{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,4]],"date-time":"2026-03-04T16:37:21Z","timestamp":1772642241521,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":52,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,11,11]],"date-time":"2019-11-11T00:00:00Z","timestamp":1573430400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,11,11]]},"DOI":"10.1145\/3338467.3358950","type":"proceedings-article","created":{"date-parts":[[2019,11,8]],"date-time":"2019-11-08T13:40:33Z","timestamp":1573220433000},"page":"10-23","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":9,"title":["First-Order Masking with Only Two Random Bits"],"prefix":"10.1145","author":[{"given":"Hannes","family":"Gross","sequence":"first","affiliation":[{"name":"SGS Digital Trust Services GmbH, Graz, Austria"}]},{"given":"Ko","family":"Stoffelen","sequence":"additional","affiliation":[{"name":"Radboud University, Nijmegen, Netherlands"}]},{"given":"Lauren","family":"De Meyer","sequence":"additional","affiliation":[{"name":"KU Leuven, Leuven, Belgium"}]},{"given":"Martin","family":"Krenn","sequence":"additional","affiliation":[{"name":"TU Graz, Graz, Austria"}]},{"given":"Stefan","family":"Mangard","sequence":"additional","affiliation":[{"name":"TU Graz, Graz, Austria"}]}],"member":"320","published-online":{"date-parts":[[2019,11,11]]},"reference":[{"key":"#cr-split#-e_1_3_2_1_1_1.1","doi-asserted-by":"crossref","unstructured":"Josep Balasch Sebastian Faust Benedikt Gierlichs Clara Paglialonga and Fran\u00e7ois-Xavier Standaert. 2017. Consolidating Inner Product Masking See citeNDBLP:conf\/asiacrypt\/2017-1 724--754. https:\/\/doi.org\/10.1007\/978-3-319-70694-8_25 10.1007\/978-3-319-70694-8_25","DOI":"10.1007\/978-3-319-70694-8_25"},{"key":"#cr-split#-e_1_3_2_1_1_1.2","doi-asserted-by":"crossref","unstructured":"Josep Balasch Sebastian Faust Benedikt Gierlichs Clara Paglialonga and Fran\u00e7ois-Xavier Standaert. 2017. Consolidating Inner Product Masking See citeNDBLP:conf\/asiacrypt\/2017-1 724--754. https:\/\/doi.org\/10.1007\/978-3-319-70694-8_25","DOI":"10.1007\/978-3-319-70694-8_25"},{"key":"e_1_3_2_1_2_1","volume-title":"CARDIS 2014","author":"Balasch Josep","year":"2014","unstructured":"Josep Balasch , Benedikt Gierlichs , Vincent Grosso , Oscar Reparaz , and Francc ois- Xavier Standaert . 2014 . On the Cost of Lazy Engineering for Masked Software Implementations. In Smart Card Research and Advanced Applications - 13th International Conference , CARDIS 2014 , Paris, France , November 5-7, 2014. Revised Selected Papers (Lecture Notes in Computer Science),, Marc Joye and Amir Moradi (Eds.), Vol. 8968. Springer, 64--81. https:\/\/doi.org\/10.1007\/978-3-319-16763-3_5 10.1007\/978-3-319-16763-3_5 Josep Balasch, Benedikt Gierlichs, Vincent Grosso, Oscar Reparaz, and Francc ois-Xavier Standaert. 2014. On the Cost of Lazy Engineering for Masked Software Implementations. In Smart Card Research and Advanced Applications - 13th International Conference, CARDIS 2014, Paris, France, November 5-7, 2014. Revised Selected Papers (Lecture Notes in Computer Science),, Marc Joye and Amir Moradi (Eds.), Vol. 8968. Springer, 64--81. https:\/\/doi.org\/10.1007\/978-3-319-16763-3_5"},{"key":"e_1_3_2_1_3_1","volume-title":"Proceedings (Lecture Notes in Computer Science), Tim G\u00fc neysu and Helena Handschuh (Eds.)","volume":"9293","author":"Balasch Josep","year":"2015","unstructured":"Josep Balasch , Benedikt Gierlichs , Oscar Reparaz , and Ingrid Verbauwhede . 2015 . DPA, Bitslicing and Masking at 1 GHz. In Cryptographic Hardware and Embedded Systems - CHES 2015 - 17th International Workshop, Saint-Malo, France, September 13--16, 2015 , Proceedings (Lecture Notes in Computer Science), Tim G\u00fc neysu and Helena Handschuh (Eds.) , Vol. 9293 . Springer, 599--619. https:\/\/doi.org\/10.1007\/978-3-662-48324-4_30 10.1007\/978-3-662-48324-4_30 Josep Balasch, Benedikt Gierlichs, Oscar Reparaz, and Ingrid Verbauwhede. 2015. DPA, Bitslicing and Masking at 1 GHz. In Cryptographic Hardware and Embedded Systems - CHES 2015 - 17th International Workshop, Saint-Malo, France, September 13--16, 2015, Proceedings (Lecture Notes in Computer Science), Tim G\u00fc neysu and Helena Handschuh (Eds.), Vol. 9293. Springer, 599--619. https:\/\/doi.org\/10.1007\/978-3-662-48324-4_30"},{"key":"e_1_3_2_1_4_1","first-page":"562","article-title":"maskVerif: a formal tool for analyzing software and hardware masked implementations","volume":"2018","author":"Barthe Gilles","year":"2018","unstructured":"Gilles Barthe , Sonia Bela\"i d, Pierre-Alain Fouque , and Benjamin Gr\u00e9 goire. 2018 . maskVerif: a formal tool for analyzing software and hardware masked implementations . IACR Cryptology ePrint Archive , Vol. 2018 (2018), 562 . Gilles Barthe, Sonia Bela\"i d, Pierre-Alain Fouque, and Benjamin Gr\u00e9 goire. 2018. maskVerif: a formal tool for analyzing software and hardware masked implementations. IACR Cryptology ePrint Archive, Vol. 2018 (2018), 562.","journal-title":"IACR Cryptology ePrint Archive"},{"key":"e_1_3_2_1_5_1","volume-title":"Sebastian Faust, Benjamin Gr\u00e9 goire, Francc ois-Xavier Standaert, and Pierre-Yves Strub.","author":"Barthe Gilles","year":"2017","unstructured":"Gilles Barthe , Francc ois Dupressoir , Sebastian Faust, Benjamin Gr\u00e9 goire, Francc ois-Xavier Standaert, and Pierre-Yves Strub. 2017 . Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model. In EUROCRYPT (1) (Lecture Notes in Computer Science) , Vol. 10210 . 535--566. Gilles Barthe, Francc ois Dupressoir, Sebastian Faust, Benjamin Gr\u00e9 goire, Francc ois-Xavier Standaert, and Pierre-Yves Strub. 2017. Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model. In EUROCRYPT (1) (Lecture Notes in Computer Science), Vol. 10210. 535--566."},{"key":"e_1_3_2_1_6_1","volume-title":"Emmanuel Prouff, and Rina Zeitoun.","author":"Battistello Alberto","year":"2016","unstructured":"Alberto Battistello , Jean-S\u00e9 bastien Coron , Emmanuel Prouff, and Rina Zeitoun. 2016 . Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme. In Cryptographic Hardware and Embedded Systems - CHES 2016 - 18th International Conference, Santa Barbara, CA, USA, August 17--19, 2016, Proceedings (Lecture Notes in Computer Science),, Benedikt Gierlichs and Axel Y. Poschmann (Eds.), Vol. 9813 . Springer , 23--39. https:\/\/doi.org\/10.1007\/978-3-662-53140-2_2 10.1007\/978-3-662-53140-2_2 Alberto Battistello, Jean-S\u00e9 bastien Coron, Emmanuel Prouff, and Rina Zeitoun. 2016. Horizontal Side-Channel Attacks and Countermeasures on the ISW Masking Scheme. In Cryptographic Hardware and Embedded Systems - CHES 2016 - 18th International Conference, Santa Barbara, CA, USA, August 17--19, 2016, Proceedings (Lecture Notes in Computer Science),, Benedikt Gierlichs and Axel Y. Poschmann (Eds.), Vol. 9813. Springer, 23--39. https:\/\/doi.org\/10.1007\/978-3-662-53140-2_2"},{"key":"e_1_3_2_1_7_1","volume-title":"Emmanuel Prouff, and Justine Wild.","author":"Bauer Aur\u00e9","year":"2013","unstructured":"Aur\u00e9 lie Bauer , \u00c9 liane Jaulmes , Emmanuel Prouff, and Justine Wild. 2013 a. Horizontal and Vertical Side-Channel Attacks against Secure RSA Implementations. In Topics in Cryptology - CT-RSA 2013 - The Cryptographers' Track at the RSA Conference 2013, San Francisco,CA, USA, February 25-March 1, 2013. Proceedings (Lecture Notes in Computer Science),, Ed Dawson (Ed.), Vol. 7779 . Springer , 1--17. https:\/\/doi.org\/10.1007\/978-3-642-36095-4_1 10.1007\/978-3-642-36095-4_1 Aur\u00e9 lie Bauer, \u00c9 liane Jaulmes, Emmanuel Prouff, and Justine Wild. 2013a. Horizontal and Vertical Side-Channel Attacks against Secure RSA Implementations. In Topics in Cryptology - CT-RSA 2013 - The Cryptographers' Track at the RSA Conference 2013, San Francisco,CA, USA, February 25-March 1, 2013. Proceedings (Lecture Notes in Computer Science),, Ed Dawson (Ed.), Vol. 7779. Springer, 1--17. https:\/\/doi.org\/10.1007\/978-3-642-36095-4_1"},{"key":"e_1_3_2_1_8_1","volume-title":"BC","volume":"8282","author":"Bauer Aur\u00e9","year":"2013","unstructured":"Aur\u00e9 lie Bauer , \u00c9 liane Jaulmes, Emmanuel Prouff , and Justine Wild . 2013 b. Horizontal Collision Correlation Attack on Elliptic Curves. In Selected Areas in Cryptography - SAC 2013 - 20th International Conference, Burnaby , BC , Canada, August 14-16, 2013, Revised Selected Papers (Lecture Notes in Computer Science), Tanja Lange, Kristin E. Lauter, and Petr Lisonek (Eds.) , Vol. 8282 . Springer, 553--570. https:\/\/doi.org\/10.1007\/978-3-662-43414-7_28 10.1007\/978-3-662-43414-7_28 Aur\u00e9 lie Bauer, \u00c9 liane Jaulmes, Emmanuel Prouff, and Justine Wild. 2013b. Horizontal Collision Correlation Attack on Elliptic Curves. In Selected Areas in Cryptography - SAC 2013 - 20th International Conference, Burnaby, BC, Canada, August 14-16, 2013, Revised Selected Papers (Lecture Notes in Computer Science), Tanja Lange, Kristin E. Lauter, and Petr Lisonek (Eds.), Vol. 8282. Springer, 553--570. https:\/\/doi.org\/10.1007\/978-3-662-43414-7_28"},{"key":"e_1_3_2_1_9_1","volume-title":"Emmanuel Prouff, Adrian Thillard, and Damien Vergnaud.","author":"Bela\u00efd Sonia","year":"2016","unstructured":"Sonia Bela\u00efd , Fabrice Benhamouda , Alain Passel\u00e8 gue , Emmanuel Prouff, Adrian Thillard, and Damien Vergnaud. 2016 . Randomness Complexity of Private Circuits for Multiplication. In EUROCRYPT (2) (Lecture Notes in Computer Science), Vol. 9666 . Springer , 616--648. Sonia Bela\u00efd, Fabrice Benhamouda, Alain Passel\u00e8 gue, Emmanuel Prouff, Adrian Thillard, and Damien Vergnaud. 2016. Randomness Complexity of Private Circuits for Multiplication. In EUROCRYPT (2) (Lecture Notes in Computer Science), Vol. 9666. Springer, 616--648."},{"key":"e_1_3_2_1_10_1","volume-title":"Emmanuel Prouff, Adrian Thillard, and Damien Vergnaud.","author":"Bela\u00efd Sonia","year":"2017","unstructured":"Sonia Bela\u00efd , Fabrice Benhamouda , Alain Passel\u00e8 gue , Emmanuel Prouff, Adrian Thillard, and Damien Vergnaud. 2017 . Private Multiplication over Finite Fields. In CRYPTO (3) (Lecture Notes in Computer Science), Vol. 10403 . Springer , 397--426. Sonia Bela\u00efd, Fabrice Benhamouda, Alain Passel\u00e8 gue, Emmanuel Prouff, Adrian Thillard, and Damien Vergnaud. 2017. Private Multiplication over Finite Fields. In CRYPTO (3) (Lecture Notes in Computer Science), Vol. 10403. Springer, 397--426."},{"key":"e_1_3_2_1_11_1","volume-title":"ASIACRYPT (2) (Lecture Notes in Computer Science)","author":"Bilgin Beg\u00fc","unstructured":"Beg\u00fc l Bilgin , Benedikt Gierlichs , Svetla Nikova , Ventzislav Nikov , and Vincent Rijmen . 2014. Higher-Order Threshold Implementations . In ASIACRYPT (2) (Lecture Notes in Computer Science) , Vol. 8874 . Springer , 326--343. Beg\u00fc l Bilgin, Benedikt Gierlichs, Svetla Nikova, Ventzislav Nikov, and Vincent Rijmen. 2014. Higher-Order Threshold Implementations. In ASIACRYPT (2) (Lecture Notes in Computer Science), Vol. 8874. Springer, 326--343."},{"key":"e_1_3_2_1_12_1","volume-title":"Yann Le Corre, and Aleksei Udovenko","author":"Biryukov Alex","year":"2017","unstructured":"Alex Biryukov , Daniel Dinu , Yann Le Corre, and Aleksei Udovenko . 2017 . Optimal First-Order Boolean Masking for Embedded IoT Devices. In CARDIS (Lecture Notes in Computer Science), Vol. 10728 . Springer , 22--41. Alex Biryukov, Daniel Dinu, Yann Le Corre, and Aleksei Udovenko. 2017. Optimal First-Order Boolean Masking for Embedded IoT Devices. In CARDIS (Lecture Notes in Computer Science), Vol. 10728. Springer, 22--41."},{"key":"e_1_3_2_1_13_1","volume-title":"Stefan Mangard, and Johannes","author":"Bloem Roderick","year":"2018","unstructured":"Roderick Bloem , Hannes Gro\u00df , Rinat Iusupov , Bettina K\u00f6 nighofer , Stefan Mangard, and Johannes Winter. 2018 . Formal Verification of Masked Hardware Implementations in the Presence of Glitches. In EUROCRYPT (2) (Lecture Notes in Computer Science), Vol. 10821 . Springer , 321--353. Roderick Bloem, Hannes Gro\u00df, Rinat Iusupov, Bettina K\u00f6 nighofer, Stefan Mangard, and Johannes Winter. 2018. Formal Verification of Masked Hardware Implementations in the Presence of Glitches. In EUROCRYPT (2) (Lecture Notes in Computer Science), Vol. 10821. Springer, 321--353."},{"key":"e_1_3_2_1_14_1","unstructured":"Joan Boyar Morris Dworkin Rene Peralta Meltem Turan Cagdas Calik and Luis Brandao. [n.d.]. Circuit Minimization Work. http:\/\/www.cs.yale.edu\/homes\/peralta\/CircuitStuff\/CMT.html.  Joan Boyar Morris Dworkin Rene Peralta Meltem Turan Cagdas Calik and Luis Brandao. [n.d.]. Circuit Minimization Work. http:\/\/www.cs.yale.edu\/homes\/peralta\/CircuitStuff\/CMT.html."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-012-9124-7"},{"key":"e_1_3_2_1_16_1","volume-title":"SEC (IFIP Advances in Information and Communication Technology)","author":"Boyar Joan","unstructured":"Joan Boyar and Ren\u00e9 Peralta . 2012. A Small Depth-16 Circuit for the AES S-Box . In SEC (IFIP Advances in Information and Communication Technology) , Vol. 376 . Springer , 287--298. Joan Boyar and Ren\u00e9 Peralta. 2012. A Small Depth-16 Circuit for the AES S-Box. In SEC (IFIP Advances in Information and Communication Technology), Vol. 376. Springer, 287--298."},{"key":"e_1_3_2_1_17_1","volume-title":"CHES (Lecture Notes in Computer Science)","author":"Canright David","unstructured":"David Canright . 2005. A Very Compact S-Box for AES . In CHES (Lecture Notes in Computer Science) , Vol. 3659 . Springer , 441--455. David Canright. 2005. A Very Compact S-Box for AES. In CHES (Lecture Notes in Computer Science), Vol. 3659. Springer, 441--455."},{"key":"e_1_3_2_1_18_1","volume-title":"CRYPTO (Lecture Notes in Computer Science)","author":"Chari Suresh","unstructured":"Suresh Chari , Charanjit S. Jutla , Josyula R. Rao , and Pankaj Rohatgi . 1999. Towards Sound Approaches to Counteract Power-Analysis Attacks . In CRYPTO (Lecture Notes in Computer Science) , Vol. 1666 . Springer , 398--412. Suresh Chari, Charanjit S. Jutla, Josyula R. Rao, and Pankaj Rohatgi. 1999. Towards Sound Approaches to Counteract Power-Analysis Attacks. In CRYPTO (Lecture Notes in Computer Science), Vol. 1666. Springer, 398--412."},{"key":"e_1_3_2_1_19_1","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2017 - 19th International Conference","author":"Daemen Joan","year":"2017","unstructured":"Joan Daemen . 2017. Changing of the Guards: A Simple and Efficient Method for Achieving Uniformity in Threshold Sharing . In Cryptographic Hardware and Embedded Systems - CHES 2017 - 19th International Conference , Taipei, Taiwan, September 25-28, 2017 , Proceedings (Lecture Notes in Computer Science), Wieland Fischer and Naofumi Homma (Eds.), Vol. 10529 . Springer , 137--153. https:\/\/doi.org\/10.1007\/978-3-319-66787-4_7 10.1007\/978-3-319-66787-4_7 Joan Daemen. 2017. Changing of the Guards: A Simple and Efficient Method for Achieving Uniformity in Threshold Sharing. In Cryptographic Hardware and Embedded Systems - CHES 2017 - 19th International Conference, Taipei, Taiwan, September 25-28, 2017, Proceedings (Lecture Notes in Computer Science), Wieland Fischer and Naofumi Homma (Eds.), Vol. 10529. Springer, 137--153. https:\/\/doi.org\/10.1007\/978-3-319-66787-4_7"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-78800-3_24"},{"key":"e_1_3_2_1_21_1","volume-title":"EUROCRYPT (Lecture Notes in Computer Science)","author":"Duc Alexandre","unstructured":"Alexandre Duc , Stefan Dziembowski , and Sebastian Faust . 2014. Unifying Leakage Models: From Probing Attacks to Noisy Leakage . In EUROCRYPT (Lecture Notes in Computer Science) , Vol. 8441 . Springer , 423--440. Alexandre Duc, Stefan Dziembowski, and Sebastian Faust. 2014. Unifying Leakage Models: From Probing Attacks to Noisy Leakage. In EUROCRYPT (Lecture Notes in Computer Science), Vol. 8441. Springer, 423--440."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2018.i3.89-120"},{"key":"#cr-split#-e_1_3_2_1_23_1.1","doi-asserted-by":"crossref","unstructured":"Sebastian Faust Clara Paglialonga and Tobias Schneider. 2017. Amortizing Randomness Complexity in Private Circuits See citeNDBLP:conf\/asiacrypt\/2017-1 781--810. https:\/\/doi.org\/10.1007\/978-3-319-70694-8_27 10.1007\/978-3-319-70694-8_27","DOI":"10.1007\/978-3-319-70694-8_27"},{"key":"#cr-split#-e_1_3_2_1_23_1.2","doi-asserted-by":"crossref","unstructured":"Sebastian Faust Clara Paglialonga and Tobias Schneider. 2017. Amortizing Randomness Complexity in Private Circuits See citeNDBLP:conf\/asiacrypt\/2017-1 781--810. https:\/\/doi.org\/10.1007\/978-3-319-70694-8_27","DOI":"10.1007\/978-3-319-70694-8_27"},{"key":"e_1_3_2_1_24_1","volume-title":"INDOCRYPT (Lecture Notes in Computer Science)","author":"Ghoshal Ashrujit","unstructured":"Ashrujit Ghoshal and Thomas De Cnudde . 2017. Several Masked Implementations of the Boyar-Peralta AES S-Box . In INDOCRYPT (Lecture Notes in Computer Science) , Vol. 10698 . Springer , 384--402. Ashrujit Ghoshal and Thomas De Cnudde. 2017. Several Masked Implementations of the Boyar-Peralta AES S-Box. In INDOCRYPT (Lecture Notes in Computer Science), Vol. 10698. Springer, 384--402."},{"key":"e_1_3_2_1_25_1","volume-title":"Advances in Cryptology - EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques","author":"Goudarzi Dahmun","year":"2017","unstructured":"Dahmun Goudarzi and Matthieu Rivain . 2017. How Fast Can Higher-Order Masking Be in Software? . In Advances in Cryptology - EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques , Paris, France , April 30 - May 4, 2017 , Proceedings, Part I (Lecture Notes in Computer Science),, Jean-S\u00e9 bastien Coron and Jesper Buus Nielsen (Eds .), Vol. 10210 . 567--597. https:\/\/doi.org\/10.1007\/978-3-319-56620-7_20 10.1007\/978-3-319-56620-7_20 Dahmun Goudarzi and Matthieu Rivain. 2017. How Fast Can Higher-Order Masking Be in Software?. In Advances in Cryptology - EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, April 30 - May 4, 2017, Proceedings, Part I (Lecture Notes in Computer Science),, Jean-S\u00e9 bastien Coron and Jesper Buus Nielsen (Eds.), Vol. 10210. 567--597. https:\/\/doi.org\/10.1007\/978-3-319-56620-7_20"},{"key":"e_1_3_2_1_26_1","first-page":"1","article-title":"Generic Low-Latency Masking in Hardware","volume":"2018","author":"Gro\u00df Hannes","year":"2018","unstructured":"Hannes Gro\u00df , Rinat Iusupov , and Roderick Bloem . 2018 . Generic Low-Latency Masking in Hardware . IACR Trans. Cryptogr. Hardw. Embed. Syst. , Vol. 2018 , 2 (2018), 1 -- 21 . Hannes Gro\u00df, Rinat Iusupov, and Roderick Bloem. 2018. Generic Low-Latency Masking in Hardware. IACR Trans. Cryptogr. Hardw. Embed. Syst., Vol. 2018, 2 (2018), 1--21.","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"e_1_3_2_1_27_1","volume-title":"CHES (Lecture Notes in Computer Science)","author":"Gro\u00df Hannes","unstructured":"Hannes Gro\u00df and Stefan Mangard . 2017. Reconciling d+1 Masking in Hardware and Software . In CHES (Lecture Notes in Computer Science) , Vol. 10529 . Springer , 115--136. Hannes Gro\u00df and Stefan Mangard. 2017. Reconciling d+1 Masking in Hardware and Software. In CHES (Lecture Notes in Computer Science), Vol. 10529. Springer, 115--136."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-018-0184-y"},{"key":"e_1_3_2_1_29_1","first-page":"486","article-title":"Domain-Oriented Masking: Compact Masked Hardware Implementations with Arbitrary Protection Order","volume":"2016","author":"Gro\u00df Hannes","year":"2016","unstructured":"Hannes Gro\u00df , Stefan Mangard , and Thomas Korak . 2016 . Domain-Oriented Masking: Compact Masked Hardware Implementations with Arbitrary Protection Order . IACR Cryptology ePrint Archive , Vol. 2016 (2016), 486 . Hannes Gro\u00df, Stefan Mangard, and Thomas Korak. 2016. Domain-Oriented Masking: Compact Masked Hardware Implementations with Arbitrary Protection Order. IACR Cryptology ePrint Archive, Vol. 2016 (2016), 486.","journal-title":"IACR Cryptology ePrint Archive"},{"key":"#cr-split#-e_1_3_2_1_30_1.1","doi-asserted-by":"crossref","unstructured":"Neil Hanley HeeSeok Kim and Michael Tunstall. 2015. Exploiting Collisions in Addition Chain-Based Exponentiation Algorithms Using a Single Trace See citeNDBLP:conf\/ctrsa\/2015 431--448. https:\/\/doi.org\/10.1007\/978-3-319-16715-2_23 10.1007\/978-3-319-16715-2_23","DOI":"10.1007\/978-3-319-16715-2_23"},{"key":"#cr-split#-e_1_3_2_1_30_1.2","doi-asserted-by":"crossref","unstructured":"Neil Hanley HeeSeok Kim and Michael Tunstall. 2015. Exploiting Collisions in Addition Chain-Based Exponentiation Algorithms Using a Single Trace See citeNDBLP:conf\/ctrsa\/2015 431--448. https:\/\/doi.org\/10.1007\/978-3-319-16715-2_23","DOI":"10.1007\/978-3-319-16715-2_23"},{"key":"e_1_3_2_1_31_1","volume-title":"Wagner","author":"Ishai Yuval","year":"2003","unstructured":"Yuval Ishai , Amit Sahai , and David A . Wagner . 2003 . Private Circuits : Securing Hardware against Probing Attacks. In CRYPTO (Lecture Notes in Computer Science), Vol. 2729 . Springer , 463--481. Yuval Ishai, Amit Sahai, and David A. Wagner. 2003. Private Circuits: Securing Hardware against Probing Attacks. In CRYPTO (Lecture Notes in Computer Science), Vol. 2729. Springer, 463--481."},{"key":"e_1_3_2_1_32_1","volume-title":"CRYPTO (Lecture Notes in Computer Science)","author":"Kocher Paul C.","unstructured":"Paul C. Kocher , Joshua Jaffe , and Benjamin Jun . 1999. Differential Power Analysis . In CRYPTO (Lecture Notes in Computer Science) , Vol. 1666 . Springer , 388--397. Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential Power Analysis. In CRYPTO (Lecture Notes in Computer Science), Vol. 1666. Springer, 388--397."},{"key":"e_1_3_2_1_33_1","volume-title":"ICICS (Lecture Notes in Computer Science)","author":"Nikova Svetla","unstructured":"Svetla Nikova , Christian Rechberger , and Vincent Rijmen . 2006. Threshold Implementations Against Side-Channel Attacks and Glitches . In ICICS (Lecture Notes in Computer Science) , Vol. 4307 . Springer , 529--545. Svetla Nikova, Christian Rechberger, and Vincent Rijmen. 2006. Threshold Implementations Against Side-Channel Attacks and Glitches. In ICICS (Lecture Notes in Computer Science), Vol. 4307. Springer, 529--545."},{"key":"e_1_3_2_1_34_1","volume-title":"11th International Conference","volume":"5461","author":"Nikova Svetla","year":"2008","unstructured":"Svetla Nikova , Vincent Rijmen , and Martin Schl\"a ffer. 2008 . Secure Hardware Implementation of Non-linear Functions in the Presence of Glitches. In Information Security and Cryptology - ICISC 2008 , 11th International Conference , Seoul, Korea , December 3-5, 2008, Revised Selected Papers (Lecture Notes in Computer Science), Pil Joong Lee and Jung Hee Cheon (Eds.), Vol. 5461 . Springer, 218--234. https:\/\/doi.org\/10.1007\/978-3-642-00730-9_14 10.1007\/978-3-642-00730-9_14 Svetla Nikova, Vincent Rijmen, and Martin Schl\"a ffer. 2008. Secure Hardware Implementation of Non-linear Functions in the Presence of Glitches. In Information Security and Cryptology - ICISC 2008, 11th International Conference, Seoul, Korea, December 3-5, 2008, Revised Selected Papers (Lecture Notes in Computer Science), Pil Joong Lee and Jung Hee Cheon (Eds.), Vol. 5461. Springer, 218--234. https:\/\/doi.org\/10.1007\/978-3-642-00730-9_14"},{"key":"e_1_3_2_1_35_1","first-page":"16715","volume-title":"USA","volume":"9048","author":"Ed Kaisa Nyberg","year":"2015","unstructured":"Kaisa Nyberg ( Ed .). 2015 . Topics in Cryptology - CT-RSA 2015, The Cryptographer's Track at the RSA Conference 2015, San Francisco, CA , USA , April 20-24, 2015. Proceedings. Lecture Notes in Computer Science , Vol. 9048 . Springer. https:\/\/doi.org\/10.1007\/978-3-319- 16715 - 16712 10.1007\/978-3-319-16715-2 Kaisa Nyberg (Ed.). 2015. Topics in Cryptology - CT-RSA 2015, The Cryptographer's Track at the RSA Conference 2015, San Francisco, CA, USA, April 20-24, 2015. Proceedings. Lecture Notes in Computer Science, Vol. 9048. Springer. https:\/\/doi.org\/10.1007\/978-3-319-16715-2"},{"key":"e_1_3_2_1_36_1","volume-title":"10th International Workshop, WISA 2009","volume":"5932","author":"Pan Jing","year":"2009","unstructured":"Jing Pan , J. I. den Hartog , and Jiqiang Lu . 2009 . You Cannot Hide behind the Mask: Power Analysis on a Provably Secure S-Box Implementation. In Information Security Applications , 10th International Workshop, WISA 2009 , Busan, Korea, August 25--27 , 2009, Revised Selected Papers (Lecture Notes in Computer Science), Heung Youl Youm and Moti Yung (Eds.), Vol. 5932 . Springer, 178--192. https:\/\/doi.org\/10.1007\/978-3-642-10838-9_14 10.1007\/978-3-642-10838-9_14 Jing Pan, J. I. den Hartog, and Jiqiang Lu. 2009. You Cannot Hide behind the Mask: Power Analysis on a Provably Secure S-Box Implementation. In Information Security Applications, 10th International Workshop, WISA 2009, Busan, Korea, August 25--27, 2009, Revised Selected Papers (Lecture Notes in Computer Science), Heung Youl Youm and Moti Yung (Eds.), Vol. 5932. Springer, 178--192. https:\/\/doi.org\/10.1007\/978-3-642-10838-9_14"},{"key":"e_1_3_2_1_37_1","volume-title":"COSADE 2017","author":"Papagiannopoulos Kostas","year":"2017","unstructured":"Kostas Papagiannopoulos and Nikita Veshchikov . 2017 . Mind the Gap: Towards Secure 1st-Order Masking in Software. In Constructive Side-Channel Analysis and Secure Design - 8th International Workshop , COSADE 2017 , Paris, France , April 13-14, 2017, Revised Selected Papers (Lecture Notes in Computer Science), Sylvain Guilley (Ed.), Vol. 10348. Springer, 282--297. https:\/\/doi.org\/10.1007\/978-3-319-64647-3_17 10.1007\/978-3-319-64647-3_17 Kostas Papagiannopoulos and Nikita Veshchikov. 2017. Mind the Gap: Towards Secure 1st-Order Masking in Software. In Constructive Side-Channel Analysis and Secure Design - 8th International Workshop, COSADE 2017, Paris, France, April 13-14, 2017, Revised Selected Papers (Lecture Notes in Computer Science), Sylvain Guilley (Ed.), Vol. 10348. Springer, 282--297. https:\/\/doi.org\/10.1007\/978-3-319-64647-3_17"},{"key":"e_1_3_2_1_38_1","volume-title":"E-smart (Lecture Notes in Computer Science)","author":"Quisquater Jean-Jacques","unstructured":"Jean-Jacques Quisquater and David Samyde . 2001. ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards . In E-smart (Lecture Notes in Computer Science) , Vol. 2140 . Springer , 200--210. Jean-Jacques Quisquater and David Samyde. 2001. ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards. In E-smart (Lecture Notes in Computer Science), Vol. 2140. Springer, 200--210."},{"key":"e_1_3_2_1_39_1","volume-title":"Svetla Nikova, Benedikt Gierlichs, and Ingrid Verbauwhede.","author":"Reparaz Oscar","year":"2015","unstructured":"Oscar Reparaz , Beg\u00fc l Bilgin , Svetla Nikova, Benedikt Gierlichs, and Ingrid Verbauwhede. 2015 . Consolidating Masking Schemes. In CRYPTO (1) (Lecture Notes in Computer Science), Vol. 9215 . Springer , 764--783. Oscar Reparaz, Beg\u00fc l Bilgin, Svetla Nikova, Benedikt Gierlichs, and Ingrid Verbauwhede. 2015. Consolidating Masking Schemes. In CRYPTO (1) (Lecture Notes in Computer Science), Vol. 9215. Springer, 764--783."},{"key":"e_1_3_2_1_40_1","volume-title":"CHES 2010, 12th International Workshop, Santa Barbara, CA, USA, August 17--20, 2010. Proceedings (Lecture Notes in Computer Science), Stefan Mangard and Francc ois-Xavier Standaert (Eds.)","volume":"6225","author":"Rivain Matthieu","year":"2010","unstructured":"Matthieu Rivain and Emmanuel Prouff . 2010 . Provably Secure Higher-Order Masking of AES. In Cryptographic Hardware and Embedded Systems , CHES 2010, 12th International Workshop, Santa Barbara, CA, USA, August 17--20, 2010. Proceedings (Lecture Notes in Computer Science), Stefan Mangard and Francc ois-Xavier Standaert (Eds.) , Vol. 6225 . Springer, 413--427. https:\/\/doi.org\/10.1007\/978-3-642-15031-9_28 10.1007\/978-3-642-15031-9_28 Matthieu Rivain and Emmanuel Prouff. 2010. Provably Secure Higher-Order Masking of AES. In Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop, Santa Barbara, CA, USA, August 17--20, 2010. Proceedings (Lecture Notes in Computer Science), Stefan Mangard and Francc ois-Xavier Standaert (Eds.), Vol. 6225. Springer, 413--427. https:\/\/doi.org\/10.1007\/978-3-642-15031-9_28"},{"key":"e_1_3_2_1_41_1","volume-title":"SAC (Lecture Notes in Computer Science)","author":"Schwabe Peter","unstructured":"Peter Schwabe and Ko Stoffelen . 2016. All the AES You Need on Cortex-M3 and M4 . In SAC (Lecture Notes in Computer Science) , Vol. 10532 . Springer , 180--194. Peter Schwabe and Ko Stoffelen. 2016. All the AES You Need on Cortex-M3 and M4. In SAC (Lecture Notes in Computer Science), Vol. 10532. Springer, 180--194."},{"key":"e_1_3_2_1_42_1","unstructured":"Ko Stoffelen. 2016. Instruction scheduling and register allocation on ARM Cortex-M. In Software performance enhancement for encryption and decryption and benchmarking - SPEED-B.  Ko Stoffelen. 2016. Instruction scheduling and register allocation on ARM Cortex-M. In Software performance enhancement for encryption and decryption and benchmarking - SPEED-B."},{"key":"e_1_3_2_1_43_1","first-page":"123","article-title":"3-Share Threshold Implementation of AES S-box without Fresh Randomness","volume":"2019","author":"Sugawara Takeshi","year":"2019","unstructured":"Takeshi Sugawara . 2019 . 3-Share Threshold Implementation of AES S-box without Fresh Randomness . IACR Trans. Cryptogr. Hardw. Embed. Syst. , Vol. 2019 , 1 (2019), 123 -- 145 . https:\/\/doi.org\/10.13154\/tches.v2019.i1.123--145 10.13154\/tches.v2019.i1.123--145 Takeshi Sugawara. 2019. 3-Share Threshold Implementation of AES S-box without Fresh Randomness. IACR Trans. Cryptogr. Hardw. Embed. Syst., Vol. 2019, 1 (2019), 123--145. https:\/\/doi.org\/10.13154\/tches.v2019.i1.123--145","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"e_1_3_2_1_44_1","volume-title":"Hong Kong, China, December 3--7","author":"Takagi Tsuyoshi","year":"2017","unstructured":"Tsuyoshi Takagi and Thomas Peyrin (Eds.). 2017 Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security , Hong Kong, China, December 3--7 , 2017 , Proceedings, Part I. Lecture Notes in Computer Science, Vol. 10624 . Springer . https:\/\/doi.org\/10.1007\/978-3-319-70694-8 10.1007\/978-3-319-70694-8 Tsuyoshi Takagi and Thomas Peyrin (Eds.). 2017 Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3--7, 2017, Proceedings, Part I. Lecture Notes in Computer Science, Vol. 10624. Springer. https:\/\/doi.org\/10.1007\/978-3-319-70694-8"},{"key":"e_1_3_2_1_45_1","first-page":"194","article-title":"Improved upper bounds for the expected circuit complexity of dense systems of linear equations over GF(2)","volume":"2017","author":"Visconti Andrea","year":"2017","unstructured":"Andrea Visconti , Chiara Valentina Schiavo , and Ren\u00e9 Peralta . 2017 . Improved upper bounds for the expected circuit complexity of dense systems of linear equations over GF(2) . IACR Cryptology ePrint Archive , Vol. 2017 (2017), 194 . http:\/\/eprint.iacr.org\/2017\/194 Andrea Visconti, Chiara Valentina Schiavo, and Ren\u00e9 Peralta. 2017. Improved upper bounds for the expected circuit complexity of dense systems of linear equations over GF(2). IACR Cryptology ePrint Archive, Vol. 2017 (2017), 194. http:\/\/eprint.iacr.org\/2017\/194","journal-title":"IACR Cryptology ePrint Archive"},{"key":"e_1_3_2_1_46_1","volume-title":"Johann Gro\u00dfsch\u00e4dl, and Qiuliang Xu.","author":"Wang Junwei","year":"2015","unstructured":"Junwei Wang , Praveen Kumar Vadnala , Johann Gro\u00dfsch\u00e4dl, and Qiuliang Xu. 2015 . Higher-Order Masking in Practice : A Vector Implementation of Masked AES for ARM NEON, See citeNDBLP:conf\/ctrsa\/2015, 181--198. https:\/\/doi.org\/10.1007\/978-3-319-16715-2_10 10.1007\/978-3-319-16715-2_10 Junwei Wang, Praveen Kumar Vadnala, Johann Gro\u00dfsch\u00e4dl, and Qiuliang Xu. 2015. Higher-Order Masking in Practice: A Vector Implementation of Masked AES for ARM NEON, See citeNDBLP:conf\/ctrsa\/2015, 181--198. https:\/\/doi.org\/10.1007\/978-3-319-16715-2_10"},{"key":"e_1_3_2_1_47_1","volume-title":"COSADE 2018, Singapore, April 23--24, 2018, Proceedings (Lecture Notes in Computer Science), Junfeng Fan and Benedikt Gierlichs (Eds.)","volume":"10815","author":"Wegener Felix","year":"2018","unstructured":"Felix Wegener and Amir Moradi . 2018 a. A First-Order SCA Resistant AES Without Fresh Randomness. In Constructive Side-Channel Analysis and Secure Design - 9th International Workshop , COSADE 2018, Singapore, April 23--24, 2018, Proceedings (Lecture Notes in Computer Science), Junfeng Fan and Benedikt Gierlichs (Eds.) , Vol. 10815 . Springer, 245--262. https:\/\/doi.org\/10.1007\/978-3-319-89641-0_14 10.1007\/978-3-319-89641-0_14 Felix Wegener and Amir Moradi. 2018a. A First-Order SCA Resistant AES Without Fresh Randomness. In Constructive Side-Channel Analysis and Secure Design - 9th International Workshop, COSADE 2018, Singapore, April 23--24, 2018, Proceedings (Lecture Notes in Computer Science), Junfeng Fan and Benedikt Gierlichs (Eds.), Vol. 10815. Springer, 245--262. https:\/\/doi.org\/10.1007\/978-3-319-89641-0_14"},{"key":"e_1_3_2_1_48_1","first-page":"1117","article-title":"A Note on Transitional Leakage When Masking AES with Only Two Bits of Randomness","volume":"2018","author":"Wegener Felix","year":"2018","unstructured":"Felix Wegener and Amir Moradi . 2018 b. A Note on Transitional Leakage When Masking AES with Only Two Bits of Randomness . IACR Cryptology ePrint Archive , Vol. 2018 (2018), 1117 . https:\/\/eprint.iacr.org\/2018\/1117 Felix Wegener and Amir Moradi. 2018b. A Note on Transitional Leakage When Masking AES with Only Two Bits of Randomness. IACR Cryptology ePrint Archive, Vol. 2018 (2018), 1117. https:\/\/eprint.iacr.org\/2018\/1117","journal-title":"IACR Cryptology ePrint Archive"},{"key":"e_1_3_2_1_49_1","unstructured":"Clifford Wolf. [n.d.]. Yosys Open SYnthesis Suite. http:\/\/www.clifford.at\/yosys\/.  Clifford Wolf. [n.d.]. Yosys Open SYnthesis Suite. http:\/\/www.clifford.at\/yosys\/."}],"event":{"name":"CCS '19: 2019 ACM SIGSAC Conference on Computer and Communications Security","location":"London United Kingdom","acronym":"CCS '19","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of ACM Workshop on Theory of Implementation Security Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3338467.3358950","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3338467.3358950","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:12:48Z","timestamp":1750201968000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3338467.3358950"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,11,11]]},"references-count":52,"alternative-id":["10.1145\/3338467.3358950","10.1145\/3338467"],"URL":"https:\/\/doi.org\/10.1145\/3338467.3358950","relation":{},"subject":[],"published":{"date-parts":[[2019,11,11]]},"assertion":[{"value":"2019-11-11","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}