Proceedings ArticleDOI
Secure information flow with random assignment and encryption
Geoffrey Smith,Rafael Alpízar +1 more
- pp 33-44
Reads0
Chats0
TLDR
It is argued that well-typed, polynomial-time programs in the type system extended to address encryption and decryption satisfy a computational probabilistic noninterference property, provided that the encryption scheme is IND-CCA secure.Abstract:
Type systems for secure information flow aim to prevent a program from leaking information from variables classified as $H$ to variables classified as $L$. In this work we extend such a type system to address encryption and decryption; our intuition is that encrypting a $H$ plaintext yields a $L$ ciphertext. We argue that well-typed, polynomial-time programs in our system satisfy a computational probabilistic noninterference property, provided that the encryption scheme is IND-CCA secure. As a part of our proof, we first consider secure information flow in a language with a random assignment operator (but no encryption). We establish a result that may be of independent interest, namely, that well-typed, probabilistically total programs with random assignments satisfy probabilistic noninterference. We establish this result using a weak probabilistic bisimulation.read more
Citations
More filters
Journal ArticleDOI
An Introduction to Probability Theory and its Applications, Volume I
Journal ArticleDOI
An Introduction to Probability Theory and Its Applications. Volume II By William Feller. Pp. xviii, 626. 90s. 1966. (Wiley)
Book ChapterDOI
Security protocol verification: symbolic and computational models
TL;DR: This paper surveys various approaches in this area, considering the verification in the symbolic model, as well as the more recent approaches that rely on the computational model or that verify protocol implementations rather than specifications.
Journal ArticleDOI
A Survey of Symbolic Methods in Computational Analysis of Cryptographic Systems
TL;DR: The goal is to provide a rather complete summary that could act as a quick reference for researchers who want to contribute to the field, want to make use of existing results, or just want to get a better picture of what results already exist.
Journal ArticleDOI
AURA: a programming language for authorization and audit
Limin Jia,Jeffrey A. Vaughan,Karl Mazurak,Jianzhou Zhao,Luke Zarko,Joseph Schorr,Steve Zdancewic +6 more
TL;DR: AURA is a programming language for access control that treats ordinary programming constructs and authorization logic constructs in a uniform way and uses dependent types to permit assertions that refer directly to AURA values while keeping computation out of the assertion level to ensure tractability.
References
More filters
Book
Introduction to Modern Cryptography
Jonathan Katz,Yehuda Lindell +1 more
TL;DR: This book discusses Private-Key (Symmetric) Cryptography, Number Theory and Cryptographic Hardness Assumptions, and the Random-Oracle Model in Detail.
Journal ArticleDOI
Language-based information-flow security
Andrei Sabelfeld,Andrew C. Myers +1 more
TL;DR: A structured view of research on information-flow security is given, particularly focusing on work that uses static program analysis to enforce information- flow policies, and some important open challenges are identified.
Book
An Introduction to Probability Theory and Its Applications, Volume II
Frank E. Grubbs,William Feller +1 more
Journal ArticleDOI
Certification of programs for secure information flow
TL;DR: This paper presents a mechanism for verifying the secure flow of information through a program that exploits the properties of a lattice structure among security classes and proves that a program cannot cause supposedly nonconfidential results to depend on confidential input data.
Proceedings ArticleDOI
A concrete security treatment of symmetric encryption
TL;DR: This work studies notions and schemes for symmetric (ie. private key) encryption in a concrete security framework and gives four different notions of security against chosen plaintext attack, providing both upper and lower bounds, and obtaining tight relations.
Related Papers (5)
Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)
Martín Abadi,Phillip Rogaway +1 more