{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,8]],"date-time":"2026-01-08T17:08:14Z","timestamp":1767892094576,"version":"3.49.0"},"publisher-location":"Singapore","reference-count":30,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819987290","type":"print"},{"value":"9789819987306","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-981-99-8730-6_4","type":"book-chapter","created":{"date-parts":[[2023,12,17]],"date-time":"2023-12-17T07:02:04Z","timestamp":1702796524000},"page":"106-137","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["Too Many Hints \u2013 When LLL Breaks LWE"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5965-5675","authenticated-orcid":false,"given":"Alexander","family":"May","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3066-0133","authenticated-orcid":false,"given":"Julian","family":"Nowakowski","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,12,18]]},"reference":[{"key":"4_CR1","doi-asserted-by":"crossref","unstructured":"Ajtai, M., Dwork, C.: A public-key cryptosystem with worst-case\/average-case equivalence. In: 29th Annual ACM Symposium on Theory of Computing, pp. 284\u2013293. ACM Press (1997)","DOI":"10.1145\/258533.258604"},{"key":"4_CR2","doi-asserted-by":"crossref","unstructured":"Albrecht, M.R., Ducas, L.: Lattice Attacks on NTRU and LWE: a history of refinements, pp. 15\u201340 (2021)","DOI":"10.1017\/9781108854207.004"},{"key":"4_CR3","unstructured":"Alkim, E., Ducas, L., P\u00f6ppelmann, T., Schwabe, P.: Post-quantum key exchange - A new hope. In: Holz, T., Savage, S. (eds.) USENIX Security 2016: 25th USENIX Security Symposium, pp. 327\u2013343. USENIX Association (2016)"},{"key":"4_CR4","doi-asserted-by":"crossref","unstructured":"Ajtai, M.: Generating hard instances of lattice problems (extended abstract). In: 28th Annual ACM Symposium on Theory of Computing, pp. 99\u2013108. ACM Press (1996)","DOI":"10.1145\/237814.237838"},{"key":"4_CR5","doi-asserted-by":"crossref","unstructured":"Bos, J., et al.: CRYSTALS-Kyber: a CCA-secure module-lattice-based KEM. In: 2018 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 353\u2013367. IEEE (2018)","DOI":"10.1109\/EuroSP.2018.00032"},{"issue":"3","key":"4_CR6","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2633600","volume":"6","author":"Z Brakerski","year":"2014","unstructured":"Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. ACM Trans. Comput. Theory (TOCT) 6(3), 1\u201336 (2014)","journal-title":"ACM Trans. Comput. Theory (TOCT)"},{"key":"4_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/3-540-68697-5_11","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201996","author":"D Boneh","year":"1996","unstructured":"Boneh, D., Venkatesan, R.: Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 129\u2013142. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68697-5_11"},{"key":"4_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1007\/3-540-46416-6_4","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201991","author":"MJ Coster","year":"1991","unstructured":"Coster, M.J., LaMacchia, B.A., Odlyzko, A.M., Schnorr, C.P.: An improved low-density subset sum algorithm. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 54\u201367. Springer, Heidelberg (1991). https:\/\/doi.org\/10.1007\/3-540-46416-6_4"},{"issue":"4","key":"4_CR9","doi-asserted-by":"publisher","first-page":"233","DOI":"10.1007\/s001459900030","volume":"10","author":"D Coppersmith","year":"1997","unstructured":"Coppersmith, D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Cryptol. 10(4), 233\u2013260 (1997)","journal-title":"J. Cryptol."},{"key":"4_CR10","doi-asserted-by":"publisher","unstructured":"Dachman-Soled, Dana, Ducas, L\u00e9o., Gong, Huijing, Rossi, M\u00e9lissa.: LWE with side information: attacks and concrete security estimation. In: Micciancio, Daniele, Ristenpart, Thomas (eds.) CRYPTO 2020. Part II. LNCS, vol. 12171, pp. 329\u2013358. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56880-1_12","DOI":"10.1007\/978-3-030-56880-1_12"},{"key":"4_CR11","doi-asserted-by":"crossref","unstructured":"Ducas, L., et al.: Crystals-dilithium: a lattice-based digital signature scheme. In: IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 238\u2013268 (2018)","DOI":"10.46586\/tches.v2018.i1.238-268"},{"key":"4_CR12","unstructured":"The FPLLL development team. fpyLLL, a Python wraper for the fpLLL lattice reduction library, Version: 0.5.7 (2021). https:\/\/github.com\/fplll\/fpylll"},{"key":"4_CR13","doi-asserted-by":"publisher","unstructured":"Esser, A., May, A., Verbel, J.A., Wen, W.: Partial key exposure attacks on BIKE, rainbow and NTRU. In: Dodis, Y., Shrimpton, T. (eds.) CRYPTO 2022. Part III. LNCS, vol. 13509, pp. 346\u2013375. Springer, Heidelberg (2022). https:\/\/doi.org\/10.1007\/978-3-031-15982-4_12","DOI":"10.1007\/978-3-031-15982-4_12"},{"key":"4_CR14","unstructured":"Fouque, P.A., et al.: Falcon: fast-Fourier lattice-based compact signatures over NTRU. Submission NIST\u2019s Post-quantum Crypt. Stand. Process 36(5), 1\u201375 (2018)"},{"key":"4_CR15","unstructured":"Heninger, N., Durumeric, Z., Wustrow, E., Halderman, J.A.: Mining your PS and QS: detection of widespread weak keys in network devices. In: Presented as part of the 21st $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 12), pp. 205\u2013220 (2012)"},{"key":"4_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/BFb0054868","volume-title":"Algorithmic Number Theory","author":"J Hoffstein","year":"1998","unstructured":"Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267\u2013288. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0054868"},{"key":"4_CR17","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/s001459900042","volume":"11","author":"A Joux","year":"1998","unstructured":"Joux, A., Stern, J.: Lattice reduction: a toolbox for the cryptanalyst. J. Cryptol. 11, 161\u2013185 (1998)","journal-title":"J. Cryptol."},{"key":"4_CR18","unstructured":"K\u00f6lbl, S., Misoczki, R., Schmieg, S.: Securing tomorrow today: why Google now protects its internal communications from quantum threats (2022). https:\/\/cloud.google.com\/blog\/products\/identity-security\/why-google-now-uses-post-quantum-cryptography-for-internal-comms?hl=en"},{"key":"4_CR19","doi-asserted-by":"crossref","unstructured":"Lenstra, A.K., Lenstra, H.W., Lov\u00e1sz, L.: Factoring polynomials with rational coefficients. Math. Ann. 261, 515\u2013534 (1982)","DOI":"10.1007\/BF01457454"},{"key":"4_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-13190-5_1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2010","author":"V Lyubashevsky","year":"2010","unstructured":"Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 1\u201323. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-13190-5_1"},{"issue":"3","key":"4_CR21","doi-asserted-by":"publisher","first-page":"565","DOI":"10.1007\/s10623-014-9938-4","volume":"75","author":"A Langlois","year":"2015","unstructured":"Langlois, A., Stehl\u00e9, D.: Worst-case to average-case reductions for module lattices. Des. Codes Cryptogr. 75(3), 565\u2013599 (2015)","journal-title":"Des. Codes Cryptogr."},{"key":"4_CR22","doi-asserted-by":"publisher","unstructured":"Martinet, J.: Perfect Lattices in Euclidean Spaces, vol. 327. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-662-05167-2","DOI":"10.1007\/978-3-662-05167-2"},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"May, A., Nowakowski, J.: Too many hints - when LLL breaks LWE. Cryptology ePrint Archive, Paper 2023\/777 (20230. https:\/\/eprint.iacr.org\/2023\/777","DOI":"10.1007\/978-981-99-8730-6_4"},{"issue":"5","key":"4_CR24","doi-asserted-by":"publisher","first-page":"1319","DOI":"10.1016\/j.laa.2010.11.015","volume":"434","author":"G Maze","year":"2011","unstructured":"Maze, G., Rosenthal, J., Wagner, U.: Natural density of rectangular unimodular integer matrices. Linear Algebra Appl. 434(5), 1319\u20131324 (2011)","journal-title":"Linear Algebra Appl."},{"key":"4_CR25","doi-asserted-by":"crossref","unstructured":"Odlyzko, A.M.: The rise and fall of knapsack cryptosystems. Cryptol. Comput. Number Theory 42(2) (1990)","DOI":"10.1090\/psapm\/042\/1095552"},{"key":"4_CR26","doi-asserted-by":"crossref","unstructured":"Peikert, C., Regev, O., Stephens-Davidowitz, N.: Pseudorandomness of ring-LWE for any ring and modulus. In: Hatami, H., McKenzie, P., King, V. (eds.) Proceedings of the 49th Annual ACM SIGACT Symposium on Theory of Computing, STOC 2017, Montreal, QC, Canada, 19\u201323 June 2017 (2017)","DOI":"10.1145\/3055399.3055489"},{"key":"4_CR27","doi-asserted-by":"crossref","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) 37th Annual ACM Symposium on Theory of Computing, pp. 84\u201393. ACM Press (2005)","DOI":"10.1145\/1060590.1060603"},{"key":"4_CR28","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1016\/0304-3975(87)90064-8","volume":"53","author":"C-P Schnorr","year":"1987","unstructured":"Schnorr, C.-P.: A hierarchy of polynomial time lattice basis reduction algorithms. Theor. Comput. Sci. 53, 201\u2013224 (1987)","journal-title":"Theor. Comput. Sci."},{"key":"4_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"617","DOI":"10.1007\/978-3-642-10366-7_36","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"D Stehl\u00e9","year":"2009","unstructured":"Stehl\u00e9, D., Steinfeld, R., Tanaka, K., Xagawa, K.: Efficient public key encryption based on ideal lattices. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 617\u2013635. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-10366-7_36"},{"key":"4_CR30","unstructured":"Wu, H., Wang, X., Xu, G.: Reducing an LWE instance by modular hints and its applications to primal attack, dual attack and BKW attack. Cryptology ePrint Archive, Paper 2022\/1404 (2022). https:\/\/eprint.iacr.org\/2022\/1404"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-99-8730-6_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T01:02:47Z","timestamp":1765933367000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-99-8730-6_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9789819987290","9789819987306"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-981-99-8730-6_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"18 December 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Guangzhou","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 December 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 December 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2023\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"375","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"106","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}