Compositional Security for Reentrant Applications

The disastrous vulnerabilities in smart contracts sharply remind us of our ignorance: we do not know how to write code that is secure in composition with malicious code. Information flow control has long been proposed as a way to achieve compositional security, offering strong guarantees even when c...

Full description

Saved in:
Bibliographic Details
Published in:Proceedings - IEEE Symposium on Security and Privacy pp. 1249 - 1267
Main Authors: Cecchetti, Ethan, Yao, Siqiu, Ni, Haobin, Myers, Andrew C.
Format: Conference Proceeding
Language:English
Published: IEEE 01.05.2021
Subjects:
Computer bugs
Concurrent computing
information flow control
integrity
language-based security
Lattices
Malware
Privacy
Service-oriented architecture
Smart contracts
ISSN:2375-1207
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The disastrous vulnerabilities in smart contracts sharply remind us of our ignorance: we do not know how to write code that is secure in composition with malicious code. Information flow control has long been proposed as a way to achieve compositional security, offering strong guarantees even when combining software from different trust domains. Unfortunately, this appealing story breaks down in the presence of reentrancy attacks. We formalize a general definition of reentrancy and introduce a security condition that allows software modules like smart contracts to protect their key invariants while retaining the expressive power of safe forms of reentrancy. We present a security type system that provably enforces secure information flow; in conjunction with run-time mechanisms, it enforces secure reentrancy even in the presence of unknown code; and it helps locate and correct recent high-profile vulnerabilities.
ISSN:2375-1207
DOI:10.1109/SP40001.2021.00084