Publications
Unifying compilers for SNARKs, SMT, and more.
Alex Ozdemir, Fraser Brown, Riad S. Wahby.
In submission. [pdf]
High-level, high-speed, high-assurance crypto.
Jonathan Cogan, Fraser Brown, Alex Ozdemir, Riad S. Wahby.
To appear, PriSC 2021.
Trust but verify: SFI safety for native-compiled Wasm.
Evan Johnson, David Thien, Youssef Alessi, Shravan Narayan, Fraser Brown, Stefan Savage, Deian Stefan.
To appear, NDSS 2021.
Sys: a static/symbolic tool for finding good bugs in good (browser) code.
Fraser Brown, Deian Stefan, Dawson Engler.
Usenix Sec 2020. [pdf]
Towards a verified range analysis for JavaScript JITs.
Fraser Brown, John Renner, Andres Nötzli, Sorin Lerner, Hovav Shacham, Deian Stefan.
PLDI 2020. [pdf]
FaCT: a DSL for timing-sensitive computation.
Sunjay Cauligi, Gary Soeller, Brian Johannesmeyer, Fraser Brown, Riad S. Wahby, John Renner, Benjamin Grégoire, Gilles Barthe, Ranjit Jhala, Deian Stefan.
PLDI 2019. [pdf]
Browser history re:visited.
Michael Smith, Craig Disselkoen, Shravan Narayan, Fraser Brown, Deian Stefan.
WOOT 2018. [pdf]
Towards verified, constant-time floating-point operations.
Marc Andrysco, Andres Nötzli, Fraser Brown, Ranjit Jhala, Deian Stefan.
CCS 2018. [pdf]
FaCT: A flexible, constant-time programming language.
Sunjay Cauligi, Gary Soeller, Fraser Brown, Brian Johannesmeyer, Yunlu Huang, Ranjit Jhala, Deian Stefan.
SecDev 2017. [pdf].
Finding and preventing bugs in JavaScript bindings.
Fraser Brown, Shravan Narayan, Riad S. Wahby, Dawson Engler, Ranjit Jhala, Deian Stefan.
Oakland 2017. [pdf]
Superhacks: Exploring and preventing vulnerabilities in browser binding code.
Fraser Brown.
PLAS 2016. [pdf]
Lifejacket: Verifying precise floating-point optimizations in LLVM.
Andres Nötzli, Fraser Brown.
SOAP 2016. [pdf]
How to find bugs using orders of magnitude less code.
Fraser Brown, Andres Nötzli, Dawson Engler.
ASPLOS 2016. [pdf]
(Conference version available here.)