{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T23:56:31Z","timestamp":1772927791480,"version":"3.50.1"},"reference-count":34,"publisher":"Institute of Electronics, Information and Communications Engineers (IEICE)","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEICE Trans. Fundamentals"],"published-print":{"date-parts":[[2026,3,1]]},"DOI":"10.1587\/transfun.2025cip0024","type":"journal-article","created":{"date-parts":[[2025,8,18]],"date-time":"2025-08-18T22:06:08Z","timestamp":1755554768000},"page":"290-304","source":"Crossref","is-referenced-by-count":0,"title":["Toward Cost-Effective Combined Countermeasures: Multiplicative Masked M&amp;M"],"prefix":"10.1587","volume":"E109.A","author":[{"given":"Kaiyuan","family":"LI","sequence":"first","affiliation":[{"name":"The University of Electro-Communications"}]},{"given":"Haruka","family":"HIRATA","sequence":"additional","affiliation":[{"name":"The University of Electro-Communications"}]},{"given":"Daiki","family":"MIYAHARA","sequence":"additional","affiliation":[{"name":"The University of Electro-Communications"}]},{"given":"Kazuo","family":"SAKIYAMA","sequence":"additional","affiliation":[{"name":"The University of Electro-Communications"}]},{"given":"Yuko","family":"HARA","sequence":"additional","affiliation":[{"name":"Institute of Science Tokyo"}]},{"given":"Yang","family":"LI","sequence":"additional","affiliation":[{"name":"The University of Electro-Communications"}]}],"member":"532","reference":[{"key":"1","doi-asserted-by":"crossref","unstructured":"[1] K. Li, H. Hirata, D. Miyahara, Y. Hara, K. Sakiyama, and Y. Li, \u201cMultiplicative masked M&amp;M: An attempt at combined countermeasures with reduced randomness,\u201d Proc. 2024 IEEE 23rd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp.726-733, 2024. 10.1109\/trustcom63139.2024.00112","DOI":"10.1109\/TrustCom63139.2024.00112"},{"key":"2","doi-asserted-by":"publisher","unstructured":"[2] L. De Meyer, V. Arribas, S. Nikova, V. Nikov, and V. Rijmen, \u201cM&amp;M: Masks and Macs against physical attacks,\u201d IACR Transactions on Cryptographic Hardware and Embedded Systems, vol.2019, no.1, pp.25-50, Nov. 2018. 10.46586\/tches.v2019.i1.25-50","DOI":"10.46586\/tches.v2019.i1.25-50"},{"key":"3","doi-asserted-by":"publisher","unstructured":"[3] E. Biham and A. Shamir, \u201cDifferential fault analysis of secret key cryptosystems,\u201d Advances in Cryptology\u2006\u2014\u2006CRYPTO\u201997, B.S. Kaliski, ed., Berlin, Heidelberg, pp.513-525, Springer Berlin Heidelberg, 1997. 10.1007\/bfb0052259","DOI":"10.1007\/BFb0052259"},{"key":"4","doi-asserted-by":"crossref","unstructured":"[4] S. Nikova, C. Rechberger, and V. Rijmen, \u201cThreshold implementations against side-channel attacks and glitches,\u201d Information and Communications Security, P. Ning, S. Qing, and N. Li, eds., pp.529-545, Springer Berlin Heidelberg, Berlin, Heidelberg, 2006. 10.1007\/11935308_38","DOI":"10.1007\/11935308_38"},{"key":"5","doi-asserted-by":"publisher","unstructured":"[5] L. De Meyer, O. Reparaz, and B. Bilgin, \u201cMultiplicative masking for AES in hardware,\u201d IACR Transactions on Cryptographic Hardware and Embedded Systems, vol.2018, no.3, pp.431-468, Aug. 2018. 10.46586\/tches.v2018.i3.431-468","DOI":"10.46586\/tches.v2018.i3.431-468"},{"key":"6","doi-asserted-by":"publisher","unstructured":"[6] P. Kocher, J. Jaffe, and B. Jun, \u201cDifferential power analysis,\u201d Advances in Cryptology\u2006\u2014\u2006CRYPTO\u201999, M. Wiener, ed., pp.388-397, Springer Berlin Heidelberg, Berlin, Heidelberg, 1999. 10.1007\/3-540-48405-1_25","DOI":"10.1007\/3-540-48405-1_25"},{"key":"7","doi-asserted-by":"publisher","unstructured":"[7] E. Brier, C. Clavier, and F. Olivier, \u201cCorrelation power analysis with a leakage model,\u201d Cryptographic Hardware and Embedded Systems - CHES 2004, M. Joye and J.J. Quisquater, eds., Berlin, Heidelberg, pp.16-29, Springer Berlin Heidelberg, 2004. 10.1007\/978-3-540-28632-5_2","DOI":"10.1007\/978-3-540-28632-5_2"},{"key":"8","doi-asserted-by":"crossref","unstructured":"[8] Y. Ishai, A. Sahai, and D. Wagner, \u201cPrivate circuits: Securing hardware against probing attacks,\u201d Advances in Cryptology - CRYPTO 2003, 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, Aug. 2003, Proceedings, Lecture Notes in Computer Science, vol.2729, pp.463-481, Springer, 2003. 10.1007\/978-3-540-45146-4_27","DOI":"10.1007\/978-3-540-45146-4_27"},{"key":"9","doi-asserted-by":"crossref","unstructured":"[9] S. Faust, V. Grosso, S. Merino Del Pozo, C. Paglialonga, and F.X. Standaert, \u201cComposable masking schemes in the presence of physical defaults &amp; the robust probing model,\u201d IACR Transactions on Cryptographic Hardware and Embedded Systems, vol.2018, no.3, pp.89-120, Ruhr-Universit\u00e4t Bochum, Aug. 2018. 10.13154\/tches.v2018.i3.89-120","DOI":"10.46586\/tches.v2018.i3.89-120"},{"key":"10","doi-asserted-by":"crossref","unstructured":"[10] B. Bilgin, B. Gierlichs, S. Nikova, V. Nikov, and V. Rijmen, \u201cHigher-order threshold implementations,\u201d Advances in Cryptology - ASIACRYPT 2014, P. Sarkar and T. Iwata, eds., pp.326-343, Springer Berlin Heidelberg, Berlin, Heidelberg, 2014. 10.1007\/978-3-662-45608-8_18","DOI":"10.1007\/978-3-662-45608-8_18"},{"key":"11","doi-asserted-by":"crossref","unstructured":"[11] O. Reparaz, B. Bilgin, S. Nikova, B. Gierlichs, and I. Verbauwhede, \u201cConsolidating masking schemes,\u201d Advances in Cryptology - CRYPTO 2015, p.764-783, Springer-Verlag, Berlin, Heidelberg, 2022. 10.1007\/978-3-662-47989-6_37","DOI":"10.1007\/978-3-662-47989-6_37"},{"key":"12","doi-asserted-by":"crossref","unstructured":"[12] H. Gross, S. Mangard, and T. Korak, \u201cDomain-oriented masking: Compact masked hardware implementations with arbitrary protection order,\u201d Proc. 2016 ACM Workshop on Theory of Implementation Security, Vienna, Austria, p.3, ACM, Oct. 2016. 10.1145\/2996366.2996426","DOI":"10.1145\/2996366.2996426"},{"key":"13","doi-asserted-by":"publisher","unstructured":"[13] Y. Li, K. Sakiyama, S. Gomisawa, T. Fukunaga, J. Takahashi, and K. Ohta, \u201cFault sensitivity analysis,\u201d Cryptographic Hardware and Embedded Systems, CHES 2010, S. Mangard and F.X. Standaert, eds., pp.320-334, Springer Berlin Heidelberg, Berlin, Heidelberg, 2010. 10.1007\/978-3-642-15031-9_22","DOI":"10.1007\/978-3-642-15031-9_22"},{"key":"14","doi-asserted-by":"crossref","unstructured":"[14] C. Clavier, \u201cSecret external encodings do not prevent transient fault analysis,\u201d Cryptographic Hardware and Embedded Systems - CHES 2007, P. Paillier and I. Verbauwhede, eds., pp.181-194, Springer Berlin Heidelberg, Berlin, Heidelberg, 2007. 10.1007\/978-3-540-74735-2_13","DOI":"10.1007\/978-3-540-74735-2_13"},{"key":"15","doi-asserted-by":"publisher","unstructured":"[15] C. Dobraunig, M. Eichlseder, T. Korak, S. Mangard, F. Mendel, and R. Primas, \u201cSIFA: Exploiting ineffective fault inductions on symmetric cryptography,\u201d IACR Transactions on Cryptographic Hardware and Embedded Systems, vol.2018, no.3, pp.547-572, Aug. 2018. 10.46586\/tches.v2018.i3.547-572","DOI":"10.46586\/tches.v2018.i3.547-572"},{"key":"16","doi-asserted-by":"crossref","unstructured":"[16] S. Saha, A. Bag, D. Basu Roy, S. Patranabis, and D. Mukhopadhyay, \u201cFault template attacks on block ciphers exploiting fault propagation,\u201d Advances in Cryptology - EUROCRYPT 2020: 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 2020, Proceedings, Part I, Berlin, Heidelberg, pp.612-643, Springer-Verlag, 2020. 10.1007\/978-3-030-45721-1_22","DOI":"10.1007\/978-3-030-45721-1_22"},{"key":"17","doi-asserted-by":"publisher","unstructured":"[17] H. Hirata, D. Miyahara, V. Arribas, Y. Li, N. Miura, S. Nikova, and K. Sakiyama, \u201cAll you need is fault: Zero-value attacks on AES and a new <i>\u03bb<\/i>-detection M&amp;M,\u201d IACR Transactions on Cryptographic Hardware and Embedded Systems, vol.2024, no.1, pp.133-156, Dec. 2023. 10.46586\/tches.v2024.i1.133-156","DOI":"10.46586\/tches.v2024.i1.133-156"},{"key":"18","doi-asserted-by":"crossref","unstructured":"[18] C. Clavier, B. Feix, G. Gagnerot, and M. Roussellet, \u201cPassive and active combined attacks on AES combining fault attacks and side lChannel analysis,\u201d Proc. 2010 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC\u201910, USA, p.10-19, IEEE Computer Society, 2010. 10.1109\/fdtc.2010.17","DOI":"10.1109\/FDTC.2010.17"},{"key":"19","doi-asserted-by":"crossref","unstructured":"[19] T. Schneider, A. Moradi, and T. G\u00fcneysu, \u201cParTI: Towards combined hardware countermeasures against side-channel and fault-injection attacks,\u201d Proc. 2016 ACM Workshop on Theory of Implementation Security, TIS\u201916, p.39, Association for Computing Machinery, New York, NY, USA, 2016. 10.1145\/2996366.2996427","DOI":"10.1145\/2996366.2996427"},{"key":"20","doi-asserted-by":"crossref","unstructured":"[20] O. Reparaz, L. De Meyer, B. Bilgin, V. Arribas, S. Nikova, V. Nikov, and N. Smart, \u201cCAPA: The spirit of beaver against physical attacks,\u201d Advances in Cryptology - CRYPTO 2018: 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, Aug. 2018, Proceedings, Part I, p.121-151, Springer-Verlag, Berlin, Heidelberg, 2018. 10.1007\/978-3-319-96884-1_5","DOI":"10.1007\/978-3-319-96884-1_5"},{"key":"21","doi-asserted-by":"crossref","unstructured":"[21] D. Toprakhisar, S. Nikova, and V. Nikov, \u201cCAPABARA: A combined attack on CAPA,\u201d Constructive Side-Channel Analysis and Secure Design, R. Wacquez and N. Homma, eds., pp.76-89, Springer Nature Switzerland, Cham, 2024. 10.1007\/978-3-031-57543-3_5","DOI":"10.1007\/978-3-031-57543-3_5"},{"key":"22","doi-asserted-by":"crossref","unstructured":"[22] M.L. Akkar and C. Giraud, \u201cAn implementation of DES and AES, secure against some attacks,\u201d Cryptographic Hardware and Embedded Systems - CHES 2001, Third International Workshop, Paris, France, May 2001, Proceedings, Lecture Notes in Computer Science, vol.2162, pp.309-318, Springer, 2001. 10.1007\/3-540-44709-1_26","DOI":"10.1007\/3-540-44709-1_26"},{"key":"23","doi-asserted-by":"crossref","unstructured":"[23] J.D. Goli\u0107 and C. Tymen, \u201cMultiplicative masking and power analysis of AES,\u201d Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems, CHES\u201902, Berlin, Heidelberg, pp.198-212, Springer-Verlag, 2002. 10.1007\/3-540-36400-5_16","DOI":"10.1007\/3-540-36400-5_16"},{"key":"24","doi-asserted-by":"publisher","unstructured":"[24] L. Genelle, E. Prouff, and M. Quisquater, \u201cThwarting higher-order side channel analysis with additive and multiplicative maskings,\u201d Proc. 13th International Conference on Cryptographic Hardware and Embedded Systems, CHES\u201911, Berlin, Heidelberg, pp.240-255, Springer-Verlag, 2011. 10.1007\/978-3-642-23951-9_16","DOI":"10.1007\/978-3-642-23951-9_16"},{"key":"25","doi-asserted-by":"crossref","unstructured":"[25] L. Genelle, E. Prouff, and M. Quisquater, \u201cSecure multiplicative masking of power functions,\u201d Applied Cryptography and Network Security, J. Zhou and M. Yung, eds., Berlin, Heidelberg, pp.200-217, Springer Berlin Heidelberg, 2010. 10.1007\/978-3-642-13708-2_13","DOI":"10.1007\/978-3-642-13708-2_13"},{"key":"26","doi-asserted-by":"publisher","unstructured":"[26] J. Boyar, P. Matthews, and R. Peralta, \u201cLogic minimization techniques with applications to cryptology,\u201d J. Cryptol., vol.26, no.2, pp.280-312, April 2013. 10.1007\/s00145-012-9124-7","DOI":"10.1007\/s00145-012-9124-7"},{"key":"27","doi-asserted-by":"crossref","unstructured":"[27] H. Rahimi, and A. Moradi, \u201cOne more motivation to use evaluation tools this time for hardware multiplicative masking of AES,\u201d Proc. Design, Automation &amp; Test in Europe Conference, DATE 2025, Lyon, France, pp.1-7, 2025. 10.23919\/date64628.2025.10993221","DOI":"10.23919\/DATE64628.2025.10993221"},{"key":"28","doi-asserted-by":"crossref","unstructured":"[28] H. Gross, S. Mangard, and T. Korak, \u201cAn efficient side-channel protected aes implementation with arbitrary protection order,\u201d Topics in Cryptology - CT-RSA 2017, H. Handschuh, ed., pp.95-112, Springer International Publishing, Cham, 2017. 10.1007\/978-3-319-52153-4_6","DOI":"10.1007\/978-3-319-52153-4_6"},{"key":"29","doi-asserted-by":"crossref","unstructured":"[29] G. Barthe, S. Bela\u0131\u0308d, F. Dupressoir, P.A. Fouque, B. Gr\u00e9goire, P.Y. Strub, and R. Zucchini, \u201cStrong non-interference and type-directed higher-order masking,\u201d Proc. 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, pp.116-129, ACM, Oct. 2016. 10.1145\/2976749.2978427","DOI":"10.1145\/2976749.2978427"},{"key":"30","doi-asserted-by":"crossref","unstructured":"[30] T. Schneider and A. Moradi, \u201cLeakage assessment methodology,\u201d Cryptographic Hardware and Embedded Systems - CHES 2015, T. G\u00fcneysu and H. Handschuh, eds., pp.495-513, Springer Berlin Heidelberg, Berlin, Heidelberg, 2015. 10.1007\/978-3-662-48324-4_25","DOI":"10.1007\/978-3-662-48324-4_25"},{"key":"31","doi-asserted-by":"publisher","unstructured":"[31] J. Daemen, C. Dobraunig, M. Eichlseder, H. Gross, F. Mendel, and R. Primas, \u201cProtecting against statistical ineffective fault attacks,\u201d IACR Transactions on Cryptographic Hardware and Embedded Systems, vol.2020, no.3, pp.508-543, June 2020. 10.46586\/tches.v2020.i3.508-543","DOI":"10.46586\/tches.v2020.i3.508-543"},{"key":"32","doi-asserted-by":"publisher","unstructured":"[32] S. Dhooghe, A. Ovchinnikov, and D. Toprakhisar, \u201cStaTI: Protecting against fault attacks using stable threshold implementations,\u201d IACR Transactions on Cryptographic Hardware and Embedded Systems, vol.2024, no.1, pp.229-263, Ruhr-Universit\u00e4t Bochum, Dec. 2023. 10.46586\/tches.v2024.i1.229-263","DOI":"10.46586\/tches.v2024.i1.229-263"},{"key":"33","doi-asserted-by":"crossref","unstructured":"[33] S. Dhooghe and S. Nikova, \u201cMy gadget just cares for me\u2006\u2014\u2006How NINA can prove security against combined attacks,\u201d Topics in Cryptology - CT-RSA 2020: The Cryptographers\u2019 Track at the RSA Conference 2020, San Francisco, CA, USA, Feb. 2020, Proceedings, pp.35-55, Springer-Verlag, Berlin, Heidelberg, 2020. 10.1007\/978-3-030-40186-3_3","DOI":"10.1007\/978-3-030-40186-3_3"},{"key":"34","doi-asserted-by":"crossref","unstructured":"[34] J. Feldtkeller, J. Richter-Brockmann, P. Sasdrich, and T. G\u00fcneysu, \u201cCINI MINIS: Domain isolation for fault and combined security,\u201d Proc. 2022 ACM SIGSAC Conference on Computer and Communications Security, Los Angeles CA USA, pp.1023-1036, ACM, Nov. 2022. 10.1145\/3548606.3560614","DOI":"10.1145\/3548606.3560614"}],"container-title":["IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transfun\/E109.A\/3\/E109.A_2025CIP0024\/_pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T04:11:14Z","timestamp":1772856674000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transfun\/E109.A\/3\/E109.A_2025CIP0024\/_article"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3,1]]},"references-count":34,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2026]]}},"URL":"https:\/\/doi.org\/10.1587\/transfun.2025cip0024","relation":{},"ISSN":["0916-8508","1745-1337"],"issn-type":[{"value":"0916-8508","type":"print"},{"value":"1745-1337","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3,1]]},"article-number":"2025CIP0024"}}