{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,14]],"date-time":"2026-06-14T02:36:10Z","timestamp":1781404570612,"version":"3.54.1"},"reference-count":236,"publisher":"Association for Computing Machinery (ACM)","issue":"9","license":[{"start":{"date-parts":[[2025,4,4]],"date-time":"2025-04-04T00:00:00Z","timestamp":1743724800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"U.S. DOE\u2019s National Nuclear Security Administration","award":["DE-NA-0003525"],"award-info":[{"award-number":["DE-NA-0003525"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2025,9,30]]},"abstract":"<jats:p>Hardware-based cryptographic engines are increasingly important in hardware design as they offer stronger security guarantees compared to software. However, their complex design and lack of freely available test chips make it difficult to compare across different implementations. This work reviews some of the current implementations of one of the most used cryptographic algorithms, the Advanced Encryption Standard (AES). We synthesize the large amount of information that has been published over the last two decades by introducing the first comprehensive comparison of AES\u2019s most complex component, the Substitution Box (SBox), with regard to area, critical path delay, power, and security trade-offs.<\/jats:p>","DOI":"10.1145\/3724114","type":"journal-article","created":{"date-parts":[[2025,3,16]],"date-time":"2025-03-16T09:39:06Z","timestamp":1742117946000},"page":"1-37","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["A Survey of Hardware-Based AES SBoxes: Area, Performance, and Security"],"prefix":"10.1145","volume":"57","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0915-3447","authenticated-orcid":false,"given":"Phaedra Sophia","family":"Curlin","sequence":"first","affiliation":[{"name":"University of Colorado Boulder, Boulder, United States"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-4767-0149","authenticated-orcid":false,"given":"Jeff","family":"Heiges","sequence":"additional","affiliation":[{"name":"University of Colorado Boulder, Boulder, United States"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4741-8784","authenticated-orcid":false,"given":"Calvin","family":"Chan","sequence":"additional","affiliation":[{"name":"University of Colorado Boulder, Boulder, United States"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9779-1838","authenticated-orcid":false,"given":"Tamara Silbergleit","family":"Lehman","sequence":"additional","affiliation":[{"name":"University of Colorado Boulder, Boulder, United States"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2025,4,4]]},"reference":[{"key":"e_1_3_4_2_2","unstructured":"Advanced Micro Devices Inc.2020. AMD Memory Guard."},{"issue":"6","key":"e_1_3_4_3_2","doi-asserted-by":"crossref","first-page":"509","DOI":"10.1109\/TC.1978.1675141","article-title":"Binary decision diagrams","volume":"27","author":"Akers Sheldon","year":"1978","unstructured":"Sheldon Akers. 1978. Binary decision diagrams. IEEE Trans. Comput. C-27, 6 (1978), 509\u2013516.","journal-title":"IEEE Trans. Comput."},{"key":"e_1_3_4_4_2","doi-asserted-by":"crossref","first-page":"206","DOI":"10.1007\/978-3-540-85893-5_15","volume-title":"Smart Card Research and Advanced Applications","author":"Akishita Toru","year":"2008","unstructured":"Toru Akishita, Masanobu Katagi, Yoshikazu Miyato, Asami Mizuno, and Kyoji Shibutani. 2008. A practical DPA countermeasure with BDD architecture. In Smart Card Research and Advanced Applications. Springer Berlin, Berlin, 206\u2013217."},{"key":"e_1_3_4_5_2","series-title":"LNCS","first-page":"309","volume-title":"CHES 2001","author":"Akkar Mehdi-Laurent","year":"2001","unstructured":"Mehdi-Laurent Akkar and Christophe Giraud. 2001. An implementation of DES and AES, secure against some attacks. In CHES 2001(LNCS, Vol. 2162). Springer, Heidelberg, 309\u2013318."},{"key":"e_1_3_4_6_2","first-page":"163","volume-title":"Fault Attacks on AES and Their Countermeasures","author":"Ali Subidh","year":"2016","unstructured":"Subidh Ali, Xiaofei Guo, Ramesh Karri, and Debdeep Mukhopadhyay. 2016. Fault Attacks on AES and Their Countermeasures. Springer International Publishing, Cham, 163\u2013208."},{"key":"e_1_3_4_7_2","article-title":"Strengthening VM Isolation with Integrity Protection and More","author":"SEV-SNP AMD","year":"2020","unstructured":"AMD SEV-SNP. 2020. Strengthening VM Isolation with Integrity Protection and More. White paper.","journal-title":"White paper"},{"key":"e_1_3_4_8_2","first-page":"1","volume-title":"2013 IEEE 11th International New Circuits and Systems Conference (NEWCAS\u201913)","author":"An Ting","year":"2013","unstructured":"Ting An, Lirida Alves de Barros Naviner, and Philippe Matherat. 2013. Evaluation of fault-tolerant composite field AES S-boxes under multiple transient faults. In 2013 IEEE 11th International New Circuits and Systems Conference (NEWCAS\u201913). 1\u20134."},{"key":"e_1_3_4_9_2","unstructured":"ARM Limited. 2013. Building a Secure System using TrustZone\u00ae Technology. developer.arm.com\/documentation\/PRD29-GENC-009492\/latest\/"},{"key":"e_1_3_4_10_2","unstructured":"ARM Limited. 2023. Arm\u00ae A64 Instruction Set."},{"key":"e_1_3_4_11_2","unstructured":"ARM Limited. 2023. Full Disk Encryption. www.arm.com\/products\/silicon-ip-security\/full-disk-encryption"},{"key":"e_1_3_4_12_2","volume-title":"Design and Verification of Side-Channel and Fault Attacks Countermeasures","author":"Arribas Victor","year":"2020","unstructured":"Victor Arribas. 2020. Design and Verification of Side-Channel and Fault Attacks Countermeasures. Ph. D. Dissertation. Universit\u00e9 Catholique de Louvain."},{"key":"e_1_3_4_13_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2021.3123527"},{"key":"e_1_3_4_14_2","doi-asserted-by":"crossref","first-page":"103","DOI":"10.1007\/978-3-031-25319-5_6","volume-title":"Smart Card Research and Advanced Applications","author":"Askeland Amund","year":"2023","unstructured":"Amund Askeland, Siemen Dhooghe, Svetla Nikova, Vincent Rijmen, and Zhenda Zhang. 2023. Guarding the first order: The rise of AES maskings. In Smart Card Research and Advanced Applications. Springer International Publishing, Cham, 103\u2013122."},{"issue":"1","key":"e_1_3_4_15_2","doi-asserted-by":"crossref","first-page":"157","DOI":"10.46586\/tches.v2024.i1.157-179","article-title":"Who watches the watchers: Attacking glitch detection circuits","volume":"2024","author":"Askeland Amund","year":"2023","unstructured":"Amund Askeland, Svetla Nikova, and Ventzislav Nikov. 2023. Who watches the watchers: Attacking glitch detection circuits. IACR Transactions on Cryptographic Hardware and Embedded Systems 2024, 1 (Dec.2023), 157\u2013179.","journal-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems"},{"key":"e_1_3_4_16_2","first-page":"1","article-title":"Multivariate TVLA - efficient side-channel evaluation using confidence intervals","author":"Bache Florian","year":"2023","unstructured":"Florian Bache, Jonas Wloka, Pascal Sasdrich, and Tim G\u00fcneysu. 2023. Multivariate TVLA - efficient side-channel evaluation using confidence intervals. IEEE Trans. Comput. (2023), 1\u201312.","journal-title":"IEEE Trans. Comput."},{"key":"e_1_3_4_17_2","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2018.2815985"},{"key":"e_1_3_4_18_2","doi-asserted-by":"crossref","first-page":"167","DOI":"10.1109\/ISIAS.2010.5604061","volume-title":"2010 Sixth International Conference on Information Assurance and Security","author":"Barenghi Alessandro","year":"2010","unstructured":"Alessandro Barenghi, Guido M. Bertoni, Luca Breveglieri, Mauro Pellicioli, and Gerardo Pelosi. 2010. Fault attack on AES with single-bit induced faults. In 2010 Sixth International Conference on Information Assurance and Security. 167\u2013172."},{"key":"e_1_3_4_19_2","volume-title":"Annual International Conference on the Theory and Applications of Cryptographic Techniques","author":"Barthe Gilles","year":"2015","unstructured":"Gilles Barthe, Sonia Bela\u00efd, Fran\u00e7ois Dupressoir, Pierre-Alain Fouque, Benjamin Gr\u00e9goire, and Pierre-Yves Strub. 2015. Verified proofs of higher-order masking. In Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer."},{"key":"e_1_3_4_20_2","doi-asserted-by":"crossref","first-page":"123","DOI":"10.1007\/978-3-662-53008-5_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"Beierle Christof","year":"2016","unstructured":"Christof Beierle, J\u00e9r\u00e9my Jean, Stefan K\u00f6lbl, Gregor Leander, Amir Moradi, Thomas Peyrin, Yu Sasaki, Pascal Sasdrich, and Siang Meng Sim. 2016. The SKINNY family of block ciphers and its low-latency variant MANTIS. In Advances in Cryptology \u2013 CRYPTO 2016. Springer Berlin Heidelberg, Berlin, Heidelberg, 123\u2013153."},{"key":"e_1_3_4_21_2","first-page":"452","volume-title":"Fault Attack","author":"Benot Olivier","year":"2011","unstructured":"Olivier Benot. 2011. Fault Attack. Springer US, Boston, MA, 452\u2013453."},{"key":"e_1_3_4_22_2","doi-asserted-by":"publisher","DOI":"10.1145\/988952.989019"},{"key":"e_1_3_4_23_2","series-title":"WESS\u201910","volume-title":"Proceedings of the 5th Workshop on Embedded Systems Security","author":"Bhasin Shivam","year":"2010","unstructured":"Shivam Bhasin, Sylvain Guilley, Florent Flament, Nidhal Selmane, and Jean-Luc Danger. 2010. Countering early evaluation: An approach towards robust dual-rail precharge logic. In Proceedings of the 5th Workshop on Embedded Systems Security (Scottsdale, Arizona) (WESS\u201910). Association for Computing Machinery, New York, NY, USA, Article 6, 8 pages."},{"key":"e_1_3_4_24_2","doi-asserted-by":"publisher","DOI":"10.5555\/646762.706179"},{"key":"e_1_3_4_25_2","volume-title":"Threshold Implementations as Countermeasure against Higher-Order Differential Power Analysis","author":"Bilgin Beg\u00fcl","year":"2015","unstructured":"Beg\u00fcl Bilgin. 2015. Threshold Implementations as Countermeasure against Higher-Order Differential Power Analysis. Ph. D. Dissertation. Universit\u00e9 Catholique de Louvain."},{"key":"e_1_3_4_26_2","series-title":"LNCS","first-page":"267","volume-title":"AFRICACRYPT 14","author":"Bilgin Beg\u00fcl","year":"2014","unstructured":"Beg\u00fcl Bilgin, Benedikt Gierlichs, Svetla Nikova, Ventzislav Nikov, and Vincent Rijmen. 2014. A more efficient AES threshold implementation. In AFRICACRYPT 14(LNCS, Vol. 8469). Springer, Heidelberg, 267\u2013284."},{"key":"e_1_3_4_27_2","first-page":"69","volume-title":"Selected Areas in Cryptography","author":"Bl\u00f6mer Johannes","year":"2005","unstructured":"Johannes Bl\u00f6mer, Jorge Guajardo, and Volker Krummel. 2005. Provably secure masking of AES. In Selected Areas in Cryptography. Springer Berlin Heidelberg, Berlin, Heidelberg, 69\u201383."},{"key":"e_1_3_4_28_2","series-title":"LNCS","first-page":"30","volume-title":"CHES 2008","author":"Bogdanov Andrey","year":"2008","unstructured":"Andrey Bogdanov. 2008. Multiple-differential side-channel collision attacks on AES. In CHES 2008(LNCS, Vol. 5154). Springer, Heidelberg, 30\u201344."},{"issue":"2","key":"e_1_3_4_29_2","doi-asserted-by":"crossref","first-page":"55","DOI":"10.46586\/tosc.v2019.i2.55-93","article-title":"Quantum security analysis of AES","volume":"2019","author":"Bonnetain Xavier","year":"2019","unstructured":"Xavier Bonnetain, Mar\u00eda Naya-Plasencia, and Andr\u00e9 Schrottenloher. 2019. Quantum security analysis of AES. IACR Transactions on Symmetric Cryptology 2019, 2 (Jun.2019), 55\u201393.","journal-title":"IACR Transactions on Symmetric Cryptology"},{"key":"e_1_3_4_30_2","doi-asserted-by":"crossref","first-page":"208","DOI":"10.1007\/978-3-642-34961-4_14","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"Borghoff Julia","year":"2012","unstructured":"Julia Borghoff, Anne Canteaut, Tim G\u00fcneysu, Elif Bilge Kavun, Miroslav Knezevic, Lars R. Knudsen, Gregor Leander, Ventzislav Nikov, Christof Paar, Christian Rechberger, et al.2012. PRINCE \u2013 A low-latency block cipher for pervasive computing applications. In Advances in Cryptology \u2013 ASIACRYPT 2012. Springer Berlin Heidelberg, Berlin, Heidelberg, 208\u2013225."},{"key":"e_1_3_4_31_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-012-9124-7"},{"key":"e_1_3_4_32_2","doi-asserted-by":"crossref","first-page":"178","DOI":"10.1007\/978-3-642-13193-6_16","volume-title":"Experimental Algorithms","author":"Boyar Joan","year":"2010","unstructured":"Joan Boyar and Ren\u00e9 Peralta. 2010. A new combinational logic minimization technique with applications to cryptology. In Experimental Algorithms. Springer Berlin Heidelberg, Berlin, Heidelberg, 178\u2013189."},{"key":"e_1_3_4_33_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-30436-1_24"},{"issue":"12","key":"e_1_3_4_34_2","first-page":"3322","article-title":"A countermeasure against statistical ineffective fault analysis","volume":"67","author":"Breier Jakub","year":"2020","unstructured":"Jakub Breier, Mustafa Khairallah, Xiaolu Hou, and Yang Liu. 2020. A countermeasure against statistical ineffective fault analysis. IEEE Transactions on Circuits and Systems II: Express Briefs 67, 12 (2020), 3322\u20133326.","journal-title":"IEEE Transactions on Circuits and Systems II: Express Briefs"},{"key":"e_1_3_4_35_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-28632-5_2"},{"key":"e_1_3_4_36_2","unstructured":"Cadence Design Systems Inc.2023. Genus Synthesis Solution. GENUS211."},{"key":"e_1_3_4_37_2","series-title":"LNCS","first-page":"45","volume-title":"CHES 2017","author":"Cagli Eleonora","year":"2017","unstructured":"Eleonora Cagli, C\u00e9cile Dumas, and Emmanuel Prouff. 2017. Convolutional neural networks with data augmentation against jitter-based countermeasures - profiling attacks without pre-processing. In CHES 2017(LNCS, Vol. 10529). Springer, Heidelberg, 45\u201368."},{"key":"e_1_3_4_38_2","unstructured":"David Canright. 2016. sboxalg.txt. faculty.nps.edu\/drcanrig\/pub\/sboxalg.txt"},{"key":"e_1_3_4_39_2","unstructured":"David Canright. 2016. sboxmaskcorr.txt. faculty.nps.edu\/drcanrig\/pub\/sboxmaskcorr.txt"},{"key":"e_1_3_4_40_2","series-title":"LNCS","first-page":"441","volume-title":"CHES 2005","author":"Canright David","year":"2005","unstructured":"David Canright. 2005. A very compact S-Box for AES. In CHES 2005(LNCS, Vol. 3659). Springer, Heidelberg, 441\u2013455."},{"key":"e_1_3_4_41_2","doi-asserted-by":"crossref","first-page":"446","DOI":"10.1007\/978-3-540-68914-0_27","volume-title":"Applied Cryptography and Network Security","author":"Canright David","year":"2008","unstructured":"David Canright and Lejla Batina. 2008. A very compact \u201cPerfectly Masked\u201d S-Box for AES. In Applied Cryptography and Network Security. Springer Berlin Heidelberg, Berlin, Heidelberg, 446\u2013459."},{"key":"e_1_3_4_42_2","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2020.3022979"},{"key":"e_1_3_4_43_2","article-title":"Randomness generation for secure hardware masking - Unrolled Trivium to the rescue","author":"Cassiers Ga\u00ebtan","year":"2023","unstructured":"Ga\u00ebtan Cassiers, Lo\u00efc Masure, Charles Momin, Thorben Moos, Amir Moradi, and Fran\u00e7ois-Xavier Standaert. 2023. Randomness generation for secure hardware masking - Unrolled Trivium to the rescue. Cryptology ePrint Archive, Paper 2023\/1134.","journal-title":"Cryptology ePrint Archive, Paper 2023\/1134"},{"key":"e_1_3_4_44_2","doi-asserted-by":"crossref","first-page":"1228","DOI":"10.1109\/SmartTechCon.2017.8358562","volume-title":"2017 International Conference on Smart Technologies for Smart Nation (SmartTechCon\u201917)","author":"Chandu Y.","year":"2017","unstructured":"Y. Chandu, K. S. Rakesh Kumar, Ninad Vivek Prabhukhanolkar, A. N. Anish, and Sushma Rawal. 2017. Design and implementation of hybrid encryption for security of IOT data. In 2017 International Conference on Smart Technologies for Smart Nation (SmartTechCon\u201917). IEEE, 1228\u20131231."},{"key":"e_1_3_4_45_2","series-title":"LNCS","first-page":"398","volume-title":"CRYPTO\u201999","author":"Chari Suresh","year":"1999","unstructured":"Suresh Chari, Charanjit S. Jutla, Josyula R. Rao, and Pankaj Rohatgi. 1999. Towards sound approaches to counteract power-analysis attacks. In CRYPTO\u201999(LNCS, Vol. 1666). Springer, Heidelberg, 398\u2013412."},{"key":"e_1_3_4_46_2","series-title":"LNCS","first-page":"13","volume-title":"CHES","author":"Chari Suresh","year":"2003","unstructured":"Suresh Chari, Josyula R. Rao, and Pankaj Rohatgi. 2003. Template attacks. In CHES(LNCS, Vol. 2523). Springer, Heidelberg, 13\u201328."},{"key":"e_1_3_4_47_2","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1007\/978-3-319-16763-3_4","volume-title":"Smart Card Research and Advanced Applications","author":"Chen Cong","year":"2015","unstructured":"Cong Chen, Thomas Eisenbarth, Aria Shahverdi, and Xin Ye. 2015. Balanced encoding to mitigate power analysis: A case study. In Smart Card Research and Advanced Applications. Springer International Publishing, Cham, 49\u201363."},{"key":"e_1_3_4_48_2","doi-asserted-by":"publisher","DOI":"10.1145\/3623652.3623671"},{"key":"e_1_3_4_49_2","unstructured":"Circuit Minimization Team. 2020. Circuit Minimization Work. Retrieved October 31 2022 from www.cs.yale.edu\/homes\/peralta\/CircuitStuff\/CMT.html"},{"key":"e_1_3_4_50_2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"181","DOI":"10.1007\/978-3-540-74735-2_13","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2007, 9th International Workshop, Vienna, Austria, September 10\u201313, 2007, Proceedings","volume":"4727","author":"Clavier Christophe","year":"2007","unstructured":"Christophe Clavier. 2007. Secret external encodings do not prevent transient fault analysis. In Cryptographic Hardware and Embedded Systems - CHES 2007, 9th International Workshop, Vienna, Austria, September 10\u201313, 2007, Proceedings(Lecture Notes in Computer Science, Vol. 4727). Springer, 181\u2013194."},{"key":"e_1_3_4_51_2","doi-asserted-by":"crossref","first-page":"119","DOI":"10.1109\/FDTC.2013.16","volume-title":"2013 Workshop on Fault Diagnosis and Tolerance in Cryptography","author":"Clavier Christophe","year":"2013","unstructured":"Christophe Clavier and Antoine Wurcker. 2013. Reverse engineering of a secret AES-like cipher by ineffective fault analysis. In 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography. 119\u2013128."},{"key":"e_1_3_4_52_2","doi-asserted-by":"crossref","first-page":"137","DOI":"10.1007\/978-3-319-66787-4_7","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2017","author":"Daemen Joan","year":"2017","unstructured":"Joan Daemen. 2017. Changing of the guards: A simple and efficient method for achieving uniformity in threshold sharing. In Cryptographic Hardware and Embedded Systems \u2013 CHES 2017. Springer International Publishing, Cham, 137\u2013153."},{"issue":"3","key":"e_1_3_4_53_2","doi-asserted-by":"crossref","first-page":"508","DOI":"10.46586\/tches.v2020.i3.508-543","article-title":"Protecting against statistical ineffective fault attacks","volume":"2020","author":"Daemen Joan","year":"2020","unstructured":"Joan Daemen, Christoph Dobraunig, Maria Eichlseder, Hannes Gro\u00df, Florian Mendel, and Robert Primas. 2020. Protecting against statistical ineffective fault attacks. IACR Transactions on Cryptographic Hardware and Embedded Systems 2020, 3 (Jun.2020), 508\u2013543.","journal-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems"},{"key":"e_1_3_4_54_2","first-page":"1","volume-title":"2009 3rd International Conference on Signals, Circuits and Systems (SCS\u201909)","author":"Danger Jean-Luc","year":"2009","unstructured":"Jean-Luc Danger, Sylvain Guilley, Shivam Bhasin, and Maxime Nassar. 2009. Overview of dual rail with precharge logic styles to thwart implementation-level attacks on hardware cryptoprocessors. In 2009 3rd International Conference on Signals, Circuits and Systems (SCS\u201909). 1\u20138."},{"key":"e_1_3_4_55_2","first-page":"1","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"Cnudde Thomas De","year":"2017","unstructured":"Thomas De Cnudde, Beg\u00fcl Bilgin, Benedikt Gierlichs, Ventzislav Nikov, Svetla Nikova, and Vincent Rijmen. 2017. Does coupling affect the security of masked implementations?. In Constructive Side-Channel Analysis and Secure Design. Springer International Publishing, Cham, 1\u201318."},{"key":"e_1_3_4_56_2","series-title":"LNCS","first-page":"194","volume-title":"CHES 2016","author":"Cnudde Thomas De","year":"2016","unstructured":"Thomas De Cnudde, Oscar Reparaz, Beg\u00fcl Bilgin, Svetla Nikova, Ventzislav Nikov, and Vincent Rijmen. 2016. Masking AES with d+1 shares in hardware. In CHES 2016(LNCS, Vol. 9813). Springer, Heidelberg, 194\u2013212."},{"issue":"3","key":"e_1_3_4_57_2","doi-asserted-by":"crossref","first-page":"119","DOI":"10.46586\/tches.v2019.i3.119-147","article-title":"Consolidating security notions in hardware masking","volume":"2019","author":"Meyer Lauren De","year":"2019","unstructured":"Lauren De Meyer, Beg\u00fcl Bilgin, and Oscar Reparaz. 2019. Consolidating security notions in hardware masking. IACR TCHES 2019, 3 (2019), 119\u2013147.","journal-title":"IACR TCHES"},{"issue":"3","key":"e_1_3_4_58_2","doi-asserted-by":"crossref","first-page":"431","DOI":"10.46586\/tches.v2018.i3.431-468","article-title":"Multiplicative masking for AES in hardware","volume":"2018","author":"Meyer Lauren De","year":"2018","unstructured":"Lauren De Meyer, Oscar Reparaz, and Beg\u00fcl Bilgin. 2018. Multiplicative masking for AES in hardware. IACR TCHES 2018, 3 (2018), 431\u2013468.","journal-title":"IACR TCHES"},{"key":"e_1_3_4_59_2","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2012.15"},{"key":"e_1_3_4_60_2","volume-title":"IEEE Symposium on Low Power Electronics","author":"Denker J. S.","year":"1994","unstructured":"J. S. Denker. 1994. A review of adiabatic computing. In IEEE Symposium on Low Power Electronics."},{"key":"e_1_3_4_61_2","doi-asserted-by":"crossref","first-page":"158","DOI":"10.1007\/BFb0030418","volume-title":"Information Security","author":"Desmedt Yvo","year":"1998","unstructured":"Yvo Desmedt. 1998. Some recent research aspects of threshold cryptography. In Information Security. Springer Berlin Heidelberg, Berlin, Heidelberg, 158\u2013173."},{"key":"e_1_3_4_62_2","article-title":"The random fault model","author":"Dhooghe Siemen","year":"2022","unstructured":"Siemen Dhooghe and Svetla Nikova. 2022. The random fault model. Cryptology ePrint Archive, Paper 2022\/1627.","journal-title":"Cryptology ePrint Archive, Paper 2022\/1627"},{"key":"e_1_3_4_63_2","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3560634"},{"key":"e_1_3_4_64_2","doi-asserted-by":"crossref","first-page":"163","DOI":"10.1007\/978-3-319-43283-0_10","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"Ding A. Adam","year":"2016","unstructured":"A. Adam Ding, Cong Chen, and Thomas Eisenbarth. 2016. Simpler, faster, and more robust T-test based leakage detection. In Constructive Side-Channel Analysis and Secure Design. Springer International Publishing, Cham, 163\u2013183."},{"key":"e_1_3_4_65_2","article-title":"SIFA: Exploiting ineffective fault inductions on symmetric cryptography","author":"Dobraunig Christoph","year":"2018","unstructured":"Christoph Dobraunig, Maria Eichlseder, Thomas Korak, Stefan Mangard, Florian Mendel, and Robert Primas. 2018. SIFA: Exploiting ineffective fault inductions on symmetric cryptography. Cryptology ePrint Archive, Paper 2018\/071.","journal-title":"Cryptology ePrint Archive, Paper 2018\/071"},{"issue":"3","key":"e_1_3_4_66_2","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1007\/s00145-021-09398-9","article-title":"Ascon v1.2: Lightweight authenticated encryption and hashing","volume":"34","author":"Dobraunig Christoph","year":"2021","unstructured":"Christoph Dobraunig, Maria Eichlseder, Florian Mendel, and Martin Schl\u00e4ffer. 2021. Ascon v1.2: Lightweight authenticated encryption and hashing. J. Cryptol. 34, 3 (2021), 33.","journal-title":"J. Cryptol."},{"key":"e_1_3_4_67_2","volume-title":"EUROCRYPT","author":"Duc Alexandre","year":"2014","unstructured":"Alexandre Duc, Stefan Dziembowski, and Sebastian Faust. 2014. Unifying leakage models: From probing attacks to noisy leakage. In EUROCRYPT."},{"key":"e_1_3_4_68_2","doi-asserted-by":"crossref","first-page":"159","DOI":"10.1007\/978-3-662-46803-6_6","volume-title":"Advances in Cryptology - EUROCRYPT 2015","author":"Dziembowski Stefan","year":"2015","unstructured":"Stefan Dziembowski, Sebastian Faust, and Maciej Skorski. 2015. Noisy leakage revisited. In Advances in Cryptology - EUROCRYPT 2015. Springer Berlin Heidelberg, Berlin, Heidelberg, 159\u2013188."},{"key":"e_1_3_4_69_2","doi-asserted-by":"publisher","DOI":"10.1109\/FOCS.2008.56"},{"key":"e_1_3_4_70_2","volume-title":"EMV\u00ae Issuer and Application Security Guidelines","year":"2023","unstructured":"EMVCo. 2023. EMV\u00ae Issuer and Application Security Guidelines. Technical Report Version 3.0."},{"key":"e_1_3_4_71_2","volume-title":"IEEE International Symposium on Information Theory","author":"Fan J. L.","year":"1997","unstructured":"J. L. Fan and C. Paar. 1997. On efficient inversion in tower fields of characteristic two. In IEEE International Symposium on Information Theory."},{"issue":"3","key":"e_1_3_4_72_2","doi-asserted-by":"crossref","first-page":"89","DOI":"10.46586\/tches.v2018.i3.89-120","article-title":"Composable masking schemes in the presence of physical defaults and the robust probing model","volume":"2018","author":"Faust Sebastian","year":"2018","unstructured":"Sebastian Faust, Vincent Grosso, Santos Merino Del Pozo, Clara Paglialonga, and Fran\u00e7ois-Xavier Standaert. 2018. Composable masking schemes in the presence of physical defaults and the robust probing model. IACR TCHES 2018, 3 (2018), 89\u2013120.","journal-title":"IACR TCHES"},{"key":"e_1_3_4_73_2","series-title":"LNCS","first-page":"213","volume-title":"CHES 2012","author":"Faust Sebastian","year":"2012","unstructured":"Sebastian Faust, Krzysztof Pietrzak, and Joachim Schipper. 2012. Practical leakage-resilient symmetric cryptography. In CHES 2012(LNCS, Vol. 7428). Springer, Heidelberg, 213\u2013232."},{"key":"e_1_3_4_74_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-28632-5_26"},{"key":"e_1_3_4_75_2","volume-title":"Exploring the Ultimate Limits of Adiabatic Circuits","author":"Frank Michael","year":"2020","unstructured":"Michael Frank, Robert Brocato, Thomas Conte, Alexander Hsia, Anirudh Jain, Nancy Missert, Karpur Shukla, and Brian Tierney. 2020. Exploring the Ultimate Limits of Adiabatic Circuits. Technical Report. Sandia National Laboratories."},{"key":"e_1_3_4_76_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-71817-0_10"},{"key":"e_1_3_4_77_2","series-title":"LNCS","first-page":"251","volume-title":"CHES 2001","author":"Gandolfi Karine","year":"2001","unstructured":"Karine Gandolfi, Christophe Mourtel, and Francis Olivier. 2001. Electromagnetic analysis: Concrete results. In CHES 2001(LNCS, Vol. 2162). Springer, Heidelberg, 251\u2013261."},{"issue":"1","key":"e_1_3_4_78_2","first-page":"1","article-title":"A survey of microarchitectural timing attacks and countermeasures on contemporary hardware","volume":"8","author":"Ge Qian","year":"2016","unstructured":"Qian Ge, Yuval Yarom, David Cock, and Gernot Heiser. 2016. A survey of microarchitectural timing attacks and countermeasures on contemporary hardware. Journal of Cryptographic Engineering 8, 1 (2016), 1\u201327.","journal-title":"Journal of Cryptographic Engineering"},{"key":"e_1_3_4_79_2","series-title":"LNCS","first-page":"384","volume-title":"INDOCRYPT 2017","author":"Ghoshal Ashrujit","year":"2017","unstructured":"Ashrujit Ghoshal and Thomas De Cnudde. 2017. Several masked implementations of the Boyar-Peralta AES S-Box. In INDOCRYPT 2017(LNCS, Vol. 10698). Springer, Heidelberg, 384\u2013402."},{"key":"e_1_3_4_80_2","series-title":"LNCS","first-page":"426","volume-title":"CHES 2008","author":"Gierlichs Benedikt","year":"2008","unstructured":"Benedikt Gierlichs, Lejla Batina, Pim Tuyls, and Bart Preneel. 2008. Mutual information analysis. In CHES 2008(LNCS, Vol. 5154). Springer, Heidelberg, 426\u2013442."},{"key":"e_1_3_4_81_2","unstructured":"Barbara Gigerl. 2023. aes-secondorder-guards. github.com\/barbara-gigerl\/aes-secondorder-guards"},{"key":"e_1_3_4_82_2","article-title":"Smooth passage with the guards: Second-order hardware masking of the AES with low randomness and low latency","author":"Gigerl Barbara","year":"2024","unstructured":"Barbara Gigerl, Franz Klug, Stefan Mangard, Florian Mendel, and Robert Primas. 2024. Smooth passage with the guards: Second-order hardware masking of the AES with low randomness and low latency. IACR Transactions on Cryptographic Hardware and Embedded Systems (2024).","journal-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems"},{"key":"e_1_3_4_83_2","doi-asserted-by":"crossref","first-page":"106","DOI":"10.1109\/HST.2015.7140247","volume-title":"2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST\u201915)","author":"Gilmore Richard","year":"2015","unstructured":"Richard Gilmore, Neil Hanley, and Maire O\u2019Neill. 2015. Neural network based attack on a masked implementation of AES. In 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST\u201915). 106\u2013111."},{"key":"e_1_3_4_84_2","unstructured":"GlobalFoundries Inc. 2025. Global Foundries. www.gf.com"},{"key":"e_1_3_4_85_2","unstructured":"GlobalFoundries PDK Authors. 2023. GF180MCU Open Source PDK. github.com\/google\/gf180mcu-pdk"},{"key":"e_1_3_4_86_2","series-title":"LNCS","first-page":"198","volume-title":"CHES","author":"Goli\u0107 Jovan D.","year":"2003","unstructured":"Jovan D. Goli\u0107 and Christophe Tymen. 2003. Multiplicative masking and power analysis of AES. In CHES(LNCS, Vol. 2523). Springer, Heidelberg, 198\u2013212."},{"key":"e_1_3_4_87_2","series-title":"LNCS","first-page":"427","volume-title":"CHES 2005","author":"Good Tim","year":"2005","unstructured":"Tim Good and Mohammed Benaissa. 2005. AES on FPGA from the fastest to the smallest. In CHES 2005(LNCS, Vol. 3659). Springer, Heidelberg, 427\u2013440."},{"key":"e_1_3_4_88_2","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-48059-5_15"},{"key":"e_1_3_4_89_2","unstructured":"Hannes Gro\u00df. 2016. aes-dom. www.github.com\/hgrosz\/aes-dom"},{"key":"e_1_3_4_90_2","volume-title":"Domain-Oriented Masking: Generically Masked Hardware Implementations","author":"Gro\u00df Hannes","year":"2020","unstructured":"Hannes Gro\u00df. 2020. Domain-Oriented Masking: Generically Masked Hardware Implementations. Ph. D. Dissertation. Graz University of Technology."},{"issue":"2","key":"e_1_3_4_91_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.46586\/tches.v2018.i2.1-21","article-title":"Generic low-latency masking in hardware","volume":"2018","author":"Gross Hannes","year":"2018","unstructured":"Hannes Gross, Rinat Iusupov, and Roderick Bloem. 2018. Generic low-latency masking in hardware. IACR Transactions on Cryptographic Hardware and Embedded Systems 2018, 2 (May2018), 1\u201321.","journal-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems"},{"key":"e_1_3_4_92_2","volume-title":"ACM Workshop on Theory of Implementation Security","author":"Gro\u00df Hannes","year":"2016","unstructured":"Hannes Gro\u00df, Stefan Mangard, and Thomas Korak. 2016. Domain-oriented masking: Compact masked hardware implementations with arbitrary protection order. In ACM Workshop on Theory of Implementation Security."},{"key":"e_1_3_4_93_2","article-title":"TOFU - Toggle count analysis made simple","author":"Gruber Michael","year":"2022","unstructured":"Michael Gruber and Georg Sigl. 2022. TOFU - Toggle count analysis made simple. Cryptology ePrint Archive, Paper 2022\/129.","journal-title":"Cryptology ePrint Archive, Paper 2022\/129"},{"key":"e_1_3_4_94_2","first-page":"208","volume-title":"Shall We Trust WDDL?","author":"Guilley Sylvain","year":"2009","unstructured":"Sylvain Guilley, Sumanta Chaudhuri, Laurent Sauvage, Tarik Graba, Jean-Luc Danger, Philippe Hoogvorst, Vinh-Nga Vong, Maxime Nassar, and Florent Flament. 2009. Shall We Trust WDDL?Vieweg+Teubner, Wiesbaden, 208\u2013215."},{"key":"e_1_3_4_95_2","series-title":"LNCS","first-page":"383","volume-title":"CHES 2005","author":"Guilley Sylvain","year":"2005","unstructured":"Sylvain Guilley, Philippe Hoogvorst, Yves Mathieu, and Renaud Pacalet. 2005. The \u201cBackend Duplication\u201d method. In CHES 2005(LNCS, Vol. 3659). Springer, Heidelberg, 383\u2013397."},{"key":"e_1_3_4_96_2","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2010.15"},{"key":"e_1_3_4_97_2","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-011-0023-x"},{"key":"e_1_3_4_98_2","doi-asserted-by":"crossref","first-page":"219","DOI":"10.1007\/978-3-319-08302-5_15","volume-title":"Smart Card Research and Advanced Applications","author":"Hutter Michael","year":"2014","unstructured":"Michael Hutter and J\u00f6rn-Marc Schmidt. 2014. The temperature side channel and heating fault attacks. In Smart Card Research and Advanced Applications. Springer International Publishing, Cham, 219\u2013235."},{"key":"e_1_3_4_99_2","article-title":"AES-based security coprocessor IC in 0.18- \\(\\mu\\) m CMOS with resistance to differential power analysis side-channel attacks","author":"Hwang D. D.","year":"2006","unstructured":"D. D. Hwang, K. Tiri, A. Hodjat, B.-C. Lai, S. Yang, P. Schaumont, and I. Verbauwhede. 2006. AES-based security coprocessor IC in 0.18- \\(\\mu\\) m CMOS with resistance to differential power analysis side-channel attacks. IEEE Journal of Solid-State Circuits (2006).","journal-title":"IEEE Journal of Solid-State Circuits"},{"key":"e_1_3_4_100_2","unstructured":"Intel Corporation. 2010. Intel\u00ae Advanced Encryption Standard (AES) New Instructions Set."},{"key":"e_1_3_4_101_2","article-title":"Intel\u00ae\n                  Software Guard Extensions Programming Reference","author":"Corporation Intel","year":"2010","unstructured":"Intel Corporation. 2010. Intel\u00aeSoftware Guard Extensions Programming Reference. White paper.","journal-title":"White paper"},{"key":"e_1_3_4_102_2","unstructured":"Intel Corporation. 2021. Intel\u00ae Total Memory Encryption."},{"key":"e_1_3_4_103_2","series-title":"LNCS","doi-asserted-by":"crossref","first-page":"463","DOI":"10.1007\/978-3-540-45146-4_27","volume-title":"CRYPTO 2003","author":"Ishai Yuval","year":"2003","unstructured":"Yuval Ishai, Amit Sahai, and David Wagner. 2003. Private circuits: Securing hardware against probing attacks. In CRYPTO 2003(LNCS, Vol. 2729). Springer, Heidelberg, 463\u2013481."},{"key":"e_1_3_4_104_2","doi-asserted-by":"publisher","DOI":"10.1016\/0890-5401(88)90024-7"},{"key":"e_1_3_4_105_2","article-title":"SmartEdge: An end-to-end encryption framework for an edge-enabled smart city application","author":"Jan Mian Ahmad","year":"2019","unstructured":"Mian Ahmad Jan, Wenjing Zhang, Muhammad Usman, Zhiyuan Tan, Fazlullah Khan, and Entao Luo. 2019. SmartEdge: An end-to-end encryption framework for an edge-enabled smart city application. Journal of Network and Computer Applications (2019).","journal-title":"Journal of Network and Computer Applications"},{"key":"e_1_3_4_106_2","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-662-04722-4","volume-title":"The Design of Rijndael","author":"Joan Daemen","year":"2002","unstructured":"Daemen Joan and Rijmen Vincent. 2002. The Design of Rijndael. Springer Berlin, Heidelberg."},{"key":"e_1_3_4_107_2","article-title":"Strengthening hardware AES implementations against fault attacks","author":"Joye Marc","year":"2007","unstructured":"Marc Joye, Pascal Manet, and Jean-Baptiste Rigaud. 2007. Strengthening hardware AES implementations against fault attacks. IET Inf. Secur. (2007).","journal-title":"IET Inf. Secur."},{"key":"e_1_3_4_108_2","article-title":"A survey of leakage-resilient cryptography","author":"Kalai Yael Tauman","year":"2019","unstructured":"Yael Tauman Kalai and Leonid Reyzin. 2019. A survey of leakage-resilient cryptography. Cryptology ePrint Archive, Paper.","journal-title":"Cryptology ePrint Archive, Paper"},{"issue":"6","key":"e_1_3_4_109_2","first-page":"112","article-title":"A guideline on pseudorandom number generation (PRNG) in the IoT","volume":"54","author":"Kietzmann Peter","year":"2021","unstructured":"Peter Kietzmann, Thomas C. Schmidt, and Matthias W\u00e4hlisch. 2021. A guideline on pseudorandom number generation (PRNG) in the IoT. ACM Comput. Surv. 54, 6, Article 112 (Jul.2021), 38 pages.","journal-title":"ACM Comput. Surv."},{"key":"e_1_3_4_110_2","article-title":"Faults, injection methods, and fault attacks","author":"Kim Chong Hee","year":"2007","unstructured":"Chong Hee Kim and Jean-Jacques Quisquater. 2007. Faults, injection methods, and fault attacks. IEEE Design & Test of Computers (2007).","journal-title":"IEEE Design & Test of Computers"},{"key":"e_1_3_4_111_2","series-title":"CCS\u201922","first-page":"1799","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","author":"Knichel David","year":"2022","unstructured":"David Knichel and Amir Moradi. 2022. Low-latency hardware private circuits. In ACM SIGSAC Conference on Computer and Communications Security (Los Angeles, CA, USA) (CCS\u201922). Association for Computing Machinery, 1799\u20131812."},{"issue":"1","key":"e_1_3_4_112_2","doi-asserted-by":"crossref","first-page":"323","DOI":"10.46586\/tches.v2022.i1.323-344","article-title":"Generic hardware private circuits: Towards automated generation of composable secure gadgets","author":"Knichel David","year":"2021","unstructured":"David Knichel, Pascal Sasdrich, and Amir Moradi. 2021. Generic hardware private circuits: Towards automated generation of composable secure gadgets. IACR Transactions on Cryptographic Hardware and Embedded Systems1 (Nov.2021), 323\u2013344.","journal-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems"},{"key":"e_1_3_4_113_2","series-title":"LNCS","first-page":"388","volume-title":"CRYPTO\u201999","author":"Kocher Paul C.","year":"1999","unstructured":"Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. 1999. Differential power analysis. In CRYPTO\u201999(LNCS, Vol. 1666). Springer, Heidelberg, 388\u2013397."},{"key":"e_1_3_4_114_2","volume-title":"2021 IEEE Symposium on Security and Privacy (SP\u201921)","author":"Krachenfels Thilo","year":"2021","unstructured":"Thilo Krachenfels, Fatemeh Ganji, Amir Moradi, Shahin Tajik, and Jean-Pierre Seifert. 2021. Real-world snapshots vs. theory: Questioning the t-Probing security model. In 2021 IEEE Symposium on Security and Privacy (SP\u201921). IEEE."},{"key":"e_1_3_4_115_2","first-page":"1","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"Kr\u00e4mer Juliane","year":"2013","unstructured":"Juliane Kr\u00e4mer, Dmitry Nedospasov, Alexander Schl\u00f6sser, and Jean-Pierre Seifert. 2013. Differential photonic emission analysis. In Constructive Side-Channel Analysis and Secure Design. Springer Berlin Heidelberg, Berlin, Heidelberg, 1\u201316."},{"key":"e_1_3_4_116_2","doi-asserted-by":"crossref","first-page":"91","DOI":"10.1007\/978-3-319-12160-4_6","volume-title":"Information Security and Cryptology \u2013 ICISC 2013","author":"Kutzner Sebastian","year":"2014","unstructured":"Sebastian Kutzner, Phuong Ha Nguyen, and Axel Poschmann. 2014. Enabling 3-Share threshold implementations for all 4-Bit S-Boxes. In Information Security and Cryptology \u2013 ICISC 2013. Springer International Publishing, Cham, 91\u2013108."},{"key":"e_1_3_4_117_2","series-title":"EuroSys\u201920","volume-title":"Proceedings of the Fifteenth European Conference on Computer Systems","author":"Lee Dayeol","year":"2020","unstructured":"Dayeol Lee, David Kohlbrenner, Shweta Shinde, Krste Asanovi\u0107, and Dawn Song. 2020. Keystone: An open framework for architecting trusted execution environments. In Proceedings of the Fifteenth European Conference on Computer Systems (Heraklion, Greece) (EuroSys\u201920). Association for Computing Machinery, New York, NY, USA, Article 38, 16 pages."},{"key":"e_1_3_4_118_2","series-title":"LNCS","first-page":"580","volume-title":"CHES 2014","author":"Leiserson Andrew J.","year":"2014","unstructured":"Andrew J. Leiserson, Mark E. Marson, and Megan A. Wachs. 2014. Gate-level masking under a path-based leakage metric. In CHES 2014(LNCS, Vol. 8731). Springer, Heidelberg, 580\u2013597."},{"key":"e_1_3_4_119_2","doi-asserted-by":"crossref","DOI":"10.1007\/s13389-014-0089-3","article-title":"A machine learning approach against a masked AES","author":"Lerman Liran","year":"2015","unstructured":"Liran Lerman, Gianluca Bontempi, and Olivier Markowitch. 2015. A machine learning approach against a masked AES. Journal of Cryptographic Engineering (2015).","journal-title":"Journal of Cryptographic Engineering"},{"key":"e_1_3_4_120_2","doi-asserted-by":"crossref","first-page":"502","DOI":"10.1109\/DATE.2009.5090716","volume-title":"2009 Design, Automation & Test in Europe Conference & Exhibition","author":"Leveugle R.","year":"2009","unstructured":"R. Leveugle, A. Calvez, P. Maistri, and P. Vanhauwaert. 2009. Statistical fault injection: Quantified error and confidence. In 2009 Design, Automation & Test in Europe Conference & Exhibition. 502\u2013506."},{"key":"e_1_3_4_121_2","doi-asserted-by":"publisher","DOI":"10.1147\/rd.62.0200"},{"key":"e_1_3_4_122_2","doi-asserted-by":"crossref","DOI":"10.1109\/TC.2008.149","article-title":"Double-data-rate computation as a countermeasure against fault analysis","author":"Maistri Paolo","year":"2008","unstructured":"Paolo Maistri and R\u00e9gis Leveugle. 2008. Double-data-rate computation as a countermeasure against fault analysis. IEEE Transactions on Computers (2008).","journal-title":"IEEE Transactions on Computers"},{"key":"e_1_3_4_123_2","volume-title":"Fault Diagnosis and Tolerance in Cryptography","author":"Malkin Tal G.","year":"2006","unstructured":"Tal G. Malkin, Fran\u00e7ois-Xavier Standaert, and Moti Yung. 2006. A comparative cost\/security analysis of fault attack countermeasures. In Fault Diagnosis and Tolerance in Cryptography. Springer Berlin Heidelberg, Berlin, Heidelberg."},{"key":"e_1_3_4_124_2","series-title":"LNCS","first-page":"157","volume-title":"CHES 2005","author":"Mangard Stefan","year":"2005","unstructured":"Stefan Mangard, Norbert Pramstaller, and Elisabeth Oswald. 2005. Successfully attacking masked AES hardware implementations. In CHES 2005(LNCS, Vol. 3659). Springer, Heidelberg, 157\u2013171."},{"key":"e_1_3_4_125_2","series-title":"LNCS","first-page":"76","volume-title":"CHES 2006","author":"Mangard Stefan","year":"2006","unstructured":"Stefan Mangard and Kai Schramm. 2006. Pinpointing the side-channel leakage of masked AES hardware implementations. In CHES 2006(LNCS, Vol. 4249). Springer, Heidelberg, 76\u201390."},{"issue":"1","key":"e_1_3_4_126_2","first-page":"109","article-title":"The design of scalar AES instruction set extensions for RISC-V","volume":"2021","author":"Marshall Ben","year":"2021","unstructured":"Ben Marshall, G. Richard Newell, Dan Page, Markku-Juhani O. Saarinen, and Claire Wolf. 2021. The design of scalar AES instruction set extensions for RISC-V. IACR TCHES 2021, 1 (2021), 109\u2013136.","journal-title":"IACR TCHES"},{"key":"e_1_3_4_127_2","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1109\/FDTC.2012.21","volume-title":"2012 Workshop on Fault Diagnosis and Tolerance in Cryptography","author":"Maurine Philippe","year":"2012","unstructured":"Philippe Maurine. 2012. Techniques for EM fault injection: Equipments and experimental results. In 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography. 3\u20134."},{"key":"e_1_3_4_128_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2019.i4.91-125"},{"issue":"1","key":"e_1_3_4_129_2","first-page":"3","article-title":"Isolated WDDL: A hiding countermeasure for differential power analysis on FPGAs","volume":"2","author":"McEvoy Robert P.","year":"2009","unstructured":"Robert P. McEvoy, Colin C. Murphy, William P. Marnane, and Michael Tunstall. 2009. Isolated WDDL: A hiding countermeasure for differential power analysis on FPGAs. ACM Trans. Reconfigurable Technol. Syst. 2, 1, Article 3 (Mar.2009), 23 pages.","journal-title":"ACM Trans. Reconfigurable Technol. Syst."},{"key":"e_1_3_4_130_2","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2019.2935189"},{"key":"e_1_3_4_131_2","doi-asserted-by":"publisher","DOI":"10.5555\/548089"},{"key":"e_1_3_4_132_2","series-title":"LNCS","first-page":"323","volume-title":"CT-RSA 2005","author":"Mentens Nele","year":"2005","unstructured":"Nele Mentens, Lejla Batina, Bart Preneel, and Ingrid Verbauwhede. 2005. A systematic evaluation of compact hardware implementations for the Rijndael S-Box. In CT-RSA 2005(LNCS, Vol. 3376). Springer, Heidelberg, 323\u2013333."},{"key":"e_1_3_4_133_2","first-page":"1","volume-title":"2013 IEEE Faible Tension Faible Consommation","author":"Monteiro Cancio","year":"2013","unstructured":"Cancio Monteiro, Yasuhiro Takahashi, and Toshikazu Sekine. 2013. Low power secure AES S-box using adiabatic logic circuit. In 2013 IEEE Faible Tension Faible Consommation. 1\u20134."},{"key":"e_1_3_4_134_2","article-title":"Glitch-resistant masking revisited","author":"Moos Thorben","year":"2019","unstructured":"Thorben Moos, Amir Moradi, Tobias Schneider, and Fran\u00e7ois-Xavier Standaert. 2019. Glitch-resistant masking revisited. IACR TCHES (2019).","journal-title":"IACR TCHES"},{"key":"e_1_3_4_135_2","series-title":"LNCS","first-page":"598","volume-title":"CHES 2014","author":"Moradi Amir","year":"2014","unstructured":"Amir Moradi and Vincent Immler. 2014. Early propagation and imbalanced routing, how to diminish in FPGAs. In CHES 2014(LNCS, Vol. 8731). Springer, Heidelberg, 598\u2013615."},{"key":"e_1_3_4_136_2","article-title":"Masked dual-rail precharge logic encounters state-of-the-art power analysis methods","author":"Moradi Amir","year":"2012","unstructured":"Amir Moradi, Mario Kirschbaum, Thomas Eisenbarth, and Christof Paar. 2012. Masked dual-rail precharge logic encounters state-of-the-art power analysis methods. IEEE Transactions on Very Large Scale Integration (VLSI) Systems (2012).","journal-title":"IEEE Transactions on Very Large Scale Integration (VLSI) Systems"},{"key":"e_1_3_4_137_2","series-title":"LNCS","first-page":"125","volume-title":"CHES 2010","author":"Moradi Amir","year":"2010","unstructured":"Amir Moradi, Oliver Mischke, and Thomas Eisenbarth. 2010. Correlation-enhanced power analysis collision attack. In CHES 2010(LNCS, Vol. 6225). Springer, Heidelberg, 125\u2013139."},{"key":"e_1_3_4_138_2","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2012.154"},{"key":"e_1_3_4_139_2","volume-title":"CHES 2006","author":"Moradi Amir","year":"2006","unstructured":"Amir Moradi, Mohammad T. Manzuri Shalmani, and Mahmoud Salmasizadeh. 2006. A generalized method of differential fault attack against AES cryptosystem. In CHES 2006."},{"key":"e_1_3_4_140_2","doi-asserted-by":"publisher","DOI":"10.1145\/2996366.2996369"},{"key":"e_1_3_4_141_2","first-page":"98","volume-title":"Proceedings, IEEE International Conference on Computer Design: VLSI in Computers and Processors","author":"Morioka Sumio","year":"2002","unstructured":"Sumio Morioka and Akashi Satoh. 2002. A 10-Gbps full-AES crypto design with a twisted BDD S-Box architecture. In Proceedings, IEEE International Conference on Computer Design: VLSI in Computers and Processors. 98\u2013103."},{"key":"e_1_3_4_142_2","series-title":"LNCS","first-page":"172","volume-title":"CHES","author":"Morioka Sumio","year":"2003","unstructured":"Sumio Morioka and Akashi Satoh. 2003. An optimized S-Box circuit architecture for low power AES design. In CHES(LNCS, Vol. 2523). Springer, Heidelberg, 172\u2013186."},{"key":"e_1_3_4_143_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-89915-8_7"},{"key":"e_1_3_4_144_2","doi-asserted-by":"crossref","first-page":"1466","DOI":"10.1109\/SP40000.2020.00057","volume-title":"2020 IEEE Symposium on Security and Privacy (SP\u201920)","author":"Murdock Kit","year":"2020","unstructured":"Kit Murdock, David Oswald, Flavio D. Garcia, Jo Van Bulck, Daniel Gruss, and Frank Piessens. 2020. Plundervolt: Software-based fault injection attacks against intel SGX. In 2020 IEEE Symposium on Security and Privacy (SP\u201920). 1466\u20131482."},{"key":"e_1_3_4_145_2","article-title":"A deep analysis of two glitch-free hardware masking schemes SESYM and LMDPL","author":"M\u00fcller Nicolai","year":"2023","unstructured":"Nicolai M\u00fcller, Daniel Lammers, and Amir Moradi. 2023. A deep analysis of two glitch-free hardware masking schemes SESYM and LMDPL. Cryptology ePrint Archive, Paper 2023\/035.","journal-title":"Cryptology ePrint Archive, Paper 2023\/035"},{"key":"e_1_3_4_146_2","unstructured":"Rishub Nagpal Barbara Gigerl Rober Primas and Stefan Mangard. 2022. Self synchronized masking. extgit.iaik.tugraz.at\/sesys\/self-synchronized-masking"},{"issue":"4","key":"e_1_3_4_147_2","article-title":"Riding the waves towards generic single-cycle masking in hardware","author":"Nagpal Rishub","year":"2022","unstructured":"Rishub Nagpal, Barbara Gigerl, Robert Primas, and Stefan Mangard. 2022. Riding the waves towards generic single-cycle masking in hardware. IACR TCHES4 (2022).","journal-title":"IACR TCHES"},{"issue":"10","key":"e_1_3_4_148_2","first-page":"3978","article-title":"AES S-Box hardware with efficiency improvement based on linear mapping optimization","volume":"69","author":"Nakashima Ayano","year":"2022","unstructured":"Ayano Nakashima, Rei Ueno, and Naofumi Homma. 2022. AES S-Box hardware with efficiency improvement based on linear mapping optimization. IEEE Transactions on Circuits and Systems II: Express Briefs 69, 10 (2022), 3978\u20133982.","journal-title":"IEEE Transactions on Circuits and Systems II: Express Briefs"},{"key":"e_1_3_4_149_2","unstructured":"National Institute of Standards and Technology U.S. Department of Commerce. 2025. masking. csrc.nist.gov\/glossary\/term\/masking"},{"key":"e_1_3_4_150_2","unstructured":"National Institute of Standards and Technology U.S. Department of Commerce. 1999. AES Proposal: Rijndael."},{"key":"e_1_3_4_151_2","article-title":"Data Encryption Standard (DES)","author":"Commerce National Institute of Standards and Technology, U.S. Department of","year":"1999","unstructured":"National Institute of Standards and Technology, U.S. Department of Commerce. 1999. Data Encryption Standard (DES). NIST FIPS PUB 46-3.","journal-title":"NIST FIPS PUB 46-3"},{"key":"e_1_3_4_152_2","article-title":"SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions","author":"Commerce National Institute of Standards and Technology, U.S. Department of","year":"2015","unstructured":"National Institute of Standards and Technology, U.S. Department of Commerce. 2015. SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. NIST FIPS PUB 202.","journal-title":"NIST FIPS PUB 202"},{"key":"e_1_3_4_153_2","article-title":"NIST Roadmap Toward Criteria for Threshold Schemes for Cryptographic Primitives","author":"Commerce National Institute of Standards and Technology, U.S. Department of","year":"2020","unstructured":"National Institute of Standards and Technology, U.S. Department of Commerce. 2020. NIST Roadmap Toward Criteria for Threshold Schemes for Cryptographic Primitives. NISTIR 8214A.","journal-title":"NISTIR 8214A"},{"key":"e_1_3_4_154_2","article-title":"Advanced Encryption Standard (AES)","author":"Commerce National Institute of Standards and Technology, U.S. Department of","year":"2023","unstructured":"National Institute of Standards and Technology, U.S. Department of Commerce. 2023. Advanced Encryption Standard (AES). NIST FIPS PUB 197.","journal-title":"NIST FIPS PUB 197"},{"key":"e_1_3_4_155_2","volume-title":"Status Report on the First Round of the Development of the Advanced Encryption Standard","author":"Nechvatal James","year":"1999","unstructured":"James Nechvatal, Elaine Barker, Donna Dodson, Morris Dworkin, James Foti, and Edward Roback. 1999. Status Report on the First Round of the Development of the Advanced Encryption Standard. Technical Report. National Institute of Standards and Technology, U.S. Department of Commerce."},{"key":"e_1_3_4_156_2","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1007\/978-3-642-34117-5_4","volume-title":"Advances in Information and Computer Security","author":"Nekado Kenta","year":"2012","unstructured":"Kenta Nekado, Yasuyuki Nogami, and Kengo Iokibe. 2012. Very short critical path implementation of AES with direct logic gates. In Advances in Information and Computer Security. Springer Berlin Heidelberg, Berlin, Heidelberg, 51\u201368."},{"key":"e_1_3_4_157_2","unstructured":"NewAE Technology Inc.2020. CW305 Artix FPGA Target."},{"key":"e_1_3_4_158_2","doi-asserted-by":"crossref","first-page":"529","DOI":"10.1007\/11935308_38","volume-title":"Information and Communications Security","author":"Nikova Svetla","year":"2006","unstructured":"Svetla Nikova, Christian Rechberger, and Vincent Rijmen. 2006. Threshold implementations against side-channel attacks and glitches. In Information and Communications Security. Springer Berlin Heidelberg, Berlin, Heidelberg, 529\u2013545."},{"key":"e_1_3_4_159_2","first-page":"292","article-title":"Secure hardware implementation of nonlinear functions in the presence of glitches","volume":"24","author":"Nikova Svetla","year":"2010","unstructured":"Svetla Nikova, Vincent Rijmen, and Sch\u00e4ffer. 2010. Secure hardware implementation of nonlinear functions in the presence of glitches. Journal of Cryptography 24 (2010), 292\u2013321.","journal-title":"Journal of Cryptography"},{"key":"e_1_3_4_160_2","first-page":"546\u2013552 Vol.2","volume-title":"International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004.","volume":"2","author":"Ors S. B.","year":"2004","unstructured":"S. B. Ors, F. Gurkaynak, E. Oswald, and B. Preneel. 2004. Power-analysis attack on an ASIC AES implementation. In International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004., Vol. 2. 546\u2013552 Vol.2."},{"key":"e_1_3_4_161_2","doi-asserted-by":"crossref","first-page":"413","DOI":"10.1007\/11502760_28","volume-title":"Fast Software Encryption","author":"Oswald Elisabeth","year":"2005","unstructured":"Elisabeth Oswald, Stefan Mangard, Norbert Pramstaller, and Vincent Rijmen. 2005. A side-channel analysis resistant description of the AES S-Box. In Fast Software Encryption. Springer Berlin Heidelberg, Berlin, Heidelberg, 413\u2013423."},{"key":"e_1_3_4_162_2","article-title":"Lowering the Bar: Deep Learning for Side-channel Analysis","author":"Perin Guilherme","year":"2018","unstructured":"Guilherme Perin, Baris Ege, and Jasper van Woudenberg. 2018. Lowering the Bar: Deep Learning for Side-channel Analysis. White Paper (2018).","journal-title":"White Paper"},{"key":"e_1_3_4_163_2","volume-title":"PicoScope\u00ae 5000 A and B Series","author":"Technology Pico","year":"2017","unstructured":"Pico Technology. 2017. PicoScope\u00ae 5000 A and B Series. Technical Report Version 5.0. www.picotech.com\/download\/manuals\/picoscope-5000-a-and-b-series-users-guide.pdf"},{"key":"e_1_3_4_164_2","volume-title":"CHES 2007","author":"Popp Thomas","year":"2007","unstructured":"Thomas Popp, Mario Kirschbaum, Thomas Zefferer, and Stefan Mangard. 2007. Evaluation of the masked logic style MDPL on a prototype chip. In CHES 2007."},{"key":"e_1_3_4_165_2","volume-title":"CHES 2005","author":"Popp Thomas","year":"2005","unstructured":"Thomas Popp and Stefan Mangard. 2005. Masked dual-rail pre-charge logic: DPA-resistance without routing constraints. In CHES 2005."},{"key":"e_1_3_4_166_2","volume-title":"International Symposium on Circuits and Systems","author":"Popp T.","year":"2006","unstructured":"T. Popp and S. Mangard. 2006. Implementation aspects of the DPA-resistant logic style MDPL. In International Symposium on Circuits and Systems."},{"key":"e_1_3_4_167_2","volume-title":"Advanced Encryption Standard \u2013 AES","author":"Pramstaller Norbert","year":"2005","unstructured":"Norbert Pramstaller, Stefan Mangard, Sandra Dominikus, and Johannes Wolkerstorfer. 2005. Efficient AES implementations on ASICs and FPGAs. In Advanced Encryption Standard \u2013 AES. Springer Berlin Heidelberg, Berlin, Heidelberg."},{"key":"e_1_3_4_168_2","article-title":"Efficient low-latency masking of Ascon without fresh randomness","author":"Prasad Srinidhi Hari","year":"2023","unstructured":"Srinidhi Hari Prasad, Florian Mendel, Martin Schl\u00e4ffer, and Rishub Nagpal. 2023. Efficient low-latency masking of Ascon without fresh randomness. Cryptology ePrint Archive, Paper 2023\/1914.","journal-title":"Cryptology ePrint Archive, Paper 2023\/1914"},{"key":"e_1_3_4_169_2","doi-asserted-by":"crossref","first-page":"142","DOI":"10.1007\/978-3-642-38348-9_9","volume-title":"EUROCRYPT 2013 (LNCS)","author":"Prouff Emmanuel","year":"2013","unstructured":"Emmanuel Prouff and Matthieu Rivain. 2013. Masking against side-channel attacks: A formal security proof. In EUROCRYPT 2013 (LNCS). Springer, Heidelberg, 142\u2013159."},{"key":"e_1_3_4_170_2","unstructured":"Rambus Incorporated. 2015. Test Vector Leakage Assessment (TVLA) Derived Test Requirements (DTR) with AES."},{"issue":"3","key":"e_1_3_4_171_2","first-page":"404","article-title":"The AES-256 cryptosystem resists quantum attacks","volume":"8","author":"Rao Sandeep","year":"2017","unstructured":"Sandeep Rao, Dindayal Mahto, Dilip Kumar Yadav, and Danish Ali Khan. 2017. The AES-256 cryptosystem resists quantum attacks. Int. J. Adv. Res. Comput. Sci 8, 3 (2017), 404\u2013408.","journal-title":"Int. J. Adv. Res. Comput. Sci"},{"key":"e_1_3_4_172_2","article-title":"A note on the security of higher-order threshold implementations","author":"Reparaz Oscar","year":"2015","unstructured":"Oscar Reparaz. 2015. A note on the security of higher-order threshold implementations. Cryptology ePrint Archive, Paper.","journal-title":"Cryptology ePrint Archive, Paper"},{"key":"e_1_3_4_173_2","series-title":"LNCS","doi-asserted-by":"crossref","first-page":"764","DOI":"10.1007\/978-3-662-47989-6_37","volume-title":"CRYPTO 2015, Part I","author":"Reparaz Oscar","year":"2015","unstructured":"Oscar Reparaz, Beg\u00fcl Bilgin, Svetla Nikova, Benedikt Gierlichs, and Ingrid Verbauwhede. 2015. Consolidating masking schemes. In CRYPTO 2015, Part I(LNCS, Vol. 9215). Springer, Heidelberg, 764\u2013783."},{"key":"e_1_3_4_174_2","doi-asserted-by":"crossref","first-page":"145","DOI":"10.1109\/ARITH.2018.8464780","volume-title":"2018 IEEE 25th Symposium on Computer Arithmetic (ARITH\u201918)","author":"Reyhani-Masoleh Arash","year":"2018","unstructured":"Arash Reyhani-Masoleh, Mostafa Taha, and Doaa Ashmawy. 2018. New area record for the AES combined S-Box\/Inverse S-Box. In 2018 IEEE 25th Symposium on Computer Arithmetic (ARITH\u201918). 145\u2013152."},{"key":"e_1_3_4_175_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2018.i2.298-336"},{"issue":"12","key":"e_1_3_4_176_2","doi-asserted-by":"crossref","first-page":"1757","DOI":"10.1109\/TC.2019.2922601","article-title":"New low-area designs for the AES forward, inverse and combined S-Boxes","volume":"69","author":"Reyhani-Masoleh Arash","year":"2020","unstructured":"Arash Reyhani-Masoleh, Mostafa Taha, and Doaa Ashmawy. 2020. New low-area designs for the AES forward, inverse and combined S-Boxes. IEEE Transactions on Computers 69, 12 (2020), 1757\u20131773.","journal-title":"IEEE Transactions on Computers"},{"key":"e_1_3_4_177_2","unstructured":"Aein Rezaei Shahmirzadi and Amir Moradi. 2021. NullFresh. www.github.com\/Chair-for-Security-Engineering\/NullFresh"},{"issue":"1","key":"e_1_3_4_178_2","first-page":"305","article-title":"Re-consolidating first-order masking schemes","volume":"2021","author":"Shahmirzadi Aein Rezaei","year":"2021","unstructured":"Aein Rezaei Shahmirzadi and Amir Moradi. 2021. Re-consolidating first-order masking schemes. IACR TCHES 2021, 1 (2021), 305\u2013342.","journal-title":"IACR TCHES"},{"key":"e_1_3_4_179_2","unstructured":"Vincent Rijmen. 2000. Efficient implementation of the Rijndael S-Box. luca-giuzzi.unibs.it\/corsi\/Support\/papers-cryptography\/rijndael-sbox.pdf"},{"key":"e_1_3_4_180_2","series-title":"LNCS","first-page":"413","volume-title":"CHES 2010","author":"Rivain Matthieu","year":"2010","unstructured":"Matthieu Rivain and Emmanuel Prouff. 2010. Provably secure higher-order masking of AES. In CHES 2010(LNCS, Vol. 6225). Springer, Heidelberg, 413\u2013427."},{"key":"e_1_3_4_181_2","doi-asserted-by":"publisher","DOI":"10.1109\/TCAD.2019.2897629"},{"key":"e_1_3_4_182_2","volume-title":"CHES 2001","author":"Rudra Atri","year":"2001","unstructured":"Atri Rudra, Pradeep K. Dubey, Charanjit S. Jutla, Vijay Kumar, Josyula R. Rao, and Pankaj Rohatgi. 2001. Efficient Rijndael encryption implementation with composite field arithmetic. In CHES 2001."},{"key":"e_1_3_4_183_2","doi-asserted-by":"crossref","unstructured":"Rajat Sadhukhan Paulson Mathew Debapriya Basu Roy and Debdeep Mukhopadhyay. 2019. Count your toggles: A new leakage model for pre-silicon power analysis of crypto designs. 35 5 (2019) 605\u2013619.","DOI":"10.1007\/s10836-019-05826-8"},{"key":"e_1_3_4_184_2","volume-title":"Samsung Solid State Drive","author":"Ltd. Samsung Electronics Co.,","year":"2013","unstructured":"Samsung Electronics Co., Ltd.2013. Samsung Solid State Drive. download.semiconductor.samsung.com\/resources\/white-paper\/Samsung_SSD_White_Paper.pdf"},{"key":"e_1_3_4_185_2","first-page":"287","volume-title":"And-Exor Expressions and their Optimization","author":"Sasao Tsutomu","year":"1993","unstructured":"Tsutomu Sasao. 1993. And-Exor Expressions and their Optimization. Springer US, Boston, MA, 287\u2013312."},{"issue":"2","key":"e_1_3_4_186_2","doi-asserted-by":"crossref","first-page":"300","DOI":"10.46586\/tches.v2020.i2.300-326","article-title":"Low-latency hardware masking with application to AES","volume":"2020","author":"Sasdrich Pascal","year":"2020","unstructured":"Pascal Sasdrich, Beg\u00fcl Bilgin, Michael Hutter, and Mark E. Marson. 2020. Low-latency hardware masking with application to AES. IACR TCHES 2020, 2 (2020), 300\u2013326.","journal-title":"IACR TCHES"},{"key":"e_1_3_4_187_2","series-title":"LNCS","doi-asserted-by":"crossref","first-page":"239","DOI":"10.1007\/3-540-45682-1_15","volume-title":"ASIACRYPT 2001","author":"Satoh Akashi","year":"2001","unstructured":"Akashi Satoh, Sumio Morioka, Kohji Takano, and Seiji Munetoh. 2001. A compact Rijndael hardware architecture with S-Box optimization. In ASIACRYPT 2001(LNCS, Vol. 2248). Springer, Heidelberg, 239\u2013254."},{"key":"e_1_3_4_188_2","unstructured":"Satoh Lab. 2014. SAKURA-G. satoh.cs.uec.ac.jp\/SAKURA\/hardware\/SAKURA-G.html"},{"key":"e_1_3_4_189_2","unstructured":"Satoh Lab. 2016. SAKURA-X. satoh.cs.uec.ac.jp\/SAKURA\/hardware\/SAKURA-X.html"},{"key":"e_1_3_4_190_2","unstructured":"Satoh Lab. 2016. SESBO-G. satoh.cs.uec.ac.jp\/SAKURA\/hardware\/SASEBO-G.html"},{"key":"e_1_3_4_191_2","doi-asserted-by":"crossref","unstructured":"Alexander Schl\u00f6sser Dmitry Nedospasov Juliane Kr\u00e4mer Susanna Orlic and Jean-Pierre Seifert. 2013. Simple photonic emission analysis of AES. Journal of Cryptographic Engineering 3 1 (2013) 3\u201315.","DOI":"10.1007\/s13389-013-0053-7"},{"key":"e_1_3_4_192_2","doi-asserted-by":"crossref","first-page":"13","DOI":"10.1109\/FDTC.2009.37","volume-title":"2009 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC\u201909)","author":"Schmidt J\u00f6rn-Marc","year":"2009","unstructured":"J\u00f6rn-Marc Schmidt, Michael Hutter, and Thomas Plos. 2009. Optical fault attacks on AES: A threat in violet. In 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC\u201909). 13\u201322."},{"key":"e_1_3_4_193_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-00306-6_19"},{"key":"e_1_3_4_194_2","first-page":"495","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2015","author":"Schneider Tobias","year":"2022","unstructured":"Tobias Schneider and Amir Moradi. 2022. Leakage assessment methodology. In Cryptographic Hardware and Embedded Systems \u2013 CHES 2015. Springer-Verlag, Berlin, Heidelberg, 495\u2013513."},{"key":"e_1_3_4_195_2","series-title":"LNCS","first-page":"163","volume-title":"CHES","author":"Schramm Kai","year":"2004","unstructured":"Kai Schramm, Gregor Leander, Patrick Felke, and Christof Paar. 2004. A collision-attack on AES: Combining side channel- and differential-attack. In CHES(LNCS, Vol. 3156). Springer, Heidelberg, 163\u2013175."},{"key":"e_1_3_4_196_2","unstructured":"Seagate Technology Holdings plc. 2023. Enterprise self-encrypting drives. www.seagate.com\/files\/staticfiles\/support\/docs\/manual\/Interface%20manuals\/100515636b.pdf"},{"key":"e_1_3_4_197_2","doi-asserted-by":"publisher","DOI":"10.1145\/359168.359176"},{"key":"e_1_3_4_198_2","doi-asserted-by":"crossref","first-page":"134","DOI":"10.1109\/ISVLSI54635.2022.00036","volume-title":"2022 IEEE Computer Society Annual Symposium on VLSI (ISVLSI\u201922)","author":"Shuvo Amit Mazumder","year":"2022","unstructured":"Amit Mazumder Shuvo, Nitin Pundir, Jungmin Park, Farimah Farahmandi, and Mark Tehranipoor. 2022. LDTFI: Layout-aware timing fault-injection attack assessment against differential fault analysis. In 2022 IEEE Computer Society Annual Symposium on VLSI (ISVLSI\u201922). 134\u2013139."},{"key":"e_1_3_4_199_2","unstructured":"Silicon Integration Initiative Inc. 2024. Silvaco FreePDK45 Library. www.si2.org\/open-cell-library"},{"key":"e_1_3_4_200_2","doi-asserted-by":"crossref","unstructured":"Mateus Sim\u00f5es Lilian Bossuet Nicolas Bruneau Vincent Grosso Patrick Haddad and Thomas Sarno. 2022. Self-timed masking: Implementing masked S-Boxes without registers. Springer-Verlag Berlin Heidelberg.","DOI":"10.1007\/978-3-031-25319-5_8"},{"key":"e_1_3_4_201_2","first-page":"36","volume-title":"International Symposium on Hardware Oriented Security and Trust (HOST\u201923)","author":"Sim\u00f5es Mateus","year":"2023","unstructured":"Mateus Sim\u00f5es, Lilian Bossuet, Nicolas Bruneau, Vincent Grosso, Patrick Haddad, and Thomas Sarno. 2023. Low-latency masking with arbitrary protection order based on click elements. In International Symposium on Hardware Oriented Security and Trust (HOST\u201923). 36\u201347."},{"key":"e_1_3_4_202_2","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1007\/3-540-36400-5_2","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2002","author":"Skorobogatov Sergei P.","year":"2003","unstructured":"Sergei P. Skorobogatov and Ross J. Anderson. 2003. Optical fault induction attacks. In Cryptographic Hardware and Embedded Systems - CHES 2002. Springer Berlin Heidelberg, Berlin, Heidelberg, 2\u201312."},{"key":"e_1_3_4_203_2","unstructured":"SkyWater PDK Authors. 2023. SkyWater Open Source PDK. github.com\/google\/skywater-pdk"},{"key":"e_1_3_4_204_2","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2017.2779824"},{"issue":"3","key":"e_1_3_4_205_2","doi-asserted-by":"crossref","first-page":"422","DOI":"10.46586\/tches.v2023.i3.422-444","article-title":"Deep learning side-channel collision attack","volume":"2023","author":"Staib Marvin","year":"2023","unstructured":"Marvin Staib and Amir Moradi. 2023. Deep learning side-channel collision attack. IACR TCHES 2023, 3 (2023), 422\u2013444.","journal-title":"IACR TCHES"},{"key":"e_1_3_4_206_2","doi-asserted-by":"crossref","first-page":"65","DOI":"10.1007\/978-3-030-15462-2_5","volume-title":"Smart Card Research and Advanced Applications","author":"Standaert Fran\u00e7ois-Xavier","year":"2019","unstructured":"Fran\u00e7ois-Xavier Standaert. 2019. How (not) to use Welch\u2019s T-Test in side-channel security evaluations. In Smart Card Research and Advanced Applications. Springer International Publishing, Cham, 65\u201379."},{"issue":"1","key":"e_1_3_4_207_2","doi-asserted-by":"crossref","first-page":"123","DOI":"10.46586\/tches.v2019.i1.123-145","article-title":"3-Share threshold implementation of AES S-box without fresh randomness","volume":"2019","author":"Sugawara Takeshi","year":"2018","unstructured":"Takeshi Sugawara. 2018. 3-Share threshold implementation of AES S-box without fresh randomness. IACR TCHES 2019, 1 (2018), 123\u2013145.","journal-title":"IACR TCHES"},{"key":"e_1_3_4_208_2","doi-asserted-by":"crossref","first-page":"339","DOI":"10.1007\/978-3-642-35999-6_22","volume-title":"Selected Areas in Cryptography","author":"Suzaki Tomoyasu","year":"2013","unstructured":"Tomoyasu Suzaki, Kazuhiko Minematsu, Sumio Morioka, and Eita Kobayashi. 2013. TWINE: A lightweight block cipher for multiple platforms. In Selected Areas in Cryptography. Springer Berlin Heidelberg, Berlin, Heidelberg, 339\u2013354."},{"key":"e_1_3_4_209_2","series-title":"LNCS","first-page":"255","volume-title":"CHES 2006","author":"Suzuki Daisuke","year":"2006","unstructured":"Daisuke Suzuki and Minoru Saeki. 2006. Security evaluation of DPA countermeasures using dual-rail pre-charge logic style. In CHES 2006(LNCS, Vol. 4249). Springer, Heidelberg, 255\u2013269."},{"key":"e_1_3_4_210_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-94-007-2345-0"},{"issue":"5","key":"e_1_3_4_211_2","article-title":"Gate-level hardware countermeasure comparison against power analysis attacks","volume":"12","author":"Tena-S\u00e1nchez Erica","year":"2022","unstructured":"Erica Tena-S\u00e1nchez, Francisco Eugenio Potestad-Ord\u00f3\u00f1ez, Carlos J. Jim\u00e9nez-Fern\u00e1ndez, Antonio J. Acosta, and Ricardo Chaves. 2022. Gate-level hardware countermeasure comparison against power analysis attacks. Applied Sciences 12, 5 (2022).","journal-title":"Applied Sciences"},{"key":"e_1_3_4_212_2","unstructured":"Thales Group. 2023. Smart Cards \u2013 An Illustrated Guide (2023). www.thalesgroup.com\/en\/markets\/digital-identity-and-security\/technology\/smart-cards-basics"},{"key":"e_1_3_4_213_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11265-007-0158-2"},{"issue":"2","key":"e_1_3_4_214_2","doi-asserted-by":"crossref","first-page":"107","DOI":"10.46586\/tches.v2019.i2.107-131","article-title":"Non-profiled deep learning-based side-channel attacks with sensitivity analysis","volume":"2019","author":"Timon Benjamin","year":"2019","unstructured":"Benjamin Timon. 2019. Non-profiled deep learning-based side-channel attacks with sensitivity analysis. IACR TCHES 2019, 2 (2019), 107\u2013131.","journal-title":"IACR TCHES"},{"key":"e_1_3_4_215_2","first-page":"403","volume-title":"Proceedings of the 28th European Solid-State Circuits Conference","author":"Tiri K.","year":"2002","unstructured":"K. Tiri, M. Akmal, and I. Verbauwhede. 2002. A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards. In Proceedings of the 28th European Solid-State Circuits Conference. 403\u2013406."},{"key":"e_1_3_4_216_2","first-page":"246\u2013251 Vol.1","volume-title":"Proceedings Design, Automation and Test in Europe Conference and Exhibition","volume":"1","author":"Tiri K.","year":"2004","unstructured":"K. Tiri and I. Verbauwhede. 2004. A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation. In Proceedings Design, Automation and Test in Europe Conference and Exhibition, Vol. 1. 246\u2013251 Vol.1."},{"key":"e_1_3_4_217_2","doi-asserted-by":"crossref","first-page":"143","DOI":"10.1007\/1-4020-8147-2_10","volume-title":"Smart Card Research and Advanced Applications VI","author":"Tiri Kris","year":"2004","unstructured":"Kris Tiri and Ingrid Verbauwhede. 2004. Place and route for secure standard cell design. In Smart Card Research and Advanced Applications VI. Springer US, Boston, MA, 143\u2013158."},{"key":"e_1_3_4_218_2","volume-title":"Design, Automation and Test in Europe","author":"Tiri K.","year":"2005","unstructured":"K. Tiri and I. Verbauwhede. 2005. A VLSI design flow for secure side-channel attack resistant ICs. In Design, Automation and Test in Europe."},{"key":"e_1_3_4_219_2","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1007\/978-3-319-64647-3_4","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"Ueno Rei","year":"2017","unstructured":"Rei Ueno, Naofumi Homma, and Takafumi Aoki. 2017. Toward more efficient DPA-resistant AES hardware architecture based on threshold implementation. In Constructive Side-Channel Analysis and Secure Design. Springer International Publishing, Cham, 50\u201364."},{"key":"e_1_3_4_220_2","first-page":"63","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2015","author":"Ueno Rei","year":"2022","unstructured":"Rei Ueno, Naofumi Homma, Yukihiro Sugawara, Yasuyuki Nogami, and Takafumi Aoki. 2022. Highly efficient \\(GF(2^8)\\) inversion circuit based on redundant GF arithmetic and its application to AES design. In Cryptographic Hardware and Embedded Systems \u2013 CHES 2015. Springer-Verlag, Berlin, Heidelberg, 63\u201380."},{"key":"e_1_3_4_221_2","doi-asserted-by":"publisher","DOI":"10.1109\/12.391185"},{"key":"e_1_3_4_222_2","unstructured":"United Microelectronics Corporation. 2025. United Microelectronics 55\/65\/90nm. www.umc.com\/en\/Product\/technologies\/Detail\/55_65_90nm"},{"key":"e_1_3_4_223_2","doi-asserted-by":"crossref","first-page":"91","DOI":"10.1109\/FDTC.2011.12","volume-title":"2011 Workshop on Fault Diagnosis and Tolerance in Cryptography","author":"Woudenberg Jasper G. J. van","year":"2011","unstructured":"Jasper G. J. van Woudenberg, Marc F. Witteman, and Federico Menarini. 2011. Practical optical fault injection on secure microcontrollers. In 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography. 91\u201399."},{"key":"e_1_3_4_224_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICCAD.2017.8203889"},{"key":"e_1_3_4_225_2","unstructured":"Ingrid Verbauwhede and Kris J. V. Tiri. U.S. Patent 8 947 123 B2 Feb. 2015. Wave Dynamic Differential Logic."},{"key":"e_1_3_4_226_2","doi-asserted-by":"publisher","DOI":"10.1145\/3411504.3421214"},{"key":"e_1_3_4_227_2","doi-asserted-by":"crossref","first-page":"245","DOI":"10.1007\/978-3-319-89641-0_14","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"Wegener Felix","year":"2018","unstructured":"Felix Wegener and Amir Moradi. 2018. A first-order SCA resistant AES without fresh randomness. In Constructive Side-Channel Analysis and Secure Design. Springer International Publishing, Cham, 245\u2013262."},{"key":"e_1_3_4_228_2","doi-asserted-by":"crossref","first-page":"111","DOI":"10.1007\/978-3-030-15462-2_8","volume-title":"Smart Card Research and Advanced Applications","author":"Wegener Felix","year":"2019","unstructured":"Felix Wegener and Amir Moradi. 2019. Yet another size record for AES: A first-order SCA secure AES S-Box based on \\(GF(2^8)\\) multiplication. In Smart Card Research and Advanced Applications. Springer International Publishing, Cham, 111\u2013124."},{"key":"e_1_3_4_229_2","series-title":"LNCS","first-page":"67","volume-title":"CT-RSA 2002","author":"Wolkerstorfer Johannes","year":"2002","unstructured":"Johannes Wolkerstorfer, Elisabeth Oswald, and Mario Lamberger. 2002. An ASIC implementation of the AES S-Boxes. In CT-RSA 2002(LNCS, Vol. 2271). Springer, Heidelberg, 67\u201378."},{"key":"e_1_3_4_230_2","doi-asserted-by":"crossref","first-page":"1242","DOI":"10.1109\/TEST.2004.1387397","volume-title":"2004 International Conference on Test","author":"Wu K.","year":"2004","unstructured":"K. Wu, Ramesh Karri, G. Kuznetsov, and M. Goessel. 2004. Low cost concurrent error detection for the advanced encryption standard. In 2004 International Conference on Test. 1242\u20131248."},{"key":"e_1_3_4_231_2","article-title":"Automated generation of masked nonlinear components: From lookup tables to private circuits","author":"Wu Lixuan","year":"2023","unstructured":"Lixuan Wu, Yanhong Fan, Bart Preneel, Weijia Wang, and Meiqin Wang. 2023. Automated generation of masked nonlinear components: From lookup tables to private circuits. Cryptology ePrint Archive, Paper 2023\/831.","journal-title":"Cryptology ePrint Archive, Paper 2023\/831"},{"key":"e_1_3_4_232_2","doi-asserted-by":"crossref","first-page":"164","DOI":"10.1007\/3-540-36552-4_12","volume-title":"Information Security and Cryptology \u2014 ICISC 2002","author":"Xiao Lu","year":"2003","unstructured":"Lu Xiao and Howard M. Heys. 2003. Hardware design and analysis of block cipher components. In Information Security and Cryptology \u2014 ICISC 2002. Springer Berlin Heidelberg, Berlin, Heidelberg, 164\u2013181."},{"issue":"3","key":"e_1_3_4_233_2","doi-asserted-by":"crossref","first-page":"267","DOI":"10.46586\/tches.v2018.i3.267-292","article-title":"ES-TRNG: A high-throughput, low-area true random number generator based on edge sampling","volume":"2018","author":"Yang Bohan","year":"2018","unstructured":"Bohan Yang, Vladimir Ro\u017eic, Milo\u0161 Grujic, Nele Mentens, and Ingrid Verbauwhede. 2018. ES-TRNG: A high-throughput, low-area true random number generator based on edge sampling. IACR Transactions on Cryptographic Hardware and Embedded Systems 2018, 3 (Aug.2018), 267\u2013292.","journal-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems"},{"key":"e_1_3_4_234_2","doi-asserted-by":"publisher","DOI":"10.5555\/1382436.1382751"},{"issue":"2","key":"e_1_3_4_235_2","doi-asserted-by":"crossref","first-page":"519","DOI":"10.46586\/tches.v2023.i2.519-542","article-title":"Efficient persistent fault analysis with small number of chosen plaintexts","volume":"2023","author":"Zhang Fan","year":"2023","unstructured":"Fan Zhang, Run Huang, Tianxiang Feng, Xue Gong, Yulong Tao, Kui Ren, Xinjie Zhao, and Shize Guo. 2023. Efficient persistent fault analysis with small number of chosen plaintexts. IACR Transactions on Cryptographic Hardware and Embedded Systems 2023, 2 (Mar.2023), 519\u2013542.","journal-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems"},{"issue":"3","key":"e_1_3_4_236_2","doi-asserted-by":"crossref","first-page":"150","DOI":"10.46586\/tches.v2018.i3.150-172","article-title":"Persistent fault analysis on block ciphers","volume":"2018","author":"Zhang Fan","year":"2018","unstructured":"Fan Zhang, Xiaoxuan Lou, Xinjie Zhao, Shivam Bhasin, Wei He, Ruyi Ding, Samiya Qureshi, and Kui Ren. 2018. Persistent fault analysis on block ciphers. IACR Transactions on Cryptographic Hardware and Embedded Systems 2018, 3 (Aug.2018), 150\u2013172.","journal-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems"},{"key":"e_1_3_4_237_2","unstructured":"Xuan \u2019Silvia\u2019 Zhang. 2016. Lecture 18: Design For Test (DFT). Washington University in St. Louis. classes.engineering.wustl.edu\/ese461\/Lecture\/week10b.pdf"}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3724114","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3724114","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:18:59Z","timestamp":1750295939000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3724114"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,4,4]]},"references-count":236,"journal-issue":{"issue":"9","published-print":{"date-parts":[[2025,9,30]]}},"alternative-id":["10.1145\/3724114"],"URL":"https:\/\/doi.org\/10.1145\/3724114","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,4,4]]},"assertion":[{"value":"2024-05-13","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-03-01","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-04-04","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}