Wed 15 Jun 2022 13:30 - 13:50 at Macaw - Secure Speculation Chair(s): Marco Patrignani

Software protections against side-channel and physical attacks are essential to the development of secure applications. Such protections are meaningful at machine code or micro-architectural level, but they typically do not carry observable semantics at source level. This renders them susceptible to miscompilation, and security engineers embed input/output side-effects to prevent optimizing compilers from altering them. Yet these side-effects are error-prone and compiler-dependent. The current practice involves analyzing the generated machine code to make sure security or privacy properties are still enforced. These side-effects may also be too expensive in fine-grained protections such as control-flow integrity. We introduce observations of the program state that are intrinsic to the correct execution of security protections, along with means to specify and preserve observations across the compilation flow. Such observations complement the input/output semantics-preservation contract of compilers. We introduce an opacification mechanism to preserve and enforce a partial ordering of observations. This approach is compatible with a production compiler and does not incur any modification to its optimization passes. We validate the effectiveness and performance of our approach on a range of benchmarks, expressing the secure compilation of these applications in terms of observations to be made at specific program points.

https://dl.acm.org/doi/10.1145/3485519
this URL might only work when visiting from a https://dl.acm.org/doi/10.1145/3485519 URL.

Wed 15 Jun

Displayed time zone: Pacific Time (US & Canada) change

13:30 - 14:50
Secure SpeculationSIGPLAN Track at Macaw
Chair(s): Marco Patrignani University of Trento
13:30
20m
Talk
(OOPSLA 2021) Reconciling Optimization with Secure Compilation
SIGPLAN Track
Son Tuan Vu Sorbonne Université, CNRS, Laboratoire d'Informatique de Paris 6, LIP6, Albert Cohen Google, Arnaud de Grandmaison , Christophe Guillon STMicroelectronics, Karine Heydemann Sorbonne University; CNRS; LIP6
Link to publication DOI Authorizer link Pre-print
13:50
20m
Talk
(PLDI 2020) Constant-Time Foundations for the New Spectre Era
SIGPLAN Track
Sunjay Cauligi University of California at San Diego, USA, Craig Disselkoen University of California at San Diego, USA, Klaus v. Gleissenthall Vrije Universiteit Amsterdam, Netherlands, Dean Tullsen University of California at San Diego, USA, Deian Stefan University of California at San Diego, Tamara Rezk INRIA, Gilles Barthe MPI-SP, Germany / IMDEA Software Institute, Spain
14:10
20m
Talk
(PLDI 2020) SCAF: A Speculation-Aware Collaborative Dependence Analysis Framework
SIGPLAN Track
Sotiris Apostolakis Google, Ziyang Xu Princeton University, Zujun Tan Princeton University, USA, Greg Chan Princeton University, USA, Simone Campanoni Northwestern University, USA, David I. August Princeton University
14:30
20m
Talk
(POPL 2021) Automatically Eliminating Speculative Leaks from Cryptographic Code with Blade
SIGPLAN Track
Marco Vassena Utrecht University, Craig Disselkoen University of California at San Diego, USA, Klaus v. Gleissenthall Vrije Universiteit Amsterdam, Netherlands, Sunjay Cauligi University of California at San Diego, USA, Rami Gökhan Kıcı University of California at San Diego, USA, Ranjit Jhala University of California at San Diego; Amazon Web Services, Dean Tullsen University of California at San Diego, USA, Deian Stefan University of California at San Diego