{"id":"https://openalex.org/W2970375451","doi":"https://doi.org/10.1515/jmc-2020-0079","title":"One Bit is All It Takes: A Devastating Timing Attack on BLISS\u2019s Non-Constant Time Sign Flips","display_name":"One Bit is All It Takes: A Devastating Timing Attack on BLISS\u2019s Non-Constant Time Sign Flips","publication_year":2020,"publication_date":"2020-11-17","ids":{"openalex":"https://openalex.org/W2970375451","doi":"https://doi.org/10.1515/jmc-2020-0079","mag":"2970375451"},"language":"en","primary_location":{"id":"doi:10.1515/jmc-2020-0079","is_oa":true,"landing_page_url":"https://doi.org/10.1515/jmc-2020-0079","pdf_url":"https://www.degruyter.com/document/doi/10.1515/jmc-2020-0079/pdf","source":{"id":"https://openalex.org/S100611479","display_name":"Journal of Mathematical Cryptology","issn_l":"1862-2976","issn":["1862-2976","1862-2984"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310313990","host_organization_name":"De Gruyter","host_organization_lineage":["https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Mathematical Cryptology","raw_type":"journal-article"},"type":"preprint","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.degruyter.com/document/doi/10.1515/jmc-2020-0079/pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5108278240","display_name":"Mehdi Tibouchi","orcid":null},"institutions":[{"id":"https://openalex.org/I200641316","display_name":"Musashino University","ror":"https://ror.org/04bcbax71","country_code":"JP","type":"education","lineage":["https://openalex.org/I200641316"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Mehdi Tibouchi","raw_affiliation_strings":["3\u20139\u201311 Midori-cho, Musashino-shi , Tokyo , Japan"],"affiliations":[{"raw_affiliation_string":"3\u20139\u201311 Midori-cho, Musashino-shi , Tokyo , Japan","institution_ids":["https://openalex.org/I200641316"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5025296319","display_name":"Alexandre Wallet","orcid":null},"institutions":[{"id":"https://openalex.org/I200641316","display_name":"Musashino University","ror":"https://ror.org/04bcbax71","country_code":"JP","type":"education","lineage":["https://openalex.org/I200641316"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Alexandre Wallet","raw_affiliation_strings":["3\u20139\u201311 Midori-cho, Musashino-shi , Tokyo , Japan"],"affiliations":[{"raw_affiliation_string":"3\u20139\u201311 Midori-cho, Musashino-shi , Tokyo , Japan","institution_ids":["https://openalex.org/I200641316"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5108278240"],"corresponding_institution_ids":["https://openalex.org/I200641316"],"apc_list":{"value":1000,"currency":"EUR","value_usd":1078},"apc_paid":{"value":1000,"currency":"EUR","value_usd":1078},"fwci":0.2937191,"has_fulltext":true,"cited_by_count":2,"citation_normalized_percentile":{"value":0.6066707,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":"15","issue":"1","first_page":"131","last_page":"142"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9653000235557556,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9212999939918518,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/bliss","display_name":"BLISS","score":0.960358738899231},{"id":"https://openalex.org/keywords/sign","display_name":"Sign (mathematics)","score":0.8940401077270508},{"id":"https://openalex.org/keywords/constant","display_name":"Constant (computer programming)","score":0.7243872880935669},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.629084587097168},{"id":"https://openalex.org/keywords/bit","display_name":"Bit (key)","score":0.5270918607711792},{"id":"https://openalex.org/keywords/arithmetic","display_name":"Arithmetic","score":0.36185550689697266},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3361799418926239},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.204219251871109},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.12485826015472412},{"id":"https://openalex.org/keywords/mathematical-analysis","display_name":"Mathematical analysis","score":0.06372499465942383}],"concepts":[{"id":"https://openalex.org/C2780658912","wikidata":"https://www.wikidata.org/wiki/Q2877155","display_name":"BLISS","level":2,"score":0.960358738899231},{"id":"https://openalex.org/C139676723","wikidata":"https://www.wikidata.org/wiki/Q1193832","display_name":"Sign (mathematics)","level":2,"score":0.8940401077270508},{"id":"https://openalex.org/C2777027219","wikidata":"https://www.wikidata.org/wiki/Q1284190","display_name":"Constant (computer programming)","level":2,"score":0.7243872880935669},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.629084587097168},{"id":"https://openalex.org/C117011727","wikidata":"https://www.wikidata.org/wiki/Q1278488","display_name":"Bit (key)","level":2,"score":0.5270918607711792},{"id":"https://openalex.org/C94375191","wikidata":"https://www.wikidata.org/wiki/Q11205","display_name":"Arithmetic","level":1,"score":0.36185550689697266},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3361799418926239},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.204219251871109},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.12485826015472412},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.06372499465942383}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1515/jmc-2020-0079","is_oa":true,"landing_page_url":"https://doi.org/10.1515/jmc-2020-0079","pdf_url":"https://www.degruyter.com/document/doi/10.1515/jmc-2020-0079/pdf","source":{"id":"https://openalex.org/S100611479","display_name":"Journal of Mathematical Cryptology","issn_l":"1862-2976","issn":["1862-2976","1862-2984"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310313990","host_organization_name":"De Gruyter","host_organization_lineage":["https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Mathematical Cryptology","raw_type":"journal-article"},{"id":"mag:2970375451","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":null,"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":null}],"best_oa_location":{"id":"doi:10.1515/jmc-2020-0079","is_oa":true,"landing_page_url":"https://doi.org/10.1515/jmc-2020-0079","pdf_url":"https://www.degruyter.com/document/doi/10.1515/jmc-2020-0079/pdf","source":{"id":"https://openalex.org/S100611479","display_name":"Journal of Mathematical Cryptology","issn_l":"1862-2976","issn":["1862-2976","1862-2984"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310313990","host_organization_name":"De Gruyter","host_organization_lineage":["https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Mathematical Cryptology","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2970375451.pdf","grobid_xml":"https://content.openalex.org/works/W2970375451.grobid-xml"},"referenced_works_count":6,"referenced_works":["https://openalex.org/W2412886904","https://openalex.org/W2765255210","https://openalex.org/W2765784230","https://openalex.org/W2898218073","https://openalex.org/W2900370870","https://openalex.org/W2989065323"],"related_works":[],"abstract_inverted_index":{"Abstract":[0],"As":[1],"one":[2,11],"of":[3,12,27,39,43,50,53,99,140,146,171,183,191],"the":[4,13,28,96,120,169,184,189,192],"most":[5],"efficient":[6],"lattice-based":[7],"signature":[8,92],"schemes,":[9],"and":[10,47,94],"only":[14],"ones":[15],"to":[16,118,188],"have":[17,57],"seen":[18,176],"deployment":[19],"beyond":[20],"an":[21,68],"academic":[22],"setting":[23],"(e.g.,":[24],"as":[25,177],"part":[26],"VPN":[29],"software":[30],"suite":[31],"strongSwan),":[32],"BLISS":[33,80,100],"has":[34],"attracted":[35],"a":[36,87,143,153,164,178],"significant":[37],"amount":[38],"attention":[40],"in":[41,60,111,149],"terms":[42],"its":[44,54],"implementation":[45,98],"security,":[46],"side-channel":[48,124],"vulnerabilities":[49],"several":[51],"parts":[52],"signing":[55],"algorithm":[56],"been":[58],"identified":[59],"previous":[61],"works.":[62],"In":[63],"this":[64,105,137],"paper,":[65],"we":[66],"present":[67],"even":[69],"simpler":[70],"timing":[71],"attack":[72,185],"against":[73],"it.":[74],"The":[75,158,181],"bimodal":[76],"Gaussian":[77],"distribution":[78],"that":[79,104,135],"is":[81,84,108,115,148,160],"named":[82],"after":[83],"achieved":[85],"using":[86,163],"random":[88],"sign":[89,106,122],"flip":[90,107],"during":[91],"generation,":[93],"neither":[95],"original":[97],"nor":[101],"strongSwan":[102],"ensure":[103],"carried":[109,161],"out":[110,162],"constant":[112],"time.":[113],"It":[114],"therefore":[116],"possible":[117],"recover":[119],"corresponding":[121],"through":[123],"leakage":[125,141],"(using,":[126],"e.g.,":[127],"cache":[128],"attacks":[129],"or":[130],"branch":[131],"tracing).":[132],"We":[133],"show":[134],"obtaining":[136],"single":[138],"bit":[139],"(for":[142],"moderate":[144],"number":[145],"signatures)":[147],"fact":[150],"sufficient":[151],"for":[152],"full":[154],"key":[155],"recovery":[156,159],"attack.":[157],"maximum":[165],"likelihood":[166],"estimation":[167],"on":[168],"space":[170],"parameters,":[172],"which":[173],"can":[174],"be":[175],"statistical":[179],"manifold.":[180],"analysis":[182],"thus":[186],"reduces":[187],"computation":[190],"Fisher":[193],"information":[194],"metric.":[195]},"counts_by_year":[{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1}],"updated_date":"2025-12-07T23:40:59.601060","created_date":"2025-10-10T00:00:00"}