Efficient and provable local capability revocation using uninitialized capabilities
نویسندگان
چکیده
Capability machines are a special form of CPUs that offer fine-grained privilege separation using authority-carrying values known as capabilities. The CHERI capability machine offers local capabilities, which could be used cheap but restricted revocation. Unfortunately, revocation is unrealistic in practice because large amounts stack memory need to cleared security precaution. In this paper, we address shortcoming by introducing uninitialized capabilities : new represent read/write authority block without exposing the memory’s initial contents. We provide mechanically verified program logic for reasoning about programs on with feature and formalize prove safety universal contract untrusted code. use making previously-proposed secure calling convention efficient its logic. Finally, report proof-of-concept implementation machine.
منابع مشابه
Efficient Revocation in Group Signatures
We consider the problem of revocation of identity in group signatures. Group signatures are a very useful primitive in cryptography, allowing a member of a group to sign messages anonymously on behalf of the group. Such signatures must be anonymous and unlinkable, but a group authority must be able to open them in case of dispute. Many constructions have been proposed, some of them are quite ef...
متن کاملQuasiModo: Efficient Certificate Validation and Revocation
We present two new schemes for efficient certificate revocation. Our first scheme is a direct improvement on a well-known tree-based variant of the NOVOMODO system of Micali [11]. Our second scheme is a direct improvement on a tree-based variant of a multi-certificate revocation system by Aiello, Lodha, and Ostrovsky [1]. At the core of our schemes is a novel construct termed a QuasiModo tree, ...
متن کاملContributions to provable security and efficient cryptography
This thesis deals with two main matters of modern public key cryptography: provable security and efficient implementation. Indubitably, security is the most important property of any cryptographic scheme. Nevertheless, cryptographic algorithms have often been designed on a trial-and-error basis, i. e., a system has been regarded as secure as long as it withstood cryptanalytic attacks. In contra...
متن کاملEfficient and Provable White-Box Primitives
In recent years there have been several attempts to build white-box block ciphers whose implementations aim to be incompressible. This includes the weak white-box ASASA construction by Bouillaguet, Biryukov and Khovratovich from Asiacrypt 2014, and the recent space-hard construction by Bogdanov and Isobe from CCS 2015. In this article we propose the first constructions aiming at the same goal w...
متن کاملCapability Modelling - Case of Logistics Capabilities
Even though the concept of capability is an important element in service oriented architectures and enterprise information systems, little effort has been put towards modelling it as a first class citizen. Major related contributions were part of other efforts such as modelling business processes, service description and search requests. Current approaches either confuse capabilities with invoc...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Proceedings of the ACM on programming languages
سال: 2021
ISSN: ['2475-1421']
DOI: https://doi.org/10.1145/3434287