Secure compilation is a discipline aimed at develo** compilers that preserve the security
properties of the source programs they take as input in the target programs they produce as …

Timing side-channels are arguably one of the main sources of vulnerabilities in
cryptographic implementations. One effective mitigation against timing side-channels is to …

Most programs compiled to WebAssembly (Wasm) today are written in unsafe languages
like C and C++. Unfortunately, memory-unsafe C code remains unsafe when compiled to …

Compilers often weaken or even discard software-based countermeasures commonly used
to protect programs against side-channel attacks; worse, they may also introduce …

Industries and governments are increasingly compelled by regulations and public pressure
to handle sensitive information responsibly. Regulatory requirements and user expectations …

ttackers can access sensitive information of programs by exploiting the side-effects of
speculatively-executed instructions using Spectre attacks. To mitigate these attacks, popular …

We propose and study StkTokens: a new calling convention that provably enforces well-
bracketed control flow and local state encapsulation on a capability machine. The calling …

We propose the first framework for defining relational program logics for arbitrary monadic
effects. The framework is embedded within a relational dependent type theory and is highly …

Computer systems often provide hardware support for isolation mechanisms like privilege
levels, virtual memory, or enclaved execution. Over the past years, several successful …

We propose a new formal criterion for evaluating secure compilation schemes for unsafe
languages, expressing end-to-end security guarantees for software components that may …