{"id":"https://openalex.org/W4226079134","doi":"https://doi.org/10.1109/tdsc.2022.3160346","title":"ENCIDER: Detecting Timing and Cache Side Channels in SGX Enclaves and Cryptographic APIs","display_name":"ENCIDER: Detecting Timing and Cache Side Channels in SGX Enclaves and Cryptographic APIs","publication_year":2022,"publication_date":"2022-03-17","ids":{"openalex":"https://openalex.org/W4226079134","doi":"https://doi.org/10.1109/tdsc.2022.3160346"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2022.3160346","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2022.3160346","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5056009068","display_name":"Tuba Yavuz","orcid":"https://orcid.org/0000-0002-5542-2142"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Tuba Yavuz","raw_affiliation_strings":["Electrical and Computer Engineering, University of Florida, Gainesville, FL, USA"],"affiliations":[{"raw_affiliation_string":"Electrical and Computer Engineering, University of Florida, Gainesville, FL, USA","institution_ids":["https://openalex.org/I33213144"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073132031","display_name":"Farhaan Fowze","orcid":"https://orcid.org/0000-0002-3575-3067"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Farhaan Fowze","raw_affiliation_strings":["Electrical and Computer Engineering, University of Florida, Gainesville, FL, USA"],"affiliations":[{"raw_affiliation_string":"Electrical and Computer Engineering, University of Florida, Gainesville, FL, USA","institution_ids":["https://openalex.org/I33213144"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112306377","display_name":"Grant Hernandez","orcid":"https://orcid.org/0000-0002-2093-6223"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Grant Hernandez","raw_affiliation_strings":["CISE Department, University of Florida Herbert Wertheim College of Engineering, Gainesville, FL, USA"],"affiliations":[{"raw_affiliation_string":"CISE Department, University of Florida Herbert Wertheim College of Engineering, Gainesville, FL, USA","institution_ids":["https://openalex.org/I33213144"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084845713","display_name":"Ken Yihang Bai","orcid":"https://orcid.org/0000-0002-4082-4165"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ken Yihang Bai","raw_affiliation_strings":["Electrical and Computer Engineering, University of Florida, Gainesville, FL, USA"],"affiliations":[{"raw_affiliation_string":"Electrical and Computer Engineering, University of Florida, Gainesville, FL, USA","institution_ids":["https://openalex.org/I33213144"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039485542","display_name":"Kevin Butler","orcid":"https://orcid.org/0000-0002-7498-4239"},"institutions":[{"id":"https://openalex.org/I33213144","display_name":"University of Florida","ror":"https://ror.org/02y3ad647","country_code":"US","type":"education","lineage":["https://openalex.org/I33213144"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kevin R. B. Butler","raw_affiliation_strings":["Computer and Information Science and Engineering, University of Florida, Gainesville, FL, USA"],"affiliations":[{"raw_affiliation_string":"Computer and Information Science and Engineering, University of Florida, Gainesville, FL, USA","institution_ids":["https://openalex.org/I33213144"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5015662045","display_name":"Dave Tian","orcid":"https://orcid.org/0000-0002-7506-9593"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dave Jing Tian","raw_affiliation_strings":["Computer Science Department, Purdue University, West Lafayette, West Lafayette, IN, USA"],"affiliations":[{"raw_affiliation_string":"Computer Science Department, Purdue University, West Lafayette, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5056009068"],"corresponding_institution_ids":["https://openalex.org/I33213144"],"apc_list":null,"apc_paid":null,"fwci":1.592,"has_fulltext":false,"cited_by_count":12,"citation_normalized_percentile":{"value":0.85473197,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"20","issue":"2","first_page":"1577","last_page":"1595"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9857000112533569,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9678999781608582,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/side-channel-attack","display_name":"Side channel attack","score":0.8981034159660339},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8929473161697388},{"id":"https://openalex.org/keywords/cache","display_name":"Cache","score":0.6475303173065186},{"id":"https://openalex.org/keywords/speculative-execution","display_name":"Speculative execution","score":0.5585322976112366},{"id":"https://openalex.org/keywords/byte","display_name":"Byte","score":0.4762263894081116},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.45033812522888184},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3644353449344635},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3630997836589813},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.35180458426475525}],"concepts":[{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.8981034159660339},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8929473161697388},{"id":"https://openalex.org/C115537543","wikidata":"https://www.wikidata.org/wiki/Q165596","display_name":"Cache","level":2,"score":0.6475303173065186},{"id":"https://openalex.org/C141331961","wikidata":"https://www.wikidata.org/wiki/Q2164465","display_name":"Speculative execution","level":2,"score":0.5585322976112366},{"id":"https://openalex.org/C43364308","wikidata":"https://www.wikidata.org/wiki/Q8799","display_name":"Byte","level":2,"score":0.4762263894081116},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.45033812522888184},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3644353449344635},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3630997836589813},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.35180458426475525}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2022.3160346","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2022.3160346","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.800000011920929,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G2769580863","display_name":null,"funder_award_id":"CNS-1815883","funder_id":"https://openalex.org/F4320335353","funder_display_name":"National Science Foundation of Sri Lanka"},{"id":"https://openalex.org/G3961896406","display_name":null,"funder_award_id":"CNS-1942235","funder_id":"https://openalex.org/F4320335353","funder_display_name":"National Science Foundation of Sri Lanka"}],"funders":[{"id":"https://openalex.org/F4320306087","display_name":"Semiconductor Research Corporation","ror":"https://ror.org/047z4n946"},{"id":"https://openalex.org/F4320335353","display_name":"National Science Foundation of Sri Lanka","ror":"https://ror.org/010xaa060"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":39,"referenced_works":["https://openalex.org/W98341770","https://openalex.org/W186684821","https://openalex.org/W1480909796","https://openalex.org/W1533182289","https://openalex.org/W1613874182","https://openalex.org/W1967182706","https://openalex.org/W1977764760","https://openalex.org/W2139799388","https://openalex.org/W2150620897","https://openalex.org/W2163005041","https://openalex.org/W2460965380","https://openalex.org/W2475909893","https://openalex.org/W2515614845","https://openalex.org/W2586555532","https://openalex.org/W2594560662","https://openalex.org/W2604789199","https://openalex.org/W2616901112","https://openalex.org/W2626217303","https://openalex.org/W2735733036","https://openalex.org/W2766853874","https://openalex.org/W2839132370","https://openalex.org/W2885297972","https://openalex.org/W2925685215","https://openalex.org/W2963311060","https://openalex.org/W3089782889","https://openalex.org/W3098582260","https://openalex.org/W3101072679","https://openalex.org/W4246166885","https://openalex.org/W6628261430","https://openalex.org/W6628365534","https://openalex.org/W6637688222","https://openalex.org/W6718621806","https://openalex.org/W6734345789","https://openalex.org/W6743880631","https://openalex.org/W6753443810","https://openalex.org/W6754194261","https://openalex.org/W6762723083","https://openalex.org/W6767429148","https://openalex.org/W6784038495"],"related_works":["https://openalex.org/W2811273613","https://openalex.org/W3131321414","https://openalex.org/W182679101","https://openalex.org/W3006344745","https://openalex.org/W4212981280","https://openalex.org/W2103519941","https://openalex.org/W3180573957","https://openalex.org/W2162805750","https://openalex.org/W2043669269","https://openalex.org/W4388856880"],"abstract_inverted_index":{"Confidential":[0],"computing":[1],"aims":[2],"to":[3,48,122,146,221],"secure":[4],"the":[5,36,39,51,71,76,111,124,129,195,222,234],"code":[6,168],"and":[7,28,68,75,96,109,133,155,160,166,169,202,227],"data":[8,170],"in":[9],"use":[10],"by":[11,56,81],"providing":[12],"a":[13,87],"Trusted":[14],"Execution":[15],"Environment":[16],"(TEE)":[17],"for":[18],"applications":[19,65,102],"using":[20,185],"hardware":[21],"features":[22],"such":[23],"as":[24],"Intel":[25,82,226],"SGX.":[26,83],"Timing":[27],"cache":[29,97,171],"side-channel":[30,62,89,98,125],"attacks,":[31],"however,":[32],"are":[33,46,66],"often":[34],"outside":[35],"scope":[37],"of":[38,194,233],"threat":[40],"model,":[41],"although":[42],"once":[43],"exploited":[44],"they":[45],"able":[47],"break":[49],"all":[50],"default":[52],"security":[53],"guarantees":[54],"enforced":[55],"hardware.":[57],"Unfortunately,":[58],"tools":[59,184],"detecting":[60,93],"potential":[61,105],"vulnerabilities":[63,99,235],"within":[64,100],"limited":[67],"usually":[69],"ignore":[70],"strong":[72],"attack":[73],"model":[74,79,114],"unique":[77],"programming":[78,113],"imposed":[80],"This":[84],"article":[85],"proposes":[86],"precise":[88],"analysis":[90,183],"tool,":[91],"ENCIDER,":[92],"both":[94],"timing":[95,106,163],"SGX":[101,112,149,152],"via":[103,139],"inferring":[104],"observation":[107],"points":[108],"incorporating":[110],"into":[115],"analysis.":[116],"ENCIDER":[117,145,177,188],"uses":[118],"dynamic":[119],"symbolic":[120],"execution":[121],"decompose":[123],"requirement":[126],"based":[127],"on":[128],"bounded":[130],"non-interference":[131],"property":[132],"implements":[134],"byte-level":[135],"information":[136],"flow":[137],"tracking":[138],"API":[140],"modeling.":[141],"We":[142,174,216],"have":[143,217,230],"applied":[144],"4":[147],"real-world":[148],"applications,":[150],"2":[151],"crypto":[153,158],"libraries,":[154,159],"3":[156],"widely-used":[157],"found":[161],"29":[162],"side":[164,172,181],"channels":[165],"73":[167],"channels.":[173],"also":[175,208],"compare":[176],"with":[178,197],"three":[179],"state-of-the-art":[180],"channel":[182],"their":[186],"benchmarks.":[187],"does":[189],"not":[190],"only":[191],"report":[192],"most":[193,232],"bugs":[196,212],"20%-50%":[198],"run":[199],"time":[200],"improvement":[201],"65%-92%":[203],"memory":[204],"usage":[205],"improvement,":[206],"but":[207],"detects":[209],"9":[210],"missing":[211],"from":[213],"these":[214],"tools.":[215],"reported":[218],"our":[219],"findings":[220],"corresponding":[223],"parties,":[224],"e.g.,":[225],"ARM,":[228],"who":[229],"confirmed":[231],"detected.":[236]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}