I am the author and maintainer of a few Rust crates (libraries), most notably:
- the Haybale symbolic execution engine for LLVM IR
- the llvm-ir high-level safe API for interacting with LLVM IR
- the boolector crate, which provides safe high-level bindings for the Boolector SMT solver
SoK: Practical Foundations for Spectre Defenses
Sunjay Cauligi, Craig Disselkoen, Daniel Moghimi, Gilles Barthe, Deian Stefan
To appear at IEEE Symposium on Security and Privacy (S&P) 2022
[Full Text (arXiv preprint)]
Swivel: Hardening WebAssembly against Spectre
Shravan Narayan, Craig Disselkoen, Daniel Moghimi, Sunjay Cauligi, Evan Johnson, Zhao Gang, Anjo Vahldiek-Oberwagner, Ravi Sahita, Hovav Shacham, Dean Tullsen, Deian Stefan
USENIX Security Symposium 2021
[Full Text (pdf)]
[Full Talk (video)]
[Source Code]
Automatically Eliminating Speculative Leaks from Cryptographic Code with Blade
Marco Vassena, Craig Disselkoen, Klaus v. Gleissenthall, Sunjay Cauligi, Rami Gökhan Kıcı, Ranjit Jhala, Dean Tullsen, Deian Stefan
Principles of Programming Languages (POPL) 2021
⭐ Distinguished Paper Award winner!
[Full Text (pdf)]
[Full Talk (video)] - my portion begins at about 10:15
[Source Code]
[Blog post in PL Perspectives]
Finding and Eliminating Timing Side-Channels in Crypto Code with Pitchfork
Craig Disselkoen, Sunjay Cauligi, Dean Tullsen, Deian Stefan
TECHCON 2020
[Full Text (pdf)]
[Source Code]
Constant-Time Foundations for the New Spectre Era
Sunjay Cauligi, Craig Disselkoen, Klaus v. Gleissenthall, Dean Tullsen, Deian Stefan, Tamara Rezk, Gilles Barthe
Programming Language Design and Implementation (PLDI) 2020
[Full Text (pdf)]
[Video Abstract]
[Full Talk (video)]
[Source Code]
Position Paper: Progressive Memory Safety for WebAssembly
Craig Disselkoen, John Renner, Conrad Watt, Tal Garfinkel, Amit Levy, Deian Stefan
Workshop on Hardware and Architectural Support for Security and Privacy (HASP) 2019
[Full Text (pdf)]
I gave a talk on an early version of this work at the
Workshop on Principles of Secure Compilation (PriSC) in January 2019.
Code That Never Ran: Modeling Attacks on Speculative Evaluation
Craig Disselkoen, Radha Jagadeesan, Alan Jeffrey, James Riely
Authors listed alphabetically for this paper.
IEEE Symposium on Security and Privacy (S&P) 2019
[Full Text (pdf)]
[Talk (video)]
[Source Code]
Browser history re:visited
Michael Smith, Craig Disselkoen, Shravan Narayan, Fraser Brown, Deian Stefan
USENIX Workshop on Offensive Technologies (WOOT) 2018
[Full Text (pdf)]
Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX
Craig Disselkoen, David Kohlbrenner, Leo Porter, Dean Tullsen
USENIX Security Symposium 2017
[Full Text (pdf)]
[Talk (video)]
I love making music; I play piano, drums, and concert percussion, and I also sing.
I was in this parody music video produced by several UCSD
CSE grad students for the 2019 department holiday party.
During my time at UCSD I was also a part of the La Jolla Symphony Chorus.
I ride a Onewheel self-balancing electric skateboard, and I briefly
blogged about my learning experience.
In January 2016 I was part of a trip to Nicaragua focused on computer science education in K-12 schools.
We connected with a local group of Nicaraguan K-12 computer science teachers, introducing them to an affordable,
low-maintenance, and low-power computer called the Raspberry Pi as a solution for school computer labs.
I remain interested in ways to improve education (at all levels) and combat poverty around the world.