Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process. This paper examines specific methods for analyzing power consumption

One aspect of security in mobile code is privacy: private (or secret) data should not be leaked to unauthorised agents. Most of the work on secure information flow has until recently only been concerned with detecting direct and indirect flows. Secret information can however be leaked

Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual microchips leak information about the operations they process. Cryptosystems often take slightly different amounts of time to process different inputs and also

We consider simple means by which two people may determine whether they possess the same information, without revealing anything else to each other in case that they do not. Incumbent of the Morris and Rose Goldman Career Development Chair. Research supported by an Alon Fellowship and a grant

Information-flow analysis is a powerful technique for reasoning about the sensitive information exposed by a program during its execution. We present the first automatic method for information-flow analysis that discovers what information is leaked and computes its comprehensive quantitative

user complaints. In this paper, we study the privacy threats that applications, written for Apple’s iOS, pose to users. To this end, we present a novel approach and a tool, PiOS, that allow us to analyze programs for possible leaks of sensitive information from a mobile device to third parties. Pi

Abstract. When designing password-authenticated key exchange protocols (as opposed to key exchange protocols authenticated using cryptographically secure keys), one must not allow any information to be leaked that would allow verification of the password (a weak shared key), since an attacker who

We construct public-key systems that support comparison queries (x ≥ a) on encrypted data as well as more general queries such as subset queries (x ∈ S). Furthermore, these systems support arbitrary conjunctive queries (P1 ∧ · · · ∧ Pℓ) without leaking information on individual conjuncts. We

in this paper enables us to prove precise statements about what an encrypted instance hides and what it leaks, in an information-theoretic sense. Our definitions are cast in the language of probability theory and do not involve assumptions such as the intractability of factoring or the existence of one

-process communication and systemwide information flow. A new event process abstraction provides lightweight, isolated contexts within a single process, allowing the same process to act on behalf of multiple users while preventing it from leaking any single user’s data to any other user. A Web server that uses Asbestos