ETAPS 2019
Sat 6 - Thu 11 April 2019 Prague, Czech Republic
Thu 11 Apr 2019 11:00 - 11:30 at MOON - Covert Channels and Information Flow

Bucketing is a technique proposed to mitigate timing channel attacks by restricting a system’s outputs to only occur at designated time intervals. Bucketing has the effect of reducing the possible timing channel observations to a small number of possibilities. In this paper, we present an approach to formally prove the security of systems under the bucketing technique. First, we show that bucketing alone is insufficient to ensure security against adversaries who can make multiple side channel observations. Then, we present a condition sufficient to guarantee a system’s security against adaptive side-channel-observing adversaries. Roughly, the condition says that there exists a large enough subset of secrets on which the system’s side channel reveals no more information than that revealed by its regular channel and that the regular channel is secure to a certain degree on the subset. We also present a condition which guarantees that the system would satisfy the first condition when bucketing is applied. This second condition says that the system’s side-channel outputs are independent of attacker-controlled inputs (but can depend on secrets) and that the regular channel is secure to a certain degree. We show that the two conditions facilitate proving security of systems under adaptive side-channel attacks by separating the concerns of regular-channel security from side-channel information leakage. Further, we show that the bucketing technique can be applied compositionally in conjunction with the constant-time-implementation technique to increase their applicability. While we instantiate our contributions to timing channel and bucketing, many of them are actually quite general and are applicable to any side channels and techniques that reduce the number of possible observations on the channel.

Thu 11 Apr

post-2019-papers
10:30 - 12:30: POST 2019 - Covert Channels and Information Flow at MOON
post-2019-papers10:30 - 11:00
Talk
Marco VassenaChalmers University of Technology, Gary Soeller, Peter Amidon, Matthew Chan, John RennerUniversity of California, San Diego, Deian StefanUniversity of California San Diego
Link to publication
post-2019-papers11:00 - 11:30
Talk
Tachio TerauchiWaseda University, Timos AntonopoulosYale University
Link to publication
post-2019-papers11:30 - 12:00
Talk
Simon GregersenAarhus University, Søren Eller ThomsenAarhus University, Aslan AskarovAarhus University
Link to publication
post-2019-papers12:00 - 12:30
Talk
Andrew Ruef, Leonidas LampropoulosUniversity of Pennsylvania, Ian Sweet, David Tarditi, Michael HicksUniversity of Maryland, College Park
Link to publication