{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T06:24:34Z","timestamp":1769927074347,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":144,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,15]],"date-time":"2023-11-15T00:00:00Z","timestamp":1700006400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,15]]},"DOI":"10.1145\/3576915.3623112","type":"proceedings-article","created":{"date-parts":[[2023,11,21]],"date-time":"2023-11-21T12:35:13Z","timestamp":1700570113000},"page":"1690-1704","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":12,"title":["A Systematic Evaluation of Automated Tools for Side-Channel Vulnerabilities Detection in Cryptographic Libraries"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-0704-8717","authenticated-orcid":false,"given":"Antoine","family":"Geimer","sequence":"first","affiliation":[{"name":"Univ. Lille, CNRS, Inria, Univ. Rennes, CNRS, IRISA, Lille, France"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-9198-2140","authenticated-orcid":false,"given":"Math\u00e9o","family":"Vergnolle","sequence":"additional","affiliation":[{"name":"Universit\u00e9 Paris-Saclay, CEA, List, Gif-sur-Yvettes, France"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-9736-0656","authenticated-orcid":false,"given":"Fr\u00e9d\u00e9ric","family":"Recoules","sequence":"additional","affiliation":[{"name":"Universit\u00e9 Paris-Saclay, CEA, List, Gif-sur-Yvettes, France"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2772-3722","authenticated-orcid":false,"given":"Lesly-Ann","family":"Daniel","sequence":"additional","affiliation":[{"name":"KU Leuven, imec-DistriNet, Leuven, Belgium"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6509-3506","authenticated-orcid":false,"given":"S\u00e9bastien","family":"Bardin","sequence":"additional","affiliation":[{"name":"Universit\u00e9 Paris-Saclay, CEA, List, Gif-sur-Yvettes, France"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8896-9494","authenticated-orcid":false,"given":"Cl\u00e9mentine","family":"Maurice","sequence":"additional","affiliation":[{"name":"Univ. Lille, CNRS, Inria, Lille, France"}]}],"member":"320","published-online":{"date-parts":[[2023,11,21]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"[n. d.]. BearSSL - Constant-Time Crypto. https:\/\/bearssl.org\/constanttime.html."},{"key":"e_1_3_2_1_2_1","unstructured":"[n. d.]. Bug 200535 - Valgrind flags lots of uninitialized locations with programs compiled with \"-static\". https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=200535."},{"key":"e_1_3_2_1_3_1","unstructured":"[n. d.]. Implement deterministic ECDSA sign (RFC6979). https:\/\/github.com\/ openssl\/openssl\/pull\/18809."},{"key":"e_1_3_2_1_4_1","unstructured":"[n. d.]. OpenSSL. https:\/\/www.openssl.org\/."},{"key":"e_1_3_2_1_5_1","unstructured":"O. Acii\u00e7mez S. Gueron and J.-P. Seifert. 2007 a. New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures. In IMACC."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"crossref","unstructured":"Onur Acii\u00e7mez \u00c7etin Kaya Kocc and Jean-Pierre Seifert. 2007 b. Predicting Secret Keys Via Branch Prediction. In CT-RSA.","DOI":"10.1007\/11967668_15"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"crossref","unstructured":"Johan Agat. 2000. Transforming Out Timing Leaks. In POPL.","DOI":"10.1145\/325694.325702"},{"key":"e_1_3_2_1_8_1","volume-title":"Paterson","author":"Albrecht Martin R.","year":"2016","unstructured":"Martin R. Albrecht and Kenneth G. Paterson. 2016. Lucky Microseconds: A Timing Attack on Amazon's s2n Implementation of TLS. In EUROCRYPT."},{"key":"e_1_3_2_1_9_1","volume-title":"Sohaib ul Hassan, Cesar Pereida Garc'i a, and Nicola Tuveri.","author":"Aldaya Alejandro Cabrera","year":"2019","unstructured":"Alejandro Cabrera Aldaya, Billy Bob Brumley, Sohaib ul Hassan, Cesar Pereida Garc'i a, and Nicola Tuveri. 2019a. Port Contention for Fun and Profit. In S&P."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"crossref","unstructured":"A. Cabrera Aldaya C. Pereida Garc\u00eda L. M. Alvarez Tapia and B. B. Brumley. 2019b. Cache-Timing Attacks on RSA Key Generation. TCHES (2019).","DOI":"10.46586\/tches.v2019.i4.213-242"},{"key":"e_1_3_2_1_11_1","volume-title":"Paterson","author":"AlFardan Nadhem J.","year":"2013","unstructured":"Nadhem J. AlFardan and Kenneth G. Paterson. 2013. Lucky Thirteen: Breaking the TLS and DTLS Record Protocols. In S&P."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134078"},{"key":"e_1_3_2_1_13_1","unstructured":"Jos\u00e9 Bacelar Almeida Manuel Barbosa Gilles Barthe Fran\u00e7ois Dupressoir and Michael Emmi. 2016. Verifying Constant-Time Implementations. In USENIX."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"J. Bacelar Almeida M. Barbosa G. Barthe B. Gr\u00e9goire A. Koutsos V. Laporte T. Oliveira and P-Y. Strub. 2020. The Last Mile: High-Assurance and High-Speed Cryptographic Implementations. In S&P.","DOI":"10.1109\/SP40000.2020.00028"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"crossref","unstructured":"J. Bacelar Almeida M. Barbosa J. Sousa Pinto and B. Vieira. 2013. Formal verification of side-channel countermeasures using self-composition. Sci. Comput. Program. (2013).","DOI":"10.1016\/j.scico.2011.10.008"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"crossref","unstructured":"M. Andrysco D. Kohlbrenner K. Mowery R. Jhala S. Lerner and H. Shacham. 2015. On Subnormal Floating Point and Abnormal Timing. In S&P.","DOI":"10.1109\/SP.2015.44"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"crossref","unstructured":"Timos Antonopoulos Paul Gazzillo Michael Hicks Eric Koskinen Tachio Terauchi and Shiyi Wei. 2017. Decomposition instead of self-composition for proving the absence of timing channels. In PLDI.","DOI":"10.1145\/3062341.3062378"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","unstructured":"D. F. Aranha F. Rodrigues Novaes A. Takahashi M. Tibouchi and Y. Yarom. 2020. LadderLeak: Breaking ECDSA with Less than One Bit of Nonce Leakage. In CCS.","DOI":"10.1145\/3372297.3417268"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"crossref","unstructured":"Konstantinos Athanasiou Byron Cook Michael Emmi Colm MacC\u00e1rthaigh Daniel Schwartz-Narbonne and Serdar Tasiran. 2018. SideTrail: Verifying Time-Balancing of Cryptosystems. In VSTTE.","DOI":"10.1007\/978-3-030-03592-1_12"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.5555\/AAI28827003"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"crossref","unstructured":"M. Barbosa G. Barthe K. Bhargavan B. Blanchet C. Cremers K. Liao and B. Parno. 2021. SoK: Computer-Aided Cryptography. In S&P.","DOI":"10.1109\/SP40001.2021.00008"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"G. Barthe G. Betarte J. Diego Campo C. Daniel Luna and D. Pichardie. 2014. System-level Non-interference for Constant-time Cryptography. In CCS.","DOI":"10.1145\/2660267.2660283"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1017\/S0960129511000193"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"crossref","unstructured":"N. Benger J. van de Pol N. P. Smart and Y. Yarom. 2014. \"Ooh Aah... Just a Little Bit\": A Small Amount of Side Channel Can Go a Long Way. In CHES.","DOI":"10.1007\/978-3-662-44709-3_5"},{"key":"e_1_3_2_1_25_1","unstructured":"Daniel J Bernstein. 2005. Cache-Timing Attacks on AES."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"crossref","unstructured":"Daniel J. Bernstein Tanja Lange and Peter Schwabe. 2012. The Security Impact of a New Cryptographic Library. In LATINCRYPT.","DOI":"10.1007\/978-3-642-33481-8_9"},{"key":"e_1_3_2_1_27_1","unstructured":"BinsecRel2. 2023. BinsecRel2. https:\/\/binsec.github.io\/releases\/binsec\/2023\/02\/14\/binsec-0.7.1.html."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"crossref","unstructured":"Sandrine Blazy David Pichardie and Alix Trieu. 2017. Verifying Constant-Time Implementations by Abstract Interpretation. In ESORICS.","DOI":"10.1007\/978-3-319-66402-6_16"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"crossref","unstructured":"Daniel Bleichenbacher. 1998. Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1. In CRYPTO.","DOI":"10.1007\/BFb0055716"},{"key":"e_1_3_2_1_30_1","volume-title":"Vale: Verifying High-Performance Cryptographic Assembly Code. In USENIX Security.","author":"Bond B.","year":"2017","unstructured":"B. Bond, C. Hawblitzel, M. Kapritsos, K. R. M. Leino, J. R. Lorch, B. Parno, A. Rane, S. T. V. Setty, and L. Thompson. 2017. Vale: Verifying High-Performance Cryptographic Assembly Code. In USENIX Security."},{"key":"e_1_3_2_1_31_1","volume-title":"Leonardo Querzoni, and Cristiano Giuffrida.","author":"Borrello Pietro","year":"2021","unstructured":"Pietro Borrello, Daniele Cono D'Elia, Leonardo Querzoni, and Cristiano Giuffrida. 2021. Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization. In CCS."},{"key":"e_1_3_2_1_32_1","volume-title":"Still Leaking: Practical Cache-based Side-Channel in the Wild. In ACSAC.","author":"Braga D. De Almeida","year":"2020","unstructured":"D. De Almeida Braga, P.-A. Fouque, and M. Sabt. 2020. Dragonblood is Still Leaking: Practical Cache-based Side-Channel in the Wild. In ACSAC."},{"key":"e_1_3_2_1_33_1","volume-title":"PARASITE: PAssword Recovery Attack against Srp Implementations in ThE wild. In CCS.","author":"Braga D. De Almeida","year":"2021","unstructured":"D. De Almeida Braga, P.-A. Fouque, and M. Sabt. 2021. PARASITE: PAssword Recovery Attack against Srp Implementations in ThE wild. In CCS."},{"key":"e_1_3_2_1_34_1","volume-title":"Pasareanu","author":"Brennan Tegan","year":"2018","unstructured":"Tegan Brennan, Seemanta Saha, Tevfik Bultan, and Corina S. Pasareanu. 2018. Symbolic path cost analysis for side-channel detection. In ISSTA."},{"key":"e_1_3_2_1_35_1","volume-title":"Kandemir","author":"Brotzman Robert","year":"2019","unstructured":"Robert Brotzman, Shen Liu, Danfeng Zhang, Gang Tan, and Mahmut T. Kandemir. 2019. CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation. In S&P."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"crossref","unstructured":"B. B. Brumley and R. M. Hakala. 2009. Cache-Timing Template Attacks. In ASIACRYPT.","DOI":"10.1007\/978-3-642-10366-7_39"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"crossref","unstructured":"Billy Bob Brumley and Nicola Tuveri. 2011. Remote Timing Attacks Are Still Practical. In ESORICS.","DOI":"10.1007\/978-3-642-23822-2_20"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2005.01.010"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"crossref","unstructured":"Ileana Buhan Lejla Batina Yuval Yarom and Patrick Schaumont. 2022. SoK: Design Tools for Side-Channel-Aware Implementations. In AsiaCCS.","DOI":"10.1145\/3488932.3517415"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"crossref","unstructured":"Jo Van Bulck Frank Piessens and Raoul Strackx. 2017. SGX-Step: A Practical Attack Framework for Precise Enclave Execution Control. In SysTEX@SOSP.","DOI":"10.1145\/3152701.3152706"},{"key":"e_1_3_2_1_41_1","volume-title":"KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. In OSDI.","author":"Cadar C.","year":"2008","unstructured":"C. Cadar, D. Dunbar, and D. R. Engler. 2008. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. In OSDI."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2408776.2408795"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243802"},{"key":"e_1_3_2_1_44_1","unstructured":"C. Canella J. Van Bulck M. Schwarz M. Lipp B. von Berg P. Ortner F. Piessens D. Evtyushkin and D. Gruss. 2019a. A Systematic Evaluation of Transient Execution Attacks and Defenses. In USENIX Security."},{"key":"e_1_3_2_1_45_1","volume-title":"Fallout: Leaking Data on Meltdown-resistant CPUs. In CCS.","author":"Canella C.","year":"2019","unstructured":"C. Canella, D. Genkin, L. Giner, D. Gruss, M. Lipp, M. Minkin, D. Moghimi, F. Piessens, M. Schwarz, B. Sunar, J. Van Bulck, and Y. Yarom. 2019b. Fallout: Leaking Data on Meltdown-resistant CPUs. In CCS."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"crossref","unstructured":"Sunjay Cauligi Gary Soeller Brian Johannesmeyer Fraser Brown Riad S. Wahby John Renner Benjamin Gr\u00e9goire Gilles Barthe Ranjit Jhala and Deian Stefan. 2019. FaCT: a DSL for timing-sensitive computation. In PLDI.","DOI":"10.1145\/3314221.3314605"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"crossref","unstructured":"S. Chattopadhyay and A. Roychoudhury. 2018. Symbolic Verification of Cache Side-Channel Freedom. Trans. Comput. Aided Des. Integr. Circuits Syst. (2018).","DOI":"10.1109\/TCAD.2018.2858402"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"crossref","unstructured":"Jia Chen Yu Feng and Isil Dillig. 2017. Precise Detection of Side-Channel Vulnerabilities using Quantitative Cartesian Hoare Logic. In CCS.","DOI":"10.1145\/3133956.3134058"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"crossref","unstructured":"S. Cohney A. Kwong S. Paz D. Genkin N. Heninger E. Ronen and Y. Yarom. 2020. Pseudorandom Black Swans: Cache Attacks on CTR_DRBG. In S&P.","DOI":"10.1109\/SP40000.2020.00046"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/512950.512973"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"crossref","unstructured":"L.-A. Daniel S. Bardin and T. Rezk. 2020. Binsec\/Rel: Efficient Relational Symbolic Execution for Constant-Time at Binary-Level. In S&P.","DOI":"10.1109\/SP40000.2020.00074"},{"key":"e_1_3_2_1_52_1","volume-title":"Symbolic Binary Analyzer for Security with Applications to Constant-Time and Secret-Erasure. ACM Transactions on Privacy and Security","author":"Daniel Lesly-Ann","year":"2022","unstructured":"Lesly-Ann Daniel, S\u00e9bastien Bardin, and Tamara Rezk. 2022. Binsec\/Rel: Symbolic Binary Analyzer for Security with Applications to Constant-Time and Secret-Erasure. ACM Transactions on Privacy and Security (2022)."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/359636.359712"},{"key":"e_1_3_2_1_54_1","unstructured":"C. Disselkoen S. Cauligi D. Tullsen and D. Stefan. 2020. Finding and Eliminating Timing Side-Channels in Crypto Code with Pitchfork. In TECHCON."},{"key":"e_1_3_2_1_55_1","unstructured":"G. Doychev D. Feld B. K\u00f6pf L. Mauborgne and J. Reineke. 2013. CacheAudit: A Tool for the Static Analysis of Cache Side Channels. In USENIX Security."},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"crossref","unstructured":"Goran Doychev and Boris K\u00f6pf. 2017. Rigorous analysis of software countermeasures against cache attacks. In PLDI.","DOI":"10.1145\/3062341.3062388"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"crossref","unstructured":"Dmitry Evtyushkin Ryan Riley Nael B. Abu-Ghazaleh and Dmitry Ponomarev. 2018. BranchScope: A New Side-Channel Attack on Directional Branch Predictor. In ASPLOS.","DOI":"10.1145\/3173162.3173204"},{"key":"e_1_3_2_1_58_1","unstructured":"Trusted Firmware. [n. d.]. Mbed TLS. https:\/\/www.trustedfirmware.org\/projects\/mbed-tls\/."},{"key":"e_1_3_2_1_59_1","unstructured":"CRoCS: Centre for Research on Cryptography and Security. [n. d.]. Constant-timeness verification tools. https:\/\/crocs-muni.github.io\/ct-tools\/."},{"key":"e_1_3_2_1_60_1","unstructured":"Cesar Pereida Garc\u00eda and Billy Bob Brumley. 2017. Constant-Time Callees with Variable-Time Callers. In USENIX Security."},{"key":"e_1_3_2_1_61_1","volume-title":"N. Tuveri, I. Gridin, A. Cabrera Aldaya, and B. B. Brumley.","author":"Garc\u00eda C. Pereida","year":"2020","unstructured":"C. Pereida Garc\u00eda, S. ul Hassan, N. Tuveri, I. Gridin, A. Cabrera Aldaya, and B. B. Brumley. 2020. Certified Side Channels. In USENIX Security."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-016-0141-6"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"crossref","unstructured":"Daniel Genkin Adi Shamir and Eran Tromer. 2014. RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis. In CRYPTO.","DOI":"10.1007\/978-3-662-44371-2_25"},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"crossref","unstructured":"Daniel Genkin Luke Valenta and Yuval Yarom. 2017. May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519. In CCS.","DOI":"10.1145\/3133956.3134029"},{"key":"e_1_3_2_1_65_1","volume-title":"Golic and Christophe Tymen","author":"Dj Jovan","year":"2002","unstructured":"Jovan Dj. Golic and Christophe Tymen. 2002. Multiplicative Masking and Power Analysis of AES. In CHES."},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"crossref","unstructured":"B. Gras C. Giuffrida M. Kurth H. Bos and K. Razavi. 2020. ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity Microarchitectures. In NDSS.","DOI":"10.14722\/ndss.2020.23018"},{"key":"e_1_3_2_1_67_1","unstructured":"Ben Gras Kaveh Razavi Herbert Bos and Cristiano Giuffrida. 2018. Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks. In USENIX Security."},{"key":"e_1_3_2_1_68_1","volume-title":"Triggerflow: Regression Testing by Advanced Execution Path Inspection. In DIMVA.","author":"Gridin I.","year":"2019","unstructured":"I. Gridin, C. Pereida Garc\u00eda, N. Tuveri, and B. B. Brumley. 2019. Triggerflow: Regression Testing by Advanced Execution Path Inspection. In DIMVA."},{"key":"e_1_3_2_1_69_1","unstructured":"Elisabeth Oswald Dan Page and Michael Tunstall. 2009. Side-Channel Analysis of Cryptographic Software via Early-Terminating Multiplications. In ICISC."},{"key":"e_1_3_2_1_70_1","unstructured":"D. Gruss R. Spreitzer and S. Mangard. 2015. Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches. In USENIX Security."},{"key":"e_1_3_2_1_71_1","doi-asserted-by":"crossref","unstructured":"Qian Guo Thomas Johansson and Alexander Nilsson. 2020. A Key-Recovery Timing Attack on Post-quantum Primitives Using the Fujisaki-Okamoto Transformation and Its Application on FrodoKEM. In CRYPTO.","DOI":"10.1007\/978-3-030-56880-1_13"},{"key":"e_1_3_2_1_72_1","volume-title":"Ciocarlie","author":"He Shaobo","year":"2020","unstructured":"Shaobo He, Michael Emmi, and Gabriela F. Ciocarlie. 2020. ct-fuzz: Fuzzing for Timing Leaks. In ICST."},{"key":"e_1_3_2_1_73_1","volume-title":"Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque, and Yasemin Acar.","author":"Jancar Jan","year":"2022","unstructured":"Jan Jancar, Marcel Fourn\u00e9, Daniel De Almeida Braga, Mohamed Sabt, Peter Schwabe, Gilles Barthe, Pierre-Alain Fouque, and Yasemin Acar. 2022. \"They're not that hard to mitigate\": What Cryptographic Library Developers Think About Timing Attacks. In S&P."},{"key":"e_1_3_2_1_74_1","doi-asserted-by":"crossref","unstructured":"K. Jiang Y. Bao S. Wang Z. Liu and T. Zhang. 2022. Cache Refinement Type for Side-Channel Detection of Cryptographic Software. In CCS.","DOI":"10.1145\/3548606.3560672"},{"key":"e_1_3_2_1_75_1","doi-asserted-by":"crossref","unstructured":"Marc Joye and Christophe Tymen. 2001. Protections against Differential Analysis for Elliptic Curve Cryptography. In CHES.","DOI":"10.1007\/3-540-44709-1_31"},{"key":"e_1_3_2_1_76_1","doi-asserted-by":"crossref","unstructured":"M. Joye and S-M Yen. 2002. The Montgomery Powering Ladder. In CHES.","DOI":"10.1007\/3-540-36400-5_22"},{"key":"e_1_3_2_1_77_1","doi-asserted-by":"crossref","unstructured":"Emilia K\u00e4sper and Peter Schwabe. 2009. Faster and Timing-Attack Resistant AES-GCM. In CHES.","DOI":"10.1007\/978-3-642-04138-9_1"},{"key":"e_1_3_2_1_78_1","volume-title":"When Constant-Time Source Yields Variable-Time Binary: Exploiting Curve25519-donna Built with MSVC","author":"Kaufmann Thierry","year":"2015","unstructured":"Thierry Kaufmann, Herv\u00e9 Pelletier, Serge Vaudenay, and Karine Villegas. 2016. When Constant-Time Source Yields Variable-Time Binary: Exploiting Curve25519-donna Built with MSVC 2015. In CANS."},{"key":"e_1_3_2_1_79_1","volume-title":"STEALTHMEM: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud. In USENIX Security.","author":"Kim Taesoo","year":"2012","unstructured":"Taesoo Kim, Marcus Peinado, and Gloria Mainar-Ruiz. 2012. STEALTHMEM: System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud. In USENIX Security."},{"key":"e_1_3_2_1_80_1","doi-asserted-by":"crossref","unstructured":"Y. Kim R. Daly J. S. Kim C. Fallin J-H Lee D. Lee C. Wilkerson K. Lai and O. Mutlu. 2014. Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors. In ISCA.","DOI":"10.1109\/ISCA.2014.6853210"},{"key":"e_1_3_2_1_81_1","volume-title":"Symbolic Execution and Program Testing. Commun. ACM (1976)","author":"King J. C.","year":"1976","unstructured":"J. C. King. 1976. Symbolic Execution and Program Testing. Commun. ACM (1976) (1976)."},{"key":"e_1_3_2_1_82_1","doi-asserted-by":"crossref","unstructured":"Paul C. Kocher. 1996. Timing Attacks on Implementations of Diffie-Hellman RSA DSS and Other Systems. In CRYPTO.","DOI":"10.1007\/3-540-68697-5_9"},{"key":"e_1_3_2_1_83_1","doi-asserted-by":"crossref","unstructured":"P. C. Kocher J. Jaffe and B. Jun. 1999. Differential Power Analysis. In CRYPTO.","DOI":"10.1007\/3-540-48405-1_25"},{"key":"e_1_3_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-007-0016-z"},{"key":"e_1_3_2_1_85_1","unstructured":"Adam Langley. 2010. Ctgrind. https:\/\/www.imperialviolet.org\/2010\/04\/01\/ctgrind.html."},{"key":"e_1_3_2_1_86_1","unstructured":"Sangho Lee Ming-Wei Shih Prasun Gera Taesoo Kim Hyesoon Kim and Marcus Peinado. 2017. Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing. In USENIX Security."},{"key":"e_1_3_2_1_87_1","doi-asserted-by":"crossref","unstructured":"Chen Liu Abhishek Chakraborty Nikhil Chawla and Neer Roggel. 2022. Frequency Throttling Side-Channel Attack. In CCS.","DOI":"10.1145\/3548606.3560682"},{"key":"e_1_3_2_1_88_1","volume-title":"Lee","author":"Liu Fangfei","year":"2015","unstructured":"Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser, and Ruby B. Lee. 2015. Last-Level Cache Side-Channel Attacks are Practical. In S&P."},{"key":"e_1_3_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1145\/3456629"},{"key":"e_1_3_2_1_90_1","unstructured":"C-K Luk R. S. Cohn R. Muth H. Patil A. Klauser P. Geoffrey Lowney S. Wallace V. Janapa Reddi and K. M. Hazelwood. 2005. Pin: building customized program analysis tools with dynamic instrumentation. (2005)."},{"key":"e_1_3_2_1_91_1","doi-asserted-by":"crossref","unstructured":"Heiko Mantel Alexandra Weber and Boris K\u00f6pf. 2017. A Systematic Study of Cache Side Channels Across AES Implementations. In ESSoS.","DOI":"10.1007\/978-3-319-62105-0_14"},{"key":"e_1_3_2_1_92_1","doi-asserted-by":"crossref","unstructured":"Thomas S. Messerges. 2000. Securing the AES Finalists Against Power Analysis Attacks. In FSE.","DOI":"10.1007\/3-540-44706-7_11"},{"key":"e_1_3_2_1_93_1","volume-title":"Wagner","author":"Molnar David","year":"2005","unstructured":"David Molnar, Matt Piotrowski, David Schultz, and David A. Wagner. 2005. The Program Counter Security Model: Automatic Detection and Removal of Control-Flow Side Channel Attacks. In ICISC."},{"key":"e_1_3_2_1_94_1","doi-asserted-by":"crossref","unstructured":"M. Nemec D. Klinec P. Svenda P. Sekan and V. Matyas. 2017. Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans. In ACSAC.","DOI":"10.1145\/3134600.3134612"},{"key":"e_1_3_2_1_95_1","volume-title":"Pasareanu","author":"Nilizadeh Shirin","year":"2019","unstructured":"Shirin Nilizadeh, Yannic Noller, and Corina S. Pasareanu. 2019. DifFuzz: differential fuzzing for side-channel analysis. In ICSE."},{"key":"e_1_3_2_1_96_1","unstructured":"Colin Percival. 2005. Cache Missing for Fun and Profit. In BSDCan."},{"key":"e_1_3_2_1_97_1","doi-asserted-by":"crossref","unstructured":"P. Pessl L. Groot Bruinderink and Y. Yarom. 2017. To BLISS-B or not to be: Attacking strongSwan's Implementation of Post-Quantum Signatures. In CCS.","DOI":"10.1145\/3133956.3134023"},{"key":"e_1_3_2_1_98_1","volume-title":"DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks. In USENIX Security.","author":"Pessl P.","year":"2016","unstructured":"P. Pessl, D. Gruss, C. Maurice, M. Schwarz, and S. Mangard. 2016. DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks. In USENIX Security."},{"key":"e_1_3_2_1_99_1","unstructured":"Thomas Pornin. [n. d.]. BearSSL. https:\/\/bearssl.org\/."},{"key":"e_1_3_2_1_100_1","doi-asserted-by":"crossref","unstructured":"J. Protzenko B. Parno A. Fromherz C. Hawblitzel M. Polubelova K. Bhargavan B. Beurdouche J. Choi A. Delignat-Lavaud C. Fournet N. Kulatova T. Ramananandro A. Rastogi N. Swamy C. M. Wintersteiger and S. Zanella B\u00e9guelin. 2020. EverCrypt: A Fast Verified Cross-Platform Cryptographic Provider. In S&P.","DOI":"10.1109\/SP40000.2020.00114"},{"key":"e_1_3_2_1_101_1","volume-title":"Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend. In USENIX Security.","author":"Puddu I.","year":"2021","unstructured":"I. Puddu, M. Schneider, M. Haller, and S. Capkun. 2021. Frontal Attack: Leaking Control-Flow in SGX via the CPU Frontend. In USENIX Security."},{"key":"e_1_3_2_1_102_1","doi-asserted-by":"crossref","unstructured":"A. Purnal L. Giner D. Gruss and I. Verbauwhede. 2021. Systematic Analysis of Randomization-based Protected Cache Architectures. In S&P.","DOI":"10.1109\/SP40001.2021.00011"},{"key":"e_1_3_2_1_103_1","unstructured":"Hany Ragab Enrico Barberis Herbert Bos and Cristiano Giuffrida. 2021. Rage Against the Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks. In USENIX Security."},{"key":"e_1_3_2_1_104_1","volume-title":"Raccoon: Closing Digital Side-Channels through Obfuscated Execution. In USENIX Security.","author":"Rane Ashay","year":"2015","unstructured":"Ashay Rane, Calvin Lin, and Mohit Tiwari. 2015. Raccoon: Closing Digital Side-Channels through Obfuscated Execution. In USENIX Security."},{"key":"e_1_3_2_1_105_1","volume-title":"Rao and Pankaj Rohatgi","author":"Josyula","year":"2001","unstructured":"Josyula R. Rao and Pankaj Rohatgi. 2001. EMpowering Side-Channel Attacks. IACR Cryptol. ePrint Arch. (2001). http:\/\/eprint.iacr.org\/2001\/037"},{"key":"e_1_3_2_1_106_1","doi-asserted-by":"crossref","unstructured":"O. Reparaz J. Balasch and I. Verbauwhede. 2017. Dude is my code constant time?. In DATE.","DOI":"10.23919\/DATE.2017.7927267"},{"key":"e_1_3_2_1_107_1","volume-title":"Magno Quint a o Pereira, and D. F. Aranha","author":"Rodrigues B.","year":"2016","unstructured":"B. Rodrigues, F. Magno Quint a o Pereira, and D. F. Aranha. 2016. Sparse representation of implicit flows with applications to side-channel detection. In CC."},{"key":"e_1_3_2_1_108_1","doi-asserted-by":"crossref","unstructured":"E. Ronen R. Gillham D. Genkin A. Shamir D. Wong and Y. Yarom. 2019. The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations. In S&;P.","DOI":"10.1109\/SP.2019.00062"},{"key":"e_1_3_2_1_109_1","doi-asserted-by":"crossref","unstructured":"Eyal Ronen Kenneth G. Paterson and Adi Shamir. 2018. Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure. In CCS.","DOI":"10.1145\/3243734.3243775"},{"key":"e_1_3_2_1_110_1","volume-title":"Formal methods for the analysis of cache-timing leaks and key generation in cryptographic implementations. Ph.,D. Dissertation","author":"Schaub Alexander","year":"2052","unstructured":"Alexander Schaub. 2020. Formal methods for the analysis of cache-timing leaks and key generation in cryptographic implementations. Ph.,D. Dissertation. Institut Polytechnique de Paris. https:\/\/theses.hal.science\/tel-03205242"},{"key":"e_1_3_2_1_111_1","doi-asserted-by":"crossref","unstructured":"M. Schwarz S. Weiser D. Gruss C. Maurice and S. Mangard. 2017. Malware Guard Extension: Using SGX to Conceal Cache Attacks. In DIMVA.","DOI":"10.1007\/978-3-319-60876-1_1"},{"key":"e_1_3_2_1_112_1","doi-asserted-by":"crossref","unstructured":"Martin Schwarzl Erik Kraft and Daniel Gruss. 2023. Layered Binary Templating: Efficient Detection of Compiler- and Linker-introduced Leakage. In ACNS.","DOI":"10.1007\/978-3-031-33488-7_2"},{"key":"e_1_3_2_1_113_1","unstructured":"Julian Seward and Nicholas Nethercote. 2005. Using Valgrind to Detect Undefined Value Errors with Bit-Precision. In USENIX ATC."},{"key":"e_1_3_2_1_114_1","doi-asserted-by":"crossref","unstructured":"Y-j Shin H. Chan Kim D. Kwon J-H Jeong and J. Hur. 2018. Unveiling Hardware-based Data Prefetcher a Hidden Source of Information Leakage. In CCS.","DOI":"10.1145\/3243734.3243736"},{"key":"e_1_3_2_1_115_1","volume-title":"Anderson","author":"Simon Laurent","year":"2018","unstructured":"Laurent Simon, David Chisnall, and Ross J. Anderson. 2018. What You Get is What You C: Controlling Side Effects in Mainstream C Compilers. In EuroS&P."},{"key":"e_1_3_2_1_116_1","volume-title":"Memory-Safe Elimination of Side Channels","author":"Soares Luigi","unstructured":"Luigi Soares and Fernando Magno Quint a o Pereira. 2021. Memory-Safe Elimination of Side Channels. In CGO. IEEE, 200--210."},{"key":"e_1_3_2_1_117_1","doi-asserted-by":"crossref","unstructured":"Chungha Sung Brandon Paulsen and Chao Wang. 2018. CANAL: a cache timing analysis framework via LLVM transformation. In ASE.","DOI":"10.1145\/3238147.3240485"},{"key":"e_1_3_2_1_118_1","doi-asserted-by":"publisher","DOI":"10.1007\/s41635-018-0046-1"},{"key":"e_1_3_2_1_119_1","doi-asserted-by":"crossref","unstructured":"M. Tibouchi and A. Wallet. 2021. One Bit is All It Takes: A Devastating Timing Attack on BLISS's Non-Constant Time Sign Flips. J. Math. Cryptol. (2021).","DOI":"10.1515\/jmc-2020-0079"},{"key":"e_1_3_2_1_120_1","volume-title":"C. Pereida Garc\u00eda, and B. B. Brumley.","author":"Tuveri N.","year":"2018","unstructured":"N. Tuveri, S. ul Hassan, C. Pereida Garc\u00eda, and B. B. Brumley. 2018. Side-Channel Analysis of SM2: A Late-Stage Featurization Case Study. In ACSAC."},{"key":"e_1_3_2_1_121_1","volume-title":"How Secure Is Exponent-blinded RSA-CRT with Sliding Window Exponentiation? TCHES","author":"Ueno Rei","year":"2023","unstructured":"Rei Ueno and Naofumi Homma. 2023. How Secure Is Exponent-blinded RSA-CRT with Sliding Window Exponentiation? TCHES (2023)."},{"key":"e_1_3_2_1_122_1","volume-title":"I. Gridin, I. M. Delgado-Lozano, C. Pereida Garc\u00eda, J-J Chi-Dom\u00ednguez, A. Cabrera Aldaya, and B. B. Brumley.","author":"S.","year":"2020","unstructured":"S. ul Hassan, I. Gridin, I. M. Delgado-Lozano, C. Pereida Garc\u00eda, J-J Chi-Dom\u00ednguez, A. Cabrera Aldaya, and B. B. Brumley. 2020. D\u00e9 j\u00e0 Vu: Side-Channel Analysis of Mozilla's NSS. In CCS."},{"key":"e_1_3_2_1_123_1","unstructured":"Jo Van Bulck. 2020. Microarchitectural Side-channel Attacks for Privileged Software Adversaries. Ph. D. Dissertation. KU Leuven."},{"key":"e_1_3_2_1_124_1","volume-title":"LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection. In S&P.","author":"Bulck J. Van","year":"2020","unstructured":"J. Van Bulck, D. Moghimi, M. Schwarz, M. Lipp, M. Minkin, D. Genkin, Y. Yarom, B. Sunar, D. Gruss, and F. Piessens. 2020. LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection. In S&P."},{"key":"e_1_3_2_1_125_1","volume-title":"Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd. In S&P.","author":"Vanhoef Mathy","year":"2020","unstructured":"Mathy Vanhoef and Eyal Ronen. 2020. Dragonblood: Analyzing the Dragonfly Handshake of WPA3 and EAP-pwd. In S&P."},{"key":"e_1_3_2_1_126_1","unstructured":"Shuai Wang Yuyan Bao Xiao Liu Pei Wang Danfeng Zhang and Dinghao Wu. 2019a. Identifying Cache-Based Side Channels through Secret-Augmented Abstract Interpretation. In USENIX Security."},{"key":"e_1_3_2_1_127_1","unstructured":"S. Wang P. Wang X. Liu D. Zhang and D. Wu. 2017. CacheD: Identifying Cache-Based Timing Channels in Production Software. In USENIX Security."},{"key":"e_1_3_2_1_128_1","unstructured":"W. Wang Y. Zhang and Z. Lin. 2019b. Time and Order: Towards Automatically Identifying Side-Channel Vulnerabilities in Enclave Binaries. In RAID."},{"key":"e_1_3_2_1_129_1","volume-title":"Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86. In USENIX Security.","author":"Wang Y.","year":"2022","unstructured":"Y. Wang, R. Paccagnella, E. Tang He, H. Shacham, C. W. Fletcher, and D. Kohlbrenner. 2022. Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86. In USENIX Security."},{"key":"e_1_3_2_1_130_1","unstructured":"Samuel Weiser David Schrammel Lukas Bodner and Raphael Spreitzer. 2020. Big Numbers - Big Troubles: Systematically Analyzing Nonce Leakage in (EC)DSA Implementations. In USENIX Security."},{"key":"e_1_3_2_1_131_1","doi-asserted-by":"crossref","unstructured":"Samuel Weiser Raphael Spreitzer and Lukas Bodner. 2018a. Single Trace Attack Against RSA Key Generation in Intel SGX SSL. In AsiaCCS.","DOI":"10.1145\/3196494.3196524"},{"key":"e_1_3_2_1_132_1","unstructured":"Samuel Weiser Andreas Zankl Raphael Spreitzer Katja Miller Stefan Mangard and Georg Sigl. 2018b. DATA - Differential Address Trace Analysis: Finding Address-based Side-Channels in Binaries. In USENIX Security."},{"key":"e_1_3_2_1_133_1","doi-asserted-by":"crossref","unstructured":"Jan Wichelmann Ahmad Moghimi Thomas Eisenbarth and Berk Sunar. 2018. MicroWalk: A Framework for Finding Side Channels in Binaries. In ACSAC.","DOI":"10.1145\/3274694.3274741"},{"key":"e_1_3_2_1_134_1","doi-asserted-by":"crossref","unstructured":"J. Wichelmann F. Sieck A. P\u00e4tschke and T. Eisenbarth. 2022. Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications. In CCS.","DOI":"10.1145\/3548606.3560654"},{"key":"e_1_3_2_1_135_1","unstructured":"Meng Wu Shengjian Guo Patrick Schaumont and Chao Wang. 2018. Eliminating timing side-channel leaks using program repair. In ISSTA."},{"key":"e_1_3_2_1_136_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134016"},{"key":"e_1_3_2_1_137_1","unstructured":"Yuanzhong Xu Weidong Cui and Marcus Peinado. 2015. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In S&P."},{"key":"e_1_3_2_1_138_1","volume-title":"Recovering OpenSSL ECDSA Nonces Using the FLUSHRELOAD Cache Side-channel Attack. IACR Cryp. ePrint","author":"Yarom Yuval","year":"2014","unstructured":"Yuval Yarom and Naomi Benger. 2014. Recovering OpenSSL ECDSA Nonces Using the FLUSHRELOAD Cache Side-channel Attack. IACR Cryp. ePrint (2014)."},{"key":"e_1_3_2_1_139_1","volume-title":"FLUSHRELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack. In USENIX Security.","author":"Yarom Yuval","year":"2014","unstructured":"Yuval Yarom and Katrina Falkner. 2014. FLUSHRELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack. In USENIX Security."},{"key":"e_1_3_2_1_140_1","volume-title":"ENCIDER: Detecting Timing and Cache Side Channels in SGX Enclaves and Cryptographic APIs. Transactions on Dependable and Secure Computing","author":"Yavuz T.","year":"2022","unstructured":"T. Yavuz, F. Fowze, G. Hernandez, K. Y. Bai, K. Butler, and D. J. Tian. 2022. ENCIDER: Detecting Timing and Cache Side Channels in SGX Enclaves and Cryptographic APIs. Transactions on Dependable and Secure Computing (2022)."},{"key":"e_1_3_2_1_141_1","unstructured":"Y. Yuan Z. Liu and S. Wang. 2023. CacheQL: Quantifying and Localizing Cache Side-Channel Vulnerabilities in Production Software. In USENIX Security."},{"key":"e_1_3_2_1_142_1","unstructured":"Yuanyuan Yuan Qi Pang and Shuai Wang. 2022. Automated Side Channel Analysis of Media Software with Manifold Learning. In USENIX Security."},{"key":"e_1_3_2_1_143_1","volume-title":"STBPU: A Reasonably Secure Branch Prediction Unit. In DSN.","author":"Zhang Tao","year":"2022","unstructured":"Tao Zhang, Timothy Lesch, Kenneth Koltermann, and Dmitry Evtyushkin. 2022. STBPU: A Reasonably Secure Branch Prediction Unit. In DSN."},{"key":"e_1_3_2_1_144_1","doi-asserted-by":"crossref","unstructured":"J. K. Zinzindohou\u00e9 K. Bhargavan J. Protzenko and B. Beurdouche. 2017. HACL*: A Verified Modern Cryptographic Library. In CCS.","DOI":"10.1145\/3133956.3134043"}],"event":{"name":"CCS '23: ACM SIGSAC Conference on Computer and Communications Security","location":"Copenhagen Denmark","acronym":"CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3576915.3623112","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3576915.3623112","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,21]],"date-time":"2025-08-21T01:42:41Z","timestamp":1755740561000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3576915.3623112"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,15]]},"references-count":144,"alternative-id":["10.1145\/3576915.3623112","10.1145\/3576915"],"URL":"https:\/\/doi.org\/10.1145\/3576915.3623112","relation":{},"subject":[],"published":{"date-parts":[[2023,11,15]]},"assertion":[{"value":"2023-11-21","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}