{"id":"https://openalex.org/W3212511606","doi":"https://doi.org/10.1109/tifs.2021.3139268","title":"On Exploiting Message Leakage in (Few) NIST PQC Candidates for Practical Message Recovery Attacks","display_name":"On Exploiting Message Leakage in (Few) NIST PQC Candidates for Practical Message Recovery Attacks","publication_year":2021,"publication_date":"2021-12-28","ids":{"openalex":"https://openalex.org/W3212511606","doi":"https://doi.org/10.1109/tifs.2021.3139268","mag":"3212511606"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2021.3139268","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2021.3139268","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5079410091","display_name":"Prasanna Ravi","orcid":"https://orcid.org/0000-0003-0201-3705"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":true,"raw_author_name":"Prasanna Ravi","raw_affiliation_strings":["Temasek Laboratories and the School of Computer Science and Engineering, Nanyang Technological University, Singapore"],"affiliations":[{"raw_affiliation_string":"Temasek Laboratories and the School of Computer Science and Engineering, Nanyang Technological University, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5081720773","display_name":"Shivam Bhasin","orcid":"https://orcid.org/0000-0002-6903-5127"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Shivam Bhasin","raw_affiliation_strings":["Temasek Laboratories, Nanyang Technological University, Singapore"],"affiliations":[{"raw_affiliation_string":"Temasek Laboratories, Nanyang Technological University, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089396173","display_name":"Sujoy Sinha Roy","orcid":"https://orcid.org/0000-0002-9805-5389"},"institutions":[{"id":"https://openalex.org/I4092182","display_name":"Graz University of Technology","ror":"https://ror.org/00d7xrm67","country_code":"AT","type":"education","lineage":["https://openalex.org/I4092182"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Sujoy Sinha Roy","raw_affiliation_strings":["Institute of Applied Information Processing and Communications, Graz University of Technology, Graz, Austria"],"affiliations":[{"raw_affiliation_string":"Institute of Applied Information Processing and Communications, Graz University of Technology, Graz, Austria","institution_ids":["https://openalex.org/I4092182"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5089860351","display_name":"Anupam Chattopadhyay","orcid":"https://orcid.org/0000-0002-8818-6983"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Anupam Chattopadhyay","raw_affiliation_strings":["Temasek Laboratories and the School of Computer Science and Engineering, Nanyang Technological University, Singapore"],"affiliations":[{"raw_affiliation_string":"Temasek Laboratories and the School of Computer Science and Engineering, Nanyang Technological University, Singapore","institution_ids":["https://openalex.org/I172675005"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5079410091"],"corresponding_institution_ids":["https://openalex.org/I172675005"],"apc_list":null,"apc_paid":null,"fwci":4.351,"has_fulltext":false,"cited_by_count":45,"citation_normalized_percentile":{"value":0.95297363,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":"17","issue":null,"first_page":"684","last_page":"699"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11130","display_name":"Coding theory and cryptography","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8171986937522888},{"id":"https://openalex.org/keywords/ciphertext","display_name":"Ciphertext","score":0.7591025829315186},{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.69081050157547},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.6174659729003906},{"id":"https://openalex.org/keywords/malleability","display_name":"Malleability","score":0.5965304374694824},{"id":"https://openalex.org/keywords/learning-with-errors","display_name":"Learning with errors","score":0.5944647789001465},{"id":"https://openalex.org/keywords/key-encapsulation","display_name":"Key encapsulation","score":0.540161669254303},{"id":"https://openalex.org/keywords/public-key-cryptography","display_name":"Public-key cryptography","score":0.48676133155822754},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4442657232284546},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.4418136477470398},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.42090269923210144},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3321453928947449},{"id":"https://openalex.org/keywords/key-exchange","display_name":"Key exchange","score":0.3171236515045166}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8171986937522888},{"id":"https://openalex.org/C93974786","wikidata":"https://www.wikidata.org/wiki/Q1589480","display_name":"Ciphertext","level":3,"score":0.7591025829315186},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.69081050157547},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.6174659729003906},{"id":"https://openalex.org/C100980136","wikidata":"https://www.wikidata.org/wiki/Q4668956","display_name":"Malleability","level":4,"score":0.5965304374694824},{"id":"https://openalex.org/C2779014939","wikidata":"https://www.wikidata.org/wiki/Q6510239","display_name":"Learning with errors","level":3,"score":0.5944647789001465},{"id":"https://openalex.org/C35181327","wikidata":"https://www.wikidata.org/wiki/Q6398156","display_name":"Key encapsulation","level":5,"score":0.540161669254303},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.48676133155822754},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4442657232284546},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.4418136477470398},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.42090269923210144},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3321453928947449},{"id":"https://openalex.org/C99674996","wikidata":"https://www.wikidata.org/wiki/Q1414155","display_name":"Key exchange","level":4,"score":0.3171236515045166},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2021.3139268","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2021.3139268","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":29,"referenced_works":["https://openalex.org/W1572251059","https://openalex.org/W1607264302","https://openalex.org/W2098290658","https://openalex.org/W2125093890","https://openalex.org/W2132707977","https://openalex.org/W2154909745","https://openalex.org/W2159840470","https://openalex.org/W2552357046","https://openalex.org/W2621165181","https://openalex.org/W2740580365","https://openalex.org/W2767399671","https://openalex.org/W2785069933","https://openalex.org/W2808296455","https://openalex.org/W2967383257","https://openalex.org/W2979160478","https://openalex.org/W3003917182","https://openalex.org/W3015791201","https://openalex.org/W3090401323","https://openalex.org/W3092436054","https://openalex.org/W3119520364","https://openalex.org/W3159559383","https://openalex.org/W3204480019","https://openalex.org/W3210769154","https://openalex.org/W4212863985","https://openalex.org/W4235846187","https://openalex.org/W4242970760","https://openalex.org/W6686917895","https://openalex.org/W6776294083","https://openalex.org/W7071915810"],"related_works":["https://openalex.org/W32954550","https://openalex.org/W2948977325","https://openalex.org/W1581530935","https://openalex.org/W2765793266","https://openalex.org/W2103382584","https://openalex.org/W3049552949","https://openalex.org/W121839575","https://openalex.org/W3168932674","https://openalex.org/W4280589839","https://openalex.org/W3183473557"],"abstract_inverted_index":{"In":[0],"this":[1],"work,":[2],"we":[3,62],"propose":[4,63],"generic":[5],"and":[6,20,38,44,48,115,127],"practical":[7],"side-channel":[8,80,131,149,161],"attacks":[9,95,108,150],"for":[10,58,79,103,151,159,166],"message":[11,82,104,152,164],"recovery":[12,83,165],"in":[13,143],"post-quantum":[14,59],"lattice-based":[15],"public":[16],"key":[17,21],"encryption":[18],"(PKE)":[19],"encapsulation":[22],"mechanisms":[23],"(KEM).":[24],"The":[25,85],"targeted":[26],"schemes":[27,145],"are":[28,109,116],"based":[29],"on":[30,156],"the":[31,53,91,97,137,157],"well":[32],"known":[33],"Learning":[34,39],"With":[35,40],"Errors":[36],"(LWE)":[37],"Rounding":[41],"(LWR)":[42],"problem":[43],"include":[45],"three":[46],"finalists":[47],"six":[49],"semi-finalist":[50],"candidates":[51],"of":[52,72,87,93,139],"ongoing":[54],"NIST\u2019s":[55],"standardization":[56],"process":[57],"cryptography.":[60],"Notably,":[61],"to":[64,99,111,119],"exploit":[65],"inherent":[66,140],"<italic":[67,124,128],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[68,125,129],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">ciphertext":[69],"malleability</i>":[70],"properties":[71,142],"LWE/LWR-based":[73,144,167],"PKEs":[74],"as":[75],"a":[76],"powerful":[77],"tool":[78],"assisted":[81],"attacks.":[84],"use":[86],"ciphertext":[88],"malleability":[89],"widens":[90],"scope":[92],"previous":[94],"with":[96,122],"ability":[98],"target":[100],"multiple":[101],"operations":[102],"recovery.":[105],"Moreover,":[106],"our":[107],"adaptable":[110],"different":[112],"implementation":[113],"variants":[114],"also":[117],"applicable":[118],"implementations":[120],"protected":[121],"concrete":[123],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">shuffling</i>":[126],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">masking</i>":[130],"countermeasures.":[132],"Our":[133],"work":[134],"mainly":[135],"highlights":[136],"presence":[138],"algorithmic":[141],"that":[146],"can":[147],"aid":[148],"recovery,":[153],"thereby":[154],"stressing":[155],"need":[158],"strong":[160],"countermeasures":[162],"against":[163],"schemes.":[168]},"counts_by_year":[{"year":2025,"cited_by_count":13},{"year":2024,"cited_by_count":13},{"year":2023,"cited_by_count":11},{"year":2022,"cited_by_count":8}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}