Handling Encryption in an Analysis for Secure Information Flow

  • Peeter Laud
Conference paper

DOI: 10.1007/3-540-36575-3_12

Part of the Lecture Notes in Computer Science book series (LNCS, volume 2618)
Cite this paper as:
Laud P. (2003) Handling Encryption in an Analysis for Secure Information Flow. In: Degano P. (eds) Programming Languages and Systems. ESOP 2003. Lecture Notes in Computer Science, vol 2618. Springer, Berlin, Heidelberg

Abstract

This paper presents a program analysis for secure information flow. The analysis works on a simple imperative programming language containing a cryptographic primitive—encryption—as a possible operation. The analysis captures the intuitive qualities of the (lack of) information flow from a plaintext to its corresponding ciphertext. The analysis is proved correct with respect to a complexity-theoretical definition of the security of information flow. In contrast to the previous results, the analysis does not put any restrictions on the structure of the program, especially on the ways of how the program uses the encryption keys.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Peeter Laud
    • 1
  1. 1.Tartu University and Cybernetica ASUSA

Personalised recommendations