English
Related papers

Related papers: Compositional security and collateral leakage

200 papers

We present a novel formal system for proving quantitative-leakage properties of programs. Based on a theory of Quantitative Information Flow (QIF) that models information leakage as a noisy communication channel, it uses "gain-functions"…

Logic in Computer Science · Computer Science 2025-06-17 Chris Chen , Annabelle McIver , Carroll Morgan

Information flow security is classically formulated in terms of the absence of illegal information flows, with respect to a security setting consisting of a single flow policy that specifies what information flows should be permitted in the…

Programming Languages · Computer Science 2019-01-09 Ana Almeida Matos , Jan Cederquist

Traditional security mechanisms isolate resources from users who should not access them. We reflect the compositional nature of such security mechanisms back into the structure of LLMs to build a provably secure LLM; that we term SecureLLM.…

Computation and Language · Computer Science 2024-06-14 Abdulrahman Alabdulkareem , Christian M Arnold , Yerim Lee , Pieter M Feenstra , Boris Katz , Andrei Barbu

We study information leakage in secure linear network coding schemes based on nested rank-metric codes. We show that the amount of information leaked to an adversary that observes a subset of network links is characterized by the…

Information Theory · Computer Science 2026-01-13 Eimear Byrne , Johan Vester Dinesen , Ragnar Freij-Hollanti , Camilla Hollanti

Researchers have proposed formal definitions of quantitative information flow based on information theoretic notions such as the Shannon entropy, the min entropy, the guessing entropy, and channel capacity. This paper investigates the…

Cryptography and Security · Computer Science 2010-04-02 Hirotoshi Yasuoka , Tachio Terauchi

Speculative execution enhances processor performance by predicting intermediate results and executing instructions based on these predictions. However, incorrect predictions can lead to security vulnerabilities, as speculative instructions…

Cryptography and Security · Computer Science 2026-04-01 Xaver Fabian , Marco Guarnieri , Boris Köpf , Jose F. Morales , Marco Patrignani , Jan Reineke , Andres Sanchez

Opacity is a general language-theoretic framework in which several security properties of a system can be expressed. Its parameters are a predicate, given as a subset of runs of the system, and an observation function, from the set of runs…

Cryptography and Security · Computer Science 2019-02-20 B. Bérard , J. Mullins , M. Sassolas

We give a sequential model for noninterference security including probability (but not demonic choice), thus supporting reasoning about the likelihood that high-security values might be revealed by observations of low-security activity. Our…

Formal Languages and Automata Theory · Computer Science 2010-07-08 Annabelle McIver , Larissa Meinicke , Carroll Morgan

We propose a new formal criterion for evaluating secure compilation schemes for unsafe languages, expressing end-to-end security guarantees for software components that may become compromised after encountering undefined behavior---for…

In this article, we review several aspects of composability in the context of quantum cryptography. The first part is devoted to key distribution. We discuss the security criteria that a quantum key distribution protocol must fulfill to…

Quantum Physics · Physics 2010-06-14 Joern Mueller-Quade , Renato Renner

A new measure of information leakage for quantum encoding of classical data is defined. An adversary can access a single copy of the state of a quantum system that encodes some classical data and is interested in correctly guessing a…

Quantum Physics · Physics 2024-02-20 Farhad Farokhi

Noninterference is a popular semantic security condition because it offers strong end-to-end guarantees, it is inherently compositional, and it can be enforced using a simple security type system. Unfortunately, it is too restrictive for…

Cryptography and Security · Computer Science 2021-01-14 Ethan Cecchetti , Andrew C. Myers , Owen Arden

In this thesis we consider the problem of information hiding in the scenarios of interactive systems, statistical disclosure control, and refinement of specifications. We apply quantitative approaches to information flow in the first two…

Cryptography and Security · Computer Science 2012-02-14 Mário S. Alvim

Speculative execution attacks undermine the security of constant-time programming, the standard technique used to prevent microarchitectural side channels in security-sensitive software such as cryptographic code. Constant-time code must…

Cryptography and Security · Computer Science 2023-12-18 Rutvik Choudhary , Alan Wang , Zirui Neil Zhao , Adam Morrison , Christopher W. Fletcher

As large language models (LLMs) become integral to multi-agent systems, new privacy risks emerge that extend beyond memorization, direct inference, or single-turn evaluations. In particular, seemingly innocuous responses, when composed…

Cryptography and Security · Computer Science 2025-09-19 Vaidehi Patil , Elias Stengel-Eskin , Mohit Bansal

Boolean circuits abstract away from physical details to focus on the logical structure and computational behaviour of digital components. Although such circuits have been studied for many decades, compositionality has been widely ignored or…

Logic in Computer Science · Computer Science 2026-03-24 Damian Arellanes

Leakage errors arise when the quantum state leaks out of some subspace of interest, for example, the two-level subspace of a multi-level system defining a computational `qubit' or the logical code space defined by some quantum…

Quantum Physics · Physics 2016-04-18 Joel J. Wallman , Marie Barnhill , Joseph Emerson

Gentle quantum leakage is proposed as a measure of information leakage to arbitrary eavesdroppers that aim to avoid detection. Gentle (also sometimes referred to as weak or non-demolition) measurements are used to encode the desire of the…

Quantum Physics · Physics 2024-03-19 Farhad Farokhi , Sejeong Kim

We propose and discuss two conjectures on the nature of information leaks (decoherence) for quantum computers. These conjectures, if (or when) they hold, are damaging for quantum error-correction as required by fault-tolerant quantum…

Quantum Physics · Physics 2008-06-17 Gil Kalai

Differential privacy offers formal quantitative guarantees for algorithms over datasets, but it assumes attackers that know and can influence all but one record in the database. This assumption often vastly overapproximates the attackers'…

Cryptography and Security · Computer Science 2020-12-01 Damien Desfontaines , Esfandiar Mohammadi , Elisabeth Krahmer , David Basin