A static analysis for quantifying information flow in a simple imperative language

We propose an approach to quantify interference in a simple imperative language that includes a looping construct. In this paper we focus on a particular case of this definition of interference: leakage of information from private variables to public ones via a Trojan Horse attack. We quantify leakage in terms of Shannon's information theory and we motivate our definition by proving a result relating this definition of leakage and the classical notion of programming language interference. The major contribution of the paper is a quantitative static analysis based on this definition for such a language. The analysis uses some non-trivial information theory results like Fano's inequality and L1 inequalities to provide reasonable bounds for conditional statements. While-loops are handled by integrating a qualitative flow-sensitive dependency analysis into the quantitative analysis

Quantifying Shannon's Work Function for Cryptanalytic Attacks

Attacks on cryptographic systems are limited by the available computational resources. A theoretical understanding of these resource limitations is needed to evaluate the security of cryptographic primitives and procedures. This study uses an Attacker versus Environment game formalism based on computability logic to quantify Shannon's work function and evaluate resource use in cryptanalysis. A simple cost function is defined which allows to quantify a wide range of theoretical and real computational resources. With this approach the use of custom hardware, e.g., FPGA boards, in cryptanalysis can be analyzed. Applied to real cryptanalytic problems, it raises, for instance, the expectation that the computer time needed to break some simple 90 bit strong cryptographic primitives might theoretically be less than two years.Comment: 19 page

Energy Efficient In-line Encryption With Selective Round Masking

Side channel protection imposes substantial area, performance, and/or energy overhead, rendering such hardware unsuitable for devices that have space or battery constraints, e.g., head-mounted display (HMD) devices. To safeguard user data in such devices, energy efficient encryption techniques are necessary. This disclosure describes an in-line encryption engine that uses selective masking. The first and last rounds of encryption are accorded maximum protection by incorporating all masking features, while intermediate rounds are only partially masked at steps that are determined as likely vulnerable, or are left unmasked. Selective round masking in this manner provides data protection with low cost, and is suitable for use in devices with space or battery constraints, such as HMD devices

A New Approximate Min-Max Theorem with Applications in Cryptography

We propose a novel proof technique that can be applied to attack a broad class of problems in computational complexity, when switching the order of universal and existential quantifiers is helpful. Our approach combines the standard min-max theorem and convex approximation techniques, offering quantitative improvements over the standard way of using min-max theorems as well as more concise and elegant proofs