{"id":"https://openalex.org/W3209954014","doi":"https://doi.org/10.46586/tches.v2022.i2.115-139","title":"Higher-Order Masked Ciphertext Comparison for Lattice-Based Cryptography","display_name":"Higher-Order Masked Ciphertext Comparison for Lattice-Based Cryptography","publication_year":2022,"publication_date":"2022-02-15","ids":{"openalex":"https://openalex.org/W3209954014","doi":"https://doi.org/10.46586/tches.v2022.i2.115-139","mag":"3209954014"},"language":"en","primary_location":{"id":"doi:10.46586/tches.v2022.i2.115-139","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2022.i2.115-139","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9483/9024","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://tches.iacr.org/index.php/TCHES/article/download/9483/9024","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5048759552","display_name":"Jan-Pieter D\u2019Anvers","orcid":"https://orcid.org/0000-0001-9675-7988"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]}],"countries":["BE"],"is_corresponding":false,"raw_author_name":"Jan-Pieter D\u2019Anvers","raw_affiliation_strings":["imec-COSIC KU Leuven, Kasteelpark Arenberg 10 - bus 2452, 3001 Leuven, Belgium"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"imec-COSIC KU Leuven, Kasteelpark Arenberg 10 - bus 2452, 3001 Leuven, Belgium","institution_ids":["https://openalex.org/I99464096"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046499216","display_name":"Daniel Heinz","orcid":"https://orcid.org/0000-0003-1357-2588"},"institutions":[{"id":"https://openalex.org/I137594350","display_name":"Infineon Technologies (Germany)","ror":"https://ror.org/005kw6t15","country_code":"DE","type":"company","lineage":["https://openalex.org/I137594350"]},{"id":"https://openalex.org/I40527276","display_name":"Universit\u00e4t der Bundeswehr M\u00fcnchen","ror":"https://ror.org/05kkv3f82","country_code":"DE","type":"education","lineage":["https://openalex.org/I1315109972","https://openalex.org/I40527276","https://openalex.org/I4387152969"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Daniel Heinz","raw_affiliation_strings":["Research Institute CODE, Universit\u00e4t der Bundeswehr M\u00fcnchen, 85577 Neubiberg, Germany; Infineon Technologies, Am Campeon 1-15, 85579 Neubiberg, Germany","Research Institute CODE, Universit\u00e4t der Bundeswehr M\u00fcnchen, 85577 Neubiberg, Germany","Infineon Technologies, Am Campeon 1-15, 85579 Neubiberg, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Research Institute CODE, Universit\u00e4t der Bundeswehr M\u00fcnchen, 85577 Neubiberg, Germany; Infineon Technologies, Am Campeon 1-15, 85579 Neubiberg, Germany","institution_ids":["https://openalex.org/I40527276"]},{"raw_affiliation_string":"Research Institute CODE, Universit\u00e4t der Bundeswehr M\u00fcnchen, 85577 Neubiberg, Germany","institution_ids":["https://openalex.org/I40527276"]},{"raw_affiliation_string":"Infineon Technologies, Am Campeon 1-15, 85579 Neubiberg, Germany","institution_ids":["https://openalex.org/I137594350"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011477242","display_name":"Peter Pessl","orcid":null},"institutions":[{"id":"https://openalex.org/I137594350","display_name":"Infineon Technologies (Germany)","ror":"https://ror.org/005kw6t15","country_code":"DE","type":"company","lineage":["https://openalex.org/I137594350"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Peter Pessl","raw_affiliation_strings":["Infineon Technologies, Am Campeon 1-15, 85579 Neubiberg, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Infineon Technologies, Am Campeon 1-15, 85579 Neubiberg, Germany","institution_ids":["https://openalex.org/I137594350"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018532230","display_name":"Michiel Van Beirendonck","orcid":"https://orcid.org/0000-0002-5131-8030"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]}],"countries":["BE"],"is_corresponding":false,"raw_author_name":"Michiel Van Beirendonck","raw_affiliation_strings":["imec-COSIC KU Leuven, Kasteelpark Arenberg 10 - bus 2452, 3001 Leuven, Belgium"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"imec-COSIC KU Leuven, Kasteelpark Arenberg 10 - bus 2452, 3001 Leuven, Belgium","institution_ids":["https://openalex.org/I99464096"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5082347771","display_name":"Ingrid Verbauwhede","orcid":"https://orcid.org/0000-0002-0879-076X"},"institutions":[{"id":"https://openalex.org/I99464096","display_name":"KU Leuven","ror":"https://ror.org/05f950310","country_code":"BE","type":"education","lineage":["https://openalex.org/I99464096"]}],"countries":["BE"],"is_corresponding":false,"raw_author_name":"Ingrid Verbauwhede","raw_affiliation_strings":["imec-COSIC KU Leuven, Kasteelpark Arenberg 10 - bus 2452, 3001 Leuven, Belgium"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"imec-COSIC KU Leuven, Kasteelpark Arenberg 10 - bus 2452, 3001 Leuven, Belgium","institution_ids":["https://openalex.org/I99464096"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":3.4693,"has_fulltext":true,"cited_by_count":26,"citation_normalized_percentile":{"value":0.93255688,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"115","last_page":"139"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9508000016212463,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9508000016212463,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9121000170707703,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7056041955947876},{"id":"https://openalex.org/keywords/ciphertext","display_name":"Ciphertext","score":0.5326494574546814},{"id":"https://openalex.org/keywords/block-cipher","display_name":"Block cipher","score":0.5288074016571045},{"id":"https://openalex.org/keywords/side-channel-attack","display_name":"Side channel attack","score":0.5084206461906433},{"id":"https://openalex.org/keywords/hash-function","display_name":"Hash function","score":0.5071003437042236},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.44381535053253174},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.43019458651542664},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.29979920387268066},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.29947900772094727}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7056041955947876},{"id":"https://openalex.org/C93974786","wikidata":"https://www.wikidata.org/wiki/Q1589480","display_name":"Ciphertext","level":3,"score":0.5326494574546814},{"id":"https://openalex.org/C106544461","wikidata":"https://www.wikidata.org/wiki/Q543151","display_name":"Block cipher","level":3,"score":0.5288074016571045},{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.5084206461906433},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.5071003437042236},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.44381535053253174},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.43019458651542664},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.29979920387268066},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.29947900772094727}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.46586/tches.v2022.i2.115-139","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2022.i2.115-139","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9483/9024","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},{"id":"pmh:oai:lirias2repo.kuleuven.be:20.500.12942/692686","is_oa":true,"landing_page_url":"https://lirias.kuleuven.be/handle/20.500.12942/692686","pdf_url":null,"source":{"id":"https://openalex.org/S4306401954","display_name":"Lirias (KU Leuven)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I99464096","host_organization_name":"KU Leuven","host_organization_lineage":["https://openalex.org/I99464096"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:lirias2repo.kuleuven.be:20.500.12942/694484","is_oa":true,"landing_page_url":"https://lirias.kuleuven.be/handle/20.500.12942/694484","pdf_url":null,"source":{"id":"https://openalex.org/S4306401954","display_name":"Lirias (KU Leuven)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I99464096","host_organization_name":"KU Leuven","host_organization_lineage":["https://openalex.org/I99464096"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems, vol. 2022 (2), (115-139)","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:doaj.org/article:08c69342dfce41e495774bff4246e0fe","is_oa":true,"landing_page_url":"https://doaj.org/article/08c69342dfce41e495774bff4246e0fe","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Transactions on Cryptographic Hardware and Embedded Systems, Vol 2022, Iss 2 (2022)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.46586/tches.v2022.i2.115-139","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2022.i2.115-139","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9483/9024","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.6000000238418579}],"awards":[{"id":"https://openalex.org/G2367949695","display_name":"Cyber security cOmpeteNCe fOr Research anD InnovAtion","funder_award_id":"830927","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G3460248328","display_name":null,"funder_award_id":"C16/15/058","funder_id":"https://openalex.org/F4320321730","funder_display_name":"Fonds Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G4009224933","display_name":null,"funder_award_id":"C16/15/058","funder_id":"https://openalex.org/F4320322308","funder_display_name":"KU Leuven"},{"id":"https://openalex.org/G4281908003","display_name":"Post-Snowden Circuits and Design Methods for Security","funder_award_id":"695305","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G4435414571","display_name":null,"funder_award_id":"VR20192203","funder_id":"https://openalex.org/F4320327336","funder_display_name":"Vlaamse regering"},{"id":"https://openalex.org/G7977722673","display_name":null,"funder_award_id":"VR20192203","funder_id":"https://openalex.org/F4320322308","funder_display_name":"KU Leuven"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"},{"id":"https://openalex.org/F4320321730","display_name":"Fonds Wetenschappelijk Onderzoek","ror":"https://ror.org/03qtxy027"},{"id":"https://openalex.org/F4320322308","display_name":"KU Leuven","ror":"https://ror.org/05f950310"},{"id":"https://openalex.org/F4320327336","display_name":"Vlaamse regering","ror":null}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3209954014.pdf","grobid_xml":"https://content.openalex.org/works/W3209954014.grobid-xml"},"referenced_works_count":37,"referenced_works":["https://openalex.org/W96383189","https://openalex.org/W101112147","https://openalex.org/W1532559214","https://openalex.org/W1592811212","https://openalex.org/W1607264302","https://openalex.org/W1995261385","https://openalex.org/W2144952508","https://openalex.org/W2575714403","https://openalex.org/W2740966734","https://openalex.org/W2794781100","https://openalex.org/W2796314191","https://openalex.org/W2798819443","https://openalex.org/W2806649078","https://openalex.org/W2866028610","https://openalex.org/W2933681094","https://openalex.org/W2935641643","https://openalex.org/W2979160478","https://openalex.org/W2988496150","https://openalex.org/W3013288840","https://openalex.org/W3031247815","https://openalex.org/W3038049909","https://openalex.org/W3046675985","https://openalex.org/W3046851570","https://openalex.org/W3127016245","https://openalex.org/W3128458782","https://openalex.org/W3159164431","https://openalex.org/W3159559383","https://openalex.org/W3184403650","https://openalex.org/W3202360051","https://openalex.org/W3202671815","https://openalex.org/W3202691802","https://openalex.org/W3204480019","https://openalex.org/W4205974385","https://openalex.org/W4206155091","https://openalex.org/W4230142583","https://openalex.org/W4389043045","https://openalex.org/W6752951635"],"related_works":["https://openalex.org/W141793162","https://openalex.org/W2376652919","https://openalex.org/W3006344745","https://openalex.org/W182679101","https://openalex.org/W2676406993","https://openalex.org/W2038076063","https://openalex.org/W2158296297","https://openalex.org/W2103519941","https://openalex.org/W3180573957","https://openalex.org/W3095125346"],"abstract_inverted_index":{"Checking":[0],"the":[1,12,55,99,132,138,155,172,186,191,197,227,234],"equality":[2],"of":[3,11,159,174,193,230],"two":[4],"arrays":[5],"is":[6,19,35,45,62,166],"a":[7,40,67,80,110,120,147,179],"crucial":[8],"building":[9],"block":[10],"Fujisaki-Okamoto":[13],"transformation,":[14],"and":[15,29,79,102,189,209,214,220],"as":[16],"such":[17],"it":[18,44,135],"used":[20],"in":[21,39,90,212],"several":[22],"post-quantum":[23],"key":[24,122],"encapsulation":[25],"mechanisms":[26],"including":[27],"Kyber":[28],"Saber.":[30],"While":[31,127],"this":[32,93,128],"comparison":[33,151],"operation":[34],"easy":[36],"to":[37,47,64,76,109],"perform":[38],"black":[41],"box":[42],"setting,":[43],"hard":[46],"efficiently":[48],"protect":[49],"against":[50],"side-channel":[51,113,228],"attacks.":[52],"For":[53],"instance,":[54],"hash-based":[56,100],"method":[57,69,158,165,173,192],"by":[58,70,85],"Oder":[59],"et":[60,72,87,161,176,195],"al.":[61,73,88,162,177],"limited":[63],"first-order":[65,106],"masking,":[66],"higher-order":[68,83,142,149,157],"Bache":[71,160,194],"was":[74],"shown":[75],"be":[77],"flawed,":[78],"very":[81],"recent":[82],"technique":[84,199],"Bos":[86,175],"suffers":[89],"runtime.":[91],"In":[92],"paper,":[94],"we":[95,224],"first":[96],"demonstrate":[97],"that":[98],"approach,":[101],"likely":[103],"many":[104],"similar":[105],"techniques,":[107],"succumb":[108],"relatively":[111],"simple":[112],"collision":[114],"attack.":[115],"We":[116,144,205],"can":[117],"successfully":[118],"recover":[119],"Kyber512":[121],"using":[123,233],"just":[124],"6000":[125],"traces.":[126],"does":[129,136],"not":[130],"break":[131],"security":[133,211,229],"claims,":[134],"show":[137],"need":[139],"for":[140,178,218],"efficient":[141],"methods.":[143],"then":[145],"present":[146],"new":[148,164,198],"masked":[150],"algorithm":[152],"based":[153],"on":[154,185],"(insecure)":[156],"Our":[163],"4.2x,":[167],"resp.":[168,181],"7.5x,":[169],"faster":[170],"than":[171],"2nd,":[180],"3rd,":[182],"-order":[183],"masking":[184,210],"ARM":[187],"Cortex-M4,":[188],"unlike":[190],"al.,":[196],"takes":[200],"ciphertext":[201],"compression":[202],"into":[203],"account.":[204],"prove":[206],"correctness,":[207],"security,":[208],"detail":[213],"provide":[215],"performance":[216],"numbers":[217],"2nd":[219],"3rd-order":[221],"implementations.":[222],"Finally,":[223],"verify":[225],"our":[226,231],"implementation":[232],"test":[235],"vector":[236],"leakage":[237],"assessment":[238],"(TVLA)":[239],"methodology.":[240]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":9},{"year":2022,"cited_by_count":8}],"updated_date":"2026-06-22T08:00:12.763002","created_date":"2025-10-10T00:00:00"}