thesis.bib

@book{mathefuerInfoBand1,
  author       = {Gerald Teschl and Susanne Teschl},
  title        = {Mathematik für Informatiker: Band 1: Diskrete Mathematik und Lineare
Algebra},
  series       = {eXamen.press},
  publisher    = {Springer-Vieweg},
  year         = {2013},
  doi          = {10.1007/978-3-642-37972-7},
  isbn         = {978-3-642-37971-0},
}

@book{quantumverstehen,
  author       = {Matthias Homeister},
  title        = {Quantum Computing
verstehen Grundlagen – Anwendungen –
Perspektiven},
  series       = {Computational Intelligence},
  publisher    = {Springer-Vieweg},
  year         = {2022},
  doi          = {10.1007/978-3-658-36434-2},
  isbn         = {978-3-658-36434-2},
}

@book{liesenlineareAlgebra,
  author       = {Jörg Liesen and Volker Mehrmann},
  title        = {Lineare Algebra
Ein Lehrbuch über die Theorie mit Blick
auf die Praxis},
  series       = {Springer Studium Mathematik (Bachelor)},
  publisher    = {Springer Spektrum},
  year         = {2021},
  doi          = {10.1007/978-3-662-62742-6},
  isbn         = {978-3-662-62742-6},
}

@book{AbstractAlgebraRobinson,
  author       = {Derek J.S. Robinson},
  title        = {Abstract Algebra
An Introduction with Applications},
  series       = {De Gruyter Textbook},
  publisher    = {De Gruyter},
  year         = {2015},
  doi          = {10.1515/9783110340877},
  isbn         = {978-3-11-034087-7},
}

@book{Kryptografie2016,
  author       = {Christof Paar, Jan Pelzl},
  title        = {Kryptografie verständlich
Ein Lehrbuch für Studierende und
Anwender},
  series       = {eXamen.press},
  publisher    = {Springer-Vieweg},
  year         = {2016},
  doi          = {10.1007/978-3-662-49297-0},
  isbn         = {978-3-662-49297-0},
}

@book{cppConcurrency,
  author       = {Anthony Williams},
  title        = {C++ Concurrency
in Action},
  series       = {Practical Multithreading},
  publisher    = {Manning Publications Co.},
  year         = {2019},
  isbn         = {9781933988771},
}

@book{rustForRustaceans,
  author       = {Jon Gjengset},
  title        = {Rust for Rustaceans},
  publisher    = {No Starch Press Inc.},
  year         = {2021},
  isbn         = {978-1-7185-0186-7},
}

@book{rustBook,
author = {Klabnik, Steve and Nichols, Carol},
title = {The Rust Programming Language},
year = {2018},
isbn = {1593278284},
publisher = {No Starch Press},
address = {USA},
}

    @book{hackersDelight,
    author = {Warren, Henry S.},
    title = {Hacker's Delight},
    year = {2012},
    isbn = {0321842685},
    doi = {10.5555/2462741},
    publisher = {Addison-Wesley Professional},
    edition = {2nd},
    abstract = {In Hackers Delight, Second Edition, Hank Warren once again compiles an irresistible collection of programming hacks: timesaving techniques, algorithms, and tricks that help programmers build more elegant and efficient software, while also gaining deeper insights into their craft. Warrens hacks are eminently practical, but theyre also intrinsically interesting, and sometimes unexpected, much like the solution to a great puzzle. They are, in a word, a delight to any programmer who is excited by the opportunity to improve. Extensive additions in this edition include A new chapter on cyclic redundancy checking (CRC), including routines for the commonly used CRC-32 code A new chapter on error correcting codes (ECC), including routines for the Hamming code More coverage of integer division by constants, including methods using only shifts and adds Computing remainders without computing a quotient More coverage of population count and counting leading zeros Array population count New algorithms for compress and expand An LRU algorithm Floating-point to/from integer conversions Approximate floating-point reciprocal square root routine A gallery of graphs of discrete functions Now with exercises and answers},
    pages = {40}
}

@inproceedings{spKocherHFGGHHLM019,
  author       = {Paul Kocher and
                  Jann Horn and
                  Anders Fogh and
                  Daniel Genkin and
                  Daniel Gruss and
                  Werner Haas and
                  Mike Hamburg and
                  Moritz Lipp and
                  Stefan Mangard and
                  Thomas Prescher and
                  Michael Schwarz and
                  Yuval Yarom},
  title        = {{Spectre} Attacks: Exploiting Speculative Execution},
  booktitle    = {Security and Privacy -- {SP} 2019},
  pages        = {1--19},
  publisher    = {{IEEE}},
  year         = {2019},
  doi          = {10.1109/SP.2019.00002},
}

@inproceedings{DinhMooreRussell,
  author       = {Dinh, Hang
and Moore, Cristopher
and Russell, Alexander},
  title        = {McEliece and Niederreiter Cryptosystems That Resist Quantum Fourier Sampling Attacks},
  booktitle    = {Advances in Cryptology -- CRYPTO 2011},
  pages        = {761--779},
  publisher    = {Springer Berlin Heidelberg},
  year         = {2011},
  isbn         = {978-3-642-22792-9},
  doi          = {10.5555/2033036.2033093},
}

@InProceedings{trapdoor,
author={Garg, Sanjam
and Hajiabadi, Mohammad
and Malavolta, Giulio
and Ostrovsky, Rafail},
editor={Tibouchi, Mehdi
and Wang, Huaxiong},
title={How to Build a Trapdoor Function from an Encryption Scheme},
booktitle={Advances in Cryptology -- ASIACRYPT 2021},
year={2021},
publisher={Springer International Publishing},
address={Cham},
pages={220--249},
abstract={In this work we ask the following question: Can we transform any encryption scheme into a trapdoor function (TDF)? Alternatively stated, can we make any encryption scheme randomness recoverable? We propose a generic compiler that takes as input any encryption scheme with pseudorandom ciphertexts and adds a trapdoor to invert the encryption, recovering also the random coins. This universal TDFier only assumes in addition the existence of a hinting pseudorandom generator (PRG). Despite the simplicity, our transformation is quite general and we establish a series of new feasibility results:The first identity-based TDF [Bellare et al. EUROCRYPT 2012] from the CDH assumption in pairing-free groups (or from factoring), thus matching the state of the art for identity-based encryption schemes. Prior works required pairings or LWE.The first collusion-resistant attribute-based TDF (AB-TDF) for all ({\$}{\$}NC^1{\$}{\$}NC1, resp.) circuits from LWE (bilinear maps, resp.). Moreover, the first single-key AB-TDF from CDH. To the best of our knowledge, no AB-TDF was known in the literature (not even for a single key) from any assumption. We obtain the same results for predicate encryption.},
isbn={978-3-030-92078-4},
doi={10.1007/978-3-030-92078-4_8},
}

@InProceedings{ballCollision,
author={Bernstein, Daniel J.
and Lange, Tanja
and Peters, Christiane},
editor={Rogaway, Phillip},
title={Smaller Decoding Exponents: Ball-Collision Decoding},
booktitle={Advances in Cryptology -- CRYPTO 2011},
year={2011},
publisher={Springer Berlin Heidelberg},
pages={743--760},
isbn={978-3-642-22792-9},
doi={10.1007/978-3-642-22792-9_42},
}

@InProceedings{McBits,
author={Chou, Tung},
editor={Fischer, Wieland
and Homma, Naofumi},
title={McBits Revisited},
booktitle={Cryptographic Hardware and Embedded Systems -- CHES 2017},
year={2017},
publisher={Springer International Publishing},
address={Cham},
pages={213--231},
abstract={This paper presents a constant-time fast implementation for a high-security code-based encryption system. The implementation is based on the ``McBits'' paper by Bernstein, Chou, and Schwabe in 2013: we use the same FFT algorithms for root finding and syndrome computation, similar algorithms for secret permutation, and bitslicing for low-level operations. As opposed to McBits, where a high decryption throughput is achieved by running many decryption operations in parallel, we take a different approach to exploit the internal parallelism in one decryption operation for the use of more applications. As the result, we manage to achieve a slightly better decryption throughput at a much higher security level than McBits. As a minor contribution, we also present a constant-time implementation for encryption and key-pair generation, with similar techniques used for decryption.},
isbn={978-3-319-66787-4},
doi={10.1007/978-3-319-66787-4_11},
}

@InProceedings{saitoYamakawa,
author={Saito, Tsunekazu
and Xagawa, Keita
and Yamakawa, Takashi},
editor={Nielsen, Jesper Buus
and Rijmen, Vincent},
title={Tightly-Secure Key-Encapsulation Mechanism in the Quantum Random Oracle Model},
booktitle={Advances in Cryptology -- EUROCRYPT 2018 },
year={2018},
publisher={Springer International Publishing},
address={Cham},
pages={520--551},
isbn={978-3-319-78372-7},
doi={10.1007/978-3-319-78372-7_17},
}

@InProceedings{beckerJouxMay,
author={Becker, Anja
and Joux, Antoine
and May, Alexander
and Meurer, Alexander},
editor={Pointcheval, David
and Johansson, Thomas},
title={Decoding Random Binary Linear Codes in 2n/20: How 1{\thinspace}+{\thinspace}1{\thinspace}={\thinspace}0 Improves Information Set Decoding},
booktitle={Advances in Cryptology -- EUROCRYPT 2012},
year={2012},
publisher={Springer Berlin Heidelberg},
address={Berlin, Heidelberg},
pages={520--536},
isbn={978-3-642-29011-4},
doi={10.1007/978-3-642-29011-4_31},
}

@inproceedings{KASLRbreak,
author = {Canella, Claudio and Schwarz, Michael and Haubenwallner, Martin and Schwarzl, Martin and Gruss, Daniel},
title = {KASLR: Break It, Fix It, Repeat},
year = {2020},
isbn = {9781450367509},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/3320269.3384747},
doi = {10.1145/3320269.3384747},
abstract = {In this paper, we analyze the hardware-based Meltdown mitigations in recent Intel microarchitectures, revealing that illegally accessed data is only zeroed out. Hence, while non-present loads stall the CPU, illegal loads are still executed. We present EchoLoad, a novel technique to distinguish load stalls from transiently executed loads. EchoLoad allows detecting physically-backed addresses from unprivileged applications, breaking KASLR in 40's on the newest Meltdown- and MDS-resistant Cascade Lake microarchitecture. As EchoLoad only relies on memory loads, it runs in highly-restricted environments, e.g., SGX or JavaScript, making it the first JavaScript-based KASLR break. Based on EchoLoad, we demonstrate the first proof-of-concept Meltdown attack from JavaScript on systems that are still broadly not patched against Meltdown, i.e., 32-bit x86 OSs. We propose FLARE, a generic mitigation against known microarchitectural KASLR breaks with negligible overhead. By mapping unused kernel addresses to a reserved page and mirroring neighboring permission bits, we make used and unused kernel memory indistinguishable, i.e., a uniform behavior across the entire kernel address space, mitigating the root cause behind microarchitectural KASLR breaks. With incomplete hardware mitigations, we propose to deploy FLARE even on recent CPUs.},
booktitle = {Proceedings of the 15th ACM Asia Conference on Computer and Communications Security},
pages = {481–493},
numpages = {13},
keywords = {KASLR, meltdown, countermeasure, side-channel attack, transient execution, reverse engineering},
location = {Taipei, Taiwan},
series = {ASIA CCS '20}
}

@inproceedings{shadowAndStackCanary,
author = {Dang, Thurston H.Y. and Maniatis, Petros and Wagner, David},
title = {The Performance Cost of Shadow Stacks and Stack Canaries},
year = {2015},
isbn = {9781450332453},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/2714576.2714635},
doi = {10.1145/2714576.2714635},
booktitle = {Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security},
pages = {555–566},
numpages = {12},
keywords = {shadow stack, stack cookie, stack canary},
location = {Singapore, Republic of Singapore},
series = {ASIA CCS '15}
}

@inproceedings{keepingRustSafeGaleed,
author = {Rivera, Elijah and Mergendahl, Samuel and Shrobe, Howard and Okhravi, Hamed and Burow, Nathan},
title = {Keeping Safe Rust Safe with Galeed},
year = {2021},
isbn = {9781450385794},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/3485832.3485903},
doi = {10.1145/3485832.3485903},
abstract = { Rust is a programming language that simultaneously offers high performance and strong security guarantees. Safe Rust (i.e., Rust code that does not use the unsafe keyword) is memory and type safe. However, these guarantees are violated when safe Rust interacts with unsafe code, most notably code written in other programming languages, including in legacy C/C++ applications that are incrementally deploying Rust. This is a significant problem as major applications such as Firefox, Chrome, AWS, Windows, and Linux have either deployed Rust or are exploring doing so. It is important to emphasize that unsafe code is not only unsafe itself, but also it breaks the safety guarantees of ‘safe’ Rust; e.g., a dangling pointer in a linked C/C++ library can access and overwrite memory allocated to Rust even when the Rust code is fully safe. This paper presents Galeed, a technique to keep safe Rust safe from interference from unsafe code. Galeed has two components: a runtime defense to prevent unintended interactions between safe Rust and unsafe code and a sanitizer to secure intended interactions. The runtime component works by isolating Rust’s heap from any external access and is enforced using Intel Memory Protection Key (MPK) technology. The sanitizer uses a smart data structure that we call pseudo-pointer along with automated code transformation to avoid passing raw pointers across safe/unsafe boundaries during intended interactions (e.g., when Rust and C++ code exchange data). We implement and evaluate the effectiveness and performance of Galeed via micro- and macro-benchmarking, and use it to secure a widely used component of Firefox.},
booktitle = {Annual Computer Security Applications Conference},
pages = {824–836},
numpages = {13},
location = {Virtual Event, USA},
series = {ACSAC}
}

@inproceedings{heartbleed,
author = {Durumeric, Zakir and Li, Frank and Kasten, James and Amann, Johanna and Beekman, Jethro and Payer, Mathias and Weaver, Nicolas and Adrian, David and Paxson, Vern and Bailey, Michael and Halderman, J. Alex},
title = {The Matter of Heartbleed},
year = {2014},
isbn = {9781450332132},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/2663716.2663755},
doi = {10.1145/2663716.2663755},
booktitle = {Proceedings of the 2014 Conference on Internet Measurement Conference},
pages = {475–488},
numpages = {14},
keywords = {internet-wide scanning, openssl, heartbleed, security},
location = {Vancouver, BC, Canada},
series = {IMC '14},
}

@article{sideChannelsInCrypto,
author = {Lou, Xiaoxuan and Zhang, Tianwei and Jiang, Jun and Zhang, Yinqian},
title = {A Survey of Microarchitectural Side-Channel Vulnerabilities, Attacks, and Defenses in Cryptography},
year = {2021},
issue_date = {July 2022},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
volume = {54},
number = {6},
issn = {0360-0300},
url = {https://doi.org/10.1145/3456629},
doi = {10.1145/3456629},
abstract = {Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems. One popular type of such attacks is the microarchitectural attack, where the adversary exploits the hardware features to break the protection enforced by the operating system and steal the secrets from the program. In this article, we systematize microarchitectural side channels with a focus on attacks and defenses in cryptographic applications. We make three contributions. (1) We survey past research literature to categorize microarchitectural side-channel attacks. Since these are hardware attacks targeting software, we summarize the vulnerable implementations in software, as well as flawed designs in hardware. (2) We identify common strategies to mitigate microarchitectural attacks, from the application, OS, and hardware levels. (3) We conduct a large-scale evaluation on popular cryptographic applications in the real world and analyze the severity, practicality, and impact of side-channel vulnerabilities. This survey is expected to inspire side-channel research community to discover new attacks, and more importantly, propose new defense solutions against them.},
journal = {ACM Comput. Surv.},
month = {jul},
articleno = {122},
numpages = {37},
keywords = {cryptography, Microarchitecture, vulnerability analysis}
}

@article{RustBelt,
author = {Jung, Ralf and Jourdan, Jacques-Henri and Krebbers, Robbert and Dreyer, Derek},
title = {RustBelt: Securing the Foundations of the Rust Programming Language},
year = {2017},
issue_date = {January 2018},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
volume = {2},
number = {POPL},
url = {https://doi.org/10.1145/3158154},
doi = {10.1145/3158154},
abstract = {Rust is a new systems programming language that promises to overcome the seemingly fundamental tradeoff between high-level safety guarantees and low-level control over resource management. Unfortunately, none of Rust's safety claims have been formally proven, and there is good reason to question whether they actually hold. Specifically, Rust employs a strong, ownership-based type system, but then extends the expressive power of this core type system through libraries that internally use unsafe features. In this paper, we give the first formal (and machine-checked) safety proof for a language representing a realistic subset of Rust. Our proof is extensible in the sense that, for each new Rust library that uses unsafe features, we can say what verification condition it must satisfy in order for it to be deemed a safe extension to the language. We have carried out this verification for some of the most important libraries that are used throughout the Rust ecosystem.},
journal = {Proc. ACM Program. Lang.},
month = {dec},
articleno = {66},
numpages = {34},
keywords = {concurrency, logical relations, separation logic, Rust, type systems}
}

@InProceedings{BindelBrendlFischlin,
author={Bindel, Nina
and Brendel, Jacqueline
and Fischlin, Marc
and Goncalves, Brian
and Stebila, Douglas},
editor={Ding, Jintai
and Steinwandt, Rainer},
title={Hybrid Key Encapsulation Mechanisms and Authenticated Key Exchange},
booktitle={Post-Quantum Cryptography},
year={2019},
publisher={Springer International Publishing},
address={Cham},
pages={206--226},
isbn={978-3-030-25510-7},
doi={10.1007/978-3-030-25510-7_12},
}

@Inbook{Coretti2013,
author={Coretti, Sandro
and Maurer, Ueli
and Tackmann, Bj{\"o}rn},
editor={Fischlin, Marc
and Katzenbeisser, Stefan},
title={A Constructive Perspective on Key Encapsulation},
bookTitle={Number Theory and Cryptography: Papers in Honor of Johannes Buchmann on the Occasion of His 60th Birthday},
year={2013},
publisher={Springer Berlin Heidelberg},
address={Berlin, Heidelberg},
pages={226--239},
isbn={978-3-642-42001-6},
doi={10.1007/978-3-642-42001-6_16},
url={https://doi.org/10.1007/978-3-642-42001-6_16},
}

@article{youShouldNtRollOwnCrypto,
  author    = {Jenny Blessing and
               Michael A. Specter and
               Daniel J. Weitzner},
  title     = {You Really Shouldn't Roll Your Own Crypto: An Empirical Study of Vulnerabilities
               in Cryptographic Libraries},
  journal   = {CoRR},
  volume    = {abs/2107.04940},
  year      = {2021},
  url       = {https://arxiv.org/abs/2107.04940},
  eprinttype = {arXiv},
  eprint    = {2107.04940},
  timestamp = {Tue, 20 Jul 2021 15:08:33 +0200},
  biburl    = {https://dblp.org/rec/journals/corr/abs-2107-04940.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org}
}

@article{robertmceliece,
  author       = {Robert J. McEliece},
  title        = {A Public-Key Cryptosystem Based on Algebraic Coding Theory},
  journal      = {Deep
Space Network Progress Report},
  volume       = {44},
  pages        = {114--116},
  publisher    = {
    The Deep Space Network Progress Report},
  year         = {1978},
  Bibcode      = {1978DSNPR..44..114M},
}

@article{NP_berlekamp,  
author={Berlekamp, E. and McEliece, R. and van Tilborg, H.},  journal={IEEE Transactions on Information Theory},   
title={On the inherent intractability of certain coding problems (Corresp.)},   
year={1978},  
volume={24},  
number={3},  
pages={384-386},  
doi={10.1109/TIT.1978.1055873},
}

@article{bstjShannon49,
  author       = {Claude E. Shannon},
  title        = {Communication Theory of Secrecy Systems},
  journal      = {Bell System Technical Journal},
  volume       = {28},
  number       = {4},
  pages        = {657--715},
  publisher    = {Alcatel-Lucent},
  year         = {1949},
  doi          = {10.1002/j.1538-7305.1949.tb00928.x},
}

@article{memsafetyHui,
  author    = {Hui Xu and
               Zhuangbin Chen and
               Mingshen Sun and
               Yangfan Zhou},
  title     = {Memory-Safety Challenge Considered Solved? An Empirical Study with
               All Rust CVEs},
  journal   = {CoRR},
  volume    = {abs/2003.03296},
  year      = {2020},
  url       = {https://arxiv.org/abs/2003.03296},
  eprinttype = {arXiv},
  eprint    = {2003.03296},
  timestamp = {Wed, 13 May 2020 12:45:23 +0200},
  biburl    = {https://dblp.org/rec/journals/corr/abs-2003-03296.bib},
}

@article{goppaVD,
  author       = {V. D. Goppa},
  title        = {A New Class of Linear Correcting Codes},
  journal      = {Problems of Information Transmission},
  volume       = {6},
  number       = {3},
  pages        = {207--212},
  publisher    = {Russian Academy of Sciences - RAS (Rossi\u{\i}skaya Akademiya Nauk - RAN), Institute for Information Transmission Problems, Moscow; Nauka, Moscow},
  year         = {1970},
  url          = {https://zbmath.org/?q=an:0292.94011},
  ISSN = {0555-2923},
}

@article{DBLP:journals/corr/abs-1904-12210,
  author    = {Aditya Saligrama and
               Andrew Shen and
               Jon Gjengset},
  title     = {A Practical Analysis of Rust's Concurrency Story},
  journal   = {CoRR},
  volume    = {abs/1904.12210},
  year      = {2019},
  url       = {http://arxiv.org/abs/1904.12210},
  eprinttype = {arXiv},
  eprint    = {1904.12210},
  timestamp = {Thu, 02 May 2019 15:13:44 +0200},
  biburl    = {https://dblp.org/rec/journals/corr/abs-1904-12210.bib},
  bibsource = {dblp computer science bibliography, https://dblp.org},
  doi = {https://doi.org/10.48550/arXiv.1904.12210},
}

@article{pshor1997,
  author       = {Peter W. Shor},
  title        = {Polynomial-Time Algorithms for Prime Factorization
and Discrete Logarithms on a Quantum Computer},
  journal      = {SIAM Journal on Computing},
  volume       = {26},
  pages        = {1484--1509},
  publisher    = {Alcatel-Lucent},
  year         = {1997},
  doi          = {10.1137/S0097539795293172},
}

@article{jaygrossman,
  author       = {Jay Grossman},
  title        = {Coding theory: Introduction to linear codes and applications},
  journal      = {Insight: Rivier Academic Journal},
  volume       = {4},
  number       = {2},
  pages        = {1--17},
  publisher    = {Rivier College},
  year         = {2008},
  url          = {https://www2.rivier.edu/journal/ROAJ-Fall-2008/J201-Grossman-Coding-Theory.pdf},
}

@misc{understandingGoppaDecoding,
  author       = {Daniel J. Bernstein},
  title        = {Understanding binary-Goppa decoding},
  year         = {2022},
  url = {https://cr.yp.to/papers/goppadecoding-20220320.pdf},
  note         = {Accessed: 31-03-2022},
}

@misc{djb-sort,
  author       = {Daniel J. Bernstein},
  title        = {djbsort is a new software library for sorting arrays of integers or floating-point numbers},
  year         = {2017},
  url = {https://sorting.cr.yp.to/},
  note         = {Accessed: 28-04-2022},
}

@misc{rust_methods,
  title        = {Primitive Type u64 method implementations},
  year         = {2022},
  url = {https://doc.rust-lang.org/std/primitive.u64.html#implementations},
  note         = {Accessed: 14-05-2022},
}

@misc{googleBenchmarkLib,
  author       = {Mircea Trofin},
  title        = {User-Requested Performance Counters},
  year         = {2021},
  url = {https://github.com/google/benchmark/blob/main/docs/perf_counters.md},
  note         = {Accessed: 26-04-2022},
}

@misc{rustBenchmarkLib,
  author       = {Brook Heisler, rust-bus/maintainers},
  title        = {Criterion.rs Statistics-driven Microbenchmarking in Rust},
  year         = {2021},
  url = {https://crates.io/crates/criterion},
  note         = {Accessed: 26-04-2022},
}

@article{bernsteinLange,
  author       = {Daniel J. Bernstein and
                  Tanja Lange and
                  Christiane Peters},
  title        = {Attacking and defending the McEliece cryptosystem},
  journal      = {Post-Quantum Cryptography},
  volume       = {5299},
  number       = {4},
  pages        = {657--715},
  publisher    = {Springer, Berlin, Heidelberg},
  year         = {2008},
  doi          = {https://doi.org/10.1007/978-3-540-88403-3_3},
}

@article{engelbertOverbeckSchmidt,
  author       = {D. Engelbert, R. Overbeck and A. Schmidt},
  title        = {A Summary of McEliece-Type Cryptosystems and their Security},
  journal      = {Journal of Mathematical Cryptology},
  volume       = {1},
  number       = {2},
  pages        = {151--199},
  publisher    = {De Gruyter},
  year         = {2007},
  doi          = {https://doi.org/10.1515/JMC.2007.009},
}

@article{niederreiter,
  author       = {H. Niederreiter},
  title        = {Knapsack-type cryptosystems and algebraic coding theory},
  journal      = {Problems of Control and Information Theory},
  volume       = {15},
  number       = {2},
  pages        = {159--166},
  publisher    = {De Gruyter},
  year         = {1986},
  url          = {http://real-j.mtak.hu/7997/1/MTA_ProblemsOfControl_15.pdf},
}

@misc{cryptoeprint:2002:174,
    author       = {Alexander W. Dent},
    title        = {A  Designer's Guide to KEMs},
    howpublished = {Cryptology ePrint Archive, Report 2002/174, last revised 31 Oct 2005},
    year         = {2005},
    url         = {https://eprint.iacr.org/2002/174/20051031:161821},
}

@misc{classicMcElieceSubmission3,
    author       = {Martin R. Albrecht and Daniel J. Bernstein and  Tung Chou and Carlos Cid and Jan Gilcher and Tanja Lange and Varun Maram and Ingo von Maurich and Rafael Misoczki and Ruben Niederhagen and Kenneth G. Paterson and Edoardo Persichetti and Christiane Peters and Peter Schwabe and Nicolas Sendrier and Jakub Szefer and Cen Jung Tjhai and Martin Tomlinson and Wen Wang},
    title        = {Classic McEliece: NIST submission},
    howpublished = {\url{https://classic.mceliece.org/nist/mceliece-20201010.pdf}},
    note         = {Accessed: 07-03-2022},
}

@misc{mitreTop25CVE,
    author = {Mitre},
    title        = {2021 CWE Top 25 Most Dangerous Software Weaknesses},
    howpublished = {\url{https://cwe.mitre.org/top25/archive/2021/2021_cwe_top25.html}},
    note         = {Accessed: 01-04-2022},
}

@misc{nistPQCcompetitionAnnounce,
    author       = {Kevin Kimball},
    title        = {Announcing Request for Nominations for Public-Key Post-Quantum Cryptographic Algorithms},
    howpublished = {Federal Register Archive, Document citation 81 FR 92787},
    year         = {2016},
    document-number = {2016-30615},
    url         = {https://www.federalregister.gov/documents/2016/12/20/2016-30615/announcing-request-for-nominations-for-public-key-post-quantum-cryptographic-algorithms},
}

@misc{nistRound2summary,
    author       = {Gorjan Alagic and Jacob Alperin-Sheriff and Daniel Apon and David Cooper and Quynh Dang and John Kelsey and Yi-Kai Liu and Carl Miller and Dustin Moody and Rene Peralta and Ray Perlner and Angela Robinson and Daniel Smith-Tone},
    title        = {Status Report on the Second Round of
the NIST Post-Quantum Cryptography
Standardization Process},
    howpublished = {https://csrc.nist.gov/publications/detail/nistir/8309/final},
    year         = {2020},
    document-number = {Internal Report 8309},
    url         = {https://nvlpubs.nist.gov/nistpubs/ir/2020/NIST.IR.8309.pdf},
    doi = {https://doi.org/10.6028/NIST.IR.8309},
}