SlideShare a Scribd company logo

Quantifying Information Leaks via Model Counting Modulo Theories

Quoc-Sang Phan
Quoc-Sang Phan

The 41st CREST Open Workshop - Software Engineering And Computer Science Using Information http://crest.cs.ucl.ac.uk/cow/the_41st_cow_27_and_28_april_2015/

Science
1 of 21
Download to read offline
Quantifying Information Leaks via Model Counting Modulo Theories Sang Phan Queen Mary University of London April 28, 2015 1 / 20
Information Flow Secret input (H) Public input (L) Program P Public Output (O) Non-interference Public input (L) Program P Secret input (H) Information leaked Public Output (O) √ ? 2 / 20
Non-interference is unachievable int check(int H, int L){ int O; if (L == H) O = ACCEPT; else O = REJECT; return O; } password check Secret input (H) Public input (L) Program P Public Output (O) Non-interference Public input (L) Program P Secret input (H) Information leaked Public Output (O) √ ? Leaks = Secrecy before observing - Secrecy after observing ∆E (XH) = E(XH) − E(XH|XO) 3 / 20
Quantifying Information Leaks Theorem of Channel Capacity ∆E (XH) ≤ log2(|O|) has been proved for Shannon entropy and R´enyi’s min-entropy holds for all possible distributions of XH. is the basis of state-of-the-art techniques for Quantitative Information Flow analysis. Definition Quantitative Information Flow (QIF) is the problem of counting N, the number of possible outputs of a given program P. 4 / 20
Quantifying as Counting Adversary tries to infer H from L and O H L O f O is stored as a bit vector b1b2 . . . bM. Assume we have a first-order formula ϕP such that: ϕP contains a set of Boolean variables VI := {p1, p2, .., pM } pi = if and only if bi is 1, and pi = ⊥ if and only if bi = 0 Counting outputs of P ≡ Counting models of ϕP w.r.t. VI 5 / 20
Model Counting Modulo Theories SAT generalize to first-order theories #SAT SMT generalize to counting models
Model Counting Modulo Theories SAT generalize to first-order theories #SAT SMT generalize to counting models generalize to first-order theories generalize to counting models #SMT 6 / 20
Lazy Satisfiability Modulo Theories DPLL Modulo Theories DPLL(T ) = DPLL + T -solver ϕ := {¬(x > 10) ∨ A1} ∧ {(x > 10) ∨ ¬A1} ∧ {¬A3 ∨ (x < 1)} BA(ϕ) := {¬B1 ∨ A1} ∧ {B1 ∨ ¬A1} ∧ {¬A2 ∨ B2} µP = A1 ∧ B1 ∧ A2 ∧ B2 ⇒ T -solver(µ) returns inconsistent. µP = A1 ∧ B1 ∧ ¬A2 ∧ ¬B2 ⇒ T -solver(µ) returns consistent. 7 / 20
QIF as #SMT P ϕP QIF #SMT Formal methods DPLL(T ) Two approaches: Use formal methods to mimic DPLL(T ). Generate ϕP, then using DPLL(T ). 8 / 20
QIF analysis using Model Checking for all i from 1 to M do bi = (O >> (i - 1)) & 1 if (bi == 1) then pi ← else pi ← ⊥ Figure : Program instrumentation to build the set VI The algorithm consists of two components: A procedure to enumerate bit configurations (similar to DPLL) A model checker to check the existence of the bit configurations (similar to the T -solver) 9 / 20
QIF analysis using Model Checking UNSAT p1 p1 ∧ p2 p1 ∧ p2 ∧ p3 p1 ∧ p2 ∧ p3 ∧ p4 p1 ∧ p2 ∧ p3 ∧ p4 ∧ p5p1 ∧ p2 ∧ p3 ∧ p4 ∧ ¬p5 p1 p2 p3 p4 p5 assert !(p1 && p2 && p3 && p4 && p5); 10 / 20
QIF analysis using Symbolic Execution Symbolic Execution A program analysis technique that has several applications, in particular automated test generation. Executing programs with symbols instead of concrete inputs. 11 / 20
QIF analysis using Symbolic Execution Symbolic Execution as DPLL Modulo Theories DPLL(T ) = DPLL + T -solver Symbolic Executor = Boolean Executor + T -solver Add conditions to test each bits of the output: for all i from 1 to M do bi = (O >> (i - 1)) & 1 if (bi == 1) then pi ← else pi ← ⊥ Figure : Program instrumentation to build the set VI 12 / 20
QIF analysis using Symbolic Execution s1 s2 s3 p1 p1 p2 p2 H ≥ 16 pc := (H 16) H < 16 pc := (H ≥ 16)< pc ∧ p1 pc ∧ p1 pc ∧ p1 ∧ p2 pc ∧ p1 ∧ ¬p2 (H ≥ 16) and (H < 16): program conditions. p1, p2, ..: additional conditions. 13 / 20
QIF analysis using a #SMT solver Program transformation L = 8; if (H < 16) O = H + L; else O = L; (L1 = 8) ∧ (G0 = H0 < 16) ∧ (O1 = H0 + L1) ∧ (O2 = L1) ∧ (O3 = g?O1 : O3) Figure : A simple program encoded into a first-order formula Formula instrumentation to build the set VI : (assert (= (= #b1 (( extract 0 0) O3)) p1)) 14 / 20
QIF analysis using a #SMT solver Use APIs provided by an SMT solver Blocking clause After finding a model µ = l0 ∧ l1 ∧ · · · ∧ lm ∧ . . . Add the clause: block = ¬l0 ∨ ¬l1 ∨ · · · ∨ ¬lm Depth-first search Two components: A DPLL like procedure to enumerate truth assignments. Use the SMT solver to check consistency of the truth assignments. 15 / 20
Implementation Tools selected: Model Checking: CBMC (Ansi C) Symbolic Execution: Symbolic PathFinder (Java bytecode) Program transformation: CBMC SMT solver: z3 Benchmarks include: Vulnerabilities in Linux kernel Anonymity protocols A Tax program from the European project HATS (Java) Assumptions: all programs have bounded loops, no recursion. 16 / 20
Evaluation Some of the experiments: Case Study Policy LoC sqifc time selfcomp time Data Sanitization - < 10 11.898 timed out CVE-2011-2208 64 > 200 22.759 119.117 CVE-2011-2208 256 88.196 timed out CVE-2011-1078 8 > 200 10.380 13.853 CVE-2011-1078 64 37.899 timed out CRC 8 < 30 1.209 0.498 CRC 32 8.657 timed out Figure : Times are in seconds, timeout is 30 minutes. In the first case study, “-” means the policy is not specified. 17 / 20
Evaluation Some of the experiments: Benchmark Leaks sqifc sqifc++ time time CBMC aZ3 Total time Data sanitization 4 11.898 0.165 0.086 0.251 Implicit flow 2.81 5.033 0.169 0.049 0.218 Population count 5.04 17.278 0.162 0.398 0.560 Mix and duplicate 16 - 0.154 136.947 137.101 Masked copy 16 - 0.175 18.630 18.805 Sum query 4.81 64.557 0.162 0.133 0.295 Ten random outputs 3.32 64.202 0.160 0.093 0.253 CRC (8) 3 2.551 0.184 0.099 0.283 CRC (32) 5 7.755 0.193 0.325 0.518 Figure : Leaks are in bits. aZ3 runs with the DFS-based algorithm. Times are in seconds, “-” means timeout in one hour. Total time of sqifc++ is the sum of CBMC time and aZ3 time. 18 / 20
Conclusions P program transformation ϕP QIF #SMT Formal methods DPLL(T ) Two approaches: Use formal methods to mimic DPLL(T ). QIF analysis using Model Checking. QIF analysis using Symbolic Execution. Generate ϕP, then using DPLL(T ). Generate ϕP using program transformation. Extend an SMT solver for #SMT. 19 / 20
THANK YOU FOR YOUR ATTENTION! 20 / 20

Recommended

Application of Non-linear Electronics in Digital Communication
Application of Non-linear Electronics in Digital CommunicationApplication of Non-linear Electronics in Digital Communication
Application of Non-linear Electronics in Digital Communication
Mohammad reza Zahabi
 
Computer Architecture and Organization lab with matlab
Computer Architecture and Organization lab with matlabComputer Architecture and Organization lab with matlab
Computer Architecture and Organization lab with matlab
Shankar Gangaju
 
Numerical analysis
Numerical analysisNumerical analysis
Numerical analysisVishal Singh
 
Runtime Monitoring of Stream Logic Formulae (Talk @ FPS 2015)
Runtime Monitoring of Stream Logic Formulae (Talk @ FPS 2015)Runtime Monitoring of Stream Logic Formulae (Talk @ FPS 2015)
Runtime Monitoring of Stream Logic Formulae (Talk @ FPS 2015)
Sylvain Hallé
 
Verilog full adder in dataflow & gate level modelling style.
Verilog full adder in dataflow & gate level modelling style.Verilog full adder in dataflow & gate level modelling style.
Verilog full adder in dataflow & gate level modelling style.
Omkar Rane
 
openMP loop parallelization
openMP loop parallelizationopenMP loop parallelization
openMP loop parallelization
Albert DeFusco
 
Code quailty metrics demystified
Code quailty metrics demystifiedCode quailty metrics demystified
Code quailty metrics demystified
Jeroen Resoort
 
Quantifying Information Leaks using Reliability Analysis
Quantifying Information Leaks using Reliability AnalysisQuantifying Information Leaks using Reliability Analysis
Quantifying Information Leaks using Reliability AnalysisQuoc-Sang Phan
 

Recommended

Application of Non-linear Electronics in Digital Communication
Application of Non-linear Electronics in Digital CommunicationApplication of Non-linear Electronics in Digital Communication
Application of Non-linear Electronics in Digital Communication
Mohammad reza Zahabi
 
Computer Architecture and Organization lab with matlab
Computer Architecture and Organization lab with matlabComputer Architecture and Organization lab with matlab
Computer Architecture and Organization lab with matlab
Shankar Gangaju
 
Numerical analysis
Numerical analysisNumerical analysis
Numerical analysisVishal Singh
 
Runtime Monitoring of Stream Logic Formulae (Talk @ FPS 2015)
Runtime Monitoring of Stream Logic Formulae (Talk @ FPS 2015)Runtime Monitoring of Stream Logic Formulae (Talk @ FPS 2015)
Runtime Monitoring of Stream Logic Formulae (Talk @ FPS 2015)
Sylvain Hallé
 
Verilog full adder in dataflow & gate level modelling style.
Verilog full adder in dataflow & gate level modelling style.Verilog full adder in dataflow & gate level modelling style.
Verilog full adder in dataflow & gate level modelling style.
Omkar Rane
 
openMP loop parallelization
openMP loop parallelizationopenMP loop parallelization
openMP loop parallelization
Albert DeFusco
 
Code quailty metrics demystified
Code quailty metrics demystifiedCode quailty metrics demystified
Code quailty metrics demystified
Jeroen Resoort
 
Quantifying Information Leaks using Reliability Analysis
Quantifying Information Leaks using Reliability AnalysisQuantifying Information Leaks using Reliability Analysis
Quantifying Information Leaks using Reliability AnalysisQuoc-Sang Phan
 
(Www.entrance exam.net)-tcs placement sample paper 2
(Www.entrance exam.net)-tcs placement sample paper 2(Www.entrance exam.net)-tcs placement sample paper 2
(Www.entrance exam.net)-tcs placement sample paper 2Pamidimukkala Sivani
 
Shan
ShanShan
Shanmohdshanu
 
Tech Talks @NSU: DLang: возможности языка и его применение
Tech Talks @NSU: DLang: возможности языка и его применениеTech Talks @NSU: DLang: возможности языка и его применение
Tech Talks @NSU: DLang: возможности языка и его применение
Tech Talks @NSU
 
MapReduce for Parallel Trace Validation of LTL Properties
MapReduce for Parallel Trace Validation of LTL PropertiesMapReduce for Parallel Trace Validation of LTL Properties
MapReduce for Parallel Trace Validation of LTL Properties
Sylvain Hallé
 
Chapter 5
Chapter 5Chapter 5
Chapter 5
EasyStudy3
 
A formalization of complex event stream processing
A formalization of complex event stream processingA formalization of complex event stream processing
A formalization of complex event stream processing
Sylvain Hallé
 
A lab report on modeling and simulation with python code
A lab report on modeling and simulation with python codeA lab report on modeling and simulation with python code
A lab report on modeling and simulation with python code
Alamgir Hossain
 
VERILOG CODE FOR Adder
VERILOG CODE FOR AdderVERILOG CODE FOR Adder
VERILOG CODE FOR Adder
Rakesh kumar jha
 
Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual
Amairullah Khan Lodhi
 
Project on digital vlsi design
Project on digital vlsi designProject on digital vlsi design
Project on digital vlsi design
DINESH DEVIREDDY
 
Brief introduction to Algorithm analysis
Brief introduction to Algorithm analysis Brief introduction to Algorithm analysis
Brief introduction to Algorithm analysis
Anantha Ramu
 
week-3x
week-3xweek-3x
week-3xKITE www.kitecolleges.com
 
Lab lect03 arith_control
Lab lect03 arith_controlLab lect03 arith_control
Lab lect03 arith_control
MPDS
 
C __paper.docx_final
C __paper.docx_finalC __paper.docx_final
C __paper.docx_final
Sumit Sar
 
Application of Stacks
Application of StacksApplication of Stacks
Application of Stacks
Ain-ul-Moiz Khawaja
 
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and SparkCrystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Jivan Nepali
 
A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA
A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA
A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA
AKSHAY SACHAN
 
C questions
C questionsC questions
C questions
MD Rashid
 
C#.net
C#.netC#.net
C#.net
vnboghani
 
openCypher Technology Compatibility Kit (TCK)
openCypher Technology Compatibility Kit (TCK)openCypher Technology Compatibility Kit (TCK)
openCypher Technology Compatibility Kit (TCK)
openCypher
 
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
Quoc-Sang Phan
 
Fpga 11-sequence-detector-fir-iir-filter
Fpga 11-sequence-detector-fir-iir-filterFpga 11-sequence-detector-fir-iir-filter
Fpga 11-sequence-detector-fir-iir-filterMalik Tauqir Hasan
 

More Related Content

What's hot

(Www.entrance exam.net)-tcs placement sample paper 2
(Www.entrance exam.net)-tcs placement sample paper 2(Www.entrance exam.net)-tcs placement sample paper 2
(Www.entrance exam.net)-tcs placement sample paper 2Pamidimukkala Sivani
 
Tech Talks @NSU: DLang: возможности языка и его применение
Tech Talks @NSU: DLang: возможности языка и его применениеTech Talks @NSU: DLang: возможности языка и его применение
Tech Talks @NSU: DLang: возможности языка и его применение
Tech Talks @NSU
 
MapReduce for Parallel Trace Validation of LTL Properties
MapReduce for Parallel Trace Validation of LTL PropertiesMapReduce for Parallel Trace Validation of LTL Properties
MapReduce for Parallel Trace Validation of LTL Properties
Sylvain Hallé
 
Chapter 5
Chapter 5Chapter 5
Chapter 5
EasyStudy3
 
A formalization of complex event stream processing
A formalization of complex event stream processingA formalization of complex event stream processing
A formalization of complex event stream processing
Sylvain Hallé
 
A lab report on modeling and simulation with python code
A lab report on modeling and simulation with python codeA lab report on modeling and simulation with python code
A lab report on modeling and simulation with python code
Alamgir Hossain
 
VERILOG CODE FOR Adder
VERILOG CODE FOR AdderVERILOG CODE FOR Adder
VERILOG CODE FOR Adder
Rakesh kumar jha
 
Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual
Amairullah Khan Lodhi
 
Project on digital vlsi design
Project on digital vlsi designProject on digital vlsi design
Project on digital vlsi design
DINESH DEVIREDDY
 
Brief introduction to Algorithm analysis
Brief introduction to Algorithm analysis Brief introduction to Algorithm analysis
Brief introduction to Algorithm analysis
Anantha Ramu
 
Lab lect03 arith_control
Lab lect03 arith_controlLab lect03 arith_control
Lab lect03 arith_control
MPDS
 
C __paper.docx_final
C __paper.docx_finalC __paper.docx_final
C __paper.docx_final
Sumit Sar
 
Application of Stacks
Application of StacksApplication of Stacks
Application of Stacks
Ain-ul-Moiz Khawaja
 
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and SparkCrystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Jivan Nepali
 
A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA
A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA
A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA
AKSHAY SACHAN
 
C questions
C questionsC questions
C questions
MD Rashid
 
C#.net
C#.netC#.net
C#.net
vnboghani
 
openCypher Technology Compatibility Kit (TCK)
openCypher Technology Compatibility Kit (TCK)openCypher Technology Compatibility Kit (TCK)
openCypher Technology Compatibility Kit (TCK)
openCypher
 

What's hot (20)

(Www.entrance exam.net)-tcs placement sample paper 2
(Www.entrance exam.net)-tcs placement sample paper 2(Www.entrance exam.net)-tcs placement sample paper 2
(Www.entrance exam.net)-tcs placement sample paper 2
 
Shan
ShanShan
Shan
 
Tech Talks @NSU: DLang: возможности языка и его применение
Tech Talks @NSU: DLang: возможности языка и его применениеTech Talks @NSU: DLang: возможности языка и его применение
Tech Talks @NSU: DLang: возможности языка и его применение
 
MapReduce for Parallel Trace Validation of LTL Properties
MapReduce for Parallel Trace Validation of LTL PropertiesMapReduce for Parallel Trace Validation of LTL Properties
MapReduce for Parallel Trace Validation of LTL Properties
 
Chapter 5
Chapter 5Chapter 5
Chapter 5
 
A formalization of complex event stream processing
A formalization of complex event stream processingA formalization of complex event stream processing
A formalization of complex event stream processing
 
A lab report on modeling and simulation with python code
A lab report on modeling and simulation with python codeA lab report on modeling and simulation with python code
A lab report on modeling and simulation with python code
 
VERILOG CODE FOR Adder
VERILOG CODE FOR AdderVERILOG CODE FOR Adder
VERILOG CODE FOR Adder
 
Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual Digital Signal Processing Lab Manual
Digital Signal Processing Lab Manual
 
Project on digital vlsi design
Project on digital vlsi designProject on digital vlsi design
Project on digital vlsi design
 
Brief introduction to Algorithm analysis
Brief introduction to Algorithm analysis Brief introduction to Algorithm analysis
Brief introduction to Algorithm analysis
 
week-3x
week-3xweek-3x
week-3x
 
Lab lect03 arith_control
Lab lect03 arith_controlLab lect03 arith_control
Lab lect03 arith_control
 
C __paper.docx_final
C __paper.docx_finalC __paper.docx_final
C __paper.docx_final
 
Application of Stacks
Application of StacksApplication of Stacks
Application of Stacks
 
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and SparkCrystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
Crystal Ball Event Prediction and Log Analysis with Hadoop MapReduce and Spark
 
A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA
A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA
A.P.S.E PRACTICAL FILE, NIT KURUKSHETRA
 
C questions
C questionsC questions
C questions
 
C#.net
C#.netC#.net
C#.net
 
openCypher Technology Compatibility Kit (TCK)
openCypher Technology Compatibility Kit (TCK)openCypher Technology Compatibility Kit (TCK)
openCypher Technology Compatibility Kit (TCK)
 

Similar to Quantifying Information Leaks via Model Counting Modulo Theories

All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
Quoc-Sang Phan
 
Fpga 11-sequence-detector-fir-iir-filter
Fpga 11-sequence-detector-fir-iir-filterFpga 11-sequence-detector-fir-iir-filter
Fpga 11-sequence-detector-fir-iir-filterMalik Tauqir Hasan
 
Computing Information Flow Using Symbolic-Model-Checking_.pdf
Computing Information Flow Using Symbolic-Model-Checking_.pdfComputing Information Flow Using Symbolic-Model-Checking_.pdf
Computing Information Flow Using Symbolic-Model-Checking_.pdf
Polytechnique Montréal
 
Symbolic Execution as DPLL Modulo Theories
Symbolic Execution as DPLL Modulo TheoriesSymbolic Execution as DPLL Modulo Theories
Symbolic Execution as DPLL Modulo Theories
Quoc-Sang Phan
 
Towards an SMT-based approach for Quantitative Information Flow
Towards an SMT-based approach for Quantitative Information FlowTowards an SMT-based approach for Quantitative Information Flow
Towards an SMT-based approach for Quantitative Information Flow
Quoc-Sang Phan
 
Fast coputation of Phi(x) inverse
Fast coputation of Phi(x) inverseFast coputation of Phi(x) inverse
Fast coputation of Phi(x) inverse
John Cook
 
microp-8085 74 instructions for mct-A :P
microp-8085 74 instructions for mct-A :Pmicrop-8085 74 instructions for mct-A :P
microp-8085 74 instructions for mct-A :P
Jathin Kanumuri
 
8085 Paper Presentation slides,ppt,microprocessor 8085 ,guide, instruction set
8085 Paper Presentation slides,ppt,microprocessor 8085 ,guide, instruction set8085 Paper Presentation slides,ppt,microprocessor 8085 ,guide, instruction set
8085 Paper Presentation slides,ppt,microprocessor 8085 ,guide, instruction set
Saumitra Rukmangad
 
microp-8085 74 instructions for mct-A :P-2
microp-8085 74 instructions for mct-A :P-2microp-8085 74 instructions for mct-A :P-2
microp-8085 74 instructions for mct-A :P-2
Jathin Kanumuri
 
IntroCtrlSys_Chapter2.pdf
IntroCtrlSys_Chapter2.pdfIntroCtrlSys_Chapter2.pdf
IntroCtrlSys_Chapter2.pdf
NguynQucNam5
 
digital signal-processing-lab-manual
digital signal-processing-lab-manualdigital signal-processing-lab-manual
digital signal-processing-lab-manual
Ahmed Alshomi
 
Strategies to Combat Pilot Contamination in Massive MIMO Systems
Strategies to Combat Pilot Contamination in Massive MIMO SystemsStrategies to Combat Pilot Contamination in Massive MIMO Systems
Strategies to Combat Pilot Contamination in Massive MIMO Systems
CPqD
 
Chapter 07 Digital Alrithmetic and Arithmetic Circuits
Chapter 07 Digital Alrithmetic and Arithmetic CircuitsChapter 07 Digital Alrithmetic and Arithmetic Circuits
Chapter 07 Digital Alrithmetic and Arithmetic Circuits
SSE_AndyLi
 
Numerical approach for Hamilton-Jacobi equations on a network: application to...
Numerical approach for Hamilton-Jacobi equations on a network: application to...Numerical approach for Hamilton-Jacobi equations on a network: application to...
Numerical approach for Hamilton-Jacobi equations on a network: application to...
Guillaume Costeseque
 
IE 425 Homework 10Submit on Tuesday, 12101.(20 pts) C.docx
IE 425 Homework 10Submit on Tuesday, 12101.(20 pts) C.docxIE 425 Homework 10Submit on Tuesday, 12101.(20 pts) C.docx
IE 425 Homework 10Submit on Tuesday, 12101.(20 pts) C.docx
sheronlewthwaite
 
Lecture Slide (21).pptx
Lecture Slide (21).pptxLecture Slide (21).pptx
Lecture Slide (21).pptx
BilalMumtaz9
 
Introduction to NumPy for Machine Learning Programmers
Introduction to NumPy for Machine Learning ProgrammersIntroduction to NumPy for Machine Learning Programmers
Introduction to NumPy for Machine Learning Programmers
Kimikazu Kato
 

Similar to Quantifying Information Leaks via Model Counting Modulo Theories (20)

All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
 
Fpga 11-sequence-detector-fir-iir-filter
Fpga 11-sequence-detector-fir-iir-filterFpga 11-sequence-detector-fir-iir-filter
Fpga 11-sequence-detector-fir-iir-filter
 
Computing Information Flow Using Symbolic-Model-Checking_.pdf
Computing Information Flow Using Symbolic-Model-Checking_.pdfComputing Information Flow Using Symbolic-Model-Checking_.pdf
Computing Information Flow Using Symbolic-Model-Checking_.pdf
 
Symbolic Execution as DPLL Modulo Theories
Symbolic Execution as DPLL Modulo TheoriesSymbolic Execution as DPLL Modulo Theories
Symbolic Execution as DPLL Modulo Theories
 
Towards an SMT-based approach for Quantitative Information Flow
Towards an SMT-based approach for Quantitative Information FlowTowards an SMT-based approach for Quantitative Information Flow
Towards an SMT-based approach for Quantitative Information Flow
 
Fast coputation of Phi(x) inverse
Fast coputation of Phi(x) inverseFast coputation of Phi(x) inverse
Fast coputation of Phi(x) inverse
 
Jp
Jp Jp
Jp
 
microp-8085 74 instructions for mct-A :P
microp-8085 74 instructions for mct-A :Pmicrop-8085 74 instructions for mct-A :P
microp-8085 74 instructions for mct-A :P
 
8085 Paper Presentation slides,ppt,microprocessor 8085 ,guide, instruction set
8085 Paper Presentation slides,ppt,microprocessor 8085 ,guide, instruction set8085 Paper Presentation slides,ppt,microprocessor 8085 ,guide, instruction set
8085 Paper Presentation slides,ppt,microprocessor 8085 ,guide, instruction set
 
microp-8085 74 instructions for mct-A :P-2
microp-8085 74 instructions for mct-A :P-2microp-8085 74 instructions for mct-A :P-2
microp-8085 74 instructions for mct-A :P-2
 
Lecture 3a analog to digital converter
Lecture 3a analog to digital converterLecture 3a analog to digital converter
Lecture 3a analog to digital converter
 
IntroCtrlSys_Chapter2.pdf
IntroCtrlSys_Chapter2.pdfIntroCtrlSys_Chapter2.pdf
IntroCtrlSys_Chapter2.pdf
 
digital signal-processing-lab-manual
digital signal-processing-lab-manualdigital signal-processing-lab-manual
digital signal-processing-lab-manual
 
Strategies to Combat Pilot Contamination in Massive MIMO Systems
Strategies to Combat Pilot Contamination in Massive MIMO SystemsStrategies to Combat Pilot Contamination in Massive MIMO Systems
Strategies to Combat Pilot Contamination in Massive MIMO Systems
 
Chapter 07 Digital Alrithmetic and Arithmetic Circuits
Chapter 07 Digital Alrithmetic and Arithmetic CircuitsChapter 07 Digital Alrithmetic and Arithmetic Circuits
Chapter 07 Digital Alrithmetic and Arithmetic Circuits
 
Numerical approach for Hamilton-Jacobi equations on a network: application to...
Numerical approach for Hamilton-Jacobi equations on a network: application to...Numerical approach for Hamilton-Jacobi equations on a network: application to...
Numerical approach for Hamilton-Jacobi equations on a network: application to...
 
IE 425 Homework 10Submit on Tuesday, 12101.(20 pts) C.docx
IE 425 Homework 10Submit on Tuesday, 12101.(20 pts) C.docxIE 425 Homework 10Submit on Tuesday, 12101.(20 pts) C.docx
IE 425 Homework 10Submit on Tuesday, 12101.(20 pts) C.docx
 
Lecture Slide (21).pptx
Lecture Slide (21).pptxLecture Slide (21).pptx
Lecture Slide (21).pptx
 
Introduction to NumPy for Machine Learning Programmers
Introduction to NumPy for Machine Learning ProgrammersIntroduction to NumPy for Machine Learning Programmers
Introduction to NumPy for Machine Learning Programmers
 
OS_Ch7
OS_Ch7OS_Ch7
OS_Ch7
 

Recently uploaded

Structural Classification Of Protein (SCOP)
Structural Classification Of Protein (SCOP)Structural Classification Of Protein (SCOP)
Structural Classification Of Protein (SCOP)
aishnasrivastava
 
THE IMPORTANCE OF MARTIAN ATMOSPHERE SAMPLE RETURN.
THE IMPORTANCE OF MARTIAN ATMOSPHERE SAMPLE RETURN.THE IMPORTANCE OF MARTIAN ATMOSPHERE SAMPLE RETURN.
THE IMPORTANCE OF MARTIAN ATMOSPHERE SAMPLE RETURN.
Sérgio Sacani
 
ESR_factors_affect-clinic significance-Pathysiology.pptx
ESR_factors_affect-clinic significance-Pathysiology.pptxESR_factors_affect-clinic significance-Pathysiology.pptx
ESR_factors_affect-clinic significance-Pathysiology.pptx
muralinath2
 
Comparative structure of adrenal gland in vertebrates
Comparative structure of adrenal gland in vertebratesComparative structure of adrenal gland in vertebrates
Comparative structure of adrenal gland in vertebrates
sachin783648
 
In silico drugs analogue design: novobiocin analogues.pptx
In silico drugs analogue design: novobiocin analogues.pptxIn silico drugs analogue design: novobiocin analogues.pptx
In silico drugs analogue design: novobiocin analogues.pptx
AlaminAfendy1
 
in vitro propagation of plants lecture note.pptx
in vitro propagation of plants lecture note.pptxin vitro propagation of plants lecture note.pptx
in vitro propagation of plants lecture note.pptx
yusufzako14
 
Citrus Greening Disease and its Management
Citrus Greening Disease and its ManagementCitrus Greening Disease and its Management
Citrus Greening Disease and its Management
subedisuryaofficial
 
Astronomy Update- Curiosity’s exploration of Mars _ Local Briefs _ leadertele...
Astronomy Update- Curiosity’s exploration of Mars _ Local Briefs _ leadertele...Astronomy Update- Curiosity’s exploration of Mars _ Local Briefs _ leadertele...
Astronomy Update- Curiosity’s exploration of Mars _ Local Briefs _ leadertele...
NathanBaughman3
 
Mammalian Pineal Body Structure and Also Functions
Mammalian Pineal Body Structure and Also FunctionsMammalian Pineal Body Structure and Also Functions
Mammalian Pineal Body Structure and Also Functions
YOGESH DOGRA
 
What is greenhouse gasses and how many gasses are there to affect the Earth.
What is greenhouse gasses and how many gasses are there to affect the Earth.What is greenhouse gasses and how many gasses are there to affect the Earth.
What is greenhouse gasses and how many gasses are there to affect the Earth.
moosaasad1975
 
Multi-source connectivity as the driver of solar wind variability in the heli...
Multi-source connectivity as the driver of solar wind variability in the heli...Multi-source connectivity as the driver of solar wind variability in the heli...
Multi-source connectivity as the driver of solar wind variability in the heli...
Sérgio Sacani
 
EY - Supply Chain Services 2018_template.pptx
EY - Supply Chain Services 2018_template.pptxEY - Supply Chain Services 2018_template.pptx
EY - Supply Chain Services 2018_template.pptx
AlguinaldoKong
 
GBSN - Biochemistry (Unit 5) Chemistry of Lipids
GBSN - Biochemistry (Unit 5) Chemistry of LipidsGBSN - Biochemistry (Unit 5) Chemistry of Lipids
GBSN - Biochemistry (Unit 5) Chemistry of Lipids
Areesha Ahmad
 
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
Sérgio Sacani
 
Hemoglobin metabolism_pathophysiology.pptx
Hemoglobin metabolism_pathophysiology.pptxHemoglobin metabolism_pathophysiology.pptx
Hemoglobin metabolism_pathophysiology.pptx
muralinath2
 
Cancer cell metabolism: special Reference to Lactate Pathway
Cancer cell metabolism: special Reference to Lactate PathwayCancer cell metabolism: special Reference to Lactate Pathway
Cancer cell metabolism: special Reference to Lactate Pathway
AADYARAJPANDEY1
 
Lab report on liquid viscosity of glycerin
Lab report on liquid viscosity of glycerinLab report on liquid viscosity of glycerin
Lab report on liquid viscosity of glycerin
ossaicprecious19
 
(May 29th, 2024) Advancements in Intravital Microscopy- Insights for Preclini...
(May 29th, 2024) Advancements in Intravital Microscopy- Insights for Preclini...(May 29th, 2024) Advancements in Intravital Microscopy- Insights for Preclini...
(May 29th, 2024) Advancements in Intravital Microscopy- Insights for Preclini...
Scintica Instrumentation
 
filosofia boliviana introducción jsjdjd.pptx
filosofia boliviana introducción jsjdjd.pptxfilosofia boliviana introducción jsjdjd.pptx
filosofia boliviana introducción jsjdjd.pptx
IvanMallco1
 
The ASGCT Annual Meeting was packed with exciting progress in the field advan...
The ASGCT Annual Meeting was packed with exciting progress in the field advan...The ASGCT Annual Meeting was packed with exciting progress in the field advan...
The ASGCT Annual Meeting was packed with exciting progress in the field advan...
Health Advances
 

Recently uploaded (20)

Structural Classification Of Protein (SCOP)
Structural Classification Of Protein (SCOP)Structural Classification Of Protein (SCOP)
Structural Classification Of Protein (SCOP)
 
THE IMPORTANCE OF MARTIAN ATMOSPHERE SAMPLE RETURN.
THE IMPORTANCE OF MARTIAN ATMOSPHERE SAMPLE RETURN.THE IMPORTANCE OF MARTIAN ATMOSPHERE SAMPLE RETURN.
THE IMPORTANCE OF MARTIAN ATMOSPHERE SAMPLE RETURN.
 
ESR_factors_affect-clinic significance-Pathysiology.pptx
ESR_factors_affect-clinic significance-Pathysiology.pptxESR_factors_affect-clinic significance-Pathysiology.pptx
ESR_factors_affect-clinic significance-Pathysiology.pptx
 
Comparative structure of adrenal gland in vertebrates
Comparative structure of adrenal gland in vertebratesComparative structure of adrenal gland in vertebrates
Comparative structure of adrenal gland in vertebrates
 
In silico drugs analogue design: novobiocin analogues.pptx
In silico drugs analogue design: novobiocin analogues.pptxIn silico drugs analogue design: novobiocin analogues.pptx
In silico drugs analogue design: novobiocin analogues.pptx
 
in vitro propagation of plants lecture note.pptx
in vitro propagation of plants lecture note.pptxin vitro propagation of plants lecture note.pptx
in vitro propagation of plants lecture note.pptx
 
Citrus Greening Disease and its Management
Citrus Greening Disease and its ManagementCitrus Greening Disease and its Management
Citrus Greening Disease and its Management
 
Astronomy Update- Curiosity’s exploration of Mars _ Local Briefs _ leadertele...
Astronomy Update- Curiosity’s exploration of Mars _ Local Briefs _ leadertele...Astronomy Update- Curiosity’s exploration of Mars _ Local Briefs _ leadertele...
Astronomy Update- Curiosity’s exploration of Mars _ Local Briefs _ leadertele...
 
Mammalian Pineal Body Structure and Also Functions
Mammalian Pineal Body Structure and Also FunctionsMammalian Pineal Body Structure and Also Functions
Mammalian Pineal Body Structure and Also Functions
 
What is greenhouse gasses and how many gasses are there to affect the Earth.
What is greenhouse gasses and how many gasses are there to affect the Earth.What is greenhouse gasses and how many gasses are there to affect the Earth.
What is greenhouse gasses and how many gasses are there to affect the Earth.
 
Multi-source connectivity as the driver of solar wind variability in the heli...
Multi-source connectivity as the driver of solar wind variability in the heli...Multi-source connectivity as the driver of solar wind variability in the heli...
Multi-source connectivity as the driver of solar wind variability in the heli...
 
EY - Supply Chain Services 2018_template.pptx
EY - Supply Chain Services 2018_template.pptxEY - Supply Chain Services 2018_template.pptx
EY - Supply Chain Services 2018_template.pptx
 
GBSN - Biochemistry (Unit 5) Chemistry of Lipids
GBSN - Biochemistry (Unit 5) Chemistry of LipidsGBSN - Biochemistry (Unit 5) Chemistry of Lipids
GBSN - Biochemistry (Unit 5) Chemistry of Lipids
 
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
 
Hemoglobin metabolism_pathophysiology.pptx
Hemoglobin metabolism_pathophysiology.pptxHemoglobin metabolism_pathophysiology.pptx
Hemoglobin metabolism_pathophysiology.pptx
 
Cancer cell metabolism: special Reference to Lactate Pathway
Cancer cell metabolism: special Reference to Lactate PathwayCancer cell metabolism: special Reference to Lactate Pathway
Cancer cell metabolism: special Reference to Lactate Pathway
 
Lab report on liquid viscosity of glycerin
Lab report on liquid viscosity of glycerinLab report on liquid viscosity of glycerin
Lab report on liquid viscosity of glycerin
 
(May 29th, 2024) Advancements in Intravital Microscopy- Insights for Preclini...
(May 29th, 2024) Advancements in Intravital Microscopy- Insights for Preclini...(May 29th, 2024) Advancements in Intravital Microscopy- Insights for Preclini...
(May 29th, 2024) Advancements in Intravital Microscopy- Insights for Preclini...
 
filosofia boliviana introducción jsjdjd.pptx
filosofia boliviana introducción jsjdjd.pptxfilosofia boliviana introducción jsjdjd.pptx
filosofia boliviana introducción jsjdjd.pptx
 
The ASGCT Annual Meeting was packed with exciting progress in the field advan...
The ASGCT Annual Meeting was packed with exciting progress in the field advan...The ASGCT Annual Meeting was packed with exciting progress in the field advan...
The ASGCT Annual Meeting was packed with exciting progress in the field advan...
 

Quantifying Information Leaks via Model Counting Modulo Theories

  • 1. Quantifying Information Leaks via Model Counting Modulo Theories Sang Phan Queen Mary University of London April 28, 2015 1 / 20
  • 2. Information Flow Secret input (H) Public input (L) Program P Public Output (O) Non-interference Public input (L) Program P Secret input (H) Information leaked Public Output (O) √ ? 2 / 20
  • 3. Non-interference is unachievable int check(int H, int L){ int O; if (L == H) O = ACCEPT; else O = REJECT; return O; } password check Secret input (H) Public input (L) Program P Public Output (O) Non-interference Public input (L) Program P Secret input (H) Information leaked Public Output (O) √ ? Leaks = Secrecy before observing - Secrecy after observing ∆E (XH) = E(XH) − E(XH|XO) 3 / 20
  • 4. Quantifying Information Leaks Theorem of Channel Capacity ∆E (XH) ≤ log2(|O|) has been proved for Shannon entropy and R´enyi’s min-entropy holds for all possible distributions of XH. is the basis of state-of-the-art techniques for Quantitative Information Flow analysis. Definition Quantitative Information Flow (QIF) is the problem of counting N, the number of possible outputs of a given program P. 4 / 20
  • 5. Quantifying as Counting Adversary tries to infer H from L and O H L O f O is stored as a bit vector b1b2 . . . bM. Assume we have a first-order formula ϕP such that: ϕP contains a set of Boolean variables VI := {p1, p2, .., pM } pi = if and only if bi is 1, and pi = ⊥ if and only if bi = 0 Counting outputs of P ≡ Counting models of ϕP w.r.t. VI 5 / 20
  • 6. Model Counting Modulo Theories SAT generalize to first-order theories #SAT SMT generalize to counting models
  • 7. Model Counting Modulo Theories SAT generalize to first-order theories #SAT SMT generalize to counting models generalize to first-order theories generalize to counting models #SMT 6 / 20
  • 8. Lazy Satisfiability Modulo Theories DPLL Modulo Theories DPLL(T ) = DPLL + T -solver ϕ := {¬(x > 10) ∨ A1} ∧ {(x > 10) ∨ ¬A1} ∧ {¬A3 ∨ (x < 1)} BA(ϕ) := {¬B1 ∨ A1} ∧ {B1 ∨ ¬A1} ∧ {¬A2 ∨ B2} µP = A1 ∧ B1 ∧ A2 ∧ B2 ⇒ T -solver(µ) returns inconsistent. µP = A1 ∧ B1 ∧ ¬A2 ∧ ¬B2 ⇒ T -solver(µ) returns consistent. 7 / 20
  • 9. QIF as #SMT P ϕP QIF #SMT Formal methods DPLL(T ) Two approaches: Use formal methods to mimic DPLL(T ). Generate ϕP, then using DPLL(T ). 8 / 20
  • 10. QIF analysis using Model Checking for all i from 1 to M do bi = (O >> (i - 1)) & 1 if (bi == 1) then pi ← else pi ← ⊥ Figure : Program instrumentation to build the set VI The algorithm consists of two components: A procedure to enumerate bit configurations (similar to DPLL) A model checker to check the existence of the bit configurations (similar to the T -solver) 9 / 20
  • 11. QIF analysis using Model Checking UNSAT p1 p1 ∧ p2 p1 ∧ p2 ∧ p3 p1 ∧ p2 ∧ p3 ∧ p4 p1 ∧ p2 ∧ p3 ∧ p4 ∧ p5p1 ∧ p2 ∧ p3 ∧ p4 ∧ ¬p5 p1 p2 p3 p4 p5 assert !(p1 && p2 && p3 && p4 && p5); 10 / 20
  • 12. QIF analysis using Symbolic Execution Symbolic Execution A program analysis technique that has several applications, in particular automated test generation. Executing programs with symbols instead of concrete inputs. 11 / 20
  • 13. QIF analysis using Symbolic Execution Symbolic Execution as DPLL Modulo Theories DPLL(T ) = DPLL + T -solver Symbolic Executor = Boolean Executor + T -solver Add conditions to test each bits of the output: for all i from 1 to M do bi = (O >> (i - 1)) & 1 if (bi == 1) then pi ← else pi ← ⊥ Figure : Program instrumentation to build the set VI 12 / 20
  • 14. QIF analysis using Symbolic Execution s1 s2 s3 p1 p1 p2 p2 H ≥ 16 pc := (H 16) H < 16 pc := (H ≥ 16)< pc ∧ p1 pc ∧ p1 pc ∧ p1 ∧ p2 pc ∧ p1 ∧ ¬p2 (H ≥ 16) and (H < 16): program conditions. p1, p2, ..: additional conditions. 13 / 20
  • 15. QIF analysis using a #SMT solver Program transformation L = 8; if (H < 16) O = H + L; else O = L; (L1 = 8) ∧ (G0 = H0 < 16) ∧ (O1 = H0 + L1) ∧ (O2 = L1) ∧ (O3 = g?O1 : O3) Figure : A simple program encoded into a first-order formula Formula instrumentation to build the set VI : (assert (= (= #b1 (( extract 0 0) O3)) p1)) 14 / 20
  • 16. QIF analysis using a #SMT solver Use APIs provided by an SMT solver Blocking clause After finding a model µ = l0 ∧ l1 ∧ · · · ∧ lm ∧ . . . Add the clause: block = ¬l0 ∨ ¬l1 ∨ · · · ∨ ¬lm Depth-first search Two components: A DPLL like procedure to enumerate truth assignments. Use the SMT solver to check consistency of the truth assignments. 15 / 20
  • 17. Implementation Tools selected: Model Checking: CBMC (Ansi C) Symbolic Execution: Symbolic PathFinder (Java bytecode) Program transformation: CBMC SMT solver: z3 Benchmarks include: Vulnerabilities in Linux kernel Anonymity protocols A Tax program from the European project HATS (Java) Assumptions: all programs have bounded loops, no recursion. 16 / 20
  • 18. Evaluation Some of the experiments: Case Study Policy LoC sqifc time selfcomp time Data Sanitization - < 10 11.898 timed out CVE-2011-2208 64 > 200 22.759 119.117 CVE-2011-2208 256 88.196 timed out CVE-2011-1078 8 > 200 10.380 13.853 CVE-2011-1078 64 37.899 timed out CRC 8 < 30 1.209 0.498 CRC 32 8.657 timed out Figure : Times are in seconds, timeout is 30 minutes. In the first case study, “-” means the policy is not specified. 17 / 20
  • 19. Evaluation Some of the experiments: Benchmark Leaks sqifc sqifc++ time time CBMC aZ3 Total time Data sanitization 4 11.898 0.165 0.086 0.251 Implicit flow 2.81 5.033 0.169 0.049 0.218 Population count 5.04 17.278 0.162 0.398 0.560 Mix and duplicate 16 - 0.154 136.947 137.101 Masked copy 16 - 0.175 18.630 18.805 Sum query 4.81 64.557 0.162 0.133 0.295 Ten random outputs 3.32 64.202 0.160 0.093 0.253 CRC (8) 3 2.551 0.184 0.099 0.283 CRC (32) 5 7.755 0.193 0.325 0.518 Figure : Leaks are in bits. aZ3 runs with the DFS-based algorithm. Times are in seconds, “-” means timeout in one hour. Total time of sqifc++ is the sum of CBMC time and aZ3 time. 18 / 20
  • 20. Conclusions P program transformation ϕP QIF #SMT Formal methods DPLL(T ) Two approaches: Use formal methods to mimic DPLL(T ). QIF analysis using Model Checking. QIF analysis using Symbolic Execution. Generate ϕP, then using DPLL(T ). Generate ϕP using program transformation. Extend an SMT solver for #SMT. 19 / 20
  • 21. THANK YOU FOR YOUR ATTENTION! 20 / 20