{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,20]],"date-time":"2025-12-20T20:26:09Z","timestamp":1766262369542,"version":"3.48.0"},"reference-count":32,"publisher":"Springer Science and Business Media LLC","issue":"11","license":[{"start":{"date-parts":[[2024,10,23]],"date-time":"2024-10-23T00:00:00Z","timestamp":1729641600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,10,23]],"date-time":"2024-10-23T00:00:00Z","timestamp":1729641600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Sci. China Inf. Sci."],"published-print":{"date-parts":[[2024,11]]},"DOI":"10.1007\/s11432-024-4150-3","type":"journal-article","created":{"date-parts":[[2024,10,25]],"date-time":"2024-10-25T03:03:05Z","timestamp":1729825385000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A closer look at the belief propagation algorithm in side-channel attack on CCA-secure PQC KEM"],"prefix":"10.1007","volume":"67","author":[{"given":"Kexin","family":"Qiao","sequence":"first","affiliation":[]},{"given":"Zhaoyang","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Heng","family":"Chang","sequence":"additional","affiliation":[]},{"given":"Siwei","family":"Sun","sequence":"additional","affiliation":[]},{"given":"Zehan","family":"Wu","sequence":"additional","affiliation":[]},{"given":"Junjie","family":"Cheng","sequence":"additional","affiliation":[]},{"given":"Changhai","family":"Ou","sequence":"additional","affiliation":[]},{"given":"An","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Liehuang","family":"Zhu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,10,23]]},"reference":[{"key":"4150_CR1","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.FIPS.203","volume-title":"Module-lattice-based key-encapsulation mechanism standard","author":"National Institute of Standards and Technology (US)","year":"2024","unstructured":"National Institute of Standards and Technology (US). Module-lattice-based key-encapsulation mechanism standard. (Department of Commerce, Washington, D.C.), Federal Information Processing Standards Publication (FIPS), 2024, NIST FIPS 203. https:\/\/doi.org\/10.6028\/NIST.FIPS.203"},{"key":"4150_CR2","unstructured":"National Institute of Standards and Technology. Post-Quantum Cryptography Standardization. https:\/\/csrc.nist.gov\/Projects\/Post-Quantum-Cryptography\/Post-Quantum-Cryptography-Standardization"},{"key":"4150_CR3","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1007\/s00145-011-9114-1","volume":"26","author":"E Fujisaki","year":"2013","unstructured":"Fujisaki E, Okamoto T. Secure integration of asymmetric and symmetric encryption schemes. J Cryptol, 2013, 26: 80\u2013101","journal-title":"J Cryptol"},{"key":"4150_CR4","doi-asserted-by":"publisher","first-page":"307","DOI":"10.46586\/tches.v2020.i3.307-335","volume":"3","author":"P Ravi","year":"2020","unstructured":"Ravi P, Sinha Roy S, Chattopadhyay A, et al. Generic side-channel attacks on CCA-secure lattice-based PKE and KEMs. IACR Trans Cryptogr Hardw Embed Syst, 2020, 3: 307\u2013335","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR5","doi-asserted-by":"publisher","first-page":"92","DOI":"10.1007\/978-3-030-92068-5_4","volume-title":"Proceedings of Advances in Cryptology\u2013ASIACRYPT 2021","author":"Y Qin","year":"2021","unstructured":"Qin Y, Cheng C, Zhang X, et al. A systematic approach and analysis of key mismatch attacks on lattice-based NIST candidate KEMs. In: Proceedings of Advances in Cryptology\u2013ASIACRYPT 2021, Cham: Springer International Publishing, 2021. 92\u2013121"},{"key":"4150_CR6","first-page":"89","volume":"1","author":"M Shen","year":"2023","unstructured":"Shen M, Cheng C, Zhang X, et al. Find the bad apples: an efficient method for perfect key recovery under imperfect SCA oracles \u2013 a case study of Kyber. IACR Trans Cryptogr Hardw Embed Syst, 2023, 1: 89\u2013112","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR7","doi-asserted-by":"publisher","first-page":"115","DOI":"10.46586\/tches.v2022.i2.115-139","volume":"2","author":"J P D\u2019Anvers","year":"2022","unstructured":"D\u2019Anvers J P, Heinz D, Pessl P, et al. Higher-order masked ciphertext comparison for lattice-based cryptography. IACR Trans Cryptogr Hardw Embed Syst, 2022, 2: 115\u2013139","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR8","doi-asserted-by":"publisher","first-page":"418","DOI":"10.46586\/tches.v2023.i2.418-446","volume":"2","author":"G Rajendran","year":"2023","unstructured":"Rajendran G, Ravi P, D\u2019Anvers J P, et al. Pushing the limits of generic side-channel attacks on LWE-based KEMs-parallel PC oracle attacks on Kyber KEM and beyond. IACR Trans Cryptogr Hardw Embed Syst, 2023, 2: 418\u2013446","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR9","doi-asserted-by":"publisher","first-page":"473","DOI":"10.46586\/tches.v2023.i3.473-503","volume":"3","author":"Y Tanaka","year":"2023","unstructured":"Tanaka Y, Ueno R, Xagawa K, et al. Multiple-valued plaintext-checking side-channel attacks on post-quantum KEMs. IACR Trans Cryptogr Hardw Embed Syst, 2023, 3: 473\u2013503","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR10","doi-asserted-by":"publisher","first-page":"2163","DOI":"10.1109\/TC.2021.3122997","volume":"71","author":"Z Xu","year":"2022","unstructured":"Xu Z, Pemberton O, Roy S S, et al. Magnifying side-channel leakage of lattice-based cryptosystems with chosen ciphertexts: the case study of Kyber. IEEE Trans Comput, 2022, 71: 2163\u20132176","journal-title":"IEEE Trans Comput"},{"key":"4150_CR11","doi-asserted-by":"publisher","first-page":"684","DOI":"10.1109\/TIFS.2021.3139268","volume":"17","author":"P Ravi","year":"2022","unstructured":"Ravi P, Bhasin S, Roy S S, et al. On exploiting message leakage in (few) NIST PQC candidates for practical message recovery attacks. IEEE Trans Inform Forensic Secur, 2022, 17: 684\u2013699","journal-title":"IEEE Trans Inform Forensic Secur"},{"key":"4150_CR12","doi-asserted-by":"publisher","first-page":"287","DOI":"10.46586\/tches.v2023.i4.287-317","volume":"4","author":"J Hermelink","year":"2023","unstructured":"Hermelink J, M\u00f8artensson E, Samardjiska S, et al. Belief propagation meets lattice reduction: Security estimates for error-tolerant key recovery from decryption errors. IACR Trans Cryptogr Hardw Embed Syst, 2023, 4: 287\u2013317","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR13","first-page":"722","volume":"1","author":"P Ravi","year":"2022","unstructured":"Ravi P, Ezerman M F, Bhasin S, et al. Will you cross the threshold for me? IACR Trans Cryptogr Hardw Embed Syst, 2022, 1: 722\u2013761","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR14","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3603170","volume":"23","author":"P Ravi","year":"2024","unstructured":"Ravi P, Chattopadhyay A, D\u2019Anvers J P, et al. Side-channel and fault-injection attacks over lattice-based post-quantum schemes (Kyber, Dilithium): survey and new results. ACM Trans Embed Comput Syst, 2024, 23: 1\u201354","journal-title":"ACM Trans Embed Comput Syst"},{"key":"4150_CR15","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1145\/3338467.3358948","volume-title":"Proceedings of Proceedings of ACM Workshop on Theory of Implementation Security Workshop","author":"J P D\u2019Anvers","year":"2019","unstructured":"D\u2019Anvers J P, Tiepelt M, Vercauteren F, et al. Timing attacks on error correcting codes in post-quantum schemes. In: Proceedings of Proceedings of ACM Workshop on Theory of Implementation Security Workshop, New York: Association for Computing Machinery, 2019. 2\u20139"},{"key":"4150_CR16","doi-asserted-by":"publisher","first-page":"747","DOI":"10.1007\/978-3-030-17656-3_26","volume-title":"Proceedings of Advances in Cryptology\u2013EUROCRYPT 2019","author":"C B\u0103etu","year":"2019","unstructured":"B\u0103etu C, Durak F B, Huguenin-Dumittan L, et al. Misuse attacks on post-quantum cryptosystems. In: Proceedings of Advances in Cryptology\u2013EUROCRYPT 2019, Cham: Springer, 2019. 747\u2013776"},{"key":"4150_CR17","first-page":"296","volume":"1","author":"R Ueno","year":"2022","unstructured":"Ueno R, Xagawa K, Tanaka Y, et al. Curse of re-encryption: a generic power\/EM analysis on post-quantum KEMs. IACR Trans Cryptogr Hardw Embed Syst, 2022, 1: 296\u2013322","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR18","doi-asserted-by":"publisher","first-page":"359","DOI":"10.1007\/978-3-030-56880-1_13","volume-title":"Proceedings of Advances in Cryptology \u2013 CRYPTO 2020","author":"Q Guo","year":"2020","unstructured":"Guo Q, Johansson T, Nilsson A. A key-recovery timing attack on post-quantum primitives using the Fujisaki-Okamoto transformation and its application on FrodoKEM. In: Proceedings of Advances in Cryptology \u2013 CRYPTO 2020, Cham: Springer, 2020. 359\u2013386"},{"key":"4150_CR19","doi-asserted-by":"publisher","first-page":"334","DOI":"10.46586\/tches.v2021.i3.334-359","volume":"3","author":"S Bhasin","year":"2021","unstructured":"Bhasin S, D\u2019Anvers J P, Heinz D, et al. Attacking and defending masked polynomial comparison for lattice-based cryptography. IACR Trans Cryptogr Hardw Embed Syst, 2021, 3: 334\u2013359","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR20","doi-asserted-by":"publisher","first-page":"676","DOI":"10.46586\/tches.v2021.i4.676-707","volume":"4","author":"K Ngo","year":"2021","unstructured":"Ngo K, Dubrova E, Guo Q, et al. A side-channel attack on a masked IND-CCA secure Saber KEM implementation. IACR Trans Cryptogr Hardw Embed Syst, 2021, 4: 676\u2013707","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR21","doi-asserted-by":"publisher","first-page":"483","DOI":"10.46586\/tches.v2020.i3.483-507","volume":"3","author":"F Bache","year":"2020","unstructured":"Bache F, Paglialonga C, Oder T, et al. High-speed masking for polynomial comparison in lattice-based KEMs. IACR Trans Cryptogr Hardw Embed Syst, 2020, 3: 483\u2013507","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR22","doi-asserted-by":"publisher","first-page":"142","DOI":"10.46586\/tches.v2018.i1.142-174","volume":"1","author":"T Oder","year":"2018","unstructured":"Oder T, Schneider T, P\u00f6ppelmann T, et al. Practical CCA2-secure and masked ring-LWE implementation. IACR Trans Cryptogr Hardw Embed Syst, 2018, 1: 142\u2013174","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR23","first-page":"271","volume-title":"Proceedings of the Applied Cryptography and Network Security - ACNS 2024","author":"P Mondal","year":"2024","unstructured":"Mondal P, Kundu S, Bhattacharya S, et al. A practical key-recovery attack on LWE-based key-encapsulation mechanism schemes using rowhammer. In: Proceedings of the Applied Cryptography and Network Security - ACNS 2024, 2024. 271\u2013300"},{"key":"4150_CR24","doi-asserted-by":"publisher","first-page":"37","DOI":"10.46586\/tches.v2021.i2.37-60","volume":"2","author":"P Pessl","year":"2021","unstructured":"Pessl P, Prokop L. Fault attacks on CCA-secure lattice KEMs. IACR Trans Cryptogr Hardw Embed Syst, 2021, 2: 37\u201360","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR25","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1145\/3178291.3178294","volume-title":"Proceedings of the Fifth Workshop on Cryptography and Security in Computing Systems","author":"F Valencia","year":"2018","unstructured":"Valencia F, Oder T, G\u00fcneysu T, et al. Exploring the vulnerability of R-LWE encryption to fault attacks. In: Proceedings of the Fifth Workshop on Cryptography and Security in Computing Systems, 2018. 7\u201312"},{"key":"4150_CR26","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/978-3-540-74735-2_13","volume-title":"Proceedings of the 9th International Workshop on, Cryptographic Hardware and Embedded Systems-CHES 2007","author":"C Clavier","year":"2007","unstructured":"Clavier C. Secret external encodings do not prevent transient fault analysis. In: Proceedings of the 9th International Workshop on, Cryptographic Hardware and Embedded Systems-CHES 2007, Berlin, Heidelberg: Springer Berlin Heidelberg, 2007. 181\u2013194"},{"key":"4150_CR27","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1007\/978-3-030-92518-5_15","volume-title":"Proceedings of Progress in Cryptology \u2013 INDOCRYPT 2021","author":"J Hermelink","year":"2021","unstructured":"Hermelink J, Pessl P, P\u00f6ppelmann T. Fault-enabled chosen-ciphertext attacks on Kyber. In: Proceedings of Progress in Cryptology \u2013 INDOCRYPT 2021, Cham: Springer, 2021. 311\u2013334"},{"key":"4150_CR28","doi-asserted-by":"publisher","first-page":"637","DOI":"10.46586\/tches.v2022.i4.637-660","volume":"4","author":"J Delvaux","year":"2022","unstructured":"Delvaux J. Roulette: a diverse family of feasible fault attacks on masked Kyber. IACR Trans Cryptogr Hardw Embed Syst, 2022, 4: 637\u2013660","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR29","doi-asserted-by":"publisher","first-page":"844","DOI":"10.46586\/tches.v2024.i2.844-869","volume":"2","author":"S Kundu","year":"2024","unstructured":"Kundu S, Chowdhury S, Saha S, et al. Carry your fault: a fault propagation attack on side-channel protected LWE-based KEM. IACR Trans Cryptogr Hardw Embed Syst, 2024, 2: 844\u2013869","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR30","doi-asserted-by":"publisher","first-page":"329","DOI":"10.1007\/978-3-030-56880-1_12","volume-title":"Proceedings of Advances in Cryptology \u2013 CRYPTO 2020","author":"D Dachman-Soled","year":"2020","unstructured":"Dachman-Soled D, Ducas L, Gong H, et al. LWE with side information: attacks and concrete security estimation. In: Proceedings of Advances in Cryptology \u2013 CRYPTO 2020, Cham: Springer, 2020. 329\u2013358"},{"key":"4150_CR31","doi-asserted-by":"publisher","first-page":"209","DOI":"10.46586\/tches.v2020.i4.209-238","volume":"4","author":"Q Guo","year":"2020","unstructured":"Guo Q, Grosso V, Standaert F X, et al. Modeling soft analytical side-channel attacks from a coding theory viewpoint. IACR Trans Cryptogr Hardw Embed Syst, 2020, 4: 209\u2013238","journal-title":"IACR Trans Cryptogr Hardw Embed Syst"},{"key":"4150_CR32","doi-asserted-by":"publisher","first-page":"565","DOI":"10.1007\/s10623-014-9938-4","volume":"75","author":"A Langlois","year":"2015","unstructured":"Langlois A, Stehl\u00e9 D. Worst-case to average-case reductions for module lattices. Des Codes Cryptogr, 2015, 75: 565\u2013599","journal-title":"Des Codes Cryptogr"}],"container-title":["Science China Information Sciences"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11432-024-4150-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11432-024-4150-3","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11432-024-4150-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,20]],"date-time":"2025-12-20T20:24:00Z","timestamp":1766262240000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11432-024-4150-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,23]]},"references-count":32,"journal-issue":{"issue":"11","published-print":{"date-parts":[[2024,11]]}},"alternative-id":["4150"],"URL":"https:\/\/doi.org\/10.1007\/s11432-024-4150-3","relation":{},"ISSN":["1674-733X","1869-1919"],"issn-type":[{"type":"print","value":"1674-733X"},{"type":"electronic","value":"1869-1919"}],"subject":[],"published":{"date-parts":[[2024,10,23]]},"assertion":[{"value":"9 February 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"29 July 2024","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 September 2024","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"23 October 2024","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"212302"}}