research-article

Predictive mitigation of timing channels in interactive systems

Authors:

Andrew C. MyersAuthors Info & Claims

CCS '11: Proceedings of the 18th ACM conference on Computer and communications security

Pages 563 - 574

https://doi.org/10.1145/2046707.2046772

Published: 17 October 2011 Publication History

Abstract

Timing channels remain a difficult and important problem for information security. Recent work introduced predictive mitigation, a new way to mitigating leakage through timing channels; this mechanism works by predicting timing from past behavior, and then enforcing the predictions. This paper generalizes predictive mitigation to a larger and important class of systems: systems that receive input requests from multiple clients and deliver responses. The new insight is that timing predictions may be a function of any public information, rather than being a function simply of output events. Based on this insight, a more general mechanism and theory of predictive mitigation becomes possible. The result is that bounds on timing leakage can be tightened, achieving asymptotically logarithmic leakage under reasonable assumptions. By applying it to web applications, the generalized predictive mitigation mechanism is shown to be effective in practice.

References

[1]

B. W. Lampson, "A note on the confinement problem," Comm. of the ACM, vol. 16, no. 10, pp. 613--615, Oct. 1973.

Digital Library

[2]

P. Kocher, "Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems," in Advances in Cryptology-CRYPTO'96, Aug. 1996.

Digital Library

[3]

D. Brumley and D. Boneh, "Remote timing attacks are practical," Computer Networks, Jan. 2005.

Digital Library

[4]

D. Osvik, A. Shamir, and E. Tromer, "Cache attacks and countermeasures: the case of AES," Topics in Cryptology--CT-RSA 2006, Jan. 2006. {Online}. Available: http://www.springerlink.com/index/F52X1H55G1632L17.pdf

Digital Library

[5]

A. Bortz and D. Boneh, "Exposing private information by timing web applications," in Proc. 16th Int'l World-Wide Web Conf., May 2007.

Digital Library

[6]

G. Shah, A. Molina, and M. Blaze, "Keyboards and covert channels," Proc. 15th USENIX Security Symp., Aug. 2006.

Digital Library

[7]

H. Meer and M. Slaviero, "It's all about the timing..." in Proc. Black Hat USA, 2007.

[8]

Y. Liu, D. Ghosal, F. Armknecht, A. Sadeghi, and S. Schulz, "Hide and seek in time-robust covert timing channels," in ESORICS, 2009.

Digital Library

[9]

R. G. Gallagher, "Basic limits on protocol information in data communication networks," IEEE Transactions on Information Theory, vol. 22, no. 4, Jul. 1976.

[10]

M. Padlipsky, D. Snow, and P. Karger, "Limitations of end-to-end encryption in secure computer networks," Mitre Corp., Tech. Rep. ESD TR-78--158, 1978.

[11]

I. S. Moskowitz and M. H. Kang, "Covert channels--here to stay?" in COMPASS '94, 1994.

[12]

B. Köpf and M. Dürmuth, "A provably secure and efficient countermeasure against timing attacks," in 2009 IEEE Computer Security Foundations, Jul. 2009.

[13]

B. Köpf and G. Smith, "Vulnerability bounds and leakage resilience of blinded cryptography under timing attacks," in 2010 IEEE Computer Security Foundations, Jul. 2010.

[14]

A. Askarov, D. Zhang, and A. C. Myers, "Predictive black-box mitigation of timing channels," in ACM Conf. on Computer and Communications Security (CCS), 2010, pp. 297--307.

Digital Library

[15]

A. Sabelfeld and D. Sands, "Probabilistic noninterference for multi-threaded programs," in Proc. 13th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, Jul. 2000, pp. 200--214.

Digital Library

[16]

W.-M. Hu, "Reducing timing channels with fuzzy time," in IEEE Symposium on Security and Privacy, 1991, pp. 8 -- 20.

[17]

J. Agat, "Transforming out timing leaks," in Proc. 27th ACM Symp. on Principles of Programming Languages (POPL), Boston, MA, Jan. 2000, pp. 40--53.

Digital Library

[18]

S. Zdancewic and A. C. Myers, "Observational determinism for concurrent program security," in Proc. 16th IEEE Computer Security Foundations Workshop, Pacific Grove, California, Jun. 2003, pp. 29--43.

[19]

A. Russo, J. Hughes, D. Naumann, and A. Sabelfeld, "Closing internal timing channels by transformation," in Proc. 11th Annual Asian Computing Science Conference (ASIAN), 2006.

Digital Library

[20]

J. Giles and B. Hajek, "An information-theoretic and game-theoretic study of timing channels." IEEE Transactions on Information Theory, vol. 48, no. 9, pp. 2455--2477, 2002.

Digital Library

[21]

D. E. Denning, Cryptography and Data Security. Reading, Massachusetts: Addison-Wesley, 1982.

[22]

J. K. Millen, "Covert channel capacity," in Proc. IEEE Symposium on Security and Privacy, Oakland, CA, Apr. 1987.

[23]

----, "Finite-state noiseless covert channels," in Proc. 2nd IEEE Computer Security Foundations Workshop, Jun. 1989, pp. 11--14.

[24]

I. S. Moskowitz and A. R. Miller, "The channel capacity of a certain noisy timing channel," IEEE Trans. on Information Theory, vol. 38, no. 4, pp. 1339--1344.

Digital Library

[25]

G. Smith, "On the foundations of quantitative information flow," Proc. 12th Intl' Conf. on Foundations of Software Science and Computation Structures, pp. 388--402, 2010.

Digital Library

[26]

M. H. Kang and I. S. Moskowitz, "A pump for rapid, reliable, secure communication," in ACM Conf. on Computer and Communications Security (CCS), Nov. 1993, pp. 119--129.

Digital Library

[27]

M. H. Kang, I. S. Moskowitz, and D. C. Lee, "A network pump," IEEE Transactions on Software Engineering, vol. 22, pp. 329--338, 1996.

Digital Library

[28]

T. Cover and J. Thomas, Elements of information theory. Wiley, 2006.

Digital Library

Cited By

Wei SHarris AZhu YRamrakhyani PLin CTiwari M(2024)Tail Victims in Termination Timing Channel Defenses Beyond Cryptographic Kernels2024 International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED61283.2024.00012(11-22)Online publication date: 16-May-2024
https://doi.org/10.1109/SEED61283.2024.00012
Nelson BPagnin EAskarov A(2024)Metadata Privacy Beyond Tunneling for Instant Messaging2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP60621.2024.00044(697-723)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSP60621.2024.00044
Mahmud FKim SChawla HKim ETsai CMuzahid A(2023)Attack of the Knights:Non Uniform Cache Side Channel AttackProceedings of the 39th Annual Computer Security Applications Conference10.1145/3627106.3627199(691-703)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1145/3627106.3627199
Show More Cited By

Index Terms

Predictive mitigation of timing channels in interactive systems
1. Security and privacy
  1. Network security

Recommendations

Language-based control and mitigation of timing channels
PLDI '12: Proceedings of the 33rd ACM SIGPLAN Conference on Programming Language Design and Implementation

We propose a new language-based approach to mitigating timing channels. In this language, well-typed programs provably leak only a bounded amount of information over time through external timing channels. By incorporating mechanisms for predictive ...
Predictive black-box mitigation of timing channels
CCS '10: Proceedings of the 17th ACM conference on Computer and communications security

We investigate techniques for general black-box mitigation of timing channels. The source of events is wrapped by a timing mitigator that delays output events so that they contain only a bounded amount of information. We introduce a general class of ...
Language-based control and mitigation of timing channels
PLDI '12

We propose a new language-based approach to mitigating timing channels. In this language, well-typed programs provably leak only a bounded amount of information over time through external timing channels. By incorporating mechanisms for predictive ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '11: Proceedings of the 18th ACM conference on Computer and communications security

October 2011

742 pages

ISBN:9781450309486

DOI:10.1145/2046707

General Chair:
Yan Chen
Northwestern University, USA
,
Program Chairs:
George Danezis
Microsoft Research Cambridge, UK
,
Vitaly Shmatikov
University of Texas at Austin, USA

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 October 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'11

Sponsor:

SIGSAC

CCS'11: the ACM Conference on Computer and Communications Security

October 17 - 21, 2011

Illinois, Chicago, USA

Acceptance Rates

CCS '11 Paper Acceptance Rate 60 of 429 submissions, 14%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

83
Total Citations
View Citations
452
Total Downloads

Downloads (Last 12 months)11
Downloads (Last 6 weeks)2

Reflects downloads up to 16 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Wei SHarris AZhu YRamrakhyani PLin CTiwari M(2024)Tail Victims in Termination Timing Channel Defenses Beyond Cryptographic Kernels2024 International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED61283.2024.00012(11-22)Online publication date: 16-May-2024
https://doi.org/10.1109/SEED61283.2024.00012
Nelson BPagnin EAskarov A(2024)Metadata Privacy Beyond Tunneling for Instant Messaging2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP60621.2024.00044(697-723)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSP60621.2024.00044
Mahmud FKim SChawla HKim ETsai CMuzahid A(2023)Attack of the Knights:Non Uniform Cache Side Channel AttackProceedings of the 39th Annual Computer Security Applications Conference10.1145/3627106.3627199(691-703)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1145/3627106.3627199
Zhao ZMorrison AFletcher CTorrellas JAamodt TJerger NSwift M(2023)Untangle: A Principled Framework to Design Low-Leakage, High-Performance Dynamic Partitioning SchemesProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3582016.3582033(771-788)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3582016.3582033
Gaddam SKumaresan RRaghuraman SSinha R(2023)LucidiTEE: Scalable Policy-Based Multiparty Computation with FairnessCryptology and Network Security10.1007/978-981-99-7563-1_16(343-367)Online publication date: 31-Oct-2023
https://doi.org/10.1007/978-981-99-7563-1_16
Borrello PD'Elia DQuerzoni LGiuffrida CKim YKim JVigna GShi E(2021)Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow LinearizationProceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security10.1145/3460120.3484583(715-733)Online publication date: 12-Nov-2021
https://dl.acm.org/doi/10.1145/3460120.3484583
Van Cleemput JDe Sutter BDe Bosschere K(2020)Adaptive Compiler Strategies for Mitigating Timing Side Channel AttacksIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2017.272954917:1(35-49)Online publication date: 1-Jan-2020
https://doi.org/10.1109/TDSC.2017.2729549
Bay JAskarov A(2020)Reconciling progress-insensitive noninterference and declassification2020 IEEE 33rd Computer Security Foundations Symposium (CSF)10.1109/CSF49147.2020.00015(95-106)Online publication date: Jun-2020
https://doi.org/10.1109/CSF49147.2020.00015
Wu BWagner ASuh G(2020)Optimal Mechanisms Under Maximal Leakage2020 IEEE Conference on Communications and Network Security (CNS)10.1109/CNS48642.2020.9162276(1-6)Online publication date: Jun-2020
https://doi.org/10.1109/CNS48642.2020.9162276
Lounis KZulkernine M(2020)Attacks and Defenses in Short-Range Wireless Technologies for IoTIEEE Access10.1109/ACCESS.2020.29935538(88892-88932)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.2993553
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents