Paper-Conference

Cryptographic Memory Tagging: Towards Stateless Integrity

Nov 2, 2024

Memory Tagging using Cryptographic Memory Integrity on Commodity x86 CPUs (runner-up for distinguished paper award 🏆)

Jul 10, 2024

MEMES: Memory Encryption-Based Memory Safety on Commodity Hardware

Jul 10, 2023

EC-CFI: Control-Flow Integrity via Code Encryption Counteracting Fault Attacks

May 1, 2023

Going beyond the Limits of SFI: Flexible and Secure Hardware-Assisted In-Process Isolation with HFI (distinguished paper award, Intel Hardware Security Academic Award honorable mention 🏆)

Mar 25, 2023

Isolation without Taxation: Near-Zero-Cost Transitions for WebAssembly and SFI

Jan 12, 2022

Cryptographic Capability Computing

Oct 19, 2021

Network-on-Chip Firewall: Countering Defective and Malicious System-on-Chip Hardware

We developed a Network-on-Chip (NoC) firewall in Bluespec SystemVerilog configured by a dedicated core, and we demonstrated how it can enforce isolation between two instances of Linux on separate cores. We developed a shallow embedding of a subset of Bluespec into Maude, since both languages are based on term rewriting systems, and we used a Maude model of the NoC firewall to precisely identify a subtle vulnerability.

Aug 27, 2015

Reliable telemetry in white spaces using remote attestation

Dec 1, 2011

Enforcing Executing-Implies-Verified with the Integrity-Aware Processor

Extended a processor core written in VHDL with hardware support for detecting attempts to execute unverified code. Developed an integrity kernel and network server to enforce code whitelisting using processor extensions. Evaluated using an FPGA.

Jun 1, 2011