{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T07:45:50Z","timestamp":1767339950609},"reference-count":0,"publisher":"Universitatsbibliothek der Ruhr-Universitat Bochum","issue":"4","license":[{"start":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T00:00:00Z","timestamp":1725494400000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["TCHES"],"abstract":"<jats:p>for Dilithium, the post-quantum signature scheme recently standardized by NIST. We improve the masked generation of the masking vector y, based on a fast Booleanto- arithmetic conversion modulo q. We also describe an optimized gadget for the high-order masked rejection sampling, with a complexity independent from the size of the modulus q. We prove the security of our gadgets in the classical ISW t-probing model. Finally, we detail our open-source C implementation of these gadgets integrated into a fully masked Dilithium implementation, and provide an efficiency comparison with previous works.<\/jats:p>","DOI":"10.46586\/tches.v2024.i4.335-354","type":"journal-article","created":{"date-parts":[[2024,9,16]],"date-time":"2024-09-16T05:34:55Z","timestamp":1726464895000},"page":"335-354","source":"Crossref","is-referenced-by-count":11,"title":["Improved High-Order Masked Generation of Masking Vector and Rejection Sampling in Dilithium"],"prefix":"10.46586","volume":"2024","author":[{"given":"Jean-S\u00e9bastien","family":"Coron","sequence":"first","affiliation":[]},{"given":"Fran\u00e7ois","family":"G\u00e9rard","sequence":"additional","affiliation":[]},{"given":"Tancr\u00e8de","family":"Lepoint","sequence":"additional","affiliation":[]},{"given":"Matthias","family":"Trannoy","sequence":"additional","affiliation":[]},{"given":"Rina","family":"Zeitoun","sequence":"additional","affiliation":[]}],"member":"25480","published-online":{"date-parts":[[2024,9,5]]},"container-title":["IACR Transactions on Cryptographic Hardware and Embedded Systems"],"original-title":[],"link":[{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/download\/11795\/11300","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/download\/11795\/11300","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,16]],"date-time":"2024-09-16T05:34:57Z","timestamp":1726464897000},"score":1,"resource":{"primary":{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/11795"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,5]]},"references-count":0,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2024,9,5]]}},"URL":"https:\/\/doi.org\/10.46586\/tches.v2024.i4.335-354","relation":{},"ISSN":["2569-2925"],"issn-type":[{"type":"electronic","value":"2569-2925"}],"subject":[],"published":{"date-parts":[[2024,9,5]]}}}