Capacity limit of queueing timing channel in shared FCFS schedulers

Ghassami, AmirEmad; Gong, Xun; Kiyavash, Negar

doi:10.1109/isit.2015.7282563

Cited by 13 publications

(20 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is worth noting that L c (X→Y ), similarly to maximal leakage, depends on P XY only through P Y |X and the support of P X . Moreover, a relation analogous to (2) holds for L c (X→Y ):…”

Section: E Maximal Cost Leakagementioning

confidence: 99%

See 1 more Smart Citation

An Operational Approach to Information Leakage

Issa

Wagner

Kamath

2020

IEEE Trans. Inform. Theory

152

209

View full text Add to dashboard Cite

Given two random variables X and Y , an operational approach is undertaken to quantify the "leakage" of information from X to Y . The resulting measure L (X→Y ) is called maximal leakage, and is defined as the multiplicative increase, upon observing Y , of the probability of correctly guessing a randomized function of X, maximized over all such randomized functions. A closed-form expression for L (X→Y ) is given for discrete X and Y , and it is subsequently generalized to handle a large class of random variables. The resulting properties are shown to be consistent with an axiomatic view of a leakage measure, and the definition is shown to be robust to variations in the setup. Moreover, a variant of the Shannon cipher system is studied, in which performance of an encryption scheme is measured using maximal leakage. A single-letter characterization of the optimal limit of (normalized) maximal leakage is derived and asymptotically-optimal encryption schemes are demonstrated. Furthermore, the sample complexity of estimating maximal leakage from data is characterized up to subpolynomial factors. Finally, the guessing framework used to define maximal leakage is used to give operational interpretations of commonly used leakage measures, such as Shannon capacity, maximal correlation, and local differential privacy. arXiv:1807.07878v1 [cs.IT] 20 Jul 2018 3 (R4) It should accord with intuition. That is, it should not mis-characterize the (severity of) information leakage in systems that we understand well. A. Common Information-Theoretic ApproachesNotably, many commonly-used information leakage metrics do not satisfy the above requirements. For example, mutual information, which has been frequently used as a leakage measure [3]-[5][18]- [21], arguably fails to satisfy both (R1) and (R4). Regarding the latter, consider the following example proposed by Smith [22].Example 1: Given n ∈ N, let X = {0, 1} 8n and X ∼ Unif(X ). Now consider the following two conditional distributions:1, otherwise. and P Z|X = (X 1 , X 2 , . . . , X n+1 ).Then the probability of guessing X correctly from Y is at least 1/8, whereas the probability of guessing X correctly from Z is only 2 −7n+1 for Z. However, one can readily verify that I(X; Y ) ≈ (n + 0.169) log 2 ≤ I(X; Z) = (n + 1) log 2 [22].Regarding the former, note that operational interpretations of mutual information arise in transmission and compression settings, which are different from the security setting at hand. Moreover, in those settings, mutual information arises as part of a computable characterization of the solution, rather than as part of the formulation itself, i.e., the transmission and compression problems are not defined in terms of mutual information.Mutual information could potentially be justified by appealing to rate-distortion theory [23, Section V]. In fact, a number of leakage measures in the literature are based on rate-distortion theory. For instance, Yamomoto [24] introduces a distortion function d and measures the privacy of P Y |X using infx (·) E[d(X,x(Y ))]. ...

show abstract

Section: E Maximal Cost Leakagementioning

confidence: 99%

“…(e.g., memory access patterns) and can leak sensitive information such as keys. Similar phenomena occur when users share links or buffers in a communication network [2]. • Consider the Shannon cipher system (shown in Figure 2) in which a transmitter and a receiver are connected through a public noiseless channel and share a secret key.…”

Section: Introductionmentioning

confidence: 97%

An Operational Approach to Information Leakage

Issa

Wagner

Kamath

2020

IEEE Trans. Inform. Theory

152

209

View full text Add to dashboard Cite

show abstract

“…H A α (X|Y ) is Arimoto conditional entropy of X given Y in (11). For α = ∞, the expression of H A ∞ (X|Y ) is…”

Section: A α-Loss Functionmentioning

confidence: 99%

“…Moreover, practical implementations of cryptographic schemes are susceptible to so-called "side-channel attacks," where sensitive information leaks through unexpected channels. For example, a malicious application may get timing characteristics [11], [12]. In these examples, an adversary that observes information leaked through a side-channel can more reliably infer private data, such as a key or a plaintext.…”

Section: Introduction and Overviewmentioning

confidence: 99%

Tunable Measures for Information Leakage and Applications to Privacy-Utility Tradeoffs

Liao

Kosut

Sankar

et al. 2019

IEEE Trans. Inform. Theory

View full text Add to dashboard Cite

We introduce a tunable measure for information leakage called maximal α-leakage. This measure quantifies the maximal gain of an adversary in inferring any (potentially random) function of a dataset from a release of the data. The inferential capability of the adversary is, in turn, quantified by a class of adversarial loss functions that we introduce as αloss, α ∈ [1, ∞) ∪ {∞}. The choice of α determines the specific adversarial action and ranges from refining a belief (about any function of the data) for α = 1 to guessing the most likely value for α = ∞ while refining the α th moment of the belief for α in between. Maximal α-leakage then quantifies the adversarial gain under α-loss over all possible functions of the data. In particular, for the extremal values of α = 1 and α = ∞, maximal αleakage simplifies to mutual information and maximal leakage, respectively. For α ∈ (1, ∞) this measure is shown to be the Arimoto channel capacity of order α. We show that maximal αleakage satisfies data processing inequalities and a sub-additivity property thereby allowing for a weak composition result. Building upon these properties, we use maximal α-leakage as the privacy measure and study the problem of data publishing with privacy guarantees, wherein the utility of the released data is ensured via a hard distortion constraint. Unlike average distortion, hard distortion provides a deterministic guarantee of fidelity. We show that under a hard distortion constraint, for α > 1 the optimal mechanism is independent of α, and therefore, the resulting optimal tradeoff is the same for all values of α > 1. Finally, the tunability of maximal α-leakage as a privacy measure is also illustrated for binary data with average Hamming distortion as the utility measure.

show abstract

“…There has also been some work on information flow via schedulers. The problem where two tasks leak private information by using a covert channel is studied [2], [3]. Völp et al [1], [29] examined covert channels between different priorities of real-time tasks and proposed solutions to avoid such covert channels.…”

Section: Related Workmentioning

confidence: 99%

A Novel Side-Channel in Real-Time Schedulers

Chen

Mohan

Pellizzoni

et al. 2019

2019 IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS)

Self Cite

View full text Add to dashboard Cite

We demonstrate the presence of a novel scheduler side-channel in preemptive, fixed-priority real-time systems (RTS); examples of such systems can be found in automotive systems, avionic systems, power plants and industrial control systems among others. This side-channel can leak important timing information such as the future arrival times of realtime tasks. This information can then be used to launch devastating attacks, two of which are demonstrated here (on real hardware platforms). Note that it is not easy to capture this timing information due to runtime variations in the schedules, the presence of multiple other tasks in the system and the typical constraints (e.g., deadlines) in the design of RTS. Our ScheduLeak algorithms demonstrate how to effectively exploit this side-channel. A complete implementation is presented on real operating systems (in Real-time Linux and FreeRTOS). Timing information leaked by ScheduLeak can significantly aid other, more advanced, attacks in better accomplishing their goals.

show abstract

Capacity limit of queueing timing channel in shared FCFS schedulers

Cited by 13 publications

References 7 publications

An Operational Approach to Information Leakage

An Operational Approach to Information Leakage

Tunable Measures for Information Leakage and Applications to Privacy-Utility Tradeoffs

A Novel Side-Channel in Real-Time Schedulers

Contact Info

Product

Resources

About