Zobrazeno 1 - 10
of 75
pro vyhledávání: '"Patrignani, Marco"'
Mainstream compilers implement different countermeasures to prevent specific classes of speculative execution attacks. Unfortunately, these countermeasures either lack formal guarantees or come with proofs restricted to speculative semantics capturin
Externí odkaz:
http://arxiv.org/abs/2405.10089
Universal Composability (UC) is the gold standard for cryptographic security, but mechanizing proofs of UC is notoriously difficult. A recently-discovered connection between UC and Robust Compilation (RC)$\unicode{x2014}$a novel theory of secure comp
Externí odkaz:
http://arxiv.org/abs/2401.15041
Autor:
Kolosick, Matthew, Shivakumar, Basavesh Ammanaghatta, Cauligi, Sunjay, Patrignani, Marco, Vassena, Marco, Jhala, Ranjit, Stefan, Deian
The constant-time property is considered the security standard for cryptographic code. Code following the constant-time discipline is free from secret-dependent branches and memory accesses, and thus avoids leaking secrets through cache and timing si
Externí odkaz:
http://arxiv.org/abs/2311.05831
To ensure that secure applications do not leak their secrets, they are required to uphold several security properties such as spatial and temporal memory safety as well as cryptographic constant time. Existing work shows how to enforce these properti
Externí odkaz:
http://arxiv.org/abs/2307.08681
Modern processors employ different prediction mechanisms to speculate over different kinds of instructions. Attackers can exploit these prediction mechanisms simultaneously in order to trigger leaks about speculatively-accessed data. Thus, sound reas
Externí odkaz:
http://arxiv.org/abs/2209.01179
Autor:
Michael, Alexandra E., Gollamudi, Anitha, Bosamiya, Jay, Disselkoen, Craig, Denlinger, Aidan, Watt, Conrad, Parno, Bryan, Patrignani, Marco, Vassena, Marco, Stefan, Deian
Most programs compiled to WebAssembly (Wasm) today are written in unsafe languages like C and C++. Unfortunately, memory-unsafe C code remains unsafe when compiled to Wasm -- and attackers can exploit buffer overflows and use-after-frees in Wasm almo
Externí odkaz:
http://arxiv.org/abs/2208.13583
Statically analyzing information flow, or how data influences other data within a program, is a challenging task in imperative languages. Analyzing pointers and mutations requires access to a program's complete source. However, programs often use pre
Externí odkaz:
http://arxiv.org/abs/2111.13662
Autor:
Patrignani, Marco, Blackshear, Sam
A program that maintains key safety properties even when interacting with arbitrary untrusted code is said to enjoy \emph{robust safety}. Proving that a program written in a mainstream language is robustly safe is typically challenging because it req
Externí odkaz:
http://arxiv.org/abs/2110.05043
Autor:
Guarnieri, Marco, Patrignani, Marco
Microarchitectural attacks exploit the abstraction gap between the Instruction Set Architecture (ISA) and how instructions are actually executed by processors to compromise the confidentiality and integrity of a system. To secure systems against micr
Externí odkaz:
http://arxiv.org/abs/2012.14205
Recursive types extend the simply-typed lambda calculus (STLC) with the additional expressive power to enable diverging computation and to encode recursive data-types (e.g., lists). Two formulations of recursive types exist: iso-recursive and equi-re
Externí odkaz:
http://arxiv.org/abs/2010.10859