{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T17:48:15Z","timestamp":1780336095831,"version":"3.54.1"},"publisher-location":"Cham","reference-count":69,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032070340","type":"print"},{"value":"9783032070357","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-07035-7_20","type":"book-chapter","created":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T01:06:14Z","timestamp":1767315974000},"page":"327-344","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Do Compilers Break Constant-Time Guarantees?"],"prefix":"10.1007","author":[{"given":"Lukas","family":"Gerlach","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Robert","family":"Pietsch","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Michael","family":"Schwarz","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2026,1,2]]},"reference":[{"key":"20_CR1","unstructured":"Abel, A.: Automatic generation of models of microarchitectures (2020)"},{"key":"20_CR2","doi-asserted-by":"crossref","unstructured":"Ac\u0131i\u00e7mez, O., Seifert, J.P., Ko\u00e7, C.K.: Predicting secret keys via branch prediction. In: CT-RSA (2007)","DOI":"10.1007\/11967668_15"},{"key":"20_CR3","doi-asserted-by":"crossref","unstructured":"Andrysco, M., Kohlbrenner, D., Mowery, K., Jhala, R., Lerner, S., Shacham, H.: On subnormal floating point and abnormal timing. In: S &P (2015)","DOI":"10.1109\/SP.2015.44"},{"key":"20_CR4","unstructured":"ARM.: mbed TLS (2020). https:\/\/tls.mbed.org"},{"key":"20_CR5","unstructured":"Aumasson, J.P.: Cryptocoding (2023). https:\/\/github.com\/veorq\/cryptocoding"},{"key":"20_CR6","unstructured":"Bae, D., Hwang, J., Ha, J.: Flush+ reload cache side-channel attack on block cipher aria. J. Korea Inst. Inf. Secur. Cryptology (2020)"},{"key":"20_CR7","doi-asserted-by":"crossref","unstructured":"Baldoni, R., Coppa, E., D\u2019elia, D.C., Demetrescu, C., Finocchi, I.: A survey of symbolic execution techniques. CSUR (2018)","DOI":"10.1145\/3182657"},{"key":"20_CR8","doi-asserted-by":"crossref","unstructured":"Barthe, G., et al.: High-assurance cryptography in the Spectre era. In: S &P (2021)","DOI":"10.1109\/SP40001.2021.00046"},{"key":"20_CR9","doi-asserted-by":"crossref","unstructured":"Barthe, G., Gr\u00e9goire, B., Laporte, V.: Secure compilation of side-channel countermeasures: the case of cryptographic \u201cconstant-time\u201d. In: CSF (2018)","DOI":"10.1109\/CSF.2018.00031"},{"key":"20_CR10","doi-asserted-by":"crossref","unstructured":"Ben\u00a0Khadra, M.A., Stoffel, D., Kunz, W.: Efficient binary-level coverage analysis. In: FSE (2020)","DOI":"10.1145\/3368089.3409694"},{"key":"20_CR11","doi-asserted-by":"crossref","unstructured":"Borrello, P., D\u2019Elia, D.C., Querzoni, L., Giuffrida, C.: Constantine: automatic side-channel resistance using efficient control and data flow linearization. In: SIGSAC (2021)","DOI":"10.1145\/3460120.3484583"},{"key":"20_CR12","doi-asserted-by":"crossref","unstructured":"Brumley, B.B., Tuveri, N.: Remote timing attacks are still practical. In: ESORICS (2011)","DOI":"10.1007\/978-3-642-23822-2_20"},{"key":"20_CR13","unstructured":"Canella, C., et al.: A systematic evaluation of transient execution attacks and defenses. In: USENIX Security (2019). extended classification tree and PoCs at https:\/\/transient.fail\/"},{"key":"20_CR14","doi-asserted-by":"crossref","unstructured":"Cauligi, S., et al.: FaCT: a flexible, constant-time programming language. In: IEEE cybersecurity development (SecDev), pp. 69\u201376. IEEE (2017)","DOI":"10.1109\/SecDev.2017.24"},{"key":"20_CR15","doi-asserted-by":"crossref","unstructured":"Cauligi, S., et al.: Constant-time foundations for the new spectre era. In: SIGPLAN (2020)","DOI":"10.1145\/3385412.3385970"},{"key":"20_CR16","doi-asserted-by":"crossref","unstructured":"Daniel, L.A., Bardin, S., Rezk, T.: Binsec\/rel: efficient relational symbolic execution for constant-time at binary-level. In: S &P (2020)","DOI":"10.1109\/SP40000.2020.00074"},{"key":"20_CR17","doi-asserted-by":"crossref","unstructured":"Denning, D.E.: A lattice model of secure information flow. ACM Commun. (1976)","DOI":"10.1145\/360051.360056"},{"key":"20_CR18","doi-asserted-by":"crossref","unstructured":"Dinesh, S., Garrett-Grossman, G., Fletcher, C.W.: Synthct: towards portable constant-time code. In: NDSS (2022)","DOI":"10.14722\/ndss.2022.24215"},{"key":"20_CR19","unstructured":"Dos\u00a0Reis, G., Stroustrup, B., Merideth, A.: Axioms: semantics aspects of c++ concepts. ISO\/IEC JTC1\/WG21 doc (2009)"},{"key":"20_CR20","doi-asserted-by":"crossref","unstructured":"Duck, G.J., Gao, X., Roychoudhury, A.: Binary rewriting without control flow recovery. In: ACM SIGPLAN (2020)","DOI":"10.1145\/3385412.3385972"},{"key":"20_CR21","doi-asserted-by":"crossref","unstructured":"Fletcher, C.W., Dijk, M.V., Devadas, S.: A secure processor architecture for encrypted computation on untrusted programs. In: STC (2012)","DOI":"10.1145\/2382536.2382540"},{"key":"20_CR22","doi-asserted-by":"crossref","unstructured":"Fletchery, C.W., Ren, L., Yu, X., Van\u00a0Dijk, M., Khan, O., Devadas, S.: Suppressing the oblivious ram timing channel while making information leakage and program efficiency trade-offs. In: HPCA (2014)","DOI":"10.1109\/HPCA.2014.6835932"},{"key":"20_CR23","unstructured":"Framework, Q.: Quiling: a True Instrumentable Binary Emulation Framework (2024). https:\/\/github.com\/qilingframework\/qiling"},{"key":"20_CR24","doi-asserted-by":"crossref","unstructured":"Geimer, A., Vergnolle, M., Recoules, F., Daniel, L.A., Bardin, S., Maurice, C.: A systematic evaluation of automated tools for side-channel vulnerabilities detection in cryptographic libraries. In: SIGSAC (2023)","DOI":"10.1145\/3576915.3623112"},{"key":"20_CR25","doi-asserted-by":"crossref","unstructured":"He, S., Emmi, M., Ciocarlie, G.: CT-FUZZ: fuzzing for timing leaks. In: ICST (2020)","DOI":"10.1109\/ICST46399.2020.00063"},{"key":"20_CR26","doi-asserted-by":"crossref","unstructured":"Hunger, C., Kazdagli, M., Rawat, A., Dimakis, A., Vishwanath, S., Tiwari, M.: Understanding contention-based channels and using them for defense In: HPCA (2015)","DOI":"10.1109\/HPCA.2015.7056069"},{"key":"20_CR27","unstructured":"Intel Corporation.: Pin - A Dynamic Binary Instrumentation Tool (2012). https:\/\/software.intel.com\/en-us\/articles\/pin-a-dynamic-binary-instrumentation-tool"},{"key":"20_CR28","unstructured":"Intel Corporation.: Guidelines for Mitigating Timing Side Channels Against Cryptographic Implementations (2020). https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/technical\/software-security-guidance\/secure-coding\/mitigate-timing-side-channel-crypto-implementation.html"},{"key":"20_CR29","doi-asserted-by":"crossref","unstructured":"Jancar, J., et al.: \u201cthey\u2019re not that hard to mitigate\u201d: What cryptographic library developers think about timing attacks. In: SP (2022)","DOI":"10.1109\/SP46214.2022.9833713"},{"key":"20_CR30","doi-asserted-by":"crossref","unstructured":"Kaufmann, T., Pelletier, H., Vaudenay, S., Villegas, K.: When constant-time source yields variable-time binary: exploiting curve25519-donna built with MSVC. In: CANS (2016)","DOI":"10.1007\/978-3-319-48965-0_36"},{"key":"20_CR31","unstructured":"Kim, T., Peinado, M., Mainar-Ruiz, G.: \u201c$$\\{$$STEALTHMEM$$\\}$$:$$\\{$$System-Level$$\\}$$ protection against $$\\{$$Cache-Based$$\\}$$ side channel attacks in the cloud. In: USENIX (2012)"},{"key":"20_CR32","doi-asserted-by":"crossref","unstructured":"King, J.C.: Symbolic execution and program testing. ACM Commun. (1976)","DOI":"10.1145\/360248.360252"},{"key":"20_CR33","doi-asserted-by":"crossref","unstructured":"Kocher, P., et al.: Spectre attacks: exploiting speculative execution. In: S &P (2019)","DOI":"10.1109\/SP.2019.00002"},{"key":"20_CR34","doi-asserted-by":"crossref","unstructured":"Kocher, P.C.: Timing attacks on implementations of diffe-hellman, RSA, DSS, and other systems. In: CRYPTO (1996)","DOI":"10.1007\/3-540-68697-5_9"},{"key":"20_CR35","unstructured":"Kogler, A., et al.: Collide+power: leaking inaccessible data with software-based power side channels. In: USENIX Security (2023)"},{"key":"20_CR36","unstructured":"Langley, A.: Checking that functions are constant time with Valgrind (2023). https:\/\/github.com\/agl\/ctgrind"},{"key":"20_CR37","doi-asserted-by":"crossref","unstructured":"Lee, H.B., Jois, T.M., Fletcher, C.W., Gunter, C.A.: Dove: a data-oblivious virtual environment. arXiv preprint arXiv:2102.05195 (2021)","DOI":"10.14722\/ndss.2021.23056"},{"key":"20_CR38","unstructured":"libsodium.: libsodium (2023). https:\/\/libsodium.org"},{"key":"20_CR39","doi-asserted-by":"crossref","unstructured":"Liu, C., Harris, A., Maas, M., Hicks, M., Tiwari, M., Shi, E.: Ghostrider: a hardware-software system for memory trace oblivious computation. SIGPLAN (2015)","DOI":"10.1145\/2694344.2694385"},{"key":"20_CR40","doi-asserted-by":"crossref","unstructured":"Liu, C., Hicks, M., Shi, E.: Memory trace oblivious program execution. In: CSF (2013)","DOI":"10.1109\/CSF.2013.11"},{"key":"20_CR41","doi-asserted-by":"crossref","unstructured":"Maas, M., et al.: Phantom: practical oblivious computation in a secure processor. In: SIGSAC (2013)","DOI":"10.1145\/2508859.2516692"},{"key":"20_CR42","unstructured":"Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer Science & Business Media, Berlin and Heidelberg (2008)"},{"key":"20_CR43","unstructured":"N.\u00a0I. of\u00a0Standards and Technology. \u201cLightweight cryptography,\u201d (2023). https:\/\/csrc.nist.gov\/projects\/lightweight-cryptography"},{"key":"20_CR44","unstructured":"Oleksenko, O., Trach, B., Silberstein, M., Fetzer, C.: SpecFuzz: bringing spectre-type vulnerabilities to the surface. In: USENIX Security Symposium (2020)"},{"key":"20_CR45","unstructured":"OpenSSL.: OpenSSL: The Open Source toolkit for SSL\/TLS (2019). http:\/\/www.openssl.org"},{"key":"20_CR46","unstructured":"OpenSSL.: OpenSSL RC5 implementation (2024). https:\/\/github.com\/openssl\/openssl\/tree\/master\/crypto\/rc5"},{"key":"20_CR47","doi-asserted-by":"crossref","unstructured":"Osvik, D.A., Shamir, A., Tromer, E.: Cache Attacks and Countermeasures: the Case of AES. In: CT-RSA (2006)","DOI":"10.1007\/11605805_1"},{"key":"20_CR48","doi-asserted-by":"crossref","unstructured":"Pinkas, B., Reinman, T.: Oblivious ram revisited. In: CRYPTO (2010)","DOI":"10.1007\/978-3-642-14623-7_27"},{"key":"20_CR49","unstructured":"Pornin, T.: BearSSL: a smaller SSL\/TLS library (2022). https:\/\/www.bearssl.org"},{"key":"20_CR50","unstructured":"Pornin, T.: Constant-time toolkit (2022). https:\/\/github.com\/pornin\/CTTK"},{"key":"20_CR51","unstructured":"Pornin, T.: Why Constant-Time Crypto? (2022). https:\/\/www.bearssl.org\/constanttime.html"},{"key":"20_CR52","unstructured":"Rane, A., Lin, C., Tiwari, M.: Raccoon: closing digital $$\\{$$Side-Channels$$\\}$$ through obfuscated execution. In: USENIX (2015)"},{"key":"20_CR53","doi-asserted-by":"crossref","unstructured":"Reparaz, O., Balasch, J., Verbauwhede, I.: Dude, is my code constant time?. In: DATE (2017)","DOI":"10.23919\/DATE.2017.7927267"},{"key":"20_CR54","doi-asserted-by":"crossref","unstructured":"Schneider, M., Lain, D., Puddu, I., Dutly, N., Capkun, S.: Breaking bad: how compilers break constant-time implementations. arXiv preprint arXiv:2410.13489 (2024)","DOI":"10.1145\/3708821.3733909"},{"key":"20_CR55","doi-asserted-by":"crossref","unstructured":"Schneider, T., Moradi, A.: Leakage assessment methodology: a clear roadmap for side-channel evaluations. In: CHES (2015)","DOI":"10.1007\/978-3-662-48324-4_25"},{"key":"20_CR56","doi-asserted-by":"crossref","unstructured":"Shaon, F., Kantarcioglu, M., Lin, Z., Khan, L.: Sgx-bigmatrix: a practical encrypted data analytic framework with trusted processors. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (2017)","DOI":"10.1145\/3133956.3134095"},{"key":"20_CR57","doi-asserted-by":"crossref","unstructured":"Shi, E., Chan, T.H.H., Stefanov, E., Li, M.: Oblivious ram with o ((log n) 3) worst-case cost. In: ASIACRYPT (2011)","DOI":"10.1007\/978-3-642-25385-0_11"},{"key":"20_CR58","doi-asserted-by":"crossref","unstructured":"Simon, L., Chisnall, D., Anderson, R.: What you get is what you c: controlling side effects in mainstream c compilers. In: EuroS &P (2018)","DOI":"10.1109\/EuroSP.2018.00009"},{"key":"20_CR59","doi-asserted-by":"crossref","unstructured":"Soares, L., Pereira, F.M.Q.: Memory-safe elimination of side channels. In: CGO (2021)","DOI":"10.1109\/CGO51591.2021.9370305"},{"key":"20_CR60","unstructured":"Song, D.X., Wagner, D., Tian, X.: Timing analysis of keystrokes and timing attacks on SSH. In: USENIX Security Symposium (2001)"},{"key":"20_CR61","unstructured":"Weiser, S., Zankl, A., Spreitzer, R., Miller, K., Mangard, S., Sigl, G.: DATA - differential address trace analysis: finding address-based side-channels in binaries. In: USENIX Security Symposium (2018)"},{"key":"20_CR62","doi-asserted-by":"crossref","unstructured":"Wenzl, M., Merzdovnik, G., Ullrich, J., Weippl, E.: From hack to elaborate technique\u2014a survey on binary rewriting. CSUR (2019)","DOI":"10.1145\/3316415"},{"key":"20_CR63","doi-asserted-by":"crossref","unstructured":"Wichelmann, J., Moghimi, A., Eisenbarth, T., Sunar, B.: MicroWalk: a framework for finding side channels in binaries. In: ACSAC (2018)","DOI":"10.1145\/3274694.3274741"},{"key":"20_CR64","doi-asserted-by":"crossref","unstructured":"Wichelmann, J., Sieck, F., P\u00e4tschke, A., Eisenbarth, T.: Microwalk-ci: practical side-channel analysis for javascript applications. In: SIGSAC (2022)","DOI":"10.1145\/3548606.3560654"},{"key":"20_CR65","unstructured":"wolfSSL.: wolfSSL: Embedded TLS Library (2023). https:\/\/www.wolfssl.com\/"},{"key":"20_CR66","doi-asserted-by":"crossref","unstructured":"Wu, M., Guo, S., Schaumont, P., Wang, C.: Eliminating timing side-channel leaks using program repair. In: ISSTA (2018)","DOI":"10.1145\/3213846.3213851"},{"key":"20_CR67","unstructured":"Yarom, Y., Falkner, K.: Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack. In: USENIX Security Symposium (2014)"},{"key":"20_CR68","doi-asserted-by":"crossref","unstructured":"Yu, J., Hsiung, L., El\u00a0Hajj, M., Fletcher, C.W.: Data oblivious ISA extensions for side channel-resistant and high performance computing. Cryptology ePrint Archive (2018)","DOI":"10.14722\/ndss.2019.23061"},{"key":"20_CR69","unstructured":"Zhao, X.J., Wang, T., Zheng, Y.: Cache Timing Attacks on Camellia Block Cipher (2009)"}],"container-title":["Lecture Notes in Computer Science","Financial Cryptography and Data Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-07035-7_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T01:06:18Z","timestamp":1767315978000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-07035-7_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9783032070340","9783032070357"],"references-count":69,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-07035-7_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"2 January 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Financial Cryptography and Data Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Miyakojima","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Japan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 April 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 April 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fc2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/fc25.ifca.ai\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}