Abstract
Quantitative information flow measurement techniques have been proven to be successful in detecting leakage of confidential information from programs. Modern approaches are based on formal methods, relying on program analysis to produce a SAT formula representing the program’s behavior, and model counting to measure the possible information flow. However, while program analysis scales to large codebases like the OpenSSL project, the formulas produced are too complex for analysis with precise model counting. In this paper we use the approximate model counter ApproxMC2 to quantify information flow. We show that ApproxMC2 is able to provide a large performance increase for a very small loss of precision, allowing the analysis of SAT formulas produced from complex code. We call the resulting technique ApproxFlow and test it on a large set of benchmarks against the state of the art. Finally, we show that ApproxFlow can evaluate the leakage incurred by the Heartbleed OpenSSL bug, contrarily to the state of the art.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
CVE-2014-0160 "Heartbleed". https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 (accessed: April 03, 2017)
Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension. https://tools.ietf.org/html/rfc6520 (accessed: April 03, 2017)
Aziz, R.A., Chu, G., Muise, C., Stuckey, P.: \(\#\exists \)SAT: projected model counting. In: Heule, M., Weaver, S. (eds.) SAT 2015. LNCS, vol. 9340, pp. 121–137. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24318-4_10
Babic, D.: Satisfiability Suggested Format. Technical report, 015 (1993)
Backes, M., Köpf, B., Rybalchenko, A.: Automatic discovery and quantification of information leaks. In 30th IEEE Symposium on Security and Privacy (S&P 2009), Oakland, California, USA, May 17–20, pp. 141–153 (2009)
Bellare, M., Goldreich, O., Petrank, E.: Uniform generation of NP-witnesses using an NP-oracle. Information and Computation 163(2), 510–526 (2000)
Biondi, F., Kawamoto, Y., Legay, A., Traonouez, L.-M.: HyLeak: hybrid analysis tool for information leakage. In: D’Souza, D., Narayan Kumar, K. (eds.) ATVA 2017. LNCS, vol. 10482, pp. 156–163. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68167-2_11
Biondi, F., Legay, A., Malacaria, P., Wąsowski, A.: Quantifying information leakage of randomized protocols. In: Giacobazzi, R., Berdine, J., Mastroeni, I. (eds.) VMCAI 2013. LNCS, vol. 7737, pp. 68–87. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35873-9_7
Biondi, F., Legay, A., Quilbeuf, J.: Comparative analysis of leakage tools on scalable case studies. In: Fischer, B., Geldenhuys, J. (eds.) SPIN 2015. LNCS, vol. 9232, pp. 263–281. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23404-5_17
Biondi, F., Legay, A., Traonouez, L.-M., Wąsowski, A.: QUAIL: A quantitative security analyzer for imperative code. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 702–707. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39799-8_49
Chakraborty, S., Meel, K.S., Vardi, M.Y.: A scalable approximate model counter. In: Schulte, C. (ed.) CP 2013. LNCS, vol. 8124, pp. 200–216. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40627-0_18
Chakraborty, S., Meel, K.S., Vardi, M.Y.: Algorithmic improvements in approximate counting for probabilistic inference: From linear to logarithmic SAT calls. In: Proceedings of the Twenty-Fifth International Joint Conference on Artificial Intelligence, IJCAI 2016, New York, NY, USA, July 9-15, pp. 3569–3576 (2016)
Clark, D., Hunt, S., Malacaria, P.: Quantitative analysis of the leakage of confidential data. Electr. Notes Theor. Comput. Sci. 59(3), 238–251 (2001)
Clarke, E.M., Grumberg, O., Peled, D.A.: Model checking. MIT Press (2001)
Clarke, E., Kroening, D., Lerda, F.: A tool for checking ANSI-C programs. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 168–176. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24730-2_15
Cover, T.M., Thomas, J.A.: Elements of Information Theory. John Wiley & Sons Inc. (1991)
Denning, D.E.: Cryptography and Data Security. Addison-Wesley (1982)
Durumeric, Z., Kasten, J., Adrian, D., Halderman, J.A., Bailey, M., Li, F., Weaver, N., Amann, J., Beekman, J., Payer, M., Paxson, V.: The matter of Heartbleed. In: Proceedings of the 2014 Conference on Internet Measurement Conference, IMC 2014, pp. 475–488. ACM, New York (2014)
Fremont, D.J., Rabe, M.N., Seshia, S.A.: Maximum model counting. In: Singh, S.P., Markovitch, S. (ed.) Proceedings of the Thirty-First AAAI Conference on Artificial Intelligence, San Francisco, California, USA, February 4-9, pp. 3885–3892. AAAI Press (2017)
Karp, R.M., Luby, M., Madras, N.: Monte-carlo approximation algorithms for enumeration problems. Journal of Algorithms 10(3), 429–448 (1989)
Klebanov, V., Manthey, N., Muise, C.: SAT-Based analysis and quantification of information flow in programs. In: Joshi, K., Siegle, M., Stoelinga, M., D’Argenio, P.R. (eds.) QEST 2013. LNCS, vol. 8054, pp. 177–192. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40196-1_16
Klebanov, V., Weigl, A., Weisbarth, J.: Sound probabilistic #SAT with projection. In Proceedings 14th International Workshop Quantitative Aspects of Programming Languages and Systems, QAPL 2016, Eindhoven, The Netherlands, April 2–3, pp. 15–29 (2016)
Malacaria, P., Tautchning, M., DiStefano, D.: Information leakage analysis of complex C Code and its application to OpenSSL. In: Margaria, T., Steffen, B. (eds.) ISoLA 2016. LNCS, vol. 9952, pp. 909–925. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47166-2_63
McCamant, S., Ernst, M.D.: Quantitative information flow as network flow capacity. In: Proceedings of the ACM SIGPLAN 2008 Conference on Programming Language Design and Implementation, PLDI 2008, Tucson, AZ, USA, June 7–13, pp. 193–205 (2008)
Meng, Z., Smith, G.: Calculating bounds on information leakage using two-bit patterns. In: Proceedings of the 2011 Workshop on Programming Languages and Analysis for Security, PLAS 2011, San Jose, CA, USA, June 5, p. 1. (2011)
Newsome, J., McCamant, S., Song, D.: Measuring channel capacity to distinguish undue influence. In: Proceedings of the 2009 Workshop on Programming Languages and Analysis for Security, PLAS 2009, Dublin, Ireland, June15-21, pp. 73–85 (2009)
Phan, Q., Malacaria, P.: Abstract model counting: A novel approach for quantification of information leaks. In 9th ACM Symposium on Information, Computer and Communications Security, ASIA CCS 2014, Kyoto, Japan, June 03-06, pp. 283–292(2014)
Sass, J.: The role of static analysis in Heartbleed. https://www.sans.org/reading-room/whitepapers/threats/role-static-analysis-heartbleed-35752 (accessed: April 03, 2017)
Schmidt, J.P., Siegel, A., Srinivasan, A.: Chernoff-Hoeffding bounds for applications with limited independence. In: Proceedings of the Fourth Annual ACM/SIGACT-SIAM Symposium on Discrete Algorithms, Austin, Texas, June 25-27, pp. 331–340 (1993)
Soos, M., Nohl, K., Castelluccia, C.: Extending SAT solvers to cryptographic problems. In: Kullmann, O. (ed.) SAT 2009. LNCS, vol. 5584, pp. 244–257. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02777-2_24
Val, C.G., Enescu, M.A., Bayless, S., Aiello, W., Hu, A.J.: Precisely measuring quantitative information flow: 10K lines of code and beyond. In: IEEE European Symposium on Security and Privacy, EuroS&P 2016, Saarbrücken, Germany, March 21–24, pp. 31–46 (2016)
Valiant, L.G.: The complexity of enumeration and reliability problems. SIAM Journal of Computing 8(3), 410–421 (1979)
Wang, J., Zhao, M., Zeng, Q., Wu, D., Liu, P.: Risk assessment of buffer "Heartbleed" over-read vulnerabilities. In: 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2015, Rio de Janeiro, Brazil, June 22-25, pp. 555–562 (2015)
Weigl, A.: Efficient SAT-based pre-image enumeration for quantitative information flow in programs. In: Livraga, G., Torra, V., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM/QASA -2016. LNCS, vol. 9963, pp. 51–58. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47072-6_4
Wheeler, D.A.: How to prevent the next Heartbleed. https://www.dwheeler.com/essays/heartbleed.html (accessed: April 03, 2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Biondi, F., Enescu, M.A., Heuser, A., Legay, A., Meel, K.S., Quilbeuf, J. (2018). Scalable Approximation of Quantitative Information Flow in Programs. In: Dillig, I., Palsberg, J. (eds) Verification, Model Checking, and Abstract Interpretation. VMCAI 2018. Lecture Notes in Computer Science(), vol 10747. Springer, Cham. https://doi.org/10.1007/978-3-319-73721-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-73721-8_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-73720-1
Online ISBN: 978-3-319-73721-8
eBook Packages: Computer ScienceComputer Science (R0)