{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,10]],"date-time":"2026-06-10T16:34:31Z","timestamp":1781109271742,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":50,"publisher":"ACM","funder":[{"DOI":"10.13039\/501100019167","name":"Zurich Information Security and Privacy Center","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100019167","id-type":"DOI","asserted-by":"publisher"}]},{"name":"ETH Future Computing Laboratory"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,8,25]]},"DOI":"10.1145\/3708821.3733909","type":"proceedings-article","created":{"date-parts":[[2025,8,13]],"date-time":"2025-08-13T06:30:56Z","timestamp":1755066656000},"page":"1690-1706","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Breaking Bad: How Compilers Break Constant-Time Implementations"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8069-9848","authenticated-orcid":false,"given":"Moritz","family":"Schneider","sequence":"first","affiliation":[{"name":"ETH Zurich, Zurich, Switzerland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6101-7306","authenticated-orcid":false,"given":"Daniele","family":"Lain","sequence":"additional","affiliation":[{"name":"ETH Zurich, Zurich, Switzerland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2198-2405","authenticated-orcid":false,"given":"Ivan","family":"Puddu","sequence":"additional","affiliation":[{"name":"ETH Zurich, Zurich, Switzerland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-0829-6320","authenticated-orcid":false,"given":"Nicolas","family":"Dutly","sequence":"additional","affiliation":[{"name":"ETH Zurich, Zurich, Switzerland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5727-3673","authenticated-orcid":false,"given":"Srdjan","family":"Capkun","sequence":"additional","affiliation":[{"name":"ETH Zurich, Zurich, Switzerland"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2025,8,24]]},"reference":[{"key":"e_1_3_3_2_2_2","doi-asserted-by":"publisher","DOI":"10.1007\/11967668_15"},{"key":"e_1_3_3_2_3_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-49890-3_24"},{"key":"e_1_3_3_2_4_2","doi-asserted-by":"crossref","unstructured":"J\u00a0Bacelar Almeida Manuel Barbosa Jorge\u00a0S Pinto and B\u00e1rbara Vieira. 2013. Formal verification of side-channel countermeasures using self-composition. Science of Computer Programming 78 7 (2013) 796\u2013812.","DOI":"10.1016\/j.scico.2011.10.008"},{"key":"e_1_3_3_2_5_2","unstructured":"Jean-Philippe Aumasson. 2012. A cryptography coding standard. https:\/\/web.archive.org\/web\/20190203024646\/https:\/\/cryptocoding.net\/index.php\/Coding_rules."},{"key":"e_1_3_3_2_6_2","unstructured":"Jean-Philippe Aumasson. 2019. Cryptocoding. https:\/\/github.com\/veorq\/cryptocoding."},{"key":"e_1_3_3_2_7_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00008"},{"key":"e_1_3_3_2_8_2","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660283"},{"key":"e_1_3_3_2_9_2","doi-asserted-by":"publisher","unstructured":"Gilles Barthe Sandrine Blazy Benjamin Gr\u00e9goire R\u00e9mi Hutin Vincent Laporte David Pichardie and Alix Trieu. 2019. Formal Verification of a Constant-Time Preserving C Compiler. Cryptology ePrint Archive Paper 2019\/926. 10.1145\/3371075 https:\/\/eprint.iacr.org\/2019\/926.","DOI":"10.1145\/3371075"},{"key":"e_1_3_3_2_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2018.00031"},{"key":"e_1_3_3_2_11_2","first-page":"917","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Bond Barry","year":"2017","unstructured":"Barry Bond, Chris Hawblitzel, Manos Kapritsos, K.\u00a0Rustan\u00a0M. Leino, Jacob\u00a0R. Lorch, Bryan Parno, Ashay Rane, Srinath Setty, and Laure Thompson. 2017. Vale: Verifying High-Performance Cryptographic Assembly Code. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 917\u2013934. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/bond"},{"key":"e_1_3_3_2_12_2","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484583"},{"key":"e_1_3_3_2_13_2","doi-asserted-by":"publisher","DOI":"10.1145\/3314221.3314605"},{"key":"e_1_3_3_2_14_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00074"},{"key":"e_1_3_3_2_15_2","unstructured":"Frank Denis. [n. d.]. libsodium. https:\/\/github.com\/jedisct1\/libsodium"},{"key":"e_1_3_3_2_16_2","doi-asserted-by":"crossref","unstructured":"Goran Doychev Boris K\u00f6pf Laurent Mauborgne and Jan Reineke. 2015. Cacheaudit: A tool for the static analysis of cache side channels. ACM Transactions on Information and System Security (TISSEC) 18 1 (2015) 1\u201332.","DOI":"10.1145\/2756550"},{"key":"e_1_3_3_2_17_2","unstructured":"Nicolas Dutly and Moritz Schneider. [n. d.]. Microsurf. https:\/\/github.com\/Jumpst3r\/microsurf."},{"key":"e_1_3_3_2_18_2","unstructured":"Rich Felker. [n. d.]. musl libc. https:\/\/musl.libc.org\/."},{"key":"e_1_3_3_2_19_2","unstructured":"Google. 2014. BoringSSL. https:\/\/boringssl.googlesource.com\/boringssl\/"},{"key":"e_1_3_3_2_20_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICST46399.2020.00063"},{"key":"e_1_3_3_2_21_2","unstructured":"Intel. 2007. Intel Pin - A dynamic binary instrumentation framework. https:\/\/www.intel.com\/content\/www\/us\/en\/developer\/articles\/tool\/pin-a-dynamic-binary-instrumentation-tool.html."},{"key":"e_1_3_3_2_22_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833713"},{"key":"e_1_3_3_2_23_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-48965-0_36"},{"key":"e_1_3_3_2_24_2","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-48405-1_25"},{"key":"e_1_3_3_2_25_2","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-68697-5_9"},{"key":"e_1_3_3_2_26_2","unstructured":"Adam Langley. 2010. Checking that functions are constant time with Valgrind. https:\/\/www.imperialviolet.org\/2010\/04\/01\/ctgrind.html."},{"key":"e_1_3_3_2_27_2","unstructured":"Kaijern Lau and Anh\u00a0Quynh Nguyen. [n. d.]. Qiling Framework. https:\/\/github.com\/qilingframework\/qiling."},{"key":"e_1_3_3_2_28_2","first-page":"557","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Lee Sangho","year":"2017","unstructured":"Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado. 2017. Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 557\u2013574. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/lee-sangho"},{"key":"e_1_3_3_2_29_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.43"},{"key":"e_1_3_3_2_30_2","unstructured":"Jack Lloyd. 2000. Botan: Crypto and TLS for Modern C++. https:\/\/botan.randombit.net\/"},{"key":"e_1_3_3_2_31_2","unstructured":"LLVM. [n. d.]. LLVM Language Reference Manual. https:\/\/llvm.org\/docs\/LangRef.html."},{"key":"e_1_3_3_2_32_2","doi-asserted-by":"crossref","unstructured":"Chi-Keung Luk Robert Cohn Robert Muth Harish Patil Artur Klauser Geoff Lowney Steven Wallace Vijay\u00a0Janapa Reddi and Kim Hazelwood. 2005. Pin: building customized program analysis tools with dynamic instrumentation. Acm sigplan notices 40 6 (2005) 190\u2013200.","DOI":"10.1145\/1064978.1065034"},{"key":"e_1_3_3_2_33_2","first-page":"865","volume-title":"24th USENIX Security Symposium (USENIX Security 15)","author":"Masti Ramya\u00a0Jayaram","year":"2015","unstructured":"Ramya\u00a0Jayaram Masti, Devendra Rai, Aanjhan Ranganathan, Christian M\u00fcller, Lothar Thiele, and Srdjan Capkun. 2015. Thermal Covert Channels on Multi-core Platforms. In 24th USENIX Security Symposium (USENIX Security 15). USENIX Association, Washington, D.C., 865\u2013880. https:\/\/www.usenix.org\/conference\/usenixsecurity15\/technical-sessions\/presentation\/masti"},{"key":"e_1_3_3_2_34_2","doi-asserted-by":"crossref","unstructured":"Ahmad Moghimi Jan Wichelmann Thomas Eisenbarth and Berk Sunar. 2019. Memjam: A false dependency attack against constant-time crypto implementations. International Journal of Parallel Programming 47 (2019) 538\u2013570.","DOI":"10.1007\/s10766-018-0611-9"},{"key":"e_1_3_3_2_35_2","unstructured":"Andrew Moon. [n. d.]. poly1305-donna. https:\/\/github.com\/floodyberry\/poly1305-donna."},{"key":"e_1_3_3_2_36_2","unstructured":"Anh\u00a0Quynh Nguyen and Hoang\u00a0Vu Dang. [n. d.]. Unicorn: Next Generation CPU Emulator Framework. https:\/\/github.com\/unicorn-engine\/unicorn."},{"key":"e_1_3_3_2_37_2","unstructured":"Todd Ouska. 2006. WolfSSL: Embedded TLS Library. https:\/\/www.wolfssl.com\/"},{"key":"e_1_3_3_2_38_2","unstructured":"Thomas Pornin. 2016. BearSSL: a smaller SSL\/TLS library. https:\/\/bearssl.org\/"},{"key":"e_1_3_3_2_39_2","first-page":"431","volume-title":"24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, August 12-14, 2015","author":"Rane Ashay","year":"2015","unstructured":"Ashay Rane, Calvin Lin, and Mohit Tiwari. 2015. Raccoon: Closing Digital Side-Channels through Obfuscated Execution. In 24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, August 12-14, 2015, Jaeyeon Jung and Thorsten Holz (Eds.). USENIX Association, 431\u2013446. https:\/\/www.usenix.org\/conference\/usenixsecurity15\/technical-sessions\/presentation\/rane"},{"key":"e_1_3_3_2_40_2","doi-asserted-by":"publisher","DOI":"10.5555\/3130379.3130776"},{"key":"e_1_3_3_2_41_2","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243775"},{"key":"e_1_3_3_2_42_2","unstructured":"Moritz Schneider and Nicolas Dutly. [n. d.]. Breaking Bad Evaluation Infrastructure. https:\/\/github.com\/Jumpst3r\/breaking-bad-eval-infra."},{"key":"e_1_3_3_2_43_2","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2018.00009"},{"key":"e_1_3_3_2_44_2","unstructured":"The OpenSSL Project. 2003. OpenSSL: The Open Source toolkit for SSL\/TLS. (April 2003). www.openssl.org."},{"key":"e_1_3_3_2_45_2","unstructured":"TrustedFirmware. 2009. MbedTLS. https:\/\/www.trustedfirmware.org\/projects\/mbed-tls\/"},{"key":"e_1_3_3_2_46_2","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243822"},{"key":"e_1_3_3_2_47_2","first-page":"1767","volume-title":"29th USENIX Security Symposium, USENIX Security 2020, August 12-14, 2020","author":"Weiser Samuel","year":"2020","unstructured":"Samuel Weiser, David Schrammel, Lukas Bodner, and Raphael Spreitzer. 2020. Big Numbers - Big Troubles: Systematically Analyzing Nonce Leakage in (EC)DSA Implementations. In 29th USENIX Security Symposium, USENIX Security 2020, August 12-14, 2020, Srdjan Capkun and Franziska Roesner (Eds.). USENIX Association, 1767\u20131784. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/weiser"},{"key":"e_1_3_3_2_48_2","first-page":"603","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Weiser Samuel","year":"2018","unstructured":"Samuel Weiser, Andreas Zankl, Raphael Spreitzer, Katja Miller, Stefan Mangard, and Georg Sigl. 2018. DATA \u2013 Differential Address Trace Analysis: Finding Address-based Side-Channels in Binaries. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 603\u2013620. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/weiser"},{"key":"e_1_3_3_2_49_2","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274741"},{"key":"e_1_3_3_2_50_2","doi-asserted-by":"crossref","unstructured":"Yuval Yarom Daniel Genkin and Nadia Heninger. 2017. CacheBleed: a timing attack on OpenSSL constant-time RSA. Journal of Cryptographic Engineering 7 (2017) 99\u2013112.","DOI":"10.1007\/s13389-017-0152-y"},{"key":"e_1_3_3_2_51_2","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134043"}],"event":{"name":"ASIA CCS '25: 20th ACM Asia Conference on Computer and Communications Security","location":"Hanoi Vietnam","acronym":"ASIA CCS '25","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 20th ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3708821.3733909","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,31]],"date-time":"2025-08-31T13:32:51Z","timestamp":1756647171000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3708821.3733909"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,24]]},"references-count":50,"alternative-id":["10.1145\/3708821.3733909","10.1145\/3708821"],"URL":"https:\/\/doi.org\/10.1145\/3708821.3733909","relation":{},"subject":[],"published":{"date-parts":[[2025,8,24]]},"assertion":[{"value":"2025-08-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}