In a bid to limit the harm caused by ubiquitous remotely exploitable software vulnerabilities, the computer sys-tems security community has proposed primitives to al-low execution of application code with reduced privilege. In this paper, we identify and attack the vital and largely unexamined problem of how to structure implementa-tions of cryptographic protocols to protect sensitive data despite exploits. As evidence that this problem is poorly understood, we rst identify two attacks that lead to disclosure of sensitive data in two published state-of-the-art designs for exploit-resistant cryptographic proto-col implementations: privilege-separated OpenSSH, and the HiStar/DStar DIFC-based SSL web server. We then describe how to structure p...
Abstract. We analyse and exploit implementation features in OpenSSL version 0.9.8g which permit an a...
TLS and SSH are two of the most commonly used protocols for securing Internet traffic. Many of the i...
International audienceThe TLS Internet Standard, previously known as SSL, is the default protocol fo...
In a bid to limit the harm caused by ubiquitous remotely exploitable software vulnerabilities, the c...
Most applications these days are at least somewhat network aware, but how do you protect those appli...
Special issue ARES'12International audienceThis paper presents a novel technique for obtaining imple...
This paper presents a novel technique for obtaining implementations of security protocols, proved se...
Many operating system services require special privileges to execute their tasks. A programming erro...
International audienceProtocols for password-based authenticated key exchange (PAKE) allow two users...
We analyse and exploit implementation features in OpenSSL version 0.9.8g which permit an attack agai...
Abstract—This paper presents a novel framework for prov-ing specifications of security protocols in ...
I, Andrea Bittau, confirm that the work presented in this thesis is my own. Where information has be...
Separation of control and data plane is a principle increasingly used to improve the performance of ...
Separation of control and data plane is a principle increasingly used to improve the performance of ...
TLS and SSH are two of the most commonly used protocols for securing Internet traffic. Many of the i...
Abstract. We analyse and exploit implementation features in OpenSSL version 0.9.8g which permit an a...
TLS and SSH are two of the most commonly used protocols for securing Internet traffic. Many of the i...
International audienceThe TLS Internet Standard, previously known as SSL, is the default protocol fo...
In a bid to limit the harm caused by ubiquitous remotely exploitable software vulnerabilities, the c...
Most applications these days are at least somewhat network aware, but how do you protect those appli...
Special issue ARES'12International audienceThis paper presents a novel technique for obtaining imple...
This paper presents a novel technique for obtaining implementations of security protocols, proved se...
Many operating system services require special privileges to execute their tasks. A programming erro...
International audienceProtocols for password-based authenticated key exchange (PAKE) allow two users...
We analyse and exploit implementation features in OpenSSL version 0.9.8g which permit an attack agai...
Abstract—This paper presents a novel framework for prov-ing specifications of security protocols in ...
I, Andrea Bittau, confirm that the work presented in this thesis is my own. Where information has be...
Separation of control and data plane is a principle increasingly used to improve the performance of ...
Separation of control and data plane is a principle increasingly used to improve the performance of ...
TLS and SSH are two of the most commonly used protocols for securing Internet traffic. Many of the i...
Abstract. We analyse and exploit implementation features in OpenSSL version 0.9.8g which permit an a...
TLS and SSH are two of the most commonly used protocols for securing Internet traffic. Many of the i...
International audienceThe TLS Internet Standard, previously known as SSL, is the default protocol fo...