{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T15:34:44Z","timestamp":1772724884907,"version":"3.50.1"},"reference-count":70,"publisher":"IEEE","license":[{"start":{"date-parts":[[2023,5,1]],"date-time":"2023-05-01T00:00:00Z","timestamp":1682899200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-009"},{"start":{"date-parts":[[2023,5,1]],"date-time":"2023-05-01T00:00:00Z","timestamp":1682899200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-001"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,5]]},"DOI":"10.1109\/sp46215.2023.10179450","type":"proceedings-article","created":{"date-parts":[[2023,7,21]],"date-time":"2023-07-21T17:18:15Z","timestamp":1689959895000},"page":"1719-1736","source":"Crossref","is-referenced-by-count":16,"title":["Jolt: Recovering TLS Signing Keys via Rowhammer Faults"],"prefix":"10.1109","author":[{"given":"Koksal","family":"Mus","sequence":"first","affiliation":[{"name":"Worcester Polytechnic Institute,Worcester,MA,USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yark\u0131n","family":"Dor\u00f6z","sequence":"additional","affiliation":[{"name":"Worcester Polytechnic Institute,Worcester,MA,USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"M. Caner","family":"Tol","sequence":"additional","affiliation":[{"name":"Worcester Polytechnic Institute,Worcester,MA,USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kristi","family":"Rahman","sequence":"additional","affiliation":[{"name":"Worcester Polytechnic Institute,Worcester,MA,USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Berk","family":"Sunar","sequence":"additional","affiliation":[{"name":"Worcester Polytechnic Institute,Worcester,MA,USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","first-page":"755","article-title":"they\u2019re not that hard to mitigate\u201d: What cryptographic library developers think about timing attacks","volume-title":"2022 2022 IEEE Symposium on Security and Privacy (SP) (SP)","author":"Jancar"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417268"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-68697-5_11"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-36095-4_19"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-002-0021-3"},{"key":"ref6","article-title":"TPM-FAIL: TPM meets Timing and Lattice Attacks","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Moghimi"},{"issue":"1","key":"ref7","first-page":"146","article-title":"Return of the hidden number problem.: A widespread and novel key extraction attack on ecdsa and dsa","volume-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems","volume":"2019","author":"Ryan","year":"2018"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354197"},{"key":"ref9","article-title":"Big numbers - big troubles: Systematically analyzing nonce leakage in (ec)dsa implementations","volume-title":"USENIX Security Symposium","author":"Weiser"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1007\/s001450010016"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30580-4_3"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2009.38"},{"key":"ref13","first-page":"821","article-title":"Side-channel assisted existential forgery attack on Dilithium-A NIST PQC candidate","volume":"2018","author":"Ravi","year":"2018","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-76953-0_18"},{"key":"ref15","article-title":"Factoring rsa keys with tls perfect forward secrecy","volume-title":"Red Hat Technical Report","author":"Weimer","year":"2015"},{"key":"ref16","first-page":"233","article-title":"Open to a fault: On the passive compromise of TLS keys via transient errors","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Sullivan"},{"key":"ref17","first-page":"1","article-title":"Flip feng shui: Hammering a needle in the software stack","volume-title":"25th USENIX Security Symposium (USENIX Security 16)","author":"Razavi"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2020.i3.169-195"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2018.00031"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417272"},{"key":"ref21","article-title":"A signature correction attack on the post-quantum scheme dilithium","volume-title":"Proceedings of the IEEE European Workshop on Security and & Privacy","author":"Islam"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-45611-8_14"},{"issue":"3","key":"ref23","first-page":"331","article-title":"New bleichenbacher records: Fault attacks on qdsa signatures","volume-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems","volume":"2018","author":"Takahashi","year":"2018"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40349-1_25"},{"key":"ref25","first-page":"81","article-title":"On the generation of one-time keys in dl signature schemes","volume-title":"Presentation at IEEE P1363 working group meeting","author":"Bleichenbacher"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.62056\/ahjbksdja"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/2678373.2665726"},{"key":"ref28","first-page":"565","article-title":"DRAMA: Exploiting DRAM addressing for Cross-CPU attacks","volume-title":"25th USENIX Security Symposium (USENIX Security 16)","author":"Pessl"},{"key":"ref29","first-page":"71","article-title":"Exploiting the dram rowhammer bug to gain kernel privileges","volume":"15","author":"Seaborn","year":"2015","journal-title":"Black Hat"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00031"},{"key":"ref31","first-page":"300","article-title":"Rowhammer. js: A remote software-induced fault attack in javascript","volume-title":"International conference on detection of intrusions and malware, and vulnerability assessment","author":"Gruss"},{"key":"ref32","first-page":"1001","article-title":"SMASH: Synchronized many-sided rowhammer attacks from JavaScript","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"de Ridder"},{"key":"ref33","first-page":"213","article-title":"Throwhammer: Rowhammer attacks over the network and defenses","volume-title":"2018 USENIX Annual Technical Conference (USENIX ATC 18)","author":"Tatar"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW51379.2020.00102"},{"key":"ref35","first-page":"19","article-title":"One bit flips, one cloud flops:{Cross-VM} row hammer attacks and privilege escalation","volume-title":"25th USENIX security symposium (USENIX Security 16)","author":"Xiao"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00085"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978406"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00020"},{"key":"ref39","article-title":"Toward realistic backdoor injection attacks on dnns using rowhammer","author":"Tol","year":"2021"},{"key":"ref40","first-page":"1196","article-title":"MASCAT: Stopping microarchitectural attacks before execution","volume":"2016","author":"Irazoqui","year":"2016","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2016.09.014"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45719-2_6"},{"key":"ref43","article-title":"These are not your grand Daddys cpu performance counters\u2013cpu hardware performance counters for security","author":"Herath","year":"2015","journal-title":"Black Hat Briefings"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-30806-7_9"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-40667-1_14"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1145\/2954679.2872390"},{"key":"ref47","volume-title":"Defending against Rowhammer in the kernel","author":"Corbet","year":"2016"},{"key":"ref48","first-page":"117","article-title":"CAn\u2019t touch this: Software-only mitigation against rowhammer attacks targeting kernel memory","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Brasser"},{"key":"ref49","volume-title":"Low Power Double Data Rate 4 (LPDDR4)","year":"2020"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/LCA.2014.2332177"},{"key":"ref51","article-title":"Armor: A run-time memory hot-row detector","author":"Ghasempour","year":"2015"},{"key":"ref52","volume-title":"IBM Chipkill Memory: Advanced ECC memory for the IBM Netfinity 7000 M10","year":"2019"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00089"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00090"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833772"},{"key":"ref56","article-title":"Rowhammer.js: A remote software-induced fault attack in javascript","volume-title":"CoRR","volume":"abs\/1507.06955","author":"Gruss","year":"2015"},{"key":"ref57","first-page":"621","article-title":"SPOILER: Speculative load hazards boost rowhammer and cache attacks","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Islam"},{"key":"ref58","volume-title":"Understanding the Linux Kernel: from I\/O ports to process management.","author":"Bovet","year":"2005"},{"key":"ref59","article-title":"J. ju nger, s. o\u2019connell, w. schoechl, and y. yarom,\u201danother flip in the wall of rowhammer defenses,\"","author":"Gruss","year":"2017"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.26599\/TST.2018.9010134"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_3"},{"key":"ref62","first-page":"913","article-title":"A placement vulnerability study in multi-tenant public clouds","volume-title":"24th {USENIX} Security Symposium (USENIX Security 15)","author":"Varadarajan"},{"key":"ref63","first-page":"929","article-title":"A measurement study on co-residence threat inside the cloud","volume-title":"24th {USENIX} Security Symposium (USENIX Security 15)","author":"Xu"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-50011-9_28"},{"key":"ref65","article-title":"Seriously, get off my cloud! cross-vm rsa key recovery in a public cloud","author":"Inci","year":"2015","journal-title":"Cryptology ePrint Archive"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00089"},{"key":"ref67","article-title":"Half-double: Hammering from the next row over","volume-title":"31st USENIX Security Symposium: USENIX Security\u201922","author":"Kogler"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15031-9_28"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1007\/s102070100002"},{"key":"ref70","first-page":"186","article-title":"Digital signature standard (DSS)","author":"Kerry","year":"2013","journal-title":"FIPS PUB"}],"event":{"name":"2023 IEEE Symposium on Security and Privacy (SP)","location":"San Francisco, CA, USA","start":{"date-parts":[[2023,5,21]]},"end":{"date-parts":[[2023,5,25]]}},"container-title":["2023 IEEE Symposium on Security and Privacy (SP)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10179215\/10179280\/10179450.pdf?arnumber=10179450","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,21]],"date-time":"2024-07-21T04:19:55Z","timestamp":1721535595000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10179450\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5]]},"references-count":70,"URL":"https:\/\/doi.org\/10.1109\/sp46215.2023.10179450","relation":{},"subject":[],"published":{"date-parts":[[2023,5]]}}}