CMU-CS-24-127
Computer Science Department
School of Computer Science, Carnegie Mellon University



CMU-CS-24-127

A Principled Approach towards Unapologetic Security

Jay Bosamiya

Ph.D. Thesis

May 2024

CMU-CS-24-127.pdf


Keywords: Formal Techniques, Unapologetic Security, Software Verification, Cryptographic Implementations, Sandboxing, WebAssembly, Parsing, Decompilation

Software is incredibly difficult to write correctly, let alone safely. Prior work (quite successfully) has, amongst other things, relied on formal verification–a powerful hammer to achieve provable guarantees. However, improvements in the state-of-the-art of software security often come with significant apologies for other important objectives, such as development velocity, software performance, or loss of functionality. While many developers (and more so, users) would like their software to be secure, these apologies cause security to become under- prioritized. To be adopted, advances in security thus need to not only improve the state-of-the-art in security, but also focus on other practical considerations that have historically inhibited widespread deployment, and indeed prevented building secure software from being the natural default choice.

In this thesis, we argue that security objectives are achievable without apology, through the use of principled approaches and formalism. To validate this thesis, we look at a collection of case studies that span across a wide collection of different kinds of software systems: (i) high-performance cryptographic primitives, (ii) safe execution of arbitrary untrusted code, (iii) agile safety enforcement for code, (iv) low-level serializers and parsers for untrusted data, and (v) source-unavailable executable comprehension. In each, we demonstrate that principled approaches and formalism help remove the need for the apologies required by prior work.

Our hope is that providing security without apology, even in the face of practical complexities, makes a big step towards the shared goal of security researchers—making security the natural default choice.

170 pages

Thesis Committee:
Bryan Parno (Chair)
Jonathan Aldrich
Phillip Gibbons
Chris Hawblitzel (Microsoft Research)

Srinivasan Seshan, Head, Computer Science Department
Martial Hebert, Dean, School of Computer Science


Return to: SCS Technical Report Collection
School of Computer Science

This page maintained by reports@cs.cmu.edu