{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,23]],"date-time":"2026-01-23T10:44:44Z","timestamp":1769165084177,"version":"3.49.0"},"publisher-location":"Cham","reference-count":62,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031643804","type":"print"},{"value":"9783031643811","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-64381-1_12","type":"book-chapter","created":{"date-parts":[[2024,7,2]],"date-time":"2024-07-02T23:01:56Z","timestamp":1719961316000},"page":"260-281","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Side-Channel Analysis of\u00a0Arithmetic Encodings for\u00a0Post-Quantum Cryptography: Cautionary Notes with\u00a0Application to\u00a0Kyber"],"prefix":"10.1007","author":[{"given":"Duy\u00ean","family":"Pay","sequence":"first","affiliation":[]},{"given":"Fran\u00e7ois-Xavier","family":"Standaert","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,7,3]]},"reference":[{"issue":"4","key":"12_CR1","doi-asserted-by":"publisher","first-page":"58","DOI":"10.46586\/tches.v2023.i4.58-79","volume":"2023","author":"M Azouaoui","year":"2023","unstructured":"Azouaoui, M., et al.: Protecting dilithium against leakage revisited sensitivity analysis and improved implementations. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2023(4), 58\u201379 (2023)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"12_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1007\/978-3-030-99766-3_11","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"M Azouaoui","year":"2022","unstructured":"Azouaoui, M., Bronchain, O., Hoffmann, C., Kuzovkova, Y., Schneider, T., Standaert, F.-X.: Systematic study of decryption and re-encryption leakage: the case of Kyber. In: Balasch, J., O\u2019Flynn, C. (eds.) COSADE 2022. LNCS, vol. 13211, pp. 236\u2013256. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-030-99766-3_11"},{"key":"12_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1007\/978-3-319-16763-3_5","volume-title":"Smart Card Research and Advanced Applications","author":"J Balasch","year":"2015","unstructured":"Balasch, J., Gierlichs, B., Grosso, V., Reparaz, O., Standaert, F.-X.: On the cost of lazy engineering for masked software implementations. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 64\u201381. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-16763-3_5"},{"key":"12_CR4","doi-asserted-by":"publisher","unstructured":"B\u00e9guinot, J., et al.: Removing the field size loss from Duc et al.\u2019s conjectured bound for masked encodings. In: Kavun, E.B., Pehl, M. (eds.) Constructive Side-Channel Analysis and Secure Design. COSADE 2023. LNCS, vol. 13979, pp. 86\u2013104. Springer, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-29497-6_5","DOI":"10.1007\/978-3-031-29497-6_5"},{"key":"12_CR5","doi-asserted-by":"crossref","unstructured":"Beirendonck, M.V., D\u2019anvers, J.P., Karmakar, A., Balasch, J., Verbauwhede, I.: A side-channel-resistant implementation of SABER. ACM J. Emerg. Technol. Comput. Syst. 17(2), 10:1\u201310:26 (2021)","DOI":"10.1145\/3429983"},{"issue":"3","key":"12_CR6","doi-asserted-by":"publisher","first-page":"275","DOI":"10.46586\/tches.v2021.i3.275-297","volume":"2021","author":"M Van Beirendonck","year":"2021","unstructured":"Van Beirendonck, M., D\u2019Anvers, J.-P., Verbauwhede, I.: Analysis and comparison of table-based arithmetic to Boolean masking. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(3), 275\u2013297 (2021)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"12_CR7","doi-asserted-by":"crossref","unstructured":"Berzati, A., Viera, A.C., Chartouny, M., Madec, S., Vergnaud, D., Vigilant, D.: Exploiting intermediate value leakage in dilithium: a template-based approach. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2023(4), 188\u2013210 (2023)","DOI":"10.46586\/tches.v2023.i4.188-210"},{"issue":"2","key":"12_CR8","doi-asserted-by":"publisher","first-page":"22","DOI":"10.46586\/tches.v2018.i2.22-45","volume":"2018","author":"L Bettale","year":"2018","unstructured":"Bettale, L., Coron, J.-S., Zeitoun, R.: Improved high-order conversion from Boolean to arithmetic masking. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(2), 22\u201345 (2018)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"issue":"4","key":"12_CR9","doi-asserted-by":"publisher","first-page":"173","DOI":"10.46586\/tches.v2021.i4.173-214","volume":"2021","author":"JW Bos","year":"2021","unstructured":"Bos, J.W., Gourjon, M., Renes, J., Schneider, T., van Vredendaal, C.: Masking Kyber: first- and higher-order implementations. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(4), 173\u2013214 (2021)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"issue":"4","key":"12_CR10","doi-asserted-by":"publisher","first-page":"553","DOI":"10.46586\/tches.v2022.i4.553-588","volume":"2022","author":"O Bronchain","year":"2022","unstructured":"Bronchain, O., Cassiers, G.: Bitslicing arithmetic\/Boolean masking conversions for fun and profit with application to lattice-based KEMs. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2022(4), 553\u2013588 (2022)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"12_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"713","DOI":"10.1007\/978-3-030-26948-7_25","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"O Bronchain","year":"2019","unstructured":"Bronchain, O., Hendrickx, J.M., Massart, C., Olshevsky, A., Standaert, F.-X.: Leakage certification revisited: bounding model errors in side-channel security evaluations. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 713\u2013737. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26948-7_25"},{"issue":"3","key":"12_CR12","doi-asserted-by":"publisher","first-page":"202","DOI":"10.46586\/tches.v2021.i3.202-234","volume":"2021","author":"O Bronchain","year":"2021","unstructured":"Bronchain, O., Standaert, F.-X.: Breaking masked implementations with many shares on 32-bit software platforms or when the security order does not matter. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(3), 202\u2013234 (2021)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"12_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"398","DOI":"10.1007\/3-540-48405-1_26","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 99","author":"S Chari","year":"1999","unstructured":"Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398\u2013412. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48405-1_26"},{"issue":"1","key":"12_CR14","first-page":"153","volume":"2023","author":"J-S Coron","year":"2023","unstructured":"Coron, J.-S., G\u00e9rard, F., Montoya, S., Zeitoun, R.: High-order polynomial comparison and masking lattice-based encryption. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2023(1), 153\u2013192 (2023)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"issue":"4","key":"12_CR15","doi-asserted-by":"publisher","first-page":"110","DOI":"10.46586\/tches.v2023.i4.110-145","volume":"2023","author":"J-S Coron","year":"2023","unstructured":"Coron, J.-S., G\u00e9rard, F., Trannoy, M., Zeitoun, R.: Improved gadgets for the high-order masking of dilithium. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2023(4), 110\u2013145 (2023)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"12_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-642-29912-4_6","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"J-S Coron","year":"2012","unstructured":"Coron, J.-S., Giraud, C., Prouff, E., Renner, S., Rivain, M., Vadnala, P.K.: Conversion of security proofs from one leakage model to another: a new issue. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 69\u201381. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29912-4_6"},{"key":"12_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/3-540-44499-8_18","volume-title":"Cryptographic Hardware and Embedded Systems \u2014 CHES 2000","author":"J-S Coron","year":"2000","unstructured":"Coron, J.-S., Goubin, L.: On Boolean and arithmetic masking against differential power analysis. In: Ko\u00e7, \u00c7.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 231\u2013237. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-44499-8_18"},{"key":"12_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"130","DOI":"10.1007\/978-3-662-48116-5_7","volume-title":"Fast Software Encryption","author":"J-S Coron","year":"2015","unstructured":"Coron, J.-S., Gro\u00dfsch\u00e4dl, J., Tibouchi, M., Vadnala, P.K.: Conversion from arithmetic to Boolean masking with logarithmic complexity. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 130\u2013149. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-48116-5_7"},{"key":"12_CR19","doi-asserted-by":"publisher","unstructured":"D\u2019Anvers, J.P.: One-hot conversion: towards faster table-based A2B conversion. In: Hazay, C., Stam, M. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2023. EUROCRYPT 2023. LNCS, vol. 14007, pp. 628\u2013657. Springer, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-30634-1_21","DOI":"10.1007\/978-3-031-30634-1_21"},{"key":"12_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"423","DOI":"10.1007\/978-3-642-55220-5_24","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"A Duc","year":"2014","unstructured":"Duc, A., Dziembowski, S., Faust, S.: Unifying leakage models: from probing attacks to noisy leakage. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 423\u2013440. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-642-55220-5_24"},{"key":"12_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"401","DOI":"10.1007\/978-3-662-46800-5_16","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"A Duc","year":"2015","unstructured":"Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 401\u2013429. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_16"},{"key":"12_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"240","DOI":"10.1007\/978-3-662-49890-3_10","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"F Durvaux","year":"2016","unstructured":"Durvaux, F., Standaert, F.-X.: From improved leakage detection to the detection of points of interests in leakage traces. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 240\u2013262. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49890-3_10"},{"issue":"3","key":"12_CR23","doi-asserted-by":"publisher","first-page":"89","DOI":"10.46586\/tches.v2018.i3.89-120","volume":"2018","author":"S Faust","year":"2018","unstructured":"Faust, S., Grosso, V., Pozo, S.M.D., Paglialonga, C., Standaert, F.-X.: Composable masking schemes in the presence of physical defaults & the robust probing model. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(3), 89\u2013120 (2018)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"12_CR24","doi-asserted-by":"crossref","unstructured":"Fritzmann, T., et al.: Masked accelerators and instruction set extensions for post-quantum cryptography. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2022(1), 414\u2013460 (2022)","DOI":"10.46586\/tches.v2022.i1.414-460"},{"key":"12_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1007\/11894063_2","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2006","author":"B Gierlichs","year":"2006","unstructured":"Gierlichs, B., Lemke-Rust, K., Paar, C.: Templates vs. stochastic methods. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 15\u201329. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11894063_2"},{"key":"12_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/3-540-44709-1_2","volume-title":"Cryptographic Hardware and Embedded Systems \u2014 CHES 2001","author":"L Goubin","year":"2001","unstructured":"Goubin, L.: A sound method for switching between Boolean and arithmetic masking. In: Ko\u00e7, \u00c7.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 3\u201315. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44709-1_2"},{"key":"12_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"158","DOI":"10.1007\/3-540-48059-5_15","volume-title":"Cryptographic Hardware and Embedded Systems","author":"L Goubin","year":"1999","unstructured":"Goubin, L., Patarin, J.: DES and differential power analysis the duplication method. In: Ko\u00e7, \u00c7.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158\u2013172. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48059-5_15"},{"key":"12_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"385","DOI":"10.1007\/978-3-319-78375-8_13","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"V Grosso","year":"2018","unstructured":"Grosso, V., Standaert, F.-X.: Masking proofs are tight and how to exploit it in security evaluations. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 385\u2013412. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78375-8_13"},{"issue":"4","key":"12_CR29","doi-asserted-by":"publisher","first-page":"209","DOI":"10.46586\/tches.v2020.i4.209-238","volume":"2020","author":"Q Guo","year":"2020","unstructured":"Guo, Q., Grosso, V., Standaert, F.-X., Bronchain, O.: Modeling soft analytical side-channel attacks from a coding theory viewpoint. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(4), 209\u2013238 (2020)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"issue":"4","key":"12_CR30","doi-asserted-by":"publisher","first-page":"647","DOI":"10.1109\/TPAMI.2007.70717","volume":"30","author":"OC Hamsici","year":"2008","unstructured":"Hamsici, O.C., Mart\u00ednez, A.M.: Bayes optimality in linear discriminant analysis. IEEE Trans. Pattern Anal. Mach. Intell. 30(4), 647\u2013657 (2008)","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"12_CR31","unstructured":"Heinz, D., Kannwischer, M.J., Land, G., P\u00f6ppelmann, T., Schwabe, P., Sprenkels, A.: First-order masked kyber on ARM cortex-m4. IACR Cryptol. ePrint Arch., p. 58, 2022"},{"key":"12_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/978-3-662-44709-3_4","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2014","author":"A Heuser","year":"2014","unstructured":"Heuser, A., Rioul, O., Guilley, S.: Good is not good enough. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 55\u201374. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-44709-3_4"},{"key":"12_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"463","DOI":"10.1007\/978-3-540-45146-4_27","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"Y Ishai","year":"2003","unstructured":"Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463\u2013481. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45146-4_27"},{"key":"12_CR34","doi-asserted-by":"crossref","unstructured":"Kamucheka, T., Nelson, A., Andrews, D., Huang, M.: A masked pure-hardware implementation of kyber cryptographic algorithm. In: FPT, p. 1. IEEE (2022)","DOI":"10.1109\/ICFPT56656.2022.9974404"},{"issue":"3","key":"12_CR35","doi-asserted-by":"publisher","first-page":"243","DOI":"10.46586\/tches.v2020.i3.243-268","volume":"2020","author":"MJ Kannwischer","year":"2020","unstructured":"Kannwischer, M.J., Pessl, P., Primas, R.: Single-trace attacks on keccak. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(3), 243\u2013268 (2020)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"issue":"4","key":"12_CR36","doi-asserted-by":"publisher","first-page":"301","DOI":"10.1007\/s13389-017-0162-9","volume":"8","author":"L Lerman","year":"2018","unstructured":"Lerman, L., Poussier, R., Markowitch, O., Standaert, F.-X.: Template attacks versus machine learning revisited and the curse of dimensionality in side-channel analysis: extended version. J. Cryptogr. Eng. 8(4), 301\u2013313 (2018)","journal-title":"J. Cryptogr. Eng."},{"key":"12_CR37","doi-asserted-by":"publisher","first-page":"1868","DOI":"10.1109\/TIFS.2020.3045904","volume":"16","author":"Y Liu","year":"2021","unstructured":"Liu, Y., Zhou, Y., Sun, S., Wang, T., Zhang, R., Ming, J.: On the security of lattice-based Fiat-Shamir signatures in the presence of randomness leakage. IEEE Trans. Inf. Forensics Secur. 16, 1868\u20131879 (2021)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"12_CR38","unstructured":"Lyubashevsky, V., et al.: Crystals-dilithium algorithm specifications and supporting documentation. NIST Post-Quantum Cryptography Standard, 2022"},{"key":"12_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1007\/978-3-540-24660-2_18","volume-title":"Topics in Cryptology \u2013 CT-RSA 2004","author":"S Mangard","year":"2004","unstructured":"Mangard, S.: Hardware countermeasures against DPA \u2013 a statistical analysis of their effectiveness. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 222\u2013235. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24660-2_18"},{"key":"12_CR40","doi-asserted-by":"publisher","unstructured":"Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer, New York (2007). https:\/\/doi.org\/10.1007\/978-0-387-38162-6","DOI":"10.1007\/978-0-387-38162-6"},{"issue":"2","key":"12_CR41","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1049\/iet-ifs.2010.0096","volume":"5","author":"S Mangard","year":"2011","unstructured":"Mangard, S., Oswald, E., Standaert, F.-X.: One for all - all for one: unifying standard differential power analysis attacks. IET Inf. Secur. 5(2), 100\u2013110 (2011)","journal-title":"IET Inf. Secur."},{"key":"12_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"351","DOI":"10.1007\/978-3-540-30574-3_24","volume-title":"Topics in Cryptology \u2013 CT-RSA 2005","author":"S Mangard","year":"2005","unstructured":"Mangard, S., Popp, T., Gammel, B.M.: Side-channel leakage of masked CMOS gates. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 351\u2013365. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/978-3-540-30574-3_24"},{"key":"12_CR43","unstructured":"Marzougui, S., Ulitzsch, V., Tibouchi, M., Seifert, J.-P.: Profiling side-channel attacks on dilithium: a small bit-fiddling leak breaks it all. IACR Cryptol. ePrint Arch., p. 106, 2022"},{"issue":"1","key":"12_CR44","first-page":"32","volume":"2023","author":"L Masure","year":"2023","unstructured":"Masure, L., Cristiani, V., Lecomte, M., Standaert, F.-X.: Don\u2019t learn what you already know scheme-aware modeling for profiling side-channel analysis against masking. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2023(1), 32\u201359 (2023)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"12_CR45","doi-asserted-by":"publisher","unstructured":"Masure, L., M\u00e9aux, P., Moos, T., Standaert, F.X.: Effective and efficient masking with low noise using small-mersenne-prime ciphers. In: Hazay, C., Stam, M. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2023. EUROCRYPT 2023. LNCS, vol. 14007, pp. 596\u2013627. Springer, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-30634-1_20","DOI":"10.1007\/978-3-031-30634-1_20"},{"key":"12_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"344","DOI":"10.1007\/978-3-030-21568-2_17","volume-title":"Applied Cryptography and Network Security","author":"V Migliore","year":"2019","unstructured":"Migliore, V., G\u00e9rard, B., Tibouchi, M., Fouque, P.-A.: Masking dilithium. In: Deng, R.H., Gauthier-Uma\u00f1a, V., Ochoa, M., Yung, M. (eds.) ACNS 2019. LNCS, vol. 11464, pp. 344\u2013362. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-21568-2_17"},{"issue":"4","key":"12_CR47","doi-asserted-by":"publisher","first-page":"676","DOI":"10.46586\/tches.v2021.i4.676-707","volume":"2021","author":"K Ngo","year":"2021","unstructured":"Ngo, K., Dubrova, E., Guo, Q., Johansson, T.: A side-channel attack on a masked IND-CCA secure saber KEM implementation. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(4), 676\u2013707 (2021)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"issue":"2","key":"12_CR48","doi-asserted-by":"publisher","first-page":"292","DOI":"10.1007\/s00145-010-9085-7","volume":"24","author":"S Nikova","year":"2011","unstructured":"Nikova, S., Rijmen, V., Schl\u00e4ffer, M.: Secure hardware implementation of nonlinear functions in the presence of glitches. J. Cryptol. 24(2), 292\u2013321 (2011)","journal-title":"J. Cryptol."},{"key":"12_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"513","DOI":"10.1007\/978-3-319-66787-4_25","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2017","author":"R Primas","year":"2017","unstructured":"Primas, R., Pessl, P., Mangard, S.: Single-trace side-channel attacks on masked lattice-based encryption. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 513\u2013533. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66787-4_25"},{"key":"12_CR50","doi-asserted-by":"publisher","unstructured":"Prouff, E., Rivain, M.: Masking against side-channel attacks: a formal security proof. In: Johansson, T., Nguyen, P.Q. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2013. EUROCRYPT 2013. LNCS, vol. 7881, pp. 142\u2013159. Springer, Berlin, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_9","DOI":"10.1007\/978-3-642-38348-9_9"},{"issue":"2","key":"12_CR51","doi-asserted-by":"publisher","first-page":"418","DOI":"10.46586\/tches.v2023.i2.418-446","volume":"2023","author":"G Rajendran","year":"2023","unstructured":"Rajendran, G., Ravi, P., D\u2019Anvers, J.-P., Bhasin, S., Chattopadhyay, A.: Pushing the limits of generic side-channel attacks on LWE-based KEMs - parallel PC oracle attacks on kyber KEM and beyond. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2023(2), 418\u2013446 (2023)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"12_CR52","unstructured":"Ravi, P., Jhanwar, M.P., Howe, J., Chattopadhyay, A., Bhasin, S.: Side-channel assisted existential forgery attack on dilithium - a NIST PQC candidate. IACR Cryptol. ePrint Arch., p. 821, 2018"},{"key":"12_CR53","doi-asserted-by":"crossref","unstructured":"Ravi, P., Roy, S.S., Chattopadhyay, A., Bhasin, S.: Generic side-channel attacks on CCA-secure lattice-based PKE and KEMs. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(3), 307\u2013335 (2020)","DOI":"10.46586\/tches.v2020.i3.307-335"},{"key":"12_CR54","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1007\/978-3-642-20465-4_8","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2011","author":"M Renauld","year":"2011","unstructured":"Renauld, M., Standaert, F.-X., Veyrat-Charvillon, N., Kamel, D., Flandre, D.: A formal study of power variability issues and side-channel attacks for nanoscale devices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 109\u2013128. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-20465-4_8"},{"key":"12_CR55","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1007\/11545262_3","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2005","author":"W Schindler","year":"2005","unstructured":"Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30\u201346. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11545262_3"},{"key":"12_CR56","unstructured":"Schwabe, P., et al.: Crystals-kyber algorithm specifications and supporting documentation. NIST Post-Quantum Cryptography Standard (2022)"},{"key":"12_CR57","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"411","DOI":"10.1007\/978-3-540-85053-3_26","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2008","author":"F-X Standaert","year":"2008","unstructured":"Standaert, F.-X., Archambeau, C.: Using subspace-based template attacks to compare and combine power and electromagnetic information leakages. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 411\u2013425. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85053-3_26"},{"key":"12_CR58","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"443","DOI":"10.1007\/978-3-642-01001-9_26","volume-title":"Advances in Cryptology - EUROCRYPT 2009","author":"F-X Standaert","year":"2009","unstructured":"Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443\u2013461. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-01001-9_26"},{"issue":"3","key":"12_CR59","doi-asserted-by":"publisher","first-page":"473","DOI":"10.46586\/tches.v2023.i3.473-503","volume":"2023","author":"Y Tanaka","year":"2023","unstructured":"Tanaka, Y., Ueno, R., Xagawa, K., Ito, A., Takahashi, J., Homma, N.: Multiple-valued plaintext-checking side-channel attacks on post-quantum KEMs. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2023(3), 473\u2013503 (2023)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"issue":"1","key":"12_CR60","first-page":"296","volume":"2022","author":"R Ueno","year":"2022","unstructured":"Ueno, R., Xagawa, K., Tanaka, Y., Ito, A., Takahashi, J., Homma, N.: Curse of re-encryption: a generic power\/EM analysis on post-quantum KEMs. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2022(1), 296\u2013322 (2022)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"12_CR61","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1007\/978-3-662-45611-8_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"N Veyrat-Charvillon","year":"2014","unstructured":"Veyrat-Charvillon, N., G\u00e9rard, B., Standaert, F.-X.: Soft analytical side-channel attacks. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 282\u2013296. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_15"},{"key":"12_CR62","doi-asserted-by":"crossref","unstructured":"Xu, Z., Pemberton, O., Roy, S.S., Oswald, D., Yao, W., Zheng, Z.: Magnifying side-channel leakage of lattice-based cryptosystems with chosen ciphertexts: the case study of kyber. IEEE Trans. Comput. 71(9), 2163\u20132176 (2022)","DOI":"10.1109\/TC.2021.3122997"}],"container-title":["Lecture Notes in Computer Science","Progress in Cryptology - AFRICACRYPT 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-64381-1_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,2]],"date-time":"2024-07-02T23:03:18Z","timestamp":1719961398000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-64381-1_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031643804","9783031643811"],"references-count":62,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-64381-1_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"3 July 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"AFRICACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Cryptology in Africa","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Douala","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Cameroon","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 July 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 July 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"africacrypt2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}