GnuZero: A Compiler-Based Zeroization Static Detection Tool for the Masses (PriSC 2026)

Sun 11 - Sat 17 January 2026 Rennes, France

Who

Pierrick Philippe, Mohamed Sabt, Pierre-Alain Fouque

Track

PriSC 2026

Time Zone

The program is currently displayed in (GMT+01:00) Brussels, Copenhagen, Madrid, Paris.

Use conference time zone: (GMT+01:00) Brussels, Copenhagen, Madrid, ParisSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Sun 11 Jan 2026 15:12 - 15:30 at Salle 19 - Timing Side Channels Chair(s): Cătălin Hriţcu

Abstract

Coding standards for secure programming recommend “scrubbing” sensitive data once it is no longer needed; otherwise, secrets may be recovered, as illustrated in the Heartbleed attack. Despite being an effective software-based countermeasure, zeroization, i.e., overwriting with zeroes, turns out to be challenging and error-prone. Current verification approaches suffer from scalability or precision issues when applied to production software in practice. In this paper, we put forward the GCC Static Analyzer (GSA), which is a symbolic execution engine for error finding. Specifically, we extend the GSA to build GnuZero; our automated tool that detects missing zeroization for all stack/heap variables storing sensitive data, either directly or by derivation. Our experiments confirm GnuZero efficiency and effectiveness in verifying real-world benchmarks. In particular, GnuZero passes all the relevant Juliet’s test programs, namely associated to the MITRE’s CWE-244 and CWE-226. In addition, GnuZero succeeds in identifying new vulnerabilities in open- source cryptographic modules.

File attachments

Presentation Slides (main.pdf)	1018KiB

Pierrick Philippe

Univ Rennes, CNRS, IRISA

Mohamed Sabt

Univ Rennes, CNRS, IRISA

Pierre-Alain Fouque

Univ Rennes, CNRS, IRISA

Time Zone

The program is currently displayed in (GMT+01:00) Brussels, Copenhagen, Madrid, Paris.

Use conference time zone: (GMT+01:00) Brussels, Copenhagen, Madrid, ParisSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Sun 11 Jan
Displayed time zone: Brussels, Copenhagen, Madrid, Paris change

14:00 - 15:30	Timing Side ChannelsPriSC at Salle 19 Chair(s): Cătălin Hriţcu MPI-SP

14:00 18m Talk		Efficient Dependency Resolution in IFC-aware Decentralized Programming PriSC Steffan Sølvsten Aarhus University, Aslan Askarov Aarhus University File Attached
14:18 18m Talk		Tooling Design and Lessons Learned from Systematic Evaluations of the Preservation of Low-level Security Properties by Compilers with BinSec PriSC Yanis Sellami CEA, List, Univ. Grenoble Alpes, Frédéric Recoules CEA, List, Sébastien Bardin CEA LIST, University Paris-Saclay
14:36 18m Talk		Decompiling for Constant-Time Analysis PriSC Sören van der Wall TU Braunschweig, Santiago Arranz Olmos Max Planck Institute for Security and Privacy, Gilles Barthe MPI-SP; IMDEA Software Institute, Lionel Blatter Max Planck Institute for Security and Privacy, Youcef Bouzid , Zhiyuan Zhang
14:54 18m Talk		Modular Verification of Probabilistic Constant-Time PriSC Xingyu Xie MPI-SP File Attached
15:12 18m Talk		GnuZero: A Compiler-Based Zeroization Static Detection Tool for the Masses PriSC Pierrick Philippe Univ Rennes, CNRS, IRISA, Mohamed Sabt Univ Rennes, CNRS, IRISA, Pierre-Alain Fouque Univ Rennes, CNRS, IRISA File Attached