{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,21]],"date-time":"2025-10-21T00:34:08Z","timestamp":1761006848449,"version":"build-2065373602"},"publisher-location":"Cham","reference-count":63,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032014047","type":"print"},{"value":"9783032014054","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,10,15]],"date-time":"2025-10-15T00:00:00Z","timestamp":1760486400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,10,15]],"date-time":"2025-10-15T00:00:00Z","timestamp":1760486400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-01405-4_6","type":"book-chapter","created":{"date-parts":[[2025,10,20]],"date-time":"2025-10-20T10:24:52Z","timestamp":1760955892000},"page":"119-158","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["X2X: Low-Randomness and\u00a0High-Throughput A2B and\u00a0B2A Conversions for\u00a0$$d+1$$ Shares in\u00a0Hardware"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0983-5664","authenticated-orcid":false,"given":"Quinten","family":"Norga","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9675-7988","authenticated-orcid":false,"given":"Jan-Pieter","family":"D\u2019Anvers","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4354-852X","authenticated-orcid":false,"given":"Suparna","family":"Kundu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0879-076X","authenticated-orcid":false,"given":"Ingrid","family":"Verbauwhede","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,10,15]]},"reference":[{"key":"6_CR1","doi-asserted-by":"publisher","unstructured":"Bache, F., G\u00fcneysu, T.: Boolean masking for arithmetic additions at arbitrary order in hardware. Applied Sciences 12(5) (2022). https:\/\/doi.org\/10.3390\/app12052274, https:\/\/www.mdpi.com\/2076-3417\/12\/5\/2274","DOI":"10.3390\/app12052274"},{"key":"6_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1007\/978-3-319-16763-3_5","volume-title":"Smart Card Research and Advanced Applications","author":"J Balasch","year":"2015","unstructured":"Balasch, J., Gierlichs, B., Grosso, V., Reparaz, O., Standaert, F.-X.: On the cost of lazy engineering for masked software implementations. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 64\u201381. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-16763-3_5"},{"key":"6_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"457","DOI":"10.1007\/978-3-662-46800-5_18","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"G Barthe","year":"2015","unstructured":"Barthe, G., Bela\u00efd, S., Dupressoir, F., Fouque, P.-A., Gr\u00e9goire, B., Strub, P.-Y.: Verified proofs of higher-order masking. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 457\u2013485. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_18"},{"key":"6_CR4","doi-asserted-by":"publisher","unstructured":"Barthe, G., et al.: Strong non-interference and type-directed higher-order masking. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016, pp. 116\u2013129. ACM Press (2016). https:\/\/doi.org\/10.1145\/2976749.2978427","DOI":"10.1145\/2976749.2978427"},{"key":"6_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"354","DOI":"10.1007\/978-3-319-78375-8_12","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"G Barthe","year":"2018","unstructured":"Barthe, G., Bela\u00efd, S., Espitau, T., Fouque, P.-A., Gr\u00e9goire, B., Rossi, M., Tibouchi, M.: Masking the GLP lattice-based signature scheme at any order. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 354\u2013384. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78375-8_12"},{"key":"6_CR6","doi-asserted-by":"publisher","unstructured":"Beirendonck, M.V., D\u2019anvers, J.P., Karmakar, A., Balasch, J., Verbauwhede, I.: A side-channel-resistant implementation of saber. J. Emerg. Technol. Comput. Syst. 17(2) (2021). https:\/\/doi.org\/10.1145\/3429983","DOI":"10.1145\/3429983"},{"key":"6_CR7","doi-asserted-by":"publisher","unstructured":"Bos, J.W., Gourjon, M., Renes, J., Schneider, T., van Vredendaal, C.: Masking kyber: First- and higher-order implementations. IACR Trans. Cryptographic Hardware Embedded Syst. 2021(4), 173\u2013214 (2021). https:\/\/doi.org\/10.46586\/tches.v2021.i4.173-214, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/9064","DOI":"10.46586\/tches.v2021.i4.173-214"},{"key":"6_CR8","doi-asserted-by":"publisher","unstructured":"Brent, Kung: A regular layout for parallel adders. IEEE Trans. Comput. C-31(3), 260\u2013264 (1982). https:\/\/doi.org\/10.1109\/TC.1982.1675982","DOI":"10.1109\/TC.1982.1675982"},{"key":"6_CR9","doi-asserted-by":"publisher","unstructured":"Bronchain, O., Cassiers, G.: Bitslicing arithmetic\/Boolean masking conversions for fun and profit with application to lattice-based kems. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2022(4), 553\u2013588 (2022). https:\/\/doi.org\/10.46586\/tches.v2022.i4.553-588","DOI":"10.46586\/tches.v2022.i4.553-588"},{"key":"6_CR10","doi-asserted-by":"publisher","unstructured":"Cassiers, G., Standaert, F.X.: Trivially and efficiently composing masked gadgets with probe isolating non-interference. IEEE Trans. Inf. Forensics Secur. PP, 1\u20131 (2020). https:\/\/doi.org\/10.1109\/TIFS.2020.2971153","DOI":"10.1109\/TIFS.2020.2971153"},{"key":"6_CR11","unstructured":"Cassiers, G.: Composable and efficient masking schemes for side-channel secure implementations. Ph.D. thesis, \u00c9cole polytechnique de Louvain and Universit\u00e9 catholique de Louvain (2022)"},{"key":"6_CR12","doi-asserted-by":"publisher","unstructured":"Cassiers, G., Bronchain, O.: Scalib: A side-channel analysis library. Journal of Open Source Software 8(86), 5196 (2023). https:\/\/doi.org\/10.21105\/joss.05196","DOI":"10.21105\/joss.05196"},{"key":"6_CR13","unstructured":"Cassiers, G., Gigerl, B., Mangard, S., Momin, C., Nagpal, R.: Compress: generate small and fast masked pipelined circuits. Cryptology ePrint Archive, Paper 2023\/1600 (2023). https:\/\/eprint.iacr.org\/2023\/1600"},{"issue":"10","key":"6_CR14","doi-asserted-by":"publisher","first-page":"1677","DOI":"10.1109\/TC.2020.3022979","volume":"70","author":"G Cassiers","year":"2021","unstructured":"Cassiers, G., Gr\u00e9goire, B., Levi, I., Standaert, F.X.: Hardware private circuits: from trivial composition to full verification. IEEE Trans. Comput. 70(10), 1677\u20131690 (2021). https:\/\/doi.org\/10.1109\/TC.2020.3022979","journal-title":"IEEE Trans. Comput."},{"key":"6_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-642-29912-4_6","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"J-S Coron","year":"2012","unstructured":"Coron, J.-S., Giraud, C., Prouff, E., Renner, S., Rivain, M., Vadnala, P.K.: Conversion of security proofs from one leakage model to another: a new issue. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 69\u201381. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29912-4_6"},{"key":"6_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"130","DOI":"10.1007\/978-3-662-48116-5_7","volume-title":"Fast Software Encryption","author":"J-S Coron","year":"2015","unstructured":"Coron, J.-S., Gro\u00dfsch\u00e4dl, J., Tibouchi, M., Vadnala, P.K.: Conversion from arithmetic to Boolean masking with logarithmic complexity. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 130\u2013149. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-48116-5_7"},{"key":"6_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"188","DOI":"10.1007\/978-3-662-44709-3_11","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2014","author":"J-S Coron","year":"2014","unstructured":"Coron, J.-S., Gro\u00dfsch\u00e4dl, J., Vadnala, P.K.: Secure conversion between Boolean and arithmetic masking of any order. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 188\u2013205. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-44709-3_11"},{"key":"6_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"215","DOI":"10.1007\/978-3-030-84252-9_8","volume-title":"Advances in Cryptology \u2013 CRYPTO 2021","author":"J-S Coron","year":"2021","unstructured":"Coron, J.-S., Spignoli, L.: Secure wire shuffling in the probing model. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12827, pp. 215\u2013244. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84252-9_8"},{"key":"6_CR19","doi-asserted-by":"publisher","unstructured":"Coron, J.S., G\u00e9rard, F., Montoya, S., Zeitoun, R.: High-order polynomial comparison and masking lattice-based encryption. IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 153\u2013192 (2022). https:\/\/doi.org\/10.46586\/tches.v2023.i1.153-192","DOI":"10.46586\/tches.v2023.i1.153-192"},{"key":"6_CR20","doi-asserted-by":"publisher","unstructured":"Coron, J.S., G\u00e9rard, F., Montoya, S., Zeitoun, R.: High-order table-based conversion algorithms and masking lattice-based encryption. IACR Trans. Cryptographic Hardware Embedded Syst. 2022(2), 1\u201340 (2022). https:\/\/doi.org\/10.46586\/tches.v2022.i2.1-40, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/9479","DOI":"10.46586\/tches.v2022.i2.1-40"},{"key":"6_CR21","doi-asserted-by":"publisher","unstructured":"Coron, J.S., G\u00e9rard, F., Trannoy, M., Zeitoun, R.: High-order masking of NTRU. IACR Transactions on Cryptographic Hardware and Embedded Systems 2023(2), 180\u2013211 (Mar 2023). https:\/\/doi.org\/10.46586\/tches.v2023.i2.180-211, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/10281","DOI":"10.46586\/tches.v2023.i2.180-211"},{"key":"6_CR22","doi-asserted-by":"publisher","unstructured":"D\u2019Anvers, J.P., Tiepelt, M., Vercauteren, F., Verbauwhede, I.: Timing attacks on error correcting codes in post-quantum schemes. In: Proceedings of ACM Workshop on Theory of Implementation Security Workshop. TIS\u201919, New York, NY, USA, pp. 2\u20139. Association for Computing Machinery (2019). https:\/\/doi.org\/10.1145\/3338467.3358948","DOI":"10.1145\/3338467.3358948"},{"key":"6_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-319-64647-3_1","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"T De Cnudde","year":"2017","unstructured":"De Cnudde, T., Bilgin, B., Gierlichs, B., Nikov, V., Nikova, S., Rijmen, V.: Does coupling affect the security of masked implementations? In: Guilley, S. (ed.) COSADE 2017. LNCS, vol. 10348, pp. 1\u201318. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-64647-3_1"},{"key":"6_CR24","doi-asserted-by":"publisher","unstructured":"De\u00a0Meyer, L., Reparaz, O., Bilgin, B.: Multiplicative masking for AES in hardware. IACR Trans. Cryptographic Hardware Embedded Syst. 2018(3), 431\u2013468 (2018). https:\/\/doi.org\/10.13154\/tches.v2018.i3.431-468, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/7282","DOI":"10.13154\/tches.v2018.i3.431-468"},{"key":"6_CR25","doi-asserted-by":"publisher","unstructured":"D\u2019Anvers, J.P.: One-hot conversion: towards faster table-based A2B conversion. In: In: Hazay, C., Stam, M. (eds.) EUROCRYPT 2023, Part IV. LNCS, pp. 628\u2013657. Springer, Heidelberg (2023). https:\/\/doi.org\/10.1007\/978-3-031-30634-1_21","DOI":"10.1007\/978-3-031-30634-1_21"},{"key":"6_CR26","doi-asserted-by":"publisher","unstructured":"Faust, S., Grosso, V., Merino Del\u00a0Pozo, S., Paglialonga, C., Standaert, F.X.: Composable masking schemes in the presence of physical defaults & the robust probing model. IACR Trans. Cryptographic Hardware Embedded Syst. 2018(3), 89\u2013120 (2018). https:\/\/doi.org\/10.13154\/tches.v2018.i3.89-120, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/7270","DOI":"10.13154\/tches.v2018.i3.89-120"},{"key":"6_CR27","doi-asserted-by":"publisher","unstructured":"Fritzmann, T., et al.: Masked accelerators and instruction set extensions for post-quantum cryptography. IACR Transactions on Cryptographic Hardware and Embedded Systems 2022(1), 414\u2013460 (2021). https:\/\/doi.org\/10.46586\/tches.v2022.i1.414-460, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/9303","DOI":"10.46586\/tches.v2022.i1.414-460"},{"key":"6_CR28","doi-asserted-by":"publisher","unstructured":"Fujimoto, D., Kim, Y., Hayashi, Y., Homma, N., Hashimoto, M., Sato, T., Danger, J.L.: Sasimi: Evaluation board for EM information leakage from large scale cryptographic circuits. In: 2022 IEEE International Symposium on Electromagnetic Compatibility & Signal\/Power Integrity (EMCSI), pp. 299\u2013302 (2022). https:\/\/doi.org\/10.1109\/EMCSI39492.2022.9889445","DOI":"10.1109\/EMCSI39492.2022.9889445"},{"key":"6_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1007\/3-540-44709-1_21","volume-title":"Cryptographic Hardware and Embedded Systems \u2014 CHES 2001","author":"K Gandolfi","year":"2001","unstructured":"Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Ko\u00e7, \u00c7.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251\u2013261. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44709-1_21"},{"key":"6_CR30","unstructured":"Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A testing methodology for side channel resistance. https:\/\/csrc.nist.gov\/csrc\/media\/events\/non-invasive-attack-testing-workshop\/documents\/08_goodwill.pdf (2011). Accessed 6 Nov 2023"},{"key":"6_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/3-540-44709-1_2","volume-title":"Cryptographic Hardware and Embedded Systems \u2014 CHES 2001","author":"L Goubin","year":"2001","unstructured":"Goubin, L.: A sound method for switching between Boolean and arithmetic masking. In: Ko\u00e7, \u00c7.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 3\u201315. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44709-1_2"},{"key":"6_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1007\/978-3-319-66787-4_6","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2017","author":"H Gross","year":"2017","unstructured":"Gross, H., Mangard, S.: Reconciling $$d+1$$ masking in hardware and software. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 115\u2013136. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66787-4_6"},{"key":"6_CR33","doi-asserted-by":"publisher","unstructured":"Gross, H., Mangard, S., Korak, T.: Domain-oriented masking: compact masked hardware implementations with arbitrary protection order. In: Proceedings of the 2016 ACM Workshop on Theory of Implementation Security. TIS \u201916, New York, NY, USA, p.\u00a03. Association for Computing Machinery (2016). https:\/\/doi.org\/10.1145\/2996366.2996426","DOI":"10.1145\/2996366.2996426"},{"key":"6_CR34","doi-asserted-by":"publisher","unstructured":"Gross, H., Schaffenrath, D., Mangard, S.: Higher-order side-channel protected implementations of KECCAK. In: 2017 Euromicro Conference on Digital System Design (DSD), pp. 205\u2013212 (2017). https:\/\/doi.org\/10.1109\/DSD.2017.21","DOI":"10.1109\/DSD.2017.21"},{"key":"6_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"359","DOI":"10.1007\/978-3-030-56880-1_13","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"Q Guo","year":"2020","unstructured":"Guo, Q., Johansson, T., Nilsson, A.: A key-recovery timing attack on post-quantum primitives using the Fujisaki-Okamoto transformation and its application on FrodoKEM. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part II. LNCS, vol. 12171, pp. 359\u2013386. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56880-1_13"},{"key":"6_CR36","unstructured":"Heinz, D., Kannwischer, M.J., Land, G., P\u00f6ppelmann, T., Schwabe, P., Sprenkels, D.: First-order masked kyber on ARM cortex-m4. Cryptology ePrint Archive, Paper 2022\/058 (2022). https:\/\/eprint.iacr.org\/2022\/058"},{"key":"6_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"463","DOI":"10.1007\/978-3-540-45146-4_27","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"Y Ishai","year":"2003","unstructured":"Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463\u2013481. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45146-4_27"},{"key":"6_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1007\/3-540-68697-5_9","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201996","author":"PC Kocher","year":"1996","unstructured":"Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104\u2013113. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68697-5_9"},{"key":"6_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"388","DOI":"10.1007\/3-540-48405-1_25","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 99","author":"P Kocher","year":"1999","unstructured":"Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388\u2013397. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48405-1_25"},{"key":"6_CR40","unstructured":"Krausz, M., et al.: Generic accelerators for costly-to-mask PQC components. Cryptology ePrint Archive, Paper 2023\/1287 (2023). https:\/\/eprint.iacr.org\/2023\/1287, https:\/\/eprint.iacr.org\/2023\/1287"},{"key":"6_CR41","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1007\/978-3-031-14791-3_5","volume-title":"Security and Cryptography for Networks","author":"S Kundu","year":"2022","unstructured":"Kundu, S., D\u2019Anvers, J.P., Beirendonck, M., Karmakar, A., Verbauwhede, I.: Higher-order masked saber. In: Galdi, C., Jarecki, S. (eds.) Security and Cryptography for Networks, pp. 93\u2013116. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-14791-3_5"},{"key":"6_CR42","doi-asserted-by":"crossref","unstructured":"Liu, J., et al.: A low-latency high-order arithmetic to Boolean masking conversion. Cryptology ePrint Archive, Paper 2024\/045 (2024). https:\/\/eprint.iacr.org\/2024\/045","DOI":"10.46586\/tches.v2024.i2.630-653"},{"key":"6_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"351","DOI":"10.1007\/978-3-540-30574-3_24","volume-title":"Topics in Cryptology \u2013 CT-RSA 2005","author":"S Mangard","year":"2005","unstructured":"Mangard, S., Popp, T., Gammel, B.M.: Side-Channel Leakage of Masked CMOS Gates. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 351\u2013365. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/978-3-540-30574-3_24"},{"key":"6_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1007\/11894063_7","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2006","author":"S Mangard","year":"2006","unstructured":"Mangard, S., Schramm, K.: Pinpointing the side-channel leakage of masked AES hardware implementations. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 76\u201390. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11894063_7"},{"key":"6_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"344","DOI":"10.1007\/978-3-030-21568-2_17","volume-title":"Applied Cryptography and Network Security","author":"V Migliore","year":"2019","unstructured":"Migliore, V., G\u00e9rard, B., Tibouchi, M., Fouque, P.-A.: Masking Dilithium. In: Deng, R.H., Gauthier-Uma\u00f1a, V., Ochoa, M., Yung, M. (eds.) ACNS 2019. LNCS, vol. 11464, pp. 344\u2013362. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-21568-2_17"},{"key":"6_CR46","doi-asserted-by":"publisher","unstructured":"Moos, T., Moradi, A., Schneider, T., Standaert, F.X.: Glitch-resistant masking revisited: or why proofs in the robust probing model are needed. IACR Trans. Cryptographic Hardware Embedded Syst. 2019(2), 256\u2013292 (2019). https:\/\/doi.org\/10.13154\/tches.v2019.i2.256-292, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/7392","DOI":"10.13154\/tches.v2019.i2.256-292"},{"key":"6_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1007\/978-3-662-48324-4_23","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2015","author":"A Moradi","year":"2015","unstructured":"Moradi, A., Wild, A.: Assessment of hiding the higher-order leakages in hardware. In: G\u00fcneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 453\u2013474. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-48324-4_23"},{"key":"6_CR48","doi-asserted-by":"publisher","unstructured":"M\u00fcller, N., Knichel, D., Sasdrich, P., Moradi, A.: Transitional leakage in theory and practice: Unveiling security flaws in masked circuits. IACR Trans. Cryptographic Hardware Embedded Syst. 2022(2), 266\u2013288 (2022). https:\/\/doi.org\/10.46586\/tches.v2022.i2.266-288, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/9488","DOI":"10.46586\/tches.v2022.i2.266-288"},{"key":"6_CR49","doi-asserted-by":"publisher","unstructured":"National Institute of Standards and Technology: Module-lattice-based digital signature standard. Technical report, U.S. Department of Commerce, Washington, D.C. (2024). https:\/\/doi.org\/10.6028\/NIST.FIPS.204","DOI":"10.6028\/NIST.FIPS.204"},{"key":"6_CR50","doi-asserted-by":"publisher","unstructured":"National Institute of Standards and Technology: Module-lattice-based key-encapsulation mechanism standard. Technical report, U.S. Department of Commerce, Washington, D.C. (2024). https:\/\/doi.org\/10.6028\/NIST.FIPS.203","DOI":"10.6028\/NIST.FIPS.203"},{"key":"6_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"529","DOI":"10.1007\/11935308_38","volume-title":"Information and Communications Security","author":"S Nikova","year":"2006","unstructured":"Nikova, S., Rechberger, C., Rijmen, V.: Threshold implementations against side-channel attacks and glitches. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 529\u2013545. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11935308_38"},{"key":"6_CR52","unstructured":"NIST Computer Security Division: Post-quantum cryptography standardization (2016). https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography. Accessed 17 Aug 2023"},{"key":"6_CR53","unstructured":"NIST Computer Security Division: Comments requested on three draft fips for post-quantum cryptography. https:\/\/csrc.nist.gov\/news\/2023\/three-draft-fips-for-post-quantum-cryptography (2023). Accessed 30 Oct 2023"},{"key":"6_CR54","unstructured":"NIST Computer Security Division: Post-quantum cryptography: Digital signature schemes (2023). https:\/\/csrc.nist.gov\/projects\/pqc-dig-sig\/round-1-additional-signatures. Accessed 7 Sept 2023"},{"key":"6_CR55","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"513","DOI":"10.1007\/978-3-319-66787-4_25","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2017","author":"R Primas","year":"2017","unstructured":"Primas, R., Pessl, P., Mangard, S.: Single-trace side-channel attacks on masked lattice-based encryption. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 513\u2013533. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66787-4_25"},{"key":"6_CR56","doi-asserted-by":"publisher","unstructured":"Ravi, P., Sinha\u00a0Roy, S., Chattopadhyay, A., Bhasin, S.: Generic side-channel attacks on CCA-secure lattice-based PKE and KEMs. IACR Trans. Cryptographic Hardware Embedded Syst. 2020(3), 307\u2013335 (2020). https:\/\/doi.org\/10.13154\/tches.v2020.i3.307-335, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/8592","DOI":"10.13154\/tches.v2020.i3.307-335"},{"key":"6_CR57","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"764","DOI":"10.1007\/978-3-662-47989-6_37","volume-title":"Advances in Cryptology \u2013 CRYPTO 2015","author":"O Reparaz","year":"2015","unstructured":"Reparaz, O., Bilgin, B., Nikova, S., Gierlichs, B., Verbauwhede, I.: Consolidating masking schemes. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 764\u2013783. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-47989-6_37"},{"key":"6_CR58","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"559","DOI":"10.1007\/978-3-319-28166-7_27","volume-title":"Applied Cryptography and Network Security","author":"T Schneider","year":"2015","unstructured":"Schneider, T., Moradi, A., G\u00fcneysu, T.: Arithmetic addition over Boolean masking. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 559\u2013578. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-28166-7_27"},{"key":"6_CR59","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"534","DOI":"10.1007\/978-3-030-17259-6_18","volume-title":"Public-Key Cryptography \u2013 PKC 2019","author":"T Schneider","year":"2019","unstructured":"Schneider, T., Paglialonga, C., Oder, T., G\u00fcneysu, T.: Efficiently masking binomial sampling at arbitrary orders for lattice-based crypto. In: Lin, D., Sako, K. (eds.) PKC 2019. LNCS, vol. 11443, pp. 534\u2013564. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17259-6_18"},{"issue":"11","key":"6_CR60","doi-asserted-by":"publisher","first-page":"612","DOI":"10.1145\/359168.359176","volume":"22","author":"A Shamir","year":"1979","unstructured":"Shamir, A.: How to share a secret. Commun. ACM 22(11), 612\u2013613 (1979). https:\/\/doi.org\/10.1145\/359168.359176","journal-title":"Commun. ACM"},{"issue":"5","key":"6_CR61","doi-asserted-by":"publisher","first-page":"1484","DOI":"10.1137\/S0097539795293172","volume":"26","author":"PW Shor","year":"1997","unstructured":"Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484\u20131509 (1997). https:\/\/doi.org\/10.1137\/S0097539795293172","journal-title":"SIAM J. Comput."},{"key":"6_CR62","doi-asserted-by":"publisher","unstructured":"Van\u00a0Beirendonck, M., D\u2019Anvers, J.P., Verbauwhede, I.: Analysis and comparison of table-based arithmetic to boolean masking. IACR Trans. Cryptographic Hardware Embedded Syst. 2021(3), 275\u2013297 (2021). https:\/\/doi.org\/10.46586\/tches.v2021.i3.275-297, https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/8975","DOI":"10.46586\/tches.v2021.i3.275-297"},{"key":"6_CR63","doi-asserted-by":"crossref","unstructured":"Xu, Z., Pemberton, O., Roy, S.S., Oswald, D.F., Yao, W., Zheng, Z.: Magnifying side-channel leakage of lattice-based cryptosystems with chosen ciphertexts: The case study of kyber. IEEE Trans. Comput. 71, 2163\u20132176 (2022). https:\/\/api.semanticscholar.org\/CorpusID:220794801","DOI":"10.1109\/TC.2021.3122997"}],"container-title":["Lecture Notes in Computer Science","Constructive Approaches for Security Analysis and Design of Embedded Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-01405-4_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,20]],"date-time":"2025-10-20T10:24:57Z","timestamp":1760955897000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-01405-4_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,10,15]]},"ISBN":["9783032014047","9783032014054"],"references-count":63,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-01405-4_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,10,15]]},"assertion":[{"value":"15 October 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CASCADE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Constructive Approaches for Security Analysis and Design of Embedded Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Saint-Etienne","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 April 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 April 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cascade2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/cascade-conference.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}