6 Reads
Recent interest in methods for certifying programs for se- cure information flow (noninterference) have failed to rais e a key question: can efficient algorithms be written so as to satisfy the requirements of secure information flow? In this paper we discuss how algorithms for searching and sorting can be adapted to work on collections of secret data without leaking any confidential information, either d i- rectly, indirectly, or through timing behaviour. We pay par - ticular attention to the issue of timing channels caused by cache behaviour, and argue that it is necessary to disable the effect of the cache in order to construct algorithms ma- nipulating pointers to objects in such a way that they satisf y the conditions of noninterference. We also discuss how randomisation can be used to imple- ment secure algorithms, and discuss how randomised hash tables might be made practically secure.