SoK: Computer-aided cryptography
Computer-aided cryptography is an active area of research that develops and applies
formal, machine-checkable approaches to the design, analysis, and implementation of …
formal, machine-checkable approaches to the design, analysis, and implementation of …
Enforcing {Forward-Edge}{Control-Flow} integrity in {GCC} & {LLVM}
C Tice, T Roeder, P Collingbourne… - 23rd USENIX security …, 2014 - usenix.org
Constraining dynamic control transfers is a common technique for mitigating software
vulnerabilities. This defense has been widely and successfully used to protect return …
vulnerabilities. This defense has been widely and successfully used to protect return …
Not so fast: Analyzing the performance of {WebAssembly} vs. native code
All major web browsers now support WebAssembly, a low-level bytecode intended to serve
as a compilation target for code written in languages like C and C++. A key goal of …
as a compilation target for code written in languages like C and C++. A key goal of …
Modular control-flow integrity
Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a
program so that its execution always follows a predetermined Control-Flow Graph (CFG). As …
program so that its execution always follows a predetermined Control-Flow Graph (CFG). As …
ISA Semantics for ARMv8-a, RISC-v, and CHERI-MIPS
A Armstrong, T Bauereiss, B Campbell, A Reid… - Proceedings of the …, 2019 - dl.acm.org
Architecture specifications notionally define the fundamental interface between hardware
and software: the envelope of allowed behaviour for processor implementations, and the …
and software: the envelope of allowed behaviour for processor implementations, and the …
KCoFI: Complete control-flow integrity for commodity operating system kernels
J Criswell, N Dautenhahn… - 2014 IEEE symposium on …, 2014 - ieeexplore.ieee.org
We present a new system, KCoFI, that is the first we know of to provide complete Control-
Flow Integrity protection for commodity operating systems without using heavyweight …
Flow Integrity protection for commodity operating systems without using heavyweight …
Principles and implementation techniques of software-based fault isolation
G Tan - Foundations and Trends® in Privacy and Security, 2017 - nowpublishers.com
When protecting a computer system, it is often necessary to isolate an untrusted component
into a separate protection domain and provide only controlled interaction between the …
into a separate protection domain and provide only controlled interaction between the …
A formal foundation for secure remote execution of enclaves
Recent proposals for trusted hardware platforms, such as Intel SGX and the MIT Sanctum
processor, offer compelling security features but lack formal guarantees. We introduce a …
processor, offer compelling security features but lack formal guarantees. We introduce a …
Modelling the ARMv8 architecture, operationally: Concurrency and ISA
In this paper we develop semantics for key aspects of the ARMv8 multiprocessor
architecture: the concurrency model and much of the 64-bit application-level instruction set …
architecture: the concurrency model and much of the 64-bit application-level instruction set …