English
Related papers

Related papers: Fun with flags: How Compilers Break and Fix Consta…

200 papers

The implementations of most hardened cryptographic libraries use defensive programming techniques for side-channel resistance. These techniques are usually specified as guidelines to developers on specific code patterns to use or avoid.…

Cryptography and Security · Computer Science 2025-09-03 Moritz Schneider , Daniele Lain , Ivan Puddu , Nicolas Dutly , Srdjan Capkun

The code generation modules inside modern compilers such as GCC and LLVM, which use a limited number of CPU registers to store a large number of program variables, may introduce side-channel leaks even in software equipped with…

Cryptography and Security · Computer Science 2019-02-28 Jingbo Wang , Chungha Sung , Chao Wang

When implementing secure software, developers must ensure certain requirements, such as the erasure of secret data after its use and execution in real time. Such requirements are not explicitly captured by the C language and could…

Cryptography and Security · Computer Science 2019-07-08 A. P. Shivarpatna Venkatesh , A. Bhat Handadi , M. Mory

Secure applications implement software protections against side-channel and physical attacks. Such protections are meaningful at machine code or micro-architectural level, but they typically do not carry observable semantics at source…

Cryptography and Security · Computer Science 2021-01-18 Son Tuan Vu , Albert Cohen , Karine Heydemann , Arnaud de Grandmaison , Christophe Guillon

As software becomes larger, programming languages become higher-level, and processors continue to fail to be clocked faster, we'll increasingly require compilers to reduce code bloat, eliminate abstraction penalties, and exploit interesting…

Programming Languages · Computer Science 2018-09-10 Nuno P. Lopes , John Regehr

Compilers are complex, and significant effort has been expended on testing them. Techniques such as random program generation and differential testing have proved highly effective and have uncovered thousands of bugs in production…

Software Engineering · Computer Science 2025-01-03 Davide Italiano , Chris Cummins

Compiler optimization techniques are inherently complex, and rigorous testing of compiler optimization implementation is critical. Recent years have witnessed the emergence of testing approaches for uncovering incorrect optimization bugs,…

Software Engineering · Computer Science 2025-04-08 Jingwen Wu , Jiajing Zheng , Zhenyu Yang , Zhongxing Yu

A compiler processes the code written in a high level language and produces machine executable code. The compiler writers often face the challenge of keeping the compilation times reasonable. That is because aggressive optimization passes…

Programming Languages · Computer Science 2019-05-30 Sanket Tavarageri

Cryptographic research takes software timing side channels seriously. Approaches to mitigate them include constant-time coding and techniques to enforce such practices. However, recent attacks like Meltdown [42], Spectre [37], and…

Cryptography and Security · Computer Science 2025-04-29 Martin Dunsche , Patrick Bastian , Marcel Maehren , Nurullah Erinola , Robert Merget , Nicolai Bissantz , Holger Dette , Jörg Schwenk

Obfuscating compilers protect a software by obscuring its meaning and impeding the reconstruction of its original source code. The typical concern when defining such compilers is their robustness against reverse engineering and the…

Programming Languages · Computer Science 2020-03-13 Matteo Busi , Pierpaolo Degano , Letterio Galletta

Recent work has shown that Just-In-Time (JIT) compilation can introduce timing side-channels to constant-time programs, which would otherwise be a principled and effective means to counter timing attacks. In this paper, we propose a novel…

Programming Languages · Computer Science 2022-03-01 Qi Qin , JulianAndres JiYang , Fu Song , Taolue Chen , Xinyu Xing

We develop a new notion of security against timing attacks where the attacker is able to simultaneously observe the execution time of a program and the probability of the values of low variables. We then show how to measure the security of…

Cryptography and Security · Computer Science 2008-07-25 Alessandra Di Pierro , Chris Hankin , Herbert Wiklicky

Despite extensive testing and correctness certification of their functional semantics, a number of compiler optimizations have been shown to violate security guarantees implemented in source code. While prior work has shed light on how such…

Cryptography and Security · Computer Science 2021-09-30 Michael D. Brown , Matthew Pruett , Robert Bigelow , Girish Mururu , Santosh Pande

Side-channel attacks impose a serious threat to cryptographic algorithms, including widely employed ones, such as AES and RSA. These attacks take advantage of the algorithm implementation in hardware or software to extract secret…

Cryptography and Security · Computer Science 2022-12-06 Rodothea Myrsini Tsoupidi , Roberto Castañeda Lozano , Elena Troubitsyna , Panagiotis Papadimitratos

Timing and cache side channels provide powerful attacks against many sensitive operations including cryptographic implementations. Existing defenses cannot protect against all classes of such attacks without incurring prohibitive…

Cryptography and Security · Computer Science 2015-09-01 Benjamin A. Braun , Suman Jana , Dan Boneh

Generating performant executables from high level languages is critical to software performance across a wide range of domains. Modern compilers perform this task by passing code through a series of well-studied optimizations at…

Programming Languages · Computer Science 2026-04-07 Benjamin Mikek , Danylo Vashchilenko , Bryan Lu , Panpan Xu

Content composition vulnerabilities remain among the most prevalent and persistent classes of security weakness in deployed software. Prior mitigations, including developer training, static analysis tools, and domain-specific template…

Programming Languages · Computer Science 2026-05-19 Mike Samuel , Tom Palmer , Shaw Summa , Robert Grayson

Widely used compilers like GCC and LLVM usually have hundreds of optimizations controlled by optimization flags, which are enabled or disabled during compilation to improve runtime performance (e.g., small execution time) of the compiler…

Programming Languages · Computer Science 2023-05-01 Mingxuan Zhu , Dan Hao , Junjie Chen

Power-based side-channel is a serious security threat to the System on Chip (SoC). The secret information is leaked from the power profile of the system while a cryptographic algorithm is running. The mitigation requires efforts from both…

Cryptography and Security · Computer Science 2021-07-06 Pantea Kiaei , Yuan Yao , Patrick Schaumont

We claim that existing techniques and tools for generating and verifying constant-time code are incomplete, since they rely on assumptions that compiler optimization passes do not break constant-timeness or that certain operations execute…

Cryptography and Security · Computer Science 2023-11-27 Garrett Gu , Hovav Shacham
‹ Prev 1 2 3 10 Next ›