{"id":"https://openalex.org/W7160263301","doi":"https://doi.org/10.62056/a63zl83y6","title":"On The Multi-target Security of Post-Quantum Key Encapsulation Mechanisms","display_name":"On The Multi-target Security of Post-Quantum Key Encapsulation Mechanisms","publication_year":2026,"publication_date":"2026-05-04","ids":{"openalex":"https://openalex.org/W7160263301","doi":"https://doi.org/10.62056/a63zl83y6"},"language":"en","primary_location":{"id":"doi:10.62056/a63zl83y6","is_oa":true,"landing_page_url":"https://doi.org/10.62056/a63zl83y6","pdf_url":"https://cic.iacr.org/p/3/1/20/pdf","source":{"id":"https://openalex.org/S4394708374","display_name":"IACR Communications in Cryptology","issn_l":"3006-5496","issn":["3006-5496"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320989","host_organization_name":"International Association for Cryptologic Research","host_organization_lineage":["https://openalex.org/P4310320989"],"host_organization_lineage_names":["International Association for Cryptologic Research"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Communications in Cryptology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://cic.iacr.org/p/3/1/20/pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5119400754","display_name":"Lewis Glabush","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Lewis Glabush","raw_affiliation_strings":["EPFL"],"raw_orcid":"https://orcid.org/0009-0008-7165-6150","affiliations":[{"raw_affiliation_string":"EPFL","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046328086","display_name":"Kathrin H\u00f6velmanns","orcid":"https://orcid.org/0000-0002-5478-0140"},"institutions":[{"id":"https://openalex.org/I83019370","display_name":"Eindhoven University of Technology","ror":"https://ror.org/02c2kyt77","country_code":"NL","type":"education","lineage":["https://openalex.org/I83019370"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Kathrin H\u00f6velmanns","raw_affiliation_strings":["Eindhoven University of Technology"],"raw_orcid":"https://orcid.org/0000-0002-5478-0140","affiliations":[{"raw_affiliation_string":"Eindhoven University of Technology","institution_ids":["https://openalex.org/I83019370"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5034733246","display_name":"Douglas Stebila","orcid":"https://orcid.org/0000-0001-9443-3170"},"institutions":[{"id":"https://openalex.org/I151746483","display_name":"University of Waterloo","ror":"https://ror.org/01aff2v68","country_code":"CA","type":"education","lineage":["https://openalex.org/I151746483"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Douglas Stebila","raw_affiliation_strings":["University of Waterloo"],"raw_orcid":"https://orcid.org/0000-0001-9443-3170","affiliations":[{"raw_affiliation_string":"University of Waterloo","institution_ids":["https://openalex.org/I151746483"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":19.5563,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.99121226,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":98},"biblio":{"volume":"3","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.6412000060081482,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.6412000060081482,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11017","display_name":"Chaos-based Image/Signal Encryption","score":0.10189999639987946,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.057500001043081284,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/random-oracle","display_name":"Random oracle","score":0.7322999835014343},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.573199987411499},{"id":"https://openalex.org/keywords/public-key-cryptography","display_name":"Public-key cryptography","score":0.5716000199317932},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.5501000285148621},{"id":"https://openalex.org/keywords/key-encapsulation","display_name":"Key encapsulation","score":0.5019000172615051},{"id":"https://openalex.org/keywords/encapsulation","display_name":"Encapsulation (networking)","score":0.43619999289512634},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.41530001163482666}],"concepts":[{"id":"https://openalex.org/C94284585","wikidata":"https://www.wikidata.org/wiki/Q228184","display_name":"Random oracle","level":4,"score":0.7322999835014343},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.573199987411499},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.5716000199317932},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5670999884605408},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5637999773025513},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.5501000285148621},{"id":"https://openalex.org/C35181327","wikidata":"https://www.wikidata.org/wiki/Q6398156","display_name":"Key encapsulation","level":5,"score":0.5019000172615051},{"id":"https://openalex.org/C81147070","wikidata":"https://www.wikidata.org/wiki/Q1172449","display_name":"Encapsulation (networking)","level":2,"score":0.43619999289512634},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.41530001163482666},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4043000042438507},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.37720000743865967},{"id":"https://openalex.org/C55166926","wikidata":"https://www.wikidata.org/wiki/Q2892946","display_name":"Oracle","level":2,"score":0.32919999957084656},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.27000001072883606},{"id":"https://openalex.org/C99674996","wikidata":"https://www.wikidata.org/wiki/Q1414155","display_name":"Key exchange","level":4,"score":0.26930001378059387},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.26899999380111694}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.62056/a63zl83y6","is_oa":true,"landing_page_url":"https://doi.org/10.62056/a63zl83y6","pdf_url":"https://cic.iacr.org/p/3/1/20/pdf","source":{"id":"https://openalex.org/S4394708374","display_name":"IACR Communications in Cryptology","issn_l":"3006-5496","issn":["3006-5496"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320989","host_organization_name":"International Association for Cryptologic Research","host_organization_lineage":["https://openalex.org/P4310320989"],"host_organization_lineage_names":["International Association for Cryptologic Research"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Communications in Cryptology","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.62056/a63zl83y6","is_oa":true,"landing_page_url":"https://doi.org/10.62056/a63zl83y6","pdf_url":"https://cic.iacr.org/p/3/1/20/pdf","source":{"id":"https://openalex.org/S4394708374","display_name":"IACR Communications in Cryptology","issn_l":"3006-5496","issn":["3006-5496"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320989","host_organization_name":"International Association for Cryptologic Research","host_organization_lineage":["https://openalex.org/P4310320989"],"host_organization_lineage_names":["International Association for Cryptologic Research"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Communications in Cryptology","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.5860214233398438}],"awards":[{"id":"https://openalex.org/G223235150","display_name":null,"funder_award_id":"VI.Veni.222.397","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G5840930817","display_name":null,"funder_award_id":"ALLRP 578463-22","funder_id":"https://openalex.org/F4320334593","funder_display_name":"Natural Sciences and Engineering Research Council of Canada"},{"id":"https://openalex.org/G6876074386","display_name":null,"funder_award_id":"RGPIN-2022-03187","funder_id":"https://openalex.org/F4320334593","funder_display_name":"Natural Sciences and Engineering Research Council of Canada"}],"funders":[{"id":"https://openalex.org/F4320321800","display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","ror":"https://ror.org/04jsz6e67"},{"id":"https://openalex.org/F4320334593","display_name":"Natural Sciences and Engineering Research Council of Canada","ror":"https://ror.org/01h531d29"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7160263301.pdf","grobid_xml":"https://content.openalex.org/works/W7160263301.grobid-xml"},"referenced_works_count":24,"referenced_works":["https://openalex.org/W130353434","https://openalex.org/W1607264302","https://openalex.org/W1872498068","https://openalex.org/W1901278359","https://openalex.org/W1982227476","https://openalex.org/W1995261385","https://openalex.org/W2740966734","https://openalex.org/W2883833668","https://openalex.org/W2920676284","https://openalex.org/W2933681094","https://openalex.org/W2954955800","https://openalex.org/W2966909207","https://openalex.org/W3003329346","https://openalex.org/W3021345027","https://openalex.org/W3023177310","https://openalex.org/W3159255713","https://openalex.org/W3166530960","https://openalex.org/W3213593742","https://openalex.org/W4205467408","https://openalex.org/W4242800683","https://openalex.org/W4308644389","https://openalex.org/W4317928287","https://openalex.org/W4399500612","https://openalex.org/W4401459825"],"related_works":[],"abstract_inverted_index":{"Practical":[0],"deployments":[1],"of":[2,21,58,64,97,194,211,238,261,272,301,307],"key":[3,38,84],"encapsulation":[4],"mechanisms":[5],"(KEMs)":[6],"may":[7,173],"entail":[8],"large":[9,176],"servers":[10],"each":[11],"using":[12],"their":[13],"public":[14,37,67,83,204],"keys":[15],"to":[16,47,55,81,158,161,178,190,199,267],"communicate":[17],"with":[18,122,293],"potentially":[19],"millions":[20],"clients":[22],"simultaneously.":[23],"While":[24,208],"the":[25,52,77,89,101,111,133,145,150,155,166,192,239,243,252,262,268,273,285,290,294,305],"standard":[26],"IND-CCA":[27,104,156,259],"security":[28,98,260,271,287],"definition":[29],"for":[30,62,100,251,280],"KEMs":[31,71,121],"considers":[32],"only":[33,93],"a":[34,82,94,162,201,235,308],"single":[35,40],"challenge":[36,41,60,66,138,184],"and":[39,127,183,213,245,282],"ciphertext,":[42],"it":[43],"can":[44,297],"be":[45,159,175],"relevant":[46],"consider":[48],"multi-target":[49,112,258,269,302],"scenarios":[50],"where":[51],"adversary":[53,134],"aims":[54],"break":[56],"one":[57,63],"many":[59,65,137],"ciphertexts,":[61],"keys.":[68],"Many":[69],"post-quantum":[70],"have":[72,115,215],"been":[73,116,220],"built":[74],"by":[75,149],"applying":[76],"Fujisaki-Okamoto":[78,240],"(FO)":[79],"transform":[80,91,152,292],"encryption":[85,147],"(PKE)":[86],"scheme.":[87],"Although":[88],"FO":[90,151,291],"incurs":[92],"few":[95],"bits":[96,300],"loss":[99],"standard,":[102],"single-challenge":[103],"property,":[105],"this":[106,195,230],"does":[107],"not":[108,174],"hold":[109],"in":[110,170,242],"setting.":[113],"Attacks":[114],"identified":[117],"against":[118],"standards-track":[119],"FO-based":[120],"128-bit":[123,286],"message":[124,167],"spaces":[125],"(FrodoKEM-640":[126],"HQC-128)":[128],"which":[129,153,169],"become":[130],"feasible":[131],"if":[132],"is":[135,198],"given":[136],"ciphertexts":[139],"(say,":[140],"2^64).":[141],"These":[142],"attacks":[143],"exploit":[144],"deterministic":[146],"induced":[148],"allows":[154],"experiment":[157],"reduced":[160],"search":[163,196],"problem":[164,197],"on":[165],"space,":[168],"some":[171],"cases":[172],"enough":[177],"avoid":[179],"collisions":[180],"between":[181],"pre-computation":[182],"values.":[185],"A":[186],"cost":[187,306],"effective":[188],"way":[189],"amplify":[191],"hardness":[193],"add":[200],"random":[202,247],"but":[203],"salt":[205],"during":[206],"encapsulation.":[207],"revised":[209],"versions":[210],"FrodoKEM":[212,281],"HQC":[214,283],"used":[216],"salts,":[217],"there":[218],"has":[219],"no":[221],"proof":[222],"showing":[223],"that":[224,257],"salting":[225],"provides":[226],"multi-ciphertext":[227],"security.":[228],"In":[229],"work,":[231],"we":[232,255],"formally":[233],"analyze":[234],"salted":[236,295],"variant":[237,296],"transform,":[241],"classical":[244,253],"quantum":[246],"oracle":[248],"model":[249],"(ROM);":[250],"ROM,":[254],"show":[256],"resulting":[263],"KEM":[264],"tightly":[265],"reduces":[266],"IND-CPA":[270],"underlying":[274],"PKE.":[275],"Our":[276],"results":[277],"imply":[278],"that,":[279],"at":[284,304],"level,":[288],"replacing":[289],"recover":[298],"62":[299],"security,":[303],"very":[309],"small":[310],"overhead":[311],"increase.":[312]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2026-05-06T00:00:00"}