International audienceThe cost of higher-order masking as a countermeasure against side-channel attacks is often considered too high for practical scenarios, as protected implementations become very slow. At Eurocrypt 2017, the bounded moment leakage model was proposed to study the (theoretical) security of parallel implementations of masking schemes [5]. Work at CHES 2017 then brought this to practice by considering an implementation of AES with 32 shares [26], bitsliced inside 32-bit registers of ARM Cortex-M processors. In this paper we show how the NEON vector instructions of larger ARM Cortex-A processors can be exploited to build much faster masked implementations of AES. Specifically, we present AES with 4 and 8 shares, which in theo...
To counter side-channel attacks, a masking scheme randomly encodes keydependent variables into sever...
Higher-order masking countermeasures provide strong provable security against side-channel attacks a...
The modular addition is used as a non-linear operation in ARX ciphers because it achieves the requi...
Real-world software implementations of cryptographic algorithms need to be able to resist various ki...
We explore the concrete side-channel security provided by state-of-theart higher-order masked softwa...
We explore the concrete side-channel security provided by state-of-theart higher-order masked softwa...
In this paper, we study the performances and security of recent masking algorithms specialized to pa...
We explore the concrete side-channel security provided by state-of-the-art higher-order masked softw...
Introduced in the late 90's, side-channel attacks are an important threat for cryptographic implemen...
Side-channel attacks are formidable threats to the cryptosystems deployed in the real world. An effe...
Higher-order side-channel attacks are becoming amongst the major interests of academia as well as in...
Implementations of cryptographic algorithms are vulnerable to Side Channel Analysis (SCA). To counte...
In this paper, we optimize the performances and compare several recent masking schemes in bitslice o...
International audienceIn this paper, we provide a necessary clarification of the good security prope...
Side channel attacks take advantage of the fact that the power consumption of a cryptographic device...
To counter side-channel attacks, a masking scheme randomly encodes keydependent variables into sever...
Higher-order masking countermeasures provide strong provable security against side-channel attacks a...
The modular addition is used as a non-linear operation in ARX ciphers because it achieves the requi...
Real-world software implementations of cryptographic algorithms need to be able to resist various ki...
We explore the concrete side-channel security provided by state-of-theart higher-order masked softwa...
We explore the concrete side-channel security provided by state-of-theart higher-order masked softwa...
In this paper, we study the performances and security of recent masking algorithms specialized to pa...
We explore the concrete side-channel security provided by state-of-the-art higher-order masked softw...
Introduced in the late 90's, side-channel attacks are an important threat for cryptographic implemen...
Side-channel attacks are formidable threats to the cryptosystems deployed in the real world. An effe...
Higher-order side-channel attacks are becoming amongst the major interests of academia as well as in...
Implementations of cryptographic algorithms are vulnerable to Side Channel Analysis (SCA). To counte...
In this paper, we optimize the performances and compare several recent masking schemes in bitslice o...
International audienceIn this paper, we provide a necessary clarification of the good security prope...
Side channel attacks take advantage of the fact that the power consumption of a cryptographic device...
To counter side-channel attacks, a masking scheme randomly encodes keydependent variables into sever...
Higher-order masking countermeasures provide strong provable security against side-channel attacks a...
The modular addition is used as a non-linear operation in ARX ciphers because it achieves the requi...