English
Related papers

Related papers: An Axiomatic Approach to Detect Information Leaks …

200 papers

We develop a new notion of security against timing attacks where the attacker is able to simultaneously observe the execution time of a program and the probability of the values of low variables. We then show how to measure the security of…

Cryptography and Security · Computer Science 2008-07-25 Alessandra Di Pierro , Chris Hankin , Herbert Wiklicky

Quantitative information flow analyses measure how much information on secrets is leaked by publicly observable outputs. One area of interest is to quantify and estimate the information leakage of composed systems. Prior work has focused on…

Cryptography and Security · Computer Science 2015-09-30 Yusuke Kawamoto , Thomas Given-Wilson

Maintaining confidential information control in software is a persistent security problem where failure means secrets can be revealed via program behaviors. Information flow control techniques traditionally have been based on static or…

Software Engineering · Computer Science 2021-08-30 Ibrahim Mesecan , Daniel Blackwell , David Clark , Myra B. Cohen , Justyna Petke

We are interested in identifying and enforcing the isolation requirements of a concurrent program, i.e., concurrency control that ensures that the program meets its specification. The thesis of this paper is that this can be done…

Programming Languages · Computer Science 2015-07-01 Jyotirmoy Deshmukh , G. Ramalingam , Venkatesh-Prasad Ranganath , Kapil Vaswani

We present a novel formal system for proving quantitative-leakage properties of programs. Based on a theory of Quantitative Information Flow (QIF) that models information leakage as a noisy communication channel, it uses "gain-functions"…

Logic in Computer Science · Computer Science 2025-06-17 Chris Chen , Annabelle McIver , Carroll Morgan

In-Context Learning (ICL) has become a standard technique for adapting Large Language Models (LLMs) to specialized tasks by supplying task-specific exemplars within the prompt. However, when these exemplars contain sensitive information,…

Cryptography and Security · Computer Science 2026-04-22 Jacob Choi , Shuying Cao , Xingjian Dong , Amin Banayeeanzade , Wang Bill Zhu , Robin Jia , Sai Praneeth Karimireddy

Leakage errors arise when the quantum state leaks out of some subspace of interest, for example, the two-level subspace of a multi-level system defining a computational `qubit' or the logical code space defined by some quantum…

Quantum Physics · Physics 2016-04-18 Joel J. Wallman , Marie Barnhill , Joseph Emerson

Speculative execution attacks undermine the security of constant-time programming, the standard technique used to prevent microarchitectural side channels in security-sensitive software such as cryptographic code. Constant-time code must…

Cryptography and Security · Computer Science 2023-12-18 Rutvik Choudhary , Alan Wang , Zirui Neil Zhao , Adam Morrison , Christopher W. Fletcher

Information flow type systems enforce the security property of noninterference by detecting unauthorized data flows at compile-time. However, they require precise type annotations, making them difficult to use in practice as much of the…

Programming Languages · Computer Science 2021-02-10 Abhishek Bichhawat , McKenna McCall , Limin Jia

Information leakage to a guessing adversary in index coding is studied, where some messages in the system are sensitive and others are not. The non-sensitive messages can be used by the server like secret keys to mitigate leakage of the…

Information Theory · Computer Science 2022-05-24 Yucheng Liu , Lawrence Ong , Phee Lep Yeoh , Parastoo Sadeghi , Joerg Kliewer , Sarah Johnson

Large Language Models (LLMs) enable a new ecosystem with many downstream applications, called LLM applications, with different natural language processing tasks. The functionality and performance of an LLM application highly depend on its…

Cryptography and Security · Computer Science 2025-06-16 Bo Hui , Haolin Yuan , Neil Gong , Philippe Burlina , Yinzhi Cao

Observational determinism is a security property that characterizes secure information flow for multithreaded programs. Most of the methods that have been used to verify observational determinism are based on either type systems or…

Programming Languages · Computer Science 2016-03-14 Elaheh Ghassabani , Mohammad Abdollahi Azgomi

We introduce a tool that supports continuous flow analysis in order to detect security problems as the user edits. The tool uses abstract interpretation over both byte codes and abstract syntax trees to trace the flow of both type…

Software Engineering · Computer Science 2019-10-01 Steven P. Reiss

Speculative execution enhances processor performance by predicting intermediate results and executing instructions based on these predictions. However, incorrect predictions can lead to security vulnerabilities, as speculative instructions…

Cryptography and Security · Computer Science 2026-04-01 Xaver Fabian , Marco Guarnieri , Boris Köpf , Jose F. Morales , Marco Patrignani , Jan Reineke , Andres Sanchez

We propose a novel type system for verifying that programs correctly implement constant-resource behavior. Our type system extends recent work on automatic amortized resource analysis (AARA), a set of techniques that automatically derive…

Programming Languages · Computer Science 2018-01-09 Van Chan Ngo , Mario Dehesa-Azuara , Matthew Fredrikson , Jan Hoffmann

Methods for proving that concurrent software does not leak its secrets has remained an active topic of research for at least the past four decades. Despite an impressive array of work, the present situation remains highly unsatisfactory.…

Logic in Computer Science · Computer Science 2020-01-31 Daniel Schoepe , Toby Murray , Andrei Sabelfeld

The wide deployment of Large Language Models (LLMs) has given rise to strong demands for optimizing their inference performance. Today's techniques serving this purpose primarily focus on reducing latency and improving throughput through…

Cryptography and Security · Computer Science 2025-10-22 Linke Song , Zixuan Pang , Wenhao Wang , Zihao Wang , XiaoFeng Wang , Hongbo Chen , Wei Song , Yier Jin , Dan Meng , Rui Hou

Protecting sensitive information from unauthorized disclosure is a major concern of every organization. As an organizations employees need to access such information in order to carry out their daily work, data leakage detection is both an…

Cryptography and Security · Computer Science 2013-02-11 Yuri Shapira , Bracha Shapira , Asaf Shabtai

This paper presents a novel approach to evaluating the security of large language models (LLMs) against prompt leakage-the exposure of system-level prompts or proprietary configurations. We define prompt leakage as a critical threat to…

Cryptography and Security · Computer Science 2025-02-19 Tvrtko Sternak , Davor Runje , Dorian Granoša , Chi Wang

In concurrent and distributed systems, software components are expected to communicate according to predetermined protocols and APIs - and if a component does not observe them, the system's reliability is compromised. Furthermore, isolating…

Programming Languages · Computer Science 2021-05-25 Christian Batrolo Burlò , Adrian Francalanza , Alceste Scalas