{"title":"On confidentiality and algorithms: programming under the constraints of noninterference","authors":"Johan Agat, David Sands","doi":"10.1109/SECPRI.2001.924288","DOIUrl":null,"url":null,"abstract":"Recent interest in methods for certifying programs for secure information flow (noninterference) have failed to raise a key question: can efficient algorithms be written so as to satisfy the requirements of secure information flow? We discuss how algorithms for searching and sorting can be adapted to work on collections of secret data without leaking any confidential information, either directly, indirectly, or through timing behaviour. We pay particular attention to the issue of timing channels caused by cache behaviour and argue that it is necessary to disable the affect of the cache in order to construct algorithms manipulating pointers to objects in such a way that they satisfy the conditions of noninterference. We also discuss how randomisation can be used to implement secure algorithms, and discuss how randomised hash tables might be made practically secure.","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"14 1","pages":"64-77"},"PeriodicalIF":0.0000,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"20","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECPRI.2001.924288","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 20
Abstract
Recent interest in methods for certifying programs for secure information flow (noninterference) have failed to raise a key question: can efficient algorithms be written so as to satisfy the requirements of secure information flow? We discuss how algorithms for searching and sorting can be adapted to work on collections of secret data without leaking any confidential information, either directly, indirectly, or through timing behaviour. We pay particular attention to the issue of timing channels caused by cache behaviour and argue that it is necessary to disable the affect of the cache in order to construct algorithms manipulating pointers to objects in such a way that they satisfy the conditions of noninterference. We also discuss how randomisation can be used to implement secure algorithms, and discuss how randomised hash tables might be made practically secure.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
