, Transforming out timing leaks, Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp.40-53, 2000.
, Lucky thirteen: Breaking the tls and dtls record protocols, Security and Privacy (SP), 2013 IEEE Symposium on, pp.526-540, 2013.
, Lucky microseconds: A timing attack on amazon's s2n implementation of tls, Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp.622-643, 2016.
, Verifying constant-time implementations, 25th USENIX Security Symposium (USENIX Security 16), pp.53-70, 2016.
, Boogie: A modular reusable verifier for object-oriented programs, In: FMCO, vol.5, pp.364-387, 2005.
, System-level noninterference for constant-time cryptography, Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp.1267-1279, 2014.
URL : https://hal.archives-ouvertes.fr/hal-01101950
, Secure information flow by self-composition, Computer Security Foundations Workshop, pp.100-114, 2004.
, Secure information flow for a sequential java virtual machine, TLDI'05: Types in Language Design and Implementation, 2003.
, Security types preserving compilation, Systems & Structures, vol.33, issue.2, pp.35-59, 2007.
, The security impact of a new cryptographic library. Progress in Cryptology-LATINCRYPT, pp.159-176, 2012.
, Verifying constant-time implementations by abstract interpretation, European Symposium on Research in Computer Security, pp.260-277, 2017.
URL : https://hal.archives-ouvertes.fr/hal-02025047
, Remote timing attacks are practical, Computer Networks, vol.48, issue.5, pp.701-716, 2005.
, Automatic construction of sparse data flow evaluation graphs, Proceedings of the 18th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, vol.91, pp.55-66, 1991.
, Cacheaudit: A tool for the static analysis of cache side channels, ACM Trans. Inf. Syst. Secur, vol.18, issue.1, pp.1-4, 2015.
, The program dependence graph and its use in optimization, TOPLAS, vol.9, issue.3, pp.319-349, 1987.
, Information flow analysis for java bytecode, Verification, Model Checking, and Abstract Interpretation, pp.346-362, 2005.
, Cache games-bringing access-based cache attacks on aes to practice, Security and Privacy (SP), 2011 IEEE Symposium on, pp.490-505, 2011.
, Timing aware information flow security for a javacardlike bytecode, Electronic Notes in Theoretical Computer Science, vol.141, issue.1, pp.163-182, 2005.
, Binding time analysis: A new perspective, Proceedings of the ACM Symposium on Partial Evaluation and Semantics-Based Program Manipulation (PEPM'91), pp.154-164, 1991.
, On flow-sensitive security types, ACM SIGPLAN Notices, vol.41, pp.79-90, 2006.
, Llvm: A compilation framework for lifelong program analysis & transformation, Proceedings of the International Symposium on Code Generation and Optimization: Feedback-directed and Runtime Optimization. CGO '04, 2004.
, Downgrading policies and relaxed noninterference, Proceedings of POPL, vol.40, pp.158-170, 2005.
, The program counter security model: Automatic detection and removal of control-flow side channel attacks, In: ICISC, vol.3935, pp.156-168, 2005.
, Jflow: Practical mostly-static information flow control, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp.228-241, 1999.
, Sparse representation of implicit flows with applications to side-channel detection, Proceedings of the 25th International Conference on Compiler Construction, pp.110-120, 2016.
, Language-based information-flow security, IEEE Journal on selected areas in communications, vol.21, issue.1, pp.5-19, 2003.
, Declassification: Dimensions and principles, Journal of Computer Security, vol.17, issue.5, pp.517-548, 2009.
, Enforcing stateful authorization and information flow policies in fine, pp.529-549, 2010.
, A cryptographic decentralized label model, Security and Privacy, 2007. SP'07. IEEE Symposium on, pp.192-206, 2007.
, A sound type system for secure flow analysis, Journal of computer security, vol.4, issue.2-3, pp.167-187, 1996.