Cryptographically sound implementations for typed information-flow security

ACM SIGPLAN Notices

Volumn 43, Issue 1, 2008, Pages 323-335

  Fournet, Cédric ^a   Rezk, Tamara ^b  

^a MICROSOFT RESEARCH   (United States)

^b MSR Inria Joint Centre   (France)

Author keywords

Compilers; Computational model; Confidentiality; Cryptography; Integrity; Noninterference; Probabilistic programs; Secure information flow; Type systems

Indexed keywords

ACCESS CONTROL; MEMORY ARCHITECTURE; NETWORK SECURITY; POLYNOMIAL APPROXIMATION; PROGRAM COMPILERS; PROGRAM TRANSLATORS; TRANSLATION (LANGUAGES);

COMPUTATIONAL MODEL; CONFIDENTIALITY; INTEGRITY; NONINTERFERENCE; PROBABILISTIC PROGRAMS; SECURE INFORMATION FLOW; TYPE SYSTEMS;

CRYPTOGRAPHY;

EID: 67650106120     PISSN: 15232867     EISSN: None     Source Type: Journal    
DOI: 10.1145/1328897.1328478     Document Type: Article

References (27)

1. Martín Abadi. Protection in programming-language translations. In 25th International Colloquium on Automata, Languages and Programming, volume 1443 of LNCS, pages 868-883. Springer-Verlag, 1998.
2. Martín Abadi and Phillip Rogaway. Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryp-tology, 15(2):103-127, 2002.
3. Martín Abadi, Ricardo Corin, and Cédric Fournet. Computational secrecy by typing for the pi calculus. In APLAS '06, volume 4279 of LNCS, pages 253-269. Springer-Verlag, November 2006.
4. Pedro Adão and Cédric Fournet. Cryptographically sound implementations for communicating processes (extended abstract). In 33rd International Colloquium on Automata, Languages and Programming, volume 4052 of LNCS, pages 83-94. Springer-Verlag, July 2006.
5. Aslan Askarov, Daniel Hedin, and Andrei Sabelfeld. Cryptographically- masked flows. In Proceedings of the 13th International Static Analysis Symposium, LNCS, Seoul, Korea, 2006. Springer-Verlag.
6. M. Backes, B. Pfitzmann, and M. Waidner. A composable cryptographic library with nested operations. In 10th ACM Conference on Computer and Communications Security, pages 220-230, 2003.
7. Michael Backes. Quantifying probabilistic information flow in computational reactive systems. In ESORICS'05, volume 3679 of LNCS, pages 336-354. Springer-Verlag, September 2005.
8. Mihir Bellare and Phillip Rogaway. The game-playing technique, December 2004. At http://www.cs.ucdavis.edu/~rogaway/papers/games.html.
9. Mihir Bellare, Alexandra Boldyreva, and Silvio Micali. Public-key encryption in a multi-user setting: Security proofs and improvements. In EU-ROCRYPT, pages 259-274, 2000.
10. Dorothy E. Denning. A lattice model of secure information flow. Commun. ACM, 19(5):236-243, 1976.
11. Shafi Goldwasser, Silvio Micali, and Ronald Rivest. A digital signature scheme secure against adaptive chosen-message attack. SIAM Journal on Computing, 17(2):281-308, 1988.
12. Holger Hermanns. Interactive Markov Chains: The Quest for Quantified Quality. Springer Berlin/Heidelberg, 2002.
13. Peeter Laud. Secrecy types for a simulatable cryptographic library. In 12th ACM Conference on Computer and Communications Security, pages 26-35, 2005.
14. Peeter Laud. Semantics and program analysis of computationally secure information flow. In 10th European Symposium on Programming (ESOP 2001), volume 2028 of LNCS. Springer-Verlag, April 2001.
15. Peeter Laud. On the computational soundness of cryptographically-masked flows. In Proceedings of the 35th Symposium on Principles of Programming Languages, San Francisco, USA, 2008. ACM Press.
16. Peeter Laud and Varmo Vene. A type system for computationally secure information flow. In Fundamentals of Computation Theory, LNCS, pages 365-377. Springer-Verlag, 2005.
17. Wenbo Mao. Modern Cryptography: Theory and Practice. Prentice Hall Professional Technical Reference, 2003.
18. David Monniaux. Analyse de programmes probabilistes par interprétation abstraite. PhD thesis, Universite Paris IX Dauphine, 2001.
19. Andrew C. Myers and Barbara Liskov. Protecting privacy using the decentralized label model. ACM Trans. Softw. Eng. Methodol., 9(4):410-442, 2000.
20. Andrew C. Myers, Andrei Sabelfeld, and Steve Zdancewic. Enforcing robust declassification and qualified robustness. Journal of Computer Security, 14(2):157-196, 2006.
21. Charles Rackoff and Daniel R. Simon. Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In CRYPTO'91, volume 576 of LNCS, pages 433-444. Springer-Verlag, 1991.
22. Andrei Sabelfeld and Andrew Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1), 2003.
23. Geoffrey Smith and Rafael Alpízar. Secure information flow with random assignment and encryption. In FMSE '06: Proceedings of the fourth ACM workshop on Formal methods in security, pages 33-44, 2006.
24. Jeffrey A. Vaughan and Steve Zdancewic. A cryptographic decentralized label model. In IEEE Symposium on Security and Privacy, pages 192-206, May 2007.
25. Steve Zdancewic and Andrew Myers. Robust declassification. In 14th IEEE Computer Security Foundations Workshop, pages 15-23, 2001.
26. Steve Zdancewic, Lantian Zheng, Nathaniel Nystrom, and Andrew C. Myers. Secure program partitioning. ACM Trans. Comput. Syst., 20(3): 283-328, 2002.
27. Lantian Zheng, Steve Chong, Andrew Myers, and Steve Zdancewic. Using replication and partitioning to build secure distributed systems. In 15th IEEE Symposium on Security and Privacy, 2003.