{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,5]],"date-time":"2026-05-05T07:01:12Z","timestamp":1777964472126,"version":"3.51.4"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030997656","type":"print"},{"value":"9783030997663","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-030-99766-3_11","type":"book-chapter","created":{"date-parts":[[2022,3,25]],"date-time":"2022-03-25T18:20:19Z","timestamp":1648232419000},"page":"236-256","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["Systematic Study of\u00a0Decryption and\u00a0Re-encryption Leakage: The Case of\u00a0Kyber"],"prefix":"10.1007","author":[{"given":"Melissa","family":"Azouaoui","sequence":"first","affiliation":[]},{"given":"Olivier","family":"Bronchain","sequence":"additional","affiliation":[]},{"given":"Cl\u00e9ment","family":"Hoffmann","sequence":"additional","affiliation":[]},{"given":"Yulia","family":"Kuzovkova","sequence":"additional","affiliation":[]},{"given":"Tobias","family":"Schneider","sequence":"additional","affiliation":[]},{"given":"Fran\u00e7ois-Xavier","family":"Standaert","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,3,26]]},"reference":[{"key":"11_CR1","doi-asserted-by":"crossref","unstructured":"Alagic, G., et al.: Status report on the first round of the NIST post-quantum cryptography standardization process. National Institute of Standards and Technology (2019)","DOI":"10.6028\/NIST.IR.8240"},{"key":"11_CR2","unstructured":"Avanzi, R., et al.: CRYSTALS-Kyber algorithm specifications and supporting documentation. NIST PQC Round, vol. 3, p. 4 (2019)"},{"key":"11_CR3","unstructured":"Basso, A., et al.: Saber algorithm specifications and supporting documentation. NIST PQC Round, vol. 3, p. 44 (2019)"},{"key":"11_CR4","doi-asserted-by":"crossref","unstructured":"Van Beirendonck, M., D\u2019Anvers, J.-P., Karmakar, A., Balasch, J., Verbauwhede, I.: A side-channel-resistant implementation of SABER. ACM J. Emerg. Technol. Comput. Syst. 17(2), 10:1\u201310:26 (2021)","DOI":"10.1145\/3429983"},{"key":"11_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"369","DOI":"10.1007\/978-3-030-56784-2_13","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"D Bellizia","year":"2020","unstructured":"Bellizia, D., et al.: Mode-level vs. implementation-level physical security in symmetric cryptography. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12170, pp. 369\u2013400. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56784-2_13"},{"key":"11_CR6","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: The keccak reference (2011)"},{"issue":"4","key":"11_CR7","doi-asserted-by":"publisher","first-page":"173","DOI":"10.46586\/tches.v2021.i4.173-214","volume":"2021","author":"JW Bos","year":"2021","unstructured":"Bos, J.W., Gourjon, M., Renes, J., Schneider, T., van Vredendaal, C.: Masking kyber: first- and higher-order implementations. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(4), 173\u2013214 (2021)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"issue":"3","key":"11_CR8","doi-asserted-by":"publisher","first-page":"202","DOI":"10.46586\/tches.v2021.i3.202-234","volume":"2021","author":"O Bronchain","year":"2021","unstructured":"Bronchain, O., Standaert, F.-X.: Breaking masked implementations with many shares on 32-bit software platforms or when the security order does not matter. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(3), 202\u2013234 (2021)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"11_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"398","DOI":"10.1007\/3-540-48405-1_26","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 99","author":"S Chari","year":"1999","unstructured":"Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398\u2013412. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48405-1_26"},{"key":"11_CR10","doi-asserted-by":"publisher","first-page":"297","DOI":"10.1090\/S0025-5718-1965-0178586-1","volume":"19","author":"JW Cooley","year":"1965","unstructured":"Cooley, J.W., Tukey, J.W.: An algorithm for the machine calculation of complex fourier series. Math. Comput. 19, 297\u2013301 (1965)","journal-title":"Math. Comput."},{"issue":"2","key":"11_CR11","doi-asserted-by":"publisher","first-page":"49","DOI":"10.46586\/tches.v2019.i2.49-79","volume":"2019","author":"E de Ch\u00e9risey","year":"2019","unstructured":"de Ch\u00e9risey, E., Guilley, S., Rioul, O., Piantanida, P.: Best information is most successful mutual information and success rate in side-channel analysis. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 49\u201379 (2019)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"11_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"423","DOI":"10.1007\/978-3-642-55220-5_24","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"A Duc","year":"2014","unstructured":"Duc, A., Dziembowski, S., Faust, S.: Unifying leakage models: from probing attacks to noisy leakage. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 423\u2013440. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-642-55220-5_24"},{"key":"11_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"401","DOI":"10.1007\/978-3-662-46800-5_16","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"A Duc","year":"2015","unstructured":"Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 401\u2013429. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_16"},{"key":"11_CR14","doi-asserted-by":"crossref","unstructured":"Fritzmann, T., et al.: Masked accelerators and instruction set extensions for post-quantum cryptography. IACR Cryptology ePrint Archive, p. 479 (2021)","DOI":"10.46586\/tches.v2022.i1.414-460"},{"key":"11_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"537","DOI":"10.1007\/3-540-48405-1_34","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 99","author":"E Fujisaki","year":"1999","unstructured":"Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537\u2013554. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48405-1_34"},{"key":"11_CR16","doi-asserted-by":"crossref","unstructured":"Gentleman, W.M., Sande, G.: Fast fourier transforms: for fun and profit. In: American Federation of Information Processing Societies: Proceedings of the AFIPS 1966 Fall Joint Computer Conference, San Francisco, California, USA, 7\u201310 November 1966. AFIPS Conference Proceedings, vol. 29, pp. 563\u2013578. AFIPS\/ACM\/Spartan Books, Washington D.C. (1966)","DOI":"10.1145\/1464291.1464352"},{"key":"11_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"385","DOI":"10.1007\/978-3-319-78375-8_13","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"V Grosso","year":"2018","unstructured":"Grosso, V., Standaert, F.-X.: Masking proofs are tight and how to exploit it in security evaluations. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 385\u2013412. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78375-8_13"},{"issue":"4","key":"11_CR18","doi-asserted-by":"publisher","first-page":"209","DOI":"10.46586\/tches.v2020.i4.209-238","volume":"2020","author":"Q Guo","year":"2020","unstructured":"Guo, Q., Grosso, V., Standaert, F.-X., Bronchain, O.: Modeling soft analytical side-channel attacks from a coding theory viewpoint. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(4), 209\u2013238 (2020)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"11_CR19","unstructured":"Heinz, D., Kannwischer, M.J., Land, G., P\u00f6ppelmann, T., Schwabe, P., Sprenkels, D.: First-order masked kyber on ARM cortex-M4 (work in progress) (2021)"},{"key":"11_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1007\/978-3-319-70500-2_12","volume-title":"Theory of Cryptography","author":"D Hofheinz","year":"2017","unstructured":"Hofheinz, D., H\u00f6velmanns, K., Kiltz, E.: A modular analysis of the Fujisaki-Okamoto transformation. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10677, pp. 341\u2013371. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70500-2_12"},{"key":"11_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"208","DOI":"10.1007\/978-3-030-57808-4_11","volume-title":"Applied Cryptography and Network Security","author":"L Huguenin-Dumittan","year":"2020","unstructured":"Huguenin-Dumittan, L., Vaudenay, S.: Classical misuse attacks on NIST round 2 PQC. In: Conti, M., Zhou, J., Casalicchio, E., Spognardi, A. (eds.) ACNS 2020. LNCS, vol. 12146, pp. 208\u2013227. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-57808-4_11"},{"key":"11_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"463","DOI":"10.1007\/978-3-540-45146-4_27","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"Y Ishai","year":"2003","unstructured":"Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463\u2013481. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45146-4_27"},{"issue":"3","key":"11_CR23","doi-asserted-by":"publisher","first-page":"565","DOI":"10.1007\/s10623-014-9938-4","volume":"75","author":"A Langlois","year":"2014","unstructured":"Langlois, A., Stehl\u00e9, D.: Worst-case to average-case reductions for module lattices. Des. Codes Crypt. 75(3), 565\u2013599 (2014). https:\/\/doi.org\/10.1007\/s10623-014-9938-4","journal-title":"Des. Codes Crypt."},{"issue":"2","key":"11_CR24","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1049\/iet-ifs.2010.0096","volume":"5","author":"S Mangard","year":"2011","unstructured":"Mangard, S., Oswald, E., Standaert, F.-X.: One for all - all for one: unifying standard differential power analysis attacks. IET Inf. Secur. 5(2), 100\u2013110 (2011)","journal-title":"IET Inf. Secur."},{"issue":"4","key":"11_CR25","doi-asserted-by":"publisher","first-page":"676","DOI":"10.46586\/tches.v2021.i4.676-707","volume":"2021","author":"K Ngo","year":"2021","unstructured":"Ngo, K., Dubrova, E., Guo, Q., Johansson, T.: A side-channel attack on a masked IND-CCA secure saber KEM implementation. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(4), 676\u2013707 (2021)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"11_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"130","DOI":"10.1007\/978-3-030-30530-7_7","volume-title":"Progress in Cryptology \u2013 LATINCRYPT 2019","author":"P Pessl","year":"2019","unstructured":"Pessl, P., Primas, R.: More practical single-trace attacks on the number theoretic transform. In: Schwabe, P., Th\u00e9riault, N. (eds.) LATINCRYPT 2019. LNCS, vol. 11774, pp. 130\u2013149. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-30530-7_7"},{"key":"11_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"513","DOI":"10.1007\/978-3-319-66787-4_25","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2017","author":"R Primas","year":"2017","unstructured":"Primas, R., Pessl, P., Mangard, S.: Single-trace side-channel attacks on masked lattice-based encryption. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 513\u2013533. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66787-4_25"},{"key":"11_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1007\/978-3-642-38348-9_9","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"E Prouff","year":"2013","unstructured":"Prouff, E., Rivain, M.: Masking against side-channel attacks: a formal security proof. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 142\u2013159. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_9"},{"key":"11_CR29","doi-asserted-by":"crossref","unstructured":"Ravi, P., Roy, S.S., Chattopadhyay, A., Bhasin, S.: Generic side-channel attacks on CCA-secure lattice-based PKE and KEMs. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(3), 307\u2013335 (2020)","DOI":"10.46586\/tches.v2020.i3.307-335"},{"key":"11_CR30","unstructured":"Standaert, F.-X.: Towards and open approach to secure cryptographic implementations (invited talk). In: EUROCRYPT I. LNCS, vol. 11476, p. xv (2019). https:\/\/www.youtube.com\/watch?v=KdhrsuJT1sE"},{"key":"11_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"443","DOI":"10.1007\/978-3-642-01001-9_26","volume-title":"Advances in Cryptology - EUROCRYPT 2009","author":"F-X Standaert","year":"2009","unstructured":"Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443\u2013461. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-01001-9_26"},{"key":"11_CR32","doi-asserted-by":"crossref","unstructured":"Ueno, R., Xagawa, K., Tanaka, Y., Ito, A., Takahashi, J., Homma, N.: Curse of re-encryption: a generic power\/EM analysis on post-quantum KEMs. IACR Cryptology ePrint Archive, p. 849 (2021)","DOI":"10.46586\/tches.v2022.i1.296-322"},{"key":"11_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1007\/978-3-662-45611-8_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"N Veyrat-Charvillon","year":"2014","unstructured":"Veyrat-Charvillon, N., G\u00e9rard, B., Standaert, F.-X.: Soft analytical side-channel attacks. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 282\u2013296. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_15"},{"key":"11_CR34","unstructured":"Xu, Z., Pemberton, O., Roy, S.S., Oswald, D.F.: Magnifying side-channel leakage of lattice-based cryptosystems with chosen ciphertexts: the case study of kyber. IACR Cryptol. ePrint Arch. 2020, 912 (2020)"}],"container-title":["Lecture Notes in Computer Science","Constructive Side-Channel Analysis and Secure Design"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-99766-3_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,4,5]],"date-time":"2022-04-05T23:05:12Z","timestamp":1649199912000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-99766-3_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783030997656","9783030997663"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-99766-3_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"26 March 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"COSADE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Constructive Side-Channel Analysis and Secure Design","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Leuven","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Belgium","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 April 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 April 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cosade2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.cosade.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"25","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"48% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}