Modular Security Guarantees for Low-Level Languages with Stack Traversal
Previous work on timing attacks mounted by garbage collectors by Pedersen and Askarov demonstrates that garbage collectors form a shared resource that can reliably be exploited to leak secrets of arbitrary sizes. In this work, we show how to modify existing garbage collection algorithms such that no information is leaked through timing channels. We do this by designing an information-flow aware programming language with sufficient expressivity to implement common low-level paradigms useful for garbage collection, and prove that well-typed programs in this language satisfies a version of noninterference.
Sun 13 JanDisplayed time zone: Belfast change
16:00 - 18:00
|Short Talks Session|
|Modular Security Guarantees for Low-Level Languages with Stack Traversal|
|(Un)Encrypted Computing and Indistinguishability Obfuscation|