Results 1 
8 of
8
Predictive blackbox mitigation of timing channels
 In ACM Conference on Computer and Communications Security
, 2010
"... We investigate techniques for general blackbox mitigation of timing channels. The source of events is wrapped by a timing mitigator that delays output events so that they contain only a bounded amount of information. We introduce a general class of timing mitigators that can achieve any given bound ..."
Abstract

Cited by 21 (4 self)
 Add to MetaCart
We investigate techniques for general blackbox mitigation of timing channels. The source of events is wrapped by a timing mitigator that delays output events so that they contain only a bounded amount of information. We introduce a general class of timing mitigators that can achieve any given bound on timing channel leakage, with a tradeoff in system performance. We show these mitigators compose well with other mechanisms for information flow control, and demonstrate they are effective against some known timing attacks.
A Provably Secure And Efficient Countermeasure Against Timing Attacks
"... We show that the amount of information about the key that an unknownmessage attacker can extract from a deterministic sidechannel is bounded from above by Olog 2 (n + 1) bits, where n is the number of sidechannel measurements and O is the set of possible observations. We use this bound to deriv ..."
Abstract

Cited by 9 (3 self)
 Add to MetaCart
We show that the amount of information about the key that an unknownmessage attacker can extract from a deterministic sidechannel is bounded from above by Olog 2 (n + 1) bits, where n is the number of sidechannel measurements and O is the set of possible observations. We use this bound to derive a novel countermeasure against timing attacks, where the strength of the security guarantee can be freely traded for the resulting performance penalty. We give algorithms that efficiently and optimally adjust this tradeoff for given constraints on the sidechannel leakage or on the efficiency of the cryptosystem. Finally, we perform a casestudy that shows that applying our countermeasure leads to implementations with minor performance overhead and formal security guarantees. 1.
Quantifying Timing Leaks and Cost
"... Abstract. We develop a new notion of security against timing attacks where the attacker is able to simultaneously observe the execution time of a program and the probability of the values of low variables. We then show how to measure the security of a program with respect to this notion via a comput ..."
Abstract
 Add to MetaCart
Abstract. We develop a new notion of security against timing attacks where the attacker is able to simultaneously observe the execution time of a program and the probability of the values of low variables. We then show how to measure the security of a program with respect to this notion via a computable estimate of the timing leakage and use this estimate for cost optimisation. 1
Specification and Verification of Side Channel
"... Abstract. Side channel attacks have emerged as a serious threat to the security of both networked and embedded systems – in particular through the implementations of cryptographic operations. Side channels can be difficult to model formally, but with careful coding and program transformation techniq ..."
Abstract
 Add to MetaCart
Abstract. Side channel attacks have emerged as a serious threat to the security of both networked and embedded systems – in particular through the implementations of cryptographic operations. Side channels can be difficult to model formally, but with careful coding and program transformation techniques it may be possible to verify security in the presence of specific sidechannel attacks. But what if a program intentionally makes a tradeoff between security and efficiency and leaks some information through a side channel? In this paper we study such tradeoffs using ideas from recent research on declassification. We present a semantic model of security for programs which allow for declassification through side channels, and show how sidechannel declassification can be verified using offtheshelf software model checking tools. Finally, to make it simpler for verifiers to check that a program conforms to a particular sidechannel declassification policy we introduce a further tradeoff between efficiency and verifiability: by writing programs in a particular “manifest form ” security becomes considerably easier to verify. 1
Time and Probability based Information Flow Analysis
"... Abstract—In multilevel systems it is important to avoid unwanted indirect information flow from higher levels to lower levels, namely the so called covert channels. Initial studies of information flow analysis were performed by abstracting away from time and probability. It is already known that sys ..."
Abstract
 Add to MetaCart
Abstract—In multilevel systems it is important to avoid unwanted indirect information flow from higher levels to lower levels, namely the so called covert channels. Initial studies of information flow analysis were performed by abstracting away from time and probability. It is already known that systems that are proved to be secure in a possibilistic framework may turn out to be insecure when time or probability are considered. Recently, work has been done in order to consider also aspects either of time or of probability, but not both. In this paper we propose a general framework, based on Probabilistic Timed Automata, where both probabilistic and timing covert channels can be studied. We define a NonInterference security property and a Non Deducibility on Composition security property, which allow expressing information flow in a timed and probabilistic setting. We then compare these properties with analogous ones defined in contexts where either time or probability or neither of them are taken into account. This permits a classification of the properties depending on their discerning power. As an application, we study a system with covert channels that we are able to discover by applying our techniques.
Probabilistic Timing . . .
"... We develop a new notion of security against timing attacks where the attacker is able to simultaneously observe the execution time of a program and the probability of the values of low variables. We then propose an algorithm which computes an estimate of the security of a program with respect to t ..."
Abstract
 Add to MetaCart
We develop a new notion of security against timing attacks where the attacker is able to simultaneously observe the execution time of a program and the probability of the values of low variables. We then propose an algorithm which computes an estimate of the security of a program with respect to this notion in terms of timing leakage, and show how to use this estimate for cost optimisation.
unknown title
, 2012
"... Abstract. Informationtheoretic measures based upon mutual information can be employed to quantify the information that an execution of a program reveals about its secret inputs. The information leakage bounding problem asks whether the information leaked by a program does not exceed a certain amoun ..."
Abstract
 Add to MetaCart
Abstract. Informationtheoretic measures based upon mutual information can be employed to quantify the information that an execution of a program reveals about its secret inputs. The information leakage bounding problem asks whether the information leaked by a program does not exceed a certain amount. We consider this problem for two scenarios: a) the outputs of the program are revealed, and b) the timing (measured in the number of execution steps) of the program is revealed. For both scenarios, we establish complexity results in the context of deterministic boolean programs, both for programs with and without recursion. In particular, we prove that for recursive programs the information leakage bounding problem is no harder than checking reachability. 1
Program Analysis Probably Counts
"... Abstract. Semanticsbased program analysis uses an abstract semantics of programs/systems to statically determine runtime properties. Classic examples from compiler technology include analyses to support constant propagation and constant folding transformations and estimation of pointer values to p ..."
Abstract
 Add to MetaCart
Abstract. Semanticsbased program analysis uses an abstract semantics of programs/systems to statically determine runtime properties. Classic examples from compiler technology include analyses to support constant propagation and constant folding transformations and estimation of pointer values to prevent buffer overruns. More recent examples include the estimation of information flows (to enforce security constraints) and estimation of nonfunctional properties such as timing (to determine worst case execution times in hard realtime applications). The classical approaches are based on semantics involving discrete mathematics. Paralleling trends in modelchecking, there have been recent moves towards using probabilistic and quantitative methods in program analysis. In this paper we will start by reviewing both classical and probabilistic/quantitative approaches to program analysis. We will provide a comparison of the two approaches. We will use a simple information flow analysis to exemplify the classical approach. The existence of covert information flows through timing channels are difficult to detect using classical techniques; we show how such problems can be addressed using probabilistic techniques. 1