Search
Search Results
-
How Fast Can SM4 be in Software?
SM4 is a popular block cipher issued by the Office of State Commercial Cryptography Administration (OSCCA) of China. In this paper, we use the... -
Binary Kummer Line
The idea of the Kummer line was introduced by Gaudry and Lubicz [22]. Karati and Sarkar [31] proposed three efficient Kummer lines over prime fields,... -
A (Bit)slice of Rainbow
We explore the performance impact of bitslicing on implementations of the NIST PQC Round 3 Finalist Digital Signature Algorithms: Rainbow. We show... -
Custom Instruction Support for Modular Defense Against Side-Channel and Fault Attacks
The design of software countermeasures against active and passive adversaries is a challenging problem that has been addressed by many authors in... -
A Holistic Approach Towards Side-Channel Secure Fixed-Weight Polynomial Sampling
The sampling of polynomials with fixed weight is a procedure required by round-4 Key Encapsulation Mechanisms (KEMs) for Post-Quantum Cryptography... -
Modified lightweight GIFT cipher for security enhancement in resource-constrained IoT devices
The internet of things (IoT) ensures flexible network services to the end devices connected to it. Although security has always been a concern for...
-
A Side-Channel Attack Against Classic McEliece When Loading the Goppa Polynomial
The NIST Post-Quantum Cryptography (PQC) standardization challenge was launched in December 2016 and recently, has released its first results. The... -
Higher-Order Masked Saber
Side-channel attacks are formidable threats to the cryptosystems deployed in the real world. An effective and provably secure countermeasure against... -
Modified lightweight cryptography scheme and its applications in IoT environment
Interconnected devices have been with us for a long time. The security of the data exchanged through these devices is a matter of grave concern....
-
Parallel Verification of Serial MAC and AE Modes
A large number of the symmetric-key mode of operations, such as classical CBC-MAC, have serial structures. While a serial mode gives an... -
Fast Skinny-128 SIMD Implementations for Sequential Modes of Operation
This paper reports new software implementation results for the Skinny-128 tweakable block ciphers on various SIMD architectures. More precisely, we... -
Leveraging Coprocessors as Noise Engines in Off-the-Shelf Microcontrollers
Securing low-cost microcontrollers against side-channel attacks is an important challenge. One core issue for this purpose is that such devices may... -
Fast First-Order Masked NTTRU
Even though Kyber is the lattice-based KEM selected for standardization by NIST, NTRU and its variants are still of great relevance to several... -
Secret Key Recovery Attack on Masked and Shuffled Implementations of CRYSTALS-Kyber and Saber
Shuffling is a well-known countermeasure against side-channel attacks. It typically uses the Fisher-Yates (FY) algorithm to generate a random... -
On the Masking-Friendly Designs for Post-quantum Cryptography
Masking is a well-known and provably secure countermeasure against side-channel attacks. However, due to additional redundant computations,... -
Batch Binary Weierstrass
Bitslicing is a programming technique that offers several attractive features, such as timing attack resistance, high amortized performance in batch... -
Tornado: Automatic Generation of Probing-Secure Masked Bitsliced Implementations
Cryptographic implementations deployed in real world devices often aim at (provable) security against the powerful class of side-channel attacks... -
Probabilistic root finding in code-based cryptography
Probabilistic algorithms for finding roots of polynomials have not been applied to code-based cryptography before. One obstacle is their non-constant...
-
RiCaSi: Rigorous Cache Side Channel Mitigation via Selective Circuit Compilation
Cache side channels constitute a persistent threat to crypto implementations. In particular, block ciphers are prone to attacks when implemented... -
Fast Verification of Masking Schemes in Characteristic Two
We revisit the matrix model for non-interference (NI) probing security of masking gadgets introduced by Belaïd et al. at CRYPTO 2017. This leads to...