We propose leakage containment models (LCMs)---novel axiomatic security contracts which support formally reasoning about the security guarantees of programs when they run on …
SpecFuzz is the first tool that enables dynamic testing for speculative execution vulnerabilities (eg, Spectre). The key is a novel concept of speculation exposure: The …
S Cauligi, C Disselkoen, D Moghimi… - … IEEE Symposium on …, 2022 - ieeexplore.ieee.org
Spectre vulnerabilities violate our fundamental assumptions about architectural abstractions, allowing attackers to steal sensitive data despite previously state-of-the-art …
Violating the Von Neumann sequential processing principle at the microarchitectural level is commonplace to reach high performing CPU hardware—violations are safe as long as …
Microarchitectural leakage models provide effective tools to prevent vulnerabilities such as Spectre and Meltdown via secure co-design: For software, they provide a foundation for …
In this paper we revisit the Spectre v1 vulnerability and software-only countermeasures. Specifically, we systematically investigate the performance penalty and security properties of …
Modern processors employ different speculation mechanisms to speculate over different kinds of instructions. Attackers can exploit these mechanisms simultaneously in order to …
Spectre are microarchitectural attacks which were made public in January 2018. They allow an attacker to recover secrets by exploiting speculations. Detection of Spectre is particularly …
G Barthe, S Cauligi, B Grégoire… - … IEEE Symposium on …, 2021 - ieeexplore.ieee.org
High-assurance cryptography leverages methods from program verification and cryptography engineering to deliver efficient cryptographic software with machine-checked …