{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T02:45:28Z","timestamp":1767321928344,"version":"3.48.0"},"publisher-location":"Cham","reference-count":58,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032105356","type":"print"},{"value":"9783032105363","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-10536-3_28","type":"book-chapter","created":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T02:43:18Z","timestamp":1767321798000},"page":"753-780","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Efficient SPA Countermeasures Using Redundant Number Representation with\u00a0Application to\u00a0ML-KEM"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2756-2065","authenticated-orcid":false,"given":"Rishub","family":"Nagpal","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7974-3381","authenticated-orcid":false,"given":"Vedad","family":"Had\u017ei\u0107","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9569-8477","authenticated-orcid":false,"given":"Robert","family":"Primas","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9650-8041","authenticated-orcid":false,"given":"Stefan","family":"Mangard","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,1,2]]},"reference":[{"key":"28_CR1","doi-asserted-by":"publisher","unstructured":"Assael, G., Elbaz-Vincent, P., Reymond, G.: Improving single-trace attacks on the number-theoretic transform for cortex-M4. In: IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2023, San Jose, CA, USA, 1\u20134 May 2023, pp. 111\u2013121. IEEE (2023). https:\/\/doi.org\/10.1109\/HOST55118.2023.10133270","DOI":"10.1109\/HOST55118.2023.10133270"},{"key":"28_CR2","unstructured":"Alkim, E., Ducas, L., P\u00f6ppelmann, T., Schwabe, P.: Post-quantum key exchange - a new hope. In: 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, 10\u201312 August 2016, pp. 327\u2013343. USENIX Association (2016). https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technicalsessions\/presentation\/alkim"},{"key":"28_CR3","unstructured":"Avanzi, R., et al.: CRYSTALS-Kyber algorithm specifications and supporting documentation (2021). https:\/\/pq-crystals.org\/kyber\/data\/kyber-specification-round3-20210804.pdf"},{"key":"28_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1007\/3-540-47721-7_24","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 86","author":"P Barrett","year":"1987","unstructured":"Barrett, P.: Implementing the rivest shamir and adleman public key encryption algorithm on a standard digital signal processor. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 311\u2013323. Springer, Heidelberg (1987). https:\/\/doi.org\/10.1007\/3-540-47721-7_24"},{"key":"28_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1007\/978-3-030-34621-8_4","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2019","author":"M Bolboceanu","year":"2019","unstructured":"Bolboceanu, M., Brakerski, Z., Perlman, R., Sharma, D.: Order-LWE and the hardness of ring-LWE with entropic secrets. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019. LNCS, vol. 11922, pp. 91\u2013120. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-34621-8_4"},{"key":"28_CR6","doi-asserted-by":"publisher","unstructured":"Bos, J.W., et al.: CRYSTALS - Kyber: a CCA-secure module- lattice-based KEM. In,: IEEE European Symposium on Security and Privacy, EuroS &P 2018, London, United Kingdom, 24\u201326 April 2018, pp. 353\u2013367. IEEE (2018). https:\/\/doi.org\/10.1109\/EUROSP.2018.00032","DOI":"10.1109\/EUROSP.2018.00032"},{"key":"28_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"713","DOI":"10.1007\/978-3-030-26948-7_25","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"O Bronchain","year":"2019","unstructured":"Bronchain, O., Hendrickx, J.M., Massart, C., Olshevsky, A., Standaert, F.-X.: Leakage certification revisited: bounding model errors in side-channel security evaluations. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 713\u2013737. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26948-7_25"},{"key":"28_CR8","doi-asserted-by":"publisher","unstructured":"Bronchain, O., Azouaoui, M., ElGhamrawy, M., Renes, J., Schneider, T.: Exploiting small-norm polynomial multiplication with physical attacks application to CRYSTALSDilithium. IACR Trans. Cryptogr. Hardw. Embed. Syst. 359\u2013383 (2024). https:\/\/doi.org\/10.46586\/TCHES.V2024.I2.359-383","DOI":"10.46586\/TCHES.V2024.I2.359-383"},{"key":"28_CR9","doi-asserted-by":"publisher","unstructured":"Bronchain, O., Standaert, F.X.: Breaking masked implementations with many shares on 32-bit software platforms or when the security order does not matter. IACR Trans. Cryptogr. Hardw. Embed. Syst. 202\u2013234 (2021). https:\/\/doi.org\/10.46586\/TCHES.V2021.I3.202-234","DOI":"10.46586\/TCHES.V2021.I3.202-234"},{"key":"28_CR10","doi-asserted-by":"publisher","unstructured":"Cassiers, G., Devillez, H., Standaert, F.X., Udvarhelyi, B.: Efficient regression-based linear discriminant analysis for side-channel security evaluations towards analytical attacks against 32-bit implementations. IACR Trans. Cryptogr. Hardw. Embed. Syst. 270\u2013293 (2023). https:\/\/doi.org\/10.46586\/TCHES.V2023.I3.270-293","DOI":"10.46586\/TCHES.V2023.I3.270-293"},{"key":"28_CR11","doi-asserted-by":"publisher","unstructured":"Cassiers, G., Bronchain, O.: SCALib: a side-channel analysis library. J. Open Source Softw. 8, 5196 (2023). https:\/\/doi.org\/10.21105\/joss.05196","DOI":"10.21105\/joss.05196"},{"key":"28_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"398","DOI":"10.1007\/3-540-48405-1_26","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 99","author":"S Chari","year":"1999","unstructured":"Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398\u2013412. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48405-1_26"},{"key":"28_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1007\/978-3-319-08302-5_17","volume-title":"Smart Card Research and Advanced Applications","author":"O Choudary","year":"2014","unstructured":"Choudary, O., Kuhn, M.G.: Efficient template attacks. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 253\u2013270. Springer, Cham (2014). https:\/\/doi.org\/10.1007\/978-3-319-08302-5_17"},{"key":"28_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/978-3-319-16763-3_6","volume-title":"Smart Card Research and Advanced Applications","author":"MO Choudary","year":"2015","unstructured":"Choudary, M.O., Kuhn, M.G.: Efficient stochastic methods: profiled attacks beyond 8 bits. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 85\u2013103. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-16763-3_6"},{"key":"28_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/3-540-36400-5_3","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2002","author":"S Chari","year":"2003","unstructured":"Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Ko\u00e7, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13\u201328. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36400-5_3"},{"key":"28_CR16","doi-asserted-by":"crossref","unstructured":"Cooley, J., Tukey, J.: An algorithm for the machine calculation of complex fourier series. Math. Comput. 19, 297\u2013301 (1965). http:\/\/dx.doi.org\/10.1090\/S0025-5718-1965-0178586-1","DOI":"10.1090\/S0025-5718-1965-0178586-1"},{"key":"28_CR17","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1007\/S00145-018-9284-1","volume":"32","author":"A Duc","year":"2019","unstructured":"Duc, A., Dziembowski, S., Faust, S.: Unifying leakage models: from probing attacks to noisy leakage. J. Cryptol. 32, 151\u2013177 (2019). https:\/\/doi.org\/10.1007\/S00145-018-9284-1","journal-title":"J. Cryptol."},{"key":"28_CR18","doi-asserted-by":"publisher","unstructured":"Ducas, L., et al.: CRYSTALSDilithium: a lattice-based digital signature scheme. IACR Trans. Cryptogr. Hardw. Embed. Syst. 238\u2013268 (2018). https:\/\/doi.org\/10.13154\/TCHES.V2018.I1.238-268","DOI":"10.13154\/TCHES.V2018.I1.238-268"},{"key":"28_CR19","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1007\/S00145-011-9114-1","volume":"26","author":"E Fujisaki","year":"2013","unstructured":"Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. J. Cryptol. 26, 80\u2013101 (2013). https:\/\/doi.org\/10.1007\/S00145-011-9114-1","journal-title":"J. Cryptol."},{"key":"28_CR20","doi-asserted-by":"publisher","unstructured":"Gentleman, W.M., Sande, G.: Fast Fourier transforms: for fun and profit. In: Proceedings of the Fall Joint Computer Conference, 7\u201310 November 1966, pp. 53\u2013578. Association for Computing Machinery (1966). https:\/\/doi.org\/10.1145\/1464291.1464352.","DOI":"10.1145\/1464291.1464352."},{"key":"28_CR21","doi-asserted-by":"publisher","unstructured":"Hamburg, M., et al.: Chosen ciphertext k-trace attacks on masked CCA2 secure kyber. IACR Trans. Cryptogr. Hardw. Embed. Syst. 88\u2013113 (2021). https:\/\/doi.org\/10.46586\/TCHES.V2021.I4.88-113","DOI":"10.46586\/TCHES.V2021.I4.88-113"},{"key":"28_CR22","doi-asserted-by":"crossref","unstructured":"Hermelink, J., M\u00e5rtensson, E., Samardjiska, S., Pessl, P., Rodosek, G.D.: Belief propagation meets lattice reduction: security estimates for error-tolerant key recovery from decryption errors. IACR Cryptol. ePrint Arch. 98 (2023). https:\/\/eprint.iacr.org\/2023\/098","DOI":"10.46586\/tches.v2023.i4.287-317"},{"key":"28_CR23","doi-asserted-by":"publisher","unstructured":"Hermelink, J., Streit, S., Strieder, E., Thieme, K.: Adapting belief propagation to counter shuffling of NTTs. IACR Trans. Cryptogr. Hardw. Embed. Syst. 60\u201388 (2023). https:\/\/doi.org\/10.46586\/TCHES.V2023.I1.60-88.","DOI":"10.46586\/TCHES.V2023.I1.60-88."},{"key":"28_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1007\/978-3-319-70500-2_12","volume-title":"Theory of Cryptography","author":"D Hofheinz","year":"2017","unstructured":"Hofheinz, D., H\u00f6velmanns, K., Kiltz, E.: A modular analysis of the fujisaki-okamoto transformation. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10677, pp. 341\u2013371. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70500-2_12"},{"key":"28_CR25","doi-asserted-by":"publisher","first-page":"475","DOI":"10.46586\/tches.v2025.i1.475-496","volume":"2025","author":"H Xunyue","year":"2024","unstructured":"Xunyue, H., Meunier, Q.L., Encrenaz, E.: Blind- folded: simple power analysis attacks using data with a single trace and no training. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2025, 475\u2013496 (2024). https:\/\/doi.org\/10.46586\/tches.v2025.i1.475-496","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"28_CR26","doi-asserted-by":"publisher","first-page":"1055","DOI":"10.1109\/TC.2022.3197073","volume":"72","author":"D Heinz","year":"2023","unstructured":"Heinz, D., P\u00f6ppelmann, T.: Combined fault and DPA protection for lattice-based cryptography. IEEE Trans. Comput. 72, 1055\u20131066 (2023). https:\/\/doi.org\/10.1109\/TC.2022.3197073","journal-title":"IEEE Trans. Comput."},{"key":"28_CR27","doi-asserted-by":"publisher","unstructured":"Huang, J., et al.: Improved plantard arithmetic for lattice-based cryptography. IACR Trans. Cryptogr. Hardw. Embed. Syst. 614\u2013636 (2022). https:\/\/doi.org\/10.46586\/TCHES.V2022.I4.614-636","DOI":"10.46586\/TCHES.V2022.I4.614-636"},{"key":"28_CR28","doi-asserted-by":"publisher","unstructured":"Huang, J., et al.: Yet another improvement of plantard arithmetic for faster kyber on low-end 32-bit IoT devices. IEEE Trans. Inf. Forensics Secur. 19, 3800\u20133813 (2024). https:\/\/doi.org\/10.1109\/TIFS.2024.3371369","DOI":"10.1109\/TIFS.2024.3371369"},{"key":"28_CR29","unstructured":"NewAE Technology Inc. Cw308 UFO Target Board (2024). https:\/\/www.newae.com\/products\/nae-cw308"},{"key":"28_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"463","DOI":"10.1007\/978-3-540-45146-4_27","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"Y Ishai","year":"2003","unstructured":"Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463\u2013481. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45146-4_27"},{"key":"28_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"388","DOI":"10.1007\/3-540-48405-1_25","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 99","author":"P Kocher","year":"1999","unstructured":"Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388\u2013397. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48405-1_25"},{"key":"28_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1007\/3-540-68697-5_9","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201996","author":"PC Kocher","year":"1996","unstructured":"Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104\u2013113. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68697-5_9"},{"key":"28_CR33","doi-asserted-by":"publisher","unstructured":"Kannwischer, M.J., Pessl, P., Primas, R.: Single- trace attacks on keccak. IACR Trans. Cryptogr. Hardw. Embed. Syst. 243\u2013268 (2020). https:\/\/doi.org\/10.13154\/TCHES.V2020.I3.243-268","DOI":"10.13154\/TCHES.V2020.I3.243-268"},{"key":"28_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-13190-5_1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2010","author":"V Lyubashevsky","year":"2010","unstructured":"Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 1\u201323. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-13190-5_1"},{"key":"28_CR35","doi-asserted-by":"publisher","first-page":"565","DOI":"10.1007\/S10623-014-9938-4","volume":"75","author":"A Langlois","year":"2015","unstructured":"Langlois, A., Stehl\u00e9, D.: Worst-case to average-case reductions for module lattices. Des. Codes Cryptogr. 75, 565\u2013599 (2015). https:\/\/doi.org\/10.1007\/S10623-014-9938-4","journal-title":"Des. Codes Cryptogr."},{"key":"28_CR36","doi-asserted-by":"publisher","unstructured":"Masure, L., Cassiers, G., Hendrickx, J.M., Standaert, F.X.: Information bounds and convergence rates for side-channel security evaluators. IACR Trans. Cryptogr. Hardw. Embed. Syst. 522\u2013569 (2023). https:\/\/doi.org\/10.46586\/TCHES.V2023. I3.522-569","DOI":"10.46586\/TCHES.V2023"},{"key":"28_CR37","doi-asserted-by":"crossref","unstructured":"Mezard, M., Montanari, A.: Information, Physics, and Computation. Oxford University Press, Inc. (2009). isbn: 019857083X","DOI":"10.1093\/acprof:oso\/9780198570837.001.0001"},{"key":"28_CR38","doi-asserted-by":"publisher","first-page":"519","DOI":"10.1090\/S0025-5718-1985-0777282-X","volume":"44","author":"PL Montgomery","year":"1985","unstructured":"Montgomery, P.L.: Modular multiplication without trial division. Math. Comput. 44, 519\u2013521 (1985)","journal-title":"Math. Comput."},{"key":"28_CR39","doi-asserted-by":"publisher","unstructured":"Nagpal, R., Cassiers, G., Primas, R., Knoll, C., Pernkopf, F., Mangard, S.: On loopy belief propagation for SASCAs. In: IACR Communications in Cryptology, vol. 1 (2025). https:\/\/doi.org\/10.62056\/ayl8ksdja","DOI":"10.62056\/ayl8ksdja"},{"key":"28_CR40","doi-asserted-by":"publisher","unstructured":"Ngo, K., Dubrova, E., Guo, Q., Johansson, T.: A side-channel attack on a masked IND-CCA secure saber KEM implementation. IACR Trans. Cryptogr. Hardw. Embed. Syst. 676\u2013707 (2021). https:\/\/doi.org\/10.46586\/TCHES.V2021.I4.676-707","DOI":"10.46586\/TCHES.V2021.I4.676-707"},{"key":"28_CR41","unstructured":"Pearl, J.: Reverend bayes on inference engines: a distributed hierarchical approach. In: Proceedings of the Second AAAI Conference on Artificial Intelligence, pp. 133\u2013136. AAAI Press (1982). http:\/\/dl.acm.org\/citation.cfm?id=2876686.2876719"},{"key":"28_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"130","DOI":"10.1007\/978-3-030-30530-7_7","volume-title":"Progress in Cryptology \u2013 LATINCRYPT 2019","author":"P Pessl","year":"2019","unstructured":"Pessl, P., Primas, R.: More practical single-trace attacks on the number theoretic transform. In: Schwabe, P., Th\u00e9riault, N. (eds.) LATINCRYPT 2019. LNCS, vol. 11774, pp. 130\u2013149. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-30530-7_7"},{"key":"28_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"513","DOI":"10.1007\/978-3-319-66787-4_25","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2017","author":"R Primas","year":"2017","unstructured":"Primas, R., Pessl, P., Mangard, S.: Single-trace side-channel attacks on masked lattice-based encryption. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 513\u2013533. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66787-4_25"},{"key":"28_CR44","unstructured":"Qiao, Z., Liu, Y., Zhou, Y., Zhao, Y., Chen, S.: Single Trace is all it takes: efficient side-channel attack on dilithium. IACR Cryptol. ePrint Arch. 512 (2024). https:\/\/eprint.iacr.org\/2024\/512"},{"key":"28_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"200","DOI":"10.1007\/3-540-45418-7_17","volume-title":"Smart Card Programming and Security","author":"J-J Quisquater","year":"2001","unstructured":"Quisquater, J.-J., Samyde, D.: ElectroMagnetic Analysis (EMA): measures and counter-measures for smart cards. In: Attali, I., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200\u2013210. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-45418-7_17"},{"key":"28_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/978-3-030-66626-2_7","volume-title":"Security, Privacy, and Applied Cryptography Engineering","author":"P Ravi","year":"2020","unstructured":"Ravi, P., Poussier, R., Bhasin, S., Chattopadhyay, A.: On configurable SCA countermeasures against single trace attacks for the NTT. In: Batina, L., Picek, S., Mondal, M. (eds.) SPACE 2020. LNCS, vol. 12586, pp. 123\u2013146. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-66626-2_7"},{"key":"28_CR47","doi-asserted-by":"publisher","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Proceedings of the 37th Annual ACM Symposium on Theory of Computing, Baltimore, MD, USA, 22\u201324 May 2005, pp. 84\u201393. ACM (2005). https:\/\/doi.org\/10.1145\/1060590.1060603","DOI":"10.1145\/1060590.1060603"},{"key":"28_CR48","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1007\/978-3-642-20465-4_8","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2011","author":"M Renauld","year":"2011","unstructured":"Renauld, M., Standaert, F.-X., Veyrat-Charvillon, N., Kamel, D., Flandre, D.: A formal study of power variability issues and side-channel attacks for nanoscale devices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 109\u2013128. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-20465-4_8"},{"key":"28_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"411","DOI":"10.1007\/978-3-540-85053-3_26","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2008","author":"F-X Standaert","year":"2008","unstructured":"Standaert, F.-X., Archambeau, C.: Using subspace-based template attacks to compare and combine power and electromagnetic information leakages. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 411\u2013425. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85053-3_26"},{"key":"28_CR50","unstructured":"Seiler, G.: Faster AVX2 optimized NTT multiplication for Ring- LWE lattice cryptography. IACR Cryptol. ePrint Arch. 39 (2018). http:\/\/eprint.iacr.org\/2018\/039"},{"key":"28_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1007\/11545262_3","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2005","author":"W Schindler","year":"2005","unstructured":"Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30\u201346. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11545262_3"},{"key":"28_CR52","unstructured":"National Institute of Standards and Technology: Module-Lattice- Based Digital Signature Standard. Tech. rep. U.S, Department of Commerce (2024)"},{"key":"28_CR53","unstructured":"National Institute of Standards and Technology: Module-Lattice- Based Key-Encapsulation Mechanism Standard. Tech. rep. U.S, Department of Commerce (2024)"},{"key":"28_CR54","doi-asserted-by":"publisher","unstructured":"Strieder, E., Ilg, M., Heyszl, J., Unterstein, F., Streit, S.: ASCA vs. SASCA - a closer look at the AES key schedule. In: Constructive Side-Channel Analysis and Secure Design - 14th International Workshop, COSADE 2023, Munich, Germany, 3\u20134 April 2023, Proceedings, pp. 65\u201385. Springer, Heidelberg (2023). https:\/\/doi.org\/10.1007\/978-3-031-29497-6_4","DOI":"10.1007\/978-3-031-29497-6_4"},{"key":"28_CR55","doi-asserted-by":"publisher","first-page":"166814","DOI":"10.1109\/ACCESS.2024.3494593","volume":"12","author":"T Tosun","year":"2024","unstructured":"Tosun, T., Moradi, A., Savas, E.: Exploiting the central reduction in lattice-based cryptography. IEEE Access 12, 166814\u2013166833 (2024). https:\/\/doi.org\/10.1109\/ACCESS.2024.3494593","journal-title":"IEEE Access"},{"key":"28_CR56","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"740","DOI":"10.1007\/978-3-642-34961-4_44","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"N Veyrat-Charvillon","year":"2012","unstructured":"Veyrat-Charvillon, N., Medwed, M., Kerckhof, S., Standaert, F.-X.: Shuffling against side-channel attacks: a comprehensive study with cautionary note. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 740\u2013757. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34961-4_44"},{"key":"28_CR57","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1007\/978-3-662-45611-8_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"N Veyrat-Charvillon","year":"2014","unstructured":"Veyrat-Charvillon, N., G\u00e9rard, B., Standaert, F.-X.: Soft analytical side-channel attacks. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 282\u2013296. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_15"},{"key":"28_CR58","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"535","DOI":"10.1007\/978-3-030-35423-7_27","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2019","author":"T Zijlstra","year":"2019","unstructured":"Zijlstra, T., Bigou, K., Tisserand, A.: FPGA implementation and comparison of protections against SCAs for RLWE. In: Hao, F., Ruj, S., Sen Gupta, S. (eds.) INDOCRYPT 2019. LNCS, vol. 11898, pp. 535\u2013555. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-35423-7_27"}],"container-title":["Lecture Notes in Computer Science","Selected Areas in Cryptography \u2013 SAC 2025"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-10536-3_28","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T02:43:20Z","timestamp":1767321800000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-10536-3_28"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9783032105356","9783032105363"],"references-count":58,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-10536-3_28","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"2 January 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SAC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Selected Areas in Cryptography","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Toronto, ON","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Canada","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 August 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 August 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"32","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sacrypt2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/sacworkshop.org\/SAC25\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}