{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T10:35:06Z","timestamp":1742985306860,"version":"3.40.3"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030236953"},{"type":"electronic","value":"9783030236960"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-23696-0_12","type":"book-chapter","created":{"date-parts":[[2019,7,1]],"date-time":"2019-07-01T23:23:13Z","timestamp":1562023393000},"page":"229-249","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Reducing the Cost of Authenticity with Leakages: a $$\\mathsf {CIML2}$$-Secure $$\\mathsf {AE}$$ Scheme with One Call to a Strongly Protected Tweakable Block Cipher"],"prefix":"10.1007","author":[{"given":"Francesco","family":"Berti","sequence":"first","affiliation":[]},{"given":"Olivier","family":"Pereira","sequence":"additional","affiliation":[]},{"given":"Fran\u00e7ois-Xavier","family":"Standaert","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,6,29]]},"reference":[{"key":"12_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"622","DOI":"10.1007\/978-3-662-49890-3_24","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"MR Albrecht","year":"2016","unstructured":"Albrecht, M.R., Paterson, K.G.: Lucky Microseconds: A Timing Attack on Amazon\u2019s s2n Implementation of TLS. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part I. LNCS, vol. 9665, pp. 622\u2013643. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49890-3_24"},{"key":"12_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"105","DOI":"10.1007\/978-3-662-45611-8_6","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"E Andreeva","year":"2014","unstructured":"Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Mouha, N., Yasuda, K.: How to securely release unverified plaintext in authenticated encryption. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part I. LNCS, vol. 8873, pp. 105\u2013125. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_6"},{"key":"12_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-319-63697-9_1","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"T Ashur","year":"2017","unstructured":"Ashur, T., Dunkelman, O., Luykx, A.: Boosting authenticated encryption robustness with minimal modifications. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part III. LNCS, vol. 10403, pp. 3\u201333. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63697-9_1"},{"key":"12_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"693","DOI":"10.1007\/978-3-319-70694-8_24","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"G Barwell","year":"2017","unstructured":"Barwell, G., Martin, D.P., Oswald, E., Stam, M.: Authenticated encryption in the face of protocol and side channel leakage. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017, Part I. LNCS, vol. 10624, pp. 693\u2013723. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70694-8_24"},{"key":"12_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1007\/978-3-319-27239-9_6","volume-title":"Cryptography and Coding","author":"G Barwell","year":"2015","unstructured":"Barwell, G., Page, D., Stam, M.: Rogue decryption failures: reconciling AE robustness notions. In: Groth, J. (ed.) IMACC 2015. LNCS, vol. 9496, pp. 94\u2013111. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-27239-9_6"},{"key":"12_CR6","unstructured":"Bellare, M.: Symmetric ecryption revised. Technical report (2018). https:\/\/spotniq.files.wordpress.com\/2018\/07\/spotniq18-se-revisited.pdf"},{"key":"12_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1007\/BFb0055718","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201998","author":"M Bellare","year":"1998","unstructured":"Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26\u201345. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0055718"},{"key":"12_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"531","DOI":"10.1007\/3-540-44448-3_41","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 2000","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531\u2013545. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-44448-3_41"},{"key":"12_CR9","doi-asserted-by":"crossref","unstructured":"Bellizia, D., Berti, F., Bronchain, O., Cassiers, G., Duval, S., Guo, C., Leander, G., Leurent, G., Levi, I., Momin, C., Pereira, O., Peters, T., Standaert, F.-X., Wiemer, F.: Spook: sponge-based leakage-resilient authenticated encryption with a masked tweakable block cipher (2019). https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/Lightweight-Cryptography\/documents\/round-1\/spec-doc\/Spook-spec.pdf","DOI":"10.46586\/tosc.v2020.iS1.295-349"},{"key":"12_CR10","doi-asserted-by":"crossref","unstructured":"Berti, F., Guo, C., Pereira, O., Peters, T., Standaert, F.-X.: TEDT, a leakage-resilient AEAD mode for high (physical) security applications. Cryptology ePrint Archive, Report 2019\/137 (2019)","DOI":"10.46586\/tches.v2020.i1.256-320"},{"key":"12_CR11","doi-asserted-by":"crossref","unstructured":"Berti, F., Koeune, F., Pereira, O., Peters, T., Standaert, F.-X.: Ciphertext integrity with misuse and leakage: definition and efficient constructions with symmetric primitives. In: AsiaCCS 2018, pp. 37\u201350 (2018)","DOI":"10.1145\/3196494.3196525"},{"key":"12_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"70","DOI":"10.1007\/978-3-030-05378-9_4","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2018","author":"F Berti","year":"2018","unstructured":"Berti, F., Pereira, O., Peters, T.: Reconsidering generic composition: the tag-then-encrypt case. In: Chakraborty, D., Iwata, T. (eds.) INDOCRYPT 2018. LNCS, vol. 11356, pp. 70\u201390. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-05378-9_4"},{"key":"12_CR13","doi-asserted-by":"crossref","unstructured":"Berti, F., Pereira, O., Peters, T., Standaert, F.-X.: On leakage-resilient authenticated encryption with decryption leakages. IACR Transactions on Symmetric Cryptology 2017(3), pp. 271\u2013293 (2017)","DOI":"10.46586\/tosc.v2017.i3.271-293"},{"key":"12_CR14","doi-asserted-by":"crossref","unstructured":"Berti, F., Pereira, O., Standaert, F.-X.: Reducing the cost of authenticity with leakages: a CIML2-secure AE scheme with one call to a strongly protected tweakable block cipher. Cryptology ePrint Archive, Report 2019\/451 (2019).https:\/\/eprint.iacr.org\/2019\/451","DOI":"10.1007\/978-3-030-23696-0_12"},{"key":"12_CR15","unstructured":"Bertoni, G., Daemen, J., Peters, M., Van Assche, G., Van Keer, R.: CAESAR submission: Ketje v2. Technical report (2016)"},{"key":"12_CR16","doi-asserted-by":"crossref","unstructured":"Dobraunig, C., Eichlseder, M., Mangard, S., Mendel, F., Unterluggauer, T.: ISAP - towards side-channel secure authenticated encryption. Transactions on Symmetric Cryptology 2017(1), pp. 80\u2013105 (2017)","DOI":"10.46586\/tosc.v2017.i1.80-105"},{"key":"12_CR17","doi-asserted-by":"crossref","unstructured":"Dobraunig, C., Mennink, B.: Leakage resilience of the duplex construction. IACR Cryptology ePrint Archive 2019, p. 225 (2019)","DOI":"10.1007\/978-3-030-34618-8_8"},{"key":"12_CR18","doi-asserted-by":"crossref","unstructured":"Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: FOCS 2008, pp. 293\u2013302 (2008)","DOI":"10.1109\/FOCS.2008.56"},{"key":"12_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"567","DOI":"10.1007\/978-3-319-56620-7_20","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","author":"D Goudarzi","year":"2017","unstructured":"Goudarzi, D., Rivain, M.: How fast can higher-order masking be in software? In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 567\u2013597. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56620-7_20"},{"key":"12_CR20","unstructured":"Guo, C., Pereira, O., Peters, T., Standaert, F.-X.: Leakage-resilient authenticated encryption with misuse in the leveled leakage setting: Definitions, separation results, and constructions. Cryptology ePrint Archive, Report 2018\/484 (2018)"},{"key":"12_CR21","unstructured":"Guo, C., Pereira, O., Peters, T., Standaert, F.-X.: Towards lightweight side-channel security and the leakage-resilience of the duplex sponge (2019)"},{"key":"12_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"210","DOI":"10.1007\/11799313_14","volume-title":"Fast Software Encryption","author":"S Hirose","year":"2006","unstructured":"Hirose, S.: Some plausible constructions of double-block-length hash functions. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 210\u2013225. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11799313_14"},{"key":"12_CR23","unstructured":"IETF: The transport layer security (TLS) protocol version 1.3 draft-ietf-tls-tls13-28. Technical report (2018). https:\/\/tools.ietf.org\/html\/draft-ietf-tls-tls13-28"},{"key":"12_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"623","DOI":"10.1007\/978-3-319-66787-4_30","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2017","author":"A Journault","year":"2017","unstructured":"Journault, A., Standaert, F.-X.: Very high order masking: efficient implementation and security evaluation. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 623\u2013643. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66787-4_30"},{"key":"12_CR25","doi-asserted-by":"crossref","DOI":"10.1201\/b17668","volume-title":"Introduction to Modern Cryptography","author":"J Katz","year":"2014","unstructured":"Katz, J., Lindell, Y.: Introduction to Modern Cryptography, 2nd edn. CRC Press, Boca Raton (2014)","edition":"2"},{"key":"12_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"284","DOI":"10.1007\/3-540-44706-7_20","volume-title":"Fast Software Encryption","author":"J Katz","year":"2001","unstructured":"Katz, J., Yung, M.: Unforgeable encryption and chosen ciphertext secure modes of operation. In: Goos, G., Hartmanis, J., van Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 284\u2013299. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44706-7_20"},{"key":"12_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"388","DOI":"10.1007\/3-540-48405-1_25","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 99","author":"P Kocher","year":"1999","unstructured":"Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388\u2013397. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48405-1_25"},{"key":"12_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-45708-9_3","volume-title":"Advances in Cryptology \u2014 CRYPTO 2002","author":"M Liskov","year":"2002","unstructured":"Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31\u201346. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45708-9_3"},{"key":"12_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"620","DOI":"10.1007\/978-3-662-48324-4_31","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2015","author":"J Longo","year":"2015","unstructured":"Longo, J., De Mulder, E., Page, D., Tunstall, M.: SoC it to EM: electromagnetic side-channel attacks on a complex system-on-chip. In: G\u00fcneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 620\u2013640. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-48324-4_31"},{"key":"12_CR30","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-38162-6","volume-title":"Power Analysis Attacks","author":"S Mangard","year":"2007","unstructured":"Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks. Springer, Boston, MA (2007). https:\/\/doi.org\/10.1007\/978-0-387-38162-6"},{"issue":"2","key":"12_CR31","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1049\/iet-ifs.2010.0096","volume":"5","author":"S Mangard","year":"2011","unstructured":"Mangard, S., Oswald, E., Standaert, F.-X.: One for all - all for one: unifying standard differential power analysis attacks. IET Inf. Secur. 5(2), 100\u2013110 (2011)","journal-title":"IET Inf. Secur."},{"key":"12_CR32","doi-asserted-by":"crossref","unstructured":"Pereira, O., Standaert, F.-X., Vivek, S.: Leakage-resilient authentication and encryption from symmetric cryptographic primitives. In: ACM CCS 2015, pp. 96\u2013108 (2015)","DOI":"10.1145\/2810103.2813626"},{"key":"12_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1007\/978-3-642-40041-4_19","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"F-X Standaert","year":"2013","unstructured":"Standaert, F.-X., Pereira, O., Yu, Y.: Leakage-resilient symmetric cryptography under empirically verifiable assumptions. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 335\u2013352. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40041-4_19"}],"container-title":["Lecture Notes in Computer Science","Progress in Cryptology \u2013 AFRICACRYPT 2019"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-23696-0_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,12]],"date-time":"2024-03-12T16:25:00Z","timestamp":1710260700000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-23696-0_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030236953","9783030236960"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-23696-0_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"29 June 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"AFRICACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Cryptology in Africa","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Rabat","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Morocco","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 July 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 July 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"africacrypt2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/africacrypt2019.aui.ma\/index.php","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"53","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"22","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"42% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4.5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}