English
Related papers

Related papers: Mon CH\'ERI: Mitigating Uninitialized Memory Acces…

200 papers

This technical report describes a new extension to capability machines. Capability machines are a special type of processors that include better security primitives at the hardware level. In capability machines, every word has an associated…

Programming Languages · Computer Science 2020-06-03 Sander Huyghebaert , Thomas Van Strydonck , Steven Keuchel , Dominique Devriese

CHERI (Capability Hardware Enhanced RISC Instructions) is a novel hardware designed to address memory safety issues. By replacing traditional pointers with hardware capabilities, it enhances security in modern software systems. A Virtual…

Programming Languages · Computer Science 2026-03-09 Hanhaotian Liu , Tetsuro Yamazaki , Tomoharu Ugawa

MMU-less Linux variant lacks security because it does not have protection or isolation mechanisms. It also does not use MPUs as they do not fit with its software model because of the design drawbacks of MPUs (\ie coarse-grained protection…

Operating Systems · Computer Science 2024-01-19 Hesham Almatary , Alfredo Mazzinghi , Robert N. M. Watson

Capability machines such as CHERI provide memory capabilities that can be used by compilers to provide security benefits for compiled code (e.g., memory safety). The existing C to CHERI compiler, for example, achieves memory safety by…

Programming Languages · Computer Science 2021-05-05 Akram El-Korashy , Stelios Tsampas , Marco Patrignani , Dominique Devriese , Deepak Garg , Frank Piessens

In this paper, we present PoisonCap: scalable temporal safety with strict use-after-free protection and initialisation safety for CHERI systems. Efficient memory safety is an increasing priority for programming languages, operating systems,…

Memory-unsafe programming languages such as C and C++ are the preferred languages for systems programming, embedded systems, and performance-critical applications. The widespread use of these languages makes the risk of memory-related…

Cryptography and Security · Computer Science 2024-07-09 Sacha Ruchlejmer

CHERI-C extends the C programming language by adding hardware capabilities, ensuring a certain degree of memory safety while remaining efficient. Capabilities can also be employed for higher-level security measures, such as software…

Logic in Computer Science · Computer Science 2023-04-26 Seung Hoon Park , Rekha Pai , Tom Melham

Capability-based memory isolation is a promising new architectural primitive. Software can access low-level memory only via capability handles rather than raw pointers, which provides a natural interface to enforce security restrictions.…

Cryptography and Security · Computer Science 2023-03-10 Jason Zhijingcheng Yu , Conrad Watt , Aditya Badole , Trevor E. Carlson , Prateek Saxena

While the CHERI instruction-set architecture extensions for capabilities enable strong spatial memory safety, CHERI lacks built-in temporal safety, particularly for heap allocations. Prior attempts to augment CHERI with temporal safety fall…

Cryptography and Security · Computer Science 2026-02-11 Merve Gülmez , Ruben Sturm , Hossam ElAtali , Håkan Englund , Jonathan Woodruff , N. Asokan , Thomas Nyman

Memory corruption attacks have been prevalent in software for a long time. Some mitigation strategies against these attacks do exist, but they are not as far-reaching or as efficient as the CHERI architecture. CHERI uses capabilities to…

Cryptography and Security · Computer Science 2026-01-28 Dariy Guzairov , Alex Potanin , Stephen Kell , Alwen Tiu

A digital security-by-design computer architecture, like CHERI, lets you program without fear of buffer overflows or other memory safety errors, but CHERI also rewrites some of the assumptions about how C works and how fundamental types…

Cryptography and Security · Computer Science 2025-07-01 Maysara Alhindi , Joseph Hallett

While memory corruption bugs stemming from the use of unsafe programming languages are an old and well-researched problem, the resulting vulnerabilities still dominate real-world exploitation today. Various mitigations have been proposed to…

Cryptography and Security · Computer Science 2021-08-20 Emanuel Q. Vintila , Philipp Zieris , Julian Horsch

Protecting data in memory from attackers continues to be a concern in computing systems. CHERI is a promising approach to achieve such protection, by providing and enforcing fine-grained memory protection directly in the hardware. Creating…

Memory corruption vulnerabilities remain one of the most severe threats to software security. They often allow attackers to achieve arbitrary code execution by redirecting a vulnerable program's control flow. While Control Flow Integrity…

Cryptography and Security · Computer Science 2025-08-22 Sabine Houy , Bruno Kreyssig , Timothee Riom , Alexandre Bartel , Patrick McDaniel

Memory-safety attacks have been one of the most critical threats against computing systems. Although a wide-range of defense techniques have been developed against these attacks, the existing mitigation strategies have several limitations.…

Cryptography and Security · Computer Science 2019-09-20 Eyasu Getahun Chekole , Unnikrishnan Cheramangalath , Sudipta Chattopadhyay , Martin Ochoa , Guo Huaqun

Lack of memory-safety and exposure to side channels are two prominent, persistent challenges for the secure implementation of software. Memory-safe programming languages promise to significantly reduce the prevalence of memory-safety bugs,…

Cryptography and Security · Computer Science 2025-09-19 Hossam ElAtali , Merve Gülmez , Thomas Nyman , N. Asokan

Ensuring system correctness, such as memory safety, can eliminate security vulnerabilities that attackers could exploit in the first place. However, high and unpredictable performance degradation remains a primary challenge. Recognizing…

Cryptography and Security · Computer Science 2024-08-28 Myoung Jin Nam

More than two decades after the first stack smashing attacks, memory corruption vulnerabilities utilizing stack anomalies are still prevalent and play an important role in practice. Among such vulnerabilities, uninitialized variables play…

Cryptography and Security · Computer Science 2020-07-07 Behrad Garmany , Martin Stoffel , Robert Gawlik , Thorsten Holz

Existing high-end embedded systems face frequent security attacks. Software compartmentalization is one technique to limit the attacks' effects to the compromised compartment and not the entire system. Unfortunately, the existing…

There is growing interest in securing the hardware foundations software stacks build upon. However, before making any investment decision, software and hardware supply chain stakeholders require evidence from realistic, multiple long-term…

Cryptography and Security · Computer Science 2025-04-28 Shamal Faily
‹ Prev 1 2 3 10 Next ›