Write a Blog >>
Sat 25 Jan 2020 11:18 - 11:42 at Rosalie - Foundations and timing channels Chair(s): Marco Vassena

Practitioners of secure information flow often face a design challenge: what is the right semantic treatment of leaks via termination? On the one hand, the potential harm of untrusted code calls for strong progress-sensitive security. On the other hand, when the code is trusted to not aggressively exploit termination channels, practical concerns, such as permissiveness of the enforcement, make a case for settling for weaker, progress-insensitive security. This binary situation, however, provides no suitable middle point for systems that mix trusted and untrusted code. This work connects the two extremes by viewing progress-insensitivity as a particular form of declassification. Our novel semantic condition reconciles progress-insensitive security as a declassification bound on the so-called progress knowledge (in an otherwise progress-sensitive setting). We show how the new condition can be soundly enforced using a mostly standard information-flow monitor.

Slides (PriSC.pdf)2.30MiB

Sat 25 Jan

Displayed time zone: Saskatchewan, Central America change

10:30 - 12:30
Foundations and timing channelsPriSC at Rosalie
Chair(s): Marco Vassena CISPA Helmholtz Center for Information Security
10:30
24m
Talk
Exorcising Spectres with Secure Compilers
PriSC
Marco Patrignani Stanford University & CISPA , Marco Guarnieri IMDEA Software Institute
Media Attached File Attached
10:54
24m
Talk
Trace-Relating Compiler Correctness and Secure Compilation
PriSC
Carmine Abate Inria Paris, Roberto Blanco Inria, Stefan Ciobaca Alexandru Ioan Cuza University of Iasi, Deepak Garg Max Planck Institute for Software Systems, Cătălin Hriţcu Inria Paris, Marco Patrignani Stanford University & CISPA , Éric Tanter University of Chile, Jérémy Thibault Inria Paris
Media Attached File Attached
11:18
24m
Talk
Reconciling progress-insensitive noninterference and declassification
PriSC
Johan Bay Aarhus University, Aslan Askarov Aarhus University
Media Attached File Attached
11:42
24m
Talk
Hermes: Implementing Cryptography without Side-channels
PriSC
Ken Friis Larsen DIKU, University of Copenhagen, Torben Mogensen DIKU, University of Copenhagen, Michael Kirkedal Thomsen DIKU, University of Copenhagen
File Attached
12:06
24m
Talk
A CompCert Compiler that Preserves Cryptographic Constant-time
PriSC
Sandrine Blazy Univ Rennes- IRISA, Rémi Hutin IRISA / ENS Rennes, David Pichardie Univ Rennes, ENS Rennes, IRISA
Media Attached