English
Related papers

Related papers: Microwalk-CI: Practical Side-Channel Analysis for …

200 papers
MicroWalk: A Framework for Finding Side Channels in Binaries

Microarchitectural side channels expose unprotected software to information leakage attacks where a software adversary is able to track runtime behavior of a benign process and steal secrets such as cryptographic keys. As suggested by…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Ahmad Moghimi , Thomas Eisenbarth , Berk Sunar
A Systematic Evaluation of Automated Tools for Side-Channel Vulnerabilities Detection in Cryptographic Libraries

To protect cryptographic implementations from side-channel vulnerabilities, developers must adopt constant-time programming practices. As these can be error-prone, many side-channel detection tools have been proposed. Despite this, such…

Cryptography and Security · Computer Science 2023-10-13 Antoine Geimer , Mathéo Vergnolle , Frédéric Recoules , Lesly-Ann Daniel , Sébastien Bardin , Clémentine Maurice
Towards Automated Detection of Single-Trace Side-Channel Vulnerabilities in Constant-Time Cryptographic Code

Although cryptographic algorithms may be mathematically secure, it is often possible to leak secret information from the implementation of the algorithms. Timing and power side-channel vulnerabilities are some of the most widely considered…

Cryptography and Security · Computer Science 2023-10-31 Ferhat Erata , Ruzica Piskac , Victor Mateu , Jakub Szefer
A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks and Defenses in Cryptography

Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems. One popular type of such attacks is the microarchitectural attack, where the adversary exploits the hardware features to break the…

Cryptography and Security · Computer Science 2021-03-29 Xiaoxuan Lou , Tianwei Zhang , Jun Jiang , Yinqian Zhang
Microarchitectural Leakage Templates and Their Application to Cache-Based Side Channels

The complexity of modern processor architectures has given rise to sophisticated interactions among their components. Such interactions may result in potential attack vectors in terms of side channels, possibly available to user-land…

Cryptography and Security · Computer Science 2022-11-28 Ahmad Ibrahim , Hamed Nemati , Till Schlüter , Nils Ole Tippenhauer , Christian Rossow
Revisiting and Evaluating Software Side-channel Vulnerabilities and Countermeasures in Cryptographic Applications

We systematize software side-channel attacks with a focus on vulnerabilities and countermeasures in the cryptographic implementations. Particularly, we survey past research literature to categorize vulnerable implementations, and identify…

Cryptography and Security · Computer Science 2019-12-13 Tianwei Zhang , Jun Jiang , Yinqian Zhang
SILENT: A New Lens on Statistics in Software Timing Side Channels

Cryptographic research takes software timing side channels seriously. Approaches to mitigate them include constant-time coding and techniques to enforce such practices. However, recent attacks like Meltdown [42], Spectre [37], and…

Cryptography and Security · Computer Science 2025-04-29 Martin Dunsche , Patrick Bastian , Marcel Maehren , Nurullah Erinola , Robert Merget , Nicolai Bissantz , Holger Dette , Jörg Schwenk
CacheQL: Quantifying and Localizing Cache Side-Channel Vulnerabilities in Production Software

Cache side-channel attacks extract secrets by examining how victim software accesses cache. To date, practical attacks on cryptosystems and media libraries are demonstrated under different scenarios, inferring secret keys and reconstructing…

Cryptography and Security · Computer Science 2022-10-04 Yuanyuan Yuan , Zhibo Liu , Shuai Wang
Did we learn from LLC Side Channel Attacks? A Cache Leakage Detection Tool for Crypto Libraries

This work presents a new tool to verify the correctness of cryptographic implementations with respect to cache attacks. Our methodology discovers vulnerabilities that are hard to find with other techniques, observed as exploitable leakage.…

Cryptography and Security · Computer Science 2017-09-07 Gorka Irazoqui , Kai Cong , Xiaofei Guo , Hareesh Khattri , Arun Kanuparthi , Thomas Eisenbarth , Berk Sunar
SoK: Design Tools for Side-Channel-Aware Implementations

Side-channel attacks that leak sensitive information through a computing device's interaction with its physical environment have proven to be a severe threat to devices' security, particularly when adversaries have unfettered physical…

Cryptography and Security · Computer Science 2021-06-15 Ileana Buhan , Lejla Batina , Yuval Yarom , Patrick Schaumont
MAMBO-V: Dynamic Side-Channel Leakage Analysis on RISC-V

RISC-V is an emerging technology, with applications ranging from embedded devices to high-performance servers. Therefore, more and more security-critical workloads will be conducted with code that is compiled for RISC-V. Well-known…

Cryptography and Security · Computer Science 2023-09-28 Jan Wichelmann , Christopher Peredy , Florian Sieck , Anna Pätschke , Thomas Eisenbarth
Efficient Detection and Quantification of Timing Leaks with Neural Networks

Detection and quantification of information leaks through timing side channels are important to guarantee confidentiality. Although static analysis remains the prevalent approach for detecting timing side channels, it is computationally…

Cryptography and Security · Computer Science 2019-07-25 Saeid Tizpaz-Niari , Pavol Cerny , Sriram Sankaranarayanan , Ashutosh Trivedi
Software-based Microarchitectural Attacks

Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Software-based microarchitectural attacks exploit effects of these…

Cryptography and Security · Computer Science 2017-06-20 Daniel Gruss
Towards Efficient Verification of Constant-Time Cryptographic Implementations

Timing side-channel attacks exploit secret-dependent execution time to fully or partially recover secrets of cryptographic implementations, posing a severe threat to software security. Constant-time programming discipline is an effective…

Cryptography and Security · Computer Science 2024-02-22 Luwei Cai , Fu Song , Taolue Chen
Systematic Timing Leakage Analysis of NIST PQDSS Candidates: Tooling and Lessons Learned

The PQDSS standardization process requires cryptographic primitives to be free from vulnerabilities, including timing and cache side-channels. Resistance to timing leakage is therefore an essential property, and achieving this typically…

Cryptography and Security · Computer Science 2025-09-05 Olivier Adjonyo , Sebastien Bardin , Emanuele Bellini , Gilbert Ndollane Dione , Mahmudul Faisal Al Ameen , Robert Merget , Frederic Recoules , Yanis Sellami
Real-time Detection and Adaptive Mitigation of Power-based Side-Channel Leakage in SoC

Power-based side-channel is a serious security threat to the System on Chip (SoC). The secret information is leaked from the power profile of the system while a cryptographic algorithm is running. The mitigation requires efforts from both…

Cryptography and Security · Computer Science 2021-07-06 Pantea Kiaei , Yuan Yao , Patrick Schaumont
Breaking Bad: How Compilers Break Constant-Time Implementations

The implementations of most hardened cryptographic libraries use defensive programming techniques for side-channel resistance. These techniques are usually specified as guidelines to developers on specific code patterns to use or avoid.…

Cryptography and Security · Computer Science 2025-09-03 Moritz Schneider , Daniele Lain , Ivan Puddu , Nicolas Dutly , Srdjan Capkun
DALC-CT: Dynamic Analysis of Low-Level Code Traces for Constant-Time Verification

Timing side-channel attacks exploit variations in program execution time to recover sensitive information. Cryptographic implementations are especially vulnerable to these attacks, since even small timing differences in operations such as…

Cryptography and Security · Computer Science 2026-04-21 Nges Brian Njungle , Edwin P. Kayang , Mishel J. Paul , Michel A. Kinsy
Rethinking Side-Channel Analysis: Automated Discovery and Analysis of Side-Channel Leakage with LLM-Assisted Agents

Side-channel attacks exploit unintended information leakage from system behavior and continue to pose serious privacy risks in modern platforms. Despite extensive prior work, side-channel analysis remains largely manual and fragmented,…

Cryptography and Security · Computer Science 2026-05-19 Zhen Xu , Zihao Wang , Yuhua Sun , XiaoFeng Wang
SecDocker: Hardening the Continuous Integration Workflow

Current Continuous Integration processes face significant intrinsic cybersecurity challenges. The idea is not only to solve and test formal or regulatory security requirements of source code but also to adhere to the same principles to the…

Cryptography and Security · Computer Science 2021-12-14 David Fernández González , Francisco Javier Rodríguez Lera , Gonzalo Esteban , Camino Fernández Llamas
‹ Prev 1 2 3 10 Next ›