J. Aumasson, I. Dinur, W. Meier, and A. Shamir, Cube Testers and Key Recovery Attacks on Reduced-Round MD6 and Trivium, FSE, pp.1-22, 2009.
DOI : 10.1007/978-3-642-03317-9_1

P. Barreto and V. Rijmen, The KHAZAD legacy-level block cipher. Primitive submitted to NESSIE, p.4, 2000.

E. Biham, A. Biryukov, and A. Shamir, Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials, Lecture Notes in Computer Science, vol.1592, pp.12-23, 1999.
DOI : 10.1007/3-540-48910-X_2

E. Biham and A. Shamir, Differential Cryptanalysis of DES-like Cryptosystems, Lecture Notes in Computer Science, vol.537, pp.2-21, 1990.
DOI : 10.1007/3-540-38424-3_1

A. Biryukov and D. Wagner, Slide Attacks, Lecture Notes in Computer Science, vol.1636, pp.245-259, 1999.
DOI : 10.1007/3-540-48519-8_18

A. Bogdanov, D. Khovratovich, and C. Rechberger, Biclique Cryptanalysis of the Full AES, Lecture Notes in Computer Science, vol.7073, pp.344-371, 2011.
DOI : 10.1007/978-3-642-25385-0_19

A. Bogdanov, L. R. Knudsen, G. Leander, C. Paar, A. Poschmann et al., PRESENT: An Ultra-Lightweight Block Cipher, Paillier and Verbauwhede [46], pp.450-466
DOI : 10.1007/978-3-540-74735-2_31

A. Bogdanov, L. R. Knudsen, G. Leander, F. Standaert, J. P. Steinberger et al., Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations, Lecture Notes in Computer Science, vol.7237, pp.45-62, 2012.
DOI : 10.1007/978-3-642-29011-4_5

J. Borghoff, A. Canteaut, T. Gneysu, M. Elif-bilge-kavun, L. R. Kneevic et al., PRINCE ??? A Low-Latency Block Cipher for Pervasive Computing Applications, pp.208-225
DOI : 10.1007/978-3-642-34961-4_14

C. Boura, A. Canteaut, and C. Decannì-ere, Higher-Order Differential Properties of Keccak and Luffa, Joux [32], pp.252-269
DOI : 10.1007/978-3-642-13858-4_15

URL : https://hal.archives-ouvertes.fr/inria-00537741

C. Decannì-ere, O. Dunkelman, and M. Knezevic, KATAN and KTANTAN ??? A Family of Small and Efficient Hardware-Oriented Block Ciphers, CHES, pp.272-288, 2009.
DOI : 10.1007/978-3-642-04138-9_20

C. Decannì-ere, B. Preneel, and . Trivium, Trivium, The eSTREAM Finalists, pp.244-266, 2008.
DOI : 10.1007/978-3-540-68351-3_18

D. Canright and L. Batina, A Very Compact ???Perfectly Masked??? S-Box for AES, ACNS, pp.446-459, 2008.
DOI : 10.1007/978-3-540-68914-0_27

S. Chari, C. S. Jutla, J. R. Rao, and P. Rohatgi, Towards Sound Approaches to Counteract Power-Analysis Attacks, Lecture Notes in Computer Science, vol.1666, pp.398-412, 1999.
DOI : 10.1007/3-540-48405-1_26

E. Jean-sébastien-coron, M. Prouff, and . Rivain, Side channel cryptanalysis of a higher order masking scheme, Paillier and Verbauwhede [46], pp.28-44

N. Courtois and J. Pieprzyk, Cryptanalysis of Block Ciphers with Overdefined Systems of Equations, Lecture Notes in Computer Science, vol.2501, pp.267-287, 2002.
DOI : 10.1007/3-540-36178-2_17

J. Daemen, M. Peeters, G. Van-assche, and V. Rijmen, Nessie proposal: NOEKEON, 2000.

J. Daemen and V. Rijmen, Rijndael candidate for aes, AES Candidate Conference, pp.343-348, 2000.
DOI : 10.1007/0-387-23483-7_358

J. Daemen and V. Rijmen, The Wide Trail Design Strategy, IMA Int. Conf., volume 2260 of Lecture Notes in Computer Science, pp.222-238, 2001.
DOI : 10.1007/3-540-45325-3_20

W. Donald, S. Davies, and . Murphy, Pairs and triplets of des S-Boxes, J. Cryptology, pp.1-25, 1995.

I. Dinur, O. Dunkelman, N. Keller, and A. Shamir, Key Recovery Attacks on 3-round Even-Mansour (with Applications!), Eurocrypt rump session, 2013.

I. Dinur and A. Shamir, Breaking Grain-128 with Dynamic Cube Attacks, Joux [32], pp.167-187
DOI : 10.1007/978-3-642-17401-8_16

H. Englund, T. Johansson, and M. Sönmez-turan, A Framework for Chosen IV Statistical Analysis of Stream Ciphers, INDOCRYPT, pp.268-281, 2007.
DOI : 10.1007/978-3-540-77026-8_20

S. Fischer, S. Khazaei, and W. Meier, Chosen IV Statistical Analysis for Key Recovery Attacks on Stream Ciphers, Lecture Notes in Computer Science, vol.5023, pp.236-245, 2008.
DOI : 10.1007/978-3-540-68164-9_16

H. Gilbert and T. Peyrin, Super-Sbox Cryptanalysis: Improved Attacks for AES-Like Permutations, Lecture Notes in Computer Science, vol.6147, pp.365-383, 2010.
DOI : 10.1007/978-3-642-13858-4_21

L. Goubin and J. Patarin, DES and Differential Power Analysis The ???Duplication??? Method, CHES, pp.158-172, 1999.
DOI : 10.1007/3-540-48059-5_15

J. Guo, T. Peyrin, A. Poschmann, and M. J. Robshaw, The LED Block Cipher, Preneel and Takagi [48], pp.326-341
DOI : 10.1007/978-3-642-23951-9_22

M. Hell, T. Johansson, and W. Meier, Grain: a stream cipher for constrained environments, International Journal of Wireless and Mobile Computing, vol.2, issue.1, pp.86-93, 2007.
DOI : 10.1504/IJWMC.2007.013798

J. Jean, M. Naya-plasencia, and T. Peyrin, Improved Rebound Attack on the Finalist Gr??stl, FSE, Lecture Notes in Computer Science, 2012.
DOI : 10.1007/978-3-642-34047-5_7

D. Khovratovich, C. Rechberger, and A. Savelieva, Bicliques for Preimages: Attacks on Skein-512 and the SHA-2 Family, Lecture Notes in Computer Science, vol.7549, pp.244-263, 2012.
DOI : 10.1007/978-3-642-34047-5_15

H. Kim, S. Hong, and J. Lim, A Fast and Provably Secure Higher-Order Masking of AES S-Box, Preneel and Takagi [48], pp.95-107
DOI : 10.1007/978-3-642-23951-9_7

S. Knellwolf, W. Meier, and M. Naya-plasencia, Conditional Differential Cryptanalysis of NLFSR-Based Cryptosystems, Abe [1], pp.130-145
DOI : 10.1007/978-3-642-17373-8_8

L. R. Knudsen, Truncated and higher order differentials, Lecture Notes in Computer Science, vol.1008, pp.196-211, 1994.
DOI : 10.1007/3-540-60590-8_16

L. R. Knudsen and V. Rijmen, Known-Key Distinguishers for Some Block Ciphers, ASIACRYPT, pp.315-324, 2007.
DOI : 10.1007/978-3-540-76900-2_19

L. R. Knudsen and D. Wagner, Integral Cryptanalysis, Lecture Notes in Computer Science, vol.2365, pp.112-127, 2002.
DOI : 10.1007/3-540-45661-9_9

S. Mangard, T. Popp, M. Berndt, and . Gammel, Side-Channel Leakage of Masked CMOS Gates, Lecture Notes in Computer Science, vol.3376, pp.351-365, 2005.
DOI : 10.1007/978-3-540-30574-3_24

M. Matsui, Linear Cryptanalysis Method for DES Cipher, Lecture Notes in Computer Science, vol.765, pp.386-397, 1993.
DOI : 10.1007/3-540-48285-7_33

F. Mendel, C. Rechberger, M. Schläffer, and S. S. Thomsen, The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Gr??stl, Fast Software Encryption -FSE 2009, p.5665
DOI : 10.1007/978-3-642-03317-9_16

F. Mendel, V. Rijmen, D. Toz, and K. Varici, Differential Analysis of the LED Block Cipher, pp.190-207
DOI : 10.1007/978-3-642-34961-4_13

I. Nikolic, J. Pieprzyk, P. Sokolowski, and R. Steinfeld, Known and Chosen Key Differential Distinguishers for Block Ciphers, Lecture Notes in Computer Science, vol.6829, pp.29-48, 2010.
DOI : 10.1007/978-3-642-24209-0_3

E. Oswald, S. Mangard, N. Pramstaller, and V. Rijmen, A Side-Channel Analysis Resistant Description of the AES S-Box, Gilbert and Handschuh [26], pp.413-423
DOI : 10.1007/11502760_28

E. Oswald and K. Schramm, An Efficient Masking Scheme for AES Software Implementations, Lecture Notes in Computer Science, vol.3786, pp.292-305, 2005.
DOI : 10.1007/11604938_23

G. Piret, T. Roche, and C. Carlet, PICARO ??? A Block Cipher Allowing Efficient Higher-Order Side-Channel Resistance, ACNS, pp.311-328, 2012.
DOI : 10.1007/978-3-642-31284-7_19

E. Prouff and T. Roche, Higher-order glitches free implementation of the aes using secure multiparty computation protocols, Preneel and Takagi [48], pp.63-78

V. Rijmen and P. Barreto, Nessie proposal: KHAZAD, 2000.

B. Vincent-rijmen, E. Preneel, and . De-win, On weaknesses of non-surjective round functions, Des. Codes Cryptography, pp.253-266, 1997.

M. Rivain, E. Dottax, and E. Prouff, Block Ciphers Implementations Provably Secure Against Second Order Side Channel Analysis, Lecture Notes in Computer Science, vol.5086, pp.127-143, 2008.
DOI : 10.1007/978-3-540-71039-4_8

M. Rivain and E. Prouff, Provably Secure Higher-Order Masking of AES, CHES, pp.413-427, 2010.
DOI : 10.1007/978-3-642-15031-9_28

Y. Sasaki, Y. Li, L. Wang, K. Sakiyama, and K. Ohta, Non-full-active Super-Sbox Analysis: Applications to ECHO and Gr??stl, Abe [1], pp.38-55
DOI : 10.1007/978-3-642-17373-8_3

K. Schramm and C. Paar, Higher Order Masking of the AES, Lecture Notes in Computer Science, vol.3860, pp.208-225, 2006.
DOI : 10.1007/11605805_14

F. Standaert, G. Piret, G. Rouvroy, J. Quisquater, and J. Legat, ICEBERG : An Involutional Cipher Efficient for Block Encryption in Reconfigurable Hardware, Lecture Notes in Computer Science, vol.3017, pp.279-299, 2004.
DOI : 10.1007/978-3-540-25937-4_18

F. Standaert, N. Veyrat-charvillon, E. Oswald, B. Gierlichs, M. Medwed et al., The World Is Not Enough: Another Look on Second-Order DPA, pp.112-129
DOI : 10.1007/978-3-642-17373-8_7

N. Veyrat-charvillon and F. Standaert, Generic Side-Channel Distinguishers: Improvements and Limitations, Lecture Notes in Computer Science, vol.6841, pp.354-372, 2011.
DOI : 10.1007/978-3-642-22792-9_20

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

C. Whitnall, E. Oswald, and F. Standaert, The Myth of Generic DPA???and the Magic of Learning, Cryptology ePrint Archive, vol.256, 2012.
DOI : 10.1007/978-3-319-04852-9_10

M. Mc, Meet-in-the-middle path for 12 rounds