English
Related papers

Related papers: Exorcising Spectres with Secure Compilers

200 papers

Circuit compilation, a crucial process for adapting quantum algorithms to hardware constraints, often operates as a ``black box,'' with limited visibility into the optimization techniques used by proprietary systems or advanced open-source…

Quantum Physics · Physics 2025-04-29 Satwik Kundu , Swaroop Ghosh

Speculative execution which is used pervasively in modern CPUs can leave side effects in the processor caches and other structures even when the speculated instructions do not commit and their direct effect is not visible. The recent…

Cryptography and Security · Computer Science 2018-06-19 Khaled N. Khasawneh , Esmaeil Mohammadian Koruyeh , Chengyu Song , Dmitry Evtyushkin , Dmitry Ponomarev , Nael Abu-Ghazaleh

Weird machines---the computational models accessible by exploiting security vulnerabilities---arise from the difference between the model a programmer has in her head of how her program should run and the implementation that actually…

Cryptography and Security · Computer Science 2019-11-04 Jennifer Paykin , Eric Mertens , Mark Tullsen , Luke Maurer , Benoît Razet , Alexander Bakst , Scott Moore

Spectre intrusions exploit speculative execution design vulnerabilities in modern processors. The attacks violate the principles of isolation in programs to gain unauthorized private user information. Current state-of-the-art detection…

Cryptography and Security · Computer Science 2022-10-27 Chidera Biringa , Gaspard Baye , Gökhan Kul

CPU caches introduce variations into the execution time of programs that can be exploited by adversaries to recover private information about users or cryptographic keys. Establishing the security of countermeasures against this threat…

Cryptography and Security · Computer Science 2017-05-12 Goran Doychev , Boris Köpf

To ensure that secure applications do not leak their secrets, they are required to uphold several security properties such as spatial and temporal memory safety as well as cryptographic constant time. Existing work shows how to enforce…

Cryptography and Security · Computer Science 2024-10-10 Matthis Kruse , Michael Backes , Marco Patrignani

Cyber attacks and malware are now more prevalent than ever and the trend is ever upward. There have been several approaches to attack detection including resident software applications at the root or user level, e.g., virus detection, and…

Cryptography and Security · Computer Science 2018-07-31 James Christopher Foreman

The Spectre vulnerability in modern processors has been widely reported. The key insight in this vulnerability is that speculative execution in processors can be misused to access the secrets. Subsequently, even though the speculatively…

Cryptography and Security · Computer Science 2019-11-13 Guanhua Wang , Sudipta Chattopadhyay , Ivan Gotovchits , Tulika Mitra , Abhik Roychoudhury

Quantum circuits are the fundamental representation of quantum algorithms and constitute valuable intellectual property (IP). Multiple quantum circuit obfuscation (QCO) techniques have been proposed in prior research to protect quantum…

Quantum Physics · Physics 2025-11-10 Hongyu Zhang , Yuntao Liu

Proving only over source code that programs do not leak sensitive data leaves a gap between reasoning and reality that can only be filled by accounting for the behaviour of the compiler. Furthermore, software does not always have the luxury…

Programming Languages · Computer Science 2023-06-22 Robert Sison , Toby Murray

We introduce a novel approach to secure compilation based on maps of distributive laws. We demonstrate through four examples that the coherence criterion for maps of distributive laws can potentially be a viable alternative for compiler…

Programming Languages · Computer Science 2020-04-22 Stelios Tsampas , Andreas Nuyts , Dominique Devriese , Frank Piessens

Modern processors employ different prediction mechanisms to speculate over different kinds of instructions. Attackers can exploit these prediction mechanisms simultaneously in order to trigger leaks about speculatively-accessed data. Thus,…

Cryptography and Security · Computer Science 2022-09-05 Xaver Fabian , Marco Guarnieri , Marco Patrignani

Recent secure code generation methods, using vulnerability-aware fine-tuning, prefix-tuning, and prompt optimization, claim to prevent LLMs from producing insecure code. However, their robustness under adversarial conditions remains…

Cryptography and Security · Computer Science 2026-01-13 Melissa Tessa , Iyiola E. Olatunji , Aicha War , Jacques Klein , Tegawendé F. Bissyandé

We present Serberus, the first comprehensive mitigation for hardening constant-time (CT) code against Spectre attacks (involving the PHT, BTB, RSB, STL and/or PSF speculation primitives) on existing hardware. Serberus is based on three…

Cryptography and Security · Computer Science 2023-09-12 Nicholas Mosier , Hamed Nemati , John C. Mitchell , Caroline Trippel

Memory corruption vulnerabilities are endemic to unsafe languages, such as C, and they can even be found in safe languages that themselves are implemented in unsafe languages or linked with libraries implemented in unsafe languages. Robust…

Cryptography and Security · Computer Science 2018-02-06 Ana Nora Evans

Deep learning (DL) compilers are core infrastructure in modern DL systems, offering flexibility and scalability beyond vendor-specific libraries. This work uncovers a fundamental vulnerability in their design: can an official, unmodified…

Cryptography and Security · Computer Science 2025-10-28 Simin Chen , Jinjun Peng , Yixin He , Junfeng Yang , Baishakhi Ray

Spectre v1 attacks, which exploit conditional branch misprediction, are often identified with attacks that bypass array bounds checking to leak data from a victim's memory. Generally, however, Spectre v1 attacks can exploit any conditional…

Cryptography and Security · Computer Science 2021-07-05 Ofek Kirzner , Adam Morrison

Despite numerous countermeasures proposed by practitioners and researchers, remote control-flow alteration of programs with memory-safety vulnerabilities continues to be a realistic threat. Guaranteeing that complex software is completely…

Cryptography and Security · Computer Science 2017-02-20 Martín Ochoa , Sebastian Banescu , Cynthia Disenfeld , Gilles Barthe , Vijay Ganesh

Speculative execution enhances processor performance by predicting intermediate results and executing instructions based on these predictions. However, incorrect predictions can lead to security vulnerabilities, as speculative instructions…

Cryptography and Security · Computer Science 2026-04-01 Xaver Fabian , Marco Guarnieri , Boris Köpf , Jose F. Morales , Marco Patrignani , Jan Reineke , Andres Sanchez

Compartmentalization is good security-engineering practice. By breaking a large software system into mutually distrustful components that run with minimal privileges, restricting their interactions to conform to well-defined interfaces, we…

Cryptography and Security · Computer Science 2017-04-18 Yannis Juglaret , Catalin Hritcu , Arthur Azevedo de Amorim , Boris Eng , Benjamin C. Pierce