Toward Complete Stack Safety for Capability Machines (PriSC 2021)

Who

Aina Linn Georges, Armaël Guéneau, Alix Trieu, Lars Birkedal

Track

PriSC 2021

Time Zone

The program is currently displayed in (GMT+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Use conference time zone: (GMT+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, ViennaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Sun 17 Jan 2021 20:12 - 20:30 at PriSC - Formal analysis & proof techniques Chair(s): Marco Patrignani, Jonathan Protzenko

Abstract

Capability machines are computers that provide support for fine grained control over memory accesses. Pointers are replaced by capabilities, unforgeable tokens of authority that represent the ability to access a memory location. As such, capability machines are an attractive target for secure compilation, and this interest is further compounded by the recent commitment from Arm to develop an industrial prototype of CHERI-based capability machines. It is thus no surprise that numerous recent works have proposed techniques for enforcing well-bracketed control-flow (WBCF) and local state encapsulation (LSE), temporal stack safety, or temporal heap safety. However, these solutions still fall short of ensuring what we believe to be complete stack safety. In this paper, we review recent propositions from the literature and identify limitations. We further propose a potential solution using a new form of capabilities.

File attachments

preprint (paper.pdf)	362KiB

Aina Linn Georges

Aarhus University

Armaël Guéneau

Aarhus University

Alix Trieu

Aarhus University

Denmark

Lars Birkedal

Aarhus University

Media

Time Zone

The program is currently displayed in (GMT+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Use conference time zone: (GMT+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, ViennaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Sun 17 Jan
Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

19:00 - 20:30	Formal analysis & proof techniquesPriSC at PriSC Chair(s): Marco Patrignani Stanford University, USA / CISPA, Germany, Jonathan Protzenko Microsoft Research, Redmond

19:00 18m Talk		Nanopass Back-Translation of Multiple Traces for Secure Compilation Proofs PriSC Jérémy Thibault MPI-SP, Cătălin Hriţcu MPI-SP Pre-print Media Attached
19:18 18m Talk		Explicit Leakage: Handling Side-Channel Behavior in Program Rewriting and Analysis PriSC Marc Gourjon Hamburg University of Technology and NXP Semiconductors Germany GmbH Media Attached
19:36 18m Talk		Secure Optimization Through Opaque Observations PriSC Son Tuan Vu Sorbonne Université, CNRS, Laboratoire d'Informatique de Paris 6, LIP6, Albert Cohen Google, Karine Heydemann Sorbonne Université, CNRS, Laboratoire d'Informatique de Paris 6, LIP6, Arnaud de Grandmaison ARM, Christophe Guillon STMicroelectronics Pre-print Media Attached File Attached
19:54 18m Talk		The Fox and the Hound: Comparing Fully Abstract and Robust Compilation PriSC Carmine Abate Max Planck Institute for Security and Privacy, Bochum, Germany, Matteo Busi Università di Pisa - Dipartimento di Informatica Pre-print Media Attached File Attached
20:12 18m Talk		Toward Complete Stack Safety for Capability Machines PriSC Aina Linn Georges Aarhus University, Armaël Guéneau Aarhus University, Alix Trieu Aarhus University, Lars Birkedal Aarhus University Media Attached File Attached