{"id":321701,"date":"2021-08-11T17:21:25","date_gmt":"2021-08-11T14:21:25","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/a-new-method-to-protect-webassembly-against-spectre-attacks\/"},"modified":"2021-08-11T17:21:25","modified_gmt":"2021-08-11T14:21:25","slug":"a-new-method-to-protect-webassembly-against-spectre-attacks","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/a-new-method-to-protect-webassembly-against-spectre-attacks\/","title":{"rendered":"#A new method to protect WebAssembly against Spectre attacks"},"content":{"rendered":"

#A new method to protect WebAssembly against Spectre attacks<\/strong>”<\/p>\n

\n
\n
\n
\"hack
\n Credit: Pixabay\/CC0 Public Domain
\n <\/figcaption><\/figure>\n<\/div>\n<\/div>\n

Computer scientists have developed a new compiler framework, called Swivel, to protect WebAssembly, or Warm, against Spectre attacks\u2014the class of execution attacks, which exploit the way processors predict the computations that need to happ<\/a>en next. The team will present<\/a> its research at the USENIX Security Symposium taking place Aug. 11 to 13, 2021.\u00a0<\/p>\n

Wasm is an instruction set that has increasingly been used to sandbox untrusted code outside the browser. But unfortunately, Spectre attacks can bypass Wasm’s isolation guarantees. To prevent this, Swivel ensures that potentially malicious code can neither use Spectre attacks to break out of the Wasm sandox pr force another Wasm client or the embedding process itself to leak secret data.\u00a0<\/p>\n

Swivel does this via two different approaches: a software-only approach that can be used on existing CPUs; and a hardware-assisted approach that uses extensions available in Intel 11th-generation CPUs.\n <\/p>\n\n

\n

Reports: Intel chips have new security flaws\n <\/p><\/div>\n

\n
\n More information:<\/strong>
\n Full paper: www.usenix.org\/system\/files\/sec21fall-narayan.pdf<\/a><\/p><\/div>\n
\n Provided by
\n University of California – San Diego
\n
\n <\/svg><\/a><\/p><\/div>\n

<\/p>\n

\n

Citation<\/strong>:
\n A new method to protect WebAssembly against Spectre attacks (2021, August 11)
\n retrieved 11 August 2021
\n from https:\/\/techxplore.com\/news<\/a>\/2021-08-method-webassembly-spectre.html<\/p>\n

This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
\n part may be reproduced without the written permission. The content is provided for information purposes only.<\/p><\/div>\n<\/p><\/div>\n