{"id":"https://openalex.org/W4294326418","doi":"https://doi.org/10.46586/tches.v2022.i4.397-437","title":"Breaking Masked Implementations of the Clyde-Cipher by Means of Side-Channel Analysis","display_name":"Breaking Masked Implementations of the Clyde-Cipher by Means of Side-Channel Analysis","publication_year":2022,"publication_date":"2022-08-31","ids":{"openalex":"https://openalex.org/W4294326418","doi":"https://doi.org/10.46586/tches.v2022.i4.397-437"},"language":"en","primary_location":{"id":"doi:10.46586/tches.v2022.i4.397-437","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2022.i4.397-437","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9825/9330","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://tches.iacr.org/index.php/TCHES/article/download/9825/9330","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5050647188","display_name":"Aron Gohr","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Aron Gohr","raw_affiliation_strings":["Independent Researcher, Auckland, New Zealand"],"affiliations":[{"raw_affiliation_string":"Independent Researcher, Auckland, New Zealand","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007217284","display_name":"Friederike Laus","orcid":null},"institutions":[{"id":"https://openalex.org/I1317578790","display_name":"Federal Office for Information Security","ror":"https://ror.org/03v7mmm26","country_code":"DE","type":"other","lineage":["https://openalex.org/I1317578790"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Friederike Laus","raw_affiliation_strings":["Bundesamt f\u00fcr Sicherheit in der Informationstechnik (BSI), Bonn, Germany"],"affiliations":[{"raw_affiliation_string":"Bundesamt f\u00fcr Sicherheit in der Informationstechnik (BSI), Bonn, Germany","institution_ids":["https://openalex.org/I1317578790"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5064835795","display_name":"Werner Schindler","orcid":"https://orcid.org/0000-0002-3073-0106"},"institutions":[{"id":"https://openalex.org/I1317578790","display_name":"Federal Office for Information Security","ror":"https://ror.org/03v7mmm26","country_code":"DE","type":"other","lineage":["https://openalex.org/I1317578790"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Werner Schindler","raw_affiliation_strings":["Bundesamt f\u00fcr Sicherheit in der Informationstechnik (BSI), Bonn, Germany"],"affiliations":[{"raw_affiliation_string":"Bundesamt f\u00fcr Sicherheit in der Informationstechnik (BSI), Bonn, Germany","institution_ids":["https://openalex.org/I1317578790"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5050647188"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.5555,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.72225117,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"397","last_page":"437"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10472","display_name":"Semiconductor materials and devices","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8081241846084595},{"id":"https://openalex.org/keywords/cipher","display_name":"Cipher","score":0.7615845203399658},{"id":"https://openalex.org/keywords/stream-cipher","display_name":"Stream cipher","score":0.7071845531463623},{"id":"https://openalex.org/keywords/encoding","display_name":"Encoding (memory)","score":0.5377171039581299},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.4786209464073181},{"id":"https://openalex.org/keywords/block-cipher","display_name":"Block cipher","score":0.45872920751571655},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.44139012694358826},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.37844520807266235},{"id":"https://openalex.org/keywords/computer-engineering","display_name":"Computer engineering","score":0.34697359800338745},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.2927427887916565},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.23657169938087463},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.17966866493225098},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.17275041341781616}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8081241846084595},{"id":"https://openalex.org/C2780221543","wikidata":"https://www.wikidata.org/wiki/Q4681865","display_name":"Cipher","level":3,"score":0.7615845203399658},{"id":"https://openalex.org/C92950451","wikidata":"https://www.wikidata.org/wiki/Q864718","display_name":"Stream cipher","level":3,"score":0.7071845531463623},{"id":"https://openalex.org/C125411270","wikidata":"https://www.wikidata.org/wiki/Q18653","display_name":"Encoding (memory)","level":2,"score":0.5377171039581299},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.4786209464073181},{"id":"https://openalex.org/C106544461","wikidata":"https://www.wikidata.org/wiki/Q543151","display_name":"Block cipher","level":3,"score":0.45872920751571655},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.44139012694358826},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.37844520807266235},{"id":"https://openalex.org/C113775141","wikidata":"https://www.wikidata.org/wiki/Q428691","display_name":"Computer engineering","level":1,"score":0.34697359800338745},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.2927427887916565},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.23657169938087463},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.17966866493225098},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.17275041341781616},{"id":"https://openalex.org/C187736073","wikidata":"https://www.wikidata.org/wiki/Q2920921","display_name":"Management","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.46586/tches.v2022.i4.397-437","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2022.i4.397-437","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9825/9330","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:a5e265f23ba14b6bb5afe2f7c16dc46e","is_oa":true,"landing_page_url":"https://doaj.org/article/a5e265f23ba14b6bb5afe2f7c16dc46e","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Transactions on Cryptographic Hardware and Embedded Systems, Vol 2022, Iss 4 (2022)","raw_type":"article"},{"id":"pmh:oai:doaj.org/article:dca57b71c74a4de49ccbbb12774cc30b","is_oa":true,"landing_page_url":"https://doaj.org/article/dca57b71c74a4de49ccbbb12774cc30b","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Transactions on Cryptographic Hardware and Embedded Systems, Vol 2022, Iss 4 (2022)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.46586/tches.v2022.i4.397-437","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tches.v2022.i4.397-437","pdf_url":"https://tches.iacr.org/index.php/TCHES/article/download/9825/9330","source":{"id":"https://openalex.org/S4210207404","display_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","issn_l":"2569-2925","issn":["2569-2925"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Cryptographic Hardware and Embedded Systems","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/17","display_name":"Partnerships for the goals","score":0.4300000071525574}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4294326418.pdf","grobid_xml":"https://content.openalex.org/works/W4294326418.grobid-xml"},"referenced_works_count":23,"referenced_works":["https://openalex.org/W930621015","https://openalex.org/W1499081748","https://openalex.org/W1592625985","https://openalex.org/W2056568601","https://openalex.org/W2199868977","https://openalex.org/W2340897893","https://openalex.org/W2504919933","https://openalex.org/W2612816951","https://openalex.org/W2613409207","https://openalex.org/W2613550625","https://openalex.org/W2810943746","https://openalex.org/W2909156026","https://openalex.org/W3046385973","https://openalex.org/W3046856047","https://openalex.org/W3081832642","https://openalex.org/W3085353452","https://openalex.org/W3184130264","https://openalex.org/W3196551716","https://openalex.org/W3196768397","https://openalex.org/W3203012334","https://openalex.org/W4241389749","https://openalex.org/W4245524709","https://openalex.org/W7071203722"],"related_works":["https://openalex.org/W2564198540","https://openalex.org/W2375652638","https://openalex.org/W2274979005","https://openalex.org/W2359217675","https://openalex.org/W4283656691","https://openalex.org/W1765803531","https://openalex.org/W4242555909","https://openalex.org/W2090711565","https://openalex.org/W2612290876","https://openalex.org/W2389382611"],"abstract_inverted_index":{"In":[0,193],"this":[1,69,164,268],"paper":[2],"we":[3,53,119,188,210,223,249],"present":[4],"our":[5,226,243],"solution":[6],"to":[7,18,72,104,113,126,135,146,195,204,221,257,271],"the":[8,12,26,37,44,49,61,66,78,86,115,127,137,148,153,169,173,184,190,200,206,231,239,262,272,280,296,302,306,309,317,321,324,330],"CHES":[9,138],"Challenge":[10],"2020,":[11],"task":[13,165,207,215,228],"of":[14,25,32,43,152,161,172,183,274,289,316,334],"which":[15,101,187,291],"it":[16],"was":[17],"break":[19],"masked":[20],"hardware":[21],"respective":[22,332],"software":[23],"implementations":[24],"lightweight":[27],"cipher":[28,39,63,117,155,175],"Clyde":[29],"by":[30,110,130,245],"means":[31],"side-channel":[33,227],"analysis.":[34],"We":[35,142,157,277],"target":[36,233],"secret":[38,79],"state":[40,64,88,176],"after":[41],"processing":[42],"first":[45,270],"S-box":[46,93,109],"layer.":[47],"Using":[48],"provided":[50],"trace":[51],"data":[52,234],"obtain":[54],"a":[55,95,121,180,212,252,285],"strongly":[56],"biased":[57],"posterior":[58],"distribution":[59],"for":[60,267],"secret-shared":[62,154],"at":[65,94,208],"targeted":[67],"point;":[68],"enables":[70,102],"us":[71,103],"see":[73,114],"exploitable":[74],"biases":[75,84],"even":[76],"before":[77],"sharing":[80],"based":[81,298],"masking.":[82],"These":[83],"on":[85,163,284],"unshared":[87],"can":[89],"be":[90],"evaluated":[91],"one":[92,128],"time":[96],"and":[97,133,177],"combined":[98],"across":[99],"traces,":[100],"recover":[105],"likely":[106],"key":[107],"hypotheses":[108],"S-box.In":[111],"order":[112,194],"shared":[116,174,275],"state,":[118],"employ":[120],"deep":[122],"neural":[123,281],"network":[124,282],"similar":[125,220],"used":[129],"Gohr,":[131],"Jacob":[132],"Schindler":[134],"solve":[136,205],"2018":[139],"AES":[140],"challenge.":[141],"modify":[143],"their":[144,335],"architecture":[145],"predict":[147],"exact":[149],"bit":[150],"sequence":[151],"state.":[156],"find":[158],"that":[159,248,279,323],"convergence":[160,217],"training":[162],"is":[166],"unsatisfying":[167],"with":[168,230,238,251],"standard":[170],"encoding":[171,182,202,235],"therefore":[178],"introduce":[179],"different":[181,328],"prediction":[185],"target,":[186],"call":[189],"scattershot":[191,201,240],"encoding.":[192],"further":[196],"investigate":[197],"how":[198],"exactly":[199],"helps":[203],"hand,":[209,308],"construct":[211],"simple":[213],"synthetic":[214],"where":[216],"problems":[218],"very":[219,327],"those":[222],"observed":[224],"in":[225,319],"appear":[229],"naive":[232],"but":[236],"disappear":[237],"encoding.We":[241],"complete":[242],"analysis":[244],"showing":[246],"results":[247],"obtained":[250],"\u201cclassical\u201d":[253],"method":[254],"(as":[255],"opposed":[256],"an":[258],"AI-based":[259],"method),":[260],"namely":[261],"stochastic":[263,303,310],"approach,":[264],"thatwe":[265],"generalize":[266],"purpose":[269],"setting":[273],"keys.":[276],"show":[278],"draws":[283],"much":[286],"broader":[287],"set":[288],"features,":[290],"may":[292],"partially":[293],"explain":[294],"why":[295],"neural-network":[297],"approach":[299,311],"massively":[300],"outperforms":[301],"approach.":[304],"On":[305],"other":[307],"provides":[312],"insights":[313],"into":[314],"properties":[315],"implementation,":[318],"particular":[320],"observation":[322],"S-boxes":[325],"behave":[326],"regarding":[329],"easiness":[331],"hardness":[333],"prediction.":[336]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":3}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}