We present an attack for LIO [12], a concurrent IFC system for Haskell, that leverages lazy evaluation to leak secrets. LIO presents countermeasures for inter-.
In this work, we describe a novel exploit of lazy evaluation to reveal secrets in IFC systems. Specifically, we show that lazy evaluation might transport ...
In this work, we describe a novel exploit of lazy evaluation to reveal secrets in IFC systems. Specifically, we show that lazy evaluation might transport ...
Abstract. To preserve confidentiality, information-flow control (IFC) restricts how untrusted code handles secret data. While promising, IFC.
Lazy Programs Leak Secrets. https://doi.org/10.1007/978-3-642-41488-6_8 · Full text. Journal: Secure IT Systems Lecture Notes in Computer Science, 2013, p ...
In this work, we describe a novel exploit of lazy evaluation to reveal secrets in IFC systems. Specifically, we show that lazy evaluation might transport ...
While it is normally considered a positive feature, it can be abused in information-flow libraries, such as MAC, to leak secrets as shown in Lazy Program Leaks ...
Oct 13, 2020 · How leaking of secrets happens. It's a mixture of missing knowledge, laziness, and human error. If people don't know how to store the secrets ...
Input Format. The input to our tools is a C-program with annotations indicating which variables are secret and the locations at which leaks should be checked.
Lazy evaluation also implies that Haskell programs can crash based on their input. That doesn't imply big input, simply that the input caused a space leak ...
Missing: Secrets. | Show results with:Secrets.