A secure poker protocol that minimizes the effect of player coalitions
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Proceedings on Advances in cryptology---CRYPTO '86
General public key residue cryptosystems and mental poker protocols
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A new privacy homomorphism and applications
Information Processing Letters
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Automated refactoring to introduce design patterns
Proceedings of the 22nd international conference on Software engineering
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Untrusted hosts and confidentiality: secure program partitioning
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Information flow inference for ML
ACM Transactions on Programming Languages and Systems (TOPLAS)
Mathematical Models of Computer Security
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Classification of Security Properties (Part I: Information Flow)
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Lessons Learned in Implementing and Deploying Crypto Software
Proceedings of the 11th USENIX Security Symposium
Confidentiality for Mobile Code: The Case of a Simple Payment Protocol
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Secure Information Flow and Pointer Confinement in a Java-like Language
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Probabilistic encryption & how to play mental poker keeping secret all partial information
STOC '82 Proceedings of the fourteenth annual ACM symposium on Theory of computing
Using Replication and Partitioning to Build Secure Distributed Systems
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Enforcing Robust Declassification
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Security policies for downgrading
Proceedings of the 11th ACM conference on Computer and communications security
Downgrading policies and relaxed noninterference
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Practical Information-flow Control in Web-Based Information Systems
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Language-Based Information Erasure
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Dimensions and Principles of Declassification
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
End-to-End Availability Policies and Noninterference
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
On the secure implementation of security protocols
ESOP'03 Proceedings of the 12th European conference on Programming
Building Secure Software: How to Avoid Security Problems the Right Way (paperback) (Addison-Wesley Professional Computing Series)
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
A logic for information flow in object-oriented programs
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure information flow with random assignment and encryption
Proceedings of the fourth ACM workshop on Formal methods in security
SIF: enforcing confidentiality and integrity in web applications
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
From trusted to secure: building and executing applications that enforce system security
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Quantitative information flow as network flow capacity
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Verified interoperable implementations of security protocols
ACM Transactions on Programming Languages and Systems (TOPLAS)
Effective blame for information-flow violations
Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering
Catch me if you can: permissive yet secure error handling
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Refinement types for secure implementations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Cryptographically-Masked flows
SAS'06 Proceedings of the 13th international conference on Static Analysis
Experiences with PDG-Based IFC
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
A semantic framework for declassification and endorsement
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
Flow locks: towards a core calculus for dynamic flow policies
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
SAILS: static analysis of information leakage with sample
Proceedings of the 27th Annual ACM Symposium on Applied Computing
A framework for static detection of privacy leaks in android applications
Proceedings of the 27th Annual ACM Symposium on Applied Computing
| Hi-index | 0.00 |
Security protocols are critical for protecting modern communication infrastructures and are therefore subject to thorough analysis. However practical implementations of these protocols lack the same level of attention and thus may be more exposed to attacks. This paper discusses security assurance provided by security-typed languages when implementing cryptographic protocols. Our results are based on a case study using Jif, a Java-based security-typed language, for implementing a non-trivial cryptographic protocol that allows playing online poker without a trusted third party. The case study deploys the largest program written in a security-typed language to date and identifies insights ranging from security guarantees to useful patterns of secure programming.