English
Related papers

Related papers: Empirical Analysis of Software Vulnerabilities Cau…

200 papers

This empirical paper examines the time delays that occur between the publication of Common Vulnerabilities and Exposures (CVEs) in the National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS) information…

Cryptography and Security · Computer Science 2018-01-12 Jukka Ruohonen

Modern processors dynamically control their operating frequency to optimize resource utilization, maximize energy savings, and conform to system-defined constraints. If, during the execution of a software workload, the running average of…

Cryptography and Security · Computer Science 2023-05-25 Chen Liu , Abhishek Chakraborty , Nikhil Chawla , Neer Roggel

Timing side-channels are an important threat to cryptography that still needs to be addressed in implementations, and the advent of post-quantum cryptography raises this issue because the lattice-based schemes may produce secret-dependent…

Cryptography and Security · Computer Science 2025-12-30 Aayush Mainali , Sirjan Ghimire

Detection and quantification of information leaks through timing side channels are important to guarantee confidentiality. Although static analysis remains the prevalent approach for detecting timing side channels, it is computationally…

Cryptography and Security · Computer Science 2019-07-25 Saeid Tizpaz-Niari , Pavol Cerny , Sriram Sankaranarayanan , Ashutosh Trivedi

Microarchitectural side channels expose unprotected software to information leakage attacks where a software adversary is able to track runtime behavior of a benign process and steal secrets such as cryptographic keys. As suggested by…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Ahmad Moghimi , Thomas Eisenbarth , Berk Sunar

Besides cryptographic secrets, side-channel attacks also leak sensitive user input. The most accurate attacks exploit cache timings or interrupt information to monitor keystroke timings and subsequently infer typed words and sentences.…

Cryptography and Security · Computer Science 2017-06-21 Michael Schwarz , Moritz Lipp , Daniel Gruss , Samuel Weiser , Clémentine Maurice , Raphael Spreitzer , Stefan Mangard

GPUs are increasingly being used in security applications, especially for accelerating encryption/decryption. While GPUs are an attractive platform in terms of performance, the security of these devices raises a number of concerns. One…

Cryptography and Security · Computer Science 2020-08-03 Elmira Karimi , Yunsi Fei , David Kaeli

We demonstrate that the format in which private keys are persisted impacts Side Channel Analysis (SCA) security. Surveying several widely deployed software libraries, we investigate the formats they support, how they parse these keys, and…

Cryptography and Security · Computer Science 2020-04-02 Cesar Pereida García , Sohaib ul Hassan , Nicola Tuveri , Iaroslav Gridin , Alejandro Cabrera Aldaya , Billy Bob Brumley

Time variation during program execution can leak sensitive information. Time variations due to program control flow and hardware resource contention have been used to steal encryption keys in cipher implementations such as AES and RSA. A…

Cryptography and Security · Computer Science 2017-03-23 Zelalem Birhanu Aweke , Todd Austin

The wide deployment of Large Language Models (LLMs) has given rise to strong demands for optimizing their inference performance. Today's techniques serving this purpose primarily focus on reducing latency and improving throughput through…

Cryptography and Security · Computer Science 2025-10-22 Linke Song , Zixuan Pang , Wenhao Wang , Zihao Wang , XiaoFeng Wang , Hongbo Chen , Wei Song , Yier Jin , Dan Meng , Rui Hou

Deep learning is gaining importance in many applications. However, Neural Networks face several security and privacy threats. This is particularly significant in the scenario where Cloud infrastructures deploy a service with Neural Network…

Cryptography and Security · Computer Science 2019-07-09 Vasisht Duddu , Debasis Samanta , D Vijay Rao , Valentina E. Balas

Real-time cyber-physical systems depend on deterministic task execution to guarantee safety and correctness. Unfortunately, this determinism can unintentionally expose timing information that enables adversaries to infer task execution…

Systems and Control · Electrical Eng. & Systems 2026-02-04 Arkaprava Sain , Sunandan Adhikary , Soumyajit Dey

Side-channel attacks allow an adversary to uncover secret program data by observing the behavior of a program with respect to a resource, such as execution time, consumed memory or response size. Side-channel vulnerabilities are difficult…

Cryptography and Security · Computer Science 2019-02-27 Shirin Nilizadeh , Yannic Noller , Corina S. Pasareanu

Side-channel attacks on memory (SCAM) exploit unintended data leaks from memory subsystems to infer sensitive information, posing significant threats to system security. These attacks exploit vulnerabilities in memory access patterns, cache…

Cryptography and Security · Computer Science 2025-05-09 MD Mahady Hassan , Shanto Roy , Reza Rahaeimehr

We develop a new notion of security against timing attacks where the attacker is able to simultaneously observe the execution time of a program and the probability of the values of low variables. We then show how to measure the security of…

Cryptography and Security · Computer Science 2008-07-25 Alessandra Di Pierro , Chris Hankin , Herbert Wiklicky

To be secure, cryptographic algorithms crucially rely on the underlying hardware to avoid inadvertent leakage of secrets through timing side channels. Unfortunately, such timing channels are ubiquitous in modern hardware, due to its…

Cryptography and Security · Computer Science 2019-10-09 Klaus v. Gleissenthall , Rami Gökhan Kıcı , Deian Stefan , Ranjit Jhala

To defeat side-channel attacks, many recent countermeasures work by enforcing random run-time variability to the target computing platform in terms of clock jitters, frequency and voltage scaling, and phase shift, also combining the…

Cryptography and Security · Computer Science 2024-09-17 Davide Galli , Adriano Guarisco , William Fornaciari , Matteo Matteucci , Davide Zoni

Timing side channels pose a significant threat to the security and privacy of software applications. We propose an approach for mitigating this problem by decreasing the strength of the side channels as measured by entropy-based objectives,…

Cryptography and Security · Computer Science 2019-06-24 Saeid Tizpaz-Niari , Pavol Cerny , Ashutosh Trivedi

Recent work on Side Channel Analysis (SCA) targets old, well-known vulnerabilities, even previously exploited, reported, and patched in high-profile cryptography libraries. Nevertheless, researchers continue to find and exploit the same…

Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Software-based microarchitectural attacks exploit effects of these…

Cryptography and Security · Computer Science 2017-06-20 Daniel Gruss