{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,9]],"date-time":"2026-05-09T01:59:15Z","timestamp":1778291955548,"version":"3.51.4"},"reference-count":44,"publisher":"Springer Science and Business Media LLC","issue":"6","license":[{"start":{"date-parts":[[2025,2,12]],"date-time":"2025-02-12T00:00:00Z","timestamp":1739318400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,2,12]],"date-time":"2025-02-12T00:00:00Z","timestamp":1739318400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"funder":[{"name":"PIA4 X7PQC"},{"name":"The defense innovation agency (AID) from the French ministry of armed forces"},{"name":"The French National Agency in the framework of the \u201dInvestissements d\u2019avenir\u201d (future-oriented investments) program"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Des. Codes Cryptogr."],"published-print":{"date-parts":[[2025,6]]},"DOI":"10.1007\/s10623-025-01575-2","type":"journal-article","created":{"date-parts":[[2025,2,12]],"date-time":"2025-02-12T15:52:57Z","timestamp":1739375577000},"page":"2137-2157","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Secret and shared keys recovery on hamming quasi-cyclic with SASCA"],"prefix":"10.1007","volume":"93","author":[{"given":"Chlo\u00e9","family":"Ba\u00efsse","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Antoine","family":"Moran","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Guillaume","family":"Goy","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Julien","family":"Maillard","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nicolas","family":"Aragon","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Philippe","family":"Gaborit","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Maxime","family":"Lecomte","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Antoine","family":"Loiseau","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,2,12]]},"reference":[{"key":"1575_CR1","doi-asserted-by":"crossref","unstructured":"Alagic G., Apon D., Cooper D., Dang Q., Dang T., Kelsey J., Lichtinger J., Miller C., Moody D., Peralta R., et al.: Status Report On The Third Round of the NIST Post-Quantum Cryptography standardization process. US Department of Commerce, NIST (2022).","DOI":"10.6028\/NIST.IR.8413"},{"key":"1575_CR2","unstructured":"Albrecht M.R., Bernstein D.J., Chou T., Cid C., Gilcher J., Lange T., Maram V., Von\u00a0Maurich I., Misoczki R., Niederhagen R., et al.: Classic McEliece: Conservative Code-Based Cryptography (2022)."},{"key":"1575_CR3","unstructured":"Aragon N., Barreto P., Bettaieb S., Bidoux L., Blazy O., Deneuville J.-C., Gaborit P., Ghosh S., Gueron S., G\u00fcneysu T., et al.: BIKE: Bit Flipping Key Encapsulation (2022)."},{"key":"1575_CR4","doi-asserted-by":"publisher","unstructured":"Assael G., Elbaz-Vincent P., Reymond G.: improving single-trace attacks on the number-theoretic transform for cortex-M4. In: 2023 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 111\u2013121 (2023). https:\/\/doi.org\/10.1109\/HOST55118.2023.10133270 . IEEE.","DOI":"10.1109\/HOST55118.2023.10133270"},{"key":"1575_CR5","doi-asserted-by":"publisher","unstructured":"Bernstein D.J., H\u00fclsing A., K\u00f6lbl S., Niederhagen R., Rijneveld J., Schwabe P.: The SPHINCS+ Signature Framework. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 2129\u20132146 (2019). https:\/\/doi.org\/10.1145\/3319535.3363229.","DOI":"10.1145\/3319535.3363229"},{"key":"1575_CR6","doi-asserted-by":"publisher","unstructured":"Bos J., Ducas L., Kiltz E., Lepoint T., Lyubashevsky V., Schanck J.M., Schwabe P., Seiler G., Stehl\u00e9 D.: CRYSTALS-Kyber: a CCA-secure module-lattice-based KEM. In: 2018 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 353\u2013367. IEEE (2018). https:\/\/doi.org\/10.1109\/EuroSP.2018.00032.","DOI":"10.1109\/EuroSP.2018.00032"},{"key":"1575_CR7","doi-asserted-by":"crossref","unstructured":"Brier E., Clavier C., Olivier F.: Correlation power analysis with a leakage model. In: Cryptographic Hardware and Embedded Systems-CHES 2004: 6th International Workshop Cambridge, MA, USA, August 11\u201313, 2004. Proceedings, vol. 6, pp. 16\u201329. Springer (2004).","DOI":"10.1007\/978-3-540-28632-5_2"},{"key":"1575_CR8","doi-asserted-by":"publisher","unstructured":"Cassiers G., Bronchain O.: SCALIB: a side-channel analysis library. J. Open Source Softw. 8(86), 5196 (2023). https:\/\/doi.org\/10.21105\/joss.05196.","DOI":"10.21105\/joss.05196"},{"key":"1575_CR9","doi-asserted-by":"publisher","unstructured":"Dobraunig C., Eichlseder M., Mendel F., Schl\u00e4ffer M.: Ascon v1.2: Lightweight authenticated encryption and hashing. J. Cryptol. 34, 1\u201342 (2021). https:\/\/doi.org\/10.1007\/s00145-021-09398-9.","DOI":"10.1007\/s00145-021-09398-9"},{"key":"1575_CR10","doi-asserted-by":"publisher","unstructured":"Ducas L., Kiltz E., Lepoint T., Lyubashevsky V., Schwabe P., Seiler G., Stehl\u00e9 D.: Crystals-Dilithium: a lattice-based digital signature scheme. IACR Trans. Cryptogr. Hardware Embedded Syst. (2018). https:\/\/doi.org\/10.46586\/tches.v2018.i1.238-268.","DOI":"10.46586\/tches.v2018.i1.238-268"},{"issue":"1","key":"1575_CR11","doi-asserted-by":"publisher","first-page":"21","DOI":"10.7551\/mitpress\/4347.001.0001","volume":"8","author":"R Gallager","year":"1962","unstructured":"Gallager R.: Low-Density parity-check codes. IRE Trans. Inf. Theory 8(1), 21\u201328 (1962). https:\/\/doi.org\/10.7551\/mitpress\/4347.001.0001.","journal-title":"IRE Trans. Inf. Theory"},{"key":"1575_CR12","doi-asserted-by":"publisher","unstructured":"Goy G., Loiseau A., Gaborit P.: A new key recovery side-channel attack on HQC with chosen Ciphertext. In: International Conference on Post-Quantum Cryptography, pp. 353\u2013371. Springer (2022). https:\/\/doi.org\/10.1007\/978-3-031-17234-2_17.","DOI":"10.1007\/978-3-031-17234-2_17"},{"key":"1575_CR13","unstructured":"Goy G., Loiseau A., Gaborit P.: estimating the strength of horizontal correlation attacks in the Hamming weight leakage model: a side-channel analysis on HQC KEM. In: WCC 2022: The Twelfth International Workshop on Coding and Cryptography, pp. 2022\u20132048 (2022)."},{"key":"1575_CR14","doi-asserted-by":"publisher","unstructured":"Goy G., Maillard J., Gaborit P., Loiseau A.: Single trace HQC shared key recovery with SASCA. IACR Trans. Cryptographic Hardware Embedded Syst. 2024(2), 64\u201387 (2024). https:\/\/doi.org\/10.46586\/tches.v2024.i2.64-87.","DOI":"10.46586\/tches.v2024.i2.64-87"},{"key":"1575_CR15","doi-asserted-by":"publisher","unstructured":"Guruswami V., Sudan M.: Improved decoding of Reed\u2013Solomon and algebraic-geometric codes. In: Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No. 98CB36280), pp. 28\u201337 (1998). https:\/\/doi.org\/10.1109\/SFCS.1998.743426 . IEEE.","DOI":"10.1109\/SFCS.1998.743426"},{"key":"1575_CR16","doi-asserted-by":"publisher","unstructured":"Hamburg M., Hermelink J., Primas R., Samardjiska S., Schamberger T., Streit S., Strieder E., Vredendaal C.: Chosen Ciphertext k-Trace attacks on masked CCA2 Secure Kyber. IACR Trans. Cryptogr. Hardware Embedded Syst. (2021). https:\/\/doi.org\/10.46586\/tches.v2021.i4.88-113.","DOI":"10.46586\/tches.v2021.i4.88-113"},{"key":"1575_CR17","doi-asserted-by":"publisher","unstructured":"Hermelink J., Streit S., Strieder E., Thieme K.: adapting belief propagation to counter shuffling of NTTs. IACR Trans. Cryptogr. Hardware Embedded Syst. (2023). https:\/\/doi.org\/10.46586\/tches.v2023.i1.60-88.","DOI":"10.46586\/tches.v2023.i1.60-88"},{"key":"1575_CR18","doi-asserted-by":"publisher","unstructured":"Hofheinz D., H\u00f6velmanns K., Kiltz E.: A modular analysis of the Fujisaki\u2013Okamoto transformation. In: Theory of Cryptography Conference, pp. 341\u2013371. Springer (2017). https:\/\/doi.org\/10.1007\/978-3-319-70500-2_12.","DOI":"10.1007\/978-3-319-70500-2_12"},{"key":"1575_CR19","doi-asserted-by":"publisher","DOI":"10.2307\/1403035","author":"V Isham","year":"1981","unstructured":"Isham V.: An introduction to spatial point processes and Markov random fields. Int. Stat. Rev. (1981). https:\/\/doi.org\/10.2307\/1403035.","journal-title":"Int. Stat. Rev."},{"key":"1575_CR20","doi-asserted-by":"publisher","unstructured":"Kannwischer M.J., Pessl P., Primas R.: Single-trace attacks on Keccak. IACR Trans. Cryptogr. Hardware Embedded Syst. 2020(3), 243\u2013268 (2020). https:\/\/doi.org\/10.46586\/tches.v2020.i3.243-268.","DOI":"10.46586\/tches.v2020.i3.243-268"},{"issue":"2","key":"1575_CR21","doi-asserted-by":"publisher","first-page":"498","DOI":"10.1109\/18.910572","volume":"47","author":"FR Kschischang","year":"2001","unstructured":"Kschischang F.R., Frey B.J., Loeliger H.-A.: Factor graphs and the sum-product algorithm. IEEE Trans. Inf. Theory 47(2), 498\u2013519 (2001). https:\/\/doi.org\/10.1109\/18.910572.","journal-title":"IEEE Trans. Inf. Theory"},{"key":"1575_CR22","doi-asserted-by":"publisher","unstructured":"Luo S., Wu W., Li Y., Zhang R., Liu Z.: An efficient soft analytical side-channel attack on Ascon. In: International Conference on Wireless Algorithms, Systems, and Applications, pp. 389\u2013400. Springer (2022). https:\/\/doi.org\/10.1007\/978-3-031-19208-1_32.","DOI":"10.1007\/978-3-031-19208-1_32"},{"key":"1575_CR23","volume-title":"Information Theory, Inference and Learning Algorithms","author":"DJ MacKay","year":"2003","unstructured":"MacKay D.J.: Information Theory, Inference and Learning Algorithms. Cambridge University Press, Cambridge (2003)."},{"key":"1575_CR24","volume-title":"The Theory of Error-Correcting Codes","author":"FJ MacWilliams","year":"1977","unstructured":"MacWilliams F.J., Sloane N.J.A.: The Theory of Error-Correcting Codes, vol. 16. Elsevier, Amsterdam (1977)."},{"key":"1575_CR25","volume-title":"Power Analysis Attacks: Revealing the Secrets of Smart Cards","author":"S Mangard","year":"2008","unstructured":"Mangard S., Oswald E., Popp T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards, vol. 31. Springer, Berlin (2008)."},{"key":"1575_CR26","unstructured":"Melchor C.A., Aragon N., Bettaieb S., Bidoux L., Blazy O., Deneuville J.-C., Gaborit P., Persichetti E., Z\u00e9mor G.: Hamming Quasi-Cyclic (HQC). In: NIST PQC Seminar (2017)."},{"key":"1575_CR27","unstructured":"Merli D., Stumpf F., Sigl G.: Protecting PUF error correction by codeword masking. Cryptology ePrint Archive. Report 2013\/334 (2013)."},{"key":"1575_CR28","doi-asserted-by":"publisher","unstructured":"Paiva T.B., Terada R.: A Timing Attack on the HQC Encryption Scheme. In: Selected Areas in Cryptography\u2013SAC 2019: 26th International Conference, Waterloo, ON, Canada, August 12\u201316, 2019, Revised Selected Papers 26, pp. 551\u2013573 (2020). https:\/\/doi.org\/10.1007\/978-3-030-38471-5_22 . Springer.","DOI":"10.1007\/978-3-030-38471-5_22"},{"key":"1575_CR29","doi-asserted-by":"publisher","unstructured":"Pearl J.: Reverend Bayes on inference engines: a distributed hierarchical approach. In: Probabilistic and Causal Inference: The Works of Judea Pearl, pp. 129\u2013138 (2022). https:\/\/doi.org\/10.1145\/3501714.3501727.","DOI":"10.1145\/3501714.3501727"},{"key":"1575_CR30","doi-asserted-by":"publisher","unstructured":"Pessl P., Primas R.: More practical single-trace attacks on the number theoretic transform. In: Progress in Cryptology\u2014LATINCRYPT 2019: 6th International Conference on Cryptology and Information Security in Latin America, Santiago de Chile, Chile, October 2\u20134, 2019, Proceedings 6, pp. 130\u2013149. Springer (2019). https:\/\/doi.org\/10.1007\/978-3-030-30530-7_7.","DOI":"10.1007\/978-3-030-30530-7_7"},{"issue":"5","key":"1575_CR31","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1109\/TIT.1962.1057777","volume":"8","author":"E Prange","year":"1962","unstructured":"Prange E.: The use of information sets in decoding cyclic codes. IRE Trans. Inf. Theory 8(5), 5\u20139 (1962). https:\/\/doi.org\/10.1109\/TIT.1962.1057777.","journal-title":"IRE Trans. Inf. Theory"},{"key":"1575_CR32","unstructured":"Prest T., Fouque P.-A., Hoffstein J., Kirchner P., Lyubashevsky V., Pornin T., Ricosset T., Seiler G., Whyte W., Zhang Z.: Falcon. Post-Quantum Cryptography Project of NIST (2020)."},{"key":"1575_CR33","doi-asserted-by":"publisher","unstructured":"Primas R., Pessl P., Mangard S.: Single-trace side-channel attacks on masked lattice-based encryption. In: Cryptographic Hardware and Embedded Systems\u2014CHES 2017: 19th International Conference, Taipei, Taiwan, September 25\u201328, 2017, Proceedings, pp. 513\u2013533. Springer (2017). https:\/\/doi.org\/10.1007\/978-3-319-66787-4_25.","DOI":"10.1007\/978-3-319-66787-4_25"},{"key":"1575_CR34","doi-asserted-by":"publisher","unstructured":"Ravi P., Poussier R., Bhasin S., Chattopadhyay A.: On configurable SCA countermeasures against single trace attacks for the NTT: a performance evaluation study over Kyber and Dilithium on the ARM Cortex-M4. In: Security, Privacy, and Applied Cryptography Engineering: 10th International Conference, SPACE 2020, Kolkata, India, December 17\u201321, 2020, Proceedings 10, pp. 123\u2013146. Springer (2020). https:\/\/doi.org\/10.1007\/978-3-030-66626-2_7.","DOI":"10.1007\/978-3-030-66626-2_7"},{"key":"1575_CR35","doi-asserted-by":"publisher","first-page":"684","DOI":"10.1109\/TIFS.2021.3139268","volume":"17","author":"P Ravi","year":"2021","unstructured":"Ravi P., Bhasin S., Roy S.S., Chattopadhyay A.: On exploiting message leakage in (few) NIST PQC candidates for practical message recovery attacks. IEEE Trans. Inf. Forens. Secur. 17, 684\u2013699 (2021).","journal-title":"IEEE Trans. Inf. Forens. Secur."},{"key":"1575_CR36","doi-asserted-by":"publisher","DOI":"10.1145\/3603170","author":"P Ravi","year":"2022","unstructured":"Ravi P., Chattopadhyay A., D\u2019Anvers J.P., Baksi A.: Side-channel and -fault-injection attacks over lattice-based post-quantum schemes (Kyber, Dilithium): survey and new results. ACM Trans. Embedded Comput. Syst. (2022). https:\/\/doi.org\/10.1145\/3603170.","journal-title":"ACM Trans. Embedded Comput. Syst."},{"key":"1575_CR37","doi-asserted-by":"publisher","unstructured":"Schamberger T., Holzbaur L., Renner J., Wachter-Zeh A., Sigl G.: A power side-channel attack on the Reed\u2013Muller Reed\u2013Solomon version of the HQC cryptosystem. In: International Conference on Post-Quantum Cryptography, pp. 327\u2013352. Springer (2022). https:\/\/doi.org\/10.1007\/978-3-031-17234-2_16.","DOI":"10.1007\/978-3-031-17234-2_16"},{"key":"1575_CR38","doi-asserted-by":"publisher","unstructured":"Schamberger T., Renner J., Sigl G., Wachter-Zeh A.: a power side-channel attack on the CCA2-secure HQC KEM. In: Smart Card Research and Advanced Applications: 19th International Conference, CARDIS 2020, Virtual Event, November 18\u201319, 2020, Revised Selected Papers 19, pp. 119\u2013134. Springer (2021). https:\/\/doi.org\/10.1007\/978-3-030-68487-7_8.","DOI":"10.1007\/978-3-030-68487-7_8"},{"issue":"21","key":"1575_CR39","doi-asserted-by":"publisher","first-page":"21382","DOI":"10.1109\/JIOT.2022.3179683","volume":"9","author":"B-Y Sim","year":"2022","unstructured":"Sim B.-Y., Park A., Han D.-G.: Chosen-Ciphertext clustering attack on CRYSTALS-KYBER using the side-channel leakage of Barrett reduction. IEEE Internet Things J. 9(21), 21382\u201321397 (2022).","journal-title":"IEEE Internet Things J."},{"key":"1575_CR40","doi-asserted-by":"publisher","unstructured":"Veyrat-Charvillon N., G\u00e9rard B., Standaert F.-X.: Soft analytical aide-channel attacks. In: Advances in Cryptology\u2013ASIACRYPT 2014: 20th International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, Taiwan, ROC, December 7\u201311, 2014. Proceedings, Part I 20, pp. 282\u2013296. Springer (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_15.","DOI":"10.1007\/978-3-662-45611-8_15"},{"key":"1575_CR41","doi-asserted-by":"publisher","DOI":"10.3934\/amc.2020126","author":"G Wafo-Tapa","year":"2019","unstructured":"Wafo-Tapa G., Bettaieb S., Bidoux L., Gaborit P., Marcatel E.: A practicable timing attack against HQC and its countermeasure. Cryptology (2019). https:\/\/doi.org\/10.3934\/amc.2020126.","journal-title":"Cryptology"},{"issue":"9","key":"1575_CR42","doi-asserted-by":"publisher","first-page":"2163","DOI":"10.1109\/TC.2021.3122997","volume":"71","author":"Z Xu","year":"2021","unstructured":"Xu Z., Pemberton O., Roy S.S., Oswald D., Yao W., Zheng Z.: Magnifying side-channel leakage of lattice-lased cryptosystems with chosen Ciphertexts: the case study of Kyber. IEEE Trans. Comput. 71(9), 2163\u20132176 (2021). https:\/\/doi.org\/10.1109\/TC.2021.3122997.","journal-title":"IEEE Trans. Comput."},{"key":"1575_CR43","doi-asserted-by":"publisher","unstructured":"You S.-C., Kuhn M.G., Sarkar S., Hao F.: Low trace-count template attacks on 32-bit implementations of ASCON AEAD. IACR Trans. Cryptogr. Hardware Embedded Syst. 2023(4), 344\u2013366 (2023). https:\/\/doi.org\/10.46586\/tches.v2023.i4.344-366.","DOI":"10.46586\/tches.v2023.i4.344-366"},{"key":"1575_CR44","doi-asserted-by":"publisher","unstructured":"Zhou Y., Yu Y., Standaert F.-X., Quisquater J.-J.: On the need of physical security for small embedded devices: a case study with COMP128-1 implementations in SIM cards. In: Financial Cryptography and Data Security: 17th International Conference, FC 2013, Okinawa, Japan, April 1\u20135, 2013, Revised Selected Papers 17, pp. 230\u2013238. Springer (2013). https:\/\/doi.org\/10.1007\/978-3-642-39884-1_20.","DOI":"10.1007\/978-3-642-39884-1_20"}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-025-01575-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10623-025-01575-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-025-01575-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T19:54:41Z","timestamp":1750276481000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10623-025-01575-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,2,12]]},"references-count":44,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2025,6]]}},"alternative-id":["1575"],"URL":"https:\/\/doi.org\/10.1007\/s10623-025-01575-2","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"value":"0925-1022","type":"print"},{"value":"1573-7586","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,2,12]]},"assertion":[{"value":"31 May 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 November 2024","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"16 January 2025","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 February 2025","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that there is no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}