{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,19]],"date-time":"2026-06-19T07:06:50Z","timestamp":1781852810252,"version":"3.54.5"},"reference-count":238,"publisher":"Association for Computing Machinery (ACM)","issue":"6","license":[{"start":{"date-parts":[[2021,7,13]],"date-time":"2021-07-13T00:00:00Z","timestamp":1626134400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001459","name":"Ministry of Education - Singapore","doi-asserted-by":"publisher","award":["MoE AcRF Tier1 RS02\/19"],"award-info":[{"award-number":["MoE AcRF Tier1 RS02\/19"]}],"id":[{"id":"10.13039\/501100001459","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001321","name":"National Research Foundation","doi-asserted-by":"publisher","award":["NRF NCR CHFA-GC1-AW03"],"award-info":[{"award-number":["NRF NCR CHFA-GC1-AW03"]}],"id":[{"id":"10.13039\/501100001321","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2022,7,31]]},"abstract":"<jats:p>Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems. One popular type of such attacks is the microarchitectural attack, where the adversary exploits the hardware features to break the protection enforced by the operating system and steal the secrets from the program. In this article, we systematize microarchitectural side channels with a focus on attacks and defenses in cryptographic applications. We make three contributions. (1) We survey past research literature to categorize microarchitectural side-channel attacks. Since these are hardware attacks targeting software, we summarize the vulnerable implementations in software, as well as flawed designs in hardware. (2) We identify common strategies to mitigate microarchitectural attacks, from the application, OS, and hardware levels. (3) We conduct a large-scale evaluation on popular cryptographic applications in the real world and analyze the severity, practicality, and impact of side-channel vulnerabilities. This survey is expected to inspire side-channel research community to discover new attacks, and more importantly, propose new defense solutions against them.<\/jats:p>","DOI":"10.1145\/3456629","type":"journal-article","created":{"date-parts":[[2021,7,13]],"date-time":"2021-07-13T16:48:08Z","timestamp":1626194888000},"page":"1-37","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":110,"title":["A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks, and Defenses in Cryptography"],"prefix":"10.1145","volume":"54","author":[{"given":"Xiaoxuan","family":"Lou","sequence":"first","affiliation":[{"name":"Nanyang Technological University, Singapore"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Tianwei","family":"Zhang","sequence":"additional","affiliation":[{"name":"Nanyang Technological University, Singapore"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jun","family":"Jiang","sequence":"additional","affiliation":[{"name":"Two Sigma Investments, LP, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yinqian","family":"Zhang","sequence":"additional","affiliation":[{"name":"Southern University of Science and Technology, China"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2021,7,13]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314466.1314469"},{"key":"e_1_2_1_2_1","volume-title":"International Workshop on Cryptographic Hardware and Embedded Systems.","author":"Ac\u0131i\u00e7mez Onur","year":"2010","unstructured":"Onur Ac\u0131i\u00e7mez , Billy Bob Brumley , and Philipp Grabher . 2010 . New results on instruction cache attacks . In International Workshop on Cryptographic Hardware and Embedded Systems. Onur Ac\u0131i\u00e7mez, Billy Bob Brumley, and Philipp Grabher. 2010. New results on instruction cache attacks. In International Workshop on Cryptographic Hardware and Embedded Systems."},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-77272-9_12"},{"key":"e_1_2_1_4_1","volume-title":"RSA Conference.","author":"Ac\u0131i\u00e7mez Onur","year":"2007","unstructured":"Onur Ac\u0131i\u00e7mez , \u00c7etin Kaya Ko\u00e7 , and Jean-Pierre Seifert . 2007 . Predicting secret keys via branch prediction. In Cryptographers\u2019 Track at the RSA Conference. Onur Ac\u0131i\u00e7mez, \u00c7etin Kaya Ko\u00e7, and Jean-Pierre Seifert. 2007. Predicting secret keys via branch prediction. In Cryptographers\u2019 Track at the RSA Conference."},{"key":"e_1_2_1_5_1","volume-title":"RSA Conference.","author":"Ac\u0131i\u00e7mez Onur","year":"2007","unstructured":"Onur Ac\u0131i\u00e7mez , Werner Schindler , and \u00c7etin K. Ko\u00e7 . 2007 . Cache based remote timing attack on the AES. In Cryptographers\u2019 Track at the RSA Conference. Onur Ac\u0131i\u00e7mez, Werner Schindler, and \u00c7etin K. Ko\u00e7. 2007. Cache based remote timing attack on the AES. In Cryptographers\u2019 Track at the RSA Conference."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDTC.2007.4"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00066"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2019.i4.213-242"},{"key":"e_1_2_1_9_1","volume-title":"Conference on Computer Security Applications.","author":"Allan Thomas","unstructured":"Thomas Allan , Billy Bob Brumley , Katrina Falkner , Joop van de Pol, and Yuval Yarom. 2016. Amplifying side channels through performance degradation . In Conference on Computer Security Applications. Thomas Allan, Billy Bob Brumley, Katrina Falkner, Joop van de Pol, and Yuval Yarom. 2016. Amplifying side channels through performance degradation. In Conference on Computer Security Applications."},{"key":"e_1_2_1_10_1","volume-title":"USENIX Security Symposium.","author":"Almeida Jos\u00e9 Bacelar","year":"2016","unstructured":"Jos\u00e9 Bacelar Almeida , Manuel Barbosa , Gilles Barthe , Fran\u00e7ois Dupressoir , and Michael Emmi . 2016 . Verifying constant-time implementations . In USENIX Security Symposium. Jos\u00e9 Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Fran\u00e7ois Dupressoir, and Michael Emmi. 2016. Verifying constant-time implementations. In USENIX Security Symposium."},{"key":"e_1_2_1_11_1","volume-title":"Trustzone: Integrated hardware and software security. White paper","author":"Alves Tiago","year":"2004","unstructured":"Tiago Alves . 2004 . Trustzone: Integrated hardware and software security. White paper (2004). Tiago Alves. 2004. Trustzone: Integrated hardware and software security. White paper (2004)."},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.44"},{"key":"e_1_2_1_13_1","unstructured":"Roberto Maria Avanzi. 2005. Side channel attacks on implementations of curve-based cryptographic primitives.IACR Cryptology ePrint Archive. 17.  Roberto Maria Avanzi. 2005. Side channel attacks on implementations of curve-based cryptographic primitives.IACR Cryptology ePrint Archive. 17."},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660283"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-44709-3_5"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66787-4_27"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1002\/ett.3134"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-53140-2_29"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICROW.2012.13"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3023872"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66402-6_16"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/BFb0055716"},{"key":"e_1_2_1_24_1","volume-title":"Usenix Security Symposium.","author":"B\u00f6ck Hanno","year":"2018","unstructured":"Hanno B\u00f6ck , Juraj Somorovsky , and Craig Young . 2018 . Return of Bleichenbacher\u2019s oracle threat (ROBOT) . In Usenix Security Symposium. Hanno B\u00f6ck, Juraj Somorovsky, and Craig Young. 2018. Return of Bleichenbacher\u2019s oracle threat (ROBOT). In Usenix Security Symposium."},{"key":"e_1_2_1_25_1","volume-title":"USENIX Security Symposium.","author":"Bond Barry","year":"2017","unstructured":"Barry Bond , Chris Hawblitzel , Manos Kapritsos , K. Rustan M Leino , Jacob R. Lorch , Bryan Parno , Ashay Rane , Srinath Setty , and Laure Thompson . 2017 . Vale: Verifying high-performance cryptographic assembly code . In USENIX Security Symposium. Barry Bond, Chris Hawblitzel, Manos Kapritsos, K. Rustan M Leino, Jacob R. Lorch, Bryan Parno, Ashay Rane, Srinath Setty, and Laure Thompson. 2017. Vale: Verifying high-performance cryptographic assembly code. In USENIX Security Symposium."},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1007\/11894063_16"},{"key":"e_1_2_1_27_1","volume-title":"Conference on the Theory and Application of Cryptology.","author":"Bos Jurjen","year":"1989","unstructured":"Jurjen Bos and Matthijs Coster . 1989 . Addition chain heuristics . In Conference on the Theory and Application of Cryptology. Jurjen Bos and Matthijs Coster. 1989. Addition chain heuristics. In Conference on the Theory and Application of Cryptology."},{"key":"e_1_2_1_28_1","volume-title":"USENIX Workshop on Offensive Technologies.","author":"Brasser Ferdinand","year":"2017","unstructured":"Ferdinand Brasser , Urs M\u00fcller , Alexandra Dmitrienko , Kari Kostiainen , Srdjan Capkun , and Ahmad-Reza Sadeghi . 2017 . Software grand exposure: SGX cache attacks are practical . In USENIX Workshop on Offensive Technologies. Ferdinand Brasser, Urs M\u00fcller, Alexandra Dmitrienko, Kari Kostiainen, Srdjan Capkun, and Ahmad-Reza Sadeghi. 2017. Software grand exposure: SGX cache attacks are practical. In USENIX Workshop on Offensive Technologies."},{"key":"e_1_2_1_29_1","volume-title":"Robust and efficient elimination of cache and timing side channels. arXiv preprint arXiv:1506.00189","author":"Braun Benjamin A.","year":"2015","unstructured":"Benjamin A. Braun , Suman Jana , and Dan Boneh . 2015. Robust and efficient elimination of cache and timing side channels. arXiv preprint arXiv:1506.00189 ( 2015 ). Benjamin A. Braun, Suman Jana, and Dan Boneh. 2015. Robust and efficient elimination of cache and timing side channels. arXiv preprint arXiv:1506.00189 (2015)."},{"key":"e_1_2_1_30_1","unstructured":"Ernie Brickell Gary Graunke Michael Neve and Jean-Pierre Seifert. 2006. Software mitigations to hedge AES against cache-based software side channel vulnerabilities.IACR Cryptol. ePrint Arch. (2006) 52.  Ernie Brickell Gary Graunke Michael Neve and Jean-Pierre Seifert. 2006. Software mitigations to hedge AES against cache-based software side channel vulnerabilities.IACR Cryptol. ePrint Arch. (2006) 52."},{"key":"e_1_2_1_31_1","volume-title":"RSA Conference 2006 session DEV-203","author":"Brickell Ernie","year":"2006","unstructured":"Ernie Brickell , Gary Graunke , and Jean-Pierre Seifert . 2006 . Mitigating cache\/timing based side-channels in AES and RSA software implementations . In RSA Conference 2006 session DEV-203 . Ernie Brickell, Gary Graunke, and Jean-Pierre Seifert. 2006. Mitigating cache\/timing based side-channels in AES and RSA software implementations. In RSA Conference 2006 session DEV-203."},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.3390\/app9050944"},{"key":"e_1_2_1_33_1","volume-title":"USENIX Security Symposium.","author":"Briongos Samira","year":"2020","unstructured":"Samira Briongos , Pedro Malag\u00f3n , Jos\u00e9 M. Moya , and Thomas Eisenbarth . 2020 . RELOAD+ REFRESH: Abusing cache replacement policies to perform stealthy cache attacks . In USENIX Security Symposium. Samira Briongos, Pedro Malag\u00f3n, Jos\u00e9 M. Moya, and Thomas Eisenbarth. 2020. RELOAD+ REFRESH: Abusing cache replacement policies to perform stealthy cache attacks. In USENIX Security Symposium."},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-53140-2_16"},{"key":"e_1_2_1_35_1","volume-title":"International Conference on the Theory and Application of Cryptology and Information Security.","author":"Brumley Billy Bob","unstructured":"Billy Bob Brumley and Risto M. Hakala . 2009. Cache-timing template attacks . In International Conference on the Theory and Application of Cryptology and Information Security. Billy Bob Brumley and Risto M. Hakala. 2009. Cache-timing template attacks. In International Conference on the Theory and Application of Cryptology and Information Security."},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-17650-0_13"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23822-2_20"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.5555\/1090583.1648610"},{"key":"e_1_2_1_39_1","volume-title":"USENIX Security Symposium.","author":"Bulck Jo Van","year":"2018","unstructured":"Jo Van Bulck , Marina Minkin , Ofir Weisse , Daniel Genkin , Baris Kasikci , Frank Piessens , Mark Silberstein , Thomas F. Wenisch , Yuval Yarom , and Raoul Strackx . 2018 . Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution . In USENIX Security Symposium. Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In USENIX Security Symposium."},{"key":"e_1_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363219"},{"key":"e_1_2_1_41_1","volume-title":"USENIX Security Symposium.","author":"Canella Claudio","year":"2019","unstructured":"Claudio Canella , Jo Van Bulck , Michael Schwarz , Moritz Lipp , Benjamin Von Berg , Philipp Ortner , Frank Piessens , Dmitry Evtyushkin , and Daniel Gruss . 2019 . A systematic evaluation of transient execution attacks and defenses . In USENIX Security Symposium. Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin Von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, and Daniel Gruss. 2019. A systematic evaluation of transient execution attacks and defenses. In USENIX Security Symposium."},{"key":"e_1_2_1_43_1","volume-title":"IEEE European Symposium on Security and Privacy.","author":"Chen Guoxing","unstructured":"Guoxing Chen , Sanchuan Chen , Yuan Xiao , Yinqian Zhang , Zhiqiang Lin , and Ten H. Lai . 2019. SGXPECTRE: Stealing Intel secrets from SGX enclaves via speculative execution . In IEEE European Symposium on Security and Privacy. Guoxing Chen, Sanchuan Chen, Yuan Xiao, Yinqian Zhang, Zhiqiang Lin, and Ten H. Lai. 2019. SGXPECTRE: Stealing Intel secrets from SGX enclaves via speculative execution. In IEEE European Symposium on Security and Privacy."},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196501"},{"key":"e_1_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053007"},{"key":"e_1_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.asoc.2016.09.014"},{"key":"e_1_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.5555\/648252.752381"},{"key":"e_1_2_1_48_1","volume-title":"Intel SGX explained.IACR Cryptol. ePrint Arch","author":"Costan Victor","year":"2016","unstructured":"Victor Costan and Srinivas Devadas . 2016. Intel SGX explained.IACR Cryptol. ePrint Arch . 2016 , 86 (2016), 1\u2013118. Victor Costan and Srinivas Devadas. 2016. Intel SGX explained.IACR Cryptol. ePrint Arch. 2016, 86 (2016), 1\u2013118."},{"key":"e_1_2_1_49_1","volume-title":"USENIX Security Symposium.","author":"Costan Victor","year":"2016","unstructured":"Victor Costan , Ilia Lebedev , and Srinivas Devadas . 2016 . Sanctum: Minimal hardware extensions for strong software isolation . In USENIX Security Symposium. Victor Costan, Ilia Lebedev, and Srinivas Devadas. 2016. Sanctum: Minimal hardware extensions for strong software isolation. In USENIX Security Symposium."},{"key":"e_1_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23264"},{"key":"e_1_2_1_51_1","volume-title":"Thomas Eisenbarth, Daniel Genkin, Nadia Heninger, Ahmad Moghimi, and Yuval Yarom.","author":"Dall Fergus","year":"2018","unstructured":"Fergus Dall , Gabrielle De Micheli , Thomas Eisenbarth, Daniel Genkin, Nadia Heninger, Ahmad Moghimi, and Yuval Yarom. 2018 . Cachequote : Efficiently recovering long-term secrets of SGX EPID via cache attacks. 2018, 2 (2018), 171\u2013191. Fergus Dall, Gabrielle De Micheli, Thomas Eisenbarth, Daniel Genkin, Nadia Heninger, Ahmad Moghimi, and Yuval Yarom. 2018. Cachequote: Efficiently recovering long-term secrets of SGX EPID via cache attacks. 2018, 2 (2018), 171\u2013191."},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338467.3358948"},{"key":"e_1_2_1_53_1","volume-title":"IEEE Symposium on Security and Privacy.","author":"Dehesa-Azuara Mario","year":"2017","unstructured":"Mario Dehesa-Azuara , Matthew Fredrikson , Jan Hoffmann et \u00a0al . 2017 . Verifying and synthesizing constant-resource implementations with types . In IEEE Symposium on Security and Privacy. Mario Dehesa-Azuara, Matthew Fredrikson, Jan Hoffmann et\u00a0al. 2017. Verifying and synthesizing constant-resource implementations with types. In IEEE Symposium on Security and Privacy."},{"key":"e_1_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/2366231.2337172"},{"key":"e_1_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508148.2485970"},{"key":"e_1_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/3214292.3214294"},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1007\/s41635-019-00075-9"},{"key":"e_1_2_1_58_1","volume-title":"Secure TLBs. In International Symposium on Computer Architecture.","author":"Deng Shuwen","year":"2019","unstructured":"Shuwen Deng , Wenjie Xiong , and Jakub Szefer . 2019 . Secure TLBs. In International Symposium on Computer Architecture. Shuwen Deng, Wenjie Xiong, and Jakub Szefer. 2019. Secure TLBs. In International Symposium on Computer Architecture."},{"key":"e_1_2_1_59_1","volume-title":"USENIX Security Symposium.","author":"Dessouky Ghada","year":"2020","unstructured":"Ghada Dessouky , Tommaso Frassetto , and Ahmad-Reza Sadeghi . 2020 . HybCache: Hybrid side-channel-resilient caches for trusted execution environments . In USENIX Security Symposium. Ghada Dessouky, Tommaso Frassetto, and Ahmad-Reza Sadeghi. 2020. HybCache: Hybrid side-channel-resilient caches for trusted execution environments. In USENIX Security Symposium."},{"key":"e_1_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.5555\/646692.703439"},{"key":"e_1_2_1_61_1","volume-title":"USENIX Security Symposium.","author":"Disselkoen Craig","year":"2017","unstructured":"Craig Disselkoen , David Kohlbrenner , Leo Porter , and Dean Tullsen . 2017 . Prime+ abort: A timer-free high-precision l3 cache attack using intel TSX . In USENIX Security Symposium. Craig Disselkoen, David Kohlbrenner, Leo Porter, and Dean Tullsen. 2017. Prime+ abort: A timer-free high-precision l3 cache attack using intel TSX. In USENIX Security Symposium."},{"key":"e_1_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1145\/2086696.2086714"},{"key":"e_1_2_1_63_1","doi-asserted-by":"crossref","unstructured":"Goran Doychev and Boris K\u00f6pf. 2017. Rigorous analysis of software countermeasures against cache attacks. In ACM SIGPLAN Notices.  Goran Doychev and Boris K\u00f6pf. 2017. Rigorous analysis of software countermeasures against cache attacks. In ACM SIGPLAN Notices.","DOI":"10.1145\/3062341.3062388"},{"key":"e_1_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/2756550"},{"key":"e_1_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40041-4_3"},{"key":"e_1_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1007\/s12095-014-0114-5"},{"key":"e_1_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.1985.1057074"},{"key":"e_1_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134028"},{"key":"e_1_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1145\/3173162.3173204"},{"key":"e_1_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1109\/HST.2010.5513110"},{"key":"e_1_2_1_71_1","volume-title":"Cryptography and Security: From Theory to Applications","author":"Fan Junfeng","unstructured":"Junfeng Fan and Ingrid Verbauwhede . 2012. An updated survey on secure ECC implementations: Attacks, countermeasures and cost . In Cryptography and Security: From Theory to Applications . Springer , Berlin, Heidelberg , 265\u2013282. Junfeng Fan and Ingrid Verbauwhede. 2012. An updated survey on secure ECC implementations: Attacks, countermeasures and cost. In Cryptography and Security: From Theory to Applications. Springer, Berlin, Heidelberg, 265\u2013282."},{"key":"e_1_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978400"},{"key":"e_1_2_1_73_1","volume-title":"IEEE International Symposium on High Performance Computer Architecture (HPCA\u201916)","author":"Ferraiuolo Andrew","unstructured":"Andrew Ferraiuolo , Yao Wang , Danfeng Zhang , Andrew C. Myers , and G. Edward Suh . 2016. Lattice priority scheduling: Low-overhead timing-channel protection for a shared memory controller . In IEEE International Symposium on High Performance Computer Architecture (HPCA\u201916) . Andrew Ferraiuolo, Yao Wang, Danfeng Zhang, Andrew C. Myers, and G. Edward Suh. 2016. Lattice priority scheduling: Low-overhead timing-channel protection for a shared memory controller. In IEEE International Symposium on High Performance Computer Architecture (HPCA\u201916)."},{"key":"e_1_2_1_74_1","volume-title":"TRRespass: Exploiting the many sides of target row refresh. arXiv preprint arXiv:2004.01807","author":"Frigo Pietro","year":"2020","unstructured":"Pietro Frigo , Emanuele Vannacci , Hasan Hassan , Victor van der Veen , Onur Mutlu , Cristiano Giuffrida , Herbert Bos , and Kaveh Razavi . 2020. TRRespass: Exploiting the many sides of target row refresh. arXiv preprint arXiv:2004.01807 ( 2020 ). Pietro Frigo, Emanuele Vannacci, Hasan Hassan, Victor van der Veen, Onur Mutlu, Cristiano Giuffrida, Herbert Bos, and Kaveh Razavi. 2020. TRRespass: Exploiting the many sides of target row refresh. arXiv preprint arXiv:2004.01807 (2020)."},{"key":"e_1_2_1_75_1","volume-title":"USENIX Security Symposium.","author":"Garc\u00eda Cesar Pereida","year":"2017","unstructured":"Cesar Pereida Garc\u00eda and Billy Bob Brumley . 2017 . Constant-time callees with variable-time callers . In USENIX Security Symposium. Cesar Pereida Garc\u00eda and Billy Bob Brumley. 2017. Constant-time callees with variable-time callers. In USENIX Security Symposium."},{"key":"e_1_2_1_76_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-016-0141-6"},{"key":"e_1_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-93387-0_5"},{"key":"e_1_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-015-0100-7"},{"key":"e_1_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-44371-2_25"},{"key":"e_1_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134029"},{"key":"e_1_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1145\/1374376.1374407"},{"key":"e_1_2_1_82_1","volume-title":"Workshop. 123\u2013150","author":"Gierlichs Benedikt","year":"2008","unstructured":"Benedikt Gierlichs , Lejla Batina , Christophe Clavier , Thomas Eisenbarth , Aline Gouget , Helena Handschuh , Timo Kasper , Kerstin Lemke-Rust , Stefan Mangard , Amir Moradi et \u00a0al . 2008 . Susceptibility of eSTREAM candidates towards side channel analysis. In the State of the Art of Stream Ciphers , Workshop. 123\u2013150 . Benedikt Gierlichs, Lejla Batina, Christophe Clavier, Thomas Eisenbarth, Aline Gouget, Helena Handschuh, Timo Kasper, Kerstin Lemke-Rust, Stefan Mangard, Amir Moradi et\u00a0al. 2008. Susceptibility of eSTREAM candidates towards side channel analysis. In the State of the Art of Stream Ciphers, Workshop. 123\u2013150."},{"key":"e_1_2_1_83_1","doi-asserted-by":"publisher","DOI":"10.1109\/CLOUD.2013.21"},{"key":"e_1_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.1006\/jagm.1997.0913"},{"key":"e_1_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.1145\/3065913.3065915"},{"key":"e_1_2_1_86_1","volume-title":"USENIX Security Symposium.","author":"Gras Ben","year":"2018","unstructured":"Ben Gras , Kaveh Razavi , Herbert Bos , and Cristiano Giuffrida . 2018 . Translation leak-aside buffer: Defeating cache side-channel protections with TLB attacks . In USENIX Security Symposium. Ben Gras, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. 2018. Translation leak-aside buffer: Defeating cache side-channel protections with TLB attacks. In USENIX Security Symposium."},{"key":"e_1_2_1_87_1","volume-title":"USENIX Security Symposium.","author":"Green Marc","year":"2017","unstructured":"Marc Green , Leandro Rodrigues-Lima , Andreas Zankl , Gorka Irazoqui , Johann Heyszl , and Thomas Eisenbarth . 2017 . AutoLock: Why cache attacks on ARM are harder than you think . In USENIX Security Symposium. Marc Green, Leandro Rodrigues-Lima, Andreas Zankl, Gorka Irazoqui, Johann Heyszl, and Thomas Eisenbarth. 2017. AutoLock: Why cache attacks on ARM are harder than you think. In USENIX Security Symposium."},{"key":"e_1_2_1_88_1","volume-title":"USENIX Security Symposium.","author":"Gruss Daniel","year":"2017","unstructured":"Daniel Gruss , Julian Lettner , Felix Schuster , Olya Ohrimenko , Istvan Haller , and Manuel Costa . 2017 . Strong and efficient cache side-channel protection using hardware transactional memory . In USENIX Security Symposium. Daniel Gruss, Julian Lettner, Felix Schuster, Olya Ohrimenko, Istvan Haller, and Manuel Costa. 2017. Strong and efficient cache side-channel protection using hardware transactional memory. In USENIX Security Symposium."},{"key":"e_1_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-40667-1_14"},{"key":"e_1_2_1_90_1","volume-title":"USENIX Security Symposium.","author":"Gruss Daniel","year":"2015","unstructured":"Daniel Gruss , Raphael Spreitzer , and Stefan Mangard . 2015 . Cache template attacks: Automating attacks on inclusive last-level caches . In USENIX Security Symposium. Daniel Gruss, Raphael Spreitzer, and Stefan Mangard. 2015. Cache template attacks: Automating attacks on inclusive last-level caches. In USENIX Security Symposium."},{"key":"e_1_2_1_91_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2011.22"},{"key":"e_1_2_1_92_1","volume-title":"USENIX Annual Technical Conference.","author":"H\u00e4hnel Marcus","year":"2017","unstructured":"Marcus H\u00e4hnel , Weidong Cui , and Marcus Peinado . 2017 . High-resolution side channels for untrusted operating systems . In USENIX Annual Technical Conference. Marcus H\u00e4hnel, Weidong Cui, and Marcus Peinado. 2017. High-resolution side channels for untrusted operating systems. In USENIX Annual Technical Conference."},{"key":"e_1_2_1_93_1","volume-title":"Guide to elliptic curve cryptography","author":"Hankerson Darrel","unstructured":"Darrel Hankerson , Alfred J. Menezes , and Scott Vanstone . 2005. Guide to elliptic curve cryptography . Springer Science & Business Media . Darrel Hankerson, Alfred J. Menezes, and Scott Vanstone. 2005. Guide to elliptic curve cryptography. Springer Science & Business Media."},{"key":"e_1_2_1_94_1","volume-title":"IEEE\/ACM International Symposium on Microarchitecture.","author":"He Zecheng","unstructured":"Zecheng He and Ruby B. Lee . 2017. How secure is your cache against side-channel attacks? In IEEE\/ACM International Symposium on Microarchitecture. Zecheng He and Ruby B. Lee. 2017. How secure is your cache against side-channel attacks? In IEEE\/ACM International Symposium on Microarchitecture."},{"key":"e_1_2_1_95_1","volume-title":"International Algorithmic Number Theory Symposium.","author":"Hoffstein Jeffrey","unstructured":"Jeffrey Hoffstein , Jill Pipher , and Joseph H. Silverman . 1998. NTRU: A ring-based public key cryptosystem . In International Algorithmic Number Theory Symposium. Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman. 1998. NTRU: A ring-based public key cryptosystem. In International Algorithmic Number Theory Symposium."},{"key":"e_1_2_1_96_1","volume-title":"Fully automated differential fault analysis on software implementations of block ciphers. IACR Trans. Cryptog. Hardw. Embed. Syst","author":"Hou Xiaolu","year":"2019","unstructured":"Xiaolu Hou , Jakub Breier , Fuyuan Zhang , and Yang Liu . 2019. Fully automated differential fault analysis on software implementations of block ciphers. IACR Trans. Cryptog. Hardw. Embed. Syst ( 2019 ), 1\u201329. Xiaolu Hou, Jakub Breier, Fuyuan Zhang, and Yang Liu. 2019. Fully automated differential fault analysis on software implementations of block ciphers. IACR Trans. Cryptog. Hardw. Embed. Syst (2019), 1\u201329."},{"key":"e_1_2_1_97_1","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-1992-13-404"},{"key":"e_1_2_1_98_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.23"},{"key":"e_1_2_1_99_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2015.7056069"},{"key":"e_1_2_1_100_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.pmcj.2015.12.001"},{"key":"e_1_2_1_101_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-53140-2_18"},{"key":"e_1_2_1_102_1","volume-title":"Did we learn from LLC side channel attacks? A cache leakage detection tool for crypto libraries. arXiv preprint arXiv:1709.01552","author":"Irazoqui Gorka","year":"2017","unstructured":"Gorka Irazoqui , Kai Cong , Xiaofei Guo , Hareesh Khattri , Arun Kanuparthi , Thomas Eisenbarth , and Berk Sunar . 2017. Did we learn from LLC side channel attacks? A cache leakage detection tool for crypto libraries. arXiv preprint arXiv:1709.01552 ( 2017 ). Gorka Irazoqui, Kai Cong, Xiaofei Guo, Hareesh Khattri, Arun Kanuparthi, Thomas Eisenbarth, and Berk Sunar. 2017. Did we learn from LLC side channel attacks? A cache leakage detection tool for crypto libraries. arXiv preprint arXiv:1709.01552 (2017)."},{"key":"e_1_2_1_103_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.42"},{"key":"e_1_2_1_104_1","volume-title":"MASCAT: Stopping microarchitectural attacks before execution.IACR Cryptol. ePrint Arch. 1196.","author":"Irazoqui Gorka","year":"2016","unstructured":"Gorka Irazoqui , Thomas Eisenbarth , and Berk Sunar . 2016 . MASCAT: Stopping microarchitectural attacks before execution.IACR Cryptol. ePrint Arch. 1196. Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar. 2016. MASCAT: Stopping microarchitectural attacks before execution.IACR Cryptol. ePrint Arch. 1196."},{"key":"e_1_2_1_105_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11379-1_15"},{"key":"e_1_2_1_106_1","doi-asserted-by":"publisher","DOI":"10.1145\/2714576.2714625"},{"key":"e_1_2_1_107_1","volume-title":"USENIX Security Symposium.","author":"Islam Saad","year":"2019","unstructured":"Saad Islam , Ahmad Moghimi , Ida Bruhns , Moritz Krebbel , Berk Gulmezoglu , Thomas Eisenbarth , and Berk Sunar . 2019 . SPOILER: Speculative load hazards boost Rowhammer and cache attacks . In USENIX Security Symposium. Saad Islam, Ahmad Moghimi, Ida Bruhns, Moritz Krebbel, Berk Gulmezoglu, Thomas Eisenbarth, and Berk Sunar. 2019. SPOILER: Speculative load hazards boost Rowhammer and cache attacks. In USENIX Security Symposium."},{"key":"e_1_2_1_108_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978321"},{"key":"e_1_2_1_109_1","volume-title":"International Workshop on Cryptographic Hardware and Embedded Systems.","author":"Joye Marc","year":"2002","unstructured":"Marc Joye and Sung-Ming Yen . 2002 . The Montgomery powering ladder . In International Workshop on Cryptographic Hardware and Embedded Systems. Marc Joye and Sung-Ming Yen. 2002. The Montgomery powering ladder. In International Workshop on Cryptographic Hardware and Embedded Systems."},{"key":"e_1_2_1_110_1","first-page":"293","article-title":"Multiplication of many-digital numbers by automatic computers","volume":"145","author":"Karatsuba Anatolii Alekseevich","year":"1962","unstructured":"Anatolii Alekseevich Karatsuba and Yu P. Ofman . 1962 . Multiplication of many-digital numbers by automatic computers . In Doklady Akademii Nauk 145 , 2 (1962), 293 \u2013 294 . Anatolii Alekseevich Karatsuba and Yu P. Ofman. 1962. Multiplication of many-digital numbers by automatic computers. In Doklady Akademii Nauk 145, 2 (1962), 293\u2013294.","journal-title":"Doklady Akademii Nauk"},{"key":"e_1_2_1_111_1","volume-title":"Vanstone","author":"Katz Jonathan","year":"1996","unstructured":"Jonathan Katz , Alfred J. Menezes , Paul C. Van Oorschot , and Scott A . Vanstone . 1996 . Handbook of Applied Cryptography. CRC Press . Jonathan Katz, Alfred J. Menezes, Paul C. Van Oorschot, and Scott A. Vanstone. 1996. Handbook of Applied Cryptography. CRC Press."},{"key":"e_1_2_1_112_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-48965-0_36"},{"key":"e_1_2_1_113_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897937.2897962"},{"key":"e_1_2_1_114_1","volume-title":"FEDS: Comprehensive fault attack exploitability detection for software implementations of block ciphers. IACR Trans. Cryptog. Hardw. Embed. Syst","author":"Keerthi K.","year":"2020","unstructured":"K. Keerthi , Indrani Roy , Chester Rebeiro , Aritra Hazra , and Swarup Bhunia . 2020 . FEDS: Comprehensive fault attack exploitability detection for software implementations of block ciphers. IACR Trans. Cryptog. Hardw. Embed. Syst (2020), 272\u2013299. K. Keerthi, Indrani Roy, Chester Rebeiro, Aritra Hazra, and Swarup Bhunia. 2020. FEDS: Comprehensive fault attack exploitability detection for software implementations of block ciphers. IACR Trans. Cryptog. Hardw. Embed. Syst (2020), 272\u2013299."},{"key":"e_1_2_1_115_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10617-008-9018-y"},{"key":"e_1_2_1_116_1","volume-title":"Revisiting RowHammer: An experimental analysis of modern dram devices and mitigation techniques. arXiv preprint arXiv:2005.13121","author":"Kim Jeremie S.","year":"2020","unstructured":"Jeremie S. Kim , Minesh Patel , A. Giray Yaglikci , Hasan Hassan , Roknoddin Azizi , Lois Orosa , and Onur Mutlu . 2020. Revisiting RowHammer: An experimental analysis of modern dram devices and mitigation techniques. arXiv preprint arXiv:2005.13121 ( 2020 ). Jeremie S. Kim, Minesh Patel, A. Giray Yaglikci, Hasan Hassan, Roknoddin Azizi, Lois Orosa, and Onur Mutlu. 2020. Revisiting RowHammer: An experimental analysis of modern dram devices and mitigation techniques. arXiv preprint arXiv:2005.13121 (2020)."},{"key":"e_1_2_1_117_1","volume-title":"USENIX Conference on Security Symposium.","author":"Kim Taesoo","year":"2012","unstructured":"Taesoo Kim , Marcus Peinado , and Gloria Mainar-Ruiz . 2012 . STEALTHMEM: System-level protection against cache-based side channel attacks in the cloud . In USENIX Conference on Security Symposium. Taesoo Kim, Marcus Peinado, and Gloria Mainar-Ruiz. 2012. STEALTHMEM: System-level protection against cache-based side channel attacks in the cloud. In USENIX Conference on Security Symposium."},{"key":"e_1_2_1_118_1","doi-asserted-by":"publisher","DOI":"10.1145\/2678373.2665726"},{"key":"e_1_2_1_119_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2018.00083"},{"key":"e_1_2_1_120_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00002"},{"key":"e_1_2_1_121_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-68697-5_9"},{"key":"e_1_2_1_122_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-31424-7_40"},{"key":"e_1_2_1_123_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00020"},{"key":"e_1_2_1_125_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-10868-6_26"},{"key":"e_1_2_1_126_1","volume-title":"USENIX Security Symposium.","author":"Lee Sangho","year":"2017","unstructured":"Sangho Lee , Ming-Wei Shih , Prasun Gera , Taesoo Kim , Hyesoon Kim , and Marcus Peinado . 2017 . Inferring fine-grained control flow inside SGX enclaves with branch shadowing . In USENIX Security Symposium. Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado. 2017. Inferring fine-grained control flow inside SGX enclaves with branch shadowing. In USENIX Security Symposium."},{"key":"e_1_2_1_127_1","doi-asserted-by":"publisher","DOI":"10.1145\/2670940"},{"key":"e_1_2_1_128_1","volume-title":"USENIX Security Symposium.","author":"Lipp Moritz","year":"2016","unstructured":"Moritz Lipp , Daniel Gruss , Raphael Spreitzer , Cl\u00e9mentine Maurice , and Stefan Mangard . 2016 . ARMageddon: Cache attacks on mobile devices . In USENIX Security Symposium. Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Cl\u00e9mentine Maurice, and Stefan Mangard. 2016. ARMageddon: Cache attacks on mobile devices. In USENIX Security Symposium."},{"key":"e_1_2_1_129_1","doi-asserted-by":"publisher","DOI":"10.1145\/3320269.3384746"},{"key":"e_1_2_1_130_1","volume-title":"USENIX Security Symposium.","author":"Lipp Moritz","year":"2018","unstructured":"Moritz Lipp , Michael Schwarz , Daniel Gruss , Thomas Prescher , Werner Haas , Anders Fogh , Jann Horn , Stefan Mangard , Paul Kocher , Daniel Genkin , Yuval Yarom , and Mike Hamburg . 2018 . Meltdown: Reading kernel memory from user space . In USENIX Security Symposium. Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading kernel memory from user space. In USENIX Security Symposium."},{"key":"e_1_2_1_131_1","volume-title":"IEEE\/ACM International Symposium on Microarchitecture.","author":"Liu Fangfei","unstructured":"Fangfei Liu and Ruby B. Lee . 2014. Random fill cache architecture . In IEEE\/ACM International Symposium on Microarchitecture. Fangfei Liu and Ruby B. Lee. 2014. Random fill cache architecture. In IEEE\/ACM International Symposium on Microarchitecture."},{"key":"e_1_2_1_132_1","doi-asserted-by":"publisher","DOI":"10.1109\/MM.2016.85"},{"key":"e_1_2_1_133_1","volume-title":"IEEE Symposium on Security and Privacy.","author":"Liu Fangfei","unstructured":"Fangfei Liu , Yuval Yarom , Qian Ge , Gernot Heiser , and Ruby B. Lee . 2015. Last-level cache side-channel attacks are practical . In IEEE Symposium on Security and Privacy. Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, and Ruby B. Lee. 2015. Last-level cache side-channel attacks are practical. In IEEE Symposium on Security and Privacy."},{"key":"e_1_2_1_134_1","volume-title":"Zhenkai Liang, Yueqiang Cheng, and Yajin Zhou.","author":"Lou Xiaoxuan","year":"2019","unstructured":"Xiaoxuan Lou , Fan Zhang , Zheng Leong Chua , Zhenkai Liang, Yueqiang Cheng, and Yajin Zhou. 2019 . Understanding Rowhammer attacks through the lens of a unified reference framework. arXiv preprint arXiv:1901.03538 (2019). Xiaoxuan Lou, Fan Zhang, Zheng Leong Chua, Zhenkai Liang, Yueqiang Cheng, and Yajin Zhou. 2019. Understanding Rowhammer attacks through the lens of a unified reference framework. arXiv preprint arXiv:1901.03538 (2019)."},{"key":"e_1_2_1_135_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-13190-5_1"},{"key":"e_1_2_1_136_1","doi-asserted-by":"publisher","DOI":"10.1145\/2366231.2337173"},{"key":"e_1_2_1_137_1","volume-title":"Conference on the Theory and Application of Cryptographic Techniques.","author":"Miller Victor S.","year":"1985","unstructured":"Victor S. Miller . 1985 . Use of elliptic curves in cryptography . In Conference on the Theory and Application of Cryptographic Techniques. Victor S. Miller. 1985. Use of elliptic curves in cryptography. In Conference on the Theory and Application of Cryptographic Techniques."},{"key":"e_1_2_1_138_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66787-4_4"},{"key":"e_1_2_1_139_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10766-018-0611-9"},{"key":"e_1_2_1_140_1","volume-title":"USENIX Security Symposium.","author":"Moghimi Daniel","year":"2020","unstructured":"Daniel Moghimi , Berk Sunar , Thomas Eisenbarth , and Nadia Heninger . 2020 . TPM-FAIL:{TPM} meets timing and lattice attacks . In USENIX Security Symposium. Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger. 2020. TPM-FAIL:{TPM} meets timing and lattice attacks. In USENIX Security Symposium."},{"key":"e_1_2_1_141_1","volume-title":"29th USENIX Security Symposium (USENIX Security\u201920)","author":"Moghimi Daniel","year":"2020","unstructured":"Daniel Moghimi , Jo Van Bulck , Nadia Heninger , Frank Piessens , and Berk Sunar . 2020 . CopyCat: Controlled instruction-level attacks on enclaves . In 29th USENIX Security Symposium (USENIX Security\u201920) . 469\u2013486. Daniel Moghimi, Jo Van Bulck, Nadia Heninger, Frank Piessens, and Berk Sunar. 2020. CopyCat: Controlled instruction-level attacks on enclaves. In 29th USENIX Security Symposium (USENIX Security\u201920). 469\u2013486."},{"key":"e_1_2_1_142_1","unstructured":"Bodo M\u00f6ller. 2012. Security of CBC Ciphersuites in SSL\/TLS: Problems and Countermeasures. Retrieved from http:\/\/www.openssl.org\/ bodo\/tls-cbc.txt.  Bodo M\u00f6ller. 2012. Security of CBC Ciphersuites in SSL\/TLS: Problems and Countermeasures. Retrieved from http:\/\/www.openssl.org\/ bodo\/tls-cbc.txt."},{"key":"e_1_2_1_143_1","volume-title":"International Conference on Information Security and Cryptology.","author":"Molnar David","year":"2005","unstructured":"David Molnar , Matt Piotrowski , David Schultz , and David Wagner . 2005 . The program counter security model: Automatic detection and removal of control-flow side channel attacks . In International Conference on Information Security and Cryptology. David Molnar, Matt Piotrowski, David Schultz, and David Wagner. 2005. The program counter security model: Automatic detection and removal of control-flow side channel attacks. In International Conference on Information Security and Cryptology."},{"key":"e_1_2_1_144_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00026"},{"key":"e_1_2_1_145_1","doi-asserted-by":"publisher","DOI":"10.1090\/S0025-5718-1987-0866113-7"},{"key":"e_1_2_1_146_1","doi-asserted-by":"publisher","DOI":"10.1145\/3214292.3214293"},{"key":"e_1_2_1_147_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCAD.2019.2915318"},{"key":"e_1_2_1_148_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCNC.2016.7444763"},{"key":"e_1_2_1_149_1","volume-title":"International Workshop on Selected Areas in Cryptography.","author":"Neve Michael","year":"2006","unstructured":"Michael Neve and Jean-Pierre Seifert . 2006 . Advances on access-driven cache attacks on AES . In International Workshop on Selected Areas in Cryptography. Michael Neve and Jean-Pierre Seifert. 2006. Advances on access-driven cache attacks on AES. In International Workshop on Selected Areas in Cryptography."},{"key":"e_1_2_1_151_1","volume-title":"RSA Conference.","author":"Osvik Dag Arne","year":"2006","unstructured":"Dag Arne Osvik , Adi Shamir , and Eran Tromer . 2006 . Cache attacks and countermeasures: The case of AES. In Cryptographers\u2019 Track at the RSA Conference. Dag Arne Osvik, Adi Shamir, and Eran Tromer. 2006. Cache attacks and countermeasures: The case of AES. In Cryptographers\u2019 Track at the RSA Conference."},{"key":"e_1_2_1_152_1","unstructured":"Mair\u00e9ad O\u2019Hanlon and Anthony Tonge. 2005. Investigation of Cache Timing Attacks on AES. https:\/\/www.computing.dcu.ie\/wpapers\/2005\/0105.pdf.  Mair\u00e9ad O\u2019Hanlon and Anthony Tonge. 2005. Investigation of Cache Timing Attacks on AES. https:\/\/www.computing.dcu.ie\/wpapers\/2005\/0105.pdf."},{"key":"e_1_2_1_153_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-30806-7_9"},{"key":"e_1_2_1_154_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-14623-7_5"},{"key":"e_1_2_1_155_1","unstructured":"Colin Percival. 2005. Cache missing for fun and profit. BSDCan.  Colin Percival. 2005. Cache missing for fun and profit. BSDCan."},{"key":"e_1_2_1_156_1","volume-title":"ACM Conference on Computer and Communications Security.","author":"Garc\u00eda Cesar Pereida","year":"2016","unstructured":"Cesar Pereida Garc\u00eda , Billy Bob Brumley , and Yuval Yarom . 2016 . Make sure DSA signing exponentiations really are constant-time . In ACM Conference on Computer and Communications Security. Cesar Pereida Garc\u00eda, Billy Bob Brumley, and Yuval Yarom. 2016. Make sure DSA signing exponentiations really are constant-time. In ACM Conference on Computer and Communications Security."},{"key":"e_1_2_1_157_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134023"},{"key":"e_1_2_1_158_1","volume-title":"USENIX Security Symposium.","author":"Pessl Peter","year":"2016","unstructured":"Peter Pessl , Daniel Gruss , Cl\u00e9mentine Maurice , Michael Schwarz , and Stefan Mangard . 2016 . DRAMA: Exploiting DRAM addressing for cross-CPU attacks . In USENIX Security Symposium. Peter Pessl, Daniel Gruss, Cl\u00e9mentine Maurice, Michael Schwarz, and Stefan Mangard. 2016. DRAMA: Exploiting DRAM addressing for cross-CPU attacks. In USENIX Security Symposium."},{"key":"e_1_2_1_159_1","volume-title":"42nd IEEE Symposium on Security and Privacy","volume":"5","author":"Purnal Antoon","year":"2020","unstructured":"Antoon Purnal , Lukas Giner , Daniel Gruss , and Ingrid Verbauwhede . 2020 . Systematic analysis of randomization-based protected cache architectures . In 42nd IEEE Symposium on Security and Privacy , Vol. 5 . 2021. Antoon Purnal, Lukas Giner, Daniel Gruss, and Ingrid Verbauwhede. 2020. Systematic analysis of randomization-based protected cache architectures. In 42nd IEEE Symposium on Security and Privacy, Vol. 5. 2021."},{"key":"e_1_2_1_160_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2018.00068"},{"key":"e_1_2_1_161_1","doi-asserted-by":"publisher","DOI":"10.1145\/3307650.3322246"},{"key":"e_1_2_1_162_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-10628-6_7"},{"key":"e_1_2_1_163_1","volume-title":"Automation & Test in Europe Conference & Exhibition (DATE\u201917)","author":"Reparaz Oscar","year":"2017","unstructured":"Oscar Reparaz , Josep Balasch , and Ingrid Verbauwhede . 2017 . Dude, is my code constant time? In IEEE Design , Automation & Test in Europe Conference & Exhibition (DATE\u201917) . Oscar Reparaz, Josep Balasch, and Ingrid Verbauwhede. 2017. Dude, is my code constant time? In IEEE Design, Automation & Test in Europe Conference & Exhibition (DATE\u201917)."},{"key":"e_1_2_1_164_1","doi-asserted-by":"publisher","DOI":"10.1145\/359340.359342"},{"key":"e_1_2_1_165_1","volume-title":"ACM International Conference on Compiler Construction.","author":"Rodrigues Bruno","unstructured":"Bruno Rodrigues , Fernando Magno Quint\u00e3o Pereira , and Diego F. Aranha . 2016. Sparse representation of implicit flows with applications to side-channel detection . In ACM International Conference on Compiler Construction. Bruno Rodrigues, Fernando Magno Quint\u00e3o Pereira, and Diego F. Aranha. 2016. Sparse representation of implicit flows with applications to side-channel detection. In ACM International Conference on Compiler Construction."},{"key":"e_1_2_1_166_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00062"},{"key":"e_1_2_1_167_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243775"},{"key":"e_1_2_1_168_1","doi-asserted-by":"publisher","DOI":"10.1109\/TCAD.2019.2897629"},{"key":"e_1_2_1_169_1","volume-title":"Qureshi","author":"Saileshwar Gururaj","year":"2019","unstructured":"Gururaj Saileshwar and Moinuddin K . Qureshi . 2019 . Lookout for zombies: Mitigating flush+ reload attack on shared caches by monitoring invalidated lines. arXiv preprint arXiv:1906.02362 (2019). Gururaj Saileshwar and Moinuddin K. Qureshi. 2019. Lookout for zombies: Mitigating flush+ reload attack on shared caches by monitoring invalidated lines. arXiv preprint arXiv:1906.02362 (2019)."},{"key":"e_1_2_1_170_1","doi-asserted-by":"publisher","DOI":"10.1145\/2000064.2000073"},{"key":"e_1_2_1_171_1","doi-asserted-by":"publisher","DOI":"10.1109\/UBMK.2019.8907000"},{"key":"e_1_2_1_172_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2020.2993896"},{"key":"e_1_2_1_173_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23155"},{"key":"e_1_2_1_174_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23094"},{"key":"e_1_2_1_175_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-29959-0_14"},{"key":"e_1_2_1_176_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60876-1_1"},{"key":"e_1_2_1_177_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSNW.2011.5958812"},{"key":"e_1_2_1_178_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23193"},{"key":"e_1_2_1_179_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243736"},{"key":"e_1_2_1_180_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897885"},{"key":"e_1_2_1_181_1","volume-title":"RSA Conference.","author":"Joseph","unstructured":"Joseph H. Silverman and William Whyte. 2007. Timing attacks on NTRUEncrypt via variation in the number of hash calls. In Cryptographers\u2019 Track at the RSA Conference. Joseph H. Silverman and William Whyte. 2007. Timing attacks on NTRUEncrypt via variation in the number of hash calls. In Cryptographers\u2019 Track at the RSA Conference."},{"key":"e_1_2_1_182_1","volume-title":"USENIX Security Symposium.","author":"Song Dawn Xiaodong","year":"2001","unstructured":"Dawn Xiaodong Song , David A. Wagner , and Xuqing Tian . 2001 . Timing analysis of keystrokes and timing attacks on SSH . In USENIX Security Symposium. Dawn Xiaodong Song, David A. Wagner, and Xuqing Tian. 2001. Timing analysis of keystrokes and timing attacks on SSH. In USENIX Security Symposium."},{"key":"e_1_2_1_183_1","doi-asserted-by":"publisher","DOI":"10.1109\/IC2E.2018.00025"},{"key":"e_1_2_1_184_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2017.2779824"},{"key":"e_1_2_1_185_1","doi-asserted-by":"publisher","DOI":"10.1145\/3212480.3212506"},{"key":"e_1_2_1_186_1","doi-asserted-by":"publisher","DOI":"10.23919\/DATE48585.2020.9116380"},{"key":"e_1_2_1_187_1","volume-title":"The Heisenberg defense: Proactively defending SGX enclaves against page-table-based side-channel attacks. arXiv preprint arXiv:1712.08519","author":"Strackx Raoul","year":"2017","unstructured":"Raoul Strackx and Frank Piessens . 2017. The Heisenberg defense: Proactively defending SGX enclaves against page-table-based side-channel attacks. arXiv preprint arXiv:1712.08519 ( 2017 ). Raoul Strackx and Frank Piessens. 2017. The Heisenberg defense: Proactively defending SGX enclaves against page-table-based side-channel attacks. arXiv preprint arXiv:1712.08519 (2017)."},{"key":"e_1_2_1_188_1","doi-asserted-by":"publisher","DOI":"10.1007\/s41635-018-0046-1"},{"key":"e_1_2_1_189_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24086"},{"key":"e_1_2_1_191_1","volume-title":"Design Automation Conference.","author":"Trilla David","unstructured":"David Trilla , Carles Hernandez , Jaume Abella , and Francisco J. Cazorla . 2018. Cache side-channel attacks and time-predictability in high-performance critical real-time systems . In Design Automation Conference. David Trilla, Carles Hernandez, Jaume Abella, and Francisco J. Cazorla. 2018. Cache side-channel attacks and time-predictability in high-performance critical real-time systems. In Design Automation Conference."},{"key":"e_1_2_1_192_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2018.00081"},{"key":"e_1_2_1_193_1","volume-title":"Proc. ISITA2002","author":"Tsunoo Yukiyasu","year":"2002","unstructured":"Yukiyasu Tsunoo . 2002 . Crypt-analysis of block ciphers implemented on computers with cache . Proc. ISITA2002 , Oct. (2002). Yukiyasu Tsunoo. 2002. Crypt-analysis of block ciphers implemented on computers with cache. Proc. ISITA2002, Oct. (2002)."},{"key":"e_1_2_1_194_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45238-6_6"},{"key":"e_1_2_1_195_1","volume-title":"Smart Cards, Tokens, Security and Applications","author":"Tunstall Michael","unstructured":"Michael Tunstall . 2017. Smart card security . In Smart Cards, Tokens, Security and Applications . Springer , Cham , 217\u2013251. Michael Tunstall. 2017. Smart card security. In Smart Cards, Tokens, Security and Applications. Springer, Cham, 217\u2013251."},{"key":"e_1_2_1_196_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2017.2659646"},{"key":"e_1_2_1_197_1","doi-asserted-by":"publisher","DOI":"10.1145\/3152701.3152706"},{"key":"e_1_2_1_198_1","volume-title":"USENIX Security Symposium.","author":"Bulck Jo Van","year":"2017","unstructured":"Jo Van Bulck , Nico Weichbrodt , R\u00fcdiger Kapitza , Frank Piessens , and Raoul Strackx . 2017 . Telling your secrets without page faults: Stealthy page table-based attacks on enclaved execution . In USENIX Security Symposium. Jo Van Bulck, Nico Weichbrodt, R\u00fcdiger Kapitza, Frank Piessens, and Raoul Strackx. 2017. Telling your secrets without page faults: Stealthy page table-based attacks on enclaved execution. In USENIX Security Symposium."},{"key":"e_1_2_1_199_1","volume-title":"RSA Conference.","author":"van de Pol Joop","year":"2015","unstructured":"Joop van de Pol , Nigel P. Smart , and Yuval Yarom . 2015 . Just a little bit more. In Cryptographers\u2019 Track at the RSA Conference. Joop van de Pol, Nigel P. Smart, and Yuval Yarom. 2015. Just a little bit more. In Cryptographers\u2019 Track at the RSA Conference."},{"key":"e_1_2_1_200_1","volume-title":"USENIX Security Symposium.","author":"Varadarajan Venkatanathan","year":"2014","unstructured":"Venkatanathan Varadarajan , Thomas Ristenpart , and Michael Swift . 2014 . Scheduler-based defenses against cross-VM side-channels . In USENIX Security Symposium. Venkatanathan Varadarajan, Thomas Ristenpart, and Michael Swift. 2014. Scheduler-based defenses against cross-VM side-channels. In USENIX Security Symposium."},{"key":"e_1_2_1_201_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046660.2046671"},{"key":"e_1_2_1_202_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-46035-7_35"},{"key":"e_1_2_1_203_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASP-DAC47756.2020.9045664"},{"key":"e_1_2_1_204_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2014.46"},{"key":"e_1_2_1_205_1","volume-title":"USENIX Security Symposium.","author":"Wang Shuai","year":"2019","unstructured":"Shuai Wang , Yuyan Bao , Xiao Liu , Pei Wang , Danfeng Zhang , and Dinghao Wu . 2019 . Identifying cache-based side channels through secret-augmented abstract interpretation . In USENIX Security Symposium. Shuai Wang, Yuyan Bao, Xiao Liu, Pei Wang, Danfeng Zhang, and Dinghao Wu. 2019. Identifying cache-based side channels through secret-augmented abstract interpretation. In USENIX Security Symposium."},{"key":"e_1_2_1_206_1","volume-title":"USENIX Security Symposium.","author":"Wang Shuai","year":"2017","unstructured":"Shuai Wang , Pei Wang , Xiao Liu , Danfeng Zhang , and Dinghao Wu . 2017 . Cached: Identifying cache-based timing channels in production software . In USENIX Security Symposium. Shuai Wang, Pei Wang, Xiao Liu, Danfeng Zhang, and Dinghao Wu. 2017. Cached: Identifying cache-based timing channels in production software. In USENIX Security Symposium."},{"key":"e_1_2_1_207_1","volume-title":"ACM SIGSAC Conference on Computer and Communications Security.","author":"Wang Wenhao","unstructured":"Wenhao Wang , Guoxing Chen , Xiaorui Pan , Yinqian Zhang , XiaoFeng Wang , Vincent Bindschaedler , Haixu Tang , and Carl A. Gunter . 2017. Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX . In ACM SIGSAC Conference on Computer and Communications Security. Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, and Carl A. Gunter. 2017. Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX. In ACM SIGSAC Conference on Computer and Communications Security."},{"key":"e_1_2_1_208_1","volume-title":"IEEE International Symposium on High Performance Computer Architecture.","author":"Wang Yao","unstructured":"Yao Wang , Andrew Ferraiuolo , and G. Edward Suh . 2014. Timing channel protection for a shared memory controller . In IEEE International Symposium on High Performance Computer Architecture. Yao Wang, Andrew Ferraiuolo, and G. Edward Suh. 2014. Timing channel protection for a shared memory controller. In IEEE International Symposium on High Performance Computer Architecture."},{"key":"e_1_2_1_209_1","volume-title":"Design Automation Conference.","author":"Wang Yao","unstructured":"Yao Wang , Andrew Ferraiuolo , Danfeng Zhang , Andrew C. Myers , and G. Edward Suh . 2016. SecDCP: secure dynamic cache partitioning for efficient timing channel protection . In Design Automation Conference. Yao Wang, Andrew Ferraiuolo, Danfeng Zhang, Andrew C. Myers, and G. Edward Suh. 2016. SecDCP: secure dynamic cache partitioning for efficient timing channel protection. In Design Automation Conference."},{"key":"e_1_2_1_210_1","volume-title":"IEEE\/ACM Sixth International Symposium on Networks-on-Chip.","author":"Wang Yao","unstructured":"Yao Wang and G. Edward Suh . 2012. Efficient timing channel protection for on-chip networks . In IEEE\/ACM Sixth International Symposium on Networks-on-Chip. Yao Wang and G. Edward Suh. 2012. Efficient timing channel protection for on-chip networks. In IEEE\/ACM Sixth International Symposium on Networks-on-Chip."},{"key":"e_1_2_1_211_1","volume-title":"IEEE International Symposium on High Performance Computer Architecture.","author":"Wang Yao","unstructured":"Yao Wang , Benjamin Wu , and G. Edward Suh . 2017. Secure dynamic memory scheduling against timing channel attacks . In IEEE International Symposium on High Performance Computer Architecture. Yao Wang, Benjamin Wu, and G. Edward Suh. 2017. Secure dynamic memory scheduling against timing channel attacks. In IEEE International Symposium on High Performance Computer Architecture."},{"key":"e_1_2_1_212_1","volume-title":"Computer Security Applications Conference.","author":"Wang Zhenghong","unstructured":"Zhenghong Wang and Ruby B. Lee . 2006. Covert and side channels due to processor architecture . In Computer Security Applications Conference. Zhenghong Wang and Ruby B. Lee. 2006. Covert and side channels due to processor architecture. In Computer Security Applications Conference."},{"key":"e_1_2_1_213_1","volume-title":"ACM International Symposium on Computer Architecture.","author":"Wang Zhenghong","unstructured":"Zhenghong Wang and Ruby B. Lee . 2007. New cache designs for thwarting software cache-based side channel attacks . In ACM International Symposium on Computer Architecture. Zhenghong Wang and Ruby B. Lee. 2007. New cache designs for thwarting software cache-based side channel attacks. In ACM International Symposium on Computer Architecture."},{"key":"e_1_2_1_214_1","volume-title":"IEEE\/ACM International Symposium on Microarchitecture.","author":"Wang Zhenghong","unstructured":"Zhenghong Wang and Ruby B. Lee . 2008. A novel cache architecture with enhanced performance and security . In IEEE\/ACM International Symposium on Microarchitecture. Zhenghong Wang and Ruby B. Lee. 2008. A novel cache architecture with enhanced performance and security. In IEEE\/ACM International Symposium on Microarchitecture."},{"key":"e_1_2_1_215_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196524"},{"key":"e_1_2_1_216_1","volume-title":"USENIX Security Symposium.","author":"Weiser Samuel","year":"2018","unstructured":"Samuel Weiser , Andreas Zankl , Raphael Spreitzer , Katja Miller , Stefan Mangard , and Georg Sigl . 2018 . DATA\u2013differential address trace analysis: Finding address-based side-channels in binaries . In USENIX Security Symposium. Samuel Weiser, Andreas Zankl, Raphael Spreitzer, Katja Miller, Stefan Mangard, and Georg Sigl. 2018. DATA\u2013differential address trace analysis: Finding address-based side-channels in binaries. In USENIX Security Symposium."},{"key":"e_1_2_1_217_1","volume-title":"USENIX Security Symposium.","author":"Werner Mario","year":"2019","unstructured":"Mario Werner , Thomas Unterluggauer , Lukas Giner , Michael Schwarz , Daniel Gruss , and Stefan Mangard . 2019 . ScatterCache: Thwarting cache attacks via cache set randomization . In USENIX Security Symposium. Mario Werner, Thomas Unterluggauer, Lukas Giner, Michael Schwarz, Daniel Gruss, and Stefan Mangard. 2019. ScatterCache: Thwarting cache attacks via cache set randomization. In USENIX Security Symposium."},{"key":"e_1_2_1_218_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274741"},{"key":"e_1_2_1_219_1","doi-asserted-by":"publisher","DOI":"10.1145\/3213846.3213851"},{"key":"e_1_2_1_220_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134016"},{"key":"e_1_2_1_221_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA47549.2020.00021"},{"key":"e_1_2_1_222_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.45"},{"key":"e_1_2_1_223_1","doi-asserted-by":"publisher","DOI":"10.1145\/3079856.3080222"},{"key":"e_1_2_1_224_1","volume-title":"Recovering OpenSSL ECDSA nonces using the FLUSH+ RELOAD cache side-channel attack.IACR Cryptology ePrint Archive 2014","author":"Yarom Yuval","year":"2014","unstructured":"Yuval Yarom and Naomi Benger . 2014. Recovering OpenSSL ECDSA nonces using the FLUSH+ RELOAD cache side-channel attack.IACR Cryptology ePrint Archive 2014 ( 2014 ), 140. Yuval Yarom and Naomi Benger. 2014. Recovering OpenSSL ECDSA nonces using the FLUSH+ RELOAD cache side-channel attack.IACR Cryptology ePrint Archive 2014 (2014), 140."},{"key":"e_1_2_1_225_1","volume-title":"USENIX Security Symposium.","author":"Yarom Yuval","year":"2014","unstructured":"Yuval Yarom and Katrina Falkner . 2014 . FLUSH+ RELOAD: A high resolution, low noise, L3 cache side-channel attack . In USENIX Security Symposium. Yuval Yarom and Katrina Falkner. 2014. FLUSH+ RELOAD: A high resolution, low noise, L3 cache side-channel attack. In USENIX Security Symposium."},{"key":"e_1_2_1_226_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-017-0152-y"},{"key":"e_1_2_1_227_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2007.4317620"},{"key":"e_1_2_1_228_1","volume-title":"International Conference on Smart Card Research and Advanced Applications.","author":"Zankl Andreas","year":"2016","unstructured":"Andreas Zankl , Johann Heyszl , and Georg Sigl . 2016 . Automated detection of instruction cache leaks in modular exponentiation software . In International Conference on Smart Card Research and Advanced Applications. Andreas Zankl, Johann Heyszl, and Georg Sigl. 2016. Automated detection of instruction cache leaks in modular exponentiation software. In International Conference on Smart Card Research and Advanced Applications."},{"key":"e_1_2_1_229_1","volume-title":"International Workshop on Selected Areas in Cryptography.","author":"Zenner Erik","year":"2008","unstructured":"Erik Zenner . 2008 . A cache timing analysis of HC-256 . In International Workshop on Selected Areas in Cryptography. Erik Zenner. 2008. A cache timing analysis of HC-256. In International Workshop on Selected Areas in Cryptography."},{"key":"e_1_2_1_230_1","volume-title":"Dagstuhl Seminar Proceedings. Schloss Dagstuhl-Leibniz-Zentrum f\u00fcr Informatik.","author":"Zenner Erik","year":"2009","unstructured":"Erik Zenner . 2009 . Cache timing analysis of eStream finalists . In Dagstuhl Seminar Proceedings. Schloss Dagstuhl-Leibniz-Zentrum f\u00fcr Informatik. Erik Zenner. 2009. Cache timing analysis of eStream finalists. In Dagstuhl Seminar Proceedings. Schloss Dagstuhl-Leibniz-Zentrum f\u00fcr Informatik."},{"key":"e_1_2_1_231_1","volume-title":"ACM SIGPLAN Conference on Programming Language Design and Implementation.","author":"Zhang Danfeng","unstructured":"Danfeng Zhang , Aslan Askarov , and Andrew C. Myers . 2012. Language-based control and mitigation of timing channels . In ACM SIGPLAN Conference on Programming Language Design and Implementation. Danfeng Zhang, Aslan Askarov, and Andrew C. Myers. 2012. Language-based control and mitigation of timing channels. In ACM SIGPLAN Conference on Programming Language Design and Implementation."},{"key":"e_1_2_1_232_1","doi-asserted-by":"publisher","DOI":"10.1145\/2775054.2694372"},{"key":"e_1_2_1_233_1","doi-asserted-by":"crossref","unstructured":"Fan Zhang Xiaoxuan Lou Xinjie Zhao Shivam Bhasin Wei He Ruyi Ding Samiya Qureshi and Kui Ren. 2018. Persistent fault analysis on block ciphers. In ACR Transactions on Cryptographic Hardware and Embedded Systems. 150\u2013172.  Fan Zhang Xiaoxuan Lou Xinjie Zhao Shivam Bhasin Wei He Ruyi Ding Samiya Qureshi and Kui Ren. 2018. Persistent fault analysis on block ciphers. In ACR Transactions on Cryptographic Hardware and Embedded Systems. 150\u2013172.","DOI":"10.46586\/tches.v2018.i3.150-172"},{"key":"e_1_2_1_234_1","volume-title":"Computer Security Applications Conference.","author":"Zhang Tianwei","unstructured":"Tianwei Zhang and Ruby B. Lee . 2014. New models of cache architectures characterizing information leakage from cache side channels . In Computer Security Applications Conference. Tianwei Zhang and Ruby B. Lee. 2014. New models of cache architectures characterizing information leakage from cache side channels. In Computer Security Applications Conference."},{"key":"e_1_2_1_235_1","volume-title":"International Workshop on Hardware and Architectural Support for Security and Privacy.","author":"Zhang Tianwei","unstructured":"Tianwei Zhang , Fangfei Liu , Si Chen , and Ruby B. Lee . 2013. Side channel vulnerability metrics: The promise and the pitfalls . In International Workshop on Hardware and Architectural Support for Security and Privacy. Tianwei Zhang, Fangfei Liu, Si Chen, and Ruby B. Lee. 2013. Side channel vulnerability metrics: The promise and the pitfalls. In International Workshop on Hardware and Architectural Support for Security and Privacy."},{"key":"e_1_2_1_236_1","volume-title":"International Symposium on Research in Attacks, Intrusions, and Defenses.","author":"Zhang Tianwei","unstructured":"Tianwei Zhang , Yinqian Zhang , and Ruby B. Lee . 2016. Cloudradar: A real-time side-channel attack detection system in clouds . In International Symposium on Research in Attacks, Intrusions, and Defenses. Tianwei Zhang, Yinqian Zhang, and Ruby B. Lee. 2016. Cloudradar: A real-time side-channel attack detection system in clouds. In International Symposium on Research in Attacks, Intrusions, and Defenses."},{"key":"e_1_2_1_237_1","volume-title":"Computer Security Applications Conference.","author":"Zhang Tianwei","unstructured":"Tianwei Zhang , Yinqian Zhang , and Ruby B. Lee . 2018. Analyzing cache side channels using deep neural networks . In Computer Security Applications Conference. Tianwei Zhang, Yinqian Zhang, and Ruby B. Lee. 2018. Analyzing cache side channels using deep neural networks. In Computer Security Applications Conference."},{"key":"e_1_2_1_238_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382230"},{"key":"e_1_2_1_239_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660356"},{"key":"e_1_2_1_240_1","volume-title":"ACM Conference on Computer and Communications Security.","author":"Zhang Yinqian","unstructured":"Yinqian Zhang and Michael K. Reiter . 2013. D\u00fcPpel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud . In ACM Conference on Computer and Communications Security. Yinqian Zhang and Michael K. Reiter. 2013. D\u00fcPpel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud. In ACM Conference on Computer and Communications Security."},{"key":"e_1_2_1_241_1","unstructured":"Xin-jie Zhao Tao Wang and Yuanyuan Zheng. 2009. Cache timing attacks on camellia block cipher.IACR Cryptol. ePrint Arch. (2009). 354.  Xin-jie Zhao Tao Wang and Yuanyuan Zheng. 2009. Cache timing attacks on camellia block cipher.IACR Cryptol. ePrint Arch. (2009). 354."},{"key":"e_1_2_1_242_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2017.36"},{"key":"e_1_2_1_243_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978324"}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3456629","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3456629","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:46:55Z","timestamp":1750193215000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3456629"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,7,13]]},"references-count":238,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2022,7,31]]}},"alternative-id":["10.1145\/3456629"],"URL":"https:\/\/doi.org\/10.1145\/3456629","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,7,13]]},"assertion":[{"value":"2020-07-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-03-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-07-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}