The majority of computer users download compiled software and run it directly on their machine. Apparently, this is also true for open-sourced software -- most users would not compile the available source, and implicitly trust that the available binaries have been compiled from the published source code (i.e., no backdoor has been inserted in the binary). To verify that the official binaries indeed correspond to the released source, one can compile the source of a given application, and then compare the locally generated binaries with the developer-provided official ones. However, such simple verification is non-trivial to achieve in practice, as modern compilers, and more generally, toolchains used in software packaging, have not been desi...
We apply state-of-the art deductive verification tools to check security-relevant properties of cryp...
We present a high-assurance software stack for secure function evaluation (SFE). Our stack consists ...
According to experts, one third of all IT vulnerabilities today are due to inadequate software verif...
The majority of computer users download software from the Internet and run it directly on their mach...
International audienceAlthough it is possible to increase confidence in Free and Open Source Softwar...
There is implicit trust involved when using computer software. Open-source software attempts to insp...
Deterministic builds, where the compile and build processes are reproducible, can be used to achieve...
This paper presents techniques developed to check program equivalences in the context of cryptograph...
Workshop proceedings with local publication by the University of OsloThis paper discusses the (often...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
While many theoretical arguments against or in favor of open source and closed source software devel...
We report on the application of an off-the-shelf verification platform to the RC4 stream cipher cryp...
International audienceThe formal verification of programs have progressed tremendously in the last d...
We present a computer-aided framework for proving concrete security bounds for cryptographic machine...
How can we be certain that software is reliable? Is there any method that can verify the correctnes...
We apply state-of-the art deductive verification tools to check security-relevant properties of cryp...
We present a high-assurance software stack for secure function evaluation (SFE). Our stack consists ...
According to experts, one third of all IT vulnerabilities today are due to inadequate software verif...
The majority of computer users download software from the Internet and run it directly on their mach...
International audienceAlthough it is possible to increase confidence in Free and Open Source Softwar...
There is implicit trust involved when using computer software. Open-source software attempts to insp...
Deterministic builds, where the compile and build processes are reproducible, can be used to achieve...
This paper presents techniques developed to check program equivalences in the context of cryptograph...
Workshop proceedings with local publication by the University of OsloThis paper discusses the (often...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
While many theoretical arguments against or in favor of open source and closed source software devel...
We report on the application of an off-the-shelf verification platform to the RC4 stream cipher cryp...
International audienceThe formal verification of programs have progressed tremendously in the last d...
We present a computer-aided framework for proving concrete security bounds for cryptographic machine...
How can we be certain that software is reliable? Is there any method that can verify the correctnes...
We apply state-of-the art deductive verification tools to check security-relevant properties of cryp...
We present a high-assurance software stack for secure function evaluation (SFE). Our stack consists ...
According to experts, one third of all IT vulnerabilities today are due to inadequate software verif...