English
Related papers

Related papers: An Axiomatic Approach to Detect Information Leaks …

200 papers

We consider the problem of specifying and proving the security of non-trivial, concurrent programs that intentionally leak information. We present a method that decomposes the problem into (a) proving that the program only leaks information…

Cryptography and Security · Computer Science 2023-09-08 Toby Murray , Mukesh Tiwari , Gidon Ernst , David A. Naumann

The timing characteristics of cache, a high-speed storage between the fast CPU and the slowmemory, may reveal sensitive information of a program, thus allowing an adversary to conduct side-channel attacks. Existing methods for detecting…

Cryptography and Security · Computer Science 2018-07-10 Shengjian Guo , Meng Wu , Chao Wang

In this paper we describe a method for verifying secure information flow of programs, where apart from direct and indirect flows a secret information can be leaked through covert timing channels. That is, no two computations of a program…

Programming Languages · Computer Science 2013-07-18 Aleksandar S. Dimovski

Quantitative theories of information flow give us an approach to relax the absolute confidentiality properties that are difficult to satisfy for many practical programs. The classical information-theoretic approaches for sequential…

Cryptography and Security · Computer Science 2013-06-13 Tri Minh Ngo , Marieke Huisman

Leaking information about the execution behavior of critical real-time tasks may lead to serious consequences, including violations of temporal constraints and even severe failures. We study information leakage for a special class of…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-06-05 Mohammad Fakhruddin Babar , Zain A. H. Hammadeh , Mohammad Hamad , Monowar Hasan

Information flow analysis is a powerful technique for reasoning about the sensitive information exposed by a program during its execution. While past work has proposed information theoretic metrics (e.g., Shannon entropy, min-entropy,…

Cryptography and Security · Computer Science 2010-09-22 Ji Zhu , Mudhakar Srivatsa

In this thesis we consider the problem of information hiding in the scenarios of interactive systems, statistical disclosure control, and refinement of specifications. We apply quantitative approaches to information flow in the first two…

Cryptography and Security · Computer Science 2012-02-14 Mário S. Alvim

Constant-time programming is a countermeasure to prevent cache based attacks where programs should not perform memory accesses that depend on secrets. In some cases this policy can be safely relaxed if one can prove that the program does…

Cryptography and Security · Computer Science 2023-06-22 Cristian Ene , Laurent Mounier , Marie-Laure Potet

Modern computer architectures rely on caches to reduce the latency gap between the CPU and main memory. While indispensable for performance, caches pose a serious threat to security because they leak information about memory access patterns…

Cryptography and Security · Computer Science 2023-06-22 Pablo Cañones , Boris Köpf , Jan Reineke

Attacks like Spectre abuse speculative execution, one of the key performance optimizations of modern CPUs. Recently, several testing tools have emerged to automatically detect speculative leaks in commercial (black-box) CPUs. However, the…

Cryptography and Security · Computer Science 2023-01-19 Oleksii Oleksenko , Marco Guarnieri , Boris Köpf , Mark Silberstein

Information flow security ensures that the secret data manipulated by a program does not influence its observable output. Proving information flow security is especially challenging for concurrent programs, where operations on secret data…

Cryptography and Security · Computer Science 2023-04-12 Marco Eilers , Thibault Dardinier , Peter Müller

Detection and quantification of information leaks through timing side channels are important to guarantee confidentiality. Although static analysis remains the prevalent approach for detecting timing side channels, it is computationally…

Cryptography and Security · Computer Science 2019-07-25 Saeid Tizpaz-Niari , Pavol Cerny , Sriram Sankaranarayanan , Ashutosh Trivedi

Information flow analysis checks whether certain pieces of (confidential) data may affect the results of computations in unwanted ways and thus leak information. Dynamic information flow analysis adds instrumentation code to the target…

Programming Languages · Computer Science 2016-07-11 Gergö Barany

Leakage of confidential information represents a serious security risk. Despite a number of novel, theoretical advances, it has been unclear if and how quantitative approaches to measuring leakage of confidential information could be…

Cryptography and Security · Computer Science 2010-07-07 Jonathan Heusser , Pasquale Malacaria

Memory-safety issues and information leakage are known to be depressingly common. We consider the compositional static detection of these kinds of vulnerabilities in first-order C-like programs. Indeed the latter are relational hyper-safety…

Programming Languages · Computer Science 2023-08-22 Toby Murray , Pengbo Yan , Gidon Ernst

Physical implementations of cryptographic algorithms leak information, which makes them vulnerable to so-called side-channel attacks. The problem of secure computation in the presence of leakage is generally known as leakage resilience. In…

Quantum Physics · Physics 2014-05-01 Felipe G. Lacerda , Joseph M. Renes , Renato Renner

Dynamically typed object-oriented languages enable programmers to write elegant, reusable and extensible programs. However, with the current methodology for program verification, the absence of static type information creates significant…

Programming Languages · Computer Science 2015-01-13 Björn Engelmann , Ernst-Rüdiger Olderog , Nils Erik Flick

Information leakage can have dramatic consequences on systems security. Among harmful information leaks, the timing information leakage is the ability for an attacker to deduce internal information depending on the system execution time. We…

Cryptography and Security · Computer Science 2020-10-20 Étienne André , Jun Sun

This paper introduces a run-time mechanism for preventing leakage of secure information in distributed systems. We consider a general concurrency language model, where concurrent objects interact by asynchronous method calls and futures.…

Programming Languages · Computer Science 2020-02-26 Farzane Karami , Olaf Owe , Gerardo Schneider

Data science pipelines to train and evaluate models with machine learning may contain bugs just like any other code. Leakage between training and test data can lead to overestimating the model's accuracy during offline evaluations, possibly…

Software Engineering · Computer Science 2022-09-08 Chenyang Yang , Rachel A Brower-Sinning , Grace A. Lewis , Christian Kästner
‹ Prev 1 2 3 10 Next ›