{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T15:45:50Z","timestamp":1772725550504,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":48,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,15]],"date-time":"2023-11-15T00:00:00Z","timestamp":1700006400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"NSF","award":["1954521,1942888,2154183"],"award-info":[{"award-number":["1954521,1942888,2154183"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,15]]},"DOI":"10.1145\/3576915.3623065","type":"proceedings-article","created":{"date-parts":[[2023,11,21]],"date-time":"2023-11-21T12:35:13Z","timestamp":1700570113000},"page":"2053-2067","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Declassiflow: A Static Analysis for Modeling Non-Speculative Knowledge to Relax Speculative Execution Security Measures"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-8343-0603","authenticated-orcid":false,"given":"Rutvik","family":"Choudhary","sequence":"first","affiliation":[{"name":"University of Illinois Urbana Champaign, Urbana, IL, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4474-3012","authenticated-orcid":false,"given":"Alan","family":"Wang","sequence":"additional","affiliation":[{"name":"University of Illinois Urbana Champaign, Urbana, IL, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7231-7416","authenticated-orcid":false,"given":"Zirui Neil","family":"Zhao","sequence":"additional","affiliation":[{"name":"University of Illinois Urbana Champaign, Urbana, IL, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5586-2615","authenticated-orcid":false,"given":"Adam","family":"Morrison","sequence":"additional","affiliation":[{"name":"Tel Aviv University, Tel Aviv, Israel"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9995-5995","authenticated-orcid":false,"given":"Christopher W.","family":"Fletcher","sequence":"additional","affiliation":[{"name":"University of Illinois Urbana Champaign, Urbana, IL, USA"}]}],"member":"320","published-online":{"date-parts":[[2023,11,21]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"ChaCha20 (BearSSL). https:\/\/bearssl.org\/."},{"key":"e_1_3_2_1_2_1","unstructured":"LLVM Language Reference Manual. https:\/\/llvm.org\/docs\/LangRef.html."},{"key":"e_1_3_2_1_3_1","volume-title":"Compilers: Principles, Techniques, and Tools","author":"Aho Alfred V.","year":"2006","unstructured":"Alfred V. Aho, Monica S. Lam, Ravi Sethi, and Jeffrey D. Ullman. Compilers: Principles, Techniques, and Tools (2nd Edition). Addison-Wesley Longman Publishing Co., Inc., USA, 2006.","edition":"2"},{"key":"e_1_3_2_1_4_1","unstructured":"Marc Andrysco David Kohlbrenner Keaton Mowery Ranjit Jhala Sorin Lerner and Hovav Shacham. On subnormal floating point and abnormal timing. In Oakland'15."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3182657"},{"key":"e_1_3_2_1_6_1","unstructured":"Enrico Barberis Pietro Frigo Marius Muench Herbert Bos and Cristiano Giuffrida. Branch history injection: On the effectiveness of hardware mitigations against cross-privilege Spectre-v2 attacks. In Security'22."},{"key":"e_1_3_2_1_7_1","volume-title":"PKC'06","author":"Bernstein Daniel J.","unstructured":"Daniel J. Bernstein. Curve25519: New diffie-hellman speed records. In PKC'06."},{"key":"e_1_3_2_1_8_1","volume-title":"FSE'05","author":"Bernstein Daniel J.","unstructured":"Daniel J. Bernstein. The Poly1305-AES message-authentication code. In FSE'05."},{"key":"e_1_3_2_1_9_1","volume-title":"SAC'17","author":"Bernstein Daniel J.","unstructured":"Daniel J. Bernstein, Chitchanok Chuengsatiansup, Tanja Lange, and Christine van Vredendaal. Ntru prime: Reducing attack surface at low cost. In SAC'17."},{"key":"e_1_3_2_1_10_1","volume-title":"CCS'19","author":"Bhattacharyya Atri","unstructured":"Atri Bhattacharyya, Alexandra Sandulescu, Matthias Neugschwandtner, Alessandro Sorniotti, Babak Falsafi, Mathias Payer, and Anil Kurmus. SMoTherSpectre: Exploiting speculative execution through port contention. In CCS'19."},{"key":"e_1_3_2_1_11_1","unstructured":"Bitcoin Code. ctaes. https:\/\/github.com\/bitcoin-core\/ctaes."},{"key":"e_1_3_2_1_12_1","volume-title":"VSTTE'20","author":"Bultan Tevfik","unstructured":"Tevfik Bultan. Quantifying information leakage using model counting constraint solvers. In VSTTE'20."},{"key":"e_1_3_2_1_13_1","volume-title":"OSDI'08","author":"Cadar Cristian","unstructured":"Cristian Cadar, Daniel Dunbar, and Dawson Engler. Klee: Unassisted and automatic generation of high-coverage tests for complex systems programs. In OSDI'08."},{"key":"e_1_3_2_1_14_1","unstructured":"Sunjay Cauligi Craig Disselkoen Klaus v. Gleissenthall Dean Tullsen Deian Stefan Tamara Rezk and Gilles Barthe. Constant-time foundations for the new Spectre era. In PLDI'20."},{"key":"e_1_3_2_1_15_1","unstructured":"Sunjay Cauligi Gary Soeller Brian Johannesmeyer Fraser Brown Riad S. Wahby John Renner Benjamin Gr\u00e9goire Gilles Barthe Ranjit Jhala and Deian Stefan. FaCT: A DSL for timing-sensitive computation. In PLDI'19."},{"key":"e_1_3_2_1_16_1","volume-title":"CSF'19","author":"Cheang Kevin","unstructured":"Kevin Cheang, Cameron Rasmussen, Sanjit A. Seshia, and Pramod Subramanyan. A Formal Approach to Secure Speculation. In CSF'19."},{"key":"e_1_3_2_1_17_1","unstructured":"Rutvik Choudhary Alan Wang Zirui Neil Zhao Adam Morrison and Christopher Fletcher. Declassiflow: A static analysis for modeling non-speculative knowledge to relax speculative execution security measures (full version). In ArXiv."},{"key":"e_1_3_2_1_18_1","volume-title":"MICRO'21","author":"Choudhary Rutvik","unstructured":"Rutvik Choudhary, Jiyong Yu, ChristopherW. Fletcher, and Adam Morrison. Speculative Privacy Tracking (SPT): Leaking information from speculative execution without compromising privacy. In MICRO'21."},{"key":"e_1_3_2_1_19_1","unstructured":"Bart Coppens Ingrid Verbauwhede Koen De Bosschere and Bjorn De Sutter. Practical mitigations for timing-based side-channel attacks on modern x86 processors. In Oakland'09."},{"key":"e_1_3_2_1_20_1","unstructured":"R. Cytron J. Ferrante B. K. Rosen M. N. Wegman and F. K. Zadeck. An efficient method of computing static single assignment form. In POPL'89."},{"key":"e_1_3_2_1_21_1","unstructured":"Daniel J. Bernstein. djbsort. https:\/\/sorting.cr.yp.to."},{"key":"e_1_3_2_1_22_1","volume-title":"DAC'19","author":"Fustos Jacob","unstructured":"Jacob Fustos, Farzad Farshchi, and Heechul Yun. Spectreguard: An efficient data-centric defense mechanism against spectre attacks. In DAC'19."},{"key":"e_1_3_2_1_23_1","volume-title":"Published","author":"LLVM.","year":"2018","unstructured":"Google\/LLVM. Speculative load hardening. https:\/\/llvm.org\/docs\/SpeculativeLoadHardening.html, Published 2018."},{"key":"e_1_3_2_1_24_1","volume-title":"ICISC'09","author":"Gro\u00dfsch\u00e4dl Johann","unstructured":"Johann Gro\u00dfsch\u00e4dl, Elisabeth Oswald, Dan Page, and Michael Tunstall. Sidechannel analysis of cryptographic software via early-terminating multiplications. In ICISC'09."},{"key":"e_1_3_2_1_25_1","volume-title":"CCS'20","author":"Guanciale Roberto","unstructured":"Roberto Guanciale, Musard Balliu, and Mads Dam. InSpectre: Breaking and fixing microarchitectural vulnerabilities by formal analysis. In CCS'20."},{"key":"e_1_3_2_1_26_1","unstructured":"Marco Guarnieri Boris K\u00f6pf Jos\u00e9 F. Morales Jan Reineke and Andr\u00e9s S\u00e1nchez. Spectector: Principled detection of speculative information flows. In Oakland'20."},{"key":"e_1_3_2_1_27_1","unstructured":"Marco Guarnieri Boris K\u00f6pf Jan Reineke and Pepe Vila. Hardware-software contracts for secure speculation. In Oakland'21."},{"key":"e_1_3_2_1_28_1","unstructured":"Shay Gueron. Efficient software implementations of modular exponentiation. In IACR ePrint'11."},{"key":"e_1_3_2_1_29_1","unstructured":"Paul Kocher Daniel Genkin Daniel Gruss Werner Haas Mike Hamburg Moritz Lipp Stefan Mangard Thomas Prescher Michael Schwarz and Yuval Yarom. Spectre attacks: Exploiting speculative execution. In Oakland'19."},{"key":"e_1_3_2_1_30_1","volume-title":"CRYPTO'96","author":"Kocher Paul C.","unstructured":"Paul C. Kocher. Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In CRYPTO'96."},{"key":"e_1_3_2_1_31_1","unstructured":"F. Liu Y. Yarom Q. Ge G. Heiser and R. B. Lee. Last-level cache side-channel attacks are practical. In Oakland'15."},{"key":"e_1_3_2_1_32_1","unstructured":"Kevin Loughlin Ian Neal Jiacheng Ma Elisa Tsai Ofir Weisse Satish Narayanasamy and Baris Kasikci. DOLMA: Securing speculation with the principle of transient non-observability. In Security'21."},{"key":"e_1_3_2_1_33_1","volume-title":"CCS'18","author":"Maisuradze Giorgi","unstructured":"Giorgi Maisuradze and Christian Rossow. Ret2spec: Speculative execution using return stack buffers. In CCS'18."},{"key":"e_1_3_2_1_34_1","unstructured":"Ross Mcilroy Jaroslav Sevcik Tobias Tebbi Ben L. Titzer and Toon Verwaest. Spectre is here to stay: An analysis of side-channels and speculative execution. In ArXiv."},{"key":"e_1_3_2_1_35_1","unstructured":"David Molnar Matt Piotrowski David Schultz and David Wagner. The program counter security model: Automatic detection and removal of control-flow side channel attacks. IACR ePrint'05."},{"key":"e_1_3_2_1_36_1","volume-title":"CCS'21","author":"Patrignani Marco","unstructured":"Marco Patrignani and Marco Guarnieri. Exorcising spectres with secure compilers. In CCS'21."},{"key":"e_1_3_2_1_37_1","unstructured":"Ashay Rane Calvin Lin and Mohit Tiwari. Raccoon: Closing digital side-channels through obfuscated execution. In Security'15."},{"key":"e_1_3_2_1_38_1","unstructured":"Basavesh Ammanaghatta Shivakumar Jack Barnes Gilles Barthe Sunjay Cauligi Chitchanok Chuengsatiansup Daniel Genkin Sioli O'Connell Peter Schwabe Rui Qi Sim and Yuval Yarom. Spectre declassified: Reading from the right place at the wrong time. In Oakland'23."},{"key":"e_1_3_2_1_39_1","unstructured":"Basavesh Ammanaghatta Shivakumar Gilles Barthe Benjamin Gr\u00e9goire Vincent Laporte Tiago Oliveira Swarn Priya Peter Schwabe and Lucas Tabary-Maujean. Typing high-speed cryptography against spectre v1. In IACR ePrint'22."},{"key":"e_1_3_2_1_40_1","unstructured":"Marco Vassena Craig Disselkoen Klaus von Gleissenthall Sunjay Cauligi Rami G\u00f6khan K\u0131c\u0131 Ranjit Jhala Dean Tullsen and Deian Stefan. Automatically eliminating speculative leaks from cryptographic code with Blade. In POPL'21."},{"key":"e_1_3_2_1_41_1","volume-title":"ISCA'21","author":"Vicarte Jose","unstructured":"Jose Vicarte, Pradyumna Shome, Nandeeka Nayak, Caroline Trippel, Adam Morrison, David Kohlbrenner, and Christopher W. Fletcher. Opening Pandora's box: A systematic study of new ways microarchitecture can leak private data. In ISCA'21."},{"key":"e_1_3_2_1_42_1","volume-title":"MICRO'19","author":"Weisse Ofir","unstructured":"Ofir Weisse, Ian Neal, Kevin Loughlin, ThomasWenisch, and Baris Kasikci. NDA: Preventing speculative execution attacks at their source. In MICRO'19."},{"key":"e_1_3_2_1_43_1","unstructured":"Johannes Wikner and Kaveh Razavi. RETBLEED: Arbitrary speculative code execution with return instructions. In Security'22."},{"key":"e_1_3_2_1_44_1","unstructured":"Yuval Yarom and Katrina Falkner. FlushReload: A high resolution low noise L3 cache side-channel attack. In Security'14."},{"key":"e_1_3_2_1_45_1","volume-title":"NDSS'19","author":"Yu Jiyong","unstructured":"Jiyong Yu, Lucas Hsiung, Mohamad El Hajj, and Christopher W. Fletcher. Data oblivious ISA extensions for side channel-resistant and high performance computing. In NDSS'19."},{"key":"e_1_3_2_1_46_1","volume-title":"ISCA'20","author":"Yu Jiyong","unstructured":"Jiyong Yu, Namrata Mantri, Josep Torrellas, Adam Morrison, and Christopher W. Fletcher. Speculative data-oblivious execution: Mobilizing safe prediction for safe and efficient speculative execution. In ISCA'20."},{"key":"e_1_3_2_1_47_1","volume-title":"MICRO'19","author":"Yu Jiyong","unstructured":"Jiyong Yu, Mengjia Yan, Artem Khyzha, Adam Morrison, Josep Torrellas, and Christopher W. Fletcher. Speculative taint tracking (STT): A comprehensive protection for speculatively accessed data. In MICRO'19."},{"key":"e_1_3_2_1_48_1","unstructured":"Zhiyuan Zhang Gilles Barthe Chitchanok Chuengsatiansup Peter Schwabe and Yuval Yarom. Ultimate SLH: Taking speculative load hardening to the next level. In Security'23."}],"event":{"name":"CCS '23: ACM SIGSAC Conference on Computer and Communications Security","location":"Copenhagen Denmark","acronym":"CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3576915.3623065","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3576915.3623065","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,21]],"date-time":"2025-08-21T01:47:39Z","timestamp":1755740859000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3576915.3623065"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,15]]},"references-count":48,"alternative-id":["10.1145\/3576915.3623065","10.1145\/3576915"],"URL":"https:\/\/doi.org\/10.1145\/3576915.3623065","relation":{},"subject":[],"published":{"date-parts":[[2023,11,15]]},"assertion":[{"value":"2023-11-21","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}