English
Related papers

Related papers: Certified Compilation based on G\"odel Numbers

200 papers

An Air Force evaluation of Multics, and Ken Thompson's famous Turing award lecture "Reflections on Trusting Trust," showed that compilers can be subverted to insert malicious Trojan horses into critical software, including themselves. If…

Cryptography and Security · Computer Science 2016-11-17 David A. Wheeler

An Air Force evaluation of Multics, and Ken Thompson's Turing award lecture ("Reflections on Trusting Trust"), showed that compilers can be subverted to insert malicious Trojan horses into critical software, including themselves. If this…

Cryptography and Security · Computer Science 2010-05-03 David A. Wheeler

CompCert is the first realistic formally verified compiler: it provides a machine-checked mathematical proof that the code it generates matches the source code. Yet, there could be loopholes in this approach. We comprehensively analyze…

Logic in Computer Science · Computer Science 2022-10-11 David Monniaux , Sylvain Boulmé

This article describes the development and formal verification (proof of semantic preservation) of a compiler back-end from Cminor (a simple imperative intermediate language) to PowerPC assembly code, using the Coq proof assistant both for…

Logic in Computer Science · Computer Science 2009-11-14 Xavier Leroy

Undefined behavior in C often causes devastating security vulnerabilities. One practical mitigation is compartmentalization, which allows developers to structure large programs into mutually distrustful compartments with clearly specified…

Developing secure distributed systems is difficult, and even harder when advanced cryptography must be used to achieve security goals. Following prior work, we advocate using secure program partitioning to synthesize cryptographic…

Cryptography and Security · Computer Science 2024-01-10 Coşku Acay , Joshua Gancher , Rolph Recto , Andrew C. Myers

Cryptographic libraries are a main target of timing side-channel attacks. A practical means to protect against these attacks is to adhere to the constant-time (CT) policy. However, it is hard to write constant-time code, and even…

Programming Languages · Computer Science 2025-10-15 Santiago Arranz-Olmos , Gilles Barthe , Lionel Blatter , Youcef Bouzid , Sören van der Wall , Zhiyuan Zhang

Encrypted computing is an emerging technology based on a processor that `works encrypted', taking encrypted inputs to encrypted outputs while data remains in encrypted form throughout. It aims to secure user data against possible insider…

Cryptography and Security · Computer Science 2019-02-19 Peter T. Breuer

We present our ongoing work on developing an end-to-end verified Rust compiler based on CompCert. It provides two guarantees: one is semantics preservation from Rust to assembly, i.e., the behaviors of source code includes the behaviors of…

Programming Languages · Computer Science 2026-02-10 Jinhua Wu , Yuting Wang , Liukun Yu , Linglong Meng

Compilers are a prime target for formal verification, since compiler bugs invalidate higher-level correctness guarantees, but compiler changes may become more labor-intensive to implement, if they must come with proof patches. One appealing…

Programming Languages · Computer Science 2025-03-12 Jason Gross , Andres Erbsen , Jade Philipoom , Rajashree Agrawal , Adam Chlipala

Classes on compiler technology are commonly found in Computer Science curricula, covering aspects of parsing, semantic analysis, intermediate transformations and target code generation. This paper reports on introducing certified…

Programming Languages · Computer Science 2019-06-28 Per Lindgren , Marcus Lindner , Nils Fitinghoff

Proving secure compilation of partial programs typically requires back-translating an attack against the compiled program to an attack against the source program. To prove back-translation, one can syntactically translate the target…

Programming Languages · Computer Science 2022-06-06 Akram El-Korashy , Roberto Blanco , Jérémy Thibault , Adrien Durier , Deepak Garg , Catalin Hritcu

Formal program verification is a longstanding goal in the field. We present the first quantitative comparison of the two primary compiler verification approaches, credible compilation/translation validation and full verification. Working…

Programming Languages · Computer Science 2026-05-12 Martin Rinard

This paper explores the parallels between Thompson's "Reflections on Trusting Trust" and modern challenges in LLM-based code generation. We examine how Thompson's insights about compiler backdoors take on new relevance in the era of large…

Software Engineering · Computer Science 2025-02-25 Bradley McDanel

Verified compilation of open modules (i.e., modules whose functionality depends on other modules) provides a foundation for end-to-end verification of modular programs ubiquitous in contemporary software. However, despite intensive…

Programming Languages · Computer Science 2023-11-21 Ling Zhang , Yuting Wang , Jinhua Wu , Jérémie Koenig , Zhong Shao

Compiler correctness is an old problem, but with the emergence of smart contracts on blockchains that problem presents itself in a new light. Smart contracts are self-contained pieces of software that control assets, which are often of high…

Programming Languages · Computer Science 2022-02-23 Jacco O. G. Krijnen , Manuel M. T. Chakravarty , Gabriele Keller , Wouter Swierstra

We propose a new formal criterion for evaluating secure compilation schemes for unsafe languages, expressing end-to-end security guarantees for software components that may become compromised after encountering undefined behavior---for…

Verifying the execution of a program is complicated and often limited by the inability to validate the code's correctness. It is a crucial aspect of scientific research, where it is needed to ensure the reproducibility and validity of…

Software Engineering · Computer Science 2025-02-12 Alex Wolf , Marco Edoardo Palma , Pasquale Salza , Harald C. Gall

We present a self-certifying compiler for the COGENT systems language. COGENT is a restricted, polymorphic, higher-order, and purely functional language with linear types and without the need for a trusted runtime or garbage collector. It…

The implementations of most hardened cryptographic libraries use defensive programming techniques for side-channel resistance. These techniques are usually specified as guidelines to developers on specific code patterns to use or avoid.…

Cryptography and Security · Computer Science 2025-09-03 Moritz Schneider , Daniele Lain , Ivan Puddu , Nicolas Dutly , Srdjan Capkun
‹ Prev 1 2 3 10 Next ›