![Page 1: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/1.jpg)
What is Secure Compilation?summer semester ��-��, block
Marco Patrignani1,2
�/�
![Page 2: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/2.jpg)
Practicalities
• Monday, Tuesday, Wednesday, Friday,Monday, Tuesday
• �h��, � breaks remind me• Type of course: lectures � presentations• Course goal:
• understand background and motivationbehind SC
• learn reasoning techniques for SC• know the most recent developments in SC
• Evaluation: presentations, reports.
�/�
![Page 3: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/3.jpg)
Practicalities
• Monday, Tuesday, Wednesday, Friday,Monday, Tuesday
• �h��, � breaks remind me
• Type of course: lectures � presentations• Course goal:
• understand background and motivationbehind SC
• learn reasoning techniques for SC• know the most recent developments in SC
• Evaluation: presentations, reports.
�/�
![Page 4: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/4.jpg)
Practicalities
• Monday, Tuesday, Wednesday, Friday,Monday, Tuesday
• �h��, � breaks remind me• Type of course: lectures � presentations
• Course goal:• understand background and motivationbehind SC
• learn reasoning techniques for SC• know the most recent developments in SC
• Evaluation: presentations, reports.
�/�
![Page 5: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/5.jpg)
Practicalities
• Monday, Tuesday, Wednesday, Friday,Monday, Tuesday
• �h��, � breaks remind me• Type of course: lectures � presentations• Course goal:
• understand background and motivationbehind SC
• learn reasoning techniques for SC• know the most recent developments in SC
• Evaluation: presentations, reports.
�/�
![Page 6: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/6.jpg)
Practicalities
• Monday, Tuesday, Wednesday, Friday,Monday, Tuesday
• �h��, � breaks remind me• Type of course: lectures � presentations• Course goal:
• understand background and motivationbehind SC
• learn reasoning techniques for SC• know the most recent developments in SC
• Evaluation: presentations, reports.
�/�
![Page 7: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/7.jpg)
Practicalities
• SC is a very active research field with manyunsolved difficult problems to work on
(for some questions there is no answer yet)• Pose questions• Course flavour: formal methods.• You think how to bridge the gap betweenformality and practicality
�/�
![Page 8: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/8.jpg)
Practicalities
• SC is a very active research field with manyunsolved difficult problems to work on(for some questions there is no answer yet)
• Pose questions• Course flavour: formal methods.• You think how to bridge the gap betweenformality and practicality
�/�
![Page 9: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/9.jpg)
Practicalities
• SC is a very active research field with manyunsolved difficult problems to work on(for some questions there is no answer yet)
• Pose questions
• Course flavour: formal methods.• You think how to bridge the gap betweenformality and practicality
�/�
![Page 10: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/10.jpg)
Practicalities
• SC is a very active research field with manyunsolved difficult problems to work on(for some questions there is no answer yet)
• Pose questions• Course flavour: formal methods.
• You think how to bridge the gap betweenformality and practicality
�/�
![Page 11: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/11.jpg)
Practicalities
• SC is a very active research field with manyunsolved difficult problems to work on(for some questions there is no answer yet)
• Pose questions• Course flavour: formal methods.• You think how to bridge the gap betweenformality and practicality
�/�
![Page 12: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/12.jpg)
A Note on Flavour
Formal methods give you the tools to reasonabout things and to reason about themotivation why things are done in a certain way.
�/�
![Page 13: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/13.jpg)
Couse Outline
• Develop a super toy formal compiler
• Prove it is correct, understand why it is notsecure
• Prove that it is Fully Abstract viaBacktranslations
• Understand why Full Abstraction yieldssecurity
• Prove that it is Robustly Safe• Understand why Robust Compilation yieldssecurity
�/�
![Page 14: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/14.jpg)
Couse Outline
• Develop a super toy formal compiler• Prove it is correct, understand why it is notsecure
• Prove that it is Fully Abstract viaBacktranslations
• Understand why Full Abstraction yieldssecurity
• Prove that it is Robustly Safe• Understand why Robust Compilation yieldssecurity
�/�
![Page 15: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/15.jpg)
Couse Outline
• Develop a super toy formal compiler• Prove it is correct, understand why it is notsecure
• Prove that it is Fully Abstract viaBacktranslations
• Understand why Full Abstraction yieldssecurity
• Prove that it is Robustly Safe• Understand why Robust Compilation yieldssecurity
�/�
![Page 16: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/16.jpg)
Couse Outline
• Develop a super toy formal compiler• Prove it is correct, understand why it is notsecure
• Prove that it is Fully Abstract viaBacktranslations
• Understand why Full Abstraction yieldssecurity
• Prove that it is Robustly Safe• Understand why Robust Compilation yieldssecurity
�/�
![Page 17: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/17.jpg)
Couse Outline
• Develop a super toy formal compiler• Prove it is correct, understand why it is notsecure
• Prove that it is Fully Abstract viaBacktranslations
• Understand why Full Abstraction yieldssecurity
• Prove that it is Robustly Safe
• Understand why Robust Compilation yieldssecurity
�/�
![Page 18: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/18.jpg)
Couse Outline
• Develop a super toy formal compiler• Prove it is correct, understand why it is notsecure
• Prove that it is Fully Abstract viaBacktranslations
• Understand why Full Abstraction yieldssecurity
• Prove that it is Robustly Safe• Understand why Robust Compilation yieldssecurity
�/�
![Page 19: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/19.jpg)
Problems
• Programming abstractions are notpreserved by compilers (linkers etc)(security is an abstraction)
• what does preserving abstractions mean?• what tools are there to preserveabstractions?
�/�
![Page 20: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/20.jpg)
Problems
• Programming abstractions are notpreserved by compilers (linkers etc)(security is an abstraction)
• what does preserving abstractions mean?
• what tools are there to preserveabstractions?
�/�
![Page 21: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/21.jpg)
Problems
• Programming abstractions are notpreserved by compilers (linkers etc)(security is an abstraction)
• what does preserving abstractions mean?• what tools are there to preserveabstractions?
�/�
![Page 22: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/22.jpg)
Solutions
• Study what preserving abstractions meansvia secure compilation criteria
• Devise efficient enforcement mechanismsto attain security
• Prove compilers can use these mechanismsfor security
�/�
![Page 23: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/23.jpg)
Solutions
• Study what preserving abstractions meansvia secure compilation criteria
• Devise efficient enforcement mechanismsto attain security
• Prove compilers can use these mechanismsfor security
�/�
![Page 24: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/24.jpg)
Solutions
• Study what preserving abstractions meansvia secure compilation criteria
• Devise efficient enforcement mechanismsto attain security
• Prove compilers can use these mechanismsfor security
�/�
![Page 25: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/25.jpg)
Recommended Reading
•http://drops.dagstuhl.de/opus/volltexte/����/����/pdf/dagrep_v���_i���_p���_�����.pdf
•https://blog.sigplan.org/����/��/��/secure-compilation/
�/�
![Page 26: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/26.jpg)
A First Example
(borrowed from Catalin Hritcu)
�/�
![Page 27: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/27.jpg)
HACL* verified cryptographic library, in practice
3
HACL* library
~100.000 LOC in F*
![Page 28: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/28.jpg)
HACL* verified cryptographic library, in practice
3
HACL* library Firefox web browser
~100.000 LOC in F* 16.000.000+ LOC in C/C++ 160x
, in practice
![Page 29: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/29.jpg)
HACL* verified cryptographic library, in practice
3
HACL* library Firefox web browser
ASM ASM
~100.000 LOC in F* 16.000.000+ LOC in C/C++
KreMLin+ CompCert GCC
160x
, in practice
![Page 30: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/30.jpg)
HACL* verified cryptographic library, in practice
3
HACL* library Firefox web browser
ASM ASM
Insecure interoperability: linked code can read and writedata and code, jump to arbitrary instructions, smash the stack, ...
~100.000 LOC in F* 16.000.000+ LOC in C/C++
KreMLin+ CompCert GCC
160x
, in practice
![Page 31: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/31.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
P P′
�/�
![Page 32: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/32.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
P P′
y = &mut
�/�
![Page 33: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/33.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
P P′
y = &mut
used linearly
�/�
![Page 34: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/34.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
P P′
y = &mut
used linearly
Jy = &mutK
�/�
![Page 35: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/35.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
P P′
y = &mut
Jy = &mutK
violate linearity�/�
![Page 36: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/36.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
P P′
y = &mut
Jy = &mutK
Preserve the security properties of
�/�
![Page 37: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/37.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
P P′
y = &mut
Jy = &mutK
Preserve the security properties of
when interoperating with�/�
![Page 38: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/38.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
P P′
y = &mut
Jy = &mutK
Preserve the security properties of
when interoperating with
PL sec
(e.g., no side channe
ls)
�/�
![Page 39: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/39.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
y = &mut
Jy = &mutK
Correct compilation
P P′
�/�
![Page 40: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/40.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
y = &mut
Jy = &mutK
Correct compilation
P P′
respect linearity�/�
![Page 41: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/41.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
y = &mut
Jy = &mutK
Secure compilation
P P′
�/�
![Page 42: What is Secure Compilation?theory.stanford.edu/~mp/mp/Teaching_files/l1-intro.pdf · • Evaluation: presentations, reports. / Practicalities • Monday, Tuesday, Wednesday, Friday,](https://reader036.vdocuments.us/reader036/viewer/2022081616/5feab96b3b7555779f414c09/html5/thumbnails/42.jpg)
A Second Example
P1 P2. . . Pn
JP1K JP2K . . . JPnK
RustAsm
y = &mut
Jy = &mutK
P P′
Enable source-level security reasoning
�/�