Preservation of Speculative Constant-time by Compilation
S Arranz Olmos, G Barthe, L Blatter… - Proceedings of the …, 2025 - dl.acm.org
Compilers often weaken or even discard software-based countermeasures commonly used
to protect programs against side-channel attacks; worse, they may also introduce …
to protect programs against side-channel attacks; worse, they may also introduce …
[PDF][PDF] Sticky Tags: Efficient and Deterministic Spatial Memory Error Mitigation using Persistent Memory Tags
Spatial memory errors such as buffer overflows still rank among the top vulnerabilities in
C/C++ programs. Despite much research in the area, the performance overhead of (even …
C/C++ programs. Despite much research in the area, the performance overhead of (even …
SegScope: Probing fine-grained interrupts via architectural footprints
Interrupts are critical hardware resources for OS kernels to schedule processes. As they are
related to system activities, interrupts can be used to mount various side-channel attacks (ie …
related to system activities, interrupts can be used to mount various side-channel attacks (ie …
SysBumps: Exploiting Speculative Execution in System Calls for Breaking KASLR in macOS for Apple Silicon
Apple silicon is the proprietary ARM-based processor that powers the mainstream of Apple
devices. The move to this proprietary architecture presents unique challenges in addressing …
devices. The move to this proprietary architecture presents unique challenges in addressing …
SCR-Spectre: Spectre gadget detection method with strengthened context relevance
C Lu, S Luo, L Pan - Computers and Electrical Engineering, 2025 - Elsevier
Spectre attacks can steal private information via some usual code snippets, and the difficulty
in detecting Spectre gadgets is to mine the differences between the same code snippet in …
in detecting Spectre gadgets is to mine the differences between the same code snippet in …
TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution
ARM Memory Tagging Extension (MTE) is a new hardware feature introduced in ARMv8. 5-
A architecture, aiming to detect memory corruption vulnerabilities. The low overhead of MTE …
A architecture, aiming to detect memory corruption vulnerabilities. The low overhead of MTE …
Mitigating Spectre-PHT using Speculation Barriers in Linux BPF
High-performance IO demands low-overhead communication between user-and kernel
space. This demand can no longer be fulfilled by traditional system calls. Linux's extended …
space. This demand can no longer be fulfilled by traditional system calls. Linux's extended …
VeriFence: Lightweight and Precise Spectre Defenses for Untrusted Linux Kernel Extensions
High-performance IO demands low-overhead communication between user-and kernel
space. This demand can no longer be fulfilled by traditional system calls. Linux's extended …
space. This demand can no longer be fulfilled by traditional system calls. Linux's extended …
SPY-PMU: Side-Channel Profiling of Your Performance Monitoring Unit to Leak Remote User Activity
MK Bepary, A Basu, S Mohammad, R Hassan… - Cryptology ePrint …, 2025 - eprint.iacr.org
Abstract The Performance Monitoring Unit (PMU), a standard feature in all modern
computing systems, presents significant security risks by leaking sensitive user activities …
computing systems, presents significant security risks by leaking sensitive user activities …
LightSLH: Provable and Low-Overhead Spectre v1 Mitigation through Targeted Instruction Hardening
Y Zhu, W Huang, Y Xiong - arXiv preprint arXiv:2408.16220, 2024 - arxiv.org
Several software mitigations have been proposed to defend against Spectre vulnerabilities.
However, these countermeasures often suffer from high performance overhead, largely due …
However, these countermeasures often suffer from high performance overhead, largely due …