{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,10]],"date-time":"2026-04-10T04:19:33Z","timestamp":1775794773876,"version":"3.50.1"},"publisher-location":"Singapore","reference-count":79,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819987269","type":"print"},{"value":"9789819987276","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-981-99-8727-6_5","type":"book-chapter","created":{"date-parts":[[2023,12,17]],"date-time":"2023-12-17T08:02:20Z","timestamp":1702800140000},"page":"131-166","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Concrete Analysis of\u00a0Quantum Lattice Enumeration"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0746-3054","authenticated-orcid":false,"given":"Shi","family":"Bai","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Maya-Iggy","family":"van Hoof","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Floyd B.","family":"Johnson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tanja","family":"Lange","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9157-7822","authenticated-orcid":false,"given":"Tran","family":"Ngo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,12,18]]},"reference":[{"key":"5_CR1","doi-asserted-by":"crossref","unstructured":"Erdem Alkim, Nina Bindel, Johannes\u00a0A. Buchmann, \u00d6zg\u00fcr Dagdelen, Edward Eaton, Gus Gutoski, Juliane Kr\u00e4mer, and Filip Pawlega, Revisiting TESLA in the quantum random oracle model, Post-Quantum Cryptography - 8th International Workshop, PQCrypto 2017 (Tanja Lange and Tsuyoshi Takagi, eds.), Springer, Heidelberg, 2017, pp.\u00a0143\u2013162","DOI":"10.1007\/978-3-319-59879-6_9"},{"key":"5_CR2","unstructured":"Roberto Avanzi, Joppe Bos, L\u00e9o Ducas, Eike Kiltz, Tancr\u00e8de Lepoint, Vadim Lyubashevsky, John M. Schanck, Peter Schwabe, Gregor Seiler, and Damien Stehl\u00e9, CRYSTALS-KYBER: algorithm specifications and supporting documentation, 2021, Submission to the NIST\u2019s post-quantum cryptography standardization process"},{"key":"5_CR3","doi-asserted-by":"crossref","unstructured":"Martin\u00a0R. Albrecht, Shi Bai, Pierre-Alain Fouque, Paul Kirchner, Damien Stehl\u00e9, and Weiqiang Wen, Faster enumeration-based lattice reduction: Root hermite factor$$k^{1\/(2k)}$$time$$k^{k\/8+o(k)}$$, CRYPTO\u00a02020, Part\u00a0II (Daniele Micciancio and Thomas Ristenpart, eds.), LNCS, vol. 12171, Springer, Heidelberg, August 2020, pp.\u00a0186\u2013212","DOI":"10.1007\/978-3-030-56880-1_7"},{"key":"5_CR4","doi-asserted-by":"crossref","unstructured":"Martin\u00a0R. Albrecht, Shi Bai, Jianwei Li, and Joe Rowell, Lattice reduction with approximate enumeration oracles - practical algorithms and concrete performance, CRYPTO\u00a02021, Part\u00a0II (Virtual Event) (Tal Malkin and Chris Peikert, eds.), LNCS, vol. 12826, Springer, Heidelberg, August 2021, pp.\u00a0732\u2013759","DOI":"10.1007\/978-3-030-84245-1_25"},{"key":"5_CR5","doi-asserted-by":"crossref","unstructured":"Martin\u00a0R. Albrecht, L\u00e9o Ducas, Gottfried Herold, Elena Kirshanova, Eamonn\u00a0W. Postlethwaite, and Marc Stevens, The general sieve kernel and new records in lattice reduction, in Ishai and Rijmen [IR19], pp.\u00a0717\u2013746","DOI":"10.1007\/978-3-030-17656-3_25"},{"key":"5_CR6","unstructured":"Erdem Alkim, L\u00e9o Ducas, Thomas P\u00f6ppelmann, and Peter Schwabe, Post-quantum key exchange: A New Hope, Proceedings of the 25th USENIX Conference on Security Symposium (USA), SEC\u201916, USENIX Association, 2016, p.\u00a0327\u2013343"},{"key":"5_CR7","doi-asserted-by":"crossref","unstructured":"Martin\u00a0R. Albrecht, Vlad Gheorghiu, Eamonn\u00a0W. Postlethwaite, and John\u00a0M. Schanck, Estimating quantum speedups for lattice sieves, ASIACRYPT\u00a02020, Part\u00a0II (Shiho Moriai and Huaxiong Wang, eds.), LNCS, vol. 12492, Springer, Heidelberg, December 2020, pp.\u00a0583\u2013613","DOI":"10.1007\/978-3-030-64834-3_20"},{"key":"5_CR8","doi-asserted-by":"crossref","unstructured":"Mikl\u00f3s Ajtai, Generating hard instances of lattice problems (extended abstract), in STOC 1996 [STO96], pp.\u00a099\u2013108","DOI":"10.1145\/237814.237838"},{"key":"5_CR9","doi-asserted-by":"crossref","unstructured":"Andris Ambainis and Martins Kokainis, Quantum algorithm for tree size estimation, with applications to backtracking and 2-player games, Proceedings of the 49th Annual ACM SIGACT Symposium on Theory of Computing (New York, NY, USA), STOC 2017, Association for Computing Machinery, 2017, p.\u00a0989\u20131002","DOI":"10.1145\/3055399.3055444"},{"key":"5_CR10","doi-asserted-by":"crossref","unstructured":"Mikl\u00f3s Ajtai, Ravi Kumar, and D.\u00a0Sivakumar, A sieve algorithm for the shortest lattice vector problem, 33rd ACM STOC, ACM Press, July 2001, pp.\u00a0601\u2013610","DOI":"10.1145\/380752.380857"},{"key":"5_CR11","doi-asserted-by":"crossref","unstructured":"Matthew Amy, Dmitri Maslov, Michele Mosca, and Martin Roetteler, A meet-in-the-middle algorithm for fast synthesis of depth-optimal quantum circuits, Trans. Comp.-Aided Des. Integ. Cir. Sys. 32 (2013), no.\u00a06, 818\u2013830","DOI":"10.1109\/TCAD.2013.2244643"},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"Yoshinori Aono, Phong\u00a0Q. Nguyen, and Yixin Shen, Quantum lattice enumeration and tweaking discrete pruning, ASIACRYPT\u00a02018, Part\u00a0I (Thomas Peyrin and Steven Galbraith, eds.), LNCS, vol. 11272, Springer, Heidelberg, December 2018, pp.\u00a0405\u2013434","DOI":"10.1007\/978-3-030-03326-2_14"},{"key":"5_CR13","unstructured":"Martin R. Albrecht, Milo\u0161 Prokop, Yixin Shen, and Petros Wallden, Variational quantum solutions to the shortest vector problem, Cryptology ePrint Archive, Paper 2022\/233, 2022, https:\/\/eprint.iacr.org\/2022\/233"},{"key":"5_CR14","unstructured":"Yoshinori Aono, Yuntao Wang, Takuya Hayashi, and Tsuyoshi Takagi, Improved progressive BKZ algorithms and their precise cost estimation by sharp simulator, in Fischlin and Coron [FC16], pp.\u00a0789\u2013819"},{"key":"5_CR15","doi-asserted-by":"crossref","unstructured":"Gustavo Banegas, Daniel\u00a0J. Bernstein, Iggy Van Hoof, and Tanja Lange, Concrete quantum cryptanalysis of binary elliptic curves, IACR TCHES 2021 (2021), no.\u00a01, 451\u2013472, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/8741","DOI":"10.46586\/tches.v2021.i1.451-472"},{"key":"5_CR16","doi-asserted-by":"crossref","unstructured":"Xavier Bonnetain, Andr\u00e9 Chailloux, Andr\u00e9 Schrottenloher, and Yixin Shen, Finding many collisions via reusable quantum walks: Application to lattice sieving, EUROCRYPT\u00a02023, Part\u00a0V (Carmit Hazay and Martijn Stam, eds.), LNCS, vol. 14008, Springer, Heidelberg, April 2023, pp.\u00a0221\u2013251","DOI":"10.1007\/978-3-031-30589-4_8"},{"key":"5_CR17","doi-asserted-by":"crossref","unstructured":"Anja Becker, L\u00e9o Ducas, Nicolas Gama, and Thijs Laarhoven, New directions in nearest neighbor searching with applications to lattice sieving, 27th SODA (Robert Krauthgamer, ed.), ACM-SIAM, January 2016, pp.\u00a010\u201324","DOI":"10.1137\/1.9781611974331.ch2"},{"key":"5_CR18","unstructured":"Shi Bai, L\u00e9o Ducas, Eike Kiltz, Tancr\u00e8de Lepoint, Vadim Lyubashevsky, Peter Schwabe, Gregor Seiler, and Damien Stehl\u00e9, CRYSTALS-Dilithium: algorithm specifications and supporting documentation, 2021, Submission to the NIST\u2019s post-quantum cryptography standardization process"},{"key":"5_CR19","unstructured":"Aleksandrs Belovs, Quantum walks and electric networks, arXiv e-prints (2013), arXiv:1302.3143"},{"key":"5_CR20","unstructured":"Daniel\u00a0J. Bernstein and Tanja Lange, Non-randomness of S-unit lattices, Cryptology ePrint Archive, Report 2021\/1428, 2021, https:\/\/eprint.iacr.org\/2021\/1428"},{"key":"5_CR21","doi-asserted-by":"crossref","unstructured":"Daniel\u00a0J. Bernstein, Tanja Lange, Chloe Martindale, and Lorenz Panny, Quantum circuits for the CSIDH: Optimizing quantum evaluation of isogenies, in Ishai and Rijmen [IR19], pp.\u00a0409\u2013441","DOI":"10.1007\/978-3-030-17656-3_15"},{"key":"5_CR22","doi-asserted-by":"crossref","unstructured":"Xavier Bonnetain, Mar\u00eda Naya-Plasencia, and Andr\u00e9 Schrottenloher, Quantum security analysis of AES, IACR Trans. Symm. Cryptol. 2019 (2019), no.\u00a02, 55\u201393","DOI":"10.46586\/tosc.v2019.i2.55-93"},{"key":"5_CR23","unstructured":"Joan Boyar and Ren\u00e9 Peralta, The exact multiplicative complexity of the hamming weight function, Electron. Colloquium Comput. Complex. TR05-049 (2005)"},{"key":"5_CR24","doi-asserted-by":"crossref","unstructured":"Xavier Bonnetain and Andr\u00e9 Schrottenloher, Quantum security analysis of CSIDH, in Canteaut and Ishai [CI20], pp.\u00a0493\u2013522","DOI":"10.1007\/978-3-030-45724-2_17"},{"key":"5_CR25","doi-asserted-by":"crossref","unstructured":"Richard Cleve, Artur Ekert, Chiara Macchiavello, and Michele Mosca, Quantum algorithms revisited, Proceedings of the Royal Society of London. Series A: Mathematical, Physical and Engineering Sciences 454 (1998), no.\u00a01969, 339\u2013354","DOI":"10.1098\/rspa.1998.0164"},{"key":"5_CR26","unstructured":"Anne Canteaut and Yuval Ishai (eds.), Eurocrypt\u00a02020, part\u00a0ii, LNCS, vol. 12106, Springer, Heidelberg, May 2020"},{"key":"5_CR27","doi-asserted-by":"crossref","unstructured":"Earl Campbell, Ankur Khurana, and Ashley Montanaro, Applying quantum algorithms to constraint satisfaction problems, Quantum 3 (2019), 167","DOI":"10.22331\/q-2019-07-18-167"},{"key":"5_CR28","doi-asserted-by":"crossref","unstructured":"Andr\u00e9 Chailloux and Johanna Loyer, Lattice sieving via quantum random walks, ASIACRYPT\u00a02021, Part\u00a0IV (Mehdi Tibouchi and Huaxiong Wang, eds.), LNCS, vol. 13093, Springer, Heidelberg, December 2021, pp.\u00a063\u201391","DOI":"10.1007\/978-3-030-92068-5_3"},{"key":"5_CR29","doi-asserted-by":"crossref","unstructured":"Yuanmi Chen and Phong\u00a0Q. Nguyen, BKZ 2.0: Better lattice security estimates, ASIACRYPT\u00a02011 (Dong\u00a0Hoon Lee and Xiaoyun Wang, eds.), LNCS, vol. 7073, Springer, Heidelberg, December 2011, pp.\u00a01\u201320","DOI":"10.1007\/978-3-642-25385-0_1"},{"key":"5_CR30","doi-asserted-by":"crossref","unstructured":"L\u00e9o Ducas, Marc Stevens, and Wessel van Woerden, Advanced lattice sieving on gpus, with tensor cores, Advances in Cryptology \u2013 EUROCRYPT 2021: 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, October 17\u201321, 2021, Proceedings, Part II (Berlin, Heidelberg), Springer-Verlag, 2021, p. 249\u2013279","DOI":"10.1007\/978-3-030-77886-6_9"},{"key":"5_CR31","doi-asserted-by":"crossref","unstructured":"L\u00e9o Ducas, Marc Stevens, and Wessel P.\u00a0J. van Woerden, Advanced lattice sieving on GPUs, with tensor cores, EUROCRYPT\u00a02021, Part\u00a0II (Anne Canteaut and Fran\u00e7ois-Xavier Standaert, eds.), LNCS, vol. 12697, Springer, Heidelberg, October 2021, pp.\u00a0249\u2013279","DOI":"10.1007\/978-3-030-77886-6_9"},{"key":"5_CR32","unstructured":"The\u00a0FPLLL development team, fplll, a lattice reduction library, Version: 5.4.2, Available at https:\/\/github.com\/fplll\/fplll, 2022"},{"key":"5_CR33","doi-asserted-by":"crossref","unstructured":"Bryan Eastin and Emanuel Knill, Restrictions on transversal encoded quantum gate sets, Phys. Rev. Lett. 102 (2009), 110502","DOI":"10.1103\/PhysRevLett.102.110502"},{"key":"5_CR34","unstructured":"Marc Fischlin and Jean-S\u00e9bastien Coron (eds.), Eurocrypt\u00a02016, part\u00a0i, LNCS, vol. 9665, Springer, Heidelberg, May 2016"},{"key":"5_CR35","unstructured":"Pierre-Alain Fouque, Jeffrey Hoffstein, Paul Kirchner, Vadim Lyubashevsky, Thomas Pornin, Thomas Prest, Thomas Ricosset, Gregor Seiler, William Whyte, and Zhenfei Zhang, Falcon: Fast-Fourier Lattice-based Compact Signatures over NTRU. specification v1.2, 2020, Submission to the NIST\u2019s post-quantum cryptography standardization process"},{"key":"5_CR36","doi-asserted-by":"crossref","unstructured":"Ulrich Fincke and Michael Pohst, Improved methods for calculating vectors of short length in a lattice, including a complexity analysis, Mathematics of Computation 44 (1985), no.\u00a0170, 463\u2013463","DOI":"10.2307\/2007966"},{"key":"5_CR37","unstructured":"Craig Gidney, Constructing large increment gates, 2015, Last retrieved 18 Oct 2022 at https:\/\/algassert.com\/circuits\/2015\/06\/12\/Constructing-Large-Increment-Gates.html"},{"key":"5_CR38","doi-asserted-by":"crossref","unstructured":"Markus Grassl, Brandon Langenberg, Martin Roetteler, and Rainer Steinwandt, Applying grover\u2019s algorithm to AES: Quantum resource estimates, Post-Quantum Cryptography - 7th International Workshop, PQCrypto 2016 (Tsuyoshi Takagi, ed.), Springer, Heidelberg, 2016, pp.\u00a029\u201343","DOI":"10.1007\/978-3-319-29360-8_3"},{"key":"5_CR39","doi-asserted-by":"crossref","unstructured":"Nicolas Gama, Phong\u00a0Q. Nguyen, and Oded Regev, Lattice enumeration using extreme pruning, EUROCRYPT\u00a02010 (Henri Gilbert, ed.), LNCS, vol. 6110, Springer, Heidelberg, May\u00a0\/\u00a0June 2010, pp.\u00a0257\u2013278","DOI":"10.1007\/978-3-642-13190-5_13"},{"key":"5_CR40","doi-asserted-by":"crossref","unstructured":"Lov\u00a0K. Grover, A fast quantum mechanical algorithm for database search, in STOC 1996 [STO96], pp.\u00a0212\u2013219","DOI":"10.1145\/237814.237866"},{"key":"5_CR41","doi-asserted-by":"crossref","unstructured":"Guillaume Hanrot, Xavier Pujol, and Damien Stehl\u00e9, Analyzing blockwise lattice algorithms using dynamical systems, CRYPTO\u00a02011 (Phillip Rogaway, ed.), LNCS, vol. 6841, Springer, Heidelberg, August 2011, pp.\u00a0447\u2013464","DOI":"10.1007\/978-3-642-22792-9_25"},{"key":"5_CR42","doi-asserted-by":"crossref","unstructured":"Ishay Haviv and Oded Regev, On the lattice isomorphism problem, 25th SODA (Chandra Chekuri, ed.), ACM-SIAM, January 2014, pp.\u00a0391\u2013404","DOI":"10.1137\/1.9781611973402.29"},{"key":"5_CR43","doi-asserted-by":"crossref","unstructured":"Guillaume Hanrot and Damien Stehl\u00e9, Improved analysis of kannan\u2019s shortest lattice vector algorithm, CRYPTO\u00a02007 (Alfred Menezes, ed.), LNCS, vol. 4622, Springer, Heidelberg, August 2007, pp.\u00a0170\u2013186","DOI":"10.1007\/978-3-540-74143-5_10"},{"key":"5_CR44","doi-asserted-by":"crossref","unstructured":"Thomas Haener, Mathias Soeken, Martin Roetteler, and Krysta\u00a0M. Svore, Quantum circuits for floating-point arithmetic, Reversible Computation (Cham) (Jarkko Kari and Irek Ulidowski, eds.), Springer International Publishing, 2018, pp.\u00a0162\u2013174","DOI":"10.1007\/978-3-319-99498-7_11"},{"key":"5_CR45","unstructured":"Yuval Ishai and Vincent Rijmen (eds.), Eurocrypt\u00a02019, part\u00a0ii, LNCS, vol. 11477, Springer, Heidelberg, May 2019"},{"key":"5_CR46","doi-asserted-by":"crossref","unstructured":"Samuel Jaques, Michael Naehrig, Martin Roetteler, and Fernando Virdia, Implementing grover oracles for quantum key search on AES and LowMC, in Canteaut and Ishai [CI20], pp.\u00a0280\u2013310","DOI":"10.1007\/978-3-030-45724-2_10"},{"key":"5_CR47","doi-asserted-by":"crossref","unstructured":"Cody Jones, Low-overhead constructions for the fault-tolerant toffoli gate, Phys. Rev. A 87 (2013), 022328","DOI":"10.1103\/PhysRevA.87.022328"},{"key":"5_CR48","doi-asserted-by":"crossref","unstructured":"Ravi Kannan, Improved algorithms for integer programming and related lattice problems, 15th ACM STOC, ACM Press, April 1983, pp.\u00a0193\u2013206","DOI":"10.1145\/800061.808749"},{"key":"5_CR49","unstructured":"Alexei\u00a0Y. Kitaev, Quantum measurements and the abelian stabilizer problem, Electron. Colloquium Comput. Complex. TR96-003 (1996)"},{"key":"5_CR50","unstructured":"Thijs Laarhoven, Search problems in cryptography, Ph.D. thesis, Eindhoven University of Technology, 2015"},{"key":"5_CR51","doi-asserted-by":"crossref","unstructured":"Arjen K. Lenstra, Hendrik W. Lenstra Jr., and L\u00e1szl\u00f3 Lov\u00e1sz, Factoring polynomials with rational coefficients, Mathematische Annalen 261 (1982), 515\u2013534","DOI":"10.1007\/BF01457454"},{"key":"5_CR52","doi-asserted-by":"crossref","unstructured":"Ashley Montanaro, Quantum-walk speedup of backtracking algorithms, Theory of Computing 14 (2018), no.\u00a015, 1\u201324","DOI":"10.4086\/toc.2018.v014a015"},{"key":"5_CR53","doi-asserted-by":"crossref","unstructured":"Daniele Micciancio and Oded Regev, Worst-case to average-case reductions based on Gaussian measures, 45th FOCS, IEEE Computer Society Press, October 2004, pp.\u00a0372\u2013381","DOI":"10.1109\/FOCS.2004.72"},{"key":"5_CR54","unstructured":"Simon Martiel and Maxime Remaud, Practical implementation of a quantum backtracking algorithm, SOFSEM 2020: Theory and Practice of Computer Science (Cham) (Alexander Chatzigeorgiou, Riccardo Dondi, Herodotos Herodotou, Christos Kapoutsis, Yannis Manolopoulos, George\u00a0A. Papadopoulos, and Florian Sikora, eds.), Springer International Publishing, 2020, pp.\u00a0597\u2013606"},{"key":"5_CR55","doi-asserted-by":"crossref","unstructured":"Jarrod R McClean, Jonathan Romero, Ryan Babbush, and Al\u00e1n Aspuru-Guzik, The theory of variational hybrid quantum-classical algorithms, New Journal of Physics 18 (2016), no.\u00a02, 023023","DOI":"10.1088\/1367-2630\/18\/2\/023023"},{"key":"5_CR56","doi-asserted-by":"crossref","unstructured":"Daniele Micciancio and Panagiotis Voulgaris, A deterministic single exponential time algorithm for most lattice problems based on voronoi cell computations, 42nd ACM STOC (Leonard\u00a0J. Schulman, ed.), ACM Press, June2010, pp.\u00a0351\u2013358","DOI":"10.1145\/1806689.1806739"},{"key":"5_CR57","unstructured":"\u2014\u2014, Faster exponential time algorithms for the shortest vector problem, 21st SODA (Moses Charika, ed.), ACM-SIAM, January 2010, pp.\u00a01468\u20131480"},{"key":"5_CR58","doi-asserted-by":"crossref","unstructured":"Daniele Micciancio and Michael Walter, Practical, predictable lattice basis reduction, in Fischlin and Coron [FC16], pp.\u00a0820\u2013849","DOI":"10.1007\/978-3-662-49890-3_31"},{"key":"5_CR59","doi-asserted-by":"crossref","unstructured":"Michael\u00a0A. Nielsen and Isaac\u00a0L. Chuang, Quantum computation and quantum information: 10th anniversary edition, Cambridge University Press, 2011","DOI":"10.1017\/CBO9780511976667"},{"key":"5_CR60","unstructured":"NIST, National institute of standards and technology\u2019s Post-Quantum Cryptography Standardization, 2016, https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography"},{"key":"5_CR61","doi-asserted-by":"crossref","unstructured":"Phong\u00a0Q. Nguyen and Damien Stehl\u00e9, Floating-point LLL revisited, EUROCRYPT\u00a02005 (Ronald Cramer, ed.), LNCS, vol. 3494, Springer, Heidelberg, May 2005, pp.\u00a0215\u2013233","DOI":"10.1007\/11426639_13"},{"key":"5_CR62","doi-asserted-by":"crossref","unstructured":"Phong\u00a0Q. Nguyen and Damien Stehl\u00e9, LLL on the average, Proceedings of the 7th International Conference on Algorithmic Number Theory (Berlin, Heidelberg), ANTS\u201906, Springer-Verlag, 2006, p.\u00a0238\u2013256","DOI":"10.1007\/11792086_18"},{"key":"5_CR63","doi-asserted-by":"crossref","unstructured":"P.\u00a0Q. Nguyen and T.\u00a0Vidick, Sieve algorithms for the shortest vector problem are practical, Journal of Mathematical Cryptology 2 (2008), no.\u00a02","DOI":"10.1515\/JMC.2008.009"},{"key":"5_CR64","doi-asserted-by":"crossref","unstructured":"Rafael Pino, Vadim Lyubashevsky, and David Pointcheval, The whole is less than the sum of its parts: Constructing more efficient lattice-based akes, Proceedings of the 10th International Conference on Security and Cryptography for Networks - Volume 9841 (Berlin, Heidelberg), Springer-Verlag, 2016, p.\u00a0273\u2013291","DOI":"10.1007\/978-3-319-44618-9_15"},{"key":"5_CR65","doi-asserted-by":"crossref","unstructured":"Alberto Peruzzo, Jarrod McClean, Peter Shadbolt, Man-Hong Yung, Xiao-Qi Zhou, Peter\u00a0J. Love, Al\u00e1n Aspuru-Guzik, and Jeremy\u00a0L. O\u2019Brien, A variational eigenvalue solver on a photonic quantum processor, Nature Communications 5 (2014), no.\u00a01","DOI":"10.1038\/ncomms5213"},{"key":"5_CR66","unstructured":"Alex Parent, Martin Roetteler, and Michele Mosca, Improved reversible and quantum circuits for karatsuba-based integer multiplication, 12th Conference on the Theory of Quantum Computation, Communication and Cryptography, TQC 2017, June 14-16, 2017, Paris, France (Mark\u00a0M. Wilde, ed.), LIPIcs, vol.\u00a073, Schloss Dagstuhl - Leibniz-Zentrum f\u00fcr Informatik, 2017, pp.\u00a07:1\u20137:15"},{"key":"5_CR67","doi-asserted-by":"crossref","unstructured":"Xavier Pujol and Damien Stehl\u00e9, Rigorous and efficient short lattice vectors enumeration, ASIACRYPT\u00a02008 (Josef Pieprzyk, ed.), LNCS, vol. 5350, Springer, Heidelberg, December 2008, pp.\u00a0390\u2013405","DOI":"10.1007\/978-3-540-89255-7_24"},{"key":"5_CR68","doi-asserted-by":"crossref","unstructured":"Oded Regev, On lattices, learning with errors, random linear codes, and cryptography, 37th ACM STOC (Harold\u00a0N. Gabow and Ronald Fagin, eds.), ACM Press, May 2005, pp.\u00a084\u201393","DOI":"10.1145\/1060590.1060603"},{"key":"5_CR69","doi-asserted-by":"crossref","unstructured":"Martin Roetteler, Michael Naehrig, Krysta\u00a0M. Svore, and Kristin\u00a0E. Lauter, Quantum resource estimates for computing elliptic curve discrete logarithms, ASIACRYPT\u00a02017, Part\u00a0II (Tsuyoshi Takagi and Thomas Peyrin, eds.), LNCS, vol. 10625, Springer, Heidelberg, December 2017, pp.\u00a0241\u2013270","DOI":"10.1007\/978-3-319-70697-9_9"},{"key":"5_CR70","doi-asserted-by":"crossref","unstructured":"Neil\u00a0J Ross and Peter Selinger, Optimal ancilla-free Clifford+ T approximation of z-rotations., Quantum Inf. Comput. 16 (2016), no.\u00a011 &12, 901\u2013953","DOI":"10.26421\/QIC16.11-12-1"},{"key":"5_CR71","doi-asserted-by":"crossref","unstructured":"Claus-Peter Schnorr, A hierarchy of polynomial time lattice basis reduction algorithms, Theoretical Computer Science 53 (1987), no.\u00a02-3, 201\u2013224","DOI":"10.1016\/0304-3975(87)90064-8"},{"key":"5_CR72","doi-asserted-by":"crossref","unstructured":"Claus-Peter Schnorr, Lattice reduction by random sampling and birthday methods, STACS, Springer, 2003, pp.\u00a0145\u2013156","DOI":"10.1007\/3-540-36494-3_14"},{"key":"5_CR73","doi-asserted-by":"crossref","unstructured":"Claus-Peter Schnorr and Michael Euchner, Lattice basis reduction : improved practical algorithms and solving subset sum problems, Mathematics of Programming 66 (1994), 181\u2013199","DOI":"10.1007\/BF01581144"},{"key":"5_CR74","doi-asserted-by":"crossref","unstructured":"Peter Selinger, Quantum circuits o$$t$$-depth one, Phys. Rev. A 87 (2013), 042302","DOI":"10.1103\/PhysRevA.87.042302"},{"key":"5_CR75","doi-asserted-by":"crossref","unstructured":"Peter Selinger, Efficient clifford+t approximation of single-qubit operators, Quantum Inf. Comput. 15 (2015), no.\u00a01-2, 159\u2013180","DOI":"10.26421\/QIC15.1-2-10"},{"key":"5_CR76","doi-asserted-by":"crossref","unstructured":"Claus-Peter Schnorr and Horst\u00a0Helmut H\u00f6rner, Attacking the Chor-Rivest cryptosystem by improved lattice reduction, EUROCRYPT\u201995 (Louis\u00a0C. Guillou and Jean-Jacques Quisquater, eds.), LNCS, vol. 921, Springer, Heidelberg, May 1995, pp.\u00a01\u201312","DOI":"10.1007\/3-540-49264-X_1"},{"key":"5_CR77","doi-asserted-by":"crossref","unstructured":"Mathias Soeken, Martin Roetteler, Nathan Wiebe, and Giovanni De\u00a0Micheli, Hierarchical reversible logic synthesis using luts, Proceedings of the 54th Annual Design Automation Conference 2017 (New York, NY, USA), DAC \u201917, Association for Computing Machinery, 2017","DOI":"10.1145\/3061639.3062261"},{"key":"5_CR78","unstructured":"28th acm stoc, ACM Press, May 1996"},{"key":"5_CR79","doi-asserted-by":"crossref","unstructured":"Yasuhiro Takahashi, Seiichiro Tani, and Noboru Kunihiro, Quantum addition circuits and unbounded fan-out, Quantum Info. Comput. 10 (2010), no.\u00a09, 872\u2013890","DOI":"10.26421\/QIC10.9-10-12"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-99-8727-6_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T01:02:48Z","timestamp":1765933368000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-99-8727-6_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9789819987269","9789819987276"],"references-count":79,"URL":"https:\/\/doi.org\/10.1007\/978-981-99-8727-6_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"18 December 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Guangzhou","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 December 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 December 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2023\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"375","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"106","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}