Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
POPL
2000
ACM
2000
ACM
Verifying Secrets and Relative Secrecy
Systems that authenticate a user based on a shared secret (such as a password or PIN) normally allow anyone to query whether the secret is a given value. For example, an ATM machine allows one to ask whether a string is the secret PIN of a (lost or stolen) ATM card. Yet such queries are prohibited in any model whose programs satisfy an informationflow property like Noninterference. But there is complexitybased justification for allowing these queries. A type system is given that provides the access control needed to prove that no well-typed program can leak secrets in polynomial time, or even leak them with nonnegligible probability if secrets are of sufficient length and randomly chosen. However, there are well-typed deterministic programs in a synchronous concurrent model capable of leaking secrets in linear time.
Real-time Traffic| Added | 25 Aug 2010 |
| Updated | 25 Aug 2010 |
| Type | Conference |
| Year | 2000 |
| Where | POPL |
| Authors | Dennis M. Volpano, Geoffrey Smith |
Comments (0)
Researcher Info
|
