No abstract available.
Approximation and Randomization for Quantitative Information-Flow Analysis
Quantitative information-flow analysis (QIF) is an emerging technique for establishing information-theoretic confidentiality properties. Automation of QIF is an important step towards ensuring its practical applicability, since manual reasoning about ...
Quantitative Information Flow - Verification Hardness and Possibilities
Researchers have proposed formal definitions of quantitative information flow based on information theoretic notions such as the Shannon entropy, the min entropy, the guessing entropy, and channel capacity. This paper investigates the hardness and ...
Quantification of Integrity
Two kinds of integrity measures—contamination and suppression—are introduced. Contamination measures how much untrusted information reaches trusted outputs; it is the dual of information-flow confidentiality. Suppression measures how much information is ...
Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks
We establish formal bounds for the number of min-entropy bits that can be extracted in a timing attack against a cryptosystem that is protected by blinding, the state-of-the art countermeasure against timing attacks. Compared with existing bounds, our ...
Modeling and Verifying Ad Hoc Routing Protocols
Mobile ad hoc networks consist of mobile wireless devices which autonomously organize their infrastructure. In such networks, a central issue, ensured by routing protocols, is to find a route from one device to another. Those protocols use cryptographic ...
Formal Verification of Privacy for RFID Systems
RFID tags are being widely employed in a variety of applications, ranging from barcode replacement to electronic passports. Their extensive use, however, in combination with their wireless nature, introduces privacy concerns as a tag could leak ...
Robustness Guarantees for Anonymity
Anonymous communication protocols must achieve two seemingly contradictory goals: privacy (informally, they must guarantee the anonymity of the parties that send/receive information), and robustness (informally, they must ensure that the messages are ...
Analysing Unlinkability and Anonymity Using the Applied Pi Calculus
An attacker that can identify messages as coming from the same source, can use this information to build up a picture of targets’ behaviour, and so, threaten their privacy. In response to this danger, unlinkable protocols aim to make it impossible for a ...
A Game-Based Definition of Coercion-Resistance and Its Applications
Coercion-resistance is one of the most important and intricate security requirements for voting protocols. Several definitions of coercion-resistance have been proposed in the literature, both in cryptographic settings and more abstract, symbolic ...
Towards Quantitative Analysis of Proofs of Authorization: Applications, Framework, and Techniques
Although policy compliance testing is generally treated as a binary decision problem, the evidence gathered during the trust management process can actually be used to examine these outcomes within a more continuous space. In this paper, we develop a ...
Constraining Credential Usage in Logic-Based Access Control
Authorization logics allow concise specification of flexible access-control policies, and are the basis for logic-based access-control systems. In such systems, resource owners issue credentials to specify policies, and the consequences of these ...
Information Flow in Credential Systems
This paper proposes a systematic study of information flow in credential-based declarative authorization policies. It argues that a treatment in terms of information flow is needed to adequately describe, analyze and mitigate a class of probing attacks ...
Dynamic vs. Static Flow-Sensitive Security Analysis
This paper seeks to answer fundamental questions about trade-offs between static and dynamic security analysis. It has been previously shown that flow-sensitive static information-flow analysis is a natural generalization of flow-insensitive static ...
Information Flow Monitor Inlining
In recent years it has been shown that dynamic monitoring can be used to soundly enforce information flow policies. For programs distributed in source or bytecode form, the use of just-in-time (JIT) compilation makes it difficult to implement monitoring ...
Required Information Release
Many computer systems have a functional requirement to release information. Such requirements are an important part of a system’s information security requirements. Current information-flow control techniques are able to reason about permitted ...
Strong Invariants for the Efficient Construction of Machine-Checked Protocol Security Proofs
We embed an operational semantics for security protocols in the interactive theorem prover Isabelle/HOL and derive two strong protocol-independent invariants. These invariants allow us to reason about the possible origin of messages and justify a local ...
A Machine-Checked Formalization of Sigma-Protocols
Zero-knowledge proofs have a vast applicability in the domain of cryptography, stemming from the fact that they can be used to force potentially malicious parties to abide by the rules of a protocol, without forcing them to reveal their secrets. Σ-...
Impossibility Results for Secret Establishment
Security protocol design is a creative discipline where the solution space depends on the problem to be solved and the cryptographic operators available. In this paper, we examine the general question of when two agents can create a shared secret. ...
A Framework for the Sound Specification of Cryptographic Tasks
Nowadays it is widely accepted to formulate the security of a protocol carrying out a given task via the “trustedparty paradigm,” where the protocol execution is compared with an ideal process where the outputs are computed by a trusted party that sees ...
Towards a Formal Foundation of Web Security
We propose a formal model of web security based on an abstraction of the web platform and use this model to analyze the security of several sample web mechanisms and applications. We identify three distinct threat models that can be used to analyze web ...
Automating Open Bisimulation Checking for the Spi Calculus
We consider the problem of automating open bisimulation checking for the spi calculus, an extension of the pi-calculus with cryptographic primitives. The notion of open bisimulation considered here is indexed by a (symbolic) environment, represented as ...
Protocol Composition for Arbitrary Primitives
We study the composition of security protocols when protocols share secrets such as keys. We show (in a Dolev-Yao model) that if two protocols use disjoint cryptographic primitives, their composition is secure if the individual protocols are secure, ...
On Protection by Layout Randomization
Layout randomization is a powerful, popular technique for software protection. We present it and study it in programming-language terms. More specifically, we consider layout randomization as part of an implementation for a highlevel programming ...
Recommendations
Analytical foundations of aerothermochemistry
RésuméL'étude décrite ici donne une formulation complète et générale des écoulements d'un mélange à réaction de gaz parfaits.
Les résultats les plus importants sont les suivants:
- La nature et les propriétés du système d'équations différentielles —le ...