MOTIVATION

Information is meaningful only if it flows from one location to another. Such flow can take on many forms. Information may flow from a filing cabinet into somebody's brain; it may pass through various departments of a commercial or military organization; it may be input into – and transformed by – computer programs. In any event, it is of paramount importance that sensitive information not be leaked to unauthorized agents during its flow through a network or program that processes information.

In Chapter 1, we encountered public-key cryptography as a technique for guaranteeing secure flow of confidential messages (e.g., a key for the Rijndael cipher) from one agent to another through an unsecure communication channel. However, such secure information flow may be corrupted when implementing cryptographic algorithms – for example, the RSA and DES encryption modules shown in Figure 6.1 and Figure 3.4 (respectively). Clearly, it is quite straightforward and reasonably simple to write programs that provide the specified input–output functionality. Yet program variables, other programs, or other users of the operating system in which these programs run may be able to deduce information about the secret key for those public-key or symmetric cryptographic systems, either by observing run-time behavior of these implementations or by analyzing their concrete syntax.