{"title":"Security Implications Of Compiler Optimizations On Cryptography -- A  Review","file_date_updated":"2021-02-17T11:39:14Z","year":"2019","date_created":"2020-11-11T17:46:16Z","language":[{"iso":"eng"}],"user_id":"66637","date_updated":"2022-01-06T06:54:26Z","type":"preprint","publication":"arXiv:1907.02530","_id":"20341","status":"public","ddc":["000"],"abstract":[{"lang":"eng","text":"When implementing secure software, developers must ensure certain\r\nrequirements, such as the erasure of secret data after its use and execution in\r\nreal time. Such requirements are not explicitly captured by the C language and\r\ncould potentially be violated by compiler optimizations. As a result,\r\ndevelopers typically use indirect methods to hide their code's semantics from\r\nthe compiler and avoid unwanted optimizations. However, such workarounds are\r\nnot permanent solutions, as increasingly efficient compiler optimization causes\r\ncode that was considered secure in the past now vulnerable. This paper is a\r\nliterature review of (1) the security complications caused by compiler\r\noptimizations, (2) approaches used by developers to mitigate optimization\r\nproblems, and (3) recent academic efforts towards enabling security engineers\r\nto communicate implicit security requirements to the compiler. In addition, we\r\npresent a short study of six cryptographic libraries and how they approach the\r\nissue of ensuring security requirements. With this paper, we highlight the need\r\nfor software developers and compiler designers to work together in order to\r\ndesign efficient systems for writing secure software."}],"author":[{"first_name":"Ashwin Prasad","id":"66637","last_name":"Shivarpatna Venkatesh","full_name":"Shivarpatna Venkatesh, Ashwin Prasad"},{"last_name":"Handadi","first_name":"A. Bhat","full_name":"Handadi, A. Bhat"},{"full_name":"Mory, Martin","orcid":"0000-0001-5609-0031","first_name":"Martin","id":"65667","last_name":"Mory"}],"citation":{"short":"A.P. Shivarpatna Venkatesh, A.B. Handadi, M. Mory, ArXiv:1907.02530 (2019).","ieee":"A. P. Shivarpatna Venkatesh, A. B. Handadi, and M. Mory, “Security Implications Of Compiler Optimizations On Cryptography -- A  Review,” <i>arXiv:1907.02530</i>. 2019.","bibtex":"@article{Shivarpatna Venkatesh_Handadi_Mory_2019, title={Security Implications Of Compiler Optimizations On Cryptography -- A  Review}, journal={arXiv:1907.02530}, author={Shivarpatna Venkatesh, Ashwin Prasad and Handadi, A. Bhat and Mory, Martin}, year={2019} }","chicago":"Shivarpatna Venkatesh, Ashwin Prasad, A. Bhat Handadi, and Martin Mory. “Security Implications Of Compiler Optimizations On Cryptography -- A  Review.” <i>ArXiv:1907.02530</i>, 2019.","apa":"Shivarpatna Venkatesh, A. P., Handadi, A. B., &#38; Mory, M. (2019). Security Implications Of Compiler Optimizations On Cryptography -- A  Review. <i>ArXiv:1907.02530</i>.","mla":"Shivarpatna Venkatesh, Ashwin Prasad, et al. “Security Implications Of Compiler Optimizations On Cryptography -- A  Review.” <i>ArXiv:1907.02530</i>, 2019.","ama":"Shivarpatna Venkatesh AP, Handadi AB, Mory M. Security Implications Of Compiler Optimizations On Cryptography -- A  Review. <i>arXiv:190702530</i>. 2019."},"file":[{"file_name":"1907.02530.pdf","file_id":"21255","file_size":663876,"content_type":"application/pdf","success":1,"date_updated":"2021-02-17T11:39:14Z","relation":"main_file","date_created":"2021-02-17T11:39:14Z","creator":"ashwin","access_level":"closed"}],"has_accepted_license":"1"}