“…For the final round, in addition to key selection criterion such as classical security, theoretical PQ security guarantees, implementation cost and performance; resistance against active and passive implementation attacks, one of the most important criteria [28]. Several authors have reported physical attacks on structured lattice-based schemes through exploitation of a number of side-channels such as power [1,11,31,33,35,37,50], electromagnetic emissions [18], cache timing [21,32] and induced faults [8,10,17,34,37,38,40,47,49].…”