Mantel, HeikoHeikoMantelStarostin, ArtemArtemStarostin2022-10-272022-10-272015-09Lecture Notes in Computer Science 9326 9326: 447-467 (2015)http://hdl.handle.net/11420/13854We experimentally evaluate program transformations for removing timing side-channel vulnerabilities wrt. security and overhead. Our study of four well-known transformations confirms that their performance overhead differs substantially. A novelty of our work is the empirical investigation of channel bandwidths, which clarifies that the transformations also differ wrt. how much security they add to a program. Interestingly, we observe such differences even between transformations that have been proven to establish timing-sensitive noninterference. Beyond clarification, our findings provide guidance for choosing a suitable transformation for removing timing side-channel vulnerabilities. Such guidance is needed because there is a trade-off between security and overhead, which makes choosing a suitable transformation non-trivial.enInformatikConference Paper10.1007/978-3-319-24174-6_23Other