{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,27]],"date-time":"2026-04-27T11:05:02Z","timestamp":1777287902010,"version":"3.51.4"},"reference-count":82,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2018,1,12]],"date-time":"2018-01-12T00:00:00Z","timestamp":1515715200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2019,10]]},"DOI":"10.1007\/s00145-018-9277-0","type":"journal-article","created":{"date-parts":[[2018,1,12]],"date-time":"2018-01-12T17:14:07Z","timestamp":1515777247000},"page":"1263-1297","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":42,"title":["Making Masking Security Proofs Concrete (Or How to Evaluate the Security of Any Leaking Device), Extended Version"],"prefix":"10.1007","volume":"32","author":[{"given":"Alexandre","family":"Duc","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sebastian","family":"Faust","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fran\u00e7ois-Xavier","family":"Standaert","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,1,12]]},"reference":[{"key":"9277_CR1","unstructured":"http:\/\/perso.uclouvain.be\/fstandae\/PUBLIS\/154.zip"},{"key":"9277_CR2","doi-asserted-by":"crossref","unstructured":"C. Archambeau, E. Peeters, F.-X. Standaert, J.-J. Quisquater, Template attacks in principal subspaces, in L. Goubin and M. Matsui, editors, CHES. Lecture Notes in Computer Science, vol. 4249 (Springer, 2006), pp. 1\u201314","DOI":"10.1007\/11894063_1"},{"key":"9277_CR3","doi-asserted-by":"crossref","unstructured":"T. Baign\u00e8res, P. Junod, S. Vaudenay, How far can we go beyond linear cryptanalysis? in P. J. Lee, editor, ASIACRYPT. Lecture Notes in Computer Science, vol. 3329 (Springer, 2004), pp. 432\u2013450","DOI":"10.1007\/978-3-540-30539-2_31"},{"key":"9277_CR4","doi-asserted-by":"publisher","first-page":"758","DOI":"10.1007\/978-3-642-34961-4_45","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"Josep Balasch","year":"2012","unstructured":"J. Balasch, S. Faust, B. Gierlichs, I. Verbauwhede, Theory and practice of a leakage resilient masking scheme, in Wang and Sako [79], pp. 758\u2013775"},{"key":"9277_CR5","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1007\/978-3-319-16763-3_5","volume-title":"Smart Card Research and Advanced Applications","author":"Josep Balasch","year":"2015","unstructured":"J. Balasch, B. Gierlichs, V. Grosso, O. Reparaz, F.-X. Standaert, On the cost of lazy engineering for masked software implementations, in Joye and Moradi [43], pp. 64\u201381"},{"key":"9277_CR6","doi-asserted-by":"crossref","unstructured":"G. Barthe, S. Bela\u00efd, F. Dupressoir, P.-A. Fouque, B. Gr\u00e9goire, P.-Y. Strub, R. Zucchini, Strong non-interference and type-directed higher-order masking, in E. R. Weippl, S. Katzenbeisser, C. Kruegel, A.C. Myers, S. Halevi, editors, ACM CCS 2016 (ACM, 2016), pp. 116\u2013129","DOI":"10.1145\/2976749.2978427"},{"key":"9277_CR7","first-page":"535","volume-title":"Lecture Notes in Computer Science","author":"Gilles Barthe","year":"2017","unstructured":"G. Barthe, F. Dupressoir, S. Faust, B. Gr\u00e9goire, F.-X. Standaert, P.-Y. Strub, Parallel implementations of masking schemes and the bounded moment leakage model, in J.-S. Coron and J. B. Nielsen, editors, EUROCRYPT 2017. Lecture Notes in Computer Science, vol. 10210 (2017), pp. 535\u2013566"},{"key":"9277_CR8","unstructured":"L. Batina, M. Robshaw, editors. CHES 2014. Lecture Notes in Computer Science, vol. 8731(Springer, 2014)"},{"key":"9277_CR9","doi-asserted-by":"crossref","unstructured":"A. Battistello, J.-S. Coron, E. Prouff, R. Zeitoun, Horizontal side-channel attacks and countermeasures on the ISW masking scheme, in B. Gierlichs, A.Y. Poschmann, editors, CHES 2016. Lecture Notes in Computer Science, vol. 813 (Springer, 2016), pp. 23\u201339","DOI":"10.1007\/978-3-662-53140-2_2"},{"issue":"1","key":"9277_CR10","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1007\/s12095-014-0113-6","volume":"7","author":"Sonia Bela\u00efd","year":"2014","unstructured":"S. Bela\u00efd, V. Grosso, F.-X. Standaert, Masking and leakage-resilient primitives: one, the other(s) or both? Cryptogr. Commun., 7(1):163\u2013184 (2015)","journal-title":"Cryptography and Communications"},{"key":"9277_CR11","unstructured":"M. Bellare, S. Tessaro, A. Vardy, A cryptographic treatment of the wiretap channel. IACR Cryptol. ePrint Arch. 2012, 15 (2012)"},{"key":"9277_CR12","doi-asserted-by":"crossref","unstructured":"M. Bellare, S. Tessaro, A. Vardy, Semantic security for the wiretap channel, in R. Safavi-Naini, R. Canetti, editors, CRYPTO 2012. Lecture Notes in Computer Science, vol. 7417 (Springer, 2012), pp. 294\u2013311","DOI":"10.1007\/978-3-642-32009-5_18"},{"key":"9277_CR13","unstructured":"D.J. Bernstein, T. Lange, C. van Vredendaal, Tighter, faster, simpler side-channel security evaluations beyond computing power. IACR Crypt. ePrint Arch. 2015, 221 (2015)"},{"key":"9277_CR14","doi-asserted-by":"crossref","unstructured":"E. Brier, C. Clavier, F. Olivier, Correlation power analysis with a leakage model, in M. Joye, J.-J. Quisquater, editors, CHES. Lecture Notes in Computer Science, vol. 3156 (Springer, 2004), pp. 16\u201329","DOI":"10.1007\/978-3-540-28632-5_2"},{"key":"9277_CR15","doi-asserted-by":"crossref","unstructured":"E. Cagli, C. Dumas, E. Prouff, Kernel discriminant analysis for information extraction in the presence of masking, in K. Lemke-Rust, M. Tunstall, editors, CARDIS 2016. Lecture Notes in Computer Science, vol. 10146 (Springer, 2016), pp. 1\u201322","DOI":"10.1007\/978-3-319-54669-8_1"},{"key":"9277_CR16","doi-asserted-by":"crossref","unstructured":"C. Carlet, J.-L. Danger, S. Guilley, H. Maghrebi. Leakage squeezing: optimal implementation and security evaluation. J. Math. Cryptol. 8(3):249\u2013295 (2014)","DOI":"10.1515\/jmc-2012-0018"},{"key":"9277_CR17","doi-asserted-by":"crossref","unstructured":"C. Carlet, L. Goubin, E. Prouff, M. Quisquater, M. Rivain, Higher-order masking schemes for S-boxes, in A. Canteaut, editor, FSE 2012. Lecture Notes in Computer Science, vol. 7549 (Springer, 2012), pp. 366\u2013384","DOI":"10.1007\/978-3-642-34047-5_21"},{"key":"9277_CR18","doi-asserted-by":"crossref","unstructured":"S. Chari, C.S. Jutla, J.R. Rao, P. Rohatgi, Towards sound approaches to counteract power-analysis, in Wiener [81], pp. 398\u2013412","DOI":"10.1007\/3-540-48405-1_26"},{"key":"9277_CR19","doi-asserted-by":"crossref","unstructured":"S. Chari, J.R. Rao, P. Rohatgi, Template attacks, in B.S. Kaliski Jr., \u00c7.K. Ko\u00e7, C. Paar, editors, CHES. Lecture Notes in Computer Science, vol. 2523 (Springer, 2002), pp. 13\u201328","DOI":"10.1007\/3-540-36400-5_3"},{"key":"9277_CR20","doi-asserted-by":"crossref","unstructured":"T. De Cnudde, B. Bilgin, B. Gierlichs, V. Nikov, S. Nikova, V. Rijmen, Does coupling affect the security of masked implementations? in S. Guilley, editor, Constructive Side-Channel Analysis and Secure Design\u20148th International Workshop, COSADE 2017, Paris, France, April 13\u201314, 2017, Revised Selected Papers. Lecture Notes in Computer Science, vol. 10348 (Springer, 2017), pp. 1\u201318","DOI":"10.1007\/978-3-319-64647-3_1"},{"key":"9277_CR21","doi-asserted-by":"crossref","unstructured":"J.-S. Coron, C. Giraud, E. Prouff, S. Renner, M. Rivain, P. K. Vadnala, Conversion of security proofs from one leakage model to another: a new issue. In W. Schindler, S.A. Huss, editors, COSADE, Lecture Notes in Computer Science, vol. 7275 (Springer, 2012), pp. 69\u201381","DOI":"10.1007\/978-3-642-29912-4_6"},{"key":"9277_CR22","doi-asserted-by":"crossref","unstructured":"J.-S. Coron, E. Prouff, M. Rivain, Side channel cryptanalysis of a higher order masking scheme, in P. Paillier, I. Verbauwhede, editors, CHES. Lecture Notes in Computer Science, vol. 4727 (Springer, 2007), pp. 28\u201344","DOI":"10.1007\/978-3-540-74735-2_3"},{"key":"9277_CR23","doi-asserted-by":"crossref","unstructured":"J.-S. Coron, E. Prouff, M. Rivain, T. Roche, Higher-order side channel security and mask refreshing, in S. Moriai, editor, FSE 2013. Lecture Notes in Computer Science, vol. 8424 (Springer, 2013), pp. 410\u2013424","DOI":"10.1007\/978-3-662-43933-3_21"},{"key":"9277_CR24","doi-asserted-by":"crossref","unstructured":"T. Cover, J. Thomas. Elements of Information Theory (Wiley, 2006)","DOI":"10.1002\/047174882X"},{"key":"9277_CR25","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1007\/978-3-662-44709-3_9","volume-title":"Advanced Information Systems Engineering","author":"A. Adam Ding","year":"2014","unstructured":"A.A. Ding, L. Zhang, Y. Fei, P. Luok, A statistical model for higher order dpa on masked devices, in Batina and Robshaw [8], pp. 147\u2013169"},{"key":"9277_CR26","doi-asserted-by":"crossref","unstructured":"Y. Dodis, S. Impossibility, Revisited, in A. Smith, editor, ICITS 2012. Lecture Notes in Computer Science, vol. 7412 (Springer, 2012), pp. 100\u2013110","DOI":"10.1007\/978-3-642-32284-6_6"},{"key":"9277_CR27","doi-asserted-by":"crossref","unstructured":"A. Duc, S. Dziembowski, S. Faust, Unifying leakage models: from probing attacks to noisy leakage, in Nguyen and Oswald [55], pp. 423\u2013440","DOI":"10.1007\/978-3-642-55220-5_24"},{"key":"9277_CR28","doi-asserted-by":"publisher","first-page":"459","DOI":"10.1007\/978-3-642-55220-5_26","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"Fran\u00e7ois Durvaux","year":"2014","unstructured":"F. Durvaux, F.-X. Standaert, N. Veyrat-Charvillon, How to certify the leakage of a chip? in Nguyen and Oswald [55], pp. 459\u2013476"},{"issue":"2","key":"9277_CR29","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/s13389-017-0150-0","volume":"7","author":"Fran\u00e7ois Durvaux","year":"2017","unstructured":"F. Durvaux, F.-X. Standaert, S. M. Del Pozo, Towards easy leakage certification: extended version. J. Cryptogr. Eng. 7(2), 129\u2013147 (2017)","journal-title":"Journal of Cryptographic Engineering"},{"key":"9277_CR30","doi-asserted-by":"crossref","unstructured":"S. Dziembowski, S. Faust, M. Skorski, Noisy leakage revisited, in E. Oswald, M. Fischlin, editors, EUROCRYPT 2015. Lecture Notes in Computer Science, vol. 9057 (Springer, 2015), pp. 159\u2013188","DOI":"10.1007\/978-3-662-46803-6_6"},{"key":"9277_CR31","doi-asserted-by":"crossref","unstructured":"S. Faust, T. Rabin, L. Reyzin, E. Tromer, V. Vaikuntanathan, Protecting circuits from leakage: the computationally-bounded and noisy cases, in H. Gilbert, editor, EUROCRYPT 2010. Lecture Notes in Computer Science, vol. 6110 (Springer, 2010), pp. 135\u2013156","DOI":"10.1007\/978-3-642-13190-5_7"},{"key":"9277_CR32","doi-asserted-by":"crossref","unstructured":"Y. Fei, Q. Luo, A.A. Ding, A statistical model for DPA with novel algorithmic confusion analysis, in E. Prouff, P. Schaumont, editors, CHES 2012. Lecture Notes in Computer Science, vol. 7428 (Springer, 2012), pp. 233\u2013250","DOI":"10.1007\/978-3-642-33027-8_14"},{"key":"9277_CR33","doi-asserted-by":"crossref","unstructured":"G. Fumaroli, A. Martinelli, E. Prouff, M. Rivain, Affine masking against higher-order side channel analysis, in A. Biryukov, G. Gong, D.R. Stinson, editors, SAC 2010. Lecture Notes in Computer Science, vol. 6544. (Springer, 2010), pp. 262\u2013280","DOI":"10.1007\/978-3-642-19574-7_18"},{"key":"9277_CR34","doi-asserted-by":"crossref","unstructured":"B. Gierlichs, L. Batina, P. Tuyls, B. Preneel, Mutual information analysis, in Oswald and Rohatgi [57], pp. 426\u2013442","DOI":"10.1007\/978-3-540-85053-3_27"},{"key":"9277_CR35","doi-asserted-by":"crossref","unstructured":"C. Glowacz, V. Grosso, R. Poussier, J. Sch\u00fcth, F.-X. Standaert, Simpler and more efficient rank estimation for side-channel security assessment, in G. Leander, editor, FSE 2015. Lecture Notes in Computer Science, vol. 9054 (Springer, 2015), pp. 117\u2013129","DOI":"10.1007\/978-3-662-48116-5_6"},{"key":"9277_CR36","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1007\/978-3-642-23951-9_6","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2011","author":"Louis Goubin","year":"2011","unstructured":"L. Goubin, A. Martinelli, Protecting AES with Shamir\u2019s secret sharing scheme, in Preneel and Takagi [59], pp. 79\u201394"},{"key":"9277_CR37","doi-asserted-by":"crossref","unstructured":"V. Grosso, E. Prouff, F.-X. Standaert, Efficient masked S-boxes processing\u2014a step forward, in D. Pointcheval, D. Vergnaud, editors, AFRICACRYPT 2014. Lecture Notes in Computer Science, vol. 8469 (Springer, 2014), pp. 251\u2013266","DOI":"10.1007\/978-3-319-06734-6_16"},{"key":"9277_CR38","unstructured":"V. Grosso, F.-X. Standaert, Masking proofs are tight (and how to exploit it in security evaluations). IACR Cryptol. ePrint Arch., 2017, 116 (2017)"},{"key":"9277_CR39","doi-asserted-by":"crossref","unstructured":"V. Grosso, F.-X. Standaert, E. Prouff, Low entropy masking schemes, revisited, in A. Francillon, P. Rohatgi, editors, CARDIS 2013. Lecture Notes in Computer Science, vol. 8419 (Springer, 2013), pp. 33\u201343","DOI":"10.1007\/978-3-319-08302-5_3"},{"key":"9277_CR40","unstructured":"S. Guilley, A. Heuser, O. Rioul, F.-X. Standaert, Template attacks, optimal distinguishers & the perceived information metric, in CryptArchi 2015, Leuven, Belgium (2015)"},{"key":"9277_CR41","doi-asserted-by":"crossref","unstructured":"Y. Ishai, A. Sahai, D. Wagner, Private circuits: securing hardware against probing attacks, in D. Boneh, editor, CRYPTO 2003. Lecture Notes in Computer Science, vol. 2729 (Springer, 2003), pp. 463\u2013481","DOI":"10.1007\/978-3-540-45146-4_27"},{"key":"9277_CR42","unstructured":"T. Johansson, P.Q. Nguyen, editors. EUROCRYPT 2013. Lecture Notes in Computer Science, vol. 7881 (Springer, 2013)"},{"key":"9277_CR43","unstructured":"M. Joye, A. Moradi, editors. CARDIS 2014. Lecture Notes in Computer Science, vol. 8968 (Springer, 2015)"},{"key":"9277_CR44","doi-asserted-by":"crossref","unstructured":"P.C. Kocher, J. Jaffe, B. Jun, Differential power analysis, in Wiener [81], pp. 388\u2013397","DOI":"10.1007\/3-540-48405-1_25"},{"key":"9277_CR45","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1007\/978-3-662-44709-3_3","volume-title":"Advanced Information Systems Engineering","author":"Victor Lomn\u00e9","year":"2014","unstructured":"V. Lomn\u00e9, E. Prouff, M. Rivain, T. Roche, A. Thillard, How to estimate the success rate of higher-order side-channel attacks, in Batina and Robshaw [8], pp. 35\u201354"},{"key":"9277_CR46","doi-asserted-by":"crossref","unstructured":"S. Mangard, Hardware countermeasures against DPA? A statistical analysis of their effectiveness, in T. Okamoto, editor, CT-RSA. Lecture Notes in Computer Science, vol. 2964 (Springer, 2004), pp. 222\u2013235","DOI":"10.1007\/978-3-540-24660-2_18"},{"key":"9277_CR47","unstructured":"S. Mangard, E. Oswald, T. Popp, Power Analysis Attacks\u2014Revealing the Secrets of Smart Cards (Springer, 2007)"},{"issue":"2","key":"9277_CR48","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1049\/iet-ifs.2010.0096","volume":"5","author":"S. Mangard","year":"2011","unstructured":"S. Mangard, E. Oswald, F.-X. Standaert, One for all-all for one: unifying standard differential power analysis attacks. IET Inf. Secur. 5(2):100\u2013110 (2011)","journal-title":"IET Information Security"},{"key":"9277_CR49","doi-asserted-by":"crossref","unstructured":"S. Mangard, T. Popp, B.M. Gammel, Side-channel leakage of masked CMOS gates, in A. Menezes, editor, CT-RSA. Lecture Notes in Computer Science, vol. 3376 (Springer, 2005), pp. 351\u2013365","DOI":"10.1007\/978-3-540-30574-3_24"},{"key":"9277_CR50","doi-asserted-by":"crossref","unstructured":"D.P. Martin, J.F. O\u2019Connell, E. Oswald, M. Stam, Counting keys in parallel after a side channel attack, in T. Iwata, J.H. Cheon, editors, ASIACRYPT 2015. Lecture Notes in Computer Science, vol. 9453 (Springer, 2015), pp. 313\u2013337","DOI":"10.1007\/978-3-662-48800-3_13"},{"key":"9277_CR51","first-page":"243","volume-title":"Lecture Notes in Computer Science","author":"Luke Mather","year":"2014","unstructured":"L. Mather, E. Oswald, C. Whitnall, Multi-target DPA attacks: pushing DPA beyond the limits of a desktop computer, in Sarkar and Iwata [68], pp. 243\u2013261"},{"issue":"3","key":"9277_CR52","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/s13389-011-0014-y","volume":"1","author":"Marcel Medwed","year":"2011","unstructured":"M. Medwed, F.-X. Standaert, Extractors against side-channel attacks: weak or strong? J. Cryptogr. Eng. 1(3), 231\u2013241 (2011)","journal-title":"Journal of Cryptographic Engineering"},{"key":"9277_CR53","doi-asserted-by":"crossref","unstructured":"A. Moradi, O. Mischke, Glitch-free implementation of masking in modern FPGAs, in HOST (IEEE, 2012), pp. 89\u201395","DOI":"10.1109\/HST.2012.6224326"},{"key":"9277_CR54","doi-asserted-by":"crossref","unstructured":"A. Moradi, F.-X. Standaert, Moments-correlating DPA, in B. Bilgin, S. Nikova, V. Rijmen, editors, Proceedings of the ACM Workshop on Theory of Implementation Security, TISCCS 2016 Vienna, Austria, October, 2016 (ACM, 2016), pp. 5\u201315","DOI":"10.1145\/2996366.2996369"},{"key":"9277_CR55","unstructured":"P.Q. Nguyen, E. Oswald, editors. EUROCRYPT 2014. Lecture Notes in Computer Science, vol. 8441 (Springer, 2014)"},{"issue":"2","key":"9277_CR56","doi-asserted-by":"publisher","first-page":"292","DOI":"10.1007\/s00145-010-9085-7","volume":"24","author":"Svetla Nikova","year":"2010","unstructured":"S. Nikova, V. Rijmen, M. Schl\u00e4ffer, Secure hardware implementation of nonlinear functions in the presence of glitches. J. Cryptol. 24(2), 292\u2013321 (2011)","journal-title":"Journal of Cryptology"},{"key":"9277_CR57","unstructured":"E. Oswald, P. Rohatgi, editors. CHES 2008. Lecture Notes in Computer Science, vol. 5154 (Springer, 2008)"},{"key":"9277_CR58","doi-asserted-by":"crossref","unstructured":"R. Poussier, V. Grosso, F.-X. Standaert, Comparing approaches to rank estimation for side-channel security evaluations, in N. Homma, M. Medwed, editors, CARDIS 2015. Lecture Notes in Computer Science, vol. 9514 (Springer, 2015), pp. 125\u2013142","DOI":"10.1007\/978-3-319-31271-2_8"},{"key":"9277_CR59","unstructured":"B. Preneel, T. Takagi, editors. CHES 2011. Lecture Notes in Computer Science, vol. 6917 (Springer, 2011)"},{"key":"9277_CR60","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1007\/978-3-642-38348-9_9","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"Emmanuel Prouff","year":"2013","unstructured":"E. Prouff, M. Rivain, Masking against side-channel attacks: a formal security proof, in Johansson and Nguyen [42], pp. 142\u2013159"},{"key":"9277_CR61","doi-asserted-by":"crossref","unstructured":"E. Prouff, T. Roche, Attack on a higher-order masking of the AES based on homographic functions, in G. Gong, K.C. Gupta, editors, INDOCRYPT 2010. Lecture Notes in Computer Science, vol. 6498 (Springer, 2010), pp. 262\u2013281","DOI":"10.1007\/978-3-642-17401-8_19"},{"key":"9277_CR62","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/978-3-642-23951-9_15","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2011","author":"Mathieu Renauld","year":"2011","unstructured":"M. Renauld, D. Kamel, F.-X. Standaert, D. Flandre, information theoretic and security analysis of a 65-nanometer DDSLL AES S-box, in Preneel and Takagi [59], pp. 223\u2013239"},{"key":"9277_CR63","doi-asserted-by":"crossref","unstructured":"M. Renauld, F.-X. Standaert, N. Veyrat-Charvillon, Algebraic side-channel attacks on the AES: why time also matters in DPA, in C. Clavier, K. Gaj, editors, CHES 2009. Lecture Notes in Computer Science, vol. 5747 (Springer, 2009), pp. 97\u2013111","DOI":"10.1007\/978-3-642-04138-9_8"},{"key":"9277_CR64","doi-asserted-by":"crossref","unstructured":"M. Renauld, F.-X. Standaert, N. Veyrat-Charvillon, D. Kamel, D. Flandre, A formal study of power variability issues and side-channel attacks for nanoscale devices, in K.G. Paterson, editor, EUROCRYPT 2011, Lecture Notes in Computer Science, vol. 6632 (Springer, 2011), pp. 109\u2013128","DOI":"10.1007\/978-3-642-20465-4_8"},{"key":"9277_CR65","doi-asserted-by":"crossref","unstructured":"M. Rivain, On the exact success rate of side channel analysis in the gaussian model, in R.M. Avanzi, L. Keliher, F. Sica, editors, SAC 2008. Lecture Notes in Computer Science, vol. 5381 (Springer, 2008), pp. 165\u2013183","DOI":"10.1007\/978-3-642-04159-4_11"},{"key":"9277_CR66","doi-asserted-by":"crossref","unstructured":"M. Rivain, E. Prouff, Provably secure higher-order masking of AES, in S. Mangard, F.-X. Standaert, editors, CHES 2010. Lecture Notes in Computer Science, vol. 6225 of (Springer, 2010), pp. 413\u2013427","DOI":"10.1007\/978-3-642-15031-9_28"},{"issue":"2","key":"9277_CR67","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/s13389-012-0033-3","volume":"2","author":"Thomas Roche","year":"2012","unstructured":"T. Roche, E. Prouff, Higher-order glitch free implementation of the AES using secure multi-party computation protocols\u2014extended version. J. Cryptogr. Eng. 2(2), 111\u2013127 (2012)","journal-title":"Journal of Cryptographic Engineering"},{"key":"9277_CR68","unstructured":"P. Sarkar, T. Iwata, editors. ASIACRYPT 2014. Lecture Notes in Computer Science, vol. 8873 (Springer, 2014)"},{"key":"9277_CR69","doi-asserted-by":"crossref","unstructured":"W. Schindler, K. Lemke, C. Paar, A stochastic model for differential side channel cryptanalysis, in J.R. Rao, B. Sunar, editors, CHES. Lecture Notes in Computer Science, vol. 3659 (Springer, 2005), pp. 30\u201346","DOI":"10.1007\/11545262_3"},{"key":"9277_CR70","doi-asserted-by":"crossref","unstructured":"F.-X. Standaert, C. Archambeau, Using subspace-based template attacks to compare and combine power and electromagnetic information leakages, in Oswald and Rohatgi [57], pp. 411\u2013425","DOI":"10.1007\/978-3-540-85053-3_26"},{"key":"9277_CR71","doi-asserted-by":"crossref","unstructured":"F.-X. Standaert, T. Malkin, M. Yung, A unified framework for the analysis of side-channel key recovery attacks, in A. Joux, editor, EUROCRYPT. Lecture Notes in Computer Science, vol. 5479 (Springer, 2009), pp. 443\u2013461","DOI":"10.1007\/978-3-642-01001-9_26"},{"key":"9277_CR72","doi-asserted-by":"crossref","unstructured":"F.-X. Standaert, N. Veyrat-Charvillon, E. Oswald, B. Gierlichs, M. Medwed, M. Kasper, S. Mangard, The world is not enough: another look on second-order DPA, in M. Abe, editor, ASIACRYPT, Lecture Notes in Computer Science, vol. 6477 (Springer, 2010), pp. 112\u2013129","DOI":"10.1007\/978-3-642-17373-8_7"},{"issue":"2","key":"9277_CR73","doi-asserted-by":"publisher","first-page":"383","DOI":"10.1109\/JPROC.2005.862437","volume":"94","author":"O.-X. Standaert","year":"2006","unstructured":"F.-X. Standaert, E. Peeters, G. Rouvroy, J.-J. Quisquater, An overview of power analysis attacks against field programmable gate arrays. Proc. IEEE 94(2), 383\u2013394 (2006)","journal-title":"Proceedings of the IEEE"},{"key":"9277_CR74","doi-asserted-by":"crossref","unstructured":"F.-X. Standaert, C. Petit, N. Veyrat-Charvillon, Masking with randomized look up tables\u2014towards preventing side-channel attacks of all orders, in D. Naccache, editor, Cryptography and Security: From Theory to Applications. Lecture Notes in Computer Science, vol. 6805 (Springer, 2012), pp. 283\u2013299","DOI":"10.1007\/978-3-642-28368-0_19"},{"key":"9277_CR75","doi-asserted-by":"crossref","unstructured":"N. Veyrat-Charvillon, B. G\u00e9rard, M. Renauld, F.-X. Standaert, An optimal key enumeration algorithm and its application to side-channel attacks, in L.R. Knudsen, H. Wu, editors, Selected Areas in Cryptography. Lecture Notes in Computer Science, volume 7707 of (Springer, 2012), pp. 390\u2013406","DOI":"10.1007\/978-3-642-35999-6_25"},{"key":"9277_CR76","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1007\/978-3-642-38348-9_8","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"Nicolas Veyrat-Charvillon","year":"2013","unstructured":"N. Veyrat-Charvillon, B. G\u00e9rard, F.-X. Standaert, Security evaluations beyond computing power, in Johansson and Nguyen [42], pp. 126\u2013141"},{"key":"9277_CR77","first-page":"282","volume-title":"Lecture Notes in Computer Science","author":"Nicolas Veyrat-Charvillon","year":"2014","unstructured":"N. Veyrat-Charvillon, B. G\u00e9rard, F.-X. Standaert, Soft analytical side-channel attacks, in Sarkar and Iwata [68], pp. 282\u2013296"},{"key":"9277_CR78","doi-asserted-by":"publisher","first-page":"740","DOI":"10.1007\/978-3-642-34961-4_44","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"Nicolas Veyrat-Charvillon","year":"2012","unstructured":"N. Veyrat-Charvillon, M. Medwed, S. Kerckhof, F.-X. Standaert, Shuffling against side-channel attacks: a comprehensive study with cautionary note, in Wang and Sako [79], pp. 740\u2013757"},{"key":"9277_CR79","unstructured":"X. Wang, K. Sako, editors. ASIACRYPT 2012. Lecture Notes in Computer Science, vol. 7658 (Springer, 2012)"},{"key":"9277_CR80","doi-asserted-by":"crossref","unstructured":"C. Whitnall, E. Oswald, A comprehensive evaluation of mutual information analysis using a fair evaluation framework, in P. Rogaway, editor, CRYPTO 2011. Lecture Notes in Computer Science, vol. 6841 (Springer, 2011), pp. 316\u2013334","DOI":"10.1007\/978-3-642-22792-9_18"},{"key":"9277_CR81","unstructured":"M.J. Wiener, editor. CRYPTO\u201999. Lecture Notes in Computer Science, vol. 1666 (Springer, 1999)"},{"key":"9277_CR82","doi-asserted-by":"publisher","first-page":"215","DOI":"10.1007\/978-3-319-16763-3_13","volume-title":"Smart Card Research and Advanced Applications","author":"Xin Ye","year":"2015","unstructured":"X. Ye, T. Eisenbarth, W. Martin, Bounded, yet sufficient? How to determine whether limited side channel information enables key recovery, in Joye and Moradi [43], pp. 215\u2013232"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-018-9277-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-018-9277-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-018-9277-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,8,12]],"date-time":"2022-08-12T11:35:32Z","timestamp":1660304132000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-018-9277-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,1,12]]},"references-count":82,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2019,10]]}},"alternative-id":["9277"],"URL":"https:\/\/doi.org\/10.1007\/s00145-018-9277-0","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,1,12]]},"assertion":[{"value":"16 February 2017","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"3 January 2018","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 January 2018","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}