2009
DOI: 10.1007/978-3-642-00590-9_16
|View full text |Cite
|
Sign up to set email alerts
|

All Secrets Great and Small

Abstract: Abstract. Tools for analysing secure information flow are almost exclusively based on ideas going back to Denning's work from the 70's. This approach embodies an imperfect notion of security which turns a blind eye to information flows which are encoded in the termination behaviour of a program. In exchange for this weakness many more programs are deemed "secure", using conditions which are easy to check. Previously it was thought that such leaks are limited to at most one bit per run. Recent work by Askarov e… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
19
0

Year Published

2009
2009
2014
2014

Publication Types

Select...
5

Relationship

2
3

Authors

Journals

citations
Cited by 10 publications
(19 citation statements)
references
References 13 publications
0
19
0
Order By: Relevance
“…We first observe that if the entropy of the hashed value is low an attacker might try to compute, by brute force, the hash of all the possible values until he finds a match. We thus select, as our starting point, a recent noninterference variant called secret-sensitive noninterference [6] which distinguishes small and big secrets and allows us to treat their corresponding digests accordingly. If a secret is big, meaning that it is infeasible to guess its actual value, then the brute force attack above is also infeasible.…”
Section: Trial = Hash(t_pwd); If (Trial = Passwd[root]) Then << Launcmentioning
confidence: 99%
See 4 more Smart Citations
“…We first observe that if the entropy of the hashed value is low an attacker might try to compute, by brute force, the hash of all the possible values until he finds a match. We thus select, as our starting point, a recent noninterference variant called secret-sensitive noninterference [6] which distinguishes small and big secrets and allows us to treat their corresponding digests accordingly. If a secret is big, meaning that it is infeasible to guess its actual value, then the brute force attack above is also infeasible.…”
Section: Trial = Hash(t_pwd); If (Trial = Passwd[root]) Then << Launcmentioning
confidence: 99%
“…In Section 2 we give the background on secretsensitive noninterference [6]; Section 3 extends the noninterference notions so to correctly deal with hash functions. Integrity check by equality is analyzed in Section 4.…”
Section: Trial = Hash(t_pwd); If (Trial = Passwd[root]) Then << Launcmentioning
confidence: 99%
See 3 more Smart Citations