Quantifying Timing Leaks and Cost Optimisation

Pierro, Alessandra Di; Hankin, Chris; Wiklicky, Herbert

doi:10.1007/978-3-540-88625-9_6

Cited by 17 publications

(12 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several approaches in language-based security use type systems to detect [13], eliminate [1], [4], or mitigate [22] timing leaks. Applying these languagebased approaches to cryptographic algorithms requires restrictive programming and precise knowledge about the time consumption of the individual instructions on the underlying machine.…”

Section: Related Workmentioning

confidence: 99%

Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks

Köpf

Smith

2010

2010 23rd IEEE Computer Security Foundations Symposium

103

View full text Add to dashboard Cite

Abstract-We establish formal bounds for the number of min-entropy bits that can be extracted in a timing attack against a cryptosystem that is protected by blinding, the state-of-the art countermeasure against timing attacks. Compared with existing bounds, our bounds are both tighter and of greater operational significance, in that they directly address the key's one-guess vulnerability. Moreover, we show that any semantically secure public-key cryptosystem remains semantically secure in the presence of timing attacks, if the implementation is protected by blinding and bucketing. This result shows that, by considering (and justifying) more optimistic models of leakage than recent proposals for leakage-resilient cryptosystems, one can achieve provable resistance against side-channel attacks for standard cryptographic primitives.

show abstract

Section: Related Workmentioning

confidence: 99%

Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks

Köpf

Smith

2010

2010 23rd IEEE Computer Security Foundations Symposium

103

View full text Add to dashboard Cite

show abstract

“…It should automatically adjust the automaton A in such a way that A/Σ H becomes bisimilar to A \ Σ H . In this direction, Agat considers the aspect of time in isolation for deterministic systems [1], Di Pierro et al propose a framework where probabilistic systems are transformed to become time equivalent [20], finally, in [24] systems are transformed to become time probabilistic bisimilar.…”

Section: Discussionmentioning

confidence: 99%

Time and Probability-Based Information Flow Analysis

Lanotte

Maggiolo-Schettini

Troina

2010

IIEEE Trans. Software Eng.

View full text Add to dashboard Cite

Abstract-In multilevel systems it is important to avoid unwanted indirect information flow from higher levels to lower levels, namely the so called covert channels. Initial studies of information flow analysis were performed by abstracting away from time and probability. It is already known that systems that are proved to be secure in a possibilistic framework may turn out to be insecure when time or probability are considered. Recently, work has been done in order to consider also aspects either of time or of probability, but not both. In this paper we propose a general framework, based on Probabilistic Timed Automata, where both probabilistic and timing covert channels can be studied. We define a Non-Interference security property and a Non Deducibility on Composition security property, which allow expressing information flow in a timed and probabilistic setting. We then compare these properties with analogous ones defined in contexts where either time or probability or neither of them are taken into account. This permits a classification of the properties depending on their discerning power. As an application, we study a system with covert channels that we are able to discover by applying our techniques.

show abstract

“…In the literature, some proposals concerned with discrete-time extensions of noninterference have been proposed, e.g. in the setting of real-time process algebra [8] and probabilistic timed automata [12,7], while other time-based aspects of noninterference have been investigated in the general setting of Shannon information theory, see e.g. [13].…”

Section: Fine-grain Models and Noninterferencementioning

confidence: 99%

A General Framework for Nondeterministic, Probabilistic, and Stochastic Noninterference

Aldini

Bernardo

2009

Foundations and Applications of Security Analysis

View full text Add to dashboard Cite

Abstract. We introduce a notion of stochastic noninterference aimed at extending the classical approach to information flow analysis with finegrain information describing the temporal behavior of systems. In particular, we refer to a process algebraic setting that joins durational activities expressing time passing through exponentially distributed random variables, zero duration activities allowing for prioritized/probabilistic choices, and untimed activities with unspecified duration. In this setting unifying time, priority, probability, and nondeterminism, we highlight the expressive power of stochastic noninterference with respect to the existing definitions of nondeterministic and probabilistic noninterference. From this comparison, we obtain that stochastic noninterference turns out to be very strict and limiting in real-world applications and, therefore, requires the use of relaxation techniques. Among them we advocate performance evaluation as a means for achieving a reasonable balance between security requirements and quality. Fine-grain Models and NoninterferenceInformation flow analysis is a basic approach to the verification of security properties of systems which, in general, require to control who has access to what and when. Among the several conditions that describe the characteristics of unauthorized information flows, called covert channels, one of the most interesting, for its intuitive and wide-used idea, is the noninterference requirement [11]. Very briefly, in a multi-level secure system, the user at the high security level should not be able to affect what the user at the low security level can observe. Independently of the specific formalization of this notion, the underlying approach is based on the idea that checking noninterference is actually checking the indistinguishability of the different low-level views of the system that are obtained by changing the high-level behavior, see e.g. [22,9,17] and the references therein.Along the 90s generalized notions of noninterference were designed to analyze deterministic and nondeterministic systems. However, it was immediately clear that moving to a quantitative framework including fine-grain information, such as probability distributions associated with event execution, augments the distinguishing power of the observer [14,18,19,3]. More recently, the awareness that perfect noninterference is difficult to achieve has urged to estimate the information flow by employing this quantitative information and a relaxed notion of

show abstract

Quantifying Timing Leaks and Cost Optimisation

Cited by 17 publications

References 29 publications

Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks

Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks

Time and Probability-Based Information Flow Analysis

A General Framework for Nondeterministic, Probabilistic, and Stochastic Noninterference

Contact Info

Product

Resources

About