{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T05:11:00Z","timestamp":1769922660837,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":58,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T00:00:00Z","timestamp":1733097600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,12,2]]},"DOI":"10.1145\/3658644.3690339","type":"proceedings-article","created":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T12:19:20Z","timestamp":1733746760000},"page":"2430-2444","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["The Insecurity of Masked Comparisons: SCAs on ML-KEM's FO-Transform"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1649-4231","authenticated-orcid":false,"given":"Julius","family":"Hermelink","sequence":"first","affiliation":[{"name":"Max Planck Institute for Security and Privacy, Bochum, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-0638-0299","authenticated-orcid":false,"given":"Kai-Chun","family":"Ning","sequence":"additional","affiliation":[{"name":"Max Planck Institute for Security and Privacy, Bochum, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0972-1544","authenticated-orcid":false,"given":"Richard","family":"Petri","sequence":"additional","affiliation":[{"name":"Max Planck Institute for Security and Privacy, Bochum, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0204-3234","authenticated-orcid":false,"given":"Emanuele","family":"Strieder","sequence":"additional","affiliation":[{"name":"Fraunhofer AISEC & Technical University of Munich, Garching, Germany"}]}],"member":"320","published-online":{"date-parts":[[2024,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"crossref","unstructured":"Gorjan Alagic Daniel Apon David Cooper Quynh Dang Thinh Dang John Kelsey Jacob Lichtinger Carl Miller Dustin Moody Rene Peralta Ray Perlner Angela Robinson Daniel Smith-Tone and Yi-Kai Liu. [n. d.]. Status Report on the Third Round of the NIST Post-Quantum Cryptography Standardization Process. https:\/\/nvlpubs.nist.gov\/nistpubs\/ir\/2022\/NIST.IR.8413-upd1.pdf","DOI":"10.6028\/NIST.IR.8413"},{"key":"e_1_3_2_1_2_1","unstructured":"Erdem Alkim Joppe W. Bos Leo Ducas Patrick Longa Ilya Mironov Michael Naehrig Valeria Nikolaenko Chris Peikert Ananth Raghunathan and Douglas Stebila. 2021. FrodoKEM Learning With Errors Key Encapsulation. https:\/\/frodokem.org\/files\/FrodoKEM-specification-20210604.pdf"},{"key":"e_1_3_2_1_3_1","unstructured":"Roberto Avanzi Joppe Bos L\u00e9o Ducas Eike Kiltz Tancr\u00e8de Lepoint Vadim Lyubashevsky John M. Schanck Peter Schwabe Gregor Seiler and Damien Stehl\u00e9. 2021. CRYSTALS-Kyber Algorithm Specifications And Supporting Documentation (version 3.02). https:\/\/pq-crystals.org\/kyber\/data\/kyber-specificationround3-20210804.pdf"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2022.i2.140--165"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.13154\/tches.v2020.i3.483--507"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3-031--41181-6_9"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978427"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--662--53140--2_2"},{"key":"e_1_3_2_1_9_1","unstructured":"Sonia Bela\u00efd Ga\u00ebtan Cassiers Camille Mutschler Matthieu Rivain Thomas Roche Fran\u00e7ois-Xavier Standaert and Abdul Rahman Taleb. 2023. Towards Achieving Provable Side-Channel Security in Practice. IACR Cryptol. ePrint Arch. (2023) 1198. https:\/\/eprint.iacr.org\/2023\/1198"},{"key":"e_1_3_2_1_10_1","volume-title":"Ming-Shing Chen, Chitchanok Chuengsatiansup, Tanja Lange, Adrian Marotzke, Bo-Yuan Peng, Nicola Tuveri, Christine van Vredendaal, and Bo-Yin Yang.","author":"Bernstein Daniel J.","year":"2020","unstructured":"Daniel J. Bernstein, Billy Bob Brumley, Ming-Shing Chen, Chitchanok Chuengsatiansup, Tanja Lange, Adrian Marotzke, Bo-Yuan Peng, Nicola Tuveri, Christine van Vredendaal, and Bo-Yin Yang. 2020. NTRU Prime: round 3. https:\/\/ntruprime.cr.yp.to\/nist\/ntruprime-20201007.pdf"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2021.i3.334--359"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2018.00032"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.13154\/tches.v2020.i2.1--25"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-017--9259--7"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/3--540--39200--9_16"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1007\/3--540--36400--5_3"},{"key":"e_1_3_2_1_17_1","unstructured":"Contributors to libsignal. 2023. Release v0.27.0. https:\/\/github.com\/signalapp\/ libsignal\/releases\/tag\/v0.27.0 https:\/\/github.com\/signalapp\/libsignal\/releases\/tag\/v0.27.0."},{"key":"e_1_3_2_1_18_1","unstructured":"Jean-S\u00e9bastien Coron Fran\u00e7ois G\u00e9rard Simon Montoya and Rina Zeitoun. 2021. High-order Polynomial Comparison and Masking Lattice-based Encryption. IACR Cryptol. ePrint Arch. (2021) 1615. https:\/\/eprint.iacr.org\/2021\/1615"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.46586\/TCHES.V2023.I1.153--192"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/3--540--45760--7_18"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1137\/S0097539702403773"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2022.3197074"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2022.i2.115--139"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2022.i4.637--660"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--662--46800--5_16"},{"key":"e_1_3_2_1_26_1","unstructured":"Ehren Kret. 2023. Quantum Resistance and the Signal Protocol. https:\/\/signal.org\/blog\/pqxdh\/ https:\/\/signal.org\/blog\/pqxdh\/."},{"key":"e_1_3_2_1_27_1","unstructured":"Scott R. Fluhrer. 2016. Cryptanalysis of ring-LWE based key exchange with key share reuse. IACR Cryptol. ePrint Arch. (2016) 85. http:\/\/eprint.iacr.org\/2016\/085"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/3--540--48405-1_34"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-011--9114--1"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3-030--56880--1_13"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3-030--34578--5_4"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2021.i4.88--113"},{"key":"e_1_3_2_1_33_1","unstructured":"Julius Hermelink. 2023. Decryption Errors and Implementation Attacks on Kyber. Talk at the Institute f\u00fcr IT-Sicherheit at Universit\u00e4t zu L\u00fcbeck."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2023.i4.287--317"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3-030--92518--5_15"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2023"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--319--70500--2_12"},{"key":"e_1_3_2_1_38_1","unstructured":"NewAE Technology Inc. [n. d.]. Targets with Internal Regulators. http:\/\/wiki.newae.com\/Targets_with_Internal_Regulators http:\/\/wiki.newae.com\/Targets_ with_Internal_Regulators."},{"key":"e_1_3_2_1_39_1","unstructured":"NewAE Technology Inc. [n. d.]. CW1173: Chip Whisperer-Lite. https:\/\/media.newae.com\/datasheets\/NAE-CW1173_datasheet.pdf https:\/\/media.newae.com\/ datasheets\/NAE-CW1173_datasheet.pdf."},{"key":"e_1_3_2_1_40_1","unstructured":"NewAE Technology Inc. [n. d.]. CW308 UFO board. https:\/\/rtfm.newae.com\/ Targets\/CW308%20UFO\/ https:\/\/rtfm.newae.com\/Targets\/CW308%20UFO\/."},{"key":"e_1_3_2_1_41_1","unstructured":"NewAE Technology Inc. [n. d.]. CW308T-STM32F UFO board targets. https:\/\/rtfm.newae.com\/Targets\/UFO%20Targets\/CW308T-STM32F\/ https:\/\/rtfm.newae. com\/Targets\/UFO%20Targets\/CW308T-STM32F\/."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--540--45146--4_27"},{"key":"e_1_3_2_1_43_1","unstructured":"Brian Jarvis. 2022. How to tune TLS for hybrid post-quantum cryptography with Kyber. https:\/\/aws.amazon.com\/blogs\/security\/how-to-tune-tls-for-hybrid-postquantum-cryptography-with-kyber https:\/\/aws.amazon.com\/blogs\/security\/how-to-tune-tls-for-hybrid-post-quantum-cryptography-with-kyber."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.13154\/tches.v2020.i3.243--268"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--642--15031--9_9"},{"key":"e_1_3_2_1_46_1","unstructured":"National Institute of Standards and Technology. [n. d.]. Module-Lattice-Based Key-Encapsulation Mechanism Standard. https:\/\/csrc.nist.gov\/pubs\/fips\/203\/ipd https:\/\/csrc.nist.gov\/pubs\/fips\/203\/ipd."},{"key":"e_1_3_2_1_47_1","unstructured":"National Institute of Standards and Technology. [n. d.]. PQC Standardization Process: Announcing Four Candidates to be Standardized Plus Fourth Round Candidates. https:\/\/csrc.nist.gov\/News\/2022\/pqc-candidates-to-be-standardizedand-round-4 https:\/\/csrc.nist.gov\/News\/2022\/pqc-candidates-to-be-standardizedand-round-4."},{"key":"e_1_3_2_1_48_1","unstructured":"Devon O'Brien. 2023. Protecting Chrome Traffic with Hybrid Kyber KEM. https:\/\/blog.chromium.org\/2023\/08\/protecting-chrome-traffic-with-hybrid.html https:\/\/blog.chromium.org\/2023\/08\/protecting-chrome-traffic-with-hybrid.html."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.13154\/tches.v2018.i1.142--174"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1007\/3--540--45353--9_13"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3-030--30530--7_7"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2021.i2.37--60"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--319--66787--4_25"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3603170"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--642-04138--9_13"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--662--53644--5_8"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--540--85053--3_15"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--642--34961--4_44"}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690339","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3658644.3690339","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T06:10:58Z","timestamp":1755843058000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690339"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,2]]},"references-count":58,"alternative-id":["10.1145\/3658644.3690339","10.1145\/3658644"],"URL":"https:\/\/doi.org\/10.1145\/3658644.3690339","relation":{},"subject":[],"published":{"date-parts":[[2024,12,2]]},"assertion":[{"value":"2024-12-09","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}