Information Leakage of Non-Terminating Processes

Authors Fabrizio Biondi, Axel Legay, Bo Friis Nielsen, Pasquale Malacaria, Andrzej Wasowski



PDF
Thumbnail PDF

File

LIPIcs.FSTTCS.2014.517.pdf
  • Filesize: 0.61 MB
  • 13 pages

Document Identifiers

Author Details

Fabrizio Biondi
Axel Legay
Bo Friis Nielsen
Pasquale Malacaria
Andrzej Wasowski

Cite AsGet BibTex

Fabrizio Biondi, Axel Legay, Bo Friis Nielsen, Pasquale Malacaria, and Andrzej Wasowski. Information Leakage of Non-Terminating Processes. In 34th International Conference on Foundation of Software Technology and Theoretical Computer Science (FSTTCS 2014). Leibniz International Proceedings in Informatics (LIPIcs), Volume 29, pp. 517-529, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2014)
https://doi.org/10.4230/LIPIcs.FSTTCS.2014.517

Abstract

In recent years, quantitative security techniques have been providing effective measures of the security of a system against an attacker. Such techniques usually assume that the system produces a finite amount of observations based on a finite amount of secret bits and terminates, and the attack is based on these observations. By modeling systems with Markov chains, we are able to measure the effectiveness of attacks on non-terminating systems. Such systems do not necessarily produce a finite amount of output and are not necessarily based on a finite amount of secret bits. We provide characterizations and algorithms to define meaningful measures of security for non-terminating systems, and to compute them when possible. We also study the bounded versions of the problems, and show examples of non-terminating programs and how their effectiveness in protecting their secret can be measured.
Keywords
  • Quantitative information flow
  • Markov chain
  • information leakage
  • infinite execution

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads

References

  1. S. Akshay, Joël Ouaknine, Timos Antonopoulos, and James Worrell. Reachability problems for Markov chains. Personal communication, November 2013. Google Scholar
  2. Mário S. Alvim, Miguel E. Andrés, and Catuscia Palamidessi. Quantitative information flow in interactive systems. Journal of Computer Security, 20(1):3-50, 2012. Google Scholar
  3. Michael Backes, Goran Doychev, and Boris Köpf. Preventing side-channel leaks in web traffic: A formal approach. In NDSS. The Internet Society, 2013. Google Scholar
  4. Fabrizio Biondi, Axel Legay, Pasquale Malacaria, and Andrzej Wasowski. Quantifying information leakage of randomized protocols. In Roberto Giacobazzi, Josh Berdine, and Isabella Mastroeni, editors, VMCAI, 2013. Google Scholar
  5. Fabrizio Biondi, Axel Legay, Bo Friis Nielsen, and Andrzej Wasowski. Maximizing entropy over Markov processes. In Adrian Horia Dediu and Carlos Martín-Vide, editors, LATA, 2013. Google Scholar
  6. Konstantinos Chatzikokolakis, Catuscia Palamidessi, and Prakash Panangaden. Anonymity protocols as noisy channels. Inf. Comput., 206(2-4):378-401, 2008. Google Scholar
  7. Tom Chothia, Yusuke Kawamoto, Chris Novakovic, and David Parker. Probabilistic point-to-point information leakage. In CSF, pages 193-205. IEEE, 2013. Google Scholar
  8. T. M. Cover and J. A. Thomas. Elements of Information Theory. Wiley, 2012. Google Scholar
  9. George Danezis, Roger Dingledine, and Nick Mathewson. Mixminion: Design of a type iii anonymous remailer protocol. In IEEE Symposium on Security and Privacy, pages 2-15. IEEE, 2003. Google Scholar
  10. Jonathan Heusser and Pasquale Malacaria. Quantifying information leaks in software. In C. Gates, M. Franz, and J. P. McDermott, editors, ACSAC, pages 261-269. ACM, 2010. Google Scholar
  11. Boris Köpf, Laurent Mauborgne, and Martín Ochoa. Automatic quantification of cache side-channels. In P. Madhusudan and S. A. Seshia, editors, CAV, pages 564-580. Springer, 2012. Google Scholar
  12. Pasquale Malacaria. Assessing security threats of looping constructs. In Martin Hofmann and Matthias Felleisen, editors, POPL, pages 225-235. ACM, 2007. Google Scholar
  13. J. L. Massey. Guessing and entropy. In Proc. of the 1994 IEEE International Symposium on Information Theory, page 204, June 1994. Google Scholar
  14. Joël Ouaknine. Decision problems for linear recurrence sequences. In L. Gasieniec and F. Wolter, editors, FCT, volume 8070 of LNCS, page 2. Springer, 2013. Google Scholar
  15. Joël Ouaknine and James Worrell. Positivity problems for low-order linear recurrence sequences. In Chandra Chekuri, editor, SODA, pages 366-379. SIAM, 2014. Google Scholar
  16. Geoffrey Smith. On the foundations of quantitative information flow. In Luca de Alfaro, editor, FOSSACS, volume 5504 of LNCS, pages 288-302. Springer, 2009. Google Scholar
  17. Hirotoshi Yasuoka and Tachio Terauchi. On bounding problems of quantitative information flow. Journal of Computer Security, 19(6):1029-1082, 2011. Google Scholar
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail