English
Related papers

Related papers: Output-sensitive Information flow analysis

200 papers

We propose a novel type system for verifying that programs correctly implement constant-resource behavior. Our type system extends recent work on automatic amortized resource analysis (AARA), a set of techniques that automatically derive…

Programming Languages · Computer Science 2018-01-09 Van Chan Ngo , Mario Dehesa-Azuara , Matthew Fredrikson , Jan Hoffmann

The importance of preventing microarchitectural timing side channels in security-critical applications has surged in recent years. Constant-time programming has emerged as a best-practice technique for preventing the leakage of secret…

Cryptography and Security · Computer Science 2024-03-12 Lucas Deutschmann , Johannes Mueller , Mohammad Rahmani Fadiheh , Dominik Stoffel , Wolfgang Kunz

Elaborate protocols in Secure Multi-party Computation enable several participants to compute a public function of their own private inputs while ensuring that no undesired information leaks about the private inputs, and without resorting to…

Cryptography and Security · Computer Science 2019-01-04 Patrick Ah-Fat , Michael Huth

Information-flow control mechanisms are difficult both to design and to prove correct. To reduce the time wasted on doomed proof attempts due to broken definitions, we advocate modern random testing techniques for finding counterexamples…

Information leakage to a guessing adversary in index coding is studied, where some messages in the system are sensitive and others are not. The non-sensitive messages can be used by the server like secret keys to mitigate leakage of the…

Information Theory · Computer Science 2022-05-24 Yucheng Liu , Lawrence Ong , Phee Lep Yeoh , Parastoo Sadeghi , Joerg Kliewer , Sarah Johnson

Security policies are naturally dynamic. Reflecting this, there has been a growing interest in studying information-flow properties which change during program execution, including concepts such as declassification, revocation, and…

Cryptography and Security · Computer Science 2015-01-13 Bart van Delft , Sebastian Hunt , David Sands

Programmers of cryptographic applications written in C need to avoid common mistakes such as sending private data over public channels, modifying trusted data with untrusted functions, or improperly ordering protocol steps. These secrecy,…

Cryptography and Security · Computer Science 2019-07-04 Darion Cassel , Yan Huang , Limin Jia

We propose a new sheaf semantics for secure information flow over a space of abstract behaviors, based on synthetic domain theory: security classes are open/closed partitions, types are sheaves, and redaction of sensitive information…

Programming Languages · Computer Science 2022-04-21 Jonathan Sterling , Robert Harper

Proving only over source code that programs do not leak sensitive data leaves a gap between reasoning and reality that can only be filled by accounting for the behaviour of the compiler. Furthermore, software does not always have the luxury…

Programming Languages · Computer Science 2023-06-22 Robert Sison , Toby Murray

Quantitative information flow (QIF) is concerned with assessing the leakage of information in computational systems. In QIF there are two main perspectives for the quantification of leakage. On one hand, the static perspective considers all…

Cryptography and Security · Computer Science 2025-10-27 Luigi D. C. Soares , Mário S. Alvim , Natasha Fernandes

This paper is concerned with the stability analysis of encrypted observer-based control for linear continuous-time systems. Since conventional encryption has limited ability to deploy in continuous-time integral computation, our work…

Systems and Control · Electrical Eng. & Systems 2024-02-15 Hung Nguyen , Binh Nguyen , Hyung-Gohn Lee , Hyo-Sung Ahn

SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows. At the lowest level, the SAFE hardware supports fine-grained programmable tags, with efficient and…

The timing characteristics of cache, a high-speed storage between the fast CPU and the slowmemory, may reveal sensitive information of a program, thus allowing an adversary to conduct side-channel attacks. Existing methods for detecting…

Cryptography and Security · Computer Science 2018-07-10 Shengjian Guo , Meng Wu , Chao Wang

Timing side-channel attacks exploit variations in program execution time to recover sensitive information. Cryptographic implementations are especially vulnerable to these attacks, since even small timing differences in operations such as…

Cryptography and Security · Computer Science 2026-04-21 Nges Brian Njungle , Edwin P. Kayang , Mishel J. Paul , Michel A. Kinsy

Probing signal injection is a well-established technique to extract additional information from a weakly (or non) observable dynamical system. Using averaging theory, a framework to analyse such schemes for general nonlinear systems has…

Systems and Control · Computer Science 2019-11-20 Bowen Yi , Romeo Ortega , Houria Siguerdidjane , Juan E. Machado , Weidong Zhang

The enormous amount of code required to design modern hardware implementations often leads to critical vulnerabilities being overlooked. Especially vulnerabilities that compromise the confidentiality of sensitive data, such as cryptographic…

Cryptography and Security · Computer Science 2021-12-23 Lennart M. Reimann , Luca Hanel , Dominik Sisejkovic , Farhad Merchant , Rainer Leupers

Observational determinism is a security property that characterizes secure information flow for multithreaded programs. Most of the methods that have been used to verify observational determinism are based on either type systems or…

Programming Languages · Computer Science 2016-03-14 Elaheh Ghassabani , Mohammad Abdollahi Azgomi

Security of information flow is commonly understood as preventing any information leakage, regardless of how grave or harmless consequences the leakage can have. In this work, we suggest that information security is not a goal in itself,…

Cryptography and Security · Computer Science 2016-08-09 Wojciech Jamroga , Masoud Tabatabaei

Modern stream-based monitors collect detailed statistics of the runtime behavior of the system under observation. If the system runs in a privacy-sensitive context, this poses the risk of disclosing sensitive information. Differential…

Cryptography and Security · Computer Science 2026-05-12 Bernd Finkbeiner , Frederik Scheerer

We present an instrumenting compiler for enforcing data confidentiality in low-level applications (e.g. those written in C) in the presence of an active adversary. In our approach, the programmer marks secret data by writing lightweight…

Programming Languages · Computer Science 2019-03-15 Ajay Brahmakshatriya , Piyus Kedia , Derrick Paul McKee , Pratik Bhatu , Deepak Garg , Akash Lal , Aseem Rastogi