Detecting speculative leaks with compositional semantics
arXiv:2603.29800v1 Announce Type: new Abstract: Speculative execution enhances processor performance by predicting intermediate results and executing instructions based on these predictions. However, incorrect predictions can lead to security vulnerabilities, as speculative instructions leave traces in microarchitectural components that attackers can exploit. This is demonstrated by the family of Spectre attacks. Unfortunately, existing countermeasures to these attacks lack a formal security characterization, making it difficult to verify their effectiveness. In this paper, we propose a novel framework for detecting information flows introduced by speculative execution and reasoning about software defenses. The theoretical foundation of our approach is speculative non-interference (SNI), a
View PDF
Abstract:Speculative execution enhances processor performance by predicting intermediate results and executing instructions based on these predictions. However, incorrect predictions can lead to security vulnerabilities, as speculative instructions leave traces in microarchitectural components that attackers can exploit. This is demonstrated by the family of Spectre attacks. Unfortunately, existing countermeasures to these attacks lack a formal security characterization, making it difficult to verify their effectiveness. In this paper, we propose a novel framework for detecting information flows introduced by speculative execution and reasoning about software defenses. The theoretical foundation of our approach is speculative non-interference (SNI), a novel semantic notion of security against speculative execution attacks. SNI relates information leakage observed under a standard non-speculative semantics to leakage arising under semantics that explicitly model speculative execution. To capture their combined effects, we extend our framework with a mechanism to safely compose multiple speculative semantics, each focussing on a single aspect of speculation. This allows us to analyze the complex interactions and resulting leaks that can arise when multiple speculative mechanisms operate together. On the practical side, we develop Spectector, a symbolic analysis tool that uses our compositional framework and leverages SMT solvers to detect vulnerabilities and verify program security with respect to multiple speculation mechanisms. We demonstrate the effectiveness of Spectector through evaluations on standard security benchmarks and new vulnerability scenarios.
Subjects:
Cryptography and Security (cs.CR)
Cite as: arXiv:2603.29800 [cs.CR]
(or arXiv:2603.29800v1 [cs.CR] for this version)
https://doi.org/10.48550/arXiv.2603.29800
arXiv-issued DOI via DataCite (pending registration)
Submission history
From: Xaver Fabian [view email] [v1] Tue, 31 Mar 2026 14:32:12 UTC (128 KB)
Sign in to highlight and annotate this article
Conversation starters
Daily AI Digest
Get the top 5 AI stories delivered to your inbox every morning.
More about
modelbenchmarkannounce
How to Use Claude Code for Security Audits: The Script That Found a 23-Year-Old Linux Bug
Learn the exact script and prompting technique used to find a 23-year-old Linux kernel vulnerability, and how to apply it to your own codebases. The Technique — A Simple Script for Systematic Audits At the [un]prompted AI security conference, Anthropic research scientist Nicholas Carlini revealed he used Claude Code to find multiple remotely exploitable heap buffer overflows in the Linux kernel, including one that had gone undetected for 23 years. The breakthrough wasn't a complex AI agent—it was a straightforward bash script that systematically directed Claude Code's attention. Carlini's script iterates over every file in a source tree, feeding each one to Claude Code with a specific prompt designed to bypass safety constraints and focus on vulnerability discovery. Why It Works — Context,
Loop Neighborhood Markets Deploys AI Agents to Store Associates
Loop Neighborhood Markets is equipping its store associates with AI agents. This move represents a tangible step in bringing autonomous AI systems from concept to the retail floor, aiming to augment employee capabilities. The Innovation — What the source reports Loop Neighborhood Markets, a convenience store chain, has begun providing AI agents to its store associates. While the source article is brief, the announcement itself is significant. It signals a shift from internal, back-office AI pilots to deploying agentic AI directly into the hands of frontline retail staff. The specific capabilities of these agents—whether for inventory queries, customer service support, or task management—are not detailed, but the operational intent is clear: to augment human workers with autonomous AI assis
I Can't Write Code. But I Built a 100,000-Line Terminal IDE on My Phone.
I can't write code. I'm not an engineer. I've never written a line of TypeScript. I have no formal training in computer science. But I built a 100,000-line terminal IDE — by talking to AI. Every architectural decision is mine. The code is not. It was created through conversation with Claude Code, running inside Termux on a Samsung Galaxy Z Fold6. No desktop. No laptop. Just a foldable phone and an AI that can execute commands. Today I'm releasing it as open source. GitHub: github.com/RYOITABASHI/Shelly The Problem You're running Claude Code in the terminal. It throws an error. You copy it. You switch to ChatGPT. You paste. You ask "what went wrong?" You copy the fix. You switch back. You paste. You run it. Seven steps. Every single time. The terminal and the chat live in different worlds.
Knowledge Map
Connected Articles — Knowledge Graph
This article is connected to other articles through shared AI topics and tags.
More in Models
I Can't Write Code. But I Built a 100,000-Line Terminal IDE on My Phone.
I can't write code. I'm not an engineer. I've never written a line of TypeScript. I have no formal training in computer science. But I built a 100,000-line terminal IDE — by talking to AI. Every architectural decision is mine. The code is not. It was created through conversation with Claude Code, running inside Termux on a Samsung Galaxy Z Fold6. No desktop. No laptop. Just a foldable phone and an AI that can execute commands. Today I'm releasing it as open source. GitHub: github.com/RYOITABASHI/Shelly The Problem You're running Claude Code in the terminal. It throws an error. You copy it. You switch to ChatGPT. You paste. You ask "what went wrong?" You copy the fix. You switch back. You paste. You run it. Seven steps. Every single time. The terminal and the chat live in different worlds.
Show HN: sllm – Split a GPU node with other developers, unlimited tokens
Running DeepSeek V3 (685B) requires 8×H100 GPUs which is about $14k/month. Most developers only need 15-25 tok/s. sllm lets you join a cohort of developers sharing a dedicated node. You reserve a spot with your card, and nobody is charged until the cohort fills. Prices start at $5/mo for smaller models. The LLMs are completely private (we don't log any traffic). The API is OpenAI-compatible (we run vLLM), so you just swap the base URL. Currently offering a few models. Comments URL: https://news.ycombinator.com/item?id=47639779 Points: 3 # Comments: 0
Discussion
Sign in to join the discussion
No comments yet — be the first to share your thoughts!