Non-uniform distributions in quantitative information-flow
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Asymptotic information leakage under one-try attacks
FOSSACS'11/ETAPS'11 Proceedings of the 14th international conference on Foundations of software science and computational structures: part of the joint European conferences on theory and practice of software
On the relation between differential privacy and quantitative information flow
ICALP'11 Proceedings of the 38th international conference on Automata, languages and programming - Volume Part II
Quantitative information flow, with a view
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Calculating bounds on information leakage using two-bit patterns
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Automatic quantification of cache side-channels
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
Min-Entropy leakage of channels in cascade
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Worst- and average-case privacy breaches in randomization mechanisms
TCS'12 Proceedings of the 7th IFIP TC 1/WG 202 international conference on Theoretical Computer Science
A differentially private mechanism of optimal utility for a region of priors
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
On bounding problems of quantitative information flow
Journal of Computer Security - ESORICS 2010
Hi-index | 0.00 |
We establish formal bounds for the number of min-entropy bits that can be extracted in a timing attack against a cryptosystem that is protected by blinding, the state-of-the art countermeasure against timing attacks. Compared with existing bounds, our bounds are both tighter and of greater operational significance, in that they directly address the key’s one-guess vulnerability. Moreover, we show that any semantically secure public-key cryptosystem remains semantically secure in the presence of timing attacks, if the implementation is protected by blinding and bucketing. This result shows that, by considering (and justifying) more optimistic models of leakage than recent proposals for leakage-resilient cryptosystems, one can achieve provable resistance against side-channel attacks for standard cryptographic primitives.