{"id":"https://openalex.org/W2538893033","doi":"https://doi.org/10.1145/2976749.2978420","title":"\"Make Sure DSA Signing Exponentiations Really are Constant-Time\"","display_name":"\"Make Sure DSA Signing Exponentiations Really are Constant-Time\"","publication_year":2016,"publication_date":"2016-10-24","ids":{"openalex":"https://openalex.org/W2538893033","doi":"https://doi.org/10.1145/2976749.2978420","mag":"2538893033"},"language":"en","primary_location":{"id":"doi:10.1145/2976749.2978420","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978420","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2976749.2978420?download=true","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/2976749.2978420?download=true","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5020449046","display_name":"Cesar Pereida Garc\u00eda","orcid":"https://orcid.org/0000-0001-6812-8498"},"institutions":[{"id":"https://openalex.org/I9927081","display_name":"Aalto University","ror":"https://ror.org/020hwjq30","country_code":"FI","type":"education","lineage":["https://openalex.org/I9927081"]}],"countries":["FI"],"is_corresponding":true,"raw_author_name":"Cesar Pereida Garc\u00eda","raw_affiliation_strings":["Aalto University, Espoo, Finland"],"affiliations":[{"raw_affiliation_string":"Aalto University, Espoo, Finland","institution_ids":["https://openalex.org/I9927081"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5079035785","display_name":"Billy Bob Brumley","orcid":"https://orcid.org/0000-0001-9160-0463"},"institutions":[{"id":"https://openalex.org/I4210133110","display_name":"Tampere University","ror":null,"country_code":"FI","type":null,"lineage":["https://openalex.org/I4210133110"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Billy Bob Brumley","raw_affiliation_strings":["Tampere University of Technology, Tampere, Finland"],"affiliations":[{"raw_affiliation_string":"Tampere University of Technology, Tampere, Finland","institution_ids":["https://openalex.org/I4210133110"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5056484605","display_name":"Yuval Yarom","orcid":"https://orcid.org/0000-0003-0401-4197"},"institutions":[{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I5681781","display_name":"University of Adelaide","ror":"https://ror.org/00892tw58","country_code":"AU","type":"education","lineage":["https://openalex.org/I5681781"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Yuval Yarom","raw_affiliation_strings":["The University of Adelaide &amp; Data61, Adelaide, Australia"],"affiliations":[{"raw_affiliation_string":"The University of Adelaide &amp; Data61, Adelaide, Australia","institution_ids":["https://openalex.org/I5681781","https://openalex.org/I42894916"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5020449046"],"corresponding_institution_ids":["https://openalex.org/I9927081"],"apc_list":null,"apc_paid":null,"fwci":15.0759,"has_fulltext":true,"cited_by_count":61,"citation_normalized_percentile":{"value":0.98919271,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1639","last_page":"1650"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8079942464828491},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.5727129578590393},{"id":"https://openalex.org/keywords/cache","display_name":"Cache","score":0.5270531177520752},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5229447484016418},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.48506036400794983},{"id":"https://openalex.org/keywords/timing-attack","display_name":"Timing attack","score":0.4801170825958252},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.45777058601379395},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.42496562004089355},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4018024206161499},{"id":"https://openalex.org/keywords/side-channel-attack","display_name":"Side channel attack","score":0.3152081370353699}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8079942464828491},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.5727129578590393},{"id":"https://openalex.org/C115537543","wikidata":"https://www.wikidata.org/wiki/Q165596","display_name":"Cache","level":2,"score":0.5270531177520752},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5229447484016418},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.48506036400794983},{"id":"https://openalex.org/C28420585","wikidata":"https://www.wikidata.org/wiki/Q2665075","display_name":"Timing attack","level":4,"score":0.4801170825958252},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.45777058601379395},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.42496562004089355},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4018024206161499},{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.3152081370353699}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1145/2976749.2978420","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978420","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2976749.2978420?download=true","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:trepo.tuni.fi:10024/224636","is_oa":true,"landing_page_url":"http://eprint.iacr.org/2016/594","pdf_url":"https://eprint.iacr.org/2016/594.pdf","source":{"id":"https://openalex.org/S7407055260","display_name":"Trepo - Institutional Repository of Tampere University","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"conference"},{"id":"pmh:oai:aaltodoc.aalto.fi:123456789/107255","is_oa":true,"landing_page_url":"https://research.aalto.fi/en/publications/da5d477c-c793-4df2-b7c4-f234a6df247d","pdf_url":null,"source":{"id":"https://openalex.org/S4306401662","display_name":"Aaltodoc (Aalto University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I9927081","host_organization_name":"Aalto University","host_organization_lineage":["https://openalex.org/I9927081"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"publishedVersion"},{"id":"pmh:oai:digital.library.adelaide.edu.au:2440/108055","is_oa":true,"landing_page_url":"http://hdl.handle.net/2440/108055","pdf_url":null,"source":{"id":"https://openalex.org/S4306401835","display_name":"Adelaide Research & Scholarship (AR&S) (University of Adelaide)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I5681781","host_organization_name":"The University of Adelaide","host_organization_lineage":["https://openalex.org/I5681781"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc","license_id":"https://openalex.org/licenses/cc-by-nc","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://dx.doi.org/10.1145/2976749.2978420","raw_type":"Conference paper"}],"best_oa_location":{"id":"doi:10.1145/2976749.2978420","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2976749.2978420","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/2976749.2978420?download=true","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G8051322690","display_name":null,"funder_award_id":"3772/31/2014","funder_id":"https://openalex.org/F4320321855","funder_display_name":"Tekes"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320321855","display_name":"Tekes","ror":"https://ror.org/02ag8cq23"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2538893033.pdf","grobid_xml":"https://content.openalex.org/works/W2538893033.grobid-xml"},"referenced_works_count":38,"referenced_works":["https://openalex.org/W50107694","https://openalex.org/W1427174644","https://openalex.org/W1485287820","https://openalex.org/W1488058190","https://openalex.org/W1503814339","https://openalex.org/W1520399166","https://openalex.org/W1547036183","https://openalex.org/W1554359822","https://openalex.org/W1580599221","https://openalex.org/W1592889082","https://openalex.org/W1606738432","https://openalex.org/W1740185811","https://openalex.org/W1825519517","https://openalex.org/W1934458198","https://openalex.org/W2056778557","https://openalex.org/W2058546698","https://openalex.org/W2065076704","https://openalex.org/W2095881341","https://openalex.org/W2103982793","https://openalex.org/W2106970188","https://openalex.org/W2111416661","https://openalex.org/W2121542813","https://openalex.org/W2126483728","https://openalex.org/W2131019288","https://openalex.org/W2136635506","https://openalex.org/W2159520802","https://openalex.org/W2161110873","https://openalex.org/W2172060328","https://openalex.org/W2173153107","https://openalex.org/W2210258279","https://openalex.org/W2533043266","https://openalex.org/W2559892799","https://openalex.org/W2586555532","https://openalex.org/W2619725017","https://openalex.org/W2949317607","https://openalex.org/W3150881812","https://openalex.org/W3161081806","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W3131321414","https://openalex.org/W182679101","https://openalex.org/W3006344745","https://openalex.org/W2103519941","https://openalex.org/W3180573957","https://openalex.org/W1971956962","https://openalex.org/W2188560665","https://openalex.org/W2887442533","https://openalex.org/W4212981280","https://openalex.org/W2162805750"],"abstract_inverted_index":{"TLS":[0,99],"and":[1,44,48,97],"SSH":[2],"are":[3],"two":[4],"of":[5,16,19,58],"the":[6,17,24,29,56,59,69,74],"most":[7],"commonly":[8],"used":[9],"protocols":[10,21],"for":[11],"securing":[12],"Internet":[13],"traffic.":[14],"Many":[15],"implementations":[18],"these":[20,81],"rely":[22],"on":[23,80],"cryptographic":[25],"primitives":[26],"provided":[27],"in":[28,39],"OpenSSL":[30],"library.":[31],"In":[32],"this":[33],"work":[34],"we":[35,72],"disclose":[36],"a":[37,88,104],"vulnerability":[38],"OpenSSL,":[40],"affecting":[41],"all":[42],"versions":[43],"forks":[45],"(e.g.":[46],"LibreSSL":[47],"BoringSSL)":[49],"since":[50],"roughly":[51],"October":[52],"2005,":[53],"which":[54],"renders":[55],"implementation":[57],"DSA":[60,90,106],"signature":[61],"scheme":[62],"vulnerable":[63],"to":[64,86,102],"cache-based":[65,77],"side-channel":[66],"attacks.":[67],"Exploiting":[68],"software":[70],"defect,":[71],"demonstrate":[73],"first":[75],"published":[76],"key-recovery":[78],"attack":[79],"protocols:":[82],"260":[83],"SSH-2":[84],"handshakes":[85,101],"extract":[87,103],"1024/160-bit":[89],"host":[91],"key":[92,107],"from":[93,108],"an":[94,109],"OpenSSH":[95],"server,":[96],"580":[98],"1.2":[100],"2048/256-bit":[105],"stunnel":[110],"server.":[111]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":11},{"year":2019,"cited_by_count":13},{"year":2018,"cited_by_count":4},{"year":2017,"cited_by_count":13},{"year":2016,"cited_by_count":3}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}