Lin Hsin Hsin Quantum Security Center






Lattice-Based Cryptography
Failures & Weaknesses Timeline



🚩
💥


      🥊






Chronological Failure Table
Click headers to sort. Data organized by most recent failures first
Year Scheme / Event Weakness Type Impact Severity Details
2023 KyberSlash (Kyber/ML-KEM) Timing Attack (Division) Critical (Key Leak) Secret-dependent division timings in decapsulation allowed key recovery. Patched Dec 2023
2022 FrodoKEM (NIST Round 3) Performance / Parameter Flaw High (Discarded) Daniel J Bernstein revealed FrodoKEM640 security margin flaws. Discarded due to low performance
2019 Ideal Lattice Variants Algebraic Structure Weakness Moderate (Theoretical) Research (CDW17) confirmed ideal lattices weaker than generic lattices. Shift to Module-LWE.
2014 Ideal Lattices (Generic) Subfield-Logarithm Attack Moderate (Theoretical) Bernstein demonstrated structural weaknesses in power-of-2 cyclotomic fields
2006 GGH Signature Scheme Parallelepiped-Learning Attack Total Break Nguyen & Regev fully broke the signature scheme, recovering secret key from multiple signatures
1999 GGH Encryption Scheme Design Flaw (CVP) Total Break Phong Q Nguyen published critical flaw. Scheme leaked private key info. Now obsolete
Latice-based Cryptography by Case