{"id":"https://openalex.org/W3184771349","doi":"https://doi.org/10.1109/jiot.2022.3179683","title":"Chosen-Ciphertext Clustering Attack on CRYSTALS-KYBER Using the Side-Channel Leakage of Barrett Reduction","display_name":"Chosen-Ciphertext Clustering Attack on CRYSTALS-KYBER Using the Side-Channel Leakage of Barrett Reduction","publication_year":2022,"publication_date":"2022-06-02","ids":{"openalex":"https://openalex.org/W3184771349","doi":"https://doi.org/10.1109/jiot.2022.3179683","mag":"3184771349"},"language":"en","primary_location":{"id":"doi:10.1109/jiot.2022.3179683","is_oa":true,"landing_page_url":"https://doi.org/10.1109/jiot.2022.3179683","pdf_url":"https://ieeexplore.ieee.org/ielx7/6488907/9926222/09786796.pdf","source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://ieeexplore.ieee.org/ielx7/6488907/9926222/09786796.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5022827279","display_name":"Bo-Yeon Sim","orcid":"https://orcid.org/0000-0002-6446-1020"},"institutions":[{"id":"https://openalex.org/I142401562","display_name":"Electronics and Telecommunications Research Institute","ror":"https://ror.org/03ysstz10","country_code":"KR","type":"facility","lineage":["https://openalex.org/I142401562","https://openalex.org/I2801339556","https://openalex.org/I4210144908","https://openalex.org/I4387152098"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Bo-Yeon Sim","raw_affiliation_strings":["Department of Intelligent Convergence Research Laboratory, Electronics and Telecommunications Research Institute, Daejeon, Republic of Korea"],"raw_orcid":"https://orcid.org/0000-0002-6446-1020","affiliations":[{"raw_affiliation_string":"Department of Intelligent Convergence Research Laboratory, Electronics and Telecommunications Research Institute, Daejeon, Republic of Korea","institution_ids":["https://openalex.org/I142401562"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074046030","display_name":"Aesun Park","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Aesun Park","raw_affiliation_strings":["Department of Information Security Unit, Defense Security Support Command, Gwacheon, Republic of Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Information Security Unit, Defense Security Support Command, Gwacheon, Republic of Korea","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5050707173","display_name":"Dong\u2010Guk Han","orcid":"https://orcid.org/0000-0003-1695-5103"},"institutions":[{"id":"https://openalex.org/I110273157","display_name":"Kookmin University","ror":"https://ror.org/0049erg63","country_code":"KR","type":"education","lineage":["https://openalex.org/I110273157"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Dong-Guk Han","raw_affiliation_strings":["Department of Information Security, Cryptology, and Mathematics, Kookmin University, Seoul, Republic of Korea"],"raw_orcid":"https://orcid.org/0000-0003-1695-5103","affiliations":[{"raw_affiliation_string":"Department of Information Security, Cryptology, and Mathematics, Kookmin University, Seoul, Republic of Korea","institution_ids":["https://openalex.org/I110273157"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5022827279"],"corresponding_institution_ids":["https://openalex.org/I142401562"],"apc_list":null,"apc_paid":null,"fwci":3.4717,"has_fulltext":true,"cited_by_count":28,"citation_normalized_percentile":{"value":0.93249924,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"9","issue":"21","first_page":"21382","last_page":"21397"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11017","display_name":"Chaos-based Image/Signal Encryption","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9962000250816345,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/notation","display_name":"Notation","score":0.5595566034317017},{"id":"https://openalex.org/keywords/ciphertext","display_name":"Ciphertext","score":0.4338929057121277},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.41919374465942383},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.40427064895629883},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.3934960961341858},{"id":"https://openalex.org/keywords/discrete-mathematics","display_name":"Discrete mathematics","score":0.38875967264175415},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.35633575916290283},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.2962954044342041},{"id":"https://openalex.org/keywords/arithmetic","display_name":"Arithmetic","score":0.2610096335411072},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.08808821439743042}],"concepts":[{"id":"https://openalex.org/C45357846","wikidata":"https://www.wikidata.org/wiki/Q2001982","display_name":"Notation","level":2,"score":0.5595566034317017},{"id":"https://openalex.org/C93974786","wikidata":"https://www.wikidata.org/wiki/Q1589480","display_name":"Ciphertext","level":3,"score":0.4338929057121277},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.41919374465942383},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.40427064895629883},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3934960961341858},{"id":"https://openalex.org/C118615104","wikidata":"https://www.wikidata.org/wiki/Q121416","display_name":"Discrete mathematics","level":1,"score":0.38875967264175415},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.35633575916290283},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.2962954044342041},{"id":"https://openalex.org/C94375191","wikidata":"https://www.wikidata.org/wiki/Q11205","display_name":"Arithmetic","level":1,"score":0.2610096335411072},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.08808821439743042}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/jiot.2022.3179683","is_oa":true,"landing_page_url":"https://doi.org/10.1109/jiot.2022.3179683","pdf_url":"https://ieeexplore.ieee.org/ielx7/6488907/9926222/09786796.pdf","source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1109/jiot.2022.3179683","is_oa":true,"landing_page_url":"https://doi.org/10.1109/jiot.2022.3179683","pdf_url":"https://ieeexplore.ieee.org/ielx7/6488907/9926222/09786796.pdf","source":{"id":"https://openalex.org/S2480266640","display_name":"IEEE Internet of Things Journal","issn_l":"2327-4662","issn":["2327-4662","2372-2541"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Internet of Things Journal","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.46000000834465027,"display_name":"Partnerships for the goals","id":"https://metadata.un.org/sdg/17"}],"awards":[{"id":"https://openalex.org/G2572710648","display_name":null,"funder_award_id":"2017-0-00520","funder_id":"https://openalex.org/F4320328359","funder_display_name":"Ministry of Science and ICT, South Korea"},{"id":"https://openalex.org/G5890695238","display_name":null,"funder_award_id":"2017-0-00520","funder_id":"https://openalex.org/F4320335489","funder_display_name":"Institute for Information and Communications Technology Promotion"}],"funders":[{"id":"https://openalex.org/F4320328359","display_name":"Ministry of Science and ICT, South Korea","ror":"https://ror.org/01wpjm123"},{"id":"https://openalex.org/F4320335489","display_name":"Institute for Information and Communications Technology Promotion","ror":"https://ror.org/01g0hqq23"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3184771349.pdf","grobid_xml":"https://content.openalex.org/works/W3184771349.grobid-xml"},"referenced_works_count":39,"referenced_works":["https://openalex.org/W1560022750","https://openalex.org/W1579862686","https://openalex.org/W1613874182","https://openalex.org/W1675339804","https://openalex.org/W1987951028","https://openalex.org/W2098290658","https://openalex.org/W2164500538","https://openalex.org/W2168676717","https://openalex.org/W2293214346","https://openalex.org/W2298330307","https://openalex.org/W2514893051","https://openalex.org/W2582849828","https://openalex.org/W2587454507","https://openalex.org/W2740580365","https://openalex.org/W2779943051","https://openalex.org/W2796314191","https://openalex.org/W2808296455","https://openalex.org/W2866028610","https://openalex.org/W2889132688","https://openalex.org/W2895182117","https://openalex.org/W2914825969","https://openalex.org/W2972972326","https://openalex.org/W2979160478","https://openalex.org/W2988496150","https://openalex.org/W2995609318","https://openalex.org/W2995935153","https://openalex.org/W3015791201","https://openalex.org/W3037033594","https://openalex.org/W3092436054","https://openalex.org/W3178862870","https://openalex.org/W3204480019","https://openalex.org/W3210769154","https://openalex.org/W3212511606","https://openalex.org/W4206155091","https://openalex.org/W4235846187","https://openalex.org/W4242970760","https://openalex.org/W4250042253","https://openalex.org/W6622874102","https://openalex.org/W6771594061"],"related_works":["https://openalex.org/W2338700700","https://openalex.org/W2386767533","https://openalex.org/W4386469733","https://openalex.org/W2090686886","https://openalex.org/W3033258217","https://openalex.org/W2553814998","https://openalex.org/W291693969","https://openalex.org/W2397688157","https://openalex.org/W3120506140","https://openalex.org/W4289767914"],"abstract_inverted_index":{"This":[0],"study":[1],"proposes":[2],"a":[3,8,64,70,98],"chosen-ciphertext":[4],"side-channel":[5],"attack":[6],"against":[7],"lattice-based":[9],"key":[10],"encapsulation":[11],"mechanism":[12],"(KEM),":[13],"the":[14,18,51,93,142,152,164,175],"third-round":[15],"candidate":[16],"of":[17,21,54,74,89,101,151],"national":[19],"institute":[20],"standards":[22],"and":[23,38,117,125,183,206],"technology":[24],"(NIST)":[25],"standardization":[26],"project.":[27],"Unlike":[28],"existing":[29],"attacks":[30],"that":[31,69,141],"target":[32,42],"operations,":[33],"such":[34],"as":[35],"inverse":[36],"NTT":[37],"message":[39],"encoding/decoding,":[40],"we":[41],"<inline-formula":[43,55,75,110,118,130,143,153,190,198,207],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[44,56,76,111,119,131,144,154,191,199,208],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">":[45,57,77,112,120,132,145,155,192,200,209],"<tex-math":[46,58,78,113,121,133,146,156,193,201,210],"notation=\"LaTeX\">$\\mathsf":[47,59,79,114,122,134,147,157,194,202,211],"{Barrett~reduction}$":[48,80],"</tex-math></inline-formula>":[49,61,81,116,124,136,149,159,196,204,213],"in":[50,170],"decapsulation":[52],"phase":[53],"{CRYSTALS{-}KYBER}$":[60],"to":[62,174],"obtain":[63],"secret":[65,85],"key.":[66,86],"We":[67,103,138],"show":[68,140],"sensitive":[71],"variable-dependent":[72],"leakage":[73],"exposes":[82],"an":[83,161],"entire":[84],"The":[87],"results":[88],"experiments":[90],"conducted":[91],"on":[92],"ARM":[94,165],"Cortex-M4":[95,166],"microcontroller":[96],"accomplish":[97],"success":[99],"rate":[100],"100%.":[102],"only":[104],"need":[105],"six":[106],"chosen":[107,127,185],"ciphertexts":[108,128,186],"for":[109,129,189],"{KYBER512}$":[115,195],"{KYBER768}$":[123,203],"eight":[126],"{KYBER1024}$":[135,212],".":[137],"also":[139],"{m4}$":[148],"scheme":[150],"{pqm4}$":[158],"library,":[160],"implementation":[162],"with":[163],"specific":[167],"optimization":[168],"(typically":[169],"assembly),":[171],"is":[172],"vulnerable":[173],"proposed":[176],"attack.":[177],"In":[178],"this":[179],"scheme,":[180],"six,":[181],"nine,":[182],"twelve":[184],"are":[187],"required":[188],",":[197,205,214],"respectively.":[215]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":10},{"year":2022,"cited_by_count":1}],"updated_date":"2026-05-07T13:39:58.223016","created_date":"2025-10-10T00:00:00"}