{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,28]],"date-time":"2026-02-28T13:01:17Z","timestamp":1772283677187,"version":"3.50.1"},"publisher-location":"Cham","reference-count":78,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319612720","type":"print"},{"value":"9783319612737","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-61273-7_3","type":"book-chapter","created":{"date-parts":[[2017,7,13]],"date-time":"2017-07-13T11:22:58Z","timestamp":1499944978000},"page":"21-55","source":"Crossref","is-referenced-by-count":19,"title":["Another Look at Tightness II: Practical Issues in Cryptography"],"prefix":"10.1007","author":[{"given":"Sanjit","family":"Chatterjee","sequence":"first","affiliation":[]},{"given":"Neal","family":"Koblitz","sequence":"additional","affiliation":[]},{"given":"Alfred","family":"Menezes","sequence":"additional","affiliation":[]},{"given":"Palash","family":"Sarkar","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,7,14]]},"reference":[{"key":"3_CR1","doi-asserted-by":"crossref","unstructured":"Aggarwal, D., Dadush, D., Regev, O., Stephens-Davidowitz, N.: Solving the shortest vector problem in $$2^n$$ time via discrete Gaussian sampling. In: Proceedings of the 47th Annual Symposium Foundations of Computer Science, pp. 733\u2013742 (2015)","DOI":"10.1145\/2746539.2746606"},{"key":"3_CR2","doi-asserted-by":"crossref","unstructured":"Ajtai, M.: Generating hard instances of lattice problems. In: Proceedings of the 28th Annual ACM Symposium on Theory of Computing, pp. 99\u2013108. ACM (1996)","DOI":"10.1145\/237814.237838"},{"key":"3_CR3","doi-asserted-by":"crossref","unstructured":"Ajtai, M., Dwork, C.: A public-key cryptosystem with worst-case\/average-case equivalence. In: Proceedings of the 29th Annual ACM Symposium on Theory of Computing, pp. 284\u2013293. ACM (1997)","DOI":"10.1145\/258533.258604"},{"key":"3_CR4","doi-asserted-by":"crossref","first-page":"169","DOI":"10.1515\/jmc-2015-0016","volume":"9","author":"M Albrecht","year":"2015","unstructured":"Albrecht, M., Player, R., Scott, S.: On the concrete hardness of learning with errors. J. Math. Cryptol. 9, 169\u2013203 (2015)","journal-title":"J. Math. Cryptol."},{"key":"3_CR5","unstructured":"Alkim, E., Ducas, L., P\u00f6ppelmann, T., Schwabe, P.: Post-quantum key exchange - a new hope. In: Proceeding of the 25th USENIX Security Symposium, pp. 327\u2013343 (2016)"},{"key":"3_CR6","unstructured":"ANSI X9.98: Lattice-Based Polynomial Public Key Establishment Algorithm for the Financial Services Industry, Part 1: Key Establishment, Part 2: Data Encryption (2010)"},{"key":"3_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"403","DOI":"10.1007\/978-3-642-22006-7_34","volume-title":"Automata, Languages and Programming","author":"S Arora","year":"2011","unstructured":"Arora, S., Ge, R.: New algorithms for learning in presence of errors. In: Aceto, L., Henzinger, M., Sgall, J. (eds.) ICALP 2011. LNCS, vol. 6755, pp. 403\u2013415. Springer, Heidelberg (2011). doi: 10.1007\/978-3-642-22006-7_34"},{"key":"3_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/11935070_2","volume-title":"Cryptology and Network Security","author":"N Attrapadung","year":"2006","unstructured":"Attrapadung, N., Furukawa, J., Gomi, T., Hanaoka, G., Imai, H., Zhang, R.: Efficient identity-based encryption with tight security reduction. In: Pointcheval, D., Mu, Y., Chen, K. (eds.) CANS 2006. LNCS, vol. 4301, pp. 19\u201336. Springer, Heidelberg (2006). doi: 10.1007\/11935070_2"},{"key":"3_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-55220-5_1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"R Barbulescu","year":"2014","unstructured":"Barbulescu, R., Gaudry, P., Joux, A., Thom\u00e9, E.: A heuristic quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 1\u201316. Springer, Heidelberg (2014). doi: 10.1007\/978-3-642-55220-5_1"},{"key":"3_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"319","DOI":"10.1007\/11693383_22","volume-title":"Selected Areas in Cryptography","author":"PSLM Barreto","year":"2006","unstructured":"Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319\u2013331. Springer, Heidelberg (2006). doi: 10.1007\/11693383_22"},{"key":"3_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-48969-X_1","volume-title":"Lectures on Data Security","author":"M Bellare","year":"1999","unstructured":"Bellare, M.: Practice-oriented provable-security. In: Damg\u00e5rd, I.B. (ed.) EEF School 1998. LNCS, vol. 1561, pp. 1\u201315. Springer, Heidelberg (1999). doi: 10.1007\/3-540-48969-X_1"},{"key":"3_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"602","DOI":"10.1007\/11818175_36","volume-title":"Advances in Cryptology - CRYPTO 2006","author":"M Bellare","year":"2006","unstructured":"Bellare, M.: New proofs for NMAC and HMAC: security without collision-resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602\u2013619. Springer, Heidelberg (2006). doi: 10.1007\/11818175_36"},{"key":"3_CR13","unstructured":"Bellare, M.: email to N. Koblitz, 24 February 2012"},{"key":"3_CR14","doi-asserted-by":"crossref","first-page":"844","DOI":"10.1007\/s00145-014-9185-x","volume":"28","author":"M Bellare","year":"2015","unstructured":"Bellare, M.: New proofs for NMAC and HMAC: security without collision-resistance. J. Cryptol. 28, 844\u2013878 (2015)","journal-title":"J. Cryptol."},{"key":"3_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"566","DOI":"10.1007\/978-3-662-49890-3_22","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"M Bellare","year":"2016","unstructured":"Bellare, M., Bernstein, D.J., Tessaro, S.: Hash-function based PRFs: AMAC and its multi-user security. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 566\u2013595. Springer, Heidelberg (2016). doi: 10.1007\/978-3-662-49890-3_22"},{"key":"3_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1007\/3-540-45539-6_18","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2000","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Boldyreva, A., Micali, S.: Public-key encryption in a multi-user setting: security proofs and improvements. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 259\u2013274. Springer, Heidelberg (2000). doi: 10.1007\/3-540-45539-6_18 . https:\/\/cseweb.ucsd.edu\/~mihir\/papers\/musu.html"},{"key":"3_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-68697-5_1","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201996","author":"M Bellare","year":"1996","unstructured":"Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1\u201315. Springer, Heidelberg (1996). doi: 10.1007\/3-540-68697-5_1"},{"key":"3_CR18","unstructured":"Bellare, M., Canetti, R., Krawczyk, H.: Pseudorandom functions revisited: the cascade construction and its concrete security. In: Proceedings of the 37th Annual Symposium Foundations of Computer Science, pp. 514\u2013523 (1996). http:\/\/cseweb.ucsd.edu\/users\/mihir\/papers\/cascade.pdf"},{"key":"3_CR19","doi-asserted-by":"crossref","unstructured":"Bellare, M., Canetti, R., Krawczyk, H.: HMAC: keyed-hashing for message authentication, Internet RFC 2104 (1997)","DOI":"10.1007\/3-540-68697-5_1"},{"key":"3_CR20","unstructured":"Bernstein, D.: Multi-user Schnorr security, revisited. http:\/\/eprint.iacr.org\/2015\/996.pdf"},{"key":"3_CR21","doi-asserted-by":"crossref","unstructured":"Bl\u00f6mer, J., Seifert, J.: On the complexity of computing short linearly independent vectors and short bases in a lattice. In: Proceedings of the 31st Annual ACM Symposium on Theory of Computing, pp. 711\u2013720. ACM (1999)","DOI":"10.1145\/301250.301441"},{"key":"3_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"399","DOI":"10.1007\/978-3-642-00862-7_27","volume-title":"Topics in Cryptology \u2013 CT-RSA 2009","author":"A Boldyreva","year":"2009","unstructured":"Boldyreva, A.: Strengthening security of RSA-OAEP. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 399\u2013413. Springer, Heidelberg (2009). doi: 10.1007\/978-3-642-00862-7_27"},{"key":"3_CR23","doi-asserted-by":"crossref","unstructured":"Boneh, D., Boyen, X.: Efficient selective-ID secure identity based encryption without random oracles. http:\/\/eprint.iacr.org\/2004\/172.pdf","DOI":"10.1007\/978-3-540-24676-3_14"},{"key":"3_CR24","doi-asserted-by":"crossref","first-page":"586","DOI":"10.1137\/S0097539701398521","volume":"32","author":"D Boneh","year":"2003","unstructured":"Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM J. Comput. 32, 586\u2013615 (2003)","journal-title":"SIAM J. Comput."},{"key":"3_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"280","DOI":"10.1007\/978-3-642-42045-0_15","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"D Boneh","year":"2013","unstructured":"Boneh, D., Waters, B.: Constrained pseudorandom functions and their applications. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 280\u2013300. Springer, Heidelberg (2013). doi: 10.1007\/978-3-642-42045-0_15"},{"key":"3_CR26","doi-asserted-by":"crossref","unstructured":"Bos, J., Costello, C., Naehrig, M., Stebila, D.: Post-quantum key exchange for the TLS protocol from the ring learning with errors problem. In: Proceedings of the 2015 IEEE Symposium on Security and Privacy, pp. 553\u2013570 (2015)","DOI":"10.1109\/SP.2015.40"},{"key":"3_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/978-3-642-28496-0_18","volume-title":"Selected Areas in Cryptography","author":"S Chatterjee","year":"2012","unstructured":"Chatterjee, S., Menezes, A., Sarkar, P.: Another look at tightness. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 293\u2013319. Springer, Heidelberg (2012). doi: 10.1007\/978-3-642-28496-0_18"},{"key":"3_CR28","doi-asserted-by":"crossref","unstructured":"Chen, L.: Recommendation for key derivation using pseudorandom functions (revised), NIST SP 800\u2013108 (2009)","DOI":"10.6028\/NIST.SP.800-108"},{"key":"3_CR29","doi-asserted-by":"crossref","unstructured":"Chen, L.: Recommendation for key derivation through extraction-then-expansion, NIST SP 800\u201356C (2011)","DOI":"10.6028\/NIST.SP.800-56c"},{"key":"3_CR30","doi-asserted-by":"crossref","first-page":"587","DOI":"10.1109\/TIT.1984.1056941","volume":"30","author":"D Coppersmith","year":"1984","unstructured":"Coppersmith, D.: Fast evaluation of logarithms in fields of characteristic two. IEEE Trans. Inf. Theory 30, 587\u2013594 (1984)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"3_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/BFb0055717","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201998","author":"R Cramer","year":"1998","unstructured":"Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13\u201325. Springer, Heidelberg (1998). doi: 10.1007\/BFb0055717"},{"key":"3_CR32","doi-asserted-by":"crossref","first-page":"167","DOI":"10.1137\/S0097539702403773","volume":"33","author":"R Cramer","year":"2003","unstructured":"Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33, 167\u2013226 (2003)","journal-title":"SIAM J. Comput."},{"key":"3_CR33","doi-asserted-by":"crossref","unstructured":"Dang, Q.: Recommendation for applications using approved hash algorithms, NIST SP 800\u2013107 (2012)","DOI":"10.6028\/NIST.SP.800-107r1"},{"key":"3_CR34","doi-asserted-by":"crossref","unstructured":"Dierks, T., Allen, C.: The TLS protocol, Internet RFC 2246 (1999)","DOI":"10.17487\/rfc2246"},{"key":"3_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1007\/978-3-319-10879-7_7","volume-title":"Security and Cryptography for Networks","author":"G Fuchsbauer","year":"2014","unstructured":"Fuchsbauer, G.: Constrained verifiable random functions. In: Abdalla, M., Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 95\u2013114. Springer, Cham (2014). doi: 10.1007\/978-3-319-10879-7_7"},{"key":"3_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"537","DOI":"10.1007\/3-540-48405-1_34","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 99","author":"E Fujisaki","year":"1999","unstructured":"Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537\u2013554. Springer, Heidelberg (1999). doi: 10.1007\/3-540-48405-1_34"},{"key":"3_CR37","doi-asserted-by":"crossref","first-page":"263","DOI":"10.1016\/S0020-0190(01)00338-6","volume":"83","author":"S Galbraith","year":"2002","unstructured":"Galbraith, S., Malone-Lee, J., Smart, N.: Public key signatures in the multi-user setting. Inf. Process. Lett. 83, 263\u2013266 (2002)","journal-title":"Inf. Process. Lett."},{"key":"3_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"791","DOI":"10.1007\/11523468_64","volume-title":"Automata, Languages and Programming","author":"D Galindo","year":"2005","unstructured":"Galindo, D.: Boneh-Franklin identity based encryption revisited. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 791\u2013802. Springer, Heidelberg (2005). doi: 10.1007\/11523468_64"},{"key":"3_CR39","doi-asserted-by":"crossref","unstructured":"Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. http:\/\/eprint.iacr.org\/2013\/451.pdf","DOI":"10.1109\/FOCS.2013.13"},{"key":"3_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"113","DOI":"10.1007\/978-3-662-44371-2_7","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"P Ga\u017ei","year":"2014","unstructured":"Ga\u017ei, P., Pietrzak, K., Ryb\u00e1r, M.: The exact PRF-security of NMAC and HMAC. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 113\u2013130. Springer, Heidelberg (2014). doi: 10.1007\/978-3-662-44371-2_7"},{"key":"3_CR41","doi-asserted-by":"crossref","first-page":"540","DOI":"10.1006\/jcss.1999.1686","volume":"60","author":"O Goldreich","year":"2000","unstructured":"Goldreich, O., Goldwasser, S.: On the limits of nonapproximability of lattice problems. J. Comput. Syst. Sci. 60, 540\u2013563 (2000)","journal-title":"J. Comput. Syst. Sci."},{"key":"3_CR42","unstructured":"Goldwasser, S., Bellare, M.: Lecture Notes on Cryptography, July 2008. http:\/\/cseweb.ucsd.edu\/mihir\/papers\/gb.pdf"},{"key":"3_CR43","doi-asserted-by":"crossref","unstructured":"Goldwasser, S., Kalai, Y.: Cryptographic assumptions: a position paper. http:\/\/eprint.iacr.org\/2015\/907.pdf","DOI":"10.1007\/978-3-662-49096-9_21"},{"key":"3_CR44","doi-asserted-by":"crossref","first-page":"270","DOI":"10.1016\/0022-0000(84)90070-9","volume":"28","author":"S Goldwasser","year":"1984","unstructured":"Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28, 270\u2013299 (1984)","journal-title":"J. Comput. Syst. Sci."},{"key":"3_CR45","doi-asserted-by":"crossref","unstructured":"Harkins, D., Carrel, D.: The internet key exchange (IKE), Internet RFC 2409 (1998)","DOI":"10.17487\/rfc2409"},{"key":"3_CR46","doi-asserted-by":"publisher","first-page":"349","DOI":"10.1007\/978-3-642-02295-1_11","volume-title":"The LLL Algorithm","author":"J Hoffstein","year":"2010","unstructured":"Hoffstein, J., Howgrave-Graham, N., Pipher, J., Whyte, W.: Practical lattice-based cryptography: NTRUEncrypt and NTRUSign. In: Vall\u00e9e, B., Nguyen, P.Q. (eds.) The LLL Algorithm, pp. 349\u2013390. Springer, Heidelberg (2010). doi: 10.1007\/978-3-642-02295-1_11"},{"key":"3_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/BFb0054868","volume-title":"Algorithmic Number Theory","author":"J Hoffstein","year":"1998","unstructured":"Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267\u2013288. Springer, Heidelberg (1998). doi: 10.1007\/BFb0054868"},{"key":"3_CR48","unstructured":"IEEE 1363.1: Standard Specification for Public Key Cryptographic Techniques Based on Hard Problems over Lattices (2008)"},{"key":"3_CR49","doi-asserted-by":"crossref","DOI":"10.1201\/9781420010756","volume-title":"Introduction to Modern Cryptography","author":"J Katz","year":"2007","unstructured":"Katz, J., Lindell, Y.: Introduction to Modern Cryptography. Chapman and Hall\/CRC, London (2007)"},{"key":"3_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-662-53008-5_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"E Kiltz","year":"2016","unstructured":"Kiltz, E., Masny, D., Pan, J.: Optimal security proofs for signatures from identification schemes. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 33\u201361. Springer, Heidelberg (2016). doi: 10.1007\/978-3-662-53008-5_2"},{"key":"3_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"543","DOI":"10.1007\/978-3-662-53018-4_20","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"T Kim","year":"2016","unstructured":"Kim, T., Barbulescu, R.: Extended tower number field sieve: a new complexity for the medium prime case. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 543\u2013571. Springer, Heidelberg (2016). doi: 10.1007\/978-3-662-53018-4_20"},{"key":"3_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"148","DOI":"10.1007\/11941378_12","volume-title":"Progress in Cryptology - INDOCRYPT 2006","author":"N Koblitz","year":"2006","unstructured":"Koblitz, N., Menezes, A.: Another look at \u201cprovable security\u201d. II. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 148\u2013175. Springer, Heidelberg (2006). doi: 10.1007\/11941378_12"},{"key":"3_CR53","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1007\/s00145-005-0432-z","volume":"20","author":"N Koblitz","year":"2007","unstructured":"Koblitz, N., Menezes, A.: Another look at \u2018provable security\u2019. J. Cryptol. 20, 3\u201337 (2007)","journal-title":"J. Cryptol."},{"key":"3_CR54","doi-asserted-by":"crossref","first-page":"225","DOI":"10.1515\/jmc-2013-5004","volume":"7","author":"N Koblitz","year":"2013","unstructured":"Koblitz, N., Menezes, A.: Another look at HMAC. J. Math. Cryptol. 7, 225\u2013251 (2013)","journal-title":"J. Math. Cryptol."},{"key":"3_CR55","doi-asserted-by":"crossref","first-page":"117","DOI":"10.1515\/gcc-2013-0008","volume":"5","author":"N Koblitz","year":"2013","unstructured":"Koblitz, N., Menezes, A.: Another look at non-uniformity. Groups Complex. Cryptol. 5, 117\u2013139 (2013)","journal-title":"Groups Complex. Cryptol."},{"key":"3_CR56","doi-asserted-by":"crossref","first-page":"1","DOI":"10.3934\/amc.2013.7.1","volume":"7","author":"N Koblitz","year":"2013","unstructured":"Koblitz, N., Menezes, A.: Another look at security definitions. Adv. Math. Commun. 7, 1\u201338 (2013)","journal-title":"Adv. Math. Commun."},{"key":"3_CR57","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-319-10683-0_4","volume-title":"Open Problems in Mathematics and Computational Science","author":"N Koblitz","year":"2014","unstructured":"Koblitz, N., Menezes, A.: Another look at security theorems for 1-key nested MACs. In: Ko\u00e7, \u00c7.K. (ed.) Open Problems in Mathematics and Computational Science, pp. 69\u201389. Springer, Cham (2014). doi: 10.1007\/978-3-319-10683-0_4"},{"key":"3_CR58","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1109\/MSP.2016.120","volume":"14","author":"N Koblitz","year":"2016","unstructured":"Koblitz, N., Menezes, A.: A riddle wrapped in an enigma. IEEE Secur. Priv. 14, 34\u201342 (2016)","journal-title":"IEEE Secur. Priv."},{"key":"3_CR59","doi-asserted-by":"crossref","unstructured":"Krawczyk, H., Eronen, P.: HMAC-based extract-and-expand key derivation function (HKDF), Internet RFC 5869 (2010)","DOI":"10.17487\/rfc5869"},{"key":"3_CR60","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"631","DOI":"10.1007\/978-3-642-14623-7_34","volume-title":"Advances in Cryptology \u2013 CRYPTO 2010","author":"H Krawczyk","year":"2010","unstructured":"Krawczyk, H.: Cryptographic extraction and key derivation: the HKDF scheme. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 631\u2013648. Springer, Heidelberg (2010). doi: 10.1007\/978-3-642-14623-7_34"},{"key":"3_CR61","doi-asserted-by":"crossref","first-page":"375","DOI":"10.1007\/s10623-015-0067-5","volume":"77","author":"T Laarhoven","year":"2015","unstructured":"Laarhoven, T., Mosca, M., van de Pol, J.: Finding shortest lattice vectors faster using quantum search. Des. Codes Crypt. 77, 375\u2013400 (2015)","journal-title":"Des. Codes Crypt."},{"key":"3_CR62","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1007\/978-3-540-71039-4_4","volume-title":"Fast Software Encryption","author":"V Lyubashevsky","year":"2008","unstructured":"Lyubashevsky, V., Micciancio, D., Peikert, C., Rosen, A.: SWIFFT: a modest proposal for FFT hashing. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 54\u201372. Springer, Heidelberg (2008). doi: 10.1007\/978-3-540-71039-4_4"},{"key":"3_CR63","doi-asserted-by":"crossref","first-page":"43:1","DOI":"10.1145\/2535925","volume":"60","author":"V Lyubashevsky","year":"2013","unstructured":"Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices, learning with errors over rings. J. ACM 60, 43:1\u201343:35 (2013)","journal-title":"J. ACM"},{"key":"3_CR64","doi-asserted-by":"crossref","unstructured":"Menezes, A.: Another look at provable security, Invited talk at Eurocrypt 2012. http:\/\/www.cs.bris.ac.uk\/eurocrypt2012\/Program\/Weds\/Menezes.pdf","DOI":"10.1007\/978-3-642-29011-4_2"},{"key":"3_CR65","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4615-0897-7","volume-title":"Complexity of Lattice Problems: A Cryptographic Perspective","author":"D Micciancio","year":"2002","unstructured":"Micciancio, D., Goldwasser, S.: Complexity of Lattice Problems: A Cryptographic Perspective. Springer, New York (2002). doi: 10.1007\/978-1-4615-0897-7"},{"key":"3_CR66","doi-asserted-by":"crossref","unstructured":"M\u2019Raihi, D., Bellare, M., Hoornaert, F., Naccache, D., Ranen, O.: HOTP: an HMAC-based one time password algorithm, Internet RFC 4226 (2005)","DOI":"10.17487\/rfc4226"},{"key":"3_CR67","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1007\/978-3-319-11659-4_12","volume-title":"Post-Quantum Cryptography","author":"C Peikert","year":"2014","unstructured":"Peikert, C.: Lattice cryptography for the internet. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 197\u2013219. Springer, Cham (2014). doi: 10.1007\/978-3-319-11659-4_12"},{"key":"3_CR68","unstructured":"Peikert, C.: 19 February 2015 blog posting. http:\/\/web.eecs.umich.edu\/~cpeikert\/soliloquy.html"},{"key":"3_CR69","doi-asserted-by":"crossref","unstructured":"Peikert, C.: A decade of lattice cryptography. http:\/\/eprint.iacr.org\/2015\/939","DOI":"10.1561\/9781680831139"},{"key":"3_CR70","unstructured":"Pietrzak, K.: A closer look at HMAC. http:\/\/eprint.iacr.org\/2013\/212.pdf"},{"key":"3_CR71","doi-asserted-by":"crossref","first-page":"34:1","DOI":"10.1145\/1568318.1568324","volume":"56","author":"O Regev","year":"2009","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, cryptography. J. ACM 56, 34:1\u201334:40 (2009)","journal-title":"J. ACM"},{"key":"3_CR72","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"688","DOI":"10.1007\/3-540-46885-4_68","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201989","author":"CP Schnorr","year":"1990","unstructured":"Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 688\u2013689. Springer, Heidelberg (1990). doi: 10.1007\/3-540-46885-4_68"},{"key":"3_CR73","unstructured":"Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. http:\/\/eprint.iacr.org\/2004\/332.pdf"},{"key":"3_CR74","unstructured":"Shoup, V.: ISO\/IEC 18033\u20132:2006, Information Technology \u2013 Security Techniques \u2013 Encryption Algorithms \u2013 Part 2: Asymmetric Ciphers (2006). http:\/\/www.shoup.net\/iso\/std6.pdf"},{"key":"3_CR75","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/978-3-642-20465-4_4","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2011","author":"D Stehl\u00e9","year":"2011","unstructured":"Stehl\u00e9, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 27\u201347. Springer, Heidelberg (2011). doi: 10.1007\/978-3-642-20465-4_4"},{"key":"3_CR76","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/3-540-45708-9_7","volume-title":"Advances in Cryptology \u2014 CRYPTO 2002","author":"J Stern","year":"2002","unstructured":"Stern, J., Pointcheval, D., Malone-Lee, J., Smart, N.P.: Flaws in applying proof methodologies to signature schemes. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 93\u2013110. Springer, Heidelberg (2002). doi: 10.1007\/3-540-45708-9_7"},{"key":"3_CR77","unstructured":"Zaverucha, G.M.: Hybrid encryption in the multi-user setting. http:\/\/eprint.iacr.org\/2012\/159.pdf"},{"key":"3_CR78","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1007\/11599548_3","volume-title":"Information Security and Cryptology","author":"R Zhang","year":"2005","unstructured":"Zhang, R., Imai, H.: Improvements on security proofs of some identity based encryption schemes. In: Feng, D., Lin, D., Yung, M. (eds.) CISC 2005. LNCS, vol. 3822, pp. 28\u201341. Springer, Heidelberg (2005). doi: 10.1007\/11599548_3"}],"container-title":["Lecture Notes in Computer Science","Paradigms in Cryptology \u2013 Mycrypt 2016. Malicious and Exploratory Cryptology"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-61273-7_3","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,22]],"date-time":"2025-06-22T11:58:24Z","timestamp":1750593504000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-61273-7_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319612720","9783319612737"],"references-count":78,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-61273-7_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]}}}