{"id":"https://openalex.org/W4405181373","doi":"https://doi.org/10.1145/3658644.3690339","title":"The Insecurity of Masked Comparisons: SCAs on ML-KEM's FO-Transform","display_name":"The Insecurity of Masked Comparisons: SCAs on ML-KEM's FO-Transform","publication_year":2024,"publication_date":"2024-12-02","ids":{"openalex":"https://openalex.org/W4405181373","doi":"https://doi.org/10.1145/3658644.3690339"},"language":"en","primary_location":{"id":"doi:10.1145/3658644.3690339","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690339","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690339","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690339","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5036436878","display_name":"Julius Hermelink","orcid":"https://orcid.org/0000-0002-1649-4231"},"institutions":[{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Julius Hermelink","raw_affiliation_strings":["Max Planck Institute for Security and Privacy, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Max Planck Institute for Security and Privacy, Bochum, Germany","institution_ids":["https://openalex.org/I4210096592"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046179916","display_name":"Kai-Chun Ning","orcid":null},"institutions":[{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Kai-Chun Ning","raw_affiliation_strings":["Max Planck Institute for Security and Privacy, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Max Planck Institute for Security and Privacy, Bochum, Germany","institution_ids":["https://openalex.org/I4210096592"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5071091815","display_name":"Richard Petri","orcid":"https://orcid.org/0000-0003-0972-1544"},"institutions":[{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Richard Petri","raw_affiliation_strings":["Max Planck Institute for Security and Privacy, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Max Planck Institute for Security and Privacy, Bochum, Germany","institution_ids":["https://openalex.org/I4210096592"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5037310153","display_name":"Emanuele Strieder","orcid":"https://orcid.org/0000-0003-0204-3234"},"institutions":[{"id":"https://openalex.org/I62916508","display_name":"Technical University of Munich","ror":"https://ror.org/02kkvpp62","country_code":"DE","type":"education","lineage":["https://openalex.org/I62916508"]},{"id":"https://openalex.org/I4210136922","display_name":"Fraunhofer Institute for Applied and Integrated Security","ror":"https://ror.org/03w0bbr97","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210136922","https://openalex.org/I4923324"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Emanuele Strieder","raw_affiliation_strings":["Fraunhofer AISEC &amp; Technical University of Munich, Garching, Germany"],"affiliations":[{"raw_affiliation_string":"Fraunhofer AISEC &amp; Technical University of Munich, Garching, Germany","institution_ids":["https://openalex.org/I4210136922","https://openalex.org/I62916508"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5036436878"],"corresponding_institution_ids":["https://openalex.org/I4210096592"],"apc_list":null,"apc_paid":null,"fwci":1.0911,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.82489894,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"2430","last_page":"2444"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.8478975296020508},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.589408278465271},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.519691526889801},{"id":"https://openalex.org/keywords/order","display_name":"Order (exchange)","score":0.5101611614227295},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.44347238540649414},{"id":"https://openalex.org/keywords/line","display_name":"Line (geometry)","score":0.42292168736457825},{"id":"https://openalex.org/keywords/channel","display_name":"Channel (broadcasting)","score":0.41672825813293457},{"id":"https://openalex.org/keywords/econometrics","display_name":"Econometrics","score":0.3457707166671753},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.29033732414245605},{"id":"https://openalex.org/keywords/telecommunications","display_name":"Telecommunications","score":0.22073769569396973},{"id":"https://openalex.org/keywords/speech-recognition","display_name":"Speech recognition","score":0.19060099124908447},{"id":"https://openalex.org/keywords/economics","display_name":"Economics","score":0.13425320386886597},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1105201244354248}],"concepts":[{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.8478975296020508},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.589408278465271},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.519691526889801},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.5101611614227295},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.44347238540649414},{"id":"https://openalex.org/C198352243","wikidata":"https://www.wikidata.org/wiki/Q37105","display_name":"Line (geometry)","level":2,"score":0.42292168736457825},{"id":"https://openalex.org/C127162648","wikidata":"https://www.wikidata.org/wiki/Q16858953","display_name":"Channel (broadcasting)","level":2,"score":0.41672825813293457},{"id":"https://openalex.org/C149782125","wikidata":"https://www.wikidata.org/wiki/Q160039","display_name":"Econometrics","level":1,"score":0.3457707166671753},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.29033732414245605},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.22073769569396973},{"id":"https://openalex.org/C28490314","wikidata":"https://www.wikidata.org/wiki/Q189436","display_name":"Speech recognition","level":1,"score":0.19060099124908447},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.13425320386886597},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1105201244354248},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3658644.3690339","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690339","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690339","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:publica.fraunhofer.de:publica/484341","is_oa":false,"landing_page_url":"https://publica.fraunhofer.de/handle/publica/484341","pdf_url":null,"source":{"id":"https://openalex.org/S4306400318","display_name":"Fraunhofer-Publica (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"conference paper"}],"best_oa_location":{"id":"doi:10.1145/3658644.3690339","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3658644.3690339","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3658644.3690339","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4405181373.pdf"},"referenced_works_count":6,"referenced_works":["https://openalex.org/W2157679418","https://openalex.org/W2536698892","https://openalex.org/W2866028610","https://openalex.org/W4226075590","https://openalex.org/W4290714242","https://openalex.org/W4379384493"],"related_works":["https://openalex.org/W2158491338","https://openalex.org/W2807901368","https://openalex.org/W2133733652","https://openalex.org/W2072658171","https://openalex.org/W2606392311","https://openalex.org/W2320042380","https://openalex.org/W4385956668","https://openalex.org/W2900895161","https://openalex.org/W4380838366","https://openalex.org/W2539884462"],"abstract_inverted_index":{"NIST":[0],"released":[1],"the":[2,15,19,38,42,51,59,77,89],"draft":[3],"standard":[4],"for":[5,53,92],"ML-KEM,":[6],"and":[7,28,62,73],"we":[8],"can":[9],"expect":[10],"its":[11],"widespread":[12],"use":[13],"in":[14,18],"embedded":[16],"world":[17],"near":[20],"future.":[21],"Several":[22],"side-channel":[23],"attacks":[24,36],"have":[25],"been":[26],"proposed,":[27],"one":[29],"line":[30],"of":[31,41,79],"research":[32],"has":[33],"focused":[34],"on":[35],"against":[37],"comparison":[39,67],"step":[40],"FO-transform.":[43],"A":[44],"work":[45],"published":[46],"at":[47],"TCHES":[48],"2022":[49],"stressed":[50],"need":[52],"secure":[54],"higher-order":[55,65,84],"masked":[56,66,85,93],"comparisons":[57],"beyond":[58],"t-probing":[60],"model":[61],"proposed":[63],"a":[64],"method.":[68],"Subsequently,":[69],"D'Anvers,":[70],"Van":[71],"Beirendonck,":[72],"Verbauwhede":[74],"improved":[75],"upon":[76],"performance":[78,91],"several":[80],"previous":[81],"proposals;":[82],"their":[83],"algorithm":[86],"currently":[87],"achieves":[88],"highest":[90],"comparisons.":[94]},"counts_by_year":[{"year":2025,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}