{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T21:41:46Z","timestamp":1762033306858},"reference-count":33,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2015,8,7]],"date-time":"2015-08-07T00:00:00Z","timestamp":1438905600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2016,10]]},"DOI":"10.1007\/s00145-015-9209-1","type":"journal-article","created":{"date-parts":[[2015,8,6]],"date-time":"2015-08-06T21:09:58Z","timestamp":1438895398000},"page":"775-805","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Bug Attacks"],"prefix":"10.1007","volume":"29","author":[{"given":"Eli","family":"Biham","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yaniv","family":"Carmeli","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Adi","family":"Shamir","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,8,7]]},"reference":[{"key":"9209_CR1","unstructured":"AMD, Linux Kernel Issue with Systems Using AGP Graphics\u2014Application Note, August 2002. \n http:\/\/www.amd.com\/us-en\/assets\/content_type\/white_papers_and_tech_docs\/26698.pdf"},{"key":"9209_CR2","unstructured":"J.\u00a0Appelbaum, J.\u00a0Horchert, C.\u00a0St\u00f6cker, Shopping for Spy Gear: Catalog Advertises NSA Toolbox, Der Spiegel, 29 December 2013. Online edition: \n http:\/\/www.spiegel.de\/international\/world\/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html"},{"key":"9209_CR3","unstructured":"A.D.\u00a0Balsa, The Cyrix 6x86 Coma Bug. \n http:\/\/www.tux.org\/~balsa\/linux\/cyrix\/index.html"},{"key":"9209_CR4","doi-asserted-by":"crossref","unstructured":"M.\u00a0Bellare and P.\u00a0Rogaway, Optimal Asymmetric Encryption\u2014How to Encrypt with RSA (Extended Abstract), Advances in Cryptology, Proceedings of EUROCRYPT\u201994, LNCS\u00a0950 (Springer, Berlin, 1995), pp.\u00a092\u2013111","DOI":"10.1007\/BFb0053428"},{"key":"9209_CR5","doi-asserted-by":"crossref","unstructured":"E.\u00a0Biham, Y.\u00a0Carmeli, A.\u00a0Shamir, Bug attacks, in Advances in Cryptology, Proceedings of CRYPTO\u201908, LNCS\u00a05157 (Springer, Berlin, 2008) pp.\u00a0221\u2013240.","DOI":"10.1007\/978-3-540-85174-5_13"},{"key":"9209_CR6","doi-asserted-by":"crossref","unstructured":"J.\u00a0Black, S.\u00a0Halevi, H.\u00a0Krawczyk, T.\u00a0Krovetz, P.\u00a0Rogaway, UMAC: fast and secure message authentication, in Advances in Cryptology, Proceedings of CRYPTO\u201999, LNCS\u00a01666 (Springer, Berlin, 1999) pp.\u00a0215\u2013233.","DOI":"10.1007\/3-540-48405-1_14"},{"key":"9209_CR7","doi-asserted-by":"crossref","unstructured":"M.\u00a0Boesgaard, M.\u00a0Vesterager, T.\u00a0Pedersen, J.\u00a0Christiansen, O.\u00a0Scavenius, Rabbit: a new high performance stream cipher, in Proceedings of Fast Software Encryption 10, LNCS 2887 (Springer, Berlin, 2004) pp.\u00a0307\u2013329.","DOI":"10.1007\/978-3-540-39887-5_23"},{"key":"9209_CR8","doi-asserted-by":"crossref","unstructured":"D.\u00a0Boneh, R.A.\u00a0DeMillo, R.J.\u00a0Lipton, On the importance of checking cryptographic protocols for faults, in Advances in Cryptology, Proceedings of EUROCRYPT\u201997, LNCS\u00a01233 (Springer, Berlin, 1997) pp.\u00a037\u201351.","DOI":"10.1007\/3-540-69053-0_4"},{"key":"9209_CR9","unstructured":"C.\u00a0Burwick, D.\u00a0Coppersmith, E.\u00a0D\u2019Avignon, R.\u00a0Gennaro, S.\u00a0Halevi, C.\u00a0Jutla, S.M.\u00a0Matyas Jr., L.\u00a0O\u2019Connor, M.\u00a0Peyravian, D.\u00a0Safford, N.\u00a0Zunic, MARS: a candidate cipher for AES, in AES\u2014The First Advanced Encryption Standard Candidate Conference, Conference Proceedings, 1998."},{"key":"9209_CR10","doi-asserted-by":"crossref","unstructured":"D.\u00a0Chaum, Blind signatures for untraceable payments, in Advances in Cryptology, Proceedings of CRYPTO\u201982 (Plenum Press, Berlin, 1983) pp.\u00a0199\u2013203.","DOI":"10.1007\/978-1-4757-0602-4_18"},{"key":"9209_CR11","unstructured":"R.R.\u00a0Collins, Inside the Pentium II Math Bug, Dr. Dobb\u2019s Portal, August 1997. \n http:\/\/www.ddj.com\/184410254"},{"issue":"4","key":"9209_CR12","doi-asserted-by":"publisher","first-page":"469","DOI":"10.1109\/TIT.1985.1057074","volume":"31","author":"T ElGamal","year":"1985","unstructured":"T.\u00a0ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31(4), 469\u2013472 (1985).","journal-title":"IEEE Trans. Inf. Theory"},{"key":"9209_CR13","unstructured":"H.\u00a0Gilbert, M.\u00a0Girault, P.\u00a0Hoogvorst, F.\u00a0Noilhan, T.\u00a0Pornin, G.\u00a0Poupard, J.\u00a0Stern, S.\u00a0Vaudenay, Decorrelated fast cipher: an AES candidate, in AES\u2014The First Advanced Encryption Standard Candidate Conference, Conference Proceedings, 1998."},{"key":"9209_CR14","unstructured":"T.R.\u00a0Halfhill, The truth behind the Pentium bug, in BYTE Magazine, March 1995. \n http:\/\/www.byte.com\/art\/9503\/sec13\/art1.htm"},{"key":"9209_CR15","unstructured":"Intel, FDIV Replacement Program\u2014Statistical Analysis of Floating Point Flaw: Intel White Paper, July 2004. \n http:\/\/support.intel.com\/support\/processors\/pentium\/sb\/CS-013007.htm"},{"key":"9209_CR16","unstructured":"Intel, Intel\n \n \n \n \n $${\\textregistered }\\,Core^{TM}$$\n \n \n \n \u00ae\n \n C\n o\n r\n \n e\n \n T\n M\n \n \n \n \n \n \n 2 Duo Processor E8000 and E7000 Series, July 2004. \n http:\/\/www.intel.com\/design\/processor\/specupdt\/318733.pdf"},{"key":"9209_CR17","unstructured":"Intel, Intel\n \n \n \n \n $$\\textregistered $$\n \n \n \u00ae\n \n \n \u00a0Processor\u2014Invalid Instruction Erratum Overview, November 1997. \n http:\/\/www.intel.com\/support\/processors\/pentium\/ppiie\/"},{"key":"9209_CR18","doi-asserted-by":"crossref","unstructured":"X.\u00a0Lai and J.L.\u00a0Massey and S.\u00a0Murphy, Markov ciphers and differential cryptanalysis, in Advances in Cryptology, Proceedings of EUROCRYPT\u201991, LNCS\u00a0547 (Springer, Berlin, 1992) pp.\u00a017\u201338.","DOI":"10.1007\/3-540-46416-6_2"},{"key":"9209_CR19","unstructured":"A.J.\u00a0Menezes, P.C.\u00a0van Oorschot and S.A.\u00a0Vanstone, Handbook of Applied Cryptography (CRC Press, Boca Raton, 1996)."},{"key":"9209_CR20","unstructured":"S.\u00a0Mueller Upgrading and Repairing PCs, Eighth edition, Que Publishing, 1998. \n http:\/\/www.informit.com\/content\/downloads\/que\/upgrading\/fourteenth_edition\/DVD\/PCs8th.pdf"},{"key":"9209_CR21","unstructured":"L.\u00a0Osterman, Remembering Old CPU Bugs, Larry Osterman\u2019s WebLog, February, 2007. \n http:\/\/blogs.msdn.com\/larryosterman\/archive\/2007\/02\/06\/remembering-old-cpu-bugs.aspx"},{"issue":"1","key":"9209_CR22","doi-asserted-by":"publisher","first-page":"106","DOI":"10.1109\/TIT.1978.1055817","volume":"24","author":"SC Pohlig","year":"1978","unstructured":"S.C.\u00a0Pohlig, M.E.\u00a0Hellman, An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Trans. Inf. Theory 24(1), 106\u2013111 (1978).","journal-title":"IEEE Trans. Inf. Theory"},{"key":"9209_CR23","unstructured":"R.L.\u00a0Rivest, M.J.B.\u00a0Robshaw, R.\u00a0Sidney, and Y.L.\u00a0Yin, The RC6 block cipher, in AES\u2014The First Advanced Encryption Standard Candidate Conference, Conference Proceedings, 1998."},{"issue":"2","key":"9209_CR24","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1145\/359340.359342","volume":"21","author":"RL Rivest","year":"1978","unstructured":"R.L.\u00a0Rivest, A.\u00a0Shamir, L.\u00a0Adleman, A method for obtaining digital signatures and public-key cryptosystems. Commun. of the ACM 21(2), 120\u2013126 (1978).","journal-title":"Commun. ACM"},{"key":"9209_CR25","unstructured":"B.\u00a0Screamer, Microsoft\u2019s Digital Rights Management Scheme\u2014Technical Details, October 2001. \n http:\/\/cryptome.org\/ms-drm.htm"},{"issue":"3","key":"9209_CR26","first-page":"1","volume":"1","author":"A Shamir","year":"1995","unstructured":"A.\u00a0Shamir, RSA for paranoids. CryptoBytes 1(3), 1\u20134 (1995).","journal-title":"CryptoBytes"},{"key":"9209_CR27","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1007\/978-1-4684-6686-7_5","volume-title":"The Mathematical Gardner","author":"A Shamir","year":"1981","unstructured":"A.\u00a0Shamir, R.L.\u00a0Rivest, L.M.\u00a0Adleman, Mental poker, in D.A.\u00a0Klarner (ed.), The Mathematical Gardner (Wadsworth, Belmont, 1981) pp. 37\u201343."},{"key":"9209_CR28","doi-asserted-by":"crossref","unstructured":"V.\u00a0Shoup, OAEP Reconsidered (Extended Abstract), Advances in Cryptology, Proceedings of CRYPTO 2001, LNCS\u00a02139 (Springer, Berlin, 2001) pp.\u00a0239\u2013259.","DOI":"10.1007\/3-540-44647-8_15"},{"key":"9209_CR29","unstructured":"S. Staff, Inside TAO: Documents Reveal Top NSA Hacking Unit, Der Spiegel, 29 December 2013. Online edition: \n http:\/\/www.spiegel.de\/international\/world\/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-3.html"},{"key":"9209_CR30","unstructured":"U.S.D. of Defense, Defense Science Board Tas Force on High Performance Microchip Supply, February 2005. \n http:\/\/www.acq.osd.mil\/dsb\/reports\/2005-02-HPMS_Report_Final.pdf"},{"key":"9209_CR31","unstructured":"Theo Valich, AMD delays Phenom 2.4 GHz due to TLB errata in The Inquirer, November 2007. \n http:\/\/www.theinquirer.net\/gb\/inquirer\/news\/2007\/11\/18\/amd-delays-phenom-ghz-due-tlb"},{"key":"9209_CR32","unstructured":"A.\u00a0Warner Machado, The Nimbus cipher: a proposal for NESSIE, in NESSIE Proposal, September 2000."},{"key":"9209_CR33","unstructured":"Wikipedia, MOS Technology 6502. \n http:\/\/en.wikipedia.org\/wiki\/MOS_Technology_6502"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-015-9209-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-015-9209-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-015-9209-1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-015-9209-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,8]],"date-time":"2020-04-08T08:12:13Z","timestamp":1586333533000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-015-9209-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,8,7]]},"references-count":33,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2016,10]]}},"alternative-id":["9209"],"URL":"https:\/\/doi.org\/10.1007\/s00145-015-9209-1","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015,8,7]]},"assertion":[{"value":"13 April 2012","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"7 August 2015","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}