{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T11:52:37Z","timestamp":1775044357803,"version":"3.50.1"},"reference-count":48,"publisher":"Walter de Gruyter GmbH","issue":"4","license":[{"start":{"date-parts":[[2018,9,20]],"date-time":"2018-09-20T00:00:00Z","timestamp":1537401600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by-nc-nd\/3.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018,12,1]]},"abstract":"Abstract<\/jats:title>\n Code-based cryptography is one of the main areas of interest for NIST\u2019s Post-Quantum Cryptography Standardization call. In this paper, we introduce DAGS, a Key Encapsulation Mechanism (KEM) based on quasi-dyadic generalized Srivastava codes. The scheme is proved to be IND-CCA secure in both random oracle model and quantum random oracle model. We believe that DAGS will offer competitive performance, especially when compared with other existing code-based schemes, and represent a valid candidate for post-quantum standardization.<\/jats:p>","DOI":"10.1515\/jmc-2018-0027","type":"journal-article","created":{"date-parts":[[2018,9,20]],"date-time":"2018-09-20T05:02:42Z","timestamp":1537419762000},"page":"221-239","source":"Crossref","is-referenced-by-count":19,"title":["DAGS: Key encapsulation using dyadic GS codes"],"prefix":"10.1515","volume":"12","author":[{"given":"Gustavo","family":"Banegas","sequence":"first","affiliation":[{"name":"Technische Universiteit Eindhoven , Eindhoven , Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Paulo S.\u2009L.\u2009M.","family":"Barreto","sequence":"additional","affiliation":[{"name":"University of Washington Tacoma , Tacoma , USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Brice Odilon","family":"Boidje","sequence":"additional","affiliation":[{"name":"Laboratoire d\u2019Algebre, de Cryptographie, de G\u00e9om\u00e9trie Alg\u00e9brique et Applications , Universit\u00e9 Cheikh Anta Diop , Dakar , Senegal"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pierre-Louis","family":"Cayrel","sequence":"additional","affiliation":[{"name":"Laboratoire Hubert Curien , Universit\u00e9 Jean Monnet , Saint-Etienne , France"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gilbert Ndollane","family":"Dione","sequence":"additional","affiliation":[{"name":"Laboratoire d\u2019Algebre, de Cryptographie, de G\u00e9om\u00e9trie Alg\u00e9brique et Applications , Universit\u00e9 Cheikh Anta Diop , Dakar , Senegal"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kris","family":"Gaj","sequence":"additional","affiliation":[{"name":"George Mason University , Washington D.\u2009C. , USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Cheikh Thi\u00e9coumba","family":"Gueye","sequence":"additional","affiliation":[{"name":"Laboratoire d\u2019Algebre, de Cryptographie, de G\u00e9om\u00e9trie Alg\u00e9brique et Applications , Universit\u00e9 Cheikh Anta Diop , Dakar , Senegal"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Richard","family":"Haeussler","sequence":"additional","affiliation":[{"name":"George Mason University , Washington D.\u2009C. , USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jean Belo","family":"Klamti","sequence":"additional","affiliation":[{"name":"Laboratoire d\u2019Algebre, de Cryptographie, de G\u00e9om\u00e9trie Alg\u00e9brique et Applications , Universit\u00e9 Cheikh Anta Diop , Dakar , Senegal"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ousmane","family":"N\u2019diaye","sequence":"additional","affiliation":[{"name":"Laboratoire d\u2019Algebre, de Cryptographie, de G\u00e9om\u00e9trie Alg\u00e9brique et Applications , Universit\u00e9 Cheikh Anta Diop , Dakar , Senegal"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Duc Tri","family":"Nguyen","sequence":"additional","affiliation":[{"name":"George Mason University , Washington D.\u2009C. , USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Edoardo","family":"Persichetti","sequence":"additional","affiliation":[{"name":"Department of Mathematical Sciences , Florida Atlantic University , Boca Raton , USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jefferson E.","family":"Ricardini","sequence":"additional","affiliation":[{"name":"Universidade de S\u00e3o Paulo , S\u00e3o Paulo , Brazil"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"374","published-online":{"date-parts":[[2018,9,20]]},"reference":[{"key":"2025120600245244476_j_jmc-2018-0027_ref_001_w2aab3b7b4b1b6b1ab1b8b1Aa","doi-asserted-by":"crossref","unstructured":"A. Al Jabri,\nA statistical decoding algorithm for general linear block codes,\nCryptography and Coding,\nLecture Notes in Comput. Sci. 2260,\nSpringer, Berlin (2001), 1\u20138.","DOI":"10.1007\/3-540-45325-3_1"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_002_w2aab3b7b4b1b6b1ab1b8b2Aa","unstructured":"E. Alkim, L. Ducas, T. P\u00f6ppelmann and P. Schwabe,\nPost-quantum key exchange - a new hope,\nCryptology ePrint Archive Report 2015\/1092 (2015), http:\/\/eprint.iacr.org\/2015\/1092."},{"key":"2025120600245244476_j_jmc-2018-0027_ref_003_w2aab3b7b4b1b6b1ab1b8b3Aa","doi-asserted-by":"crossref","unstructured":"M. Baldi, F. Chiaraluce, R. Garello and F. Mininni,\nQuasi-cyclic low-density parity-check codes in the McEliece cryptosystem,\nIEEE International Conference on Communications\u2014ICC\u201907,\nIEEE Press, Piscataway (2007), 951\u2013956.","DOI":"10.1109\/ICC.2007.161"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_004_w2aab3b7b4b1b6b1ab1b8b4Aa","doi-asserted-by":"crossref","unstructured":"E. Barelli and A. Couvreur,\nAn efficient structural attack on nist submission dags,\npreprint (2018), https:\/\/arxiv.org\/abs\/1805.05429.","DOI":"10.1007\/978-3-030-03326-2_4"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_005_w2aab3b7b4b1b6b1ab1b8b5Aa","unstructured":"S. Barg,\nSome new NP-complete coding problems (in Russian),\nProblemy Peredachi Informatsii 30 (1994), no. 3, 23\u201328."},{"key":"2025120600245244476_j_jmc-2018-0027_ref_006_w2aab3b7b4b1b6b1ab1b8b6Aa","unstructured":"A. Barg,\nComplexity issues in coding theory,\nHandbook of Coding Theory. Vol. 1. Part 1: Algebraic Coding,\nElsevier, Amsterdam (1998), 649\u2013754."},{"key":"2025120600245244476_j_jmc-2018-0027_ref_007_w2aab3b7b4b1b6b1ab1b8b7Aa","doi-asserted-by":"crossref","unstructured":"P. S. L. M. Barreto, S. Gueron, T. Gueneysu, R. Misoczki, E. Persichetti, N. Sendrier and J.-P. Tillich,\nCake: Code-based algorithm for key encapsulation,\nCryptography and Coding\u2014IMACC 2017,\nSpringer, Cham (2017), 207\u2013226.","DOI":"10.1007\/978-3-319-71045-7_11"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_008_w2aab3b7b4b1b6b1ab1b8b8Aa","doi-asserted-by":"crossref","unstructured":"P. S. L. M. Barreto, R. Lindner and R. Misoczki,\nMonoidic codes in cryptography,\nPost-quantum Cryptography,\nLecture Notes in Comput. Sci. 7071,\nSpringer, Heidelberg (2011), 179\u2013199.","DOI":"10.1007\/978-3-642-25405-5_12"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_009_w2aab3b7b4b1b6b1ab1b8b9Aa","doi-asserted-by":"crossref","unstructured":"T. P. Berger, P.-L. Cayrel, P. Gaborit and A. Otmani,\nReducing key length of the McEliece cryptosystem,\nProgress in Cryptology\u2014AFRICACRYPT 2009,\nLecture Notes in Comput. Sci. 5580,\nSpringer, Berlin (2009), 77\u201397.","DOI":"10.1007\/978-3-642-02384-2_6"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_010_w2aab3b7b4b1b6b1ab1b8c10Aa","doi-asserted-by":"crossref","unstructured":"E. R. Berlekamp, R. J. McEliece and H. C. A. van Tilborg,\nOn the inherent intractability of certain coding problems,\nIEEE Trans. Inform. Theory IT-24 (1978), no. 3, 384\u2013386.","DOI":"10.1109\/TIT.1978.1055873"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_011_w2aab3b7b4b1b6b1ab1b8c11Aa","doi-asserted-by":"crossref","unstructured":"D. J. Bernstein,\nGrover vs. McEliece,\nPost-Quantum Cryptography,\nLecture Notes in Comput. Sci. 6061,\nSpringer, Berlin (2010), 73\u201380.","DOI":"10.1007\/978-3-642-12929-2_6"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_012_w2aab3b7b4b1b6b1ab1b8c12Aa","doi-asserted-by":"crossref","unstructured":"D. J. Bernstein, T. Chou and P. Schwabe,\nMcbits: Fast constant-time code-based cryptography,\nCryptographic Hardware and Embedded Systems\u2014CHES 2013,\nLecture Notes in Comput. Sci. 8086,\nSpringer, Berlin (2013), 250\u2013272.","DOI":"10.1007\/978-3-642-40349-1_15"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_013_w2aab3b7b4b1b6b1ab1b8c13Aa","doi-asserted-by":"crossref","unstructured":"B. Biswas and N. Sendrier,\nMcEliece cryptosystem implementation: Theory and practice,\nPost-quantum Cryptography,\nLecture Notes in Comput. Sci. 5299,\nSpringer, Berlin (2008), 47\u201362.","DOI":"10.1007\/978-3-540-88403-3_4"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_014_w2aab3b7b4b1b6b1ab1b8c14Aa","doi-asserted-by":"crossref","unstructured":"J. Bos, C. Costello, L. Ducas, I. Mironov, M. Naehrig, V. Nikolaenko, A. Raghunathan and D. Stebila,\nFrodo: Take off the ring! Practical, quantum-secure key exchange from LWE,\nCryptology ePrint Archive Report 2016\/659 (2016), http:\/\/eprint.iacr.org\/2016\/659.","DOI":"10.1145\/2976749.2978425"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_015_w2aab3b7b4b1b6b1ab1b8c15Aa","doi-asserted-by":"crossref","unstructured":"J. W. Bos, C. Costello, M. Naehrig and D. Stebila,\nPost-quantum key exchange for the tls protocol from the ring learning with errors problem,\nIEEE Symposium on Security and Privacy,\nIEEE Press, Piscataway (2015), 553\u2013570.","DOI":"10.1109\/SP.2015.40"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_016_w2aab3b7b4b1b6b1ab1b8c16Aa","doi-asserted-by":"crossref","unstructured":"P.-L. Cayrel, G. Hoffmann and E. Persichetti,\nEfficient implementation of a CCA2-secure variant of McEliece using generalized Srivastava codes,\nPublic Key Cryptography\u2014PKC 2012,\nLecture Notes in Comput. Sci. 7293,\nSpringer, Heidelberg (2012), 138\u2013155.","DOI":"10.1007\/978-3-642-30057-8_9"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_017_w2aab3b7b4b1b6b1ab1b8c17Aa","doi-asserted-by":"crossref","unstructured":"N. T. Courtois, M. Finiasz and N. Sendrier,\nHow to achieve a McEliece-based digital signature scheme,\nAdvances in Cryptology\u2014ASIACRYPT 2001,\nLecture Notes in Comput. Sci. 2248,\nSpringer, Berlin (2001), 157\u2013174.","DOI":"10.1007\/3-540-45682-1_10"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_018_w2aab3b7b4b1b6b1ab1b8c18Aa","doi-asserted-by":"crossref","unstructured":"R. Cramer and V. Shoup,\nDesign and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack,\nSIAM J. Comput. 33 (2003), no. 1, 167\u2013226.\n10.1137\/S0097539702403773","DOI":"10.1137\/S0097539702403773"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_019_w2aab3b7b4b1b6b1ab1b8c19Aa","doi-asserted-by":"crossref","unstructured":"J.-C. Deneuville, P. Gaborit and G. Z\u00e9mor,\nOuroboros: A simple, secure and efficient key exchange protocol based on coding theory,\nPost-quantum Cryptography,\nLecture Notes in Comput. Sci. 10346,\nSpringer, Cham (2017), 18\u201334.","DOI":"10.1007\/978-3-319-59879-6_2"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_020_w2aab3b7b4b1b6b1ab1b8c20Aa","doi-asserted-by":"crossref","unstructured":"J.-C. Faug\u00e8re, V. Gauthier-Uma\u00f1a, A. Otmani, L. Perret and J.-P. Tillich,\nA distinguisher for high-rate McEliece cryptosystems,\nIEEE Trans. Inform. Theory 59 (2013), no. 10, 6830\u20136844.\n10.1109\/TIT.2013.2272036","DOI":"10.1109\/TIT.2013.2272036"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_021_w2aab3b7b4b1b6b1ab1b8c21Aa","doi-asserted-by":"crossref","unstructured":"J.-C. Faug\u00e8re, A. Otmani, L. Perret, F. de Portzamparc and J.-P. Tillich,\nStructural cryptanalysis of McEliece schemes with compact keys,\nDes. Codes Cryptogr. 79 (2016), no. 1, 87\u2013112.\n10.1007\/s10623-015-0036-z","DOI":"10.1007\/s10623-015-0036-z"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_022_w2aab3b7b4b1b6b1ab1b8c22Aa","doi-asserted-by":"crossref","unstructured":"J.-C. Faug\u00e8re, A. Otmani, L. Perret and J.-P. Tillich,\nAlgebraic cryptanalysis of McEliece variants with compact keys,\nAdvances in Cryptology\u2014EUROCRYPT 2010,\nLecture Notes in Comput. Sci. 6110,\nSpringer, Berlin (2010), 279\u2013298.","DOI":"10.1007\/978-3-642-13190-5_14"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_023_w2aab3b7b4b1b6b1ab1b8c23Aa","unstructured":"J.-C. Faug\u00e8re, A. Otmani, L. Perret and J.-P. Tillich,\nAlgebraic cryptanalysis of McEliece variants with compact keys \u2013 towards a complexity analysis,\nProceedings of the 2nd International Conference on Symbolic Computation and Cryptography\u2014SCC\u201910,\nLaboratoire d\u2019Informatique de Paris 6, Paris (2010), 45\u201355."},{"key":"2025120600245244476_j_jmc-2018-0027_ref_024_w2aab3b7b4b1b6b1ab1b8c24Aa","doi-asserted-by":"crossref","unstructured":"E. Fujisaki and T. Okamoto,\nSecure integration of asymmetric and symmetric encryption schemes,\nJ. Cryptology 26 (2013), no. 1, 80\u2013101.\n10.1007\/s00145-011-9114-1","DOI":"10.1007\/s00145-011-9114-1"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_025_w2aab3b7b4b1b6b1ab1b8c25Aa","doi-asserted-by":"crossref","unstructured":"Q. Guo, T. Johansson and P. Stankovski,\nA key recovery attack on MDPC with CCA security using decoding errors,\nAdvances in Cryptology\u2014ASIACRYPT 2016. Part I,\nLecture Notes in Comput. Sci. 10031,\nSpringer, Berlin (2016), 789\u2013815.","DOI":"10.1007\/978-3-662-53887-6_29"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_026_w2aab3b7b4b1b6b1ab1b8c26Aa","unstructured":"Y. Hamdaoui and N. Sendrier,\nA non asymptotic analysis of information set decoding,\nCryptology ePrint Archive Report 2013\/162 (2013), http:\/\/eprint.iacr.org\/2013\/162."},{"key":"2025120600245244476_j_jmc-2018-0027_ref_027_w2aab3b7b4b1b6b1ab1b8c27Aa","doi-asserted-by":"crossref","unstructured":"D. Hofheinz, K. H\u00f6velmanns and E. Kiltz,\nA modular analysis of the Fujisaki\u2013Okamoto transformation,\nTheory of Cryptography. Part I,\nLecture Notes in Comput. Sci. 10677,\nSpringer, Cham (2017), 341\u2013371.","DOI":"10.1007\/978-3-319-70500-2_12"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_028_w2aab3b7b4b1b6b1ab1b8c28Aa","doi-asserted-by":"crossref","unstructured":"G. Kachigar and J.-P. Tillich,\nQuantum information set decoding algorithms,\nPost-quantum Cryptography,\nLecture Notes in Comput. Sci. 10346,\nSpringer, Cham (2017), 69\u201389.","DOI":"10.1007\/978-3-319-59879-6_5"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_029_w2aab3b7b4b1b6b1ab1b8c29Aa","unstructured":"F. J. MacWilliams and N. J. A. Sloane,\nThe Theory of Error-Correcting Codes. I,\nNorth-Holland Math. Libr. 16,\nNorth-Holland, Amsterdam, 1977,"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_030_w2aab3b7b4b1b6b1ab1b8c30Aa","unstructured":"R. J. McEliece,\nA public-key cryptosystem based on algebraic coding theory,\nDeep Space Netw. Prog. Rep. 44 (1978), 114\u2013116."},{"key":"2025120600245244476_j_jmc-2018-0027_ref_031_w2aab3b7b4b1b6b1ab1b8c31Aa","doi-asserted-by":"crossref","unstructured":"R. Misoczki and P. S. L. M. Barreto,\nCompact mceliece keys from goppa codes,\nSelected Areas in Cryptography,\nSpringer, Berlin (2009), 376\u2013392.","DOI":"10.1007\/978-3-642-05445-7_24"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_032_w2aab3b7b4b1b6b1ab1b8c32Aa","doi-asserted-by":"crossref","unstructured":"R. Misoczki, J.-P. Tillich, N. Sendrier and P. L. S. M. Barreto,\nMDPC-McEliece: New McEliece variants from moderate density parity-check codes,\nInternational Symposium on Information Theory\u2014ISIT 2013,\nIEEE Press, Piscataway (2013), 2069\u20132073.","DOI":"10.1109\/ISIT.2013.6620590"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_033_w2aab3b7b4b1b6b1ab1b8c33Aa","doi-asserted-by":"crossref","unstructured":"R. Niebuhr,\nStatistical decoding of codes over \ud835\udd3dq{\\mathbb{F}_{q}},\nPost-quantum Cryptography,\nLecture Notes in Comput. Sci. 7071,\nSpringer, Heidelberg (2011), 217\u2013227.","DOI":"10.1007\/978-3-642-25405-5_14"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_034_w2aab3b7b4b1b6b1ab1b8c34Aa","doi-asserted-by":"crossref","unstructured":"R. Niebuhr, E. Persichetti, P.-L. Cayrel, S. Bulygin and J. Buchmann,\nOn lower bounds for information set decoding over \ud835\udd3dq{\\mathbb{F}_{q}} and on the effect of partial knowledge,\nInt. J. Inf. Coding Theory 4 (2017), no. 1, 47\u201378.","DOI":"10.1504\/IJICOT.2017.081458"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_035_w2aab3b7b4b1b6b1ab1b8c35Aa","doi-asserted-by":"crossref","unstructured":"R. Nojima, H. Imai, K. Kobara and K. Morozov,\nSemantic security for the McEliece cryptosystem without random oracles,\nDes. Codes Cryptogr. 49 (2008), no. 1\u20133, 289\u2013305.\n10.1007\/s10623-008-9175-9","DOI":"10.1007\/s10623-008-9175-9"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_036_w2aab3b7b4b1b6b1ab1b8c36Aa","doi-asserted-by":"crossref","unstructured":"E. Persichetti,\nCompact McEliece keys based on quasi-dyadic Srivastava codes,\nJ. Math. Cryptol. 6 (2012), no. 2, 149\u2013169.","DOI":"10.1515\/jmc-2011-0099"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_037_w2aab3b7b4b1b6b1ab1b8c37Aa","doi-asserted-by":"crossref","unstructured":"E. Persichetti,\nSecure and anonymous hybrid encryption from coding theory,\nPost-Quantum Cryptography\u2014PQCrypto 2013,\nBerlin, Heidelberg (2013), 174\u2013187.","DOI":"10.1007\/978-3-642-38616-9_12"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_038_w2aab3b7b4b1b6b1ab1b8c38Aa","doi-asserted-by":"crossref","unstructured":"C. Peters,\nInformation-set decoding for linear codes over \ud835\udc05q{{\\mathbf{F}}_{q}},\nPost-quantum Cryptography,\nLecture Notes in Comput. Sci. 6061,\nSpringer, Berlin (2010), 81\u201394.","DOI":"10.1007\/978-3-642-12929-2_7"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_039_w2aab3b7b4b1b6b1ab1b8c39Aa","doi-asserted-by":"crossref","unstructured":"E. Prange,\nThe use of information sets in decoding cyclic codes,\nIRE Trans. IT-8 (1962), S5\u2013S9.","DOI":"10.1109\/TIT.1962.1057777"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_040_w2aab3b7b4b1b6b1ab1b8c40Aa","doi-asserted-by":"crossref","unstructured":"D. V. Sarwate,\nOn the complexity of decoding Goppa codes,\nIEEE Trans. Inform. Theory IT-23 (1977), no. 4, 515\u2013516.","DOI":"10.1109\/TIT.1977.1055732"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_041_w2aab3b7b4b1b6b1ab1b8c41Aa","doi-asserted-by":"crossref","unstructured":"P. W. Shor,\nPolynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer,\nSIAM J. Comput. 26 (1997), no. 5, 1484\u20131509.\n10.1137\/S0097539795293172","DOI":"10.1137\/S0097539795293172"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_042_w2aab3b7b4b1b6b1ab1b8c42Aa","doi-asserted-by":"crossref","unstructured":"F. Strenzke,\nA timing attack against the secret permutation in the McEliece PKC,\nPost-quantum Cryptography,\nLecture Notes in Comput. Sci. 6061,\nSpringer, Berlin (2010), 95\u2013107.","DOI":"10.1007\/978-3-642-12929-2_8"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_043_w2aab3b7b4b1b6b1ab1b8c43Aa","doi-asserted-by":"crossref","unstructured":"F. Strenzke, E. Tews, H. G. Molter, R. Overbeck and A. Shoufan,\nSide channels in the McEliece PKC,\nPost-quantum Cryptography,\nLecture Notes in Comput. Sci. 5299,\nSpringer, Berlin (2008), 216\u2013229.","DOI":"10.1007\/978-3-540-88403-3_15"},{"key":"2025120600245244476_j_jmc-2018-0027_ref_044_w2aab3b7b4b1b6b1ab1b8c44Aa","unstructured":"https:\/\/bigquake.inria.fr\/."},{"key":"2025120600245244476_j_jmc-2018-0027_ref_045_w2aab3b7b4b1b6b1ab1b8c45Aa","unstructured":"https:\/\/bikesuite.org."},{"key":"2025120600245244476_j_jmc-2018-0027_ref_046_w2aab3b7b4b1b6b1ab1b8c46Aa","unstructured":"http:\/\/christianepeters.wordpress.com\/publications\/tools\/."},{"key":"2025120600245244476_j_jmc-2018-0027_ref_047_w2aab3b7b4b1b6b1ab1b8c47Aa","unstructured":"https:\/\/classic.mceliece.org\/."},{"key":"2025120600245244476_j_jmc-2018-0027_ref_048_w2aab3b7b4b1b6b1ab1b8c48Aa","unstructured":"https:\/\/keccak.team\/kangarootwelve.html."}],"container-title":["Journal of Mathematical Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.degruyter.com\/view\/j\/jmc.2018.12.issue-4\/jmc-2018-0027\/jmc-2018-0027.xml","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.degruyterbrill.com\/document\/doi\/10.1515\/jmc-2018-0027\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.degruyterbrill.com\/document\/doi\/10.1515\/jmc-2018-0027\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,6]],"date-time":"2025-12-06T00:25:06Z","timestamp":1764980706000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.degruyterbrill.com\/document\/doi\/10.1515\/jmc-2018-0027\/html"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,9,20]]},"references-count":48,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2018,9,20]]},"published-print":{"date-parts":[[2018,12,1]]}},"alternative-id":["10.1515\/jmc-2018-0027"],"URL":"https:\/\/doi.org\/10.1515\/jmc-2018-0027","relation":{},"ISSN":["1862-2984","1862-2976"],"issn-type":[{"value":"1862-2984","type":"electronic"},{"value":"1862-2976","type":"print"}],"subject":[],"published":{"date-parts":[[2018,9,20]]}}}