{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,7]],"date-time":"2026-05-07T10:55:22Z","timestamp":1778151322785,"version":"3.51.4"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032163417","type":"print"},{"value":"9783032163424","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-16342-4_19","type":"book-chapter","created":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T08:57:45Z","timestamp":1770800265000},"page":"336-357","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Hard-to-Find Bugs in\u00a0Public-Key Cryptographic Software: Classification and\u00a0Test Methodologies"],"prefix":"10.1007","author":[{"given":"Matteo","family":"Steinbach","sequence":"first","affiliation":[]},{"given":"Johann","family":"Gro\u00dfsch\u00e4dl","sequence":"additional","affiliation":[]},{"given":"Peter B.","family":"R\u00f8nne","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,2,12]]},"reference":[{"key":"19_CR1","doi-asserted-by":"crossref","unstructured":"Almeida, J.B., Barbosa, M., Barthe, G., et al.: Jasmin: high-assurance and high-speed cryptography. In: 24th ACM Conference on Computer and Communications Security (CCS 2017), pp. 1807\u20131823. ACM (2017)","DOI":"10.1145\/3133956.3134078"},{"key":"19_CR2","doi-asserted-by":"crossref","unstructured":"Almeida, J.B., Barbosa, M., Barthe, G., et al.: The last mile: high-assurance and high-speed cryptographic implementations. In: 41st IEEE Symposium on Security and Privacy (S &P 2020), pp. 965\u2013982. IEEE (2020)","DOI":"10.1109\/SP40000.2020.00028"},{"key":"19_CR3","doi-asserted-by":"crossref","unstructured":"Aranha, D.F., Novaes, F.R., Takahashi, A., et al.: LadderLeak: breaking ECDSA with less than one bit of nonce leakage. In: 27th ACM Conference on Computer and Communications Security (CCS 2020), pp. 225\u2013242. ACM (2020)","DOI":"10.1145\/3372297.3417268"},{"key":"19_CR4","doi-asserted-by":"crossref","unstructured":"Barthe, G., Gr\u00e9goire, B., Zanella-B\u00e9guelin, S.: Formal certification of code-based cryptographic proofs. In: 36th ACM Symposium on Principles of Programming Languages (POPL 2009), pp. 90\u2013101. ACM (2009)","DOI":"10.1145\/1480881.1480894"},{"key":"19_CR5","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., Blanchet, B., Kobeissi, N.: Verified models and reference implementations for the TLS 1.3 standard candidate. In: 38th IEEE Symposium on Security and Privacy (S &P 2017), pp. 483\u2013502. IEEE (2017)","DOI":"10.1109\/SP.2017.26"},{"key":"19_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-642-28641-4_2","volume-title":"Principles of Security and Trust","author":"B Blanchet","year":"2012","unstructured":"Blanchet, B.: Security protocol verification: symbolic and computational models. In: Degano, P., Guttman, J.D. (eds.) POST 2012. LNCS, vol. 7215, pp. 3\u201329. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-28641-4_2"},{"key":"19_CR7","doi-asserted-by":"crossref","unstructured":"Blessing, J., Specter, M.A., Weitzner, D.J.: Cryptography in the wild: an empirical analysis of vulnerabilities in cryptographic libraries. In: 19th ACM Asia Conference on Computer and Communications Security (ASIACCS 2024), pp. 605\u2013620. ACM (2024)","DOI":"10.1145\/3634737.3657012"},{"key":"19_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"645","DOI":"10.1007\/978-3-030-81685-8_31","volume-title":"Computer Aided Verification","author":"B Boston","year":"2021","unstructured":"Boston, B., et al.: Verified cryptographic code for everybody. In: Silva, A., Leino, K.R.M. (eds.) CAV 2021. LNCS, vol. 12759, pp. 645\u2013668. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-81685-8_31"},{"key":"19_CR9","doi-asserted-by":"crossref","unstructured":"Bressana, P., Zilberman, N., Soul\u00e9, R.: Finding hard-to-find data plane bugs with a PTA. In: 16th International Conference on emerging Networking EXperiments and Technologies (CoNEXT 2020), pp. 218\u2013231. ACM (2020)","DOI":"10.1145\/3386367.3431313"},{"key":"19_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"171","DOI":"10.1007\/978-3-642-27954-6_11","volume-title":"Topics in Cryptology \u2013 CT-RSA 2012","author":"BB Brumley","year":"2012","unstructured":"Brumley, B.B., Barbosa, M., Page, D., Vercauteren, F.: Practical realisation and elimination of an ECC-related software bug attack. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 171\u2013186. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-27954-6_11"},{"key":"19_CR11","doi-asserted-by":"crossref","unstructured":"Chen, Y., Su, Z.: Guided differential testing of certificate validation in SSL\/TLS implementations. In: 10th Joint Meeting on Foundations of Software Engineering (ESEC\/FSE 2015), pp. 793\u2013804. ACM (2015)","DOI":"10.1145\/2786805.2786835"},{"key":"19_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"430","DOI":"10.1007\/978-3-319-96142-2_26","volume-title":"Computer Aided Verification","author":"A Chudnov","year":"2018","unstructured":"Chudnov, A., et al.: Continuous formal verification of amazon s2n. In: Chockler, H., Weissenbacher, G. (eds.) CAV 2018. LNCS, vol. 10982, pp. 430\u2013446. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96142-2_26"},{"key":"19_CR13","unstructured":"De Ruiter, J., Poll, E.: Protocol state fuzzing of TLS implementations. In: 24th USENIX Security Symposium (USS 2015), pp. 193\u2013206. USENIX Association (2015)"},{"key":"19_CR14","unstructured":"Fail0verflow. Console hacking 2010: PS3 epic fail. Presentation at the 27th Chaos Communication Congress (27C3) (2010)"},{"key":"19_CR15","unstructured":"Google. OSS-Fuzz: Continuous fuzzing for open source software (2020). https:\/\/github.com\/google\/oss-fuzz"},{"key":"19_CR16","unstructured":"Google. Project Wycheproof (2020). https:\/\/github.com\/google\/wycheproof"},{"key":"19_CR17","unstructured":"Hax Team. Hax: A Rust verification toolchain for security-critical software (2023). https:\/\/github.com\/hax-rust\/hax"},{"key":"19_CR18","doi-asserted-by":"crossref","unstructured":"Hwang, V.: Formal verification of emulated floating-point arithmetic in Falcon. In: Advances in Information and Computer Security \u2014 IWSEC 2024. Springer (2024)","DOI":"10.1007\/978-981-97-7737-2_7"},{"key":"19_CR19","doi-asserted-by":"crossref","unstructured":"Jero, S., Pacheco, M.L., Goldwasser, D., Nita-Rotaru, C.: Leveraging textual specifications for grammar-based fuzzing of network protocols. In: 31st Conference on Innovative Applications of Artificial Intelligence (IAAI 2019), pp. 9478\u20139483. AAAI Press (2019)","DOI":"10.1609\/aaai.v33i01.33019478"},{"key":"19_CR20","unstructured":"Kasak, D.: Rust vs. C: a performance comparison in systems programming. Blog post (2018). https:\/\/deniskasak.github.io\/rust-vs-c-perf"},{"key":"19_CR21","doi-asserted-by":"crossref","unstructured":"Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Advances in Cryptology \u2014 CRYPTO 1996, pp. 104\u2013113. Springer (1996)","DOI":"10.1007\/3-540-68697-5_9"},{"key":"19_CR22","doi-asserted-by":"crossref","unstructured":"Lazar, D., Chen, H., Wang, X., Zeldovich, N.: Why does cryptographic software fail? A case study and open problems. In: 5th Asia-Pacific Workshop on Systems (APSys 2014), pp. 7:1\u20137:7. ACM (2014)","DOI":"10.1145\/2637166.2637237"},{"key":"19_CR23","unstructured":"Libcrux Team. Libcrux: A formally verified cryptographic library for Rust (2023). https:\/\/github.com\/cryspen\/libcrux"},{"key":"19_CR24","unstructured":"McConnell, S.: Code Complete, 2nd edn. Microsoft Press (2004)"},{"issue":"3","key":"19_CR25","doi-asserted-by":"publisher","first-page":"870","DOI":"10.1109\/TR.2018.2847247","volume":"67","author":"N Mouha","year":"2018","unstructured":"Mouha, N., Raunak, M.S., Kuhn, D.R., Kacker, R.: Finding bugs in cryptographic hash function implementations. IEEE Trans. Reliab. 67(3), 870\u2013884 (2018)","journal-title":"IEEE Trans. Reliab."},{"key":"19_CR26","unstructured":"National Security Agency. Software memory safety. Cybersecurity information sheet, NSA (2022). https:\/\/media.defense.gov\/2022\/Nov\/10\/2003112742\/-1\/-1\/0\/CSI_SOFTWARE_MEMORY_SAFETY.PDF"},{"key":"19_CR27","unstructured":"Rukhin, A., Soto, J., Nechvatal, J., et al.: A statistical test suite for random and pseudorandom number generators for cryptographic applications. Special Publication 800-22, National Institute of Standards and Technology (NIST) (2010)"},{"key":"19_CR28","unstructured":"Seaborn, T.: Performance analysis of RustCrypto: AES implementations in Rust vs. C (2019). https:\/\/rustcrypto.org\/performance"},{"key":"19_CR29","unstructured":"Smith, B.: Ring: Safe, fast, small crypto using Rust (2023). https:\/\/briansmith.org\/rustdoc\/ring\/"},{"key":"19_CR30","unstructured":"Steinbach, M.: Wycheproof-C: A C cryptographic test suite (2025). https:\/\/github.com\/mattc-try\/wycheproof-c\/"},{"key":"19_CR31","unstructured":"Vranken, G.: Differential fuzzing of cryptographic libraries (2019). https:\/\/archive.is\/https:\/\/guidovranken.com\/2019\/05\/14\/differential-fuzzing-of-cryptographic-libraries\/"},{"key":"19_CR32","unstructured":"Weinmann, R.-P.: Assessing and exploiting bignum vulnerabilities. BlackHat 2015 (2015). https:\/\/comsecuris.com\/slides\/slides-bignum-bhus2015.pdf"},{"key":"19_CR33","unstructured":"Zalewski, M.: Technical whitepaper for AFL-fuzz (2014). https:\/\/lcamtuf.coredump.cx\/afl\/technical_details.txt"},{"issue":"2","key":"19_CR34","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1109\/MSP.2009.56","volume":"7","author":"M Zhivich","year":"2009","unstructured":"Zhivich, M., Cunningham, R.K.: The real cost of software errors. IEEE Secur. Priv. 7(2), 87\u201390 (2009)","journal-title":"IEEE Secur. Priv."}],"container-title":["Lecture Notes in Computer Science","Security, Privacy, and Applied Cryptography Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-16342-4_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T08:58:07Z","timestamp":1770800287000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-16342-4_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9783032163417","9783032163424"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-16342-4_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"12 February 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SPACE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security, Privacy, and Applied Cryptography Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Guwahati","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 December 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 December 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"space2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/event.iitg.ac.in\/space2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}