Fault-enabled chosen-ciphertext attacks on Kyber
J Hermelink, P Pessl, T Pöppelmann - … on Cryptology in India, Jaipur, India …, 2021 - Springer
NIST's PQC standardization process is in the third round, and a first final choice between
one of three remaining lattice-based key-encapsulation mechanisms is expected by the end …
one of three remaining lattice-based key-encapsulation mechanisms is expected by the end …
[PDF][PDF] Research Online
VNT Le, B Apopei, K Alameh - Sciences, 2018 - academia.edu
Abstract© The Institution of Engineering and Technology 2019. The modulus switching
technique has been used in some cryptographic applications as well as in cryptanalysis. For …
technique has been used in some cryptographic applications as well as in cryptanalysis. For …
Belief propagation meets lattice reduction: Security estimates for error-tolerant key recovery from decryption errors
J Hermelink, E Mårtensson, S Samardjiska… - IACR Transactions on …, 2023 - tches.iacr.org
In LWE-based KEMs, observed decryption errors leak information about the secret key in the
form of equations or inequalities. Several practical fault attacks have already exploited such …
form of equations or inequalities. Several practical fault attacks have already exploited such …
Tiger: Tiny bandwidth key encapsulation mechanism for easy migration based on rlwe (r)
S Park, CG Jung, A Park, J Choi, H Kang - Cryptology ePrint Archive, 2022 - eprint.iacr.org
Abstract The quantum resistance Key Encapsulation Mechanism (PQC-KEM) design aims to
replace cryptography in legacy security protocols. It would be nice if PQC-KEM were faster …
replace cryptography in legacy security protocols. It would be nice if PQC-KEM were faster …
Comparing proofs of security for lattice-based encryption
DJ Bernstein - Cryptology ePrint Archive, 2019 - eprint.iacr.org
This paper describes the limits of various" security proofs", using 36 lattice-based KEMs as
case studies. This description allows the limits to be systematically compared across these …
case studies. This description allows the limits to be systematically compared across these …
The matrix reloaded: Multiplication strategies in FrodoKEM
Lattice-based schemes are promising candidates to replace the current public-key
cryptographic infrastructure in wake of the looming threat of quantum computers. One of the …
cryptographic infrastructure in wake of the looming threat of quantum computers. One of the …
On quantum chosen-ciphertext attacks and learning with errors
Large-scale quantum computing poses a major threat to classical public-key cryptography.
Recently, strong “quantum access” security models have shown that numerous symmetric …
Recently, strong “quantum access” security models have shown that numerous symmetric …
Tighter Proofs for PKE-to-KEM Transformation in the Quantum Random Oracle Model
J Chen, Y Wang, R Chen, X Huang, W Peng - International Conference on …, 2025 - Springer
In this work, we provide new, tighter proofs for the\(T_ {RH}\)-transformation by Jiang et
al.(ASIACRYPT 2023), which converts OW-CPA secure PKEs into KEMs with IND-1CCA …
al.(ASIACRYPT 2023), which converts OW-CPA secure PKEs into KEMs with IND-1CCA …
Visualizing size-security tradeoffs for lattice-based encryption
DJ Bernstein - Cryptology ePrint Archive, 2019 - eprint.iacr.org
There are many proposed lattice-based encryption systems. How do these systems compare
in the security that they provide against known attacks, under various limits on …
in the security that they provide against known attacks, under various limits on …
Verifying solutions to LWE with implications for concrete security
A key step in Regev's (2009) reduction of the Discrete Gaussian Sampling (DGS) problem to
that of solving the Learning With Errors (LWE) problem is a statistical test required for …
that of solving the Learning With Errors (LWE) problem is a statistical test required for …