research
∙
08/29/2022
MSWasm: Soundly Enforcing Memory-Safe Execution of Unsafe Code
Most programs compiled to WebAssembly (Wasm) today are written in unsafe...
share
research
∙
08/29/2022
From Fine- to Coarse-Grained Dynamic Information Flow Control and Back, a Tutorial on Dynamic Information Flow
This tutorial provides a complete and homogeneous account of the latest ...
research
∙
08/02/2022
A Turning Point for Verified Spectre Sandboxing
Spectre attacks enable an attacker to access restricted data in an appli...
research
∙
03/07/2022
Blocked or Broken? Automatically Detecting When Privacy Interventions Break Websites
A core problem in the development and maintenance of crowd-sourced filte...
research
∙
05/12/2021
SoK: Practical Foundations for Spectre Defenses
Spectre vulnerabilities violate our fundamental assumptions about archit...
research
∙
04/30/2021
Isolation Without Taxation: Near Zero Cost Transitions for SFI
Almost all SFI systems use heavyweight transitions that incur significan...
research
∙
04/01/2021
Solver-Aided Constant-Time Circuit Verification
We present Xenon, a solver-aided method for formally verifying that Veri...
research
∙
02/25/2021
Swivel: Hardening WebAssembly against Spectre
We describe Swivel, a new compiler framework for hardening WebAssembly (...
research
∙
05/01/2020
Automatically Eliminating Speculative Leaks With Blade
We introduce BLADE, a new approach to automatically and efficiently synt...
research
∙
03/01/2020
Retrofitting Fine Grain Isolation in the Firefox Renderer (Extended Version)
Firefox and other major browsers rely on dozens of third-party libraries...
research
∙
12/04/2019
Gobi: WebAssembly as a Practical Path to Library Sandboxing
Software based fault isolation (SFI) is a powerful approach to reduce th...
research
∙
10/07/2019
Iodine: Verifying Constant-Time Execution of Hardware
To be secure, cryptographic algorithms crucially rely on the underlying ...
research
∙
10/03/2019
Towards Constant-Time Foundations for the New Spectre Era
The constant-time discipline is a software-based countermeasure used for...
research
∙
08/03/2018
