Pushing the Limits: A Very Compact and a Threshold Implementation of AES

Monomial evaluation of polynomial functions protected by threshold implementations -- with an illustration on AES -- extended version, Very Compact Hardware Implementations of the Blockcipher CLEFIA, A survey on implementation of lightweight block ciphers for resource constraints devices, WARP: revisiting GFN for lightweight 128-bit block cipher, $\textnormal{\textsc{TWINE}}$: A Lightweight Block Cipher for Multiple Platforms, Atomic-AES: A Compact Implementation of the AES Encryption/Decryption Core, Algebraic Decomposition for Probing Security, Consolidating Masking Schemes, Enabling 3-Share Threshold Implementations for all 4-Bit S-Boxes, Generalized related-key rectangle attacks on block ciphers with linear key schedule: applications to SKINNY and GIFT, ALE: AES-Based Lightweight Authenticated Encryption, The Multiplicative Complexity of Boolean Functions on Four and Five Variables, Threshold implementations of small S-boxes, Masking and leakage-resilient primitives: one, the other(s) or both?, A further study on bridge structures and constructing bijective S-boxes for low-latency masking, Blockcipher-based authenticated encryption: how small can we go?, Spin me right round rotational symmetry for FPGA-specific AES: extended version, A small GIFT-COFB: lightweight bit-serial architectures, Side-Channel Analysis Protection and Low-Latency in Action, Unknown-Input Attacks in the Parallel Setting: Improving the Security of the CHES 2012 Leakage-Resilient PRF, A Tale of Two Shares: Why Two-Share Threshold Implementation Seems Worthwhile—and Why It Is Not, Double-block-length hash function for minimum memory size, Bridging the gap: advanced tools for side-channel leakage estimation beyond Gaussian templates and histograms, Uniform first-order threshold implementations, Hold your breath, PRIMATEs are lightweight, Keymill: side-channel resilient key generator, a new concept for SCA-security by design, From unbalanced to perfect: implementation of low energy stream ciphers, An Efficient Side-Channel Protected AES Implementation with Arbitrary Protection Order, Protecting Triple-DES Against DPA, Small low-depth circuits for cryptographic applications, Robust Encryption, Revisited, Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model, How Fast Can Higher-Order Masking Be in Software?, Arithmetic Addition over Boolean Masking, Exploring Energy Efficiency of Lightweight Block Ciphers, Affine Equivalence and Its Application to Tightening Threshold Implementations, Masking Large Keys in Hardware: A Masked Implementation of McEliece, The SKINNY Family of Block Ciphers and Its Low-Latency Variant MANTIS, Towards Sound Fresh Re-keying with Hard (Physical) Learning Problems, ParTI – Towards Combined Hardware Countermeasures Against Side-Channel and Fault-Injection Attacks, TNT: how to tweak a block cipher, Lightweight authenticated encryption mode suitable for threshold implementation, A VLSI implementation of an SM4 algorithm resistant to power analysis

• PRESENT