{"id":"https://openalex.org/W3048806776","doi":"https://doi.org/10.1145/3372297.3421761","title":"D\u00e9j\u00e0 Vu: Side-Channel Analysis of Mozilla's NSS","display_name":"D\u00e9j\u00e0 Vu: Side-Channel Analysis of Mozilla's NSS","publication_year":2020,"publication_date":"2020-10-30","ids":{"openalex":"https://openalex.org/W3048806776","doi":"https://doi.org/10.1145/3372297.3421761","mag":"3048806776"},"language":"en","primary_location":{"id":"doi:10.1145/3372297.3421761","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3372297.3421761","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3372297.3421761","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3372297.3421761","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Sohaib ul Hassan","orcid":null},"institutions":[{"id":"https://openalex.org/I166825849","display_name":"Tampere University","ror":"https://ror.org/033003e23","country_code":"FI","type":"education","lineage":["https://openalex.org/I166825849"]}],"countries":["FI"],"is_corresponding":true,"raw_author_name":"Sohaib ul Hassan","raw_affiliation_strings":["Tampere University, Tampere, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Tampere University, Tampere, Finland","institution_ids":["https://openalex.org/I166825849"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Iaroslav Gridin","orcid":null},"institutions":[{"id":"https://openalex.org/I166825849","display_name":"Tampere University","ror":"https://ror.org/033003e23","country_code":"FI","type":"education","lineage":["https://openalex.org/I166825849"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Iaroslav Gridin","raw_affiliation_strings":["Tampere University, Tampere, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Tampere University, Tampere, Finland","institution_ids":["https://openalex.org/I166825849"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Ignacio M. Delgado-Lozano","orcid":null},"institutions":[{"id":"https://openalex.org/I166825849","display_name":"Tampere University","ror":"https://ror.org/033003e23","country_code":"FI","type":"education","lineage":["https://openalex.org/I166825849"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Ignacio M. Delgado-Lozano","raw_affiliation_strings":["Tampere University, Tampere, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Tampere University, Tampere, Finland","institution_ids":["https://openalex.org/I166825849"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Cesar Pereida Garc\u00eda","orcid":null},"institutions":[{"id":"https://openalex.org/I166825849","display_name":"Tampere University","ror":"https://ror.org/033003e23","country_code":"FI","type":"education","lineage":["https://openalex.org/I166825849"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Cesar Pereida Garc\u00eda","raw_affiliation_strings":["Tampere University, Tampere, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Tampere University, Tampere, Finland","institution_ids":["https://openalex.org/I166825849"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Jes\u00fas-Javier Chi-Dom\u00ednguez","orcid":null},"institutions":[{"id":"https://openalex.org/I166825849","display_name":"Tampere University","ror":"https://ror.org/033003e23","country_code":"FI","type":"education","lineage":["https://openalex.org/I166825849"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Jes\u00fas-Javier Chi-Dom\u00ednguez","raw_affiliation_strings":["Tampere University, Tampere, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Tampere University, Tampere, Finland","institution_ids":["https://openalex.org/I166825849"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Alejandro Cabrera Aldaya","orcid":null},"institutions":[{"id":"https://openalex.org/I166825849","display_name":"Tampere University","ror":"https://ror.org/033003e23","country_code":"FI","type":"education","lineage":["https://openalex.org/I166825849"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Alejandro Cabrera Aldaya","raw_affiliation_strings":["Tampere University, Tampere, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Tampere University, Tampere, Finland","institution_ids":["https://openalex.org/I166825849"]}]},{"author_position":"last","author":{"id":null,"display_name":"Billy Bob Brumley","orcid":null},"institutions":[{"id":"https://openalex.org/I166825849","display_name":"Tampere University","ror":"https://ror.org/033003e23","country_code":"FI","type":"education","lineage":["https://openalex.org/I166825849"]}],"countries":["FI"],"is_corresponding":false,"raw_author_name":"Billy Bob Brumley","raw_affiliation_strings":["Tampere University, Tampere, Finland"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Tampere University, Tampere, Finland","institution_ids":["https://openalex.org/I166825849"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I166825849"],"apc_list":null,"apc_paid":null,"fwci":0.272,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.64310194,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1887","last_page":"1902"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.8870000243186951},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.5467000007629395},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.5126000046730042},{"id":"https://openalex.org/keywords/side-channel-attack","display_name":"Side channel attack","score":0.45339998602867126},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.4237000048160553},{"id":"https://openalex.org/keywords/security-analysis","display_name":"Security analysis","score":0.421999990940094},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.4196000099182129}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.8870000243186951},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7548999786376953},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6230000257492065},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.5467000007629395},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.5126000046730042},{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.45339998602867126},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.4237000048160553},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.421999990940094},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.4196000099182129},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.3644999861717224},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.3310999870300293},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.31310001015663147},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.31310001015663147},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.30970001220703125},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.289900004863739},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.26969999074935913},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.26019999384880066},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.25429999828338623}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/3372297.3421761","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3372297.3421761","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3372297.3421761","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2008.06004","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2008.06004","pdf_url":"https://arxiv.org/pdf/2008.06004","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"pmh:oai:trepo.tuni.fi:10024/218439","is_oa":true,"landing_page_url":"https://trepo.tuni.fi/handle/10024/218439","pdf_url":null,"source":{"id":"https://openalex.org/S7407055260","display_name":"Trepo - Institutional Repository of Tampere University","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"conference"}],"best_oa_location":{"id":"doi:10.1145/3372297.3421761","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3372297.3421761","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3372297.3421761","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1565021983","display_name":null,"funder_award_id":"804476","funder_id":"https://openalex.org/F4320338352","funder_display_name":"FP7 Ideas: European Research Council"},{"id":"https://openalex.org/G3957910971","display_name":"Side-Channel Aware Engineering","funder_award_id":"804476","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G7842005466","display_name":null,"funder_award_id":"Horizon 2020","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320338352","display_name":"FP7 Ideas: European Research Council","ror":"https://ror.org/0472cxd90"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3048806776.pdf","grobid_xml":"https://content.openalex.org/works/W3048806776.grobid-xml"},"referenced_works_count":19,"referenced_works":["https://openalex.org/W1749471906","https://openalex.org/W1877684430","https://openalex.org/W2123923527","https://openalex.org/W2162882978","https://openalex.org/W2293441536","https://openalex.org/W2402811135","https://openalex.org/W2405148462","https://openalex.org/W2462151092","https://openalex.org/W2533043266","https://openalex.org/W2538893033","https://openalex.org/W2566581219","https://openalex.org/W2578094717","https://openalex.org/W2616901112","https://openalex.org/W2807459027","https://openalex.org/W2889067863","https://openalex.org/W2907549405","https://openalex.org/W4213181947","https://openalex.org/W4233145884","https://openalex.org/W6780086480"],"related_works":[],"abstract_inverted_index":{"Recent":[0],"work":[1],"on":[2],"Side":[3],"Channel":[4],"Analysis":[5],"(SCA)":[6],"targets":[7],"old,":[8],"well-known":[9],"vulnerabilities,":[10],"even":[11],"previously":[12],"exploited,":[13],"reported,":[14],"and":[15,26,33,44,91,106,113,127],"patched":[16],"in":[17,31,101],"high-profile":[18],"cryptography":[19],"libraries.":[20],"Nevertheless,":[21],"researchers":[22],"continue":[23],"to":[24,54,89],"find":[25],"exploit":[27,110],"the":[28,68],"same":[29],"vulnerabilities":[30,47,100,112],"old":[32],"new":[34,99],"products,":[35],"highlighting":[36],"a":[37,81],"big":[38],"issue":[39,65],"among":[40],"vendors:":[41],"effectively":[42],"tracking":[43],"fixing":[45],"security":[46,72,77,87,93],"when":[48],"disclosure":[49],"is":[50],"not":[51],"done":[52],"directly":[53],"them.":[55],"In":[56],"this":[57,64],"work,":[58],"we":[59],"present":[60],"another":[61],"instance":[62],"of":[63,74,83],"by":[66],"performing":[67],"first":[69],"library-wide":[70],"SCA":[71,86],"evaluation":[73,96],"Mozilla's":[75],"NSS":[76,102],"library.":[78],"We":[79,109],"use":[80],"combination":[82],"two":[84],"independently-developed":[85],"frameworks":[88],"identify":[90],"test":[92],"vulnerabilities.":[94],"Our":[95],"uncovers":[97],"several":[98],"affecting":[103],"DSA,":[104],"ECDSA,":[105],"RSA":[107],"cryptosystems.":[108],"said":[111],"implement":[114],"key":[115],"recovery":[116],"attacks":[117],"using":[118],"signals---extracted":[119],"through":[120],"different":[121],"techniques":[122],"such":[123],"as":[124],"timing,":[125],"microarchitecture,":[126],"EM---and":[128],"improved":[129],"lattice":[130],"methods.":[131]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1}],"updated_date":"2026-05-02T08:42:23.175194","created_date":"2020-08-18T00:00:00"}