Robustly Safe Compilation or, Efficient, Provably Secure Compilation
Secure compilers generate compiled code that withstands many target- level attacks such as alteration of control flow, data leaks or memory corruption. Many existing secure compilers are proven to be fully abstract, meaning that they reflect and preserve observational equivalence. While this is a strong property, it comes at the cost of requiring expensive run- time constructs in compiled code that may have no relevance for security, but are needed to accommodate differences between the source language and the target language. As an alternative, this paper explores a different compiler security criterion called robustly safe compilation or RSC. Briefly, this criterion means that the compiled code preserves relevant safety properties of the source program against all adversarial contexts. We show that RSC can be attained easily and results in code that is much more efficient than that generated by fully abstract compilers. We also develop two illustrative RSC-attaining compilers and, through them, develop two different proof techniques for establishing that a compiler attains RSC .
READ FULL TEXT