English
Related papers

Related papers: Eliminating Timing Side-Channel Leaks using Progra…

200 papers

We present a kernel-level infrastructure that allows system-wide detection of malicious applications attempting to exploit cache-based side-channel attacks to break the process confinement enforced by standard operating systems. This…

Cryptography and Security · Computer Science 2024-02-22 Stefano Carnà , Serena Ferracci , Francesco Quaglia , Alessandro Pellegrini

Deployed large language models (LLMs) often rely on speculative decoding, a technique that generates and verifies multiple candidate tokens in parallel, to improve throughput and latency. In this work, we reveal a new side-channel whereby…

Computation and Language · Computer Science 2026-02-12 Jiankun Wei , Abdulrahman Abdulrazzag , Tianchen Zhang , Adel Muursepp , Gururaj Saileshwar

Context switching is utilized by operating systems to change the execution context between application programs. It involves saving and restoring the states of multiple registers and performing a pipeline flush to remove any pre-fetched…

Cryptography and Security · Computer Science 2025-07-31 Sahan Sanjaya , Aruna Jayasena , Prabhat Mishra

Side-channel attacks are efficient attacks against cryptographic devices. They use only quantities observable from outside, such as the duration and the power consumption. Attacks against synchronous devices using electric observations are…

Cryptography and Security · Computer Science 2008-09-24 Philippe Hoogvorst , Sylvain Guilley , Sumanta Chaudhuri , Jean-Luc Danger , Taha Beyrouthy , Laurent Fesquet

Compression is an emerging source of exploitable side-channel leakage that threatens data security, particularly in web applications where compression is indispensable for performance reasons. Current approaches to mitigating compression…

Cryptography and Security · Computer Science 2019-09-19 Brandon Paulsen , Chungha Sung , Peter A. H. Peterson , Chao Wang

Large Language Models (LLMs) that can be deployed locally have recently gained popularity for privacy-sensitive tasks, with companies such as Meta, Google, and Intel playing significant roles in their development. However, the security of…

Cryptography and Security · Computer Science 2025-06-17 Zibo Gao , Junjie Hu , Feng Guo , Yixin Zhang , Yinglong Han , Siyuan Liu , Haiyang Li , Zhiqiang Lv

Supervised deep learning has emerged as an effective tool for carrying out power side-channel attacks on cryptographic implementations. While increasingly-powerful deep learning-based attacks are regularly published, comparatively-little…

Machine Learning · Computer Science 2024-10-31 Jimmy Gammell , Anand Raghunathan , Kaushik Roy

Trusted Execution Environments (TEEs) are gradually adopted by major cloud providers, offering a practical option of \emph{confidential computing} for users who don't fully trust public clouds. TEEs use CPU-enabled hardware features to…

Cryptography and Security · Computer Science 2023-08-15 AKM Mubashwir Alam , Keke Chen

Realizing flow security in a concurrent environment is extremely challenging, primarily due to non-deterministic nature of execution. The difficulty is further exacerbated from a security angle if sequential threads disclose control…

Programming Languages · Computer Science 2021-03-04 Sandip Ghosal , R. K. Shyamasundar

We propose a novel approach to improving software security called Cryptographic Path Hardening, which is aimed at hiding security vulnerabilities in software from attackers through the use of provably secure and obfuscated cryptographic…

Software Engineering · Computer Science 2012-02-03 Vijay Ganesh , Michael Carbin , Martin Rinard

Cryptographic libraries, an essential part of cybersecurity, are shown to be susceptible to different types of attacks, including side-channel and memory-corruption attacks. In this article, we examine popular cryptographic libraries in…

Cryptography and Security · Computer Science 2026-05-21 Rodothea Myrsini Tsoupidi , Elena Troubitsyna , Panos Papadimitratos

In the era of microarchitectural side channels, vendors scramble to deploy mitigations for transient execution attacks, but leave traditional side-channel attacks against sensitive software (e.g., crypto programs) to be fixed by developers…

Cryptography and Security · Computer Science 2021-09-16 Pietro Borrello , Daniele Cono D'Elia , Leonardo Querzoni , Cristiano Giuffrida

Side-channel attacks allow an adversary to uncover secret program data by observing the behavior of a program with respect to a resource, such as execution time, consumed memory or response size. Side-channel vulnerabilities are difficult…

Cryptography and Security · Computer Science 2019-02-27 Shirin Nilizadeh , Yannic Noller , Corina S. Pasareanu

Verification of C++ programs has seen considerable progress in several areas, but not for programs that use these languages' mathematical libraries. The reason is that all libraries in widespread use come with no guarantees about the…

Programming Languages · Computer Science 2022-06-23 Roberto Bagnara , Michele Chiari , Roberta Gori , Abramo Bagnara

This paper presents a software-based technique to recover control-flow errors in multithreaded programs. Control-flow error recovery is achieved through inserting additional instructions into multithreaded program at compile time regarding…

Programming Languages · Computer Science 2016-07-27 Navid Khoshavi , Mohammad Maghsoudloo , Hamid R. Zarandi

Trusted execution environments (TEEs) offer hardware-assisted means to protect code and data. However, as shown in numerous results over the years, attackers can use side-channels to leak data access patterns and even single-step the code.…

Cryptography and Security · Computer Science 2025-09-24 Jan Wichelmann , Anja Rabich , Anna P"atschke , Thomas Eisenbarth

The widespread adoption of TLS 1.3 and QUIC has rendered payload content invisible, shifting traffic analysis toward side-channel features. However, rigorous justification for why side-channel leakage is inevitable in encrypted…

Cryptography and Security · Computer Science 2026-02-17 Guangjie Liu , Guang Chen , Weiwei Liu

Line map, an invertible, two-dimensional chaotic encryption algorithm was introduced recently. In this paper, we propose several weaknesses of the method based on standard cryptanalytic attacks. We perform a side-channel attack by observing…

Chaotic Dynamics · Physics 2008-01-12 Nikhil Balaji , Nithin Nagaraj

Side-channel attacks are a major threat to the security of cryptographic implementations, particularly for small devices that are under the physical control of the adversary. While several strategies for protecting against side-channel…

Cryptography and Security · Computer Science 2021-09-27 Madura A. Shelton , Łukasz Chmielewski , Niels Samwel , Markus Wagner , Lejla Batina , Yuval Yarom

Quantum key distribution can provide unconditionally secure key exchange for remote users in theory. In practice, however, in most quantum key distribution systems, quantum hackers might steal the secure keys by listening to the side…