English
Related papers

Related papers: Automatically Proving Microkernels Free from Privi…

200 papers

Confidential Computing (CC) has received increasing attention in recent years as a mechanism to protect user data from untrusted operating systems (OSes). Existing CC solutions hide confidential memory from the OS and/or encrypt it to…

Cryptography and Security · Computer Science 2024-12-06 Caihua Li , Seung-seob Lee , Lin Zhong

In monolithic operating systems, the kernel is the piece of code that executes with the highest privileges and has control over all the software running on a host. A successful attack against an operating system's kernel means a total and…

Operating Systems · Computer Science 2014-05-23 Francesco Gadaleta , Nick Nikiforakis , Yves Younan , Wouter Joosen

Confidential computing safeguards sensitive computations from untrusted clouds, with Confidential Virtual Machines (CVMs) providing a secure environment for guest OS. However, CVMs often come with large and vulnerable operating system…

Cryptography and Security · Computer Science 2024-07-19 Benshan Mei , Saisai Xia , Wenhao Wang , Dongdai Lin

Assurance of information-flow security by formal methods is mandated in security certification of separation kernels. As an industrial standard for improving safety, ARINC 653 has been complied with by mainstream separation kernels. Due to…

Software Engineering · Computer Science 2017-02-21 Yongwang Zhao , David Sanan , Fuyuan Zhang , Yang Liu

Attestation means providing evidence that a remote target system is worthy of trust for some sensitive interaction. Although attestation is already used in network access control, security management, and trusted execution environments, it…

Cryptography and Security · Computer Science 2026-03-09 Will Thomas , Logan Schmalz , Adam Petz , Perry Alexander , Joshua D. Guttman , Paul D. Rowe , James Carter

The endless stream of vulnerabilities urgently calls for principled mitigation to confine the effect of exploitation. However, the monolithic architecture of commodity OS kernels, like the Linux kernel, allows an attacker to compromise the…

Cryptography and Security · Computer Science 2024-09-17 Yinggang Guo , Zicheng Wang , Weiheng Bai , Qingkai Zeng , Kangjie Lu

Real-time operating systems employ spatial and temporal isolation to guarantee predictability and schedulability of real-time systems on multi-core processors. Any unbounded and uncontrolled cross-core performance interference poses a…

Operating Systems · Computer Science 2024-12-25 Zhaomeng Deng , Ziqi Zhang , Ding Li , Yao Guo , Yunfeng Ye , Yuxin Ren , Ning Jia , Xinwei Hu

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory, or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that…

Cryptography and Security · Computer Science 2020-01-30 Matteo Busi , Job Noorman , Jo Van Bulck , Letterio Galletta , Pierpaolo Degano , Jan Tobias Mühlberg , Frank Piessens

We present Argos, a simple approach for adding verifiability to fully homomorphic encryption (FHE) schemes using trusted hardware. Traditional approaches to verifiable FHE require expensive cryptographic proofs, which incur an overhead of…

Cryptography and Security · Computer Science 2025-03-25 Jules Drean , Fisher Jepsen , Edward Suh , Srini Devadas , Aamer Jaleel , Gururaj Saileshwar

Modern operating systems provide powerful mandatory access control mechanisms, yet they largely reason about who executes code rather than how execution originates. As a result, processes launched remotely, locally, or by background…

Cryptography and Security · Computer Science 2026-01-21 Omer Abdelmajeed Idris Mohammed , Ilhami M. Orak

Protecting secrets is a key challenge in our contemporary information-based era. In common situations, however, revealing secrets appears unavoidable, for instance, when identifying oneself in a bank to retrieve money. In turn, this may…

Cryptography and Security · Computer Science 2022-02-17 Pouriya Alikhani , Nicolas Brunner , Claude Crépeau , Sébastien Designolle , Raphaël Houlmann , Weixu Shi , Nan Yang , Hugo Zbinden

Zero-knowledge proofs allow verification of computations without revealing private information. However, existing systems require memory proportional to the computation size, which has historically limited use in large-scale applications…

Cryptography and Security · Computer Science 2025-09-18 Logan Nye

The security of a computer system depends on OS kernel protection. It is crucial to reveal and inspect new attacks on kernel data, as these are used by hackers. The purpose of this paper is to continue research into attacks on dynamically…

Cryptography and Security · Computer Science 2021-06-14 Igor Korkin

This study explores the application of generative AI (GenAI) within manual exploitation and privilege escalation tasks in Linux-based penetration testing environments, two areas critical to comprehensive cybersecurity assessments. Building…

Cryptography and Security · Computer Science 2024-11-27 Haitham S. Al-Sinani , Chris J. Mitchell

Separation kernels are fundamental software of safety and security-critical systems, which provide to their hosted applications spatial and temporal separation as well as controlled information flows among partitions. The application of…

Software Engineering · Computer Science 2016-07-12 Yongwang Zhao

The Operating System (OS) kernel is foundational in modern computing, especially with the proliferation of diverse computing devices. However, its development also comes with vulnerabilities that can lead to severe security breaches. Kernel…

Cryptography and Security · Computer Science 2025-12-05 Jiacheng Xu , He Sun , Shihao Jiang , Qinying Wang , Mingming Zhang , Xiang Li , Kaiwen Shen , Peng Cheng , Jiming Chen , Charles Zhang , Shouling Ji

High-performance IO demands low-overhead communication between user- and kernel space. This demand can no longer be fulfilled by traditional system calls. Linux's extended Berkeley Packet Filter (BPF) avoids user-/kernel transitions by…

Cryptography and Security · Computer Science 2025-01-09 Luis Gerhorst , Henriette Herzog , Peter Wägemann , Maximilian Ott , Rüdiger Kapitza , Timo Hönig

Formal verification of masking in post-quantum cryptographic (PQC) hardware relies on SMT solvers over finite domains. Our prior work established structural dependency analysis at scale [1] and quantified the security margin of partial NTT…

Cryptography and Security · Computer Science 2026-04-23 Ray Iskander , Khaled Kirah

Kubernetes is an open-source software for automating management of computerized services. Organizations, such as IBM, Capital One and Adidas use Kubernetes to deploy and manage their containers, and have reported benefits related to…

Cryptography and Security · Computer Science 2020-06-30 Md. Shazibul Islam Shamim , Farzana Ahamed Bhuiyan , Akond Rahman

Whenever modern CPUs encounter a conditional branch for which the condition cannot be evaluated yet, they predict the likely branch target and speculatively execute code. Such pipelining is key to optimizing runtime performance and is…

Cryptography and Security · Computer Science 2018-01-15 Giorgi Maisuradze , Christian Rossow