{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,12]],"date-time":"2026-03-12T15:31:40Z","timestamp":1773329500466,"version":"3.50.1"},"publisher-location":"Cham","reference-count":54,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031355035","type":"print"},{"value":"9783031355042","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-35504-2_1","type":"book-chapter","created":{"date-parts":[[2023,6,9]],"date-time":"2023-06-09T08:01:47Z","timestamp":1686297707000},"page":"3-23","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["MAMBO\u2013V: Dynamic Side-Channel Leakage Analysis on\u00a0RISC\u2013V"],"prefix":"10.1007","author":[{"given":"Jan","family":"Wichelmann","sequence":"first","affiliation":[]},{"given":"Christopher","family":"Peredy","sequence":"additional","affiliation":[]},{"given":"Florian","family":"Sieck","sequence":"additional","affiliation":[]},{"given":"Anna","family":"P\u00e4tschke","sequence":"additional","affiliation":[]},{"given":"Thomas","family":"Eisenbarth","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,6,10]]},"reference":[{"key":"1_CR1","doi-asserted-by":"crossref","unstructured":"Acii\u00e7mez, O., Brumley, B.B., Grabher, P.: New results on instruction cache attacks. In: Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop (2010)","DOI":"10.1007\/978-3-642-15031-9_8"},{"key":"1_CR2","doi-asserted-by":"crossref","unstructured":"Acii\u00e7mez, O., Ko\u00e7, \u00c7.K., Seifert, J.: Predicting secret keys via branch prediction. In: Topics in Cryptology - CT-RSA (2007)","DOI":"10.1007\/11967668_15"},{"key":"1_CR3","unstructured":"Almeida, J.B., Barbosa, M., Barthe, G., Dupressoir, F., Emmi, M.: Verifying constant-time implementations. In: 25th USENIX Security Symposium (2016)"},{"key":"1_CR4","unstructured":"Asanovi\u0107, K., Patterson, D.A.: Instruction sets should be free: the case for RISC-V. EECS Dpt., Univ. of CF, Berkeley, Technical report, UCB\/EECS-2014-146 (2014)"},{"key":"1_CR5","doi-asserted-by":"crossref","unstructured":"Bao, Q., Wang, Z., Li, X., Larus, J.R., Wu, D.: Abacus: precise side-channel analysis. In: 43rd IEEE\/ACM International Conference on Software Engineering, ICSE (2021)","DOI":"10.1109\/ICSE43902.2021.00078"},{"key":"1_CR6","unstructured":"Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of the FREENIX Track: 2005 USENIX Annual Technical Conference (2005)"},{"key":"1_CR7","unstructured":"Bernstein, D.J.: Cache-Timing Attacks on AES (2005)"},{"key":"1_CR8","doi-asserted-by":"crossref","unstructured":"Brotzman, R., Liu, S., Zhang, D., Tan, G., Kandemir, M.T.: CaSym: cache aware symbolic execution for side channel detection and mitigation. In: IEEE Symposium on Security and Privacy, S&P (2019)","DOI":"10.1109\/SP.2019.00022"},{"key":"1_CR9","unstructured":"Bruening, D., Garnett, T., Amarasinghe, S.P.: An infrastructure for adaptive dynamic optimization. In: 1st IEEE\/ACM International Symposium on Code Generation and Optimization (CGO) (2003)"},{"key":"1_CR10","doi-asserted-by":"crossref","unstructured":"Daniel, L., Bardin, S., Rezk, T.: BINSEC\/REL: symbolic binary analyzer for security with applications to constant-time and secret-erasure. ACM Trans. Privacy Secur. (2022)","DOI":"10.1145\/3563037"},{"key":"1_CR11","unstructured":"Dessouky, G., Frassetto, T., Sadeghi, A.: HybCache: hybrid side-channel-resilient caches for trusted execution environments. In: 29th USENIX Security Symposium (2020)"},{"key":"1_CR12","doi-asserted-by":"crossref","unstructured":"Dinesh, S., Burow, N., Xu, D., Payer, M.: RetroWrite: statically instrumenting COTS binaries for fuzzing and sanitization. In: IEEE Symposium on Security and Privacy, S &P (2020)","DOI":"10.1109\/SP40000.2020.00009"},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"Dolan-Gavitt, B., Hodosh, J., Hulin, P., Leek, T., Whelan, R.: Repeatable reverse engineering with PANDA. In: Proceedings of the 5th Program Protection and Reverse Engineering Workshop, PPREW@ACSAC (2015)","DOI":"10.1145\/2843859.2843867"},{"key":"1_CR14","unstructured":"Doychev, G., Feld, D., K\u00f6pf, B., Mauborgne, L., Reineke, J.: CacheAudit: a tool for the static analysis of cache side channels. In: Proceedings of the 22nd USENIX Security Symposium (2013)"},{"key":"1_CR15","unstructured":"GMP: https:\/\/ftp.gnu.org\/gnu\/gmp\/. Accessed 24 Jan 2023"},{"key":"1_CR16","unstructured":"GNU Nettle: https:\/\/git.lysator.liu.se\/nettle\/nettle. Accessed 24 Jan 2023"},{"key":"1_CR17","unstructured":"Gonzalez, A., Korpan, B., Zhao, J., Younis, E., Asanovic, K.: Replicating and mitigating spectre attacks on an open source RISC-V microarchitecture. In: Third Workshop on Computer Architecture Research with RISC-V (CARRV) (2019)"},{"key":"1_CR18","doi-asserted-by":"crossref","unstructured":"Gorgovan, C., D\u2019Antras, A., Luj\u00e1n, M.: MAMBO: a low-overhead dynamic binary modification tool for ARM. ACM Trans. Archit, Code Optim (2016)","DOI":"10.1145\/3062341.3062371"},{"key":"1_CR19","unstructured":"Gras, B., Razavi, K., Bos, H., Giuffrida, C.: Translation leak-aside buffer: defeating cache side-channel protections with TLB attacks. In: 27th USENIX Security Symposium (2018)"},{"key":"1_CR20","doi-asserted-by":"crossref","unstructured":"He, S., Emmi, M., Ciocarlie, G.F.: ct-fuzz: fuzzing for timing leaks. In: 13th IEEE International Conference on Software Testing, Validation and Verification, ICST (2020)","DOI":"10.1109\/ICST46399.2020.00063"},{"key":"1_CR21","doi-asserted-by":"crossref","unstructured":"Inci, M.S., G\u00fclmezoglu, B., Irazoqui, G., Eisenbarth, T., Sunar, B.: Cache attacks enable bulk key recovery on the cloud. In: Cryptographic Hardware and Embedded Systems - CHES (2016)","DOI":"10.1007\/978-3-662-53140-2_18"},{"key":"1_CR22","doi-asserted-by":"crossref","unstructured":"Irazoqui, G., Eisenbarth, T., Sunar, B.: S\\$A: a shared cache attack that works across cores and defies VM sandboxing - and its application to AES. In: IEEE Symposium on Security and Privacy, S&P (2015)","DOI":"10.1109\/SP.2015.42"},{"key":"1_CR23","doi-asserted-by":"crossref","unstructured":"Jancar, J., et al.: \u201cThey\u2019re not that hard to mitigate\u201d: what cryptographic library developers think about timing attacks. In: 43rd IEEE Symposium on Security and Privacy, S&P (2022)","DOI":"10.1109\/SP46214.2022.9833713"},{"key":"1_CR24","doi-asserted-by":"crossref","unstructured":"Kaufmann, T., Pelletier, H., Vaudenay, S., Villegas, K.: When constant-time source yields variable-time binary: exploiting curve25519-donna built with MSVC 2015. In: Cryptology and Network Security - 15th International Conference, CANS (2016)","DOI":"10.1007\/978-3-319-48965-0_36"},{"key":"1_CR25","doi-asserted-by":"crossref","unstructured":"Kocher, P., et al.: Spectre attacks: exploiting speculative execution. In: IEEE Symposium on Security and Privacy, S&P (2019)","DOI":"10.1109\/SP.2019.00002"},{"key":"1_CR26","doi-asserted-by":"crossref","unstructured":"Kumar, V.B.Y., et al.: Towards Designing a Secure RISC-V System-on-Chip: ITUS. J. Hardw. Syst. Secur. (2020)","DOI":"10.1007\/s41635-020-00108-8"},{"key":"1_CR27","unstructured":"Le, A.T., Dao, B.A., Suzaki, K., Pham, C.K.: Experiment on replication of side channel attack via cache of RISC-V berkeley out-of-order machine (BOOM) implemented on FPGA. In: Fourth Workshop on Computer Architecture Research with RISC-V (CARRV) (2020)"},{"key":"1_CR28","doi-asserted-by":"crossref","unstructured":"Le, A.T., Hoang, T.T., Dao, B.A., Tsukamoto, A., Suzaki, K., Pham, C.K.: A cross-process spectre attack via cache on RISC-V processor with trusted execution environment. Comput. Electr. Eng. (2023)","DOI":"10.1016\/j.compeleceng.2022.108546"},{"key":"1_CR29","unstructured":"libsodium: https:\/\/github.com\/jedisct1\/libsodium. Accessed 24 Jan 2023"},{"key":"1_CR30","doi-asserted-by":"crossref","unstructured":"Luk, C., et al.: Pin: building customized program analysis tools with dynamic instrumentation. In: Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (2005)","DOI":"10.1145\/1065010.1065034"},{"key":"1_CR31","unstructured":"Mbed-TLS: https:\/\/github.com\/Mbed-TLS\/mbedtls. Accessed 24 Jan 2023"},{"key":"1_CR32","unstructured":"Mulder, E.D., Gummalla, S., Hutter, M.: Protecting RISC-V against side-channel attacks. In: Proceedings of the 56th Annual Design Automation Conference, DAC (2019)"},{"key":"1_CR33","doi-asserted-by":"crossref","unstructured":"Nasahl, P., Schilling, R., Werner, M., Mangard, S.: HECTOR-V: a heterogeneous CPU architecture for a secure RISC-V execution environment. In: ASIA CCS: ACM Asia Conference on Computer and Communications Security (2021)","DOI":"10.1145\/3433210.3453112"},{"key":"1_CR34","doi-asserted-by":"crossref","unstructured":"Nashimoto, S., Suzuki, D., Ueno, R., Homma, N.: Bypassing isolated execution on RISC-V using side-channel-assisted fault-injection and its countermeasure. IACR Trans. Cryptogr. Hardw. Embed. Syst. (2022)","DOI":"10.46586\/tches.v2022.i1.28-68"},{"key":"1_CR35","doi-asserted-by":"crossref","unstructured":"Nethercote, N., Seward, J.: Valgrind: a program supervision framework. In: Third Workshop on Runtime Verification, RV@CAV (2003)","DOI":"10.1016\/S1571-0661(04)81042-9"},{"key":"1_CR36","unstructured":"OpenSSL: https:\/\/github.com\/openssl\/openssl. Accessed 24 Jan 2023"},{"key":"1_CR37","doi-asserted-by":"crossref","unstructured":"Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Topics in Cryptology - CT-RSA (2006)","DOI":"10.1007\/11605805_1"},{"key":"1_CR38","unstructured":"Pavlu, P.: Valgrind RISC-V Port. Free and Open Source Software Developers\u2019 European Meeting (FOSDEM) (2022). https:\/\/github.com\/petrpavlu\/valgrind-riscv64"},{"key":"1_CR39","unstructured":"QBDI: QuarkslaB Dynamic binary Instrumentation. https:\/\/qbdi.quarkslab.com\/"},{"key":"1_CR40","doi-asserted-by":"crossref","unstructured":"Reparaz, O., Balasch, J., Verbauwhede, I.: Dude, is my code constant time? In: Design, Automation & Test in Europe Conference & Exhibition, DATE (2017)","DOI":"10.23919\/DATE.2017.7927267"},{"key":"1_CR41","unstructured":"RISC-V: RISC-V Cryptography Extensions Volume I. https:\/\/github.com\/riscv\/riscv-crypto\/releases\/tag\/v1.0.1-scalar. Accessed 24 Jan 2023"},{"key":"1_CR42","unstructured":"RISC-V Software Collaboration: RISC-V GNU Compiler Toolchain. https:\/\/github.com\/riscv-collab\/riscv-gnu-toolchain. Accessed 24 Jan 2023"},{"key":"1_CR43","unstructured":"Saileshwar, G., Qureshi, M.K.: MIRAGE: mitigating conflict-based cache attacks with a practical fully-associative design. In: 30th USENIX Security Symposium (2021)"},{"key":"1_CR44","unstructured":"SiFive Cryptographic Library (SCL): https:\/\/github.com\/sifive\/scl-metal. Accessed 24 Jan 2023"},{"key":"1_CR45","doi-asserted-by":"crossref","unstructured":"Stangherlin, K., Sachdev, M.: Design and implementation of a secure RISC-V microprocessor. IEEE Trans. Very Large Scale Integr. Syst. (2022)","DOI":"10.1109\/TVLSI.2022.3203307"},{"key":"1_CR46","unstructured":"Wang, S., Bao, Y., Liu, X., Wang, P., Zhang, D., Wu, D.: Identifying cache-based side channels through secret-augmented abstract interpretation. In: 28th USENIX Security Symposium (2019)"},{"key":"1_CR47","unstructured":"Waterman, A.: Design of the RISC-V Instruction Set Architecture. Ph.D. thesis, University of California, Berkeley, USA (2016)"},{"key":"1_CR48","unstructured":"Weiser, S., Zankl, A., Spreitzer, R., Miller, K., Mangard, S., Sigl, G.: DATA-differential address trace analysis: finding address-based side-channels in binaries. In: 27th USENIX Security Symposium (2018)"},{"key":"1_CR49","unstructured":"Werner, M., Unterluggauer, T., Giner, L., Schwarz, M., Gruss, D., Mangard, S.: ScatterCache: thwarting cache attacks via cache set randomization. In: 28th USENIX Security Symposium (2019)"},{"key":"1_CR50","doi-asserted-by":"crossref","unstructured":"Wichelmann, J., Moghimi, A., Eisenbarth, T., Sunar, B.: MicroWalk: a framework for finding side-channels in binaries. In: Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC (2018)","DOI":"10.1145\/3274694.3274741"},{"key":"1_CR51","doi-asserted-by":"crossref","unstructured":"Wichelmann, J., Sieck, F., P\u00e4tschke, A., Eisenbarth, T.: Microwalk-CI: practical side-channel analysis for JavaScript applications. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, CCS (2022)","DOI":"10.1145\/3548606.3560654"},{"key":"1_CR52","unstructured":"WolfSSL: https:\/\/github.com\/wolfSSL\/wolfssl. Accessed 24 Jan 2023"},{"key":"1_CR53","unstructured":"Yarom, Y., Falkner, K.: FLUSH+RELOAD: a high resolution, low noise, l3 cache side-channel attack. In: Proceedings of the 23rd USENIX Security Symposium (2014)"},{"key":"1_CR54","doi-asserted-by":"crossref","unstructured":"Yu, J., Hsiung, L., Hajj, M.E., Fletcher, C.W.: Data oblivious ISA extensions for side channel-resistant and high performance computing. In: 26th Annual Network and Distributed System Security Symposium (NDSS) (2019)","DOI":"10.14722\/ndss.2019.23061"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-35504-2_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,7,4]],"date-time":"2023-07-04T23:03:29Z","timestamp":1688511809000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-35504-2_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031355035","9783031355042"],"references-count":54,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-35504-2_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"10 June 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DIMVA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Hamburg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 July 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 July 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dimva2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/dimva2023.de\/org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"hotcrp.com","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"43","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}