{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,19]],"date-time":"2026-05-19T14:51:08Z","timestamp":1779202268278,"version":"3.51.4"},"publisher-location":"Singapore","reference-count":45,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819550982","type":"print"},{"value":"9789819550999","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,12,8]],"date-time":"2025-12-08T00:00:00Z","timestamp":1765152000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,12,8]],"date-time":"2025-12-08T00:00:00Z","timestamp":1765152000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-981-95-5099-9_14","type":"book-chapter","created":{"date-parts":[[2025,12,7]],"date-time":"2025-12-07T11:38:11Z","timestamp":1765107491000},"page":"428-460","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Lattice-Based Multi-message Multi-recipient KEM\/PKE with\u00a0Malicious Security"],"prefix":"10.1007","author":[{"given":"Zeyu","family":"Liu","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Katerina","family":"Sotiraki","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eran","family":"Tromer","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yunhao","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,12,8]]},"reference":[{"key":"14_CR1","doi-asserted-by":"publisher","unstructured":"Agrawal, S., Kirshanova, E., Stehl\u00e9, D., Yadav, A.: Practical, round-optimal lattice-based blind signatures. In: Yin, H., Stavrou, A., Cremers, C., Shi, E. (eds.) ACM CCS 2022, pp. 39\u201353. ACM Press, Los Angeles (2022). https:\/\/doi.org\/10.1145\/3548606.3560650","DOI":"10.1145\/3548606.3560650"},{"key":"14_CR2","unstructured":"Alwen, J., Hartmann, D., Kiltz, E., Mularczyk, M., Schwabe, P.: Post-quantum multi-recipient public key encryption. Cryptology ePrint Archive, Report 2022\/1046 (2022). https:\/\/eprint.iacr.org\/2022\/1046"},{"key":"14_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"483","DOI":"10.1007\/978-3-642-29011-4_29","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"G Asharov","year":"2012","unstructured":"Asharov, G., Jain, A., L\u00f3pez-Alt, A., Tromer, E., Vaikuntanathan, V., Wichs, D.: Multiparty computation with low communication, computation and interaction via threshold FHE. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 483\u2013501. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_29"},{"key":"14_CR4","doi-asserted-by":"crossref","unstructured":"Barnes, R., Beurdouche, B., Robert, R., Millican, J., Omara, E., Cohn-Gordon, K.: The messaging layer security (MLS) protocol. RFC 9420 (2023). https:\/\/www.rfc-editor.org\/info\/rfc9420","DOI":"10.17487\/RFC9420"},{"key":"14_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"566","DOI":"10.1007\/3-540-45682-1_33","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 2001","author":"M Bellare","year":"2001","unstructured":"Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-privacy in public-key encryption. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 566\u2013582. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45682-1_33"},{"issue":"11","key":"14_CR6","doi-asserted-by":"publisher","first-page":"3927","DOI":"10.1109\/TIT.2007.907471","volume":"53","author":"M Bellare","year":"2007","unstructured":"Bellare, M., Boldyreva, A., Kurosawa, K., Staddon, J.: Multirecipient encryption schemes: how to save on bandwidth and computation without sacrificing security. IEEE Trans. Inf. Theory 53(11), 3927\u20133943 (2007). https:\/\/doi.org\/10.1109\/TIT.2007.907471","journal-title":"IEEE Trans. Inf. Theory"},{"key":"14_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/3-540-36288-6_7","volume-title":"Public Key Cryptography \u2014 PKC 2003","author":"M Bellare","year":"2003","unstructured":"Bellare, M., Boldyreva, A., Staddon, J.: Randomness re-use in multi-recipient encryption schemeas. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 85\u201399. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36288-6_7"},{"issue":"3","key":"14_CR8","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1007\/s00145-002-0120-1","volume":"16","author":"M Bellare","year":"2003","unstructured":"Bellare, M., Namprempre, C., Pointcheval, D., Semanko, M.: The one-more-RSA-inversion problems and the security of Chaum\u2019s blind signature scheme. J. Cryptol. 16(3), 185\u2013215 (2003). https:\/\/doi.org\/10.1007\/s00145-002-0120-1","journal-title":"J. Cryptol."},{"key":"14_CR9","doi-asserted-by":"crossref","unstructured":"Benz, L., Beskorovajnov, W., Eilebrecht, S., Gr\u00f6ll, R., M\u00fcller, M., M\u00fcller-Quade, J.: Chosen-ciphertext secure dual-receiver encryption in the standard model based on post-quantum assumptions. Cryptology ePrint Archive, Paper 2024\/094 (2024). https:\/\/eprint.iacr.org\/2024\/094","DOI":"10.1007\/978-3-031-57728-4_9"},{"key":"14_CR10","unstructured":"Bertrand, J.: M\u00e9moire sur le nombre de valeurs que peut prendre une fonction: quand on y permute les lettres qu\u2019elle renferme. Bachelier (1845)"},{"key":"14_CR11","doi-asserted-by":"publisher","unstructured":"Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again. In: Goldwasser, S. (ed.) ITCS 2012, pp. 326\u2013349. ACM, Cambridge (2012). https:\/\/doi.org\/10.1145\/2090236.2090263","DOI":"10.1145\/2090236.2090263"},{"key":"14_CR12","doi-asserted-by":"publisher","unstructured":"Bos, J., et al.: Crystals - kyber: a CCA-secure module-lattice-based kem. In: 2018 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 353\u2013367 (2018). https:\/\/doi.org\/10.1109\/EuroSP.2018.00032","DOI":"10.1109\/EuroSP.2018.00032"},{"key":"14_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1007\/978-3-030-57990-6_16","volume-title":"Security and Cryptography for Networks","author":"X Boyen","year":"2020","unstructured":"Boyen, X., Izabach\u00e8ne, M., Li, Q.: A simple and efficient CCA-secure lattice KEM in the standard model. In: Galdi, C., Kolesnikov, V. (eds.) SCN 2020. LNCS, vol. 12238, pp. 321\u2013337. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-57990-6_16"},{"key":"14_CR14","doi-asserted-by":"crossref","unstructured":"Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. In: ITCS 2012 (2012)","DOI":"10.1145\/2090236.2090262"},{"key":"14_CR15","unstructured":"Brown, D.R.L., Gallant, R.P.: The static Diffie-Hellman problem (2004). http:\/\/eprint.iacr.org\/2004\/306. Submitted to Eurocrypt 2005 (preliminary version) dbrown@certicom.com 12958 received 15 Nov 2004, Accessed 24 Jun 2005"},{"key":"14_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/978-3-319-04852-9_5","volume-title":"Topics in Cryptology \u2013 CT-RSA 2014","author":"SSM Chow","year":"2014","unstructured":"Chow, S.S.M., Franklin, M., Zhang, H.: Practical dual-receiver encryption. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 85\u2013105. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-04852-9_5"},{"key":"14_CR17","doi-asserted-by":"crossref","unstructured":"Christ, M., Gunn, S.: Pseudorandom error-correcting codes. In: CRYPTO 2024 (2024). https:\/\/eprint.iacr.org\/2024\/235","DOI":"10.1007\/978-3-031-68391-6_10"},{"key":"14_CR18","unstructured":"Chu, H., Wang, X., Jia, Y.: Private signaling secure against actively corrupted servers. Cryptology ePrint Archive, Paper 2025\/1056 (2025). https:\/\/eprint.iacr.org\/2025\/1056"},{"key":"14_CR19","unstructured":"Curtis, B., et al.: Security estimates for the learning with errors problem. https:\/\/bitbucket.org\/malb\/lwe-estimator\/src\/master\/"},{"key":"14_CR20","doi-asserted-by":"crossref","unstructured":"Diament, T., Lee, H.K., Keromytis, A.D., Yung, M.: The dual receiver cryptosystem and its applications. In: Atluri, V., Pfitzmann, B., McDaniel, P. (eds.) ACM CCS 2004, pp. 330\u2013343. ACM Press, Washington (2004)","DOI":"10.1145\/1030083.1030128"},{"key":"14_CR21","unstructured":"Module-lattice-based key-encapsulation mechanism standard (2024). https:\/\/csrc.nist.gov\/pubs\/fips\/203\/ipd"},{"issue":"1","key":"14_CR22","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1007\/s00145-011-9114-1","volume":"26","author":"E Fujisaki","year":"2013","unstructured":"Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. J. Cryptol. 26(1), 80\u2013101 (2013)","journal-title":"J. Cryptol."},{"key":"14_CR23","doi-asserted-by":"crossref","unstructured":"Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Dwork, C. (ed.) Proceedings of the 40th Annual ACM Symposium on Theory of Computing, Victoria, British Columbia, Canada, 17\u201320 May 2008, pp. 197\u2013206. ACM (2008)","DOI":"10.1145\/1374376.1374407"},{"issue":"1","key":"14_CR24","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1137\/0218012","volume":"18","author":"S Goldwasser","year":"1989","unstructured":"Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18(1), 186\u2013208 (1989)","journal-title":"SIAM J. Comput."},{"key":"14_CR25","doi-asserted-by":"crossref","unstructured":"Hashimoto, K., Katsumata, S., Postlethwaite, E., Prest, T., Westerbaan, B.: A concrete treatment of efficient continuous group key agreement via multi-recipient PKEs. In: Vigna, G., Shi, E. (eds.) ACM CCS 2021, pp. 1441\u20131462. ACM Press, Virtual Event, Republic of Korea (2021)","DOI":"10.1145\/3460120.3484817"},{"key":"14_CR26","doi-asserted-by":"crossref","unstructured":"Jia, Y., Madathil, V., Kate, A.: HomeRun: high-efficiency oblivious message retrieval, unrestricted. In: CCS 2024 (2024). https:\/\/eprint.iacr.org\/2024\/188","DOI":"10.1145\/3658644.3670381"},{"key":"14_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1007\/978-3-030-64837-4_10","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2020","author":"S Katsumata","year":"2020","unstructured":"Katsumata, S., Kwiatkowski, K., Pintore, F., Prest, T.: Scalable ciphertext compression techniques for post-quantum KEMs and their applications. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020, Part I. LNCS, vol. 12491, pp. 289\u2013320. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64837-4_10"},{"issue":"6","key":"14_CR28","doi-asserted-by":"publisher","first-page":"1767","DOI":"10.1137\/08073408X","volume":"40","author":"KS Kedlaya","year":"2011","unstructured":"Kedlaya, K.S., Umans, C.: Fast polynomial factorization and modular composition. SIAM J. Comput. 40(6), 1767\u20131802 (2011). https:\/\/doi.org\/10.1137\/08073408X","journal-title":"SIAM J. Comput."},{"key":"14_CR29","doi-asserted-by":"publisher","unstructured":"Kim, D., Lee, D., Seo, J., Song, Y.: Toward practical lattice-based proof of knowledge from hint-MLWE. In: Handschuh, H., Lysyanskaya, A. (eds.) CRYPTO\u00a02023, Part\u00a0V. LNCS, vol. 14085, pp. 549\u2013580. Springer, Heidelberg (2023). https:\/\/doi.org\/10.1007\/978-3-031-38554-4_18","DOI":"10.1007\/978-3-031-38554-4_18"},{"key":"14_CR30","doi-asserted-by":"publisher","unstructured":"Kolesnikov, V., Kumaresan, R., Rosulek, M., Trieu, N.: Efficient batched oblivious PRF with applications to private set intersection. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016, pp. 818\u2013829. ACM Press, Vienna (2016). https:\/\/doi.org\/10.1145\/2976749.2978381","DOI":"10.1145\/2976749.2978381"},{"key":"14_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1007\/3-540-45664-3_4","volume-title":"Public Key Cryptography","author":"K Kurosawa","year":"2002","unstructured":"Kurosawa, K.: Multi-recipient public-key encryption with shortened ciphertext. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 48\u201363. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45664-3_4"},{"key":"14_CR32","unstructured":"Lee, K., Yeo, Y.: SophOMR: improved oblivious message retrieval from SIMD-aware homomorphic compression. Cryptology ePrint Archive, Report 2024\/1814 (2024). https:\/\/eprint.iacr.org\/2024\/1814"},{"key":"14_CR33","unstructured":"Lin, W.K., Mook, E., Wichs, D.: Doubly efficient private information retrieval and fully homomorphic RAM computation from ring LWE. Cryptology ePrint Archive, Paper 2022\/1703 (2022). https:\/\/eprint.iacr.org\/2022\/1703"},{"key":"14_CR34","doi-asserted-by":"publisher","unstructured":"Liu, Z., Sotiraki, K., Tromer, E., Wang, Y.: Snake-eye resistant PKE from LWE for oblivious message retrieval and robust encryption. In: EUROCRYPT\u00a02025, Part\u00a0III. LNCS, pp. 126\u2013156. Springer, Cham (2025). https:\/\/doi.org\/10.1007\/978-3-031-91131-6_5","DOI":"10.1007\/978-3-031-91131-6_5"},{"key":"14_CR35","doi-asserted-by":"publisher","unstructured":"Liu, Z., Tromer, E.: Oblivious message retrieval. In: Dodis, Y., Shrimpton, T. (eds.) CRYPTO 2022. LNCS, vol. 13507, pp. 753\u2013783. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-15802-5_26. Full version: Cryptology ePrint Archive 2021; internal citations follow the latter\u2019s numbering","DOI":"10.1007\/978-3-031-15802-5_26"},{"key":"14_CR36","doi-asserted-by":"crossref","unstructured":"Liu, Z., Tromer, E., Wang, Y.: Group oblivious message retrieval. Cryptology ePrint Archive (2023)","DOI":"10.1007\/978-3-031-15802-5_26"},{"key":"14_CR37","doi-asserted-by":"crossref","unstructured":"Liu, Z., Tromer, E., Wang, Y.: PerfOMR: oblivious message retrieval with reduced communication and computation. In: USENIX Security 2024. USENIX Association (2024). https:\/\/www.usenix.org\/conference\/usenixsecurity24\/presentation\/liu-zeyu","DOI":"10.1109\/SP54263.2024.00115"},{"key":"14_CR38","doi-asserted-by":"crossref","unstructured":"Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. J. ACM (2013)","DOI":"10.1145\/2535925"},{"key":"14_CR39","doi-asserted-by":"publisher","unstructured":"Masny, D., Rindal, P.: Endemic oblivious transfer. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 309\u2013326. ACM Press, London (2019). https:\/\/doi.org\/10.1145\/3319535.3354210","DOI":"10.1145\/3319535.3354210"},{"key":"14_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"700","DOI":"10.1007\/978-3-642-29011-4_41","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"D Micciancio","year":"2012","unstructured":"Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700\u2013718. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_41"},{"issue":"6","key":"14_CR41","doi-asserted-by":"publisher","first-page":"1803","DOI":"10.1137\/080733954","volume":"40","author":"C Peikert","year":"2011","unstructured":"Peikert, C., Waters, B.: Lossy trapdoor functions and their applications. SIAM J. Comput. 40(6), 1803\u20131844 (2011). https:\/\/doi.org\/10.1137\/080733954","journal-title":"SIAM J. Comput."},{"key":"14_CR42","doi-asserted-by":"crossref","unstructured":"Pinto, A., Poettering, B., Schuldt, J.C.N.: Multi-recipient encryption, revisited. In: Moriai, S., Jaeger, T., Sakurai, K. (eds.) ASIACCS 2014, pp. 229\u2013238. ACM Press, Kyoto (2014)","DOI":"10.1145\/2590296.2590329"},{"key":"14_CR43","doi-asserted-by":"crossref","unstructured":"Pinto, A., Poettering, B., Schuldt, J.C.: Multi-recipient encryption, revisited. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, ASIA CCS 2014. Association for Computing Machinery, New York (2014)","DOI":"10.1145\/2590296.2590329"},{"key":"14_CR44","unstructured":"Zama: TFHE-rs: a pure rust implementation of the TFHE scheme for Boolean and integer arithmetics over encrypted data (2022). https:\/\/github.com\/zama-ai\/tfhe-rs"},{"key":"14_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"520","DOI":"10.1007\/978-3-319-93638-3_30","volume-title":"Information Security and Privacy","author":"D Zhang","year":"2018","unstructured":"Zhang, D., Zhang, K., Li, B., Lu, X., Xue, H., Li, J.: Lattice-based dual receiver encryption and more. In: Susilo, W., Yang, G. (eds.) ACISP 2018. LNCS, vol. 10946, pp. 520\u2013538. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-93638-3_30"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2025"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-95-5099-9_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,9]],"date-time":"2026-02-09T17:49:06Z","timestamp":1770659346000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-95-5099-9_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,8]]},"ISBN":["9789819550982","9789819550999"],"references-count":45,"URL":"https:\/\/doi.org\/10.1007\/978-981-95-5099-9_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,12,8]]},"assertion":[{"value":"8 December 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Melbourne, VIC","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Australia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 December 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 December 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}