{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T02:12:51Z","timestamp":1775873571052,"version":"3.50.1"},"reference-count":82,"publisher":"IEEE","license":[{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-009"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-001"}],"funder":[{"DOI":"10.13039\/100016311","name":"Arm","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100016311","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,5]]},"DOI":"10.1109\/sp46214.2022.9833713","type":"proceedings-article","created":{"date-parts":[[2022,7,27]],"date-time":"2022-07-27T19:28:05Z","timestamp":1658950085000},"page":"632-649","source":"Crossref","is-referenced-by-count":28,"title":["\u201cThey\u2019re not that hard to mitigate\u201d: What Cryptographic Library Developers Think About Timing Attacks"],"prefix":"10.1109","author":[{"given":"Jan","family":"Jancar","sequence":"first","affiliation":[{"name":"Masaryk University,Brno,Czech Republic"}]},{"given":"Marcel","family":"Fourn\u00e9","sequence":"additional","affiliation":[{"name":"MPI-SP,Bochum,Germany"}]},{"given":"Daniel De Almeida","family":"Braga","sequence":"additional","affiliation":[{"name":"Rennes University, CNRS, IRISA,Rennes,France"}]},{"given":"Mohamed","family":"Sabt","sequence":"additional","affiliation":[{"name":"Rennes University, CNRS, IRISA,Rennes,France"}]},{"given":"Peter","family":"Schwabe","sequence":"additional","affiliation":[{"name":"MPI-SP,Bochum,Germany"}]},{"given":"Gilles","family":"Barthe","sequence":"additional","affiliation":[{"name":"MPI-SP,Bochum,Germany"}]},{"given":"Pierre-Alain","family":"Fouque","sequence":"additional","affiliation":[{"name":"Rennes University, CNRS, IRISA,Rennes,France"}]},{"given":"Yasemin","family":"Acar","sequence":"additional","affiliation":[{"name":"The George Washington University,Washington,D.C.,USA"}]}],"member":"263","reference":[{"key":"ref13","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/11605805_1","article-title":"Cache attacks and counter-measures: the case of AES","volume":"3860","author":"osvik","year":"2006","journal-title":"Topics in Cryptology – CT-RSA 2006"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2012.24"},{"key":"ref12","article-title":"Cache-timing attacks on AES","author":"bernstein","year":"2005"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1109\/TCAD.2018.2858402"},{"key":"ref15","doi-asserted-by":"crossref","first-page":"355","DOI":"10.1007\/978-3-642-23822-2_20","article-title":"Remote timing attacks are still practical","volume":"6879","author":"brumley","year":"2011","journal-title":"Computer Security–ESORICS 2011 ser LNCS"},{"key":"ref59","first-page":"249","article-title":"A systematic evaluation of transient execution attacks and defenses","author":"canella","year":"2019","journal-title":"28th USENIX Security Symposium USENIX Security 2019 Santa Clara CA USA August 14-16 2019"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45146-4_34"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134612"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1145\/3213846.3213851"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660283"},{"key":"ref11","doi-asserted-by":"crossref","first-page":"62","DOI":"10.1007\/978-3-540-45238-6_6","article-title":"Cryptanalysis of DES implemented on computers with cache","volume":"2779","author":"tsunoo","year":"2003","journal-title":"Cryptographic Hardware and Embedded Systems – CHES 2003"},{"key":"ref55","year":"0","journal-title":"UCSD PLSysSec pitchfork-angr"},{"key":"ref10","first-page":"803","article-title":"Cryptanalysis of block ciphers implemented on computers with cache","author":"tsunoo","year":"2002","journal-title":"Proceedings of the International Symposium on Information Theory and Its Applications ISITA 2002"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484583"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-49890-3_24"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.42"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-017-0152-y"},{"key":"ref18","article-title":"Technologies to improve platform security","author":"brickell","year":"2011","journal-title":"Invited talk at CHES 2011"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134058"},{"key":"ref50","first-page":"215","article-title":"Sidetrail: Verifying time-balancing of cryptosystems","volume":"11294","author":"athanasiou","year":"2018","journal-title":"Verified Software Theories Tools and Experiments - 10th International Conference VSTTE 2018 Oxford UK July 18-19 2018 Revised Selected Papers ser LNCS"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1145\/3290390"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-54110-4_20"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1145\/2892208.2892230"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1145\/3314221.3314605"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1016\/j.scico.2011.10.008"},{"key":"ref41","author":"cuoq","year":"0","journal-title":"tis-ct"},{"key":"ref44","first-page":"431","article-title":"Cacheaudit: A tool for the static analysis of cache side channels","author":"doychev","year":"2013","journal-title":"Proceedings of the 22th USENIX Security Symposium Washington DC USA August 14-16 2013"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/3062341.3062378"},{"key":"ref49","first-page":"564","article-title":"Automatic quantification of cache side-channels","volume":"7358","author":"k\u00f6pf","year":"2012","journal-title":"Computer Aided Verification 24th International Conference CAV 2012 Berkeley CA USA July 7-13 2012 Proceedings ser LNCS"},{"key":"ref8","first-page":"1393","article-title":"SoK: Computer-aided cryptography","volume":"2019","author":"barbosa","year":"2019","journal-title":"IACR Cryptol ePrint Arch"},{"key":"ref7","author":"jancar","year":"2021","journal-title":"The state of tooling for verifying constant-timeness of cryptographic implementations"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00002"},{"key":"ref4","article-title":"Submission requirements and evaluation criteria for the post-quantum cryptography standardization process","year":"2016"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382230"},{"key":"ref6","author":"langley","year":"2010","journal-title":"ctgrind"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-64357-7_3"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1007\/11792086_36"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427295"},{"key":"ref40","author":"neikes","year":"0","journal-title":"Timecop"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00031"},{"key":"ref35","first-page":"1767","article-title":"Big numbers - big troubles: Systematically analyzing nonce leakage in (EC)DSA implementations","author":"weiser","year":"2020","journal-title":"29th USENIX Security Symposium USENIX Security 2020 August 12-14 2020"},{"key":"ref79","article-title":"ebacs: Ecrypt benchmarking of cryptographic systems","year":"2009"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/ICST46399.2020.00063"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1109\/FOSE.2007.25"},{"key":"ref37","year":"0","journal-title":"UCSD PLSysSec haybale-pitchfork"},{"key":"ref36","first-page":"603","article-title":"DATA differential address trace analysis: Finding address-based side-channels in binaries","author":"weiser","year":"2018","journal-title":"27th USENIX Security Symposium USENIX Security 2018 Baltimore MD USA August 15-17 2018"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66402-6_16"},{"key":"ref75","volume":"350","author":"conover","year":"1998","journal-title":"Practical Nonparametric Statistics"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00074"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1145\/3359174"},{"key":"ref33","first-page":"27","article-title":"Symbolic path cost analysis for side-channel detection","author":"brennan","year":"2018","journal-title":"Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis ISSTA 2018 Amsterdam The Netherlands July 16-21 2018"},{"key":"ref77","first-page":"1767","article-title":"Big numbers big troubles: Systematically analyzing nonce leakage in (ec)dsa implementations","author":"weiser","year":"2020","journal-title":"29th USENIX Security Symposium (USENIX Security 20)"},{"key":"ref32","first-page":"235","article-title":"Cached: Identifying cache-based timing channels in production software","author":"wang","year":"2017","journal-title":"26th USENIX Security Symposium USENIX Security 2017 Vancouver BC Canada August 16-18 2017"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1111\/j.2517-6161.1995.tb02031.x"},{"key":"ref2","article-title":"Remote timing attacks are practical","author":"brumley","year":"2003","journal-title":"SSYM’03 Proceedings of the 12th conference on USENIX Security Symposium Volume 12"},{"key":"ref1","doi-asserted-by":"crossref","first-page":"104","DOI":"10.1007\/3-540-68697-5_9","article-title":"Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems","volume":"1109","author":"kocher","year":"1996","journal-title":"Advances in Cryptology -CRYPTO LNCS"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274741"},{"key":"ref38","year":"0","journal-title":"MemorySanitizer"},{"key":"ref71","article-title":"Towards making formal methods normal: meeting developers where they are","author":"reid","year":"2020","journal-title":"arXiv preprint arXiv 2010 16196"},{"key":"ref70","first-page":"357","article-title":"we make it a big deal in the company”: Security mindsets in organizations that develop cryptographic products","author":"haney","year":"2018","journal-title":"Fourteenth Symposium on Usable Privacy and Security ( SOUPS 2018)"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1191\/1478088706qp063oa"},{"key":"ref72","author":"willis","year":"2004","journal-title":"Cognitive interviewing A tool for improving questionnaire design"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363223"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2017.8115707"},{"key":"ref23","article-title":"To BLISS-B or not to be - attacking strongSwan’s implementation of post-quantum signatures","author":"pessl","year":"0","journal-title":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security CCS’l7"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.52"},{"key":"ref26","article-title":"A practicable timing attack against HQC and its countermeasure","author":"wafo-tapa","year":"2020","journal-title":"Advances in Computational Mathematics"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-38471-5_22"},{"key":"ref69","article-title":"Crysl: An extensible approach to validating the correct usage of cryptographic apis","author":"kr\u00fcger","year":"2019","journal-title":"IEEE Transactions on Software Engineering"},{"key":"ref20","doi-asserted-by":"crossref","first-page":"573","DOI":"10.1007\/978-3-319-48965-0_36","article-title":"When constant-time source yields variable-time binary: Exploiting curve25519-donna built with MSVC 2015","volume":"10052","author":"kaufmann","year":"2016","journal-title":"Cryptology and Network Security Ser LNCS"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134043"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00114"},{"key":"ref22","doi-asserted-by":"crossref","first-page":"323","DOI":"10.1007\/978-3-662-53140-2_16","article-title":"Flush, Gauss, and Reload – a cache attack on the BLISS lattice-based signature scheme","volume":"9813","author":"bruinderink","year":"2016","journal-title":"Cryptographic Hardware and Embedded Systems – CHES 2016 ser LNCS"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134078"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2020.i4.281-308"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00028"},{"key":"ref28","article-title":"Time Trial: Racing Towards Practical Remote Timing Attacks","author":"mayer","year":"2014","journal-title":"NCC Group"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-56880-1_13"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.23919\/DATE.2017.7927267"},{"key":"ref60","article-title":"SoK: Practical foundations for spectre defenses","volume":"abs 2105 5801","author":"cauligi","year":"2021","journal-title":"CoRR"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1145\/3385412.3385970"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00011"}],"event":{"name":"2022 IEEE Symposium on Security and Privacy (SP)","location":"San Francisco, CA, USA","start":{"date-parts":[[2022,5,22]]},"end":{"date-parts":[[2022,5,26]]}},"container-title":["2022 IEEE Symposium on Security and Privacy (SP)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9833550\/9833558\/09833713.pdf?arnumber=9833713","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,11,8]],"date-time":"2023-11-08T23:17:49Z","timestamp":1699485469000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9833713\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5]]},"references-count":82,"URL":"https:\/\/doi.org\/10.1109\/sp46214.2022.9833713","relation":{},"subject":[],"published":{"date-parts":[[2022,5]]}}}