Preventing Timing Leaks Through Transactional Branching Instructions

Authors:
Gilles Barthe;Tamara Rezk;Martijn Warnier
Affiliations:
INRIA Sophia-Antipolis, Project EVEREST, 2004, Route de Lucioles, BP 93, Sophia-Antipolis Cedex, France;INRIA Sophia-Antipolis, Project EVEREST, 2004, Route de Lucioles, BP 93, Sophia-Antipolis Cedex, France;Radboud University Nijmegen, SoS group, Toernooiveld 1, 6500 GL, Nijmegen, The Netherlands
Venue:
Electronic Notes in Theoretical Computer Science (ENTCS)
Year:
2006

Citing 10
Cited 5

Transforming out timing leaks

Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A note on the confinement problem

Communications of the ACM
Java Card Technology for Smart Cards: Architecture and Programmer's Guide

Java Card Technology for Smart Cards: Architecture and Programmer's Guide
Eliminating Covert Flows with Minimum Typings

CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Secure Information Flow and Pointer Confinement in a Java-like Language

CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Secure Information Flow by Self-Composition

CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Stack-based access control and secure information flow

Journal of Functional Programming
Timing Aware Information Flow Security for a JavaCard-like Bytecode

Electronic Notes in Theoretical Computer Science (ENTCS)
ESC/Java2: uniting ESC/Java and JML

CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
Language-based information-flow security

IEEE Journal on Selected Areas in Communications

An information-theoretic model for adaptive side-channel attacks

Proceedings of the 14th ACM conference on Computer and communications security
Automatically deriving information-theoretic bounds for adaptive side-channel attacks

Journal of Computer Security
Caisson: a hardware description language for secure information flow

Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Language-based control and mitigation of timing channels

Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Addressing covert termination and timing channels in concurrent information flow systems

Proceedings of the 17th ACM SIGPLAN international conference on Functional programming

Quantified Score

Hi-index	0.00

Visualization

Abstract

Timing channels constitute one form of covert channels through which programs may be leaking information about the confidential data they manipulate. Such timing channels are typically eliminated by design, employing ad-hoc techniques to avoid information leaks through execution time, or by program transformation techniques, that transform programs that satisfy some form of noninterference property into programs that are time-sensitive termination-sensitive non-interfering. However, existing program transformations are thus far confined to simple languages without objects nor exceptions. We introduce a program transformation that uses transaction mechanisms to prevent timing leaks in sequential object-oriented programs. Under some strong but reasonable hypotheses, the transformation preserves the semantics of programs and yields for every termination-sensitive noninterfering program a time-sensitive termination-sensitive non-interfering program.