{"id":"https://openalex.org/W4414869568","doi":"https://doi.org/10.62056/a0txl8n4e","title":"Non-Profiled Higher-Order Side-Channel Attacks against Lattice-Based Post-Quantum Cryptography","display_name":"Non-Profiled Higher-Order Side-Channel Attacks against Lattice-Based Post-Quantum Cryptography","publication_year":2025,"publication_date":"2025-10-06","ids":{"openalex":"https://openalex.org/W4414869568","doi":"https://doi.org/10.62056/a0txl8n4e"},"language":"en","primary_location":{"id":"doi:10.62056/a0txl8n4e","is_oa":true,"landing_page_url":"https://doi.org/10.62056/a0txl8n4e","pdf_url":"https://cic.iacr.org/p/2/3/31/pdf","source":{"id":"https://openalex.org/S4394708374","display_name":"IACR Communications in Cryptology","issn_l":"3006-5496","issn":["3006-5496"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320989","host_organization_name":"International Association for Cryptologic Research","host_organization_lineage":["https://openalex.org/P4310320989"],"host_organization_lineage_names":["International Association for Cryptologic Research"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Communications in Cryptology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://cic.iacr.org/p/2/3/31/pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5056629846","display_name":"Tolun Tosun","orcid":null},"institutions":[{"id":"https://openalex.org/I134235054","display_name":"Sabanc\u0131 \u00dcniversitesi","ror":"https://ror.org/049asqa32","country_code":"TR","type":"education","lineage":["https://openalex.org/I134235054"]}],"countries":["TR"],"is_corresponding":true,"raw_author_name":"Tolun Tosun","raw_affiliation_strings":["Sabanci University"],"affiliations":[{"raw_affiliation_string":"Sabanci University","institution_ids":["https://openalex.org/I134235054"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040494476","display_name":"Elisabeth Oswald","orcid":"https://orcid.org/0000-0001-7502-3184"},"institutions":[{"id":"https://openalex.org/I4210166741","display_name":"University of Klagenfurt","ror":"https://ror.org/05q9m0937","country_code":"AT","type":"education","lineage":["https://openalex.org/I4210166741"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Elisabeth Oswald","raw_affiliation_strings":["University of Klagenfurt"],"affiliations":[{"raw_affiliation_string":"University of Klagenfurt","institution_ids":["https://openalex.org/I4210166741"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5064835031","display_name":"Erkay Sava\u015f","orcid":"https://orcid.org/0000-0002-4869-5556"},"institutions":[{"id":"https://openalex.org/I134235054","display_name":"Sabanc\u0131 \u00dcniversitesi","ror":"https://ror.org/049asqa32","country_code":"TR","type":"education","lineage":["https://openalex.org/I134235054"]}],"countries":["TR"],"is_corresponding":false,"raw_author_name":"Erkay Sava\u015f","raw_affiliation_strings":["Sabanci University"],"affiliations":[{"raw_affiliation_string":"Sabanci University","institution_ids":["https://openalex.org/I134235054"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5056629846"],"corresponding_institution_ids":["https://openalex.org/I134235054"],"apc_list":null,"apc_paid":null,"fwci":2.6124,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.92083426,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":"2","issue":"3","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11130","display_name":"Coding theory and cryptography","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11017","display_name":"Chaos-based Image/Signal Encryption","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.6266000270843506},{"id":"https://openalex.org/keywords/hamming-weight","display_name":"Hamming weight","score":0.6133000254631042},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.48559999465942383},{"id":"https://openalex.org/keywords/cryptosystem","display_name":"Cryptosystem","score":0.46959999203681946},{"id":"https://openalex.org/keywords/cryptanalysis","display_name":"Cryptanalysis","score":0.4636000096797943},{"id":"https://openalex.org/keywords/hamming-code","display_name":"Hamming code","score":0.4187999963760376},{"id":"https://openalex.org/keywords/side-channel-attack","display_name":"Side channel attack","score":0.41609999537467957},{"id":"https://openalex.org/keywords/correlation-attack","display_name":"Correlation attack","score":0.41519999504089355}],"concepts":[{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.6266000270843506},{"id":"https://openalex.org/C63361517","wikidata":"https://www.wikidata.org/wiki/Q5645805","display_name":"Hamming weight","level":5,"score":0.6133000254631042},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6021999716758728},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.4959000051021576},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.48559999465942383},{"id":"https://openalex.org/C6295992","wikidata":"https://www.wikidata.org/wiki/Q976521","display_name":"Cryptosystem","level":3,"score":0.46959999203681946},{"id":"https://openalex.org/C181149355","wikidata":"https://www.wikidata.org/wiki/Q897511","display_name":"Cryptanalysis","level":3,"score":0.4636000096797943},{"id":"https://openalex.org/C73150493","wikidata":"https://www.wikidata.org/wiki/Q853922","display_name":"Hamming code","level":4,"score":0.4187999963760376},{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.41609999537467957},{"id":"https://openalex.org/C120226833","wikidata":"https://www.wikidata.org/wiki/Q5172844","display_name":"Correlation attack","level":4,"score":0.41519999504089355},{"id":"https://openalex.org/C101468663","wikidata":"https://www.wikidata.org/wiki/Q1620158","display_name":"Modular design","level":2,"score":0.374099999666214},{"id":"https://openalex.org/C118463975","wikidata":"https://www.wikidata.org/wiki/Q220849","display_name":"Digital signature","level":3,"score":0.3564000129699707},{"id":"https://openalex.org/C71743495","wikidata":"https://www.wikidata.org/wiki/Q2845210","display_name":"Power analysis","level":3,"score":0.3562999963760376},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.35420000553131104},{"id":"https://openalex.org/C54732982","wikidata":"https://www.wikidata.org/wiki/Q1415345","display_name":"Modulo","level":2,"score":0.3540000021457672},{"id":"https://openalex.org/C113775141","wikidata":"https://www.wikidata.org/wiki/Q428691","display_name":"Computer engineering","level":1,"score":0.3244999945163727},{"id":"https://openalex.org/C193319292","wikidata":"https://www.wikidata.org/wiki/Q272172","display_name":"Hamming distance","level":2,"score":0.3231000006198883},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.3208000063896179},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.31220000982284546},{"id":"https://openalex.org/C46331935","wikidata":"https://www.wikidata.org/wiki/Q4651362","display_name":"AES implementations","level":4,"score":0.2669000029563904},{"id":"https://openalex.org/C311688","wikidata":"https://www.wikidata.org/wiki/Q2393193","display_name":"Time complexity","level":2,"score":0.2644999921321869},{"id":"https://openalex.org/C94375191","wikidata":"https://www.wikidata.org/wiki/Q11205","display_name":"Arithmetic","level":1,"score":0.2599000036716461},{"id":"https://openalex.org/C28420585","wikidata":"https://www.wikidata.org/wiki/Q2665075","display_name":"Timing attack","level":4,"score":0.25850000977516174},{"id":"https://openalex.org/C2780615836","wikidata":"https://www.wikidata.org/wiki/Q2471869","display_name":"USable","level":2,"score":0.2535000145435333},{"id":"https://openalex.org/C173259116","wikidata":"https://www.wikidata.org/wiki/Q864003","display_name":"Discrete logarithm","level":4,"score":0.2502000033855438}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.62056/a0txl8n4e","is_oa":true,"landing_page_url":"https://doi.org/10.62056/a0txl8n4e","pdf_url":"https://cic.iacr.org/p/2/3/31/pdf","source":{"id":"https://openalex.org/S4394708374","display_name":"IACR Communications in Cryptology","issn_l":"3006-5496","issn":["3006-5496"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320989","host_organization_name":"International Association for Cryptologic Research","host_organization_lineage":["https://openalex.org/P4310320989"],"host_organization_lineage_names":["International Association for Cryptologic Research"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Communications in Cryptology","raw_type":"journal-article"},{"id":"pmh:oai:pure.atira.dk:openaire_cris_publications/1f0d865d-8b20-40b5-8c67-51bc5e7c7e48","is_oa":true,"landing_page_url":"https://research.birmingham.ac.uk/en/publications/1f0d865d-8b20-40b5-8c67-51bc5e7c7e48","pdf_url":null,"source":{"id":"https://openalex.org/S4306402634","display_name":"University of Birmingham Research Portal (University of Birmingham)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I79619799","host_organization_name":"University of Birmingham","host_organization_lineage":["https://openalex.org/I79619799"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Tosun, T, Oswald, E & Savas, E 2025, 'Non-Profiled Higher-Order Side-Channel Attacks against Lattice-Based Post-Quantum Cryptography', IACR Communications in Cryptology, vol. 2, no. 3, 31. https://doi.org/10.62056/a0txl8n4e","raw_type":"article"}],"best_oa_location":{"id":"doi:10.62056/a0txl8n4e","is_oa":true,"landing_page_url":"https://doi.org/10.62056/a0txl8n4e","pdf_url":"https://cic.iacr.org/p/2/3/31/pdf","source":{"id":"https://openalex.org/S4394708374","display_name":"IACR Communications in Cryptology","issn_l":"3006-5496","issn":["3006-5496"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320989","host_organization_name":"International Association for Cryptologic Research","host_organization_lineage":["https://openalex.org/P4310320989"],"host_organization_lineage_names":["International Association for Cryptologic Research"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Communications in Cryptology","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2538134746","display_name":null,"funder_award_id":"101079319","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4414869568.pdf","grobid_xml":"https://content.openalex.org/works/W4414869568.grobid-xml"},"referenced_works_count":31,"referenced_works":["https://openalex.org/W249674870","https://openalex.org/W1562542037","https://openalex.org/W1862426464","https://openalex.org/W1897761346","https://openalex.org/W2007466965","https://openalex.org/W2124785100","https://openalex.org/W2168676717","https://openalex.org/W2740580365","https://openalex.org/W2866028610","https://openalex.org/W2942216431","https://openalex.org/W2990090555","https://openalex.org/W2995935153","https://openalex.org/W3210769154","https://openalex.org/W4200446781","https://openalex.org/W4213164569","https://openalex.org/W4285302767","https://openalex.org/W4294325185","https://openalex.org/W4308198585","https://openalex.org/W4381430786","https://openalex.org/W4382541846","https://openalex.org/W4385711937","https://openalex.org/W4387319508","https://openalex.org/W4391326551","https://openalex.org/W4392249245","https://openalex.org/W4392567506","https://openalex.org/W4392567578","https://openalex.org/W4392753810","https://openalex.org/W4396838276","https://openalex.org/W4402808067","https://openalex.org/W4404179081","https://openalex.org/W6885400785"],"related_works":[],"abstract_inverted_index":{"In":[0,312],"this":[1,257],"work,":[2],"we":[3,75,130,174,212,242,259],"present":[4,260],"methods":[5,152,326],"for":[6,111,140,185,198],"conducting":[7],"higher-order":[8,78,146,315],"non-profiled":[9],"side-channel":[10],"attacks":[11,83,142,316],"on":[12,51,158,166,289],"Lattice-Based":[13],"Cryptography":[14,54],"(LBC).":[15],"Our":[16,115,274,291],"analysis":[17],"covers":[18],"two":[19],"scenarios:":[20],"one":[21],"where":[22,35],"the":[23,36,47,52,57,64,86,94,100,171,208,224,239,277,305,321],"device":[24],"leakage":[25,37,210],"is":[26,39,117,124,223,247],"known":[27,92],"and":[28,33,44,63,106,133,145,155,164,182,187,193,195,200,270,285],"follows":[29],"Hamming":[30,41,72],"weight":[31,42,73],"model,":[32],"another":[34],"model":[38],"not":[40,287],"based":[43,231],"unknown":[45,209],"to":[46,265,283,299,329],"attacker.":[48],"We":[49,98,149],"focus":[50],"Post-Quantum":[53],"(PQC)":[55],"standards,":[56],"Dilithium":[58,163],"digital":[59],"signature":[60],"(i.e.":[61,68],"ML-DSA)":[62],"Kyber":[65,165],"key":[66,220],"encapsulation":[67],"ML-KEM)":[69],"algorithms.":[70],"For":[71,207],"leakage,":[74],"develop":[76],"efficient":[77],"Correlation":[79],"Power":[80],"Analysis":[81,216],"(HOCPA)":[82],"in":[84,127,229,238,301],"which":[85,137],"attacker":[87],"must":[88],"compute":[89],"a":[90,108,121,261,295],"function":[91,105],"as":[93,126,324],"optimal":[95,103,139],"prediction":[96,104,135],"function.":[97],"revisit":[99],"definition":[101],"of":[102,162,191,204,226,253,279,297],"introduce":[107,131],"recursive":[109],"method":[110],"computing":[112],"it":[113],"efficiently.":[114],"approach":[116,275],"particularly":[118],"useful":[119],"when":[120],"closed-form":[122],"formula":[123],"unavailable,":[125],"LBC.":[128,254],"Then,":[129],"sin":[132],"cos":[134],"functions,":[136],"prove":[138],"HOCPA":[141],"against":[143,250],"second":[144,186,199],"masking":[147],"protection.":[148],"validate":[150],"our":[151],"through":[153,320],"simulations":[154],"real-device":[156],"experiments":[157],"open-source":[159],"masked":[160,189,202],"implementations":[161,190,203,252],"an":[167],"Arm":[168],"Cortex-M4.":[169],"On":[170],"real":[172],"device,":[173],"achieve":[175],"full":[176],"secret-key":[177],"recovery":[178],"using":[179],"only":[180,319],"700":[181],"2400":[183],"traces":[184,197],"third-order":[188,201],"Dilithium,":[192],"2200":[194],"14500":[196],"Kyber,":[205,266],"respectively.":[206],"scenarios,":[211,314],"leverage":[213],"generic":[214,268],"Side-Channel":[215],"(SCA)":[217],"distinguishers.":[218],"A":[219],"challenge":[221],"here":[222],"injectivity":[225],"modular":[227],"multiplications":[228],"NTT":[230],"polynomial":[232],"multiplication,":[233],"typically":[234],"addressed":[235],"by":[236],"bit-dropping":[237,246],"literature.":[240],"However,":[241],"experimentally":[243],"show":[244],"that":[245],"largely":[248],"inefficient":[249],"protected":[251],"To":[255],"overcome":[256],"limitation,":[258],"novel":[262],"two-step":[263],"attack":[264,302],"combining":[267],"distinguishers":[269],"lattice":[271],"reduction":[272],"techniques.":[273],"decreases":[276],"number":[278],"predictions":[280],"from":[281],"q^2":[282],"q":[284],"does":[286],"rely":[288],"bit-dropping.":[290],"experimental":[292],"results":[293],"demonstrate":[294],"speed-up":[296],"up":[298],"23490x":[300],"run-time":[303],"over":[304],"baseline":[306],"along":[307],"with":[308],"improved":[309],"success":[310],"rate.":[311],"certain":[313],"become":[317],"feasible":[318],"proposed":[322],"approach,":[323],"classical":[325],"are":[327],"shown":[328],"be":[330],"unsuccessful.":[331]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}