{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,6]],"date-time":"2025-03-06T05:14:32Z","timestamp":1741238072285,"version":"3.38.0"},"reference-count":0,"publisher":"Universitatsbibliothek der Ruhr-Universitat Bochum","issue":"2","license":[{"start":{"date-parts":[[2025,3,4]],"date-time":"2025-03-04T00:00:00Z","timestamp":1741046400000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["TCHES"],"abstract":"<jats:p>At CHES 2024, Time Sharing Masking (TSM) was introduced as a novel low-latency masking technique for hardware circuits. TSM offers area and randomness efficiency, as well as glitch-extended PINI security, but it is limited to first-order security. We address this limitation and generalize TSM to higher-order security while maintaining all of TSM\u2019s advantages. Additionally, we propose an area-latency tradeoff. We prove HO-TSM glitch-extended PINI security and successfully evaluate our circuits using formal verification tools. Furthermore, we demonstrate area- and latency-efficient implementations of the AES S-box, which do not exhibit leakage in TVLA on FPGA. Our proposed tradeoff enables a first-order secure implementation of a complete AES-128 encryption core with 92 kGE, 920 random bits per round, and 20 cycles of latency, which does not exhibit leakage in TVLA on FPGA.<\/jats:p>","DOI":"10.46586\/tches.v2025.i2.235-267","type":"journal-article","created":{"date-parts":[[2025,3,5]],"date-time":"2025-03-05T11:03:09Z","timestamp":1741172589000},"page":"235-267","source":"Crossref","is-referenced-by-count":0,"title":["Higher-Order Time Sharing Masking"],"prefix":"10.46586","volume":"2025","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0057-1658","authenticated-orcid":false,"given":"Dilip","family":"Kumar S. V.","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0591-7355","authenticated-orcid":false,"given":"Siemen","family":"Dhooghe","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6066-8710","authenticated-orcid":false,"given":"Josep","family":"Balasch","sequence":"additional","affiliation":[]},{"given":"Benedikt","family":"Gierlichs","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0879-076X","authenticated-orcid":false,"given":"Ingrid","family":"Verbauwhede","sequence":"additional","affiliation":[]}],"member":"25480","published-online":{"date-parts":[[2025,3,4]]},"container-title":["IACR Transactions on Cryptographic Hardware and Embedded Systems"],"original-title":[],"link":[{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/download\/12047\/11891","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/download\/12047\/11891","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,5]],"date-time":"2025-03-05T11:03:09Z","timestamp":1741172589000},"score":1,"resource":{"primary":{"URL":"https:\/\/tches.iacr.org\/index.php\/TCHES\/article\/view\/12047"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,3,4]]},"references-count":0,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2025,3,4]]}},"URL":"https:\/\/doi.org\/10.46586\/tches.v2025.i2.235-267","relation":{},"ISSN":["2569-2925"],"issn-type":[{"value":"2569-2925","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,3,4]]}}}