pith. sign in

arxiv: 2509.15653 · v4 · submitted 2025-09-19 · 💻 cs.CR

Future-Proofing Cloud Security Against Quantum Attacks: Risk, Transition, and Mitigation Strategies

Yaser Baseri , Abdelhakim Hafid , Arash Habibi Lashkari This is my paper

Pith reviewed 2026-05-18 16:13 UTC · model grok-4.3

classification 💻 cs.CR
keywords quantum computingcloud securitypost-quantum cryptographyrisk assessmentmigration strategiescryptographic agilitySTRIDENIST PQC
0
0 comments X

The pith

Cloud systems can be protected from quantum attacks through layer-specific threat analysis and hybrid cryptography transitions across nine architecture levels.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This survey examines how quantum computers threaten the cryptography that protects cloud computing infrastructures and outlines practical steps to address those threats. It analyzes vulnerabilities and countermeasures at each of nine distinct layers ranging from applications down through data, runtime, middleware, operating systems, virtualization, servers, storage, and networking. The analysis applies structured risk assessment to three phases of transition: current classical systems, the mixed period of migration, and the eventual post-quantum state. It incorporates performance checks on new algorithms, reviews of major cloud providers' approaches, and produces concrete taxonomies, risk matrices, and roadmaps for users. The work closes by naming six priority areas for continued study to strengthen cloud defenses.

Core claim

The survey establishes a security framework for quantum-safe cloud computing that integrates hybrid cryptographic strategies including algorithmic combiners and dual certificates, cryptographic agility, and risk-prioritized mitigation. This framework is applied across nine architectural layers using STRIDE-based assessment aligned with NIST SP 800-30 to evaluate threats in pre-transition, hybrid, and post-transition phases, while benchmarking NIST PQC algorithms and drawing on practices from leading cloud service providers to deliver layer-specific threat taxonomies, likelihood-impact risk matrices, and deployment roadmaps.

What carries the argument

Nine architectural layers of cloud systems combined with STRIDE-based risk assessment to produce phase-specific threat taxonomies and mitigation roadmaps.

If this is right

  • Cloud architects gain layer-specific taxonomies to identify and address quantum vulnerabilities at each level.
  • Policymakers receive CSP-informed roadmaps to guide secure migration timelines and resource allocation.
  • Hybrid cryptographic approaches reduce exposure during the period when both classical and post-quantum methods run together.
  • Six named research directions point to needed work on standardization, hardware optimization, and integration with new cloud technologies.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Widespread use of the layer roadmaps could encourage greater consistency in quantum-safe practices among different cloud providers.
  • The framework's emphasis on cryptographic agility suggests that future cloud platforms may need built-in support for rapid algorithm swaps.
  • Extending the analysis to quantify performance overheads of the proposed hybrids in production workloads would help prioritize which layers to upgrade first.

Load-bearing premise

The nine architectural layers comprehensively cover all quantum threat vectors without significant unaddressed interactions between layers.

What would settle it

A documented quantum attack that succeeds by exploiting interactions across multiple layers in a cloud system that has implemented the paper's recommended per-layer mitigations would undermine the framework.

Figures

Figures reproduced from arXiv: 2509.15653 by Abdelhakim Hafid, Arash Habibi Lashkari, Yaser Baseri.

Figure 1
Figure 1. Figure 1: Layered Architecture of a CC Stack, Highlighting Com [PITH_FULL_IMAGE:figures/full_fig_p002_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Organizational Structure of This Survey likelihood, and evaluation of potential impact. This structured approach facilitates a systematic transition to quantum-safe infrastructures [PITH_FULL_IMAGE:figures/full_fig_p004_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Quantum-Safe Transition Risk Assessment Approach [26] [PITH_FULL_IMAGE:figures/full_fig_p005_3.png] view at source ↗
Figure 1
Figure 1. Figure 1: A. Classic Cryptographic Standards and QC: Assessing Cyber Risks Contemporary cryptographic standards rely predominantly on classical algorithms to secure applications and communi￾cations across diverse domains. Widely used classical crypto￾graphic primitives—symmetric, asymmetric, and hash func￾tions—are increasingly vulnerable to QC threats. Quantum algorithms such as Shor’s [2], [31] can efficiently bre… view at source ↗
Figure 4
Figure 4. Figure 4: Qualitative Risk Assessment based on Likelihood and [PITH_FULL_IMAGE:figures/full_fig_p006_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: Cumulative Expert Opinions Related to Quantum [PITH_FULL_IMAGE:figures/full_fig_p006_5.png] view at source ↗
Figure 7
Figure 7. Figure 7: Expected Impact of Quantum Threat for Classic [PITH_FULL_IMAGE:figures/full_fig_p007_7.png] view at source ↗
Figure 6
Figure 6. Figure 6: Expected Likelihood of Quantum Threat to Classic [PITH_FULL_IMAGE:figures/full_fig_p007_6.png] view at source ↗
Figure 4
Figure 4. Figure 4: B.4. Likelihood and Impact Evaluation: For the likelihood assessment, we examine several factors, including exploitabil￾ity (e.g., via physical access, network, or the internet), the availability and effectiveness of countermeasures (detailed in Table VII), and evaluation criteria from Appendix G of NIST SP 800-30 [23]. These criteria have been adapted for quantum threat scenarios and are presented in Tabl… view at source ↗
read the original abstract

Quantum Computing (QC) threatens the cryptographic foundations of Cloud Computing (CC), exposing distributed infrastructures to novel attack vectors. This survey provides comprehensive analysis of quantum-safe cloud security, examining vulnerabilities, transition strategies, and layer-specific countermeasures across nine architectural layers (application, data, runtime, middleware, OS, virtualization, server, storage, networking). We employ STRIDE-based risk assessment aligned with NIST SP 800-30 to evaluate quantum threats through three transition phases: pre-transition (classical cryptography vulnerabilities), hybrid (migration risks), and post-transition (PQC implementation weaknesses including side-channel attacks). Our security framework integrates hybrid cryptographic strategies (algorithmic combiners, dual/composite certificates, protocol-level migration), cryptographic agility, and risk-prioritized mitigation tailored to cloud environments. We benchmark NIST-standardized PQC algorithms for performance and deployment suitability, assess side-channel and implementation vulnerabilities, and analyze quantum-safe strategies from leading CSPs (AWS, Azure, GCP). The survey delivers layer-specific threat taxonomies, likelihood-impact risk matrices, and CSP-informed deployment roadmaps for cloud architects, policymakers, and researchers. We identify six critical research directions: standardization and interoperability, hardware acceleration and performance optimization, AI-enhanced security and threat mitigation, integration with emerging cloud technologies, systemic preparedness and workforce development, and migration frameworks with crypto-agility.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

1 major / 2 minor

Summary. The manuscript surveys quantum computing threats to cloud computing cryptographic foundations. It provides analysis of vulnerabilities, transition strategies, and layer-specific countermeasures across nine architectural layers using STRIDE-based risk assessment aligned with NIST SP 800-30. The framework covers three phases: pre-transition, hybrid, and post-transition, integrating hybrid cryptographic strategies and cryptographic agility. It benchmarks NIST PQC algorithms, assesses side-channel vulnerabilities, and analyzes quantum-safe strategies from CSPs such as AWS, Azure, and GCP, delivering threat taxonomies, risk matrices, and deployment roadmaps. Six research directions are identified.

Significance. Assuming the analyses are well-supported, this work is significant for its structured approach to quantum-safe cloud security. It combines established risk methods with practical CSP insights and identifies key research areas, potentially aiding the transition to post-quantum cryptography in distributed systems. The layer-specific focus and phase-based assessment offer a roadmap that could inform both academic and industry efforts in this critical area.

major comments (1)
  1. [Nine architectural layers description and risk assessment framework] The claim of comprehensive coverage via layer-specific threat taxonomies and likelihood-impact risk matrices relies on treating layers in isolation. However, quantum threats to shared cryptographic primitives propagate across layers (e.g., a break in networking layer TLS affects application confidentiality and runtime integrity). The manuscript would benefit from explicit discussion of cross-layer interactions or systemic adjustments to the risk matrices to support the comprehensiveness claim.
minor comments (2)
  1. The abstract could benefit from specifying the exact sections where the risk matrices and CSP analyses are presented.
  2. Verify that all cited NIST standards and prior literature are up-to-date with the latest PQC developments.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We thank the referee for the constructive feedback on our manuscript. We address the major comment point by point below, indicating where revisions will be made to improve the work.

read point-by-point responses

  1. Referee: The claim of comprehensive coverage via layer-specific threat taxonomies and likelihood-impact risk matrices relies on treating layers in isolation. However, quantum threats to shared cryptographic primitives propagate across layers (e.g., a break in networking layer TLS affects application confidentiality and runtime integrity). The manuscript would benefit from explicit discussion of cross-layer interactions or systemic adjustments to the risk matrices to support the comprehensiveness claim.

    Authors: We agree that quantum threats via shared primitives can propagate across layers and that our presentation would benefit from explicit treatment of these interactions. In the revised manuscript we will add a dedicated subsection within the risk assessment framework that discusses cross-layer dependencies, using the TLS example and others to illustrate cascading effects on confidentiality, integrity, and availability. We will also augment the likelihood-impact matrices with a brief systemic adjustment section that notes inter-layer propagation factors while preserving the per-layer granularity for usability. These additions will be integrated with the existing STRIDE/NIST SP 800-30 alignment and will not require changes to the core layer taxonomies. revision: yes

Circularity Check

0 steps flagged

No circularity: survey applies external standards to quantum-cloud analysis

full rationale

The paper is a literature survey that structures its analysis around nine standard cloud architectural layers and applies the established STRIDE threat model together with NIST SP 800-30 risk assessment. All taxonomies, matrices, and roadmaps are generated by mapping known quantum algorithms (Shor's, Grover's) and NIST PQC candidates onto these external frameworks; no equations, fitted parameters, or predictions are defined in terms of the paper's own outputs. No load-bearing self-citations or uniqueness theorems from the authors' prior work appear in the provided text. The central claims therefore rest on independent external benchmarks rather than reducing to the inputs by construction.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

The central claims rest on selection and interpretation of prior literature on post-quantum cryptography and cloud architectures rather than new mathematical axioms or fitted parameters.

pith-pipeline@v0.9.0 · 5776 in / 1058 out tokens · 55319 ms · 2026-05-18T16:13:26.056051+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

267 extracted references · 267 canonical work pages · 4 internal anchors

  1. [1]

    Evolution of quantum comput- ing: Theoretical and innovation management implications for emerging quantum industry,

    M. Coccia, S. Roshani, and M. Mosleh, “Evolution of quantum comput- ing: Theoretical and innovation management implications for emerging quantum industry,”IEEE Transactions on Engineering Management, vol. 71, pp. 2270–2280, 2024

    work page 2024

  2. [2]

    Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer,

    P. W. Shor, “Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer,”SIAM Review, vol. 41, no. 2, pp. 303–332, 1999

    work page 1999

  3. [3]

    A fast quantum mechanical algorithm for database search,

    L. K. Grover, “A fast quantum mechanical algorithm for database search,” inProceedings of the twenty-eighth annual ACM symposium on Theory of computing, 1996, pp. 212–219

    work page 1996

  4. [4]

    Cybersecurity in an era with quantum computers: will we be ready?

    M. Mosca, “Cybersecurity in an era with quantum computers: will we be ready?”IEEE Security & Privacy, vol. 16, no. 5, pp. 38–41, 2018

    work page 2018

  5. [5]

    How to factor 2048 bit rsa integers in 8 hours using 20 million noisy qubits,

    C. Gidney and M. Eker ˚a, “How to factor 2048 bit rsa integers in 8 hours using 20 million noisy qubits,”Quantum, vol. 5, p. 433, 2021

    work page 2048

  6. [6]

    N. I. of Standards and Technology. (2023) NIST to standardize encryption algorithms that can resist attack by quantum computers. https://www.nist.gov

    work page 2023

  7. [7]

    (2024) Post-quantum cryptography initiative

    America’s Cyber Defense Agency. (2024) Post-quantum cryptography initiative. https://www.cisa.gov/quantum. CISA. Accessed: 2025-06-06

    work page 2024

  8. [8]

    Post-quantum cryptography,

    Amazon Web Services, “Post-quantum cryptography,” https://aws.amaz on.com/security/post-quantum-cryptography, Amazon Web Services, Inc., 2025, accessed: 2025-09-22

    work page 2025

  9. [9]

    Post-quantum cryptography (PQC),

    Google Cloud, “Post-quantum cryptography (PQC),” https://cloud.go ogle.com/security/resources/post-quantum-cryptography, Google LLC, 2024, accessed: 2025-09-22

    work page 2024

  10. [10]

    Post-quantum cryptography,

    Microsoft Research, “Post-quantum cryptography,” https://www.micros oft.com/en-us/research/project/post-quantum-cryptography/, Microsoft Corporation, 2025, accessed: 2025-09-22

    work page 2025

  11. [11]

    Compact hybrid signature for secure transition to post-quantum era,

    H.-Y . Kwon, I. Bajuna, and M.-K. Lee, “Compact hybrid signature for secure transition to post-quantum era,”IEEE Access, vol. 12, pp. 39 417–39 429, 2024

    work page 2024

  12. [12]

    Hy- brid key encapsulation mechanisms and authenticated key exchange,

    N. Bindel, J. Brendel, M. Fischlin, B. Goncalves, and D. Stebila, “Hy- brid key encapsulation mechanisms and authenticated key exchange,” in Post-Quantum Cryptography, J. Ding and R. Steinwandt, Eds. Cham: Springe, 2019, pp. 206–226

    work page 2019

  13. [13]

    Hybrid post-quantum signatures in hardware security keys,

    D. Ghineaet al., “Hybrid post-quantum signatures in hardware security keys,” inApplied Cryptography and Network Security Workshops. Cham: Springer, 2023, pp. 480–499

    work page 2023

  14. [14]

    Stride-based threat modeling for cyber-physical systems,

    R. Khan, K. McLaughlin, D. Laverty, and S. Sezer, “Stride-based threat modeling for cyber-physical systems,” in2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe). IEEE, 2017, pp. 1–6

    work page 2017

  15. [15]

    Threat modeling of industrial control systems: A systematic literature review,

    S. M. Khalil, H. Bahsi, and T. Kor ˜otko, “Threat modeling of industrial control systems: A systematic literature review,”Computers & Security, vol. 136, p. 103543, 2024

    work page 2024

  16. [16]

    Cloud computing security: A survey of service-based models,

    F. K. Parast, C. Sindhav, S. Nikam, H. I. Yekta, K. B. Kent, and S. Hakak, “Cloud computing security: A survey of service-based models,”Computers & Security, vol. 114, p. 102580, 2022

    work page 2022

  17. [17]

    Cloud computing in the quantum era,

    M. Kaiiali, S. Sezer, and A. Khalid, “Cloud computing in the quantum era,” in2019 IEEE Conference on Communications and Network Security (CNS), 2019, pp. 1–4

    work page 2019

  18. [18]

    Mitigating 5G security challenges for next-gen industry using quantum comput- ing,

    C. Mangla, S. Rani, N. M. Faseeh Qureshi, and A. Singh, “Mitigating 5G security challenges for next-gen industry using quantum comput- ing,”Journal of King Saud University - Computer and Information Sciences, vol. 35, no. 6, p. 101334, 2023

    work page 2023

  19. [19]

    A survey of important issues in quantum computing and communications,

    Z. Yang, M. Zolanvari, and R. Jain, “A survey of important issues in quantum computing and communications,”IEEE Communications Surveys & Tutorials, vol. 25, no. 2, pp. 1059–1094, 2023

    work page 2023

  20. [20]

    Quantum in the cloud: application potentials and research opportunities,

    F. Leymann, J. Barzen, M. Falkenthal, D. Vietz, B. Weder, and K. Wild, “Quantum in the cloud: application potentials and research opportunities,”arXiv preprint arXiv:2003.06256, 2020

    work page arXiv 2003

  21. [21]

    Quantum cloud computing: a review, open problems, and future directions,

    H. T. Nguyen, P. Krishnan, D. Krishnaswamy, M. Usman, and R. Buyya, “Quantum cloud computing: a review, open problems, and future directions,”arXiv preprint arXiv:2404.11420, 2024

    work page arXiv 2024

  22. [22]

    Security vulnerabilities in quantum cloud systems: A survey on emerging threats,

    J. Coupel and T. Farheen, “Security vulnerabilities in quantum cloud systems: A survey on emerging threats,”arXiv preprint arXiv:2504.19064, 2025

    work page arXiv 2025

  23. [23]

    Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication,

    National Institute of Standards and Technology, “Guide for conducting risk assessments,” https://doi.org/10.6028/NIST.SP.800- 30r1, National Institute of Standards and Technology, Tech. Rep. NIST Special Publication 800-30 Revision 1, September 2012

    work page doi:10.6028/nist.sp.800- 2012

  24. [24]

    Framework for Im- proving Critical Infrastructure Cybersecurity (CSF 2.0),

    National Institute of Standards and Technology, “Framework for Im- proving Critical Infrastructure Cybersecurity (CSF 2.0),” ttps://doi.org/ 10.6028/NIST.CSWP.27, U.S. Department of Commerce, Tech. Rep. NIST Cybersecurity Framework 2.0, February 2024

    work page doi:10.6028/nist.cswp.27 2024

  25. [26]

    Blockchain security risk assessment in quantum era, migration strate- gies and proactive defense,

    Y . Baseri, A. Hafid, Y . Shahsavari, D. Makrakis, and H. Khodaiemehr, “Blockchain security risk assessment in quantum era, migration strate- gies and proactive defense,” https://arxiv.org/abs/2501.11798, 2025

    work page arXiv 2025

  26. [27]

    A descriptive study of assumptions in stride security threat modeling,

    D. Van Landuyt and W. Joosen, “A descriptive study of assumptions in stride security threat modeling,”Software and Systems Modeling, pp. 1–18, 2021

    work page 2021

  27. [28]

    Stride to a secure smart grid in a hybrid cloud,

    B. Jelacic, D. Rosic, I. Lendak, M. Stanojevic, and S. Stoja, “Stride to a secure smart grid in a hybrid cloud,” inComputer Security. Springer, 2017, pp. 77–90

    work page 2017

  28. [29]

    Evaluation framework for quantum security risk assessment: A comprehensive strategy for quantum-safe transition,

    Y . Baseri, V . Chouhan, A. Ghorbani, and A. Chow, “Evaluation framework for quantum security risk assessment: A comprehensive strategy for quantum-safe transition,”Computers & Security, vol. 150, p. 104272, 2025

    work page 2025

  29. [30]

    ”steal now, decrypt later

    M. Barenkamp, “”steal now, decrypt later” post-quantum-kryptografie & ki,”Informatik Spektrum, vol. 45, no. 6, pp. 349–355, 2022

    work page 2022

  30. [31]

    Algorithms for quantum computation: discrete logarithms and factoring,

    P. W. Shor, “Algorithms for quantum computation: discrete logarithms and factoring,”Proceedings 35th annual symposium on foundations of computer science, pp. 124–134, 1994

    work page 1994

  31. [32]

    Elliptic Curves for Security,

    A. Langley, M. Hamburg, and S. Turner, “Elliptic Curves for Security,” https://www.rfc-editor.org/info/rfc7748, IETF, RFC 7748, January 2016, informational

    work page 2016

  32. [33]

    Fundamental Elliptic Curve Cryptography Algorithms,

    D. McGrew, K. Igoe, and M. Salter, “Fundamental Elliptic Curve Cryptography Algorithms,” https://www.rfc-editor.org/info/rfc6090, IETF, RFC 6090, February 2011, informational. 33

    work page 2011

  33. [34]

    Negotiated Finite Field Diffie-Hellman Ephemeral Param- eters for Transport Layer Security (TLS),

    D. Gillmor, “Negotiated Finite Field Diffie-Hellman Ephemeral Param- eters for Transport Layer Security (TLS),” https://www.rfc-editor.org/ info/rfc7919, IETF, RFC 7919, August 2016, standards Track

    work page 2016

  34. [35]

    PKCS #1: RSA Cryptography Specifications Version 2.2,

    K. Moriarty, B. Kaliski, J. Jonsson, and A. Rusch, “PKCS #1: RSA Cryptography Specifications Version 2.2,” https://www.rfc-editor.org/ info/rfc8017, IETF, RFC 8017, November 2016, informational

    work page 2016

  35. [36]

    Use of the Advanced Encryption Standard (AES) En- cryption Algorithm in Cryptographic Message Syntax (CMS),

    J. Schaad, “Use of the Advanced Encryption Standard (AES) En- cryption Algorithm in Cryptographic Message Syntax (CMS),” https: //www.rfc- editor.org/info/rfc3565, IETF, RFC 3565, July 2003, standards Track

    work page 2003

  36. [37]

    Us secure hash algorithms (SHA and SHA-based HMAC and HKDF),

    D. Eastlake 3rd and T. Hansen, “Us secure hash algorithms (SHA and SHA-based HMAC and HKDF),” 2011

    work page 2011

  37. [38]

    Quantum Algorithm for the Collision Problem

    G. Brassard, P. Hoyer, and A. Tapp, “Quantum algorithm for the collision problem,”arXiv preprint quant-ph/9705002, 1997

    work page internal anchor Pith review Pith/arXiv arXiv 1997

  38. [39]

    2022 quantum threat timeline report,

    M. Mosca and M. Piani, “2022 quantum threat timeline report,”Global Risk Insitute, 2022

    work page 2022

  39. [40]

    CRYSTALS-Kyber: a CCA-secure module-lattice-based KEM,

    J. Bos, L. Ducas, E. Kiltz, T. Lepoint, V . Lyubashevsky, J. M. Schanck, P. Schwabe, G. Seiler, and D. Stehl ´e, “CRYSTALS-Kyber: a CCA-secure module-lattice-based KEM,” in2018 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, 2018, pp. 353–367

    work page 2018

  40. [41]

    FIPS 203, module- lattice-based key-encapsulation mechanism standard,

    National Institute of Standards and Technology, “FIPS 203, module- lattice-based key-encapsulation mechanism standard,” https://csrc.nist. gov/pubs/fips/203/ipd, 2023, accessed: 2024-01-15

    work page 2023

  41. [42]

    Number “not used

    P. Ravi, D. B. Roy, S. Bhasin, A. Chattopadhyay, and D. Mukhopad- hyay, “Number “not used” once-practical fault attack on pqm4 imple- mentations of NIST candidates,” inConstructive Side-Channel Analysis and Secure Design. Springer, 2019, pp. 232–250

    work page 2019

  42. [43]

    Practical CCA2-secure and masked ring-LWE implementation,

    T. Oder, T. Schneider, T. P ¨oppelmann, and T. G ¨uneysu, “Practical CCA2-secure and masked ring-LWE implementation,”IACR Transac- tions on Cryptographic Hardware and Embedded Systems, pp. 142– 174, 2018

    work page 2018

  43. [44]

    Drop by drop you break the rock-exploiting generic vulnerabilities in lattice-based pke/kems using em-based physical attacks,

    P. Ravi, S. Bhasin, S. S. Roy, and A. Chattopadhyay, “Drop by drop you break the rock-exploiting generic vulnerabilities in lattice-based pke/kems using em-based physical attacks,”Cryptology ePrint Archive, 2020

    work page 2020

  44. [45]

    Chosen ciphertext k- trace attacks on masked cca2 secure kyber,

    M. Hamburg, J. Hermelink, R. Primas, S. Samardjiska, T. Schamberger, S. Streit, E. Strieder, and C. van Vredendaal, “Chosen ciphertext k- trace attacks on masked cca2 secure kyber,”IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 88–113, 2021

    work page 2021

  45. [46]

    More practical single-trace attacks on the number theoretic transform,

    P. Pessl and R. Primas, “More practical single-trace attacks on the number theoretic transform,” inInternational Conference on Cryptol- ogy and Information Security in Latin America. Springer, 2019, pp. 130–149

    work page 2019

  46. [47]

    Power-based side channel attack analysis on PQC algo- rithms,

    T. Kamucheka, M. Fahr, T. Teague, A. Nelson, D. Andrews, and M. Huang, “Power-based side channel attack analysis on PQC algo- rithms,”Cryptology ePrint Archive, 2021

    work page 2021

  47. [48]

    Breaking a fifth-order masked implementation of crystals-kyber by copy-paste,

    E. Dubrova, K. Ngo, and J. G ¨artner, “Breaking a fifth-order masked implementation of crystals-kyber by copy-paste,”Cryptology ePrint Archive, 2022

    work page 2022

  48. [49]

    Generic side- channel attacks on cca-secure lattice-based pke and kems

    P. Ravi, S. S. Roy, A. Chattopadhyay, and S. Bhasin, “Generic side- channel attacks on cca-secure lattice-based pke and kems.”IACR Trans. Cryptogr. Hardw. Embed. Syst., vol. 2020, no. 3, pp. 307–335, 2020

    work page 2020

  49. [50]

    Magnifying side-channel leakage of lattice-based cryptosystems with chosen ciphertexts: the case study of kyber,

    Z. Xu, O. Pemberton, S. S. Roy, D. Oswald, W. Yao, and Z. Zheng, “Magnifying side-channel leakage of lattice-based cryptosystems with chosen ciphertexts: the case study of kyber,”IEEE Transactions on Computers, vol. 71, no. 9, pp. 2163–2176, 2021

    work page 2021

  50. [51]

    A novel clas- sification of attacks on blockchain layers: Vulnerabilities, attacks, mitigations, and research directions,

    K. Dwivedi, A. Agrawal, A. Bhatia, and K. Tiwari, “A novel clas- sification of attacks on blockchain layers: Vulnerabilities, attacks, mitigations, and research directions,”arXiv preprint arXiv:2404.18090, 2024

    work page arXiv 2024

  51. [52]

    On exploiting message leakage in (few) NIST PQC candidates for practical message recovery attacks,

    P. Ravi, S. Bhasin, S. S. Roy, and A. Chattopadhyay, “On exploiting message leakage in (few) NIST PQC candidates for practical message recovery attacks,”IEEE Transactions on Information Forensics and Security, vol. 17, pp. 684–699, 2021

    work page 2021

  52. [53]

    Cold boot attacks on ring and module LWE keys under the NTT,

    M. R. Albrecht, A. Deo, and K. G. Paterson, “Cold boot attacks on ring and module LWE keys under the NTT,”Cryptology ePrint Archive, 2018

    work page 2018

  53. [54]

    Crystals-Dilithium: A lattice-based digital signature scheme,

    L. Ducas, E. Kiltz, T. Lepoint, V . Lyubashevsky, P. Schwabe, G. Seiler, and D. Stehl ´e, “Crystals-Dilithium: A lattice-based digital signature scheme,”IACR Transactions on Cryptographic Hardware and Embed- ded Systems, pp. 238–268, 2018

    work page 2018

  54. [55]

    FIPS 204, module- lattice-based digital signature standard,

    National Institute of Standards and Technology, “FIPS 204, module- lattice-based digital signature standard,” https://csrc.nist.gov/pubs/fips/ 204/ipd, 2023, accessed: 2024-01-15

    work page 2023

  55. [56]

    Differential fault attacks on determin- istic lattice signatures,

    L. G. Bruinderink and P. Pessl, “Differential fault attacks on determin- istic lattice signatures,”IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 21–43, 2018

    work page 2018

  56. [57]

    Masking dilithium,

    V . Migliore, B. G ´erard, M. Tibouchi, and P.-A. Fouque, “Masking dilithium,” inApplied Cryptography and Network Security, R. H. Deng, V . Gauthier-Uma˜na, M. Ochoa, and M. Yung, Eds. Cham: Springer, 2019, pp. 344–362

    work page 2019

  57. [58]

    Profiling side-channel attacks on dilithium: A small bit-fiddling leak breaks it all,

    V . Q. Ulitzsch, S. Marzougui, M. Tibouchi, and J.-P. Seifert, “Profiling side-channel attacks on dilithium: A small bit-fiddling leak breaks it all,” inInternational Conference on Selected Areas in Cryptography. Springer, 2022, pp. 3–32

    work page 2022

  58. [59]

    Exploiting determinism in lattice-based signatures: practical fault attacks on pqm4 implementations of NIST candidates,

    P. Ravi, M. P. Jhanwar, J. Howe, A. Chattopadhyay, and S. Bhasin, “Exploiting determinism in lattice-based signatures: practical fault attacks on pqm4 implementations of NIST candidates,” inProceedings of the 2019 ACM Asia Conference on Computer and Communications Security, 2019, pp. 427–440

    work page 2019

  59. [60]

    Analysis of EM fault injection on bit-sliced number theoretic transform software in dilithium,

    R. Singh, S. Islam, B. Sunar, and P. Schaumont, “Analysis of EM fault injection on bit-sliced number theoretic transform software in dilithium,”ACM Trans. Embed. Comput. Syst., vol. 23, no. 2, pp. 1–27, Mar. 2024

    work page 2024

  60. [61]

    A practical template attack on CRYSTALS-Dilithium,

    A. Berzati, A. C. Viera, M. Chartouni, S. Madec, D. Vergnaud, and D. Vigilant, “A practical template attack on CRYSTALS-Dilithium,” Cryptology ePrint Archive, Paper 2023/050, 2023

    work page 2023

  61. [62]

    The SPHINCS+ signature framework,

    D. J. Bernstein, A. H ¨ulsing, S. K¨olbl, R. Niederhagen, J. Rijneveld, and P. Schwabe, “The SPHINCS+ signature framework,” inProceedings of the 2019 ACM SIGSAC conference on computer and communications security, 2019, pp. 2129–2146

    work page 2019

  62. [63]

    FIPS 205, stateless hash-based digital signature standard,

    National Institute of Standards and Technology, “FIPS 205, stateless hash-based digital signature standard,” https://csrc.nist.gov/pubs/fips/ 205/ipd, 2023, accessed: 2024-01-15

    work page 2023

  63. [64]

    Grafting trees: a fault attack against the SPHINCS framework,

    L. Castelnovi, A. Martinelli, and T. Prest, “Grafting trees: a fault attack against the SPHINCS framework,” inInternational Conference on Post- Quantum Cryptography. Springer, 2018, pp. 165–184

    work page 2018

  64. [65]

    Practical fault injection attacks on SPHINCS,

    A. Gen ˆet, M. J. Kannwischer, H. Pelletier, and A. McLauchlan, “Practical fault injection attacks on SPHINCS,”Cryptology ePrint Archive, 2018

    work page 2018

  65. [66]

    Differential power analysis of XMSS and SPHINCS,

    M. J. Kannwischer, A. Gen ˆet, D. Butin, J. Kr ¨amer, and J. Buchmann, “Differential power analysis of XMSS and SPHINCS,” inConstructive Side-Channel Analysis and Secure Design, J. Fan and B. Gierlichs, Eds. Cham: Springer, 2018, pp. 168–188

    work page 2018

  66. [67]

    Falcon: Fast- fourier lattice-based compact signatures over NTRU,

    P.-A. Fouque, J. Hoffstein, P. Kirchner, V . Lyubashevsky, T. Pornin, T. Prest, T. Ricosset, G. Seiler, W. Whyte, and Z. Zhang, “Falcon: Fast- fourier lattice-based compact signatures over NTRU,”Submission to the NIST’s post-quantum cryptography standardization process, vol. 36, no. 5, 2018

    work page 2018

  67. [68]

    NIST first call for multi-party threshold schemes,

    N. I. of Standards and Technology, “NIST first call for multi-party threshold schemes,” https://nvlpubs.nist.gov/nistpubs/ir/2025/NIST.IR. 8214C.2pd.pdf, U.S. Department of Commerce, NIST Interagency or Internal Report (IR) 8214C, March 2025

    work page 2025

  68. [69]

    BEARZ attack FALCON: implementation attacks with countermea- sures on the FALCON signature scheme,

    S. McCarthy, J. Howe, N. Smyth, S. Brannigan, and M. O’Neill, “BEARZ attack FALCON: implementation attacks with countermea- sures on the FALCON signature scheme,”Cryptology ePrint Archive, 2019

    work page 2019

  69. [70]

    The hidden parallelepiped is back again: Power analysis attacks on falcon,

    M. Guerreau, A. Martinelli, T. Ricosset, and M. Rossi, “The hidden parallelepiped is back again: Power analysis attacks on falcon,”IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 141–164, 2022

    work page 2022

  70. [71]

    Falcon down: Breaking falcon post- quantum signature scheme through side-channel attacks,

    E. Karabulut and A. Aysu, “Falcon down: Breaking falcon post- quantum signature scheme through side-channel attacks,” in2021 58th ACM/IEEE Design Automation Conference. IEEE, 2021, pp. 691–696

    work page 2021

  71. [72]

    Hamming quasi-cyclic (HQC),

    C. A. Melchor, N. Aragon, S. Bettaieb, L. Bidoux, O. Blazy, J.- C. Deneuville, P. Gaborit, E. Persichetti, G. Z ´emor, and I. Bourges, “Hamming quasi-cyclic (HQC),”NIST PQC Round, vol. 2, pp. 4–13, 2018

    work page 2018

  72. [73]

    Status report on the fourth round of the NIST post- quantum cryptography standardization process,

    G. Alagicet al., “Status report on the fourth round of the NIST post- quantum cryptography standardization process,” https://nvlpubs.nist.g ov/nistpubs/ir/2025/NIST.IR.8545.pdf, National Institute of Standards and Technology, Tech. Rep. NIST IR 8545, March 2025

    work page 2025

  73. [74]

    Message-recovery laser fault injection attack on code-based cryptosys- tems

    P.-L. Cayrel, B. Colombier, V .-F. Dragoi, A. Menu, and L. Bossuet, “Message-recovery laser fault injection attack on code-based cryptosys- tems.”IACR Cryptol. ePrint Arch., vol. 2020, p. 900, 2020

    work page 2020

  74. [75]

    Fault- injection attacks against NIST’s post-quantum cryptography round 3 KEM candidates,

    K. Xagawa, A. Ito, R. Ueno, J. Takahashi, and N. Homma, “Fault- injection attacks against NIST’s post-quantum cryptography round 3 KEM candidates,” inAdvances in Cryptology – ASIACRYPT 2021, M. Tibouchi and H. Wang, Eds. Cham: Springer, 2021, pp. 33–61

    work page 2021

  75. [76]

    A key-recovery timing attack on post-quantum primitives using the Fujisaki-Okamoto transformation 34 and its application on FrodoKEM,

    Q. Guo, T. Johansson, and A. Nilsson, “A key-recovery timing attack on post-quantum primitives using the Fujisaki-Okamoto transformation 34 and its application on FrodoKEM,” inAdvances in Cryptology – CRYPTO 2020. Cham: Springer, 2020, pp. 359–386

    work page 2020

  76. [77]

    Don’t reject this: Key-recovery timing attacks due to rejection-sampling in hqc and bike,

    Q. Guo, C. Hlauschek, T. Johansson, N. Lahr, A. Nilsson, and R. L. Schr ¨oder, “Don’t reject this: Key-recovery timing attacks due to rejection-sampling in hqc and bike,”IACR Transactions on Crypto- graphic Hardware and Embedded Systems, pp. 223–263, 2022

    work page 2022

  77. [78]

    A practicable timing attack against HQC and its countermeasure,

    G. Wafo-Tapa, S. Bettaieb, L. Bidoux, P. Gaborit, and E. Marcatel, “A practicable timing attack against HQC and its countermeasure,” Advances in Mathematics of Communications, 2020

    work page 2020

  78. [79]

    A power side-channel attack on the CCA2-secure HQC KEM,

    T. Schamberger, J. Renner, G. Sigl, and A. Wachter-Zeh, “A power side-channel attack on the CCA2-secure HQC KEM,” inSmart Card Research and Advanced Applications, P.-Y . Liardet and N. Mentens, Eds. Cham: Springer, 2021, pp. 119–134

    work page 2021

  79. [80]

    A new key recovery side- channel attack on HQC with chosen ciphertext,

    G. Goy, A. Loiseau, and P. Gaborit, “A new key recovery side- channel attack on HQC with chosen ciphertext,” inPost-Quantum Cryptography, J. H. Cheon and T. Johansson, Eds. Cham: Springer, 2022, pp. 353–371

    work page 2022

  80. [81]

    Et tu, Brute? side-channel assisted chosen ciphertext attacks using valid ciphertexts on HQC KEM,

    T. B. Paiva, P. Ravi, D. Jap, S. Bhasin, S. Das, and A. Chattopadhyay, “Et tu, Brute? side-channel assisted chosen ciphertext attacks using valid ciphertexts on HQC KEM,” inPost-Quantum Cryptography, R. Niederhagen and M.-J. O. Saarinen, Eds. Cham: Springer, 2025, pp. 294–321

    work page 2025

Showing first 80 references.