{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,1]],"date-time":"2025-10-01T15:16:36Z","timestamp":1759331796557,"version":"3.37.3"},"reference-count":58,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"funder":[{"DOI":"10.13039\/100010686","name":"H2020 European Institute of Innovation and Technology","doi-asserted-by":"crossref","award":["ERC-669891"],"award-info":[{"award-number":["ERC-669891"]}],"id":[{"id":"10.13039\/100010686","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Comput."],"published-print":{"date-parts":[[2018]]},"DOI":"10.1109\/tc.2018.2833119","type":"journal-article","created":{"date-parts":[[2018,5,4]],"date-time":"2018-05-04T19:05:00Z","timestamp":1525460700000},"page":"1-1","source":"Crossref","is-referenced-by-count":13,"title":["Loop-Abort Faults on Lattice-Based Signatures and Key Exchange Protocols"],"prefix":"10.1109","author":[{"given":"Thomas","family":"Espitau","sequence":"first","affiliation":[]},{"given":"Pierre-Alain","family":"Fouque","sequence":"additional","affiliation":[]},{"given":"Benoit","family":"Gerard","sequence":"additional","affiliation":[]},{"given":"Mehdi","family":"Tibouchi","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","first-page":"598","article-title":"Fiat&#x2013;Shamir with aborts: Applications to lattice and factoring-based signatures","author":"lyubashevsky","year":"2009","journal-title":"Proc Int Conf Theory Appl Cryptol Inf Secur"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1007\/s12095-011-0061-3"},{"key":"ref33","first-page":"323","article-title":"Flush, Gauss, and reload - A cache attack on the BLISS lattice-based signature scheme","author":"groot bruinderink","year":"2016","journal-title":"Proc Int Workshop Cryptographic Hardware Embedded Syst"},{"key":"ref32","first-page":"112","article-title":"Public-key cryptosystems from lattice reduction problems","author":"goldreich","year":"1997","journal-title":"Proc Annu Int Cryptology Conf"},{"key":"ref31","first-page":"299","article-title":"Cryptanalysis of the revised NTRU signature scheme","author":"gentry","year":"2002","journal-title":"Proc Int Conf Theory Appl Cryptographic Techn"},{"key":"ref30","first-page":"197","article-title":"Trapdoors for hard lattices and new cryptographic constructions","author":"gentry","year":"2008","journal-title":"Proc Annu ACM Symp Theory Comput"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/2724713"},{"key":"ref36","doi-asserted-by":"crossref","first-page":"476","DOI":"10.1007\/978-3-319-07536-5_28","article-title":"Practical signatures from the partial Fourier recovery problem","author":"hoffstein","year":"2014","journal-title":"Proc Appl Cryptography Netw Security Conf"},{"key":"ref35","first-page":"122","article-title":"NTRUSign: Digital signatures using the NTRU lattice","author":"hoffstein","year":"2003","journal-title":"Proc The Cryptographer s Track at RSA Conf"},{"key":"ref34","first-page":"530","article-title":"Practical lattice-based cryptography: A signature scheme for embedded systems","author":"g\u00fcneysu","year":"2012","journal-title":"Proc Int Workshop Cryptographic Hardware Embedded Syst"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-59879-6_6"},{"article-title":"Falcon: Fast-Fourier lattice-based compact signatures over NTRU","year":"2017","author":"fouque","key":"ref27"},{"key":"ref29","first-page":"1","article-title":"Cryptanalysis of the NTRU signature scheme (NSS) from Eurocrypt 2001","author":"gentry","year":"2001","journal-title":"Proc Int Conf Theory Appl Cryptol Inf Secur"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-59879-6_9"},{"key":"ref1","first-page":"44","article-title":"An efficient lattice-based signature scheme with provably secure instantiation","author":"akleylek","year":"2016","journal-title":"Proc Int Conf Cryptology Africa"},{"key":"ref20","article-title":"CRYSTALS - Dilithium: Digital signatures from module lattices","volume":"2017","author":"ducas","year":"2017","journal-title":"IACR Cryptology ePrint Archive"},{"key":"ref22","first-page":"433","article-title":"Learning a Zonotope and more: Cryptanalysis of NTRUSign countermeasures","author":"ducas","year":"2012","journal-title":"Proc Int Conf Theory Appl Cryptol Inf Secur"},{"key":"ref21","first-page":"22","article-title":"Efficient identity-based encryption over NTRU lattices","author":"ducas","year":"2014","journal-title":"Proc Int Conf Theory Appl Cryptol Inf Secur"},{"key":"ref24","first-page":"1857","article-title":"Side-channel attacks on BLISS lattice-based signatures","author":"espitau","year":"2017","journal-title":"Proc ACM SIGSAC Conf Comput Commun Secur"},{"key":"ref23","first-page":"140","article-title":"Loop-abort faults on lattice-based Fiat&#x2013;Shamir and hash-and-sign signatures","author":"espitau","year":"2016","journal-title":"Proc Conf Sel Areas Cryptography"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-013-0050-x"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/j.jsc.2013.12.002"},{"key":"ref50","first-page":"231","article-title":"Lightweight fault attack resistance in software using intra-instruction redundancy","author":"patrick","year":"2016","journal-title":"Proc Conf Sel Areas Cryptography"},{"key":"ref51","doi-asserted-by":"crossref","first-page":"197","DOI":"10.1007\/978-3-319-11659-4_12","article-title":"Lattice cryptography for the internet","author":"peikert","year":"2014","journal-title":"Proc Int Workshop Post-Quantum Cryptography"},{"key":"ref58","article-title":"Implementation attacks on post-quantum cryptographic schemes","author":"taha","year":"2015","journal-title":"IACR Cryptology ePrint Archive"},{"article-title":"Sage mathematics software (version 7.0)","year":"2016","author":"stein","key":"ref57"},{"key":"ref56","first-page":"62","article-title":"High precision fault injections on the instruction cache of ARMv7-M architectures","author":"rivi\u00e8re","year":"2015","journal-title":"Proc IEEE Int Symp Hardw -Orient Sec Trust"},{"article-title":"Implementation of the GPV-based scheme of Ducas et\ufffdal.","year":"2016","author":"prest","key":"ref55"},{"key":"ref54","first-page":"353","article-title":"Enhanced lattice-based signatures on reconfigurable hardware","author":"p\u00f6ppelmann","year":"2014","journal-title":"Proc Int Workshop Cryptographic Hardware Embedded Syst"},{"key":"ref53","first-page":"1843","article-title":"To BLISS-B or not to be: Attacking strongSwan's implementation of post-quantum signatures","author":"pessl","year":"2017","journal-title":"Proc ACM SIGSAC Conf Comput Commun Secur"},{"article-title":"A decade of lattice cryptography","year":"2015","author":"peikert","key":"ref52"},{"key":"ref10","first-page":"553","article-title":"Post-quantum key exchange for the TLS protocol from the ring learning with errors problem","author":"bos","year":"2015","journal-title":"Proc IEEE Symp Secur Privacy"},{"key":"ref11","first-page":"634","article-title":"CRYSTALS - Kyber: A CCA-secure module-lattice-based KEM","author":"bos","year":"2018","journal-title":"Proc IEEE Symp Privacy Secur"},{"key":"ref40","first-page":"738","article-title":"Lattice signatures without trapdoors","author":"lyubashevsky","year":"2012","journal-title":"Proc Int Conf Theory Appl Cryptographic Techn"},{"key":"ref12","first-page":"177","article-title":"SEU sensitivity and modeling using pico-second pulsed laser stimulation of a D Flip-Flop in 40 nm CMOS technology","author":"champeix","year":"2015","journal-title":"Proc IEEE Int Symp Defect Fault Tolerance VLSI Syst"},{"key":"ref13","doi-asserted-by":"crossref","DOI":"10.6028\/NIST.IR.8105","article-title":"Report on post-quantum cryptography","author":"chen","year":"2016"},{"key":"ref14","first-page":"653","article-title":"PSS is secure against random fault attacks","author":"coron","year":"2009","journal-title":"Proc Int Conf Theory Appl Cryptol Inf Secur"},{"key":"ref15","first-page":"31015","article-title":"What is the computational value of finite range tunneling?","volume":"6","author":"denchev","year":"2016"},{"key":"ref16","article-title":"A simple provably secure key exchange scheme based on the learning with errors problem","volume":"2012","author":"ding","year":"2012","journal-title":"IACR Cryptology ePrint Archive"},{"key":"ref17","article-title":"Accelerating BLISS: The geometry of ternary polynomials","volume":"2014","author":"ducas","year":"2014","journal-title":"IACR Cryptology ePrint Archive"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40041-4_3"},{"article-title":"A proof-of-concept implementation of BLISS.","year":"2014","author":"ducas","key":"ref19"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1007\/BF02579403"},{"key":"ref3","first-page":"327","article-title":"Post-quantum key exchange - A new hope","author":"alkim","year":"2016","journal-title":"Proc Usenix Secur Symp"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-44598-6_8"},{"key":"ref5","first-page":"206","article-title":"Making RSA-PSS provably secure against non-random faults","author":"barthe","year":"2014","journal-title":"Proc Int Workshop Cryptographic Hardware Embedded Syst"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/s001450010016"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2016.11"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2006.134"},{"key":"ref9","first-page":"1006","article-title":"Frodo: Take off the ring! Practical, quantum-secure key exchange from LWE","author":"bos","year":"2016","journal-title":"Proc ACM SIGSAC Conf Comput Commun Secur"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-008-9031-0"},{"year":"2016","key":"ref45","article-title":"Commercial national security algorithm suite and quantum computing FAQ"},{"key":"ref48","first-page":"245","article-title":"Evidence of a larger EM-induced fault model","author":"ordas","year":"2014","journal-title":"Proc Int Conf Smart Card Res Adv Appl"},{"key":"ref47","doi-asserted-by":"crossref","first-page":"243","DOI":"10.1007\/978-3-319-10175-0_17","article-title":"ChipWhisperer: An open-source platform for hardware embedded security research","author":"o'flynn","year":"2014","journal-title":"Proc Int Workshop Constructive Side-Channel Anal Secure Design"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11659-4_1"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1016\/j.laa.2010.11.015"},{"key":"ref44","first-page":"16","article-title":"Experimenting with faults, lattices and the DSA","author":"naccache","year":"2005","journal-title":"Proc Int Workshop Public Key Cryptogr"},{"key":"ref43","first-page":"700","article-title":"Trapdoors for lattices: Simpler, tighter, faster, smaller","author":"micciancio","year":"2012","journal-title":"Proc Int Conf Theory Appl Cryptographic Techn"}],"container-title":["IEEE Transactions on Computers"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/12\/4358213\/08354897.pdf?arnumber=8354897","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,12]],"date-time":"2022-01-12T16:17:40Z","timestamp":1642004260000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8354897\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"references-count":58,"URL":"https:\/\/doi.org\/10.1109\/tc.2018.2833119","relation":{},"ISSN":["0018-9340"],"issn-type":[{"type":"print","value":"0018-9340"}],"subject":[],"published":{"date-parts":[[2018]]}}}