[ABD+19] Roberto Avanzi, Joppe Bos, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, John M. Schanck, Peter Schwabe, Gregor Seiler, and Damien Stehlé. “CRYSTALS - KYBER.” NIST Post-Quantum Cryptography Standardization, Round 2 Submissions. https://csrc.nist.gov/Projects/post-quantum-cryptography/round-2- submissions
[ACD+18] Martin R. Albrecht, Benjamin R. Curtis, Amit Deo, Alex Davidson, Rachel Player, Eamonn W. Postlethwaite, Fernando Virdia, and Thomas Wunderer. “Estimate all the {LWE, NTRU} schemes!.” In IACR Cryptology ePrint Archive, Report 2018/331, 2018.
[AD17] Martin R. Albrecht and Amit Deo. “Large modulus ring-LWE ≥ Module-LWE.” In IACR Cryptology ePrint Archive, Report 2017/612, 2017.
[ADPS16] Erdem Alkim, Léo Ducas, Thomas Pöppelmann, and Peter Schwabe. “Post-quantum key exchange - a new hope.” In Proceedings of the 25th USENIX Security Symposium, pp. 327–343, 2016.
[AHH+18] Martin R. Albrecht, Christian Hanser, Andrea Hoeller, Thomas Pöp- pelmann, Fernando Virdia, and Andreas Wallner. “Implementing RLWE- based schemes using an RSA co-processor.” In Cryptology ePrint Archive, 2018/425, 2018.
[AJS16] Erdem Alkim, Philipp Jakubeit, and Peter Schwabe. “A new hope on ARM Cortex-M.” In IACR Cryptology ePrint Archive, Report 2016/758, 2016.
[Ajt96] Miklós Ajtai. “Generating hard instances of lattice problems.” In Pro- ceedings of the 28th Annual ACM Symposium on Theory of Computing, pp. 99–108, 1996.
[Ajt98] Miklós Ajtai. “The shortest vector problem in L2 is NP-hard for ran- domized reductions.” In Proceedings of the 30th Annual ACM Symposium on Theory of Computing – STOC ’98, pp. 10–19, 1998.
[AKPW13] Joël Alwen, Stephan Krenn, Krzysztof Pietrzak, and Daniel Wichs. “Learning with rounding, revisited.” In Proceedings of the 33rd Annual International Cryptology Conference – CRYPTO 2013, LNCS, Vol. 8042, pp. 57–74. 2013.
[APS15] Martin R. Albrecht, Rachel Player, and Sam Scott. “On the concrete hardness of learning with errors.” In Journal of Mathematical Cryptology, Vol. 9, Issue 3, pp. 169–203, 2015.
[AT06] Toru Akishita and Tsuyoshi Takagi. “Power analysis to ECC using differ- ential power between multiplication and squaring.” In Domingo-Ferrer, J., Posegga, J., Schreckling , D.(eds) CARDIS 2006, LNCS, vol. 3928, pp. 151– 164, Springer, Heidelberg, 2006.
[BBD09] Daniel J. Bernstein, Johannes Buchmann, Erik Dahmen. “Post- Quantum Cryptography.” Springer, 2009.
[BCD+16] Joppe Bos, Craig Costello, Léo Ducas, Ilya Mironov, Michael Naehrig, Valeria Nikolaenko, Ananth Raghunathan, and Douglas Stebila. “Frodo: Take off the ring! Practical, quantum-secure key exchange from LWE.” In Proceedings of 2016 ACM SIGSAC Conference on Computer and Communications Security – CCS ’16, pp. 1006–1018, 2016.
[BCG+13] Johannes Buchmann, Daniel Cabarcas, Florian Göpfert, Andreas Hülsing, and Patrick Weiden. “Discrete Ziggurat: A time-memory trade-off for sampling from a Gaussian distribution over the integers.” In Proceeding of the 20th International Conference on Selected Areas in Cryptography – SAC 2013, LNCS, Vol. 8282, pp. 402–417, 2013.
[BCNS15] Joppe Bos, Craig Costello, Michael Naehrig, and Douglas Stebila. “Post-quantum key exchange for the TLS protocol from the ring learning with errors problem.” In Proceedings of 2015 IEEE Symposium on Security and Privacy, pp. 553–570, 2015.
[BDK+17] Joppe Bos, Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyuba- shevsky, John M. Schanck, Peter Schwabe, and Damien Stehlé. “CRYS- TALS - Kyber: a CCA-secure module-lattice-based KEM.” In IACR Cryp- tology ePrint Archive, Report 2017/634, 2017.
[BGG+16] Johannes Buchmann, Florian Göpfert, Tim Güneysu, Tobias Oder, and Thomas Pöppelmann. “High-performance and lightweight lattice- based public-key encryption.” In Proceedings of the 2nd ACM International Workshop on IoT Privacy, Trust, and Security – IoTPTS ’16, pp. 2–9, 2016.
[BGV14] Zvika Brakerski, Craig Gentry, and Vinod Vaikuntanathan. “(Leveled) fully homomorphic encryption without bootstrapping.” In ACM Transac- tions on Computation Theory (TOCT) - Special issue on innovations in the- oretical computer science 2012 - Part II, Vol. 6, Issue 3, No. 13, pp. 1–36, 2014.
[BJ14] Ahmad Boorghany and Rasool Jalili. “Implementation and comparison of lattice-based identification protocols on smart cards and microcontrollers.” In IACR Cryptology ePrint Archive, Report 2014/078, 2014.
[Boas81] Peter van Emde Boas. “Another np-complete partition problem and the complexity of computing short vectors in lattices.” Technical Report 81–04, Universiteit van Amsterdam. Mathematisch Instituut, 1981.
[BSJ15] Ahmad Boorghany, Siavash Bayat Sarmadi, and Rasool Jalili. “On constrained implementation of lattice-based cryptographic primitives and schemes on smart cards.” In ACM Transactions on Embedded Computing Systems (TECS) – Special Issue on Embedded Platforms for Crypto and Regular Papers, Vol. 14, Issue 3, No. 42, pp. 1–25, 2015.
[CKLS16] Jung Hee Cheon, Duhyeong Kim, Joohee Lee, and Yongsoo Song. “Lizard: Cut off the tail! Practical post-quantum public-key encryp- tion from LWE and LWR.” In IACR Cryptology ePrint Archive, Report 2016/1126, 2016.
[CRVV15] Ruan De Clercq, Sujoy Sinha Roy, Frederik Vercauteren, and In- grid Verbauwhede. “Efficient software implementation of ring-LWE en- cryption.” In Proceedings of 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 339–344, 2015.
[CWB14] Daniel Cabarcas, Patrick Weiden, and Johannes Buchmann. “On the efficiency of provably secure NTRU.” In Proceedings of the 6th Interna- tional Workshop on Post-Quantum Cryptography – PQCrypto 2014, LNCS, Vol. 8772, pp. 22–39, 2014.
[DG14] Nagarjun C. Dwarakanath and Steven D. Galbraith. “Sampling from dis- crete Gaussians for lattice-based cryptography on a constrained device.” In Applicable Algebra in Engineering, Communication and Computing, Vol. 25, Issue 3, pp. 159–180, 2014.
[DH11] David Dolezilek and Laura Hussey. “Requirements or recommenda- tions? Sorting out NERC CIP, NIST, and DOE cybersecurity.” In Proceed- ings of the 64th Annual Conference for Protective Relay Engineers, pp. 328– 333, 2011.
[DKL+17] Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, Pe- ter Schwabe, Gregor Seiler, and Damien Stehlé. “CRYSTALS-Dilithium: a lattice-based digital signature scheme.” In IACR Cryptology ePrint Archive, Report 2017/633, 2017.
[DKL+19] Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyuba- shevsky, Peter Schwabe, Gregor Seiler, and Damien Stehlé. “CRYS- TALS - DILITHIUM.” NIST Post-Quantum Cryptography Standardiza- tion, Round 2 Submissions. https://csrc.nist.gov/Projects/post-quantum- cryptography/round-2-submissions
[DKRS03] Irit Dinur, Guy Kindler, Ran Raz, and Shmuel Safra. “Approximating-CVP to within almost-polynomial factors is NP-hard.” In Combinatorica, Vol. 23, Issue 2, pp. 205—243, 2003.
[DN12] Léo Ducas and Phong Quang Nguyen. “Faster Gaussian lattice sam- pling using lazy floating-point arithmetic.” In Proceedings of the 18th In- ternational Conference on the Theory and Application of Cryptology and Information Security – ASIACRYPT 2012, LNCS, Vol. 7658, pp. 415–432, 2012.
[FAM+10] Shailendra Fuloria, Ross Anderson, Kevin McGrath, Kai Hansen, and Fernando Alvarez. “The protection of substation communications.” In Proceedings of SCADA Security Scientific Symposium 2010, pp. 1–13, 2010.
[FHU19] Shaik Mullapathi Farooq, S. M. Suhail Hussain, and Taha Selim Us- tun. “Performance evaluation and analysis of IEC 62351-6 probabilistic sig- nature scheme for securing GOOSE messages.” In IEEE Access, Vol. 7, pp. 32343–32351, 2019.
[FS86] Amos Fiat and Adi Shamir. “How to prove yourself: practical solutions to identi cation and signature problems.” In Proceedings of CRYPTO ’86, LNCS, Vol. 263, pp. 186–194, 1986.
[FSV07] Junfeng Fan, Kazuo Sakiyama, and Ingrid Verbauwhede. “Mont- gomery modular multiplication algorithm for multi-core systems.” In Pro- ceedings of 2007 IEEE Workshop on Signal Processing Systems (SIPS), pp. 261–266, 2007.
[GFS+12] Norman Göttert, Thomas Feller, Michael Schneider, Johannes Buch- mann, and Sorin Huss. “On the design of hardware building blocks for mod- ern lattice-based encryption schemes.” In Proceedings of the 14th Interna- tional Conference on Cryptographic Hardware and Embedded Systems – CHES 2012, LNCS, Vol. 7428, pp. 512–529, 2012.
[GLP12] Tim Güneysu, Vadim Lyubashevsky, and Thomas Pöppelmann. “Prac- tical lattice-based cryptography: A signature scheme for embedded sys- tems.” In Proceedings of the 14th International Conference on Crypto- graphic Hardware and Embedded Systems – CHES 2012, LNCS, Vol. 7428, pp. 530–547, 2012.
[GP03] GlobalPlatform. “GlobalPlatform Card Specification 2.1.1.” 2003. http://www.win.tue.nl/pinpasjc/docs/Card
[GPV08] Craig Gentry, Chris Peikert, and Vinod Vaikuntanathan. “Trapdoors for hard lattices and new cryptographic constructions.” In Proceedings of STOC 2008, pp. 197–206, 2008.
[GT01] Michael T. Goodrich and Roberto Tamassia. “Algorithm design: Foun- dations, analysis, and internet examples.” Wiley, 2001.
[GVW17] Florian Gp¨fert, Christine van Vredendaal, and Thomas Wunderer. “A hybrid lattice basis reduction and quantum search attack on LWE.” In IACR Cryptology ePrint Archive, Report 2017/221, 2017.
[IEC61850] “IEC standard for communication network and systems in substa- tions.” IEC 61850, Technical report, 1st edition, 2003–04.
[JCF13] Java Card Forum. “Java Card Platform vs. Native Cards (White Pa- per).” 2013. https://javacardforum.files.wordpress.com/2013/11/jcf-java-vs- native-final.pdf
[KAK96] Çetin Kaya Koç, Tolga Acar, and Burton S. Kaliski Jr.. “Analyzing and comparing Montgomery multiplication algorithms.” In IEEE Micro, Vol. 16, Issue 3, pp. 26–33, 1996.
[Kar16] Charles F. F. Karney. “Sampling exactly from the normal distribution.” In ACM Transactions on Mathematical Software (TOMS), Vol. 42, Issue 1, No. 3, pp. 1–14, 2016.
[Khot06] Subhash Khot. “Hardness of approximating the shortest vector prob- lem in lattices in high lp norms.” In Journal of Computer and System Sci- ences, Vol. 72, Issue 2, pp. 206–219, 2006.
[KY76] Donald Ervin Knuth and Andrew Chi-Chih Yao. “The complexity of non uniform random number generation.” In Algorithms and complexity: New directions and recent results, Academic Press, pp. 357–428, 1976.
[LN16] Patrick Longa and Michael Naehrig. “Speeding up the number theoretic transform for faster ideal lattice-based cryptography.” In Proceedings of the 15th International Conference on Cryptology and Network Security – CANS 2016, LNCS, Vol. 10052, pp. 124–139, 2016.
[LP11] Richard Lindner and Chris Peikert. “Better key sizes (and attacks) for LWE-based encryption.” In Proceedings of the 11th International Confer- ence on Topics in Cryptology – CT-RSA 2011, LNCS, Vol. 6558, pp. 319– 339, 2011.
[LPR10] Vadim Lyubashevsky, Chris Peikert, and Oded Regev. “On ideal lattices and learning with errors over rings.” In Proceedings of the 29th Annual in- ternational conference on Theory and Applications of Cryptographic Tech- niques – EUROCRYPT 2010, LNCS, Vol. 6110, pp. 1–23, 2010.
[LS12] Adeline Langlois and Damien Stehlé. “Worst-Case to average-case re- ductions for module lattices.” In IACR Cryptology ePrint Archive, Report 2012/090, 2012.
[LS15] Adeline Langlois and Damien Stehlé. “Worst-case to average-case reduc- tions for module lattices.” In Designs, Codes and Cryptography, Vol. 75, Issue 3, pp. 565–599, 2015.
[LSR+15] Zhe Liu, Hwajeong Seo, Sujoy Sinha Roy, Johann Großschädl, Howon Kim, and Ingrid Verbauwhede. “Efficient ring-LWE encryption on 8-bit AVR processors.” In Proceedings of the 17th International Conference on Cryptographic Hardware and Embedded Systems – CHES 2015, LNCS, Vol. 9293, pp. 663–682, 2015.
[Lyu09] Vadim Lyubashevsky. “Fiat-Shamir with aborts: applications to lattice and factoring-based signatures.” In Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security – ASIACRYPT 2009, LNCS, Vol. 5912, pp. 598–616, 2009.
[Lyu12] Vadim Lyubashevsky. “Lattice signatures without trapdoors.” In Pro- ceedings of the 31st Annual international conference on Theory and Ap- plications of Cryptographic Techniques – EUROCRYPT 2012, LNCS, Vol. 7237, pp. 738–755, 2012.
[MBCM16] Pedro Maat C. Massolino, Lejla Batina, Ricardo Chaves, and Nele Mentens. “Low power Montgomery modular multiplication on reconfig- urable systems.” In IACR Cryptology ePrint Archive, Report 2016/280, 2016.
[Mic98] Daniele Micciancio. “The shortest vector in a lattice is hard to approx- imate to within some constant.” In Proceedings of the 39th Annual Sympo- sium on Foundations of Computer Science – FOCS ’98, p. 92, 1998.
[MMM04] Ciaran McIvor, Máire McLoone, and John Vincent McCanny. “FPGA Montgomery multiplier architectures - a comparison.” In Proceed- ings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines (FCCM), pp. 279–282, 2004.
[Mont85] Peter L. Montgomery. “Modular multiplication without trial division.” In Mathematics of Computation, Vol. 44, No. 170, pp. 519–521, 1985.
[MR04] Daniele Micciancio and Oded Regev. “Worst-case to average-case re- ductions based on Gaussian measures.” In Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science, pp. 372–381, 2004.
[MR08] Daniele Micciancio and Oded Regev. “Lattice-based cryptography.” In Post-Quantum Cryptography, pp. 147–191. Springer, 2008.
[OBPV03] Sıddıka Berna Örs, Lejla Batina, Bart Preneel, Joos Vandewalle. “Hardware implementation of a Montgomery modular multiplier in a sys- tolic array.” In Proceedings of 2003 IEEE International Parallel and Dis- tributed Processing Symposium (IPDPS), p. 8, 2003.
[OSPG18] Tobias Oder, Tobias Schneider, Thomas Pöppelmann, and Tim Güneysu. “Practical CCA2-secure and masked ring-LWE implementation.” In IACR Transactions on Cryptographic Hardware and Embedded Systems, Vol. 2018, Issue 1, pp. 142–174, 2018.
[Pei08] Chris Peikert. “Limits on the hardness of lattice problems in lp norms.” In Computational complexity, Vol. 17, Issue 2, pp, 300–351, 2008.
[Pei13] Chris Peikert. “An effcient and parallel Gaussian sampler for lattices.” In Proceedings of the 30th Annual Conference on Advances in Cryptology – CRYPTO 2010, LNCS, Vol. 6223, pp. 80–97, 2010.
[Pei14] Chris Peikert. “Lattice cryptography for the Internet.” In Proceed- ings of the 6th International Workshop on Post-Quantum Cryptography – PQCrypto 2014, LNCS, Vol. 8772, pp. 197–219, 2014.
[PG12] Thomas Pöppelmann and Tim Güneysu. “Towards efficient arithmetic for lattice-based cryptography on reconfigurable hardware.” In Proceedings of the 2nd International Conference on Cryptology and Information Secu- rity in Latin America – LATINCRYPT 2012, LNCS, vol. 7533, pp. 139–158, 2012.
[POG15] Thomas Pöppelmann, Tobias Oder, and Tim Güneysu. “High- performance ideal lattice-based cryptography on 8-bit ATxmega microcon- trollers.” In Proceedings of the 4th International Conference on Cryptology and Information Security in Latin America – LATINCRYPT 2015, LNCS, Vol. 9230, pp. 346–365, 2015.
[PPM17] Robert Primas, Peter Pessl, and Stefan Mangard. “Single-trace side- channel attacks on masked lattice-based encryption.” In Proceedings of the 19th International Conference on Cryptographic Hardware and Embedded Systems – CHES 2017, LNCS, Vol. 10529, pp. 513–533, 2017.
[PVW08] Chris Peikert, Vinod Vaikuntanathan, and Brent Waters. “A frame- work for efficient and composable oblivious transfer.” In Proceedings of the 28th Annual International Cryptology Conference – CRYPTO 2008, LNCS, Vol. 5157, pp. 554–571, 2008.
[Reg05] Oded Regev. “On lattices, learning with errors, random linear codes, and cryptography.” In Proceedings of the 37th Annual ACM Symposium on Theory of Computing – STOC ’05, pp. 84–93, 2005.
[RVM+14] Sujoy Sinha Roy, Frederik Vercauteren, Nele Mentens, Donald Don- glong Chen, and Ingrid Verbauwhede. “Compact ring-LWE cryptopro- cessor.” In Proceedings of the 16th International Conference on Crypto- graphic Hardware and Embedded Systems – CHES 2014, LNCS, Vol. 8731, pp. 371–391, 2014.
[RVV13] Sujoy Sinha Roy, Frederik Vercauteren, and Ingrid Verbauwhede. “High precision discrete Gaussian sampling on FPGAs.” In Proceeding of the 20th International Conference on Selected Areas in Cryptography – SAC 2013, LNCS, Vol. 8282, pp. 383–401, 2013.
[Shor94] Peter Williston Shor. “Algorithms for quantum computation: discrete logarithms and factoring.” In Proceedings of the 35th Annual Symposium on Fundamentals of Computer Science (FOCS), pp. 124–134, 1994.
[Shor97] Peter Williston Shor. “Polynomial time algorithms for prime factoriza- tion and discrete logarithms on a quantum computer.” In SIAM Journal on Computing, Vol. 26, Issue 5, pp. 1484–1509, 1997.
[SM06] Sun Microsystems, Inc.. “Java Card Platform Specification 2.2.2.” 2006. http://www.oracle.com/technetwork/java/javacard/specs-138637.html
[SS11] Damien Stehlé and Ron Steinfeld. “Making NTRU as secure as worst- case problems over ideal lattices.” In Proceedings of the 30th Annual in- ternational conference on Theory and Applications of Cryptographic Tech- niques – EUROCRYPT 2011, LNCS, Vol. 6632, pp. 27–47, 2011.
[Sve14a] Petr Švenda. “JCAlgtest - javacard algorithm support testing project.” 2014. https://www.fi.muni.cz/ xsvenda/jcalgtest/
[Sve14b] Petr Švenda. “Nuances of the JavaCard API on the cryptographic smart cards - JCAlgTest project.” In Proceedings of the 7th International Work- shop on Analysis of Security API – ASA’14, 6 pages, 2014.
[TJ09] Hendrik Tews and Bart Jacobs. “Performance issues of selective disclo- sure and blinded issuing protocols on Java Card.” In Proceeding of the 3rd IFIP WG 11.2 International Workshop on Information Security Theory and Practice. Smart Devices, Pervasive Systems, and Ubiquitous Networks – WISTP 2009, LNCS, Vol. 5746, pp. 95–111, 2009.
[TLLV07] David B. Thomas, Wayne Luk, Philip H. W. Leong, and John D. Vil- lasenor. “Gaussian random number generators.” In ACM Computing Surveys (CSUR), Vol. 39, Issue 4, No. 11, pp. 1–38, 2007.
[YCK+16] Ye Yuan, Chen-Mou Cheng, Shinsaku Kiyomoto, Yutaka Miyake, and Tsuyoshi Takagi. “Portable implementation of lattice-based cryptogra- phy using JavaScript.” In International Journal of Networking and Comput- ing, Vol. 6, No. 2, pp. 309–327, 2016.
[YFKT17] Ye Yuan, Kazuhide Fukushima, Shinsaku Kiyomoto, and Tsuyoshi Takagi. “Memory-constrained implementation of lattice-based encryption scheme on standard Java Card.” In Proceedings of 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 47–50, 2017.
[YXF+18] Ye Yuan, Junting Xiao, Kazuhide Fukushima, Shinsaku Kiyomoto, and Tsuyoshi Takagi. “Portable implementation of postquantum encryption schemes and key exchange protocols on JavaScript-enabled platforms.” In Security and Communication Networks, Vol. 2018, Article ID 9846168, 14 pages, 2018.