problem. Combinatorica 6, 1\u201313 (1986)","journal-title":"Combinatorica"},{"key":"4_CR27","doi-asserted-by":"crossref","unstructured":"heon, J.H., Hhan, M., Hong, S., Son, Y.: A hybrid of dual and meet-in-the-middle attack on sparse and ternary secret LWE. IEEE Access 7 89497\u201389506 (2019)","DOI":"10.1109\/ACCESS.2019.2925425"},{"key":"4_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"717","DOI":"10.1007\/978-3-030-17656-3_25","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"MR Albrecht","year":"2019","unstructured":"Albrecht, M.R., Ducas, L., Herold, G., Kirshanova, E., Postlethwaite, E.W., Stevens, M.: The general sieve kernel and new records in lattice reduction. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11477, pp. 717\u2013746. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17656-3_25"},{"key":"4_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"440","DOI":"10.1007\/978-3-030-65277-7_20","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2020","author":"T Espitau","year":"2020","unstructured":"Espitau, T., Joux, A., Kharchenko, N.: On a dual\/hybrid approach to small secret LWE. In: Bhargavan, K., Oswald, E., Prabhakaran, M. (eds.) INDOCRYPT 2020. LNCS, vol. 12578, pp. 440\u2013462. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-65277-7_20"}],"container-title":["Lecture Notes in Computer Science","Provable and Practical Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-45513-1_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,10,11]],"date-time":"2023-10-11T00:02:56Z","timestamp":1696982576000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-45513-1_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031455124","9783031455131"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-45513-1_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"11 October 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ProvSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Provable Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Wuhan","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 October 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 October 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"provsec2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/provsec2023.github.io\/ProvSec2023\/#","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"71","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"20","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}