Axiomatic hardware-software contracts for security
We propose leakage containment models (LCMs)---novel axiomatic security contracts which
support formally reasoning about the security guarantees of programs when they run on …
support formally reasoning about the security guarantees of programs when they run on …
Swivel: Hardening {WebAssembly} against spectre
We describe Swivel, a new compiler framework for hardening WebAssembly (Wasm)
against Spectre attacks. Outside the browser, Wasm has become a popular lightweight, in …
against Spectre attacks. Outside the browser, Wasm has become a popular lightweight, in …
{SpecFuzz}: Bringing spectre-type vulnerabilities to the surface
O Oleksenko, B Trach, M Silberstein… - 29th USENIX Security …, 2020 - usenix.org
SpecFuzz is the first tool that enables dynamic testing for speculative execution
vulnerabilities (eg, Spectre). The key is a novel concept of speculation exposure: The …
vulnerabilities (eg, Spectre). The key is a novel concept of speculation exposure: The …
Automatically eliminating speculative leaks from cryptographic code with blade
We introduce Blade, a new approach to automatically and efficiently eliminate speculative
leaks from cryptographic code. Blade is built on the insight that to stop leaks via speculative …
leaks from cryptographic code. Blade is built on the insight that to stop leaks via speculative …
[PDF][PDF] Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel.
Due to the high cost of serializing instructions to mitigate Spectre-like attacks on
mispredicted conditional branches (Spectre-PHT), developers of critical software such as the …
mispredicted conditional branches (Spectre-PHT), developers of critical software such as the …
Inspectre: Breaking and fixing microarchitectural vulnerabilities by formal analysis
The recent Spectre attacks have demonstrated the fundamental insecurity of current
computer microarchitecture. The attacks use features like pipelining, out-of-order and …
computer microarchitecture. The attacks use features like pipelining, out-of-order and …
A formal approach to secure speculation
Transient execution attacks like Spectre, Meltdown and Foreshadow have shown that
combinations of microarchitectural side-channels can be synergistically exploited to create …
combinations of microarchitectural side-channels can be synergistically exploited to create …
SoK: Practical foundations for software Spectre defenses
S Cauligi, C Disselkoen, D Moghimi… - … IEEE Symposium on …, 2022 - ieeexplore.ieee.org
Spectre vulnerabilities violate our fundamental assumptions about architectural abstractions,
allowing attackers to steal sensitive data despite previously state-of-the-art …
allowing attackers to steal sensitive data despite previously state-of-the-art …
Phantom: Exploiting decoder-detectable mispredictions
Violating the Von Neumann sequential processing principle at the microarchitectural level is
commonplace to reach high performing CPU hardware—violations are safe as long as …
commonplace to reach high performing CPU hardware—violations are safe as long as …
Speculation at Fault: Modeling and Testing Microarchitectural Leakage of {CPU} Exceptions
Microarchitectural leakage models provide effective tools to prevent vulnerabilities such as
Spectre and Meltdown via secure co-design: For software, they provide a foundation for …
Spectre and Meltdown via secure co-design: For software, they provide a foundation for …