Quantifying Timing Leaks and Cost Optimisation

Authors:
Alessandra Pierro;Chris Hankin;Herbert Wiklicky
Affiliations:
University of Verona, Verona, Italy I-37134;Imperial College London, London, UK SW7 2AZ;Imperial College London, London, UK SW7 2AZ
Venue:
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Year:
2008

Citing 17
Cited 3

Three partition refinement algorithms

SIAM Journal on Computing
Bisimulation through probabilistic testing

Information and Computation
A theory of timed automata

Theoretical Computer Science
Secure information flow in a multi-threaded imperative language

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Confinement properties for programming languages

ACM SIGACT News
Transforming out timing leaks

Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Process algebra and non-interference

Journal of Computer Security
Handbook of Process Algebra

Handbook of Process Algebra
The Metric Analogue of Weak Bisimulation for Probabilistic Processes

LICS '02 Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science
Classification of Security Properties (Part I: Information Flow)

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Metrics for Labeled Markov Systems

CONCUR '99 Proceedings of the 10th International Conference on Concurrency Theory
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Quantitative Information Flow, Relations and Polymorphic Types

Journal of Logic and Computation
A behavioural pseudometric for metric labelled transition systems

CONCUR 2005 - Concurrency Theory
Measuring the confinement of probabilistic systems

Theoretical Computer Science - Theoretical foundations of security analysis and design II
Approximate non-interference

Journal of Computer Security - Special issue on WITS'02
Quantifying information leakage in process calculi

ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II

Predictive black-box mitigation of timing channels

Proceedings of the 17th ACM conference on Computer and communications security
Approximating Markovian testing equivalence

Theoretical Computer Science
Specification and verification of side channel declassification

FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust

Quantified Score

Hi-index	0.00

Visualization

Abstract

We develop a new notion of security against timing attacks where the attacker is able to simultaneously observe the execution time of a program and the probability of the values of low variables. We then show how to measure the security of a program with respect to this notion via a computable estimate of the timing leakage and use this estimate for cost optimisation.