Citation Context

...ement being the relation relating every state and top element being the identity relation. This is described as the Lattice of Information [10]. Non leaking programs (i.e. satisfying non-interference =-=[7]-=-) are characterised as follows: Proposition 1. P is non-interfering iff for all l, ≃P,l is the least element in I(SH) . An attacker controlling the low inputs can be modelled by an equivalence relatio...

Citation Context

...verification techniques are used to compute leakage of programs. Those works are both in-spired by the important previous theoretical work on self composition by G. Barthe, P. D’Argenio, and T. Rezk =-=[2]-=- and T. Terauchi and A. Aiken [18]. However as already noted, those approaches attempt primarily to answer questions about how much a program leak and seem unable to scale to real code in terms of lin...

Citation Context

...y H. Yasuoka and T. Terauchi [19] who, amongst other aspects, explored the relation to verification and k-safety properties. Approaches that do scale to large programs are by S. McCamant, M. D. Ernst =-=[14]-=- and J. Newsome, S. McCamant, D. Song [15]. They released an impressive tool, FlowCheck, which is able to analyse very large programs. There are however significant differences between the approaches ...

Citation Context

...to compute leakage of programs. Those works are both in-spired by the important previous theoretical work on self composition by G. Barthe, P. D’Argenio, and T. Rezk [2] and T. Terauchi and A. Aiken =-=[18]-=-. However as already noted, those approaches attempt primarily to answer questions about how much a program leak and seem unable to scale to real code in terms of line of code, state space and languag...

Citation Context

...ibute to lists, requires prior specific permission and/or a fee. ACSAC ’10 Dec. 6-10, 2010, Austin, Texas USA Copyright 2010 ACM 978-1-4503-0133-6/10/12 ...$10.00. Quantitative Information Flow (QIF) =-=[3, 11]-=- aims to provide techniques and tools able to quantify leakage of confidential information. As a motivating example consider a prototypical password checking program if (password==guess) access=1; els...

Citation Context

...ngst other aspects, explored the relation to verification and k-safety properties. Approaches that do scale to large programs are by S. McCamant, M. D. Ernst [14] and J. Newsome, S. McCamant, D. Song =-=[15]-=-. They released an impressive tool, FlowCheck, which is able to analyse very large programs. There are however significant differences between the approaches in that FlowCheck is a security testing to...

Citation Context

...ive policy if it makes more distinctions than what is allowed in the policy. A leaking program is one breaching the policy N = 1 in the above definition. We take ideas from assume-guarantee reasoning =-=[17]-=- to encode such a policy in a driver function, which tries to trigger a violation, i.e. producing a counterexample, of the policy. If the policy states that the function func is not allowed to make mo...

Citation Context

...-interfering iff log 2(| ≃P |) = 0 2. The channel capacity 3 of P is log 2(| ≃P |) . 3. If for all probability distributions H(RP ) ≤ H(RP ′) then | ≃P | ≤ | ≃P ′ | Point (1) is proved in [4], (2) in =-=[12]-=- and (3) is a consequence of proposition 2 whose proof is in [8]. Hence a lower bound on | ≃P | provides a lower bound on the channel capacity of the program P . Hence, because of proposition 3 the in...

Citation Context

...k?” to the simpler quantitative question “Does it leak more than k?”. We will show how the questions are related and more importantly we will show that off-the-shelf symbolic model checkers like CBMC =-=[5]-=- are able to efficiently answer the second kind of question. CBMC is a good choice 1 http://cve.mitre.org, CVE is industry-endorsed with over 70 companies actively involved.for several reasons: (i) i...

Citation Context

...plete lattice over X. It is a refinement order with bottom element being the relation relating every state and top element being the identity relation. This is described as the Lattice of Information =-=[10]-=-. Non leaking programs (i.e. satisfying non-interference [7]) are characterised as follows: Proposition 1. P is non-interfering iff for all l, ≃P,l is the least element in I(SH) . An attacker controll...

Citation Context

...ibute to lists, requires prior specific permission and/or a fee. ACSAC ’10 Dec. 6-10, 2010, Austin, Texas USA Copyright 2010 ACM 978-1-4503-0133-6/10/12 ...$10.00. Quantitative Information Flow (QIF) =-=[3, 11]-=- aims to provide techniques and tools able to quantify leakage of confidential information. As a motivating example consider a prototypical password checking program if (password==guess) access=1; els...

Citation Context

... 1. P is non-interfering iff log 2(| ≃P |) = 0 2. The channel capacity 3 of P is log 2(| ≃P |) . 3. If for all probability distributions H(RP ) ≤ H(RP ′) then | ≃P | ≤ | ≃P ′ | Point (1) is proved in =-=[4]-=-, (2) in [12] and (3) is a consequence of proposition 2 whose proof is in [8]. Hence a lower bound on | ≃P | provides a lower bound on the channel capacity of the program P . Hence, because of proposi...

Citation Context

...nds. 6. RELATED WORK There have been several attempts in recent years to build a quantitative analysis of leakage, starting with the static analysis in [4]. The most relevant works for this paper are =-=[1]-=- by M. Backes, B. Köpf and A. Rybalchenko and [8] by J. Heusser and P. Malacaria where verification techniques are used to compute leakage of programs. Those works are both in-spired by the important...

Citation Context

...ariable RP 2. compute the entropy of RP (noted H(RP )) 2 In the paper such attacker choices will be modelled by the nondeterministic choice function input().It has been shown that RP and ≃P coincide =-=[11, 13]-=-. For example for the modulo program above under the assumption of uniform distribution on the input there are 4 equivalence classes each having probability 1 . The Shannon entropy of 4 that program i...

Citation Context

...uantitative Information Flow uses information theoretical measures like Shannon entropy to measure leakage of confidential information. The measure of a program can be broken down into two main steps =-=[11, 8]-=-: 1. interpret the program as a random variable RP 2. compute the entropy of RP (noted H(RP )) 2 In the paper such attacker choices will be modelled by the nondeterministic choice function input().It...