ETAPS 2019
Sat 6 - Thu 11 April 2019 Prague, Czech Republic
Thu 11 Apr 2019 11:00 - 11:30 at MOON - Covert Channels and Information Flow

Bucketing is a technique proposed to mitigate timing channel attacks by restricting a system’s outputs to only occur at designated time intervals. Bucketing has the effect of reducing the possible timing channel observations to a small number of possibilities. In this paper, we present an approach to formally prove the security of systems under the bucketing technique. First, we show that bucketing alone is insufficient to ensure security against adversaries who can make multiple side channel observations. Then, we present a condition sufficient to guarantee a system’s security against adaptive side-channel-observing adversaries. Roughly, the condition says that there exists a large enough subset of secrets on which the system’s side channel reveals no more information than that revealed by its regular channel and that the regular channel is secure to a certain degree on the subset. We also present a condition which guarantees that the system would satisfy the first condition when bucketing is applied. This second condition says that the system’s side-channel outputs are independent of attacker-controlled inputs (but can depend on secrets) and that the regular channel is secure to a certain degree. We show that the two conditions facilitate proving security of systems under adaptive side-channel attacks by separating the concerns of regular-channel security from side-channel information leakage. Further, we show that the bucketing technique can be applied compositionally in conjunction with the constant-time-implementation technique to increase their applicability. While we instantiate our contributions to timing channel and bucketing, many of them are actually quite general and are applicable to any side channels and techniques that reduce the number of possible observations on the channel.

Thu 11 Apr

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

10:30 - 12:30
Covert Channels and Information FlowPOST at MOON
10:30
30m
Talk
Foundations for Parallel Information Flow Control Runtime Systems
POST
Marco Vassena Chalmers University of Technology, Gary Soeller , Peter Amidon , Matthew Chan , John Renner University of California, San Diego, Deian Stefan University of California San Diego
Link to publication
11:00
30m
Talk
A Formal Analysis of Timing Channel Security via Bucketing
POST
Tachio Terauchi Waseda University, Timos Antonopoulos Yale University
Link to publication
11:30
30m
Talk
A Dependently Typed Library for Static Information-Flow Control in Idris
POST
Simon Oddershede Gregersen Aarhus University, Søren Eller Thomsen Aarhus University, Aslan Askarov Aarhus University
Link to publication
12:00
30m
Talk
Achieving Safety Incrementally with Checked C
POST
Andrew Ruef , Leonidas Lampropoulos University of Pennsylvania, Ian Sweet , David Tarditi , Michael Hicks University of Maryland, College Park
Link to publication