{"id":"https://openalex.org/W4388858457","doi":"https://doi.org/10.1145/3576915.3623076","title":"SalsaPicante: A Machine Learning Attack on LWE with Binary Secrets","display_name":"SalsaPicante: A Machine Learning Attack on LWE with Binary Secrets","publication_year":2023,"publication_date":"2023-11-15","ids":{"openalex":"https://openalex.org/W4388858457","doi":"https://doi.org/10.1145/3576915.3623076"},"language":"en","primary_location":{"id":"doi:10.1145/3576915.3623076","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3576915.3623076","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5014259727","display_name":"C. Li","orcid":"https://orcid.org/0009-0002-1070-1997"},"institutions":[{"id":"https://openalex.org/I2799847335","display_name":"Art Institute of Portland","ror":"https://ror.org/01cb0jg64","country_code":"US","type":"education","lineage":["https://openalex.org/I2799847335","https://openalex.org/I2799969541"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Cathy Yuanchen Li","raw_affiliation_strings":["Meta AI, Seattle, WA, USA"],"raw_orcid":"https://orcid.org/0009-0002-1070-1997","affiliations":[{"raw_affiliation_string":"Meta AI, Seattle, WA, USA","institution_ids":["https://openalex.org/I2799847335"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055077416","display_name":"Jana Sot\u00e1kov\u00e1","orcid":"https://orcid.org/0000-0003-2498-6399"},"institutions":[{"id":"https://openalex.org/I2799847335","display_name":"Art Institute of Portland","ror":"https://ror.org/01cb0jg64","country_code":"US","type":"education","lineage":["https://openalex.org/I2799847335","https://openalex.org/I2799969541"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jana Sot\u00e1kov\u00e1","raw_affiliation_strings":["Meta AI, Seattle, WA, USA"],"raw_orcid":"https://orcid.org/0000-0003-2498-6399","affiliations":[{"raw_affiliation_string":"Meta AI, Seattle, WA, USA","institution_ids":["https://openalex.org/I2799847335"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5042329783","display_name":"Emily Wenger","orcid":"https://orcid.org/0009-0006-3346-8226"},"institutions":[{"id":"https://openalex.org/I40347166","display_name":"University of Chicago","ror":"https://ror.org/024mw5h28","country_code":"US","type":"education","lineage":["https://openalex.org/I40347166"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Emily Wenger","raw_affiliation_strings":["The University of Chicago, Chicago, IL, USA"],"raw_orcid":"https://orcid.org/0009-0006-3346-8226","affiliations":[{"raw_affiliation_string":"The University of Chicago, Chicago, IL, USA","institution_ids":["https://openalex.org/I40347166"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5030036305","display_name":"Mohamed Malhou","orcid":"https://orcid.org/0009-0005-8412-4135"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Mohamed Malhou","raw_affiliation_strings":["Meta AI, Paris, France"],"raw_orcid":"https://orcid.org/0009-0005-8412-4135","affiliations":[{"raw_affiliation_string":"Meta AI, Paris, France","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000492848","display_name":"Evrard Garcelon","orcid":"https://orcid.org/0009-0005-4600-532X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Evrard Garcelon","raw_affiliation_strings":["Meta AI, Paris, France"],"raw_orcid":"https://orcid.org/0009-0005-4600-532X","affiliations":[{"raw_affiliation_string":"Meta AI, Paris, France","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045535925","display_name":"Fran\u00e7ois Charton","orcid":"https://orcid.org/0000-0002-5912-3342"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Fran\u00e7ois Charton","raw_affiliation_strings":["Meta AI, Paris, France"],"raw_orcid":"https://orcid.org/0000-0002-5912-3342","affiliations":[{"raw_affiliation_string":"Meta AI, Paris, France","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5002850656","display_name":"Kristin Lauter","orcid":"https://orcid.org/0000-0002-1320-696X"},"institutions":[{"id":"https://openalex.org/I2799847335","display_name":"Art Institute of Portland","ror":"https://ror.org/01cb0jg64","country_code":"US","type":"education","lineage":["https://openalex.org/I2799847335","https://openalex.org/I2799969541"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kristin Lauter","raw_affiliation_strings":["Meta AI, Seattle, WA, USA"],"raw_orcid":"https://orcid.org/0000-0002-1320-696X","affiliations":[{"raw_affiliation_string":"Meta AI, Seattle, WA, USA","institution_ids":["https://openalex.org/I2799847335"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5014259727"],"corresponding_institution_ids":["https://openalex.org/I2799847335"],"apc_list":null,"apc_paid":null,"fwci":1.8745,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.88704877,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"2606","last_page":"2620"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11130","display_name":"Coding theory and cryptography","score":0.9879999756813049,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/learning-with-errors","display_name":"Learning with errors","score":0.7959976196289062},{"id":"https://openalex.org/keywords/cryptosystem","display_name":"Cryptosystem","score":0.7210382223129272},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6944791674613953},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.6676927804946899},{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.6670712232589722},{"id":"https://openalex.org/keywords/hamming-distance","display_name":"Hamming distance","score":0.6424609422683716},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.5123800039291382},{"id":"https://openalex.org/keywords/binary-number","display_name":"Binary number","score":0.5073031783103943},{"id":"https://openalex.org/keywords/homomorphic-encryption","display_name":"Homomorphic encryption","score":0.498028039932251},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.4755401611328125},{"id":"https://openalex.org/keywords/hamming-code","display_name":"Hamming code","score":0.4646320641040802},{"id":"https://openalex.org/keywords/key-exchange","display_name":"Key exchange","score":0.42391258478164673},{"id":"https://openalex.org/keywords/public-key-cryptography","display_name":"Public-key cryptography","score":0.3301718533039093},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2944457530975342},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.25991278886795044},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.2258395254611969},{"id":"https://openalex.org/keywords/arithmetic","display_name":"Arithmetic","score":0.17137286067008972}],"concepts":[{"id":"https://openalex.org/C2779014939","wikidata":"https://www.wikidata.org/wiki/Q6510239","display_name":"Learning with errors","level":3,"score":0.7959976196289062},{"id":"https://openalex.org/C6295992","wikidata":"https://www.wikidata.org/wiki/Q976521","display_name":"Cryptosystem","level":3,"score":0.7210382223129272},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6944791674613953},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.6676927804946899},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.6670712232589722},{"id":"https://openalex.org/C193319292","wikidata":"https://www.wikidata.org/wiki/Q272172","display_name":"Hamming distance","level":2,"score":0.6424609422683716},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.5123800039291382},{"id":"https://openalex.org/C48372109","wikidata":"https://www.wikidata.org/wiki/Q3913","display_name":"Binary number","level":2,"score":0.5073031783103943},{"id":"https://openalex.org/C158338273","wikidata":"https://www.wikidata.org/wiki/Q2154943","display_name":"Homomorphic encryption","level":3,"score":0.498028039932251},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.4755401611328125},{"id":"https://openalex.org/C73150493","wikidata":"https://www.wikidata.org/wiki/Q853922","display_name":"Hamming code","level":4,"score":0.4646320641040802},{"id":"https://openalex.org/C99674996","wikidata":"https://www.wikidata.org/wiki/Q1414155","display_name":"Key exchange","level":4,"score":0.42391258478164673},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.3301718533039093},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2944457530975342},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.25991278886795044},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.2258395254611969},{"id":"https://openalex.org/C94375191","wikidata":"https://www.wikidata.org/wiki/Q11205","display_name":"Arithmetic","level":1,"score":0.17137286067008972},{"id":"https://openalex.org/C157125643","wikidata":"https://www.wikidata.org/wiki/Q884707","display_name":"Block code","level":3,"score":0.0},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.0},{"id":"https://openalex.org/C57273362","wikidata":"https://www.wikidata.org/wiki/Q576722","display_name":"Decoding methods","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3576915.3623076","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3576915.3623076","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.5600000023841858,"display_name":"Quality Education","id":"https://metadata.un.org/sdg/4"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":38,"referenced_works":["https://openalex.org/W80562455","https://openalex.org/W1490468194","https://openalex.org/W1572143270","https://openalex.org/W1989510734","https://openalex.org/W2026129593","https://openalex.org/W2058785578","https://openalex.org/W2089477764","https://openalex.org/W2126483728","https://openalex.org/W2141040012","https://openalex.org/W2157331557","https://openalex.org/W2171692676","https://openalex.org/W2239239723","https://openalex.org/W2400700555","https://openalex.org/W2605947573","https://openalex.org/W2768174108","https://openalex.org/W2768572961","https://openalex.org/W2888804078","https://openalex.org/W2892009249","https://openalex.org/W2954009938","https://openalex.org/W2954442424","https://openalex.org/W2981030070","https://openalex.org/W2981857663","https://openalex.org/W2989418564","https://openalex.org/W2989847975","https://openalex.org/W3094502228","https://openalex.org/W3096609285","https://openalex.org/W3118210634","https://openalex.org/W3129576130","https://openalex.org/W4205350912","https://openalex.org/W4225777046","https://openalex.org/W4248305857","https://openalex.org/W4287671158","https://openalex.org/W4381586729","https://openalex.org/W6600013530","https://openalex.org/W6631455383","https://openalex.org/W6739901393","https://openalex.org/W6753640285","https://openalex.org/W6810338698"],"related_works":["https://openalex.org/W2963103512","https://openalex.org/W3029045823","https://openalex.org/W2400565204","https://openalex.org/W2885113919","https://openalex.org/W3121459986","https://openalex.org/W3174551526","https://openalex.org/W3003331030","https://openalex.org/W4205350912","https://openalex.org/W2943247777","https://openalex.org/W2220255767"],"abstract_inverted_index":{"Learning":[0],"with":[1,87],"Errors":[2],"(LWE)":[3],"is":[4,27,53,65],"a":[5,81],"hard":[6],"math":[7],"problem":[8],"underpinning":[9],"many":[10],"proposed":[11],"post-quantum":[12],"cryptographic":[13],"(PQC)":[14],"systems.":[15],"The":[16,47],"only":[17],"PQC":[18],"Key":[19],"Exchange":[20],"Mechanism":[21],"(KEM)":[22],"standardized":[23],"by":[24],"NIST":[25],"[13]":[26],"based":[28,43],"on":[29,44,85],"module":[30],"LWE":[31,86,115],"[2],":[32],"and":[33,98,117],"current":[34],"publicly":[35],"available":[36],"PQ":[37,51,71],"Homomorphic":[38],"Encryption":[39],"(HE)":[40],"libraries":[41],"are":[42],"ring":[45],"LWE.":[46],"security":[48],"of":[49,113],"LWE-based":[50],"cryptosystems":[52],"critical,":[54],"but":[55],"certain":[56],"implementation":[57],"choices":[58],"could":[59],"weaken":[60],"them.":[61],"One":[62],"such":[63],"choice":[64],"sparse":[66,88],"binary":[67,89],"secrets,":[68],"desirable":[69],"for":[70,74],"HE":[72],"schemes":[73],"efficiency":[75],"reasons.":[76],"Prior":[77],"work":[78],"SALSA[51]":[79],"demonstrated":[80],"machine":[82],"learning-based":[83],"attack":[84,108],"secrets":[90],"in":[91],"small":[92],"dimensions":[93],"(n":[94],"\u2264":[95,103],"=":[96,104],"128)":[97],"low":[99],"Hamming":[100,121],"weights":[101,122],"(h":[102],"4).":[105],"However,":[106],"this":[107],"assumes":[109],"access":[110],"to":[111],"millions":[112],"eavesdropped":[114],"samples":[116],"fails":[118],"at":[119],"higher":[120],"or":[123],"dimensions.":[124]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":5}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}