{"id":"https://openalex.org/W4310995020","doi":"https://doi.org/10.46586/tches.v2023.i1.89-112","title":"Find the Bad Apples: An efficient method for perfect key recovery under imperfect SCA oracles \u2013 A case study of Kyber","display_name":"Find the Bad Apples: An efficient method for perfect key recovery under imperfect SCA oracles \u2013 A case study of Kyber","publication_year":2022,"publication_date":"2022-11-29","ids":{"openalex":"https://openalex.org/W4310995020","doi":"https://doi.org/10.46586/tches.v2023.i1.89-112"},"language":"en","primary_location":{"id":"doi:10.46586/tches.v2023.i1.89-112","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2023.i1.89-112","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9948/9451","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://tches.iacr.org/index.php/TCHES/article/download/9948/9451","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005564857","display_name":"Muyan Shen","orcid":null},"institutions":[{"id":"https://openalex.org/I3124059619","display_name":"China University of Geosciences","ror":"https://ror.org/04gcegc37","country_code":"CN","type":"education","lineage":["https://openalex.org/I3124059619"]},{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Muyan Shen","raw_affiliation_strings":["Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China; State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China","Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China","State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China; State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China","institution_ids":["https://openalex.org/I3124059619"]},{"raw_affiliation_string":"Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China","institution_ids":["https://openalex.org/I3124059619"]},{"raw_affiliation_string":"State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101510131","display_name":"Cheng Chi","orcid":"https://orcid.org/0000-0002-3203-4358"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]},{"id":"https://openalex.org/I3124059619","display_name":"China University of Geosciences","ror":"https://ror.org/04gcegc37","country_code":"CN","type":"education","lineage":["https://openalex.org/I3124059619"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chi Cheng","raw_affiliation_strings":["Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China; State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China","State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China","Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China; State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China","institution_ids":["https://openalex.org/I3124059619"]},{"raw_affiliation_string":"State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China","institution_ids":["https://openalex.org/I149594827"]},{"raw_affiliation_string":"Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China","institution_ids":["https://openalex.org/I3124059619"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5032962222","display_name":"Xiaohan Zhang","orcid":"https://orcid.org/0000-0003-3260-4530"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]},{"id":"https://openalex.org/I3124059619","display_name":"China University of Geosciences","ror":"https://ror.org/04gcegc37","country_code":"CN","type":"education","lineage":["https://openalex.org/I3124059619"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaohan Zhang","raw_affiliation_strings":["Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China; State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China","State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China","Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China; State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China","institution_ids":["https://openalex.org/I3124059619"]},{"raw_affiliation_string":"State Key Laboratory of Integrated Services Networks, Xidian University, Xian, China","institution_ids":["https://openalex.org/I149594827"]},{"raw_affiliation_string":"Hubei Key Laboratory of Intelligent Geo-Information Processing, School of Computer Science, China University of Geosciences, Wuhan, China","institution_ids":["https://openalex.org/I3124059619"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011896992","display_name":"Qian Guo","orcid":"https://orcid.org/0000-0003-0930-3174"},"institutions":[{"id":"https://openalex.org/I187531555","display_name":"Lund University","ror":"https://ror.org/012a77v79","country_code":"SE","type":"education","lineage":["https://openalex.org/I187531555"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Qian Guo","raw_affiliation_strings":["Lund University, Lund, Sweden"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Lund University, Lund, Sweden","institution_ids":["https://openalex.org/I187531555"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5069966509","display_name":"Tao Jiang","orcid":"https://orcid.org/0000-0002-5600-3548"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Tao Jiang","raw_affiliation_strings":["Research Center of 6G Mobile Communications, School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Research Center of 6G Mobile Communications, School of Cyber Science and Engineering, Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5005564857"],"corresponding_institution_ids":["https://openalex.org/I149594827","https://openalex.org/I3124059619"],"apc_list":null,"apc_paid":null,"fwci":3.333,"has_fulltext":true,"cited_by_count":26,"citation_normalized_percentile":{"value":0.93198748,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"89","last_page":"112"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9940000176429749,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11130","display_name":"Coding theory and cryptography","score":0.9934999942779541,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7728328704833984},{"id":"https://openalex.org/keywords/oracle","display_name":"Oracle","score":0.6181653738021851},{"id":"https://openalex.org/keywords/plaintext","display_name":"Plaintext","score":0.49179962277412415},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4590427279472351},{"id":"https://openalex.org/keywords/random-oracle","display_name":"Random oracle","score":0.44498422741889954},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.4439798891544342},{"id":"https://openalex.org/keywords/computer-engineering","display_name":"Computer engineering","score":0.42141348123550415},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.4182285964488983},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3486934304237366},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.2754687964916229},{"id":"https://openalex.org/keywords/public-key-cryptography","display_name":"Public-key cryptography","score":0.16405925154685974},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.1524483561515808}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7728328704833984},{"id":"https://openalex.org/C55166926","wikidata":"https://www.wikidata.org/wiki/Q2892946","display_name":"Oracle","level":2,"score":0.6181653738021851},{"id":"https://openalex.org/C92717368","wikidata":"https://www.wikidata.org/wiki/Q1162538","display_name":"Plaintext","level":3,"score":0.49179962277412415},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4590427279472351},{"id":"https://openalex.org/C94284585","wikidata":"https://www.wikidata.org/wiki/Q228184","display_name":"Random oracle","level":4,"score":0.44498422741889954},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.4439798891544342},{"id":"https://openalex.org/C113775141","wikidata":"https://www.wikidata.org/wiki/Q428691","display_name":"Computer engineering","level":1,"score":0.42141348123550415},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.4182285964488983},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3486934304237366},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.2754687964916229},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.16405925154685974},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.1524483561515808}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.46586/tches.v2023.i1.89-112","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2023.i1.89-112","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9948/9451","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:2bb37f2db03746edaadafe706a0ebfdd","is_oa":true,"landing_page_url":"https://doaj.org/article/2bb37f2db03746edaadafe706a0ebfdd","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Transactions on Cryptographic Hardware and Embedded Systems, Vol 2023, Iss 1 (2022)","raw_type":"article"},{"id":"pmh:oai:lup.lub.lu.se:52c11aee-9137-489d-af1c-7ddd7bd8502d","is_oa":false,"landing_page_url":"https://lup.lub.lu.se/record/52c11aee-9137-489d-af1c-7ddd7bd8502d","pdf_url":null,"source":{"id":"https://openalex.org/S4306400536","display_name":"Lund University Publications (Lund University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I187531555","host_organization_name":"Lund University","host_organization_lineage":["https://openalex.org/I187531555"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"ISSN: 2569-2925","raw_type":"text"}],"best_oa_location":{"id":"doi:10.46586/tches.v2023.i1.89-112","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2023.i1.89-112","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9948/9451","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3103515943","display_name":null,"funder_award_id":"2019-04166","funder_id":"https://openalex.org/F4320322581","funder_display_name":"Vetenskapsr\u00e5det"},{"id":"https://openalex.org/G3954095826","display_name":null,"funder_award_id":"62172374","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320322327","display_name":"Knut och Alice Wallenbergs Stiftelse","ror":"https://ror.org/004hzzk67"},{"id":"https://openalex.org/F4320322581","display_name":"Vetenskapsr\u00e5det","ror":"https://ror.org/03zttf063"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4310995020.pdf","grobid_xml":"https://content.openalex.org/works/W4310995020.grobid-xml"},"referenced_works_count":28,"referenced_works":["https://openalex.org/W1613874182","https://openalex.org/W1809974132","https://openalex.org/W1985439922","https://openalex.org/W2007466965","https://openalex.org/W2071825329","https://openalex.org/W2090963060","https://openalex.org/W2098290658","https://openalex.org/W2494078997","https://openalex.org/W2979160478","https://openalex.org/W2988496150","https://openalex.org/W2995935153","https://openalex.org/W3013288840","https://openalex.org/W3037033594","https://openalex.org/W3046851570","https://openalex.org/W3144672608","https://openalex.org/W3175175642","https://openalex.org/W3178862870","https://openalex.org/W3183184671","https://openalex.org/W3184403650","https://openalex.org/W3202783877","https://openalex.org/W3210769154","https://openalex.org/W3212511606","https://openalex.org/W4210497269","https://openalex.org/W4221134967","https://openalex.org/W4226075590","https://openalex.org/W4254706618","https://openalex.org/W4293077571","https://openalex.org/W4312634035"],"related_works":["https://openalex.org/W3110702597","https://openalex.org/W2073713056","https://openalex.org/W2125620709","https://openalex.org/W2110441383","https://openalex.org/W2045932760","https://openalex.org/W2326878701","https://openalex.org/W4285128331","https://openalex.org/W2281112860","https://openalex.org/W3092327956","https://openalex.org/W2048539412"],"abstract_inverted_index":{"Side-channel":[0],"resilience":[1],"is":[2,13,65,72,75,83,124,133,242],"a":[3,9,24,48,107,231],"crucial":[4],"feature":[5],"when":[6,67],"assessing":[7],"whether":[8],"postquantum":[10],"cryptographic":[11],"proposal":[12],"sufficiently":[14],"mature":[15],"to":[16,30,84,126],"be":[17],"deployed.":[18],"In":[19],"this":[20],"paper,":[21],"we":[22],"propose":[23],"generic":[25,152],"and":[26,79,122,129,156,164,195],"efficient":[27],"adaptive":[28],"approach":[29,64],"improve":[31,206],"the":[32,36,68,95,117,143,150,180,200,207,212,219,226,238],"sample":[33],"complexity":[34],"(i.e.,":[35],"required":[37,213],"number":[38,109,214],"of":[39,41,51,110,119,177,211,215,225],"traces)":[40],"plaintext-checking":[42],"(PC)":[43],"oracle-based":[44],"sidechannel":[45],"attacks":[46],"(SCAs),":[47],"major":[49],"class":[50],"key":[52,58],"recovery":[53],"chosen-ciphertext":[54],"SCAs":[55],"on":[56,154,184],"lattice-based":[57],"encapsulation":[59],"mechanisms":[60],"(KEMs).":[61],"This":[62,113],"new":[63,86,220],"preferable":[66],"constructed":[69],"PC":[70,120],"oracle":[71,121,240],"imperfect,":[73],"which":[74],"common":[76],"in":[77,94,179,209,230,234],"practice,":[78],"its":[80],"basic":[81],"idea":[82],"design":[85],"detection":[87],"codes":[88],"that":[89,199],"can":[90],"determine":[91],"erroneous":[92],"positions":[93],"initially":[96],"recovered":[97],"secret":[98,101],"key.":[99],"These":[100,193],"entries":[102],"are":[103],"further":[104,167],"corrected":[105],"with":[106,188],"small":[108],"additional":[111],"traces.":[112,216],"work":[114],"benefits":[115],"from":[116],"generality":[118],"thus":[123],"applicable":[125],"various":[127],"schemes":[128],"implementations.Our":[130],"main":[131],"target":[132],"Kyber":[134],"since":[135],"it":[136],"has":[137],"been":[138],"selected":[139],"by":[140],"NIST":[141],"as":[142],"KEM":[144],"algorithm":[145],"for":[146],"standardization.":[147],"We":[148,166],"instantiated":[149],"proposed":[151,202],"attack":[153,172,203,221,233],"Kyber512":[155,163,178],"then":[157],"conducted":[158],"extensive":[159],"computer":[160],"simulations":[161,194],"against":[162,173],"FireSaber.":[165],"mounted":[168],"an":[169,174,185,189],"electromagnetic":[170],"(EM)":[171],"optimized":[175],"implementation":[176],"pqm4":[181],"library":[182],"running":[183],"STM32F407G":[186],"board":[187],"ARM":[190],"Cortex-M4":[191],"microcontroller.":[192],"real-world":[196],"experiments":[197],"demonstrate":[198],"newly":[201],"could":[204],"greatly":[205],"state-of-the-art":[208],"terms":[210],"For":[217],"instance,":[218],"requires":[222],"only":[223],"41%":[224],"EM":[227],"traces":[228],"needed":[229],"majority-voting":[232],"our":[235],"experiments,":[236],"where":[237],"raw":[239],"accuracy":[241],"fixed.":[243]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":6},{"year":2023,"cited_by_count":11}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}