H. Aly and M. Elgayyar, Attacking AES Using Bernstein's Attack on Modern Processors, Progress in Cryptology-AFRICACRYPT 2013, 6th International Conference on Cryptology in Africa, vol.7918, pp.127-139, 2013.

S. Arimoto, On the converse to the coding theorem for discrete memoryless channels (corresp.), IEEE Transactions on Information Theory, vol.19, issue.3, p.30, 1973.

, Cryptographic Hardware and Embedded Systems-CHES 2014-16th International Workshop, vol.8731, 0200.

N. J. Beaudry and R. Renner, An intuitive proof of the data processing inequality, Quantum Info. Comput, vol.12, issue.5-6, pp.432-441, 1938.

J. Daniel and . Bernstein, Cache-timing attacks on AES, vol.122, p.160, 2005.

J. Daniel and . Bernstein, Cache-timing attacks on AES, 2005.

C. Berrou and A. Glavieux, Near optimum error correcting coding and decoding: turbo-codes, IEEE Trans. Communications, vol.44, issue.10, p.14, 1996.

S. Bhattacharya, C. Rebeiro, and D. Mukhopadhyay, Hardware prefetchers leak: A revisit of SVF for cache-timing attacks, 45th Annual IEEE/ACM International 195 BIBLIOGRAPHY Symposium on Microarchitecture, MICRO 2012, Workshops Proceedings, p.122, 2012.

R. E. Blahut, Principles and Practice of Information Theory, p.82, 1987.

A. Bogdanov, D. Khovratovich, and C. Rechberger, Biclique cryptanalysis of the full AES, Advances in Cryptology-ASIACRYPT 2011-17th International Conference on the Theory and Application of Cryptology and Information Security, vol.7073, pp.344-371, 2011.

E. Brier, C. Clavier, and F. Olivier, Correlation power analysis with a leakage model, Cryptographic Hardware and Embedded Systems-CHES 2004: 6th International Workshop, vol.3156, p.81, 2004.

E. Brier, C. Clavier, and F. Olivier, Correlation Power Analysis with a Leakage Model, CHES, vol.3156, p.97, 2004.

B. B. Brumley and N. Tuveri, Remote Timing Attacks Are Still Practical, Lecture Notes in Computer Science, vol.6879, p.121, 2011.

D. Brumley and D. Boneh, Remote Timing Attacks Are Practical, Proceedings of the 12th USENIX Security Symposium, p.121, 2003.

N. Bruneau, S. Guilley, A. Heuser, D. Marion, and O. Rioul, Less is More-Dimensionality Reduction from a Theoretical Perspective, Cryptographic Hardware and Embedded Systems-CHES 2015-17th International Workshop, vol.9293, p.59, 2015.

N. Bruneau, S. Guilley, A. Heuser, O. Rioul, ;. Kaoshiung et al., Masks Will Fall OffHigher-Order Optimal Distinguishers, Advances in Cryptology-ASIACRYPT 2014-20th International Conference on the Theory and Application of Cryptology and Information Security, vol.8874, p.177, 2014.

M. Carbone, S. Tiran, S. Ordas, M. Agoyan, Y. Teglia et al., On adaptive bandwidth selection for efficient MIA, pp.82-97
URL : https://hal.archives-ouvertes.fr/lirmm-01096033

C. Carlet, A. Heuser, and S. Picek, Trade-Offs for S-Boxes: Cryptographic Properties and Side-Channel Resilience, Applied Cryptography and Network Security-15th International Conference, ACNS 2017, vol.10355, p.72, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01629879

G. Casella and R. L. Berger, Statistical Inference, 2002.

S. Chari, J. R. Rao, and P. Rohatgi, Template Attacks, CHES, volume 2523 of LNCS, vol.101, p.122, 2002.

C. Clavier and . Dpa-contest, Less than 50 traces allow to recover the key, CHES Special Session, vol.1, p.13, 2008.

, Common Criteria (aka CC) for Information Technology Security Evaluation (ISO/IEC 15408), Common Criteria Consortium, 2013.

M. Thomas, J. A. Cover, and . Thomas, Elements of Information Theory, vol.37, p.181, 2006.

J. Daemen and V. Rijmen, AES Proposal: Rijndael, 1952.

J. Daemen and V. Rijmen, Rijndael for AES, AES Candidate Conference, p.71, 2000.

J. Daemen and V. Rijmen, The Design of Rijndael: AES-The Advanced Encryption Standard, vol.8, p.121, 2002.

J. Danger, N. Debande, S. Guilley, and Y. Souissi, High-order Timing Attacks, Proceedings of the First Workshop on Cryptography and Security in Computing Systems, CS2 '14, p.121, 2014.

J. Doget, E. Prouff, M. Rivain, and F. Standaert, Univariate side channel attacks and leakage modeling, J. Cryptographic Engineering, vol.1, issue.2, p.97, 2011.

A. Duc, S. Faust, and F. Standaert, Making masking security proofs concrete-or how to evaluate the security of any leaking device, Advances in Cryptology-EUROCRYPT 2015-34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, vol.9056, p.177, 2015.

F. Durvaux, F. Standaert, and N. Veyrat-charvillon, How to Certify the Leakage of a Chip?, Advances in Cryptology-EUROCRYPT 2014-33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, vol.8441, pp.459-476, 2014.

. Springer, , vol.178, p.182, 1998.

Y. Fei, A. A. Ding, J. Lao, and L. Zhang, A statistics-based success rate model for DPA and CPA, J. Cryptographic Engineering, vol.5, issue.4, p.73, 2015.

Y. Fei, Q. Luo, and A. Adam-ding, A Statistical Model for DPA with Novel Algorithmic Confusion Analysis, Prouff and Schaumont, vol.68, p.76

B. A. Frigyik, A. Kapila, and M. R. Gupta, Introduction to the Dirichlet Distribution and Related Processes, p.130, 2010.

B. Gierlichs, L. Batina, P. Tuyls, and B. Preneel, Mutual information analysis, CHES, 10th International Workshop, vol.5154, p.136, 2008.

V. Grosso and F. Standaert, Masking Proofs Are Tight and How to Exploit it in Security Evaluations, Advances in Cryptology-EUROCRYPT 2018-37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, vol.10821, p.51, 2018.

A. Sylvain-guilley, O. Heuser, and . Rioul, A Key to Success-Success Exponents for Side-Channel Distinguishers, Progress in Cryptology-INDOCRYPT 2015-16th International Conference on Cryptology in

. India and I. Bangalore, Proceedings, vol.9462, p.188, 2015.

A. Heuser, M. Kasper, W. Schindler, and M. Stöttinger, A New Difference Method for Side-Channel Analysis with High-Dimensional Leakage Models, Lecture Notes in Computer Science, vol.7178, pp.365-382

. Springer, , p.108, 2012.

A. Heuser, O. Rioul, and S. Guilley, A Theoretical Study of KolmogorovSmirnov Distinguishers-Side-Channel Analysis vs. Differential Cryptanalysis, Prouff [65], vol.23, p.81

A. Heuser, O. Rioul, and S. Guilley, Good Is Not Good Enough-Deriving Optimal Distinguishers from Communication Theory, Batina and Robshaw, vol.3, p.128

A. Heuser and M. Zohner, Intelligent Machine Homicide-Breaking Cryptographic Devices Using Support Vector Machines, LNCS, vol.7275, p.164, 2012.

D. Kahn, The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet, 1996.

A. Kerckhoffs, Journal des sciences militaires, vol.9, pp.5-38, 1883.

K. Su-min, T. T. Kim, T. J. Do, G. Oechtering, and . Peters, On the Entropy Computation of Large Complex Gaussian Mixture Distributions, IEEE Transactions on Signal Processing, vol.63, issue.17, p.51, 2015.

C. Paul and . Kocher, Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems, Advances in Cryptology-CRYPTO '96, p.16

, Annual International Cryptology Conference, vol.1109, pp.104-113, 1996.

. Springer, , vol.27, p.122, 1996.

C. Paul, J. Kocher, and B. Jaffe, Differential power analysis

. Wiener, Lecture Notes in Computer Science, vol.1666, p.81, 1999.

Y. Komano, H. Shimizu, and S. Kawamura, Built-in determined sub-key correlation power analysis. Cryptology ePrint Archive, 2009.

W. Kozaczuk, Enigma: how the German machine cipher was broken, and how it was read by the Allies in World War Two. Foreign intelligence book series, 1984.

V. Lomné, E. Prouff, M. Rivain, T. Roche, and A. Thillard, How to Estimate the Success Rate of Higher-Order Side-Channel Attacks, Batina and Robshaw, vol.3, p.73

V. Lomné, E. Prouff, and T. Roche, Behind the Scene of Side Channel Attacks, Lecture Notes in Computer Science, vol.8269, issue.1, p.103, 2013.

S. Mangard, Hardware Countermeasures against DPA-A Statistical Analysis of Their Effectiveness, Lecture Notes in Computer Science, vol.2964, pp.222-235, 0200.

S. Mangard, E. Oswald, and T. Popp, Power Analysis Attacks: Revealing the Secrets of Smart Cards, vol.11, p.23, 2006.

S. Mangard, E. Oswald, and T. Popp, Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security), p.81, 2007.

S. Mangard, E. Oswald, and F. Standaert, One for All-All for One: Unifying Standard DPA Attacks. Information Security, IET, vol.5, issue.2, pp.100-111, 2011.

S. Mangard, E. Oswald, and F. Standaert, One for all-all for one: unifying standard differential power analysis attacks, IET Information Security, vol.5, issue.2, p.73, 2011.

J. L. Massey, Guessing and entropy, Proceedings of 1994 IEEE International Symposium on Information Theory, vol.45, p.46, 1994.

S. Matsuda and S. Moriai, Lightweight Cryptography for the Cloud: Exploit the Power of Bitslice Implementation, Prouff and Schaumont, vol.68, pp.408-425

N. Merhav, G. Kaplan, A. Lapidoth, S. Shamai, and . Shitz, On information rates for mismatched decoders, IEEE Transactions on Information Theory, vol.40, issue.6, pp.1953-1967, 1923.

N. Merhav, G. Kaplan, A. Lapidoth, and S. Shamai, On information rates for mismatched decoders, IEEE Trans. Information Theory, vol.40, issue.6, p.178, 1994.

. St-microelectronics, STM32F4DISCOVERY Discovery kit with STM32F407VG

A. Moradi, N. Mousavi, C. Paar, and M. Salmasizadeh, A Comparative Study of Mutual Information Analysis under a Gaussian Assumption, WISA (Information Security Applications, 10th International Workshop), vol.5932, p.107, 2009.

A. Moradi and F. Standaert, Moments-correlating DPA. IACR Cryptology ePrint Archive, p.133, 2014.

E. D. Mulder, B. Gierlichs, B. Preneel, and I. Verbauwhede, Practical DPA attacks on MDPL, First IEEE International Workshop on Information Forensics and Security, p.105, 2009.

N. Aes, Proposal: Rijndael (now FIPS PUB 197), 2003.

E. Parzen, On estimation of a probability density function and mode, Ann. Math. Statist, vol.33, issue.3, pp.1065-1076

, Constructive Side-Channel Analysis and Secure Design-5th International Workshop, vol.8622, p.203, 2014.

E. Prouff and M. Rivain, Theoretical and practical aspects of mutual information-based side channel analysis, International Journal of Applied Cryptography (IJACT), vol.2, issue.2, p.103, 2010.

E. Prouff and M. Rivain, Masking against Side-Channel Attacks: A Formal Security Proof, Advances in Cryptology-EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, vol.7881, p.30, 1920.

, Cryptographic Hardware and Embedded Systems-CHES 2012-14th International Workshop, vol.7428, p.201, 2012.

C. Rebeiro and D. Mukhopadhyay, Boosting Profiled Cache Timing Attacks With A Priori Analysis. Information Forensics and Security, IEEE Transactions on, vol.7, issue.6, p.122, 2012.

A. D. Chester-rebeiro, A. S. Selvakumar, and . Devi, Bitslice implementation of AES, Cryptology and Network 202 BIBLIOGRAPHY Security, 5th International Conference, vol.4301, p.106, 2006.

D. Mathieu-renauld, F. Kamel, D. Standaert, and . Flandre, Information Theoretic and Security Analysis of a 65-Nanometer DDSLL AES S-Box, LNCS, vol.6917, p.163, 2011.

O. Reparaz, B. Gierlichs, and I. Verbauwhede, Generic DPA Attacks: Curse or Blessing? In Prouff, vol.65, p.103

O. Reparaz, B. Gierlichs, and I. Verbauwhede, A note on the use of margins to compare distinguishers, pp.1-8

M. Rivain, On the Exact Success Rate of Side Channel Analysis in the Gaussian Model, Selected Areas in Cryptography, vol.5381, p.73, 2008.

W. Schindler, A Timing Attack against RSA with the Chinese Remainder Theorem

, Lecture Notes in Computer Science, vol.1965, p.121, 2000.

W. Schindler, Optimized timing attacks against public key cryptosystems, Statistics & Risk Modeling, vol.20, issue.1-4, pp.191-210, 2002.

W. Schindler, K. Lemke, and C. Paar, A Stochastic Model for Differential Side Channel Cryptanalysis, LNCS, vol.3659, pp.30-46

. Springer, , 2005.

C. E. Shannon, A mathematical theory of communication, The Bell System Technical Journal, vol.27, issue.3, pp.379-423, 1948.

C. E. Shannon, A mathematical theory of communication, ACM SIGMOBILE Mobile Computing and Communications Review, vol.5, issue.1, p.178, 2001.

W. Peter and . Shor, Algorithms for Quantum Computation: Discrete Logarithms and Factoring, 35th Annual Symposium on Foundations of Computer Science, pp.124-134, 1994.

X. François-, C. Standaert, and . Archambeau, Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages, CHES, vol.5154, p.59, 2008.

F. Standaert, T. Malkin, and M. Yung, A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks, EUROCRYPT, vol.5479, p.128, 2009.

F. Standaert, E. Peeters, C. Archambeau, and J. Quisquater, Towards security limits in side-channel attacks, CHES, vol.4249, p.27, 2006.

T. Paristech, S. Research-group, and . Contest, , vol.59, p.60, 2008.

N. Veyrat-charvillon and F. Standaert, Mutual Information Analysis: How, When and Why? In CHES, LNCS, vol.5747, p.133, 2009.

N. Veyrat-charvillon and F. Standaert, Mutual Information Analysis: How, When and Why?, Cryptographic Hardware and Embedded Systems-CHES 2009, 11th International Workshop, vol.5747, p.107, 2009.

M. Weiß, B. Heinz, and F. Stumpf, A cache timing attack on AES in virtualization environments, Financial Cryptography and Data Security-16th International Conference, vol.7397, p.122, 2012.

C. Whitnall and E. Oswald, A Comprehensive Evaluation of Mutual Information Analysis Using a Fair Evaluation Framework, Lecture Notes in Computer Science, vol.6841, p.204, 2011.

C. Whitnall and E. Oswald, A Fair Evaluation Framework for Comparing Side-Channel Distinguishers, J. Cryptographic Engineering, vol.1, issue.2, p.99, 2011.

C. Whitnall, E. Oswald, and L. Mather, An Exploration of the KolmogorovSmirnov Test as a Competitor to Mutual Information Analysis, Lecture Notes in Computer Science, vol.7079, p.97, 2011.
URL : https://hal.archives-ouvertes.fr/hal-01596305

C. Whitnall, E. Oswald, and F. Standaert, The Myth of Generic DPA. .. and the Magic of Learning, Lecture Notes in Computer Science, vol.8366, p.112, 2014.