article

Preventing Timing Leaks Through Transactional Branching Instructions

Authors:

Martijn WarnierAuthors Info & Claims

Electronic Notes in Theoretical Computer Science (ENTCS), Volume 153, Issue 2

Pages 33 - 55

https://doi.org/10.1016/j.entcs.2005.10.031

Published: 01 May 2006 Publication History

Abstract

Timing channels constitute one form of covert channels through which programs may be leaking information about the confidential data they manipulate. Such timing channels are typically eliminated by design, employing ad-hoc techniques to avoid information leaks through execution time, or by program transformation techniques, that transform programs that satisfy some form of noninterference property into programs that are time-sensitive termination-sensitive non-interfering. However, existing program transformations are thus far confined to simple languages without objects nor exceptions. We introduce a program transformation that uses transaction mechanisms to prevent timing leaks in sequential object-oriented programs. Under some strong but reasonable hypotheses, the transformation preserves the semantics of programs and yields for every termination-sensitive noninterfering program a time-sensitive termination-sensitive non-interfering program.

References

[1]

Agat, J., . In: 27th ACM Symposium on Principles of Programming Languages, ACM Press. pp. 40-53.

Digital Library

[2]

J. Agat. Transforming out Timing Leaks in Practice, chapter II from {3}. Department of Computing Science Chalmers University of Technology and Göteborg University, September 2000

[3]

J. Agat. Type Based Techniques for Covert Channel Elimination and Register Allocation. Ph thesis, Department of Computing Science Chalmers University of Technology and Göteborg University, SE-412 96 Göteborg, Sweden, December 2000

[4]

Banerjee, A. and Naumann, D., Secure Information Flow and Pointer Confinement in a Java-like Language. In: Proc. of the Fifteenth IEEE Computer Security Foundations Workshop (CSFW), IEEE Computer Society Press. pp. 253-267.

Digital Library

[5]

A. Banerjee and D. Naumann. Stack-Based Access Control for Secure Information Flow. Journal of Functional Programming, 200x. Special Issue on Language-Based Security, To appear

Digital Library

[6]

Barthe, G., D'Argenio, P. and Rezk, T., Secure Information Flow by Self-Composition. In: Foccardi, R. (Ed.), Proceedings of CSFW'04, IEEE Press. pp. 100-114.

Digital Library

[7]

Chen, Z., Java Card technology for smart cards: architecture and programmer's guide. June 2000. Addison-Wesley.

Digital Library

[8]

Cok, D.R. and Kiniry, J.R., ESC/Java2: Uniting ESC/Java and JML. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (Eds.), LNCS, volume 3362. Springer-Verlag. pp. 108-128.

Digital Library

[9]

Goguen, J. and Meseguer, J., Security policies and security models. In: IEEE Symp. on Security and Privacy, IEEE Comp. Soc. Press. pp. 11-20.

[10]

Hedin, D. and Sands, D., Timing Aware Information Flow Security for a JavaCard-like Bytecode. ENTCS. 149-166.

Digital Library

[11]

Kocher, P.C., Timing attacks on implementations of diffie-helman, rsa, dss, and other systems. In: Koblitz, N. (Ed.), LNCS, volume 1109. Springer-Verlag. pp. 104-113.

Digital Library

[12]

Köpf, B. and Mantel, Heiko, Eliminating timing leaks by unification (extended abstract). 2004.

[13]

Lampson, B.W., A note on the Confinement Problem. Communications of the ACM. v16 i10. 613-615.

Digital Library

[14]

S. Lecomte, G. Grimaud, and D. Donsez. Implementation of Transactional Mechanisms for Open SmartCard. In GEMPLUS Developer Conference, 1999

[15]

Lynch, N., Merritt, M., Weihl, W. and Fekete, A., Atomic Transactions. 1994. Morgan Kaufmann Publishers.

[16]

J.E.B. Moss. Nested Transactions: An Approach to Reliable Distributed Computing. PhD thesis, MIT, 1981

[17]

Sabelfeld, A. and Myers, A.C., Language-Based Information-Flow Security. IEEE Journal on selected areas in communications. v21 i1.

Digital Library

[18]

Volpano, D. and Smith, G., Eliminating Covert Flows with Minimum Typings. In: Proc. 10th IEEE Computer Security Foundations Workshop, IEEE Computer Society Press. pp. 156-168.

Digital Library

Cited By

André ÉLime DMarinho DSun J(2022)Guaranteeing Timed Opacity using Parametric Timed Model CheckingACM Transactions on Software Engineering and Methodology10.1145/350285131:4(1-36)Online publication date: 8-Sep-2022
https://dl.acm.org/doi/10.1145/3502851
Pouyanrad SMühlberg JJoosen WVolkamer MWressnegger C(2020)SCFMSPProceedings of the 15th International Conference on Availability, Reliability and Security10.1145/3407023.3407050(1-10)Online publication date: 25-Aug-2020
https://dl.acm.org/doi/10.1145/3407023.3407050
Wang SBao YLiu XWang PZhang DWu DHeninger NTraynor P(2019)Identifying cache-based side channels through secret-augmented abstract interpretationProceedings of the 28th USENIX Conference on Security Symposium10.5555/3361338.3361384(657-674)Online publication date: 14-Aug-2019
https://dl.acm.org/doi/10.5555/3361338.3361384
Show More Cited By

Preventing Timing Leaks Through Transactional Branching Instructions
1. Security and privacy
  1. Systems security

Recommendations

Transforming out timing leaks
POPL '00: Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages

One aspect of security in mobile code is privacy: private (or secret) data should not be leaked to unauthorised agents. Most of the work on secure information flow has until recently only been concerned with detecting direct and indirect flows. Secret ...
Preventing Information Leaks through Shadow Executions
ACSAC '08: Proceedings of the 2008 Annual Computer Security Applications Conference

A concern about personal information confidentiality typically arises when any desktop application communicates to the external network, for example, to its producer's server for obtaining software version updates. We address this confidentiality ...
Time Will Tell: Exploiting Timing Leaks Using HTTP Response Headers
Computer Security – ESORICS 2023
Abstract
To execute timing attacks, an attacker has to collect a large number of samples to overcome network jitter. Methods to reduce such jitter, which is a source of noise, increase the signal-to-noise ratio and thereby improve the attack performance. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Electronic Notes in Theoretical Computer Science (ENTCS)

Electronic Notes in Theoretical Computer Science (ENTCS) Volume 153, Issue 2

May, 2006

267 pages

ISSN:1571-0661

Issue’s Table of Contents

Copyright © Elsevier B.V. © 2006.

Publisher

Elsevier Science Publishers B. V.

Netherlands

Publication History

Published: 01 May 2006

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

20
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

André ÉLime DMarinho DSun J(2022)Guaranteeing Timed Opacity using Parametric Timed Model CheckingACM Transactions on Software Engineering and Methodology10.1145/350285131:4(1-36)Online publication date: 8-Sep-2022
https://dl.acm.org/doi/10.1145/3502851
Pouyanrad SMühlberg JJoosen WVolkamer MWressnegger C(2020)SCFMSPProceedings of the 15th International Conference on Availability, Reliability and Security10.1145/3407023.3407050(1-10)Online publication date: 25-Aug-2020
https://dl.acm.org/doi/10.1145/3407023.3407050
Wang SBao YLiu XWang PZhang DWu DHeninger NTraynor P(2019)Identifying cache-based side channels through secret-augmented abstract interpretationProceedings of the 28th USENIX Conference on Security Symposium10.5555/3361338.3361384(657-674)Online publication date: 14-Aug-2019
https://dl.acm.org/doi/10.5555/3361338.3361384
Cauligi SSoeller GJohannesmeyer BBrown FWahby RRenner JGrégoire BBarthe GJhala RStefan DMcKinley KFisher K(2019)FaCT: a DSL for timing-sensitive computationProceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation10.1145/3314221.3314605(174-189)Online publication date: 8-Jun-2019
https://dl.acm.org/doi/10.1145/3314221.3314605
Weiser SZankl ASpreitzer RMiller KMangard SSigl GEnck WFelt A(2018)DATA--differential address trace analysisProceedings of the 27th USENIX Conference on Security Symposium10.5555/3277203.3277248(603-620)Online publication date: 15-Aug-2018
https://dl.acm.org/doi/10.5555/3277203.3277248
Andrysco MNötzli ABrown FJhala RStefan DLie DMannan MBackes MWang X(2018)Towards Verified, Constant-time Floating Point OperationsProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243766(1369-1382)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243766
Wu MGuo SSchaumont PWang CTip FBodden E(2018)Eliminating timing side-channel leaks using program repairProceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3213846.3213851(15-26)Online publication date: 12-Jul-2018
https://dl.acm.org/doi/10.1145/3213846.3213851
Mantel HSchickel JWeber AWeber F(2018)How Secure Is Green IT? The Case of Software-Based Energy Side ChannelsComputer Security10.1007/978-3-319-99073-6_11(218-239)Online publication date: 3-Sep-2018
https://dl.acm.org/doi/10.1007/978-3-319-99073-6_11
Wang SWang PLiu XZhang DWu D(2017)CacheDProceedings of the 26th USENIX Conference on Security Symposium10.5555/3241189.3241209(235-252)Online publication date: 16-Aug-2017
https://dl.acm.org/doi/10.5555/3241189.3241209
Sheff IMagrino TLiu JMyers Avan Renesse RWeippl EKatzenbeisser SKruegel CMyers AHalevi S(2016)Safe Serializable Secure SchedulingProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security10.1145/2976749.2978415(229-241)Online publication date: 24-Oct-2016
https://dl.acm.org/doi/10.1145/2976749.2978415
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents