Verifying Constant-Time Implementations by Abstract Interpretation
暂无分享,去创建一个
[1] Milo M. K. Martin,et al. Formalizing the LLVM intermediate representation for verified program transformations , 2012, POPL '12.
[2] Kenneth G. Paterson,et al. Lucky Thirteen: Breaking the TLS and DTLS Record Protocols , 2013, 2013 IEEE Symposium on Security and Privacy.
[3] Dorothy E. Denning,et al. A lattice model of secure information flow , 1976, CACM.
[4] Gilles Barthe,et al. System-level Non-interference for Constant-time Cryptography , 2014, IACR Cryptol. ePrint Arch..
[5] Ingrid Verbauwhede,et al. Dude, is my code constant time? , 2017, Design, Automation & Test in Europe Conference & Exhibition (DATE), 2017.
[6] Paul C. Kocher,et al. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.
[7] Jérôme Feret,et al. Static Analysis of Digital Filters , 2004, ESOP.
[8] Antoine Miné,et al. The octagon abstract domain , 2001, High. Order Symb. Comput..
[9] Andrei Sabelfeld,et al. A Perspective on Information-Flow Control , 2012, Software Safety and Security.
[10] Gilles Barthe,et al. Verifying Constant-Time Implementations , 2016, USENIX Security Symposium.
[11] Bor-Yuh Evan Chang,et al. Boogie: A Modular Reusable Verifier for Object-Oriented Programs , 2005, FMCO.
[12] Tanja Lange,et al. The Security Impact of a New Cryptographic Library , 2012, LATINCRYPT.
[13] Fernando Magno Quintão Pereira,et al. Sparse representation of implicit flows with applications to side-channel detection , 2016, CC.
[14] Khawaja Amer Hayat,et al. Password Interception in a SSL/TLS Channel , 2004 .
[15] Sorin Lerner,et al. On Subnormal Floating Point and Abnormal Timing , 2015, 2015 IEEE Symposium on Security and Privacy.
[16] Benjamin Grégoire,et al. Jasmin: High-Assurance and High-Speed Cryptography , 2017, CCS.
[17] Nikolaj Bjørner,et al. Z3: An Efficient SMT Solver , 2008, TACAS.
[18] Andrew C. Myers,et al. JFlow: practical mostly-static information flow control , 1999, POPL '99.
[19] Daniel J. Bernstein,et al. Curve25519: New Diffie-Hellman Speed Records , 2006, Public Key Cryptography.
[20] Xavier Leroy,et al. A Formally-Verified C Static Analyzer , 2015, POPL.
[21] Jean-Pierre Seifert,et al. On the power of simple branch prediction analysis , 2007, ASIACCS '07.
[22] Adam Chlipala,et al. Simple High-Level Code for Cryptographic Arithmetic - With Proofs, Without Compromises , 2019, 2019 IEEE Symposium on Security and Privacy (SP).
[23] Andrew C. Myers,et al. Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..
[24] Jan Reineke,et al. CacheAudit: A Tool for the Static Analysis of Cache Side Channels , 2013, TSEC.
[25] Andrew W. Appel,et al. Verification of a Cryptographic Primitive: SHA-256 , 2015, TOPL.
[26] Craig Costello,et al. Post-Quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem , 2015, 2015 IEEE Symposium on Security and Privacy.
[27] Gilles Barthe. High-Assurance Cryptography: Cryptographic Software We Can Trust , 2015, IEEE Security & Privacy.
[28] Vikram S. Adve,et al. Making context-sensitive points-to analysis with heap cloning practical for the real world , 2007, PLDI '07.
[29] Reiner Hähnle,et al. A Theorem Proving Approach to Analysis of Secure Information Flow , 2005, SPC.
[30] Deian Stefan,et al. FaCT: A Flexible, Constant-Time Programming Language , 2017, 2017 IEEE Cybersecurity Development (SecDev).
[31] Patrick Cousot,et al. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.
[32] Andrew W. Appel,et al. Verified Correctness and Security of mbedTLS HMAC-DRBG , 2017, CCS.
[33] Karthikeyan Bhargavan,et al. HACL*: A Verified Modern Cryptographic Library , 2017, CCS.
[34] Srinath T. V. Setty,et al. Vale: Verifying High-Performance Cryptographic Assembly Code , 2017, USENIX Security Symposium.
[35] Gregor Snelting,et al. Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs , 2009, International Journal of Information Security.
[36] Patrick Cousot,et al. A static analyzer for large safety-critical software , 2003, PLDI.
[37] G. Edward Suh,et al. FPGA-Based Remote Power Side-Channel Attacks , 2018, 2018 IEEE Symposium on Security and Privacy (SP).
[38] Andrew W. Appel,et al. Verified Correctness and Security of OpenSSL HMAC , 2015, USENIX Security Symposium.
[39] K. Rustan M. Leino,et al. Dafny: An Automatic Program Verifier for Functional Correctness , 2010, LPAR.
[40] Xavier Leroy,et al. Formal verification of a realistic compiler , 2009, CACM.
[41] Juan Chen,et al. Secure distributed programming with value-dependent types , 2011, Journal of Functional Programming.
[42] François Pottier,et al. Information flow inference for ML , 2003, TOPL.
[43] David Pichardie,et al. An abstract memory functor for verified C static analyzers , 2016, ICFP.
[44] Roger M. Needham,et al. TEA, a Tiny Encryption Algorithm , 1994, FSE.