English
Related papers

Related papers: Kettle: Attested builds for verifiable software pr…

200 papers

In this paper we present attestable builds, a new paradigm to provide strong source-to-binary correspondence in software artifacts. We tackle the challenge of opaque build pipelines that disconnect the trust between source code, which can…

Cryptography and Security · Computer Science 2025-10-27 Daniel Hugenroth , Mario Lins , René Mayrhofer , Alastair Beresford

Hardware-secured remote attestation is essential to establishing trust in the integrity of confidential virtual machines (cVMs), but is difficult to use in practice because verifying attestation evidence requires the use of…

Cryptography and Security · Computer Science 2026-05-01 Parsa Sadri Sinaki , Zainab Ahmad , Wentao Xie , Merlijn Sebrechts , Jimmy Kjällman , Lachlan J. Gunn

This paper presents C8s, a confidential computing architecture for Kubernetes that provides cryptographically rooted confidentiality, integrity, and verifiability guarantees for Kubernetes clusters from infrastructure operators. These…

Cryptography and Security · Computer Science 2026-05-01 Amean Asad , Patrick McClurg , João Andrade

Process attestation systems verify that a continuous physical process, such as human authorship, actually occurred, rather than merely checking system state. These systems face a fundamental dependability challenge: the evidence collection…

Cryptography and Security · Computer Science 2026-05-26 David Condrey

Confidential computing in the public cloud intends to safeguard workload privacy while outsourcing infrastructure management to a cloud provider. This is achieved by executing customer workloads within so called Trusted Execution…

A trusted execution environment (TEE) such as Intel Software Guard Extension (SGX) runs a remote attestation to prove to a data owner the integrity of the initial state of an enclave, including the program to operate on her data. For this…

Cryptography and Security · Computer Science 2020-07-22 Weijie Liu , Wenhao Wang , Xiaofeng Wang , Xiaozhu Meng , Yaosong Lu , Hongbo Chen , Xinyu Wang , Qingtao Shen , Kai Chen , Haixu Tang , Yi Chen , Luyi Xing

Confidential Virtual Machines (CVMs) protect data in use by running workloads within hardware-enforced Trusted Execution Environments (TEEs). However, existing CVM attestation mechanisms only certify what code is running, not where it is…

Cryptography and Security · Computer Science 2026-03-05 Filip Rezabek , Moe Mahhouk , Andrew Miller , Quintus Kilbourn , Georg Carle , Jonathan Passerat-Palmbach

Verifying that a compiled binary originates from its claimed source code is a fundamental security requirement, called source code provenance. Achieving verifiable source code provenance in practice remains challenging. The most popular…

Software Engineering · Computer Science 2026-02-13 Javier Ron , Martin Monperrus

A Kubernetes cluster typically consists of trusted nodes, running within the confines of a physically secure datacenter. With recent advances in edge orchestration, this is no longer the case. This poses a new challenge: how can we trust a…

Cryptography and Security · Computer Science 2024-05-17 Jordi Thijsman , Merlijn Sebrechts , Filip De Turck , Bruno Volckaert

Attestation means providing evidence that a remote target system is worthy of trust for some sensitive interaction. Although attestation is already used in network access control, security management, and trusted execution environments, it…

Cryptography and Security · Computer Science 2026-03-09 Will Thomas , Logan Schmalz , Adam Petz , Perry Alexander , Joshua D. Guttman , Paul D. Rowe , James Carter

Confidential computing is a security paradigm that enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs). By…

Cryptography and Security · Computer Science 2024-01-18 Abhiroop Sarkar , Alejandro Russo

Modern Large Language Model (LLM) systems are assembled from third-party artifacts such as pre-trained weights, fine-tuning adapters, datasets, dependency packages, and container images, fetched through automated pipelines. This speed comes…

Cryptography and Security · Computer Science 2026-04-01 Zhuoran Tan , Jeremy Singer , Christos Anagnostopoulos

Code agents and empirical software engineering rely on public code datasets, yet these datasets lack verifiable quality guarantees. Static 'dataset cards' inform, but they are neither auditable nor do they offer statistical guarantees,…

Software Engineering · Computer Science 2025-10-03 Fatou Ndiaye Mbodji , El-hacen Diallo , Jordan Samhi , Kui Liu , Jacques Klein , Tegawendé F. Bissyande

The majority of cloud providers offers users the possibility to deploy Trusted Execution Environments (TEEs) to protect their data and processes from high privileged adversaries. This offer is intended to address concerns of users when…

Cryptography and Security · Computer Science 2022-05-09 Mathias Morbitzer , Benedikt Kopf , Philipp Zieris

Enterprise software supply chains are increasingly vulnerable to infrastructure attacks, resulting in financial and reputational damage. Ensuring the integrity and provenance of software artifacts remains a significant challenge, where…

Cryptography and Security · Computer Science 2026-05-21 Fernando Castillo , Eduardo Brito , Pille Pullonen-Raudvere , Sebastian Werner , Stefan Tai

Attestation is a fundamental building block to establish trust over software systems. When used in conjunction with trusted execution environments, it guarantees the genuineness of the code executed against powerful attackers and threats,…

Cryptography and Security · Computer Science 2022-09-26 Jämes Ménétrey , Christian Göttel , Anum Khurshid , Marcelo Pasin , Pascal Felber , Valerio Schiavoni , Shahid Raza

Trusted execution environments (TEEs) are being used in all the devices from embedded sensors to cloud servers and encompass a range of cost, power constraints, and security threat model choices. On the other hand, each of the current…

Cryptography and Security · Computer Science 2019-09-10 Dayeol Lee , David Kohlbrenner , Shweta Shinde , Dawn Song , Krste Asanović

Existing attestation mechanisms lack scalability and support for heterogeneous virtual execution environments (VEEs), such as virtual machines and containers executed inside or outside hardware isolation on different vendors' hardware in…

Cryptography and Security · Computer Science 2023-04-04 Wojciech Ozga , Patricia Sagmeister , Tamás Visegrády , Silvio Dragone

This paper presents composable attestation as a generalized cryptographic framework for Continuous and Incremental Trust in Distributed Systems,such as Artificial Intelligence (AI) computation, and Open Source Software (OSS) supply chain…

Cryptography and Security · Computer Science 2026-03-04 Sheng Sun , Sarah Evans

CompCert is the first realistic formally verified compiler: it provides a machine-checked mathematical proof that the code it generates matches the source code. Yet, there could be loopholes in this approach. We comprehensively analyze…

Logic in Computer Science · Computer Science 2022-10-11 David Monniaux , Sylvain Boulmé
‹ Prev 1 2 3 10 Next ›