Welcome to WPI CHIPS



What are the incredible features of Goblin?

Goblin is the first non-profiling, single-trace timing SCA that successfully extracts the user’s input, which, by definition, should have been kept secret.

Available codes:

To use Goblin, please refer to our GitHub repository: Goblin package

How easy is it to use Goblin, and how scalable is Goblin?

Goblin is machine-learning assisted in disclosing the garbler’s input, regardless of size. For this purpose, k-means clustering is applied, where no manual tuning or heuristic leakage models are needed. It is, of course, advantageous to the attacker and allows for scalable and efficient attacks.

Which garbled circuit optimizations are vulnerable to Goblin?

The free-XOR- and half-gates-optimized constructions are vulnerable to Goblin attack.

Why free-XOR- and half-gates-optimized constructions are vaulnarable to Goblin?

The existence of these unbalanced IFs demonstrates the likelihood of timing attacks to be successfully mounted against them.

How did we examine the possibility of mounting timing SCA against GC frameworks?

To examine this, SC-Eliminator [1] is applied against TinyGarble [2], JustGarble [3], EMP-toolkit [4], Obliv-C [5], and ABY [6], and here is the leaky IF reports:

Framework IF
TinyGarble [2] (half-gate) 4
TinyGarble [2] (free-XOR) 7
JustGarble [3] 11
EMP-toolkit [4] 0
Obliv-c [5] 4
ABY [6] 0

For more information, please refer to Time is money, friend! Timing Side-channel Attack against Garbled Circuit Constructions.


  1. Wu, M., Guo, S., Schaumont, P., Wang, C.: Eliminating timing side-channel leaks using program repair. In: Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis. pp. 15–26 (2018).
  2. Ebrahim M. Songhori, Siam U. Hussain, Ahmad-Reza Sadeghi, Thomas Schneider and Farinaz Koushanfar, “TinyGarble: Highly Compressed and Scalable Sequential Garbled Circuits.” Security and Privacy, 2015 IEEE Symposium on May, 2015.
  3. Bellare, Mihir, et al. “Efficient garbling from a fixed-key blockcipher.” 2013 IEEE Symposium on Security and Privacy. IEEE, 2013.
  4. Malozemoff, A., Wang, X., Katz, J.: Emp-toolkit framework. [Online]https:// github.com/emp-toolkit [Accessed Jan.30, 2023] (2022).
  5. Zahur, Samee, and David Evans. “Obliv-C: A language for extensible data-oblivious computation.” Cryptology ePrint Archive (2015).
  6. Demmler, Daniel, Thomas Schneider, and Michael Zohner. “ABY-A framework for efficient mixed-protocol secure two-party computation.” NDSS. 2015.
  title={Time is money, friend! Timing Side-channel Attack against Garbled Circuit Constructions},
  author={Hashemi, Mohammad and Forte, Domenic and Ganji, Fatemeh},
  journal={Cryptology ePrint Archive},


10 November 2023

LeakyOhm: Secret Bits Extraction using Impedance Analysis is Published at ACM CCS 2023..

23 October 2023

Check out Goblin, our new timing sie-channel attack against Garbled Circuit constructions. For more info take a look at: Goblin.

25 May 2023

Jolt: Recovering TLS Signing Keys via Rowhammer Faults. Our new Rowhammer Attack is presented in IEEE S&P 2023.

9 December 2022

CHES 2023 published our work on On-chip Impedance Sensing for System Tampering Detection.

8 December 2022

Welcome to our all-new WPI CHIPS Lab site!

... see all News