Sapphire: A configurable crypto-processor for post-quantum lattice-based protocols
U Banerjee, TS Ukyab, AP Chandrakasan - arXiv preprint arXiv …, 2019 - arxiv.org
Public key cryptography protocols, such as RSA and elliptic curve cryptography, will be
rendered insecure by Shor's algorithm when large-scale quantum computers are built …
rendered insecure by Shor's algorithm when large-scale quantum computers are built …
Curse of re-encryption: a generic power/EM analysis on post-quantum KEMs
This paper presents a side-channel analysis (SCA) on key encapsulation mechanism (KEM)
based on the Fujisaki–Okamoto (FO) transformation and its variants. The FO transformation …
based on the Fujisaki–Okamoto (FO) transformation and its variants. The FO transformation …
The side-channel metrics cheat sheet
K Papagiannopoulos, O Glamočanin… - ACM Computing …, 2023 - dl.acm.org
Side-channel attacks exploit a physical observable originating from a cryptographic device
in order to extract its secrets. Many practically relevant advances in the field of side-channel …
in order to extract its secrets. Many practically relevant advances in the field of side-channel …
Masked accelerators and instruction set extensions for post-quantum cryptography
T Fritzmann, M Van Beirendonck… - IACR Transactions …, 2021 - lirias.kuleuven.be
Side-channel attacks can break mathematically secure cryptographic systems leading to a
major concern in applied cryptography. While the cryptanalysis and security evaluation of …
major concern in applied cryptography. While the cryptanalysis and security evaluation of …
Consolidating masking schemes
In this paper we investigate relations between several masking schemes. We show that the
Ishai–Sahai–Wagner private circuits construction is closely related to Threshold …
Ishai–Sahai–Wagner private circuits construction is closely related to Threshold …
A comprehensive survey on the non-invasive passive side-channel analysis
Side-channel analysis has become a widely recognized threat to the security of
cryptographic implementations. Different side-channel attacks, as well as countermeasures …
cryptographic implementations. Different side-channel attacks, as well as countermeasures …
Practical CCA2-secure and masked ring-LWE implementation
T Oder, T Schneider, T Pöppelmann… - Cryptology ePrint …, 2016 - eprint.iacr.org
During the last years public-key encryption schemes based on the hardness of ring-LWE
have gained significant popularity. For real-world security applications assuming strong …
have gained significant popularity. For real-world security applications assuming strong …
Masking AES with shares in hardware
Masking requires splitting sensitive variables into at least d+ 1 shares to provide security
against DPA attacks at order d. To this date, this minimal number has only been deployed in …
against DPA attacks at order d. To this date, this minimal number has only been deployed in …
Parallel implementations of masking schemes and the bounded moment leakage model
In this paper, we provide a necessary clarification of the good security properties that can be
obtained from parallel implementations of masking schemes. For this purpose, we first argue …
obtained from parallel implementations of masking schemes. For this purpose, we first argue …
From improved leakage detection to the detection of points of interests in leakage traces
F Durvaux, FX Standaert - … in Cryptology–EUROCRYPT 2016: 35th Annual …, 2016 - Springer
Leakage detection usually refers to the task of identifying data-dependent information in side-
channel measurements, independent of whether this information can be exploited. Detecting …
channel measurements, independent of whether this information can be exploited. Detecting …