{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,10]],"date-time":"2026-02-10T14:05:14Z","timestamp":1770732314631,"version":"3.49.0"},"publisher-location":"Singapore","reference-count":39,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819550982","type":"print"},{"value":"9789819550999","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,12,8]],"date-time":"2025-12-08T00:00:00Z","timestamp":1765152000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,12,8]],"date-time":"2025-12-08T00:00:00Z","timestamp":1765152000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-981-95-5099-9_2","type":"book-chapter","created":{"date-parts":[[2025,12,7]],"date-time":"2025-12-07T11:38:05Z","timestamp":1765107485000},"page":"34-64","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["On the\u00a0Provable Dual Attack for\u00a0LWE by\u00a0Modulus Switching"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1684-0819","authenticated-orcid":false,"given":"Hongyuan","family":"Qu","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6200-3264","authenticated-orcid":false,"given":"Guangwu","family":"Xu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,12,8]]},"reference":[{"key":"2_CR1","doi-asserted-by":"publisher","unstructured":"Aggarwal, D., Dadush, D., Regev, O., Stephens-Davidowitz, N.: Solving the shortest vector problem in $$2^n$$ time using discrete gaussian sampling: extended abstract. In: Proceedings of the Forty-Seventh Annual ACM Symposium on Theory of Computing, pp. 733\u2013742. STOC \u201915, Association for Computing Machinery, New York, NY, USA (2015), https:\/\/doi.org\/10.1145\/2746539.2746606","DOI":"10.1145\/2746539.2746606"},{"issue":"5","key":"2_CR2","doi-asserted-by":"publisher","first-page":"749","DOI":"10.1145\/1089023.1089025","volume":"52","author":"D Aharonov","year":"2005","unstructured":"Aharonov, D., Regev, O.: Lattice problems in NP $$\\cap $$ coNP. J. ACM 52(5), 749\u2013765 (2005). https:\/\/doi.org\/10.1145\/1089023.1089025","journal-title":"J. ACM"},{"key":"2_CR3","doi-asserted-by":"publisher","unstructured":"Albrecht, M.R., Gheorghiu, V., Postlethwaite, E.W., Schanck, J.M.: Estimating quantum speedups for lattice sieves. In: Moriai, S., Wang, H. (eds.) Advances in Cryptology \u2013 ASIACRYPT 2020, pp. 583\u2013613. Springer International Publishing, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64834-3_20","DOI":"10.1007\/978-3-030-64834-3_20"},{"key":"2_CR4","doi-asserted-by":"publisher","unstructured":"Albrecht, M.R., Player, R., Scott, S.: On the concrete hardness of learning with errors. J. Math. Cryptol. 9(3), 169\u2013203 (2015). https:\/\/doi.org\/10.1515\/jmc-2015-0016","DOI":"10.1515\/jmc-2015-0016"},{"key":"2_CR5","doi-asserted-by":"publisher","first-page":"625","DOI":"10.1007\/BF01445125","volume":"296","author":"W Banaszczyk","year":"1993","unstructured":"Banaszczyk, W.: New bounds in some transference theorems in the geometry of numbers. Math. Ann. 296, 625\u2013635 (1993)","journal-title":"Math. Ann."},{"key":"2_CR6","doi-asserted-by":"crossref","unstructured":"Becker, A., Ducas, L., Gama, N., Laarhoven, T.: New directions in nearest neighbor searching with applications to lattice sieving. In: Proceedings of the Twenty-Seventh Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 10\u201324. SODA \u201916, Society for Industrial and Applied Mathematics, USA (2016)","DOI":"10.1137\/1.9781611974331.ch2"},{"key":"2_CR7","doi-asserted-by":"publisher","unstructured":"Bos, J., et al.: CRYSTALS - Kyber: A CCA-secure module-lattice-based KEM. In: 2018 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 353\u2013367 (2018). https:\/\/doi.org\/10.1109\/EuroSP.2018.00032","DOI":"10.1109\/EuroSP.2018.00032"},{"key":"2_CR8","doi-asserted-by":"publisher","unstructured":"Brakerski, Z.: Fully homomorphic encryption without modulus switching from classical GapSVP. In: Safavi-Naini, R., Canetti, R. (eds.) Advances in Cryptology \u2013 CRYPTO 2012. pp. 868\u2013886. Springer Berlin Heidelberg, Berlin, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32009-5_50","DOI":"10.1007\/978-3-642-32009-5_50"},{"key":"2_CR9","doi-asserted-by":"publisher","unstructured":"Carrier, K., Debris-Alazard, T., Meyer-Hilfiger, C., Tillich, J.P.: Statistical Decoding 2.0: Reducing Decoding to LPN. In: Agrawal, S., Lin, D. (eds.) Advances in Cryptology \u2013 ASIACRYPT 2022. pp. 477\u2013507. Springer Nature Switzerland, Cham (2022), https:\/\/doi.org\/10.1007\/978-3-031-22972-5_17","DOI":"10.1007\/978-3-031-22972-5_17"},{"key":"2_CR10","doi-asserted-by":"publisher","unstructured":"Carrier, K., Debris-Alazard, T., Meyer-Hilfiger, C., Tillich, J.P.: Reduction from Sparse LPN to LPN, dual attack 3.0. In: Joye, M., Leander, G. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2024, pp. 286\u2013315. Springer Nature Switzerland, Cham (2024). https:\/\/doi.org\/10.1007\/978-3-031-58754-2_11","DOI":"10.1007\/978-3-031-58754-2_11"},{"key":"2_CR11","doi-asserted-by":"crossref","unstructured":"Carrier, K., Tillich, J.P., Shen, Y., Meyer-Hilfiger, C.: Assessing the Impact of a Variant of MATZOV\u2019s Dual Attack on Kyber. Springer-Verlag (2025)","DOI":"10.1007\/978-3-032-01855-7_15"},{"key":"2_CR12","doi-asserted-by":"publisher","unstructured":"Cheon, J.H., Kim, A., Kim, M., Song, Y.: Homomorphic encryption for arithmetic of approximate numbers. In: Takagi, T., Peyrin, T. (eds.) Advances in Cryptology \u2013 ASIACRYPT 2017, pp. 409\u2013437. Springer International Publishing, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70694-8_15","DOI":"10.1007\/978-3-319-70694-8_15"},{"issue":"1","key":"2_CR13","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/s00145-019-09319-x","volume":"33","author":"I Chillotti","year":"2020","unstructured":"Chillotti, I., Gama, N., Georgieva, M., Izabach\u00e8ne, M.: TFHE: fast fully homomorphic encryption over the torus. J. Cryptol. 33(1), 34\u201391 (2020). https:\/\/doi.org\/10.1007\/s00145-019-09319-x","journal-title":"J. Cryptol."},{"key":"2_CR14","doi-asserted-by":"publisher","unstructured":"Dachman-Soled, D., Ducas, L., Gong, H., Rossi, M.: LWE with side information: attacks and concrete security estimation. In: Micciancio, D., Ristenpart, T. (eds.) Advances in Cryptology \u2013 CRYPTO 2020, pp. 329\u2013358. Springer International Publishing, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56880-1_12","DOI":"10.1007\/978-3-030-56880-1_12"},{"key":"2_CR15","doi-asserted-by":"publisher","unstructured":"Dietzfelbinger, M.: Primality Testing in Polynomial Time: From Randomized Algorithms to \"PRIMES\" is in P. Springer Berlin, Heidelberg (2004). https:\/\/doi.org\/10.1007\/b12334","DOI":"10.1007\/b12334"},{"key":"2_CR16","doi-asserted-by":"publisher","unstructured":"Ducas, L., et al.: CRYSTALS-Dilithium: a lattice-based digital signature scheme. Trans. Cryptograph. Hardw. Embedded Syst. 2018, Issue 1, 238\u2013268 (2018). https:\/\/doi.org\/10.13154\/tches.v2018.i1.238-268","DOI":"10.13154\/tches.v2018.i1.238-268"},{"key":"2_CR17","doi-asserted-by":"publisher","unstructured":"Ducas, L., Micciancio, D.: FHEW: Bootstrapping Homomorphic Encryption in Less Than a Second. In: Oswald, E., Fischlin, M. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2015, pp. 617\u2013640. Springer Berlin Heidelberg, Berlin, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_24","DOI":"10.1007\/978-3-662-46800-5_24"},{"key":"2_CR18","doi-asserted-by":"publisher","unstructured":"Ducas, L., Pulles, L.N.: Does the dual-sieve attack on learning with errors even work? In: Handschuh, H., Lysyanskaya, A. (eds.) Advances in Cryptology \u2013 CRYPTO 2023, pp. 37\u201369. Springer Nature Switzerland, Cham (2023), https:\/\/doi.org\/10.1007\/978-3-031-38548-3_2","DOI":"10.1007\/978-3-031-38548-3_2"},{"key":"2_CR19","doi-asserted-by":"publisher","unstructured":"Espitau, T., et al.: Mitaka: a simpler, parallelizable, maskable variant of falcon. In: Dunkelman, O., Dziembowski, S. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2022, pp. 222\u2013253. Springer International Publishing, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-07082-2_9","DOI":"10.1007\/978-3-031-07082-2_9"},{"key":"2_CR20","doi-asserted-by":"publisher","unstructured":"Espitau, T., Joux, A., Kharchenko, N.: On a dual\/hybrid approach to small secret LWE. In: Bhargavan, K., Oswald, E., Prabhakaran, M. (eds.) Progress in Cryptology \u2013 INDOCRYPT 2020, pp. 440\u2013462. Springer International Publishing, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-65277-7_20","DOI":"10.1007\/978-3-030-65277-7_20"},{"key":"2_CR21","doi-asserted-by":"publisher","unstructured":"Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, pp. 197\u2013206. STOC \u201908, Association for Computing Machinery, New York, NY, USA (2008). https:\/\/doi.org\/10.1145\/1374376.1374407","DOI":"10.1145\/1374376.1374407"},{"key":"2_CR22","doi-asserted-by":"publisher","unstructured":"Guo, Q., Johansson, T.: Faster dual lattice attacks for solving LWE with applications to CRYSTALS. In: Tibouchi, M., Wang, H. (eds.) Advances in Cryptology \u2013 ASIACRYPT 2021,pp. 33\u201362. Springer International Publishing, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92068-5_2","DOI":"10.1007\/978-3-030-92068-5_2"},{"key":"2_CR23","unstructured":"Klein, P.: Finding the closest lattice vector when it\u2019s unusually close. In: Proceedings of the Eleventh Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 937\u2013941. SODA \u201900, Society for Industrial and Applied Mathematics, USA (2000)"},{"key":"2_CR24","doi-asserted-by":"publisher","unstructured":"Lyubashevsky, V., Nguyen, N.K., Plan\u00e7on, M.: Lattice-based zero-knowledge proofs and applications: shorter, simpler, and more general. In: Dodis, Y., Shrimpton, T. (eds.) Advances in Cryptology \u2013 CRYPTO 2022, pp. 71\u2013101. Springer Nature Switzerland, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-15979-4_3","DOI":"10.1007\/978-3-031-15979-4_3"},{"key":"2_CR25","doi-asserted-by":"publisher","unstructured":"MATZOV: Report on the Security of LWE: Improved Dual Lattice Attack (2020). https:\/\/doi.org\/10.5281\/zenodo.6493704","DOI":"10.5281\/zenodo.6493704"},{"key":"2_CR26","doi-asserted-by":"publisher","unstructured":"Meyer-Hilfiger, C., Tillich, J.P.: Rigorous foundations for dual attacks in coding theory. In: Rothblum, G., Wee, H. (eds.) Theory of Cryptography, pp. 3\u201332. Springer Nature Switzerland, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-48624-1_1","DOI":"10.1007\/978-3-031-48624-1_1"},{"key":"2_CR27","doi-asserted-by":"publisher","unstructured":"Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. In: 45th Annual IEEE Symposium on Foundations of Computer Science, pp. 372\u2013381 (2004). https:\/\/doi.org\/10.1109\/FOCS.2004.72","DOI":"10.1109\/FOCS.2004.72"},{"key":"2_CR28","doi-asserted-by":"publisher","unstructured":"Mount, D.M.: New directions in approximate nearest-neighbor searching. In: Pal, S.P., Vijayakumar, A. (eds.) Algorithms and Discrete Applied Mathematics, pp. 1\u201315. Springer International Publishing, Cham (2019), https:\/\/doi.org\/10.1007\/978-3-030-11509-8_1","DOI":"10.1007\/978-3-030-11509-8_1"},{"issue":"2","key":"2_CR29","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1515\/JMC.2008.009","volume":"2","author":"PQ Nguyen","year":"2008","unstructured":"Nguyen, P.Q., Vidick, T.: Sieve algorithms for the shortest vector problem are practical. J. Math. Cryptol. 2(2), 181\u2013207 (2008)","journal-title":"J. Math. Cryptol."},{"key":"2_CR30","doi-asserted-by":"publisher","unstructured":"Peikert, C.: An efficient and parallel gaussian sampler for lattices. In: Rabin, T. (ed.) Advances in Cryptology \u2013 CRYPTO 2010, pp. 80\u201397. Springer Berlin Heidelberg, Berlin, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-14623-7_5","DOI":"10.1007\/978-3-642-14623-7_5"},{"key":"2_CR31","doi-asserted-by":"publisher","unstructured":"Peikert, C., Shiehian, S.: Noninteractive zero knowledge for NP from (Plain) learning with errors. In: Boldyreva, A., Micciancio, D. (eds.) Advances in Cryptology \u2013 CRYPTO 2019, pp. 89\u2013114. Springer International Publishing, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26948-7_4","DOI":"10.1007\/978-3-030-26948-7_4"},{"key":"2_CR32","doi-asserted-by":"publisher","unstructured":"Pouly, A., Shen, Y.: Provable dual attacks on learning with errors. In: Joye, M., Leander, G. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2024. pp. 256\u2013285. Springer Nature Switzerland, Cham (2024). https:\/\/doi.org\/10.1007\/978-3-031-58754-2_10","DOI":"10.1007\/978-3-031-58754-2_10"},{"key":"2_CR33","unstructured":"Qu, H., Xu, G.: On the provable dual attack for LWE by modulus switching. Cryptology ePrint Archive, Paper 2025\/859 (2025). https:\/\/eprint.iacr.org\/2025\/859"},{"key":"2_CR34","doi-asserted-by":"publisher","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6) (Sep 2009). https:\/\/doi.org\/10.1145\/1568318.1568324","DOI":"10.1145\/1568318.1568324"},{"key":"2_CR35","unstructured":"Serre, J.P.: A Course in Arithmetic, vol.\u00a07. Springer Science & Business Media (2012)"},{"key":"2_CR36","unstructured":"Stein, E.M., Shakarchi, R.: Fourier analysis: An Introduction, vol.\u00a01. Princeton University Press (2003)"},{"issue":"1","key":"2_CR37","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1090\/S0002-9939-2013-11744-2","volume":"142","author":"C Tian","year":"2014","unstructured":"Tian, C., Liu, M., Xu, G.: Measure inequalities and the transference theorem in the geometry of numbers. Proc. American Math. Society 142(1), 47\u201357 (2014)","journal-title":"Proc. American Math. Society"},{"issue":"6","key":"2_CR38","doi-asserted-by":"publisher","first-page":"3630","DOI":"10.1109\/TIT.2019.2901497","volume":"65","author":"Z Wang","year":"2019","unstructured":"Wang, Z., Ling, C.: Lattice Gaussian Sampling by Markov Chain Monte Carlo: bounded distance decoding and trapdoor sampling. IEEE Trans. Inf. Theory 65(6), 3630\u20133645 (2019). https:\/\/doi.org\/10.1109\/TIT.2019.2901497","journal-title":"IEEE Trans. Inf. Theory"},{"key":"2_CR39","unstructured":"Yu, Y., et al.: HuFu: Hash-and-Sign Signatures From Powerful Gadgets. https:\/\/csrc.nist.gov\/csrc\/media\/Projects\/pqc-dig-sig\/documents\/round-1\/spec-files\/HuFu-spec-web.pdf"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2025"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-95-5099-9_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,9]],"date-time":"2026-02-09T17:48:59Z","timestamp":1770659339000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-95-5099-9_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,8]]},"ISBN":["9789819550982","9789819550999"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-981-95-5099-9_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,12,8]]},"assertion":[{"value":"8 December 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Melbourne, VIC","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Australia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 December 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 December 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}