SoK: how (not) to design and implement post-quantum cryptography
From MaRDI portal
Publication:826276
DOI10.1007/978-3-030-75539-3_19zbMath1479.94189OpenAlexW3159391650MaRDI QIDQ826276
Daniel Apon, James Howe, Thomas Prest
Publication date: 20 December 2021
Full work available at URL: https://doi.org/10.1007/978-3-030-75539-3_19
Cryptography (94A60) Authentication, digital signatures and secret sharing (94A62) Quantum cryptography (quantum-theoretic aspects) (81P94)
Related Items
SoK: how (not) to design and implement post-quantum cryptography, Fault-injection attacks against NIST's post-quantum cryptography round 3 KEM candidates
Cites Work
- New directions in nearest neighbor searching with applications to lattice sieving
- Practical Lattice-Based Cryptography: A Signature Scheme for Embedded Systems
- Learning a Zonotope and More: Cryptanalysis of NTRUSign Countermeasures
- W-OTS+ – Shorter Signatures for Hash-Based Signature Schemes
- Concretely-Efficient Zero-Knowledge Arguments for Arithmetic Circuits and Their Application to Lattice-Based Cryptography
- Benchmarking Post-quantum Cryptography in TLS
- LegRoast: Efficient Post-quantum Signatures from the Legendre PRF
- A Side-Channel Assisted Cryptanalytic Attack Against QcBits
- Public-Key Identification Schemes Based on Multivariate Quadratic Polynomials
- Solving polynomial systems over finite fields
- Advances in Cryptology - EUROCRYPT 2004
- A Distinguisher for High-Rate McEliece Cryptosystems
- Template Attacks on Masking—Resistance Is Futile
- An Improved Compression Technique for Signatures Based on Learning with Errors
- Advances in Cryptology - CRYPTO 2003
- All in the XL Family: Theory and Practice
- The XL-Algorithm and a Conjecture from Commutative Algebra
- A Subexponential-Time Quantum Algorithm for the Dihedral Hidden Subgroup Problem
- On lattices, learning with errors, random linear codes, and cryptography
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies
- On the concrete hardness of learning with errors
- BBQ: using AES in Picnic signatures
- SoK: how (not) to design and implement post-quantum cryptography
- Finding shortest lattice vectors faster using quantum search
- Parallel collision search with cryptanalytic applications
- Lattice basis reduction: Improved practical algorithms and solving subset sum problems
- Improved identification schemes based on error-correcting codes
- Small solutions to polynomial equations, and low exponent RSA vulnerabilities
- Two attacks on rank metric code-based schemes: RankSign and an IBE scheme
- Decoding linear codes with high error rate and its impact for LPN security
- Grafting trees: a fault attack against the SPHINCS framework
- Practical implementation of Ring-SIS/LWE based signature and IBE
- Masking the GLP lattice-based signature scheme at any order
- A modular analysis of the Fujisaki-Okamoto transformation
- Flush, Gauss, and reload -- a cache attack on the BLISS lattice-based signature scheme
- An efficient quantum collision search algorithm and implications on symmetric cryptography
- Towards practical key exchange from ordinary isogeny graphs
- CSIDH: an efficient post-quantum commutative group action
- Assessing the feasibility of single trace power analysis of Frodo
- Public key compression for constrained linear signature schemes
- Cold boot attacks on NTRU
- Estimate all the {LWE, NTRU} schemes!
- Limits on the efficiency of (ring) LWE-based non-interactive key exchange
- Security of hedged Fiat-Shamir signatures under fault attacks
- (One) failure is not an option: bootstrapping the search for failures in lattice-based encryption schemes
- Sigma protocols for MQ, PKP and SIS, and fishy signature schemes
- Tight and optimal reductions for signatures based on average trapdoor preimage sampleable functions and applications to code-based signatures
- Message-recovery laser fault injection attack on the \textit{classic McEliece} cryptosystem
- Banquet: short and fast signatures from AES
- LWE with side information: attacks and concrete security estimation
- A key-recovery timing attack on post-quantum primitives using the Fujisaki-Okamoto transformation and its application on FrodoKEM
- Implementing Grover oracles for quantum key search on AES and LowMC
- He gives C-sieves on the CSIDH
- Quantum security analysis of CSIDH
- Algebraically structured LWE. Revisited
- Approximate trapdoors for lattices and smaller hash-and-sign signatures
- PKP-based signature scheme
- Quantum cryptanalysis in the RAM model: claw-finding attacks on SIKE
- Wave: a new family of trapdoor one-way preimage sampleable functions based on codes
- A novel CCA attack using decryption errors against LAC
- CSI-FiSh: efficient isogeny based signatures through class group computations
- A reaction attack against cryptosystems based on LRPC codes
- Breaking Ed25519 in WolfSSL
- Improving stateless hash-based signatures
- Decryption failure attacks on IND-CCA secure lattice-based schemes
- Masking Dilithium. Efficient implementation and side-channel evaluation
- Linear equivalence of block ciphers with partial non-linear layers: application to LowMC
- SeaSign: compact isogeny signatures from class group actions
- The impact of error dependencies on Ring/Mod-LWE/LWR based schemes
- Worst-case to average-case reductions for module lattices
- Merkle's key agreement protocol is optimal: an \(O(n^2)\) attack on any key agreement from random oracles
- A crossbred algorithm for solving Boolean polynomial systems
- SQISign: compact post-quantum signatures from quaternions and isogenies
- Side channel information set decoding using iterative chunking. Plaintext recovery from the ``Classic McEliece hardware reference implementation
- Analysis of Information Set Decoding for a Sub-linear Error Weight
- A Decade of Lattice Cryptography
- How (Not) to Instantiate Ring-LWE
- Security Proofs for Signature Schemes
- The Exact Security of Digital Signatures-How to Sign with RSA and Rabin
- On the Joint Security of Encryption and Signature in EMV
- Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller
- Efficient Identity-Based Encryption over NTRU Lattices
- RankSign: An Efficient Signature Algorithm Based on the Rank Metric
- Lattice Cryptography for the Internet
- SPHINCS: Practical Stateless Hash-Based Signatures
- Ciphers for MPC and FHE
- From 5-Pass $$\mathcal {MQ}$$-Based Identification to $$\mathcal {MQ}$$-Based Signatures
- On the Security of Supersingular Isogeny Cryptosystems
- A Key Recovery Attack on MDPC with CCA Security Using Decoding Errors
- Another Subexponential-time Quantum Algorithm for the Dihedral Hidden Subgroup Problem
- On the Security of the Winternitz One-Time Signature Scheme
- Affine Masking against Higher-Order Side Channel Analysis
- Towards Quantum-Resistant Cryptosystems from Supersingular Elliptic Curve Isogenies
- On Provable Security of UOV and HFE Signature Schemes against Chosen-Message Attack
- A new paradigm for public key identification
- Post-Quantum Cryptography
- Trapdoors for hard lattices and new cryptographic constructions
- On Ideal Lattices and Learning with Errors over Rings
- Learning a Parallelepiped: Cryptanalysis of GGH and NTRU Signatures
- Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures
- A public key cryptosystem and a signature scheme based on discrete logarithms
- How To Prove Yourself: Practical Solutions to Identification and Signature Problems
- New directions in cryptography
- A method for obtaining digital signatures and public-key cryptosystems
- A new identification scheme based on syndrome decoding
