Advertisement

Automated analysis of timed security: a case study on web privacy

  • Roberto Gorrieri
  • Ruggero Lanotte
  • Andrea Maggiolo-Schettini
  • Fabio Martinelli
  • Simone Tini
  • Enrico Tronci
Regular contribution

Abstract

This paper presents a case study on an automated analysis of real-time security models. The case study on a web system (originally proposed by Felten and Schneider) is presented that shows a timing attack on the privacy of browser users. Three different approaches are followed: LH-Timed Automata (analyzed using the model checker HyTech), finite-state automata (analyzed using the model checker NuSMV), and process algebras (analyzed using the model checker CWB-NC ). A comparative analysis of these three approaches is given.

Keywords

Web privacy Model checking tools Timed behavior 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abadi M (1999) Secrecy by typing in security protocols. J ACM 46(5):749–786MathSciNetCrossRefGoogle Scholar
  2. 2.
    Alur R, Dill DL (1994) A THEORY OF TIMED AUTOMATA. Theor Comput Sci 126(2):183–235MathSciNetCrossRefGoogle Scholar
  3. 3.
    Alur R, Henzinger TA, Ho PH (1996) Automatic symbolic verification of embedded systems. IEEE Trans Softw Eng 22(3):181–201CrossRefGoogle Scholar
  4. 4.
    Asarin E, Maler O, Pnueli A (1998) On discretization of delays in timed automata and digital circuits. In: Proceedings of the international conference on concurrency theory. Lecture notes in computer science, vol 1466. Springer, Berlin Heidelberg New York, pp 470–484Google Scholar
  5. 5.
    Berry G, Gonthier G (1992) The Esterel Synchronous Programming Language: design, semantics, implementation. Sci Comput Programm 19(2):87–152CrossRefGoogle Scholar
  6. 6.
    Bodei C, Degano P, Nielson F, Nielson HR (1998) Control flow analysis for the pi-calculus. In: Proceedings of the international conference on concurrency theory. Lecture notes in computer science, vol 1466. Springer, Berlin Heidelberg New York, pp 84–98Google Scholar
  7. 7.
    Bozga M, Maler O, Tripakis S (1999) Efficient verification of timed automata using dense and discrete time semantics. In: Proceedings of the international conference on correct hardware design and verification methods. Lecture notes in computer science, vol 1703. Springer, Berlin Heidelberg New York, pp 125–141Google Scholar
  8. 8.
    Bryant RE (1986) Graph-based algorithms for Boolean function manipulation. IEEE Trans Comput 35(8):677–691CrossRefGoogle Scholar
  9. 9.
    Burch JR, Clarke EM, McMillan KL, Dill DL, Hwang LJ (1992) Symbolic model checking: 1020 states and beyond. Inf Comput 98(2):142–170MathSciNetCrossRefGoogle Scholar
  10. 10.
    Cimatti A, Clarke EM, Giunchiglia E, Giunchiglia F, Pistore M, Roveri M, Sebastiani R, Tacchella A (2002) NuSMV 2: An open source tool for symbolic model checking. In: Proceedings of the international conference on computer aided verification. Lecture notes in computer science, vol 2404. Springer, Berlin Heidelberg New York, pp 359–364Google Scholar
  11. 11.
    Felten EW, Schneider MA (2000) Timing attacks on Web privacy. In: Proceedings of the ACM conference on computer and communications security. ACM Press, New York, pp 25–32Google Scholar
  12. 12.
    Focardi R, Gorrieri R (1995) A classification of security properties for process algebras. J Comput Secur 3(1):5–33CrossRefGoogle Scholar
  13. 13.
    Focardi R, Gorrieri R (1997) The compositional security checker: a tool for the verification of information flow security properties. IEEE Trans Softw Eng 23(9):550–571CrossRefGoogle Scholar
  14. 14.
    Focardi R, Gorrieri R, Martinelli F (2000) Information flow analysis in a discrete-time process algebra. In: Proceedings of the IEEE Computer Security Foundation workshop. IEEE Press, Los Alamitos, pp 170–184Google Scholar
  15. 15.
    Focardi R, Gorrieri R, Martinelli F (2003) Real-time information flow analysis. IEEE J Select Areas Commun 21(1):20–35CrossRefGoogle Scholar
  16. 16.
    Groote JF (1993) Transition system specifications with negative premises. Theor Comput Sci 118(2):263–299MathSciNetCrossRefGoogle Scholar
  17. 17.
    Handschuh H, Howard Heys M (1999) A timing attack on RC5. In: Proceedings of the international workshop on selected areas in cryptography. Lecture notes in computer science, vol 1556. Springer, Berlin Heidelberg New York, pp 306–318Google Scholar
  18. 18.
    Henzinger TA, Ho PH, Wong-Toi H (1997) HyTech: A model checker for hybrid systems. Int J Softw Tools Technol Transfer 1(1–2):110–122Google Scholar
  19. 19.
    Kanellakis PC, Smolka SA (1990) CCS expressions, finite-state processes, and three problems of equivalence. Inf Comput 86(1):43–68MathSciNetCrossRefGoogle Scholar
  20. 20.
    Kocher PC (1996) Timing attacks on implementations of Diffie-Hellman, RSA, DSS and other systems. In: Proceedings of the international conference on advances in cryptology. Lecture notes in computer science, vol 1109. Springer, Berlin Heidelberg New York, pp 104–113Google Scholar
  21. 21.
    Kozen D (1983) Results on the propositional μ-calculus. Theor Comput Sci 27(3):333–354MathSciNetCrossRefGoogle Scholar
  22. 22.
    Lanotte R, Maggiolo-Schettini A, Tini S (2001) Privacy in real-time systems. In: Proceedings of the workshop on models for timed critical systems. Electronic notes in theoretical computer science, vol 52, Elsevier, AmsterdamGoogle Scholar
  23. 23.
    Martinelli F (1998) Partial model checking and theorem proving for ensuring security properties. In: Proceedings of the IEEE Computer Security Foundations workshop. IEEE Press, Los Alamitos, pp 44–52Google Scholar
  24. 24.
    McMillan KL (1993) Symbolic model checking. Kluwer, Norwell, MassachusettsGoogle Scholar
  25. 25.
    Meadows C (1997): Languages for formal specification of security protocols. In: Proceedings of the IEEE Computer Security Foundations workshop. IEEE Press, Los Alamitos, CA, pp 96–97Google Scholar
  26. 26.
    Milner R (1989) Communication and concurrency. Prentice Hall, LondonGoogle Scholar
  27. 27.
    Mitchell JC, Mitchell M, Stern U (1997) Automated analysis of cryptographic protocols using Murphi. In: Proceedings of the IEEE symposium on security and privacy. IEEE Press, Los Alamitos, CA, pp 141–153Google Scholar
  28. 28.
    Ostroff JS, Wonham WS (1990) A framework for real-time discrete event control. IEEE Trans Automat Control 35(4):386–397MathSciNetCrossRefGoogle Scholar
  29. 29.
    Panda S, Somenzi F, Plessier BF (1994) Symmetry detection and dynamic variable ordering of decision diagrams. In: Proceedings of the IEEE International conference on computer-aided design. IEEE Press, Los Alamitos, CA, pp 628–631Google Scholar
  30. 30.
    Puri A, Varaiya P (1994) Decidability of hybrid systems with rectangular differential equations. In: Proceedings of the international conference on computer aided verification. Lecture notes in computer science, vol 818. Springer, Berlin Heidelberg New York, pp 95–104Google Scholar
  31. 31.
    Smith G, Volpano D (1998) Secure information flow in a multi-threaded imperative language. In: Proceedings of the ACM symposium on principles of programming languages. ACM Press, New York, pp 355–364Google Scholar
  32. 32.
    Song D, Wagner D, Tian X (2001) Timing analysis of Keystrokes and SSH timing attacks. In: Proceedings of the 10th USENIX security symposium, 2001Google Scholar
  33. 33.
    Volpano D, Smith G (1998) Confinement properties for programming languages. SIGACT News 29(3):33–42CrossRefGoogle Scholar
  34. 34.
    CUDD Web Page: http://vlsi.colorado.edu/∼fabio/CUDD/Google Scholar
  35. 35.
    NuSMV Web Page: http://nusmv.irst.itc.it/Google Scholar
  36. 36.
    URL: http://www.cs.cmu.edu/∼modelcheck/Google Scholar
  37. 37.
    URL: http://www-cad.eecs.berkeley.edu/∼tah/HyTech/Google Scholar
  38. 38.
    URL: http://www.cs.sunysb.edu/∼cwb/Google Scholar

Copyright information

© Springer-Verlag 2004

Authors and Affiliations

  • Roberto Gorrieri
    • 1
  • Ruggero Lanotte
    • 2
  • Andrea Maggiolo-Schettini
    • 3
  • Fabio Martinelli
    • 4
  • Simone Tini
    • 2
  • Enrico Tronci
    • 5
  1. 1.Dipartimento di Scienze dell’InformazioneUniversità di BolognaBolognaItaly
  2. 2.Dipartimento di Scienze della Cultura, Politiche e dell’InformazioneUniversità dell’InsubriaComoItaly
  3. 3.Dipartimento di InformaticaUniversità di PisaPisaItaly
  4. 4.Istituto di Informatica e TelematicaC.N.R. di PisaPisaItaly
  5. 5.Dipartimento di InformaticaUniversità di Roma “La Sapienza”RomaItaly

Personalised recommendations