A tool for estimating information leakage

Tom Chothia, Yusuke Kawamoto, Chris Novakovic

Research output: Chapter in Book/Report/Conference proceedingConference contribution

23 Citations (Scopus)

Abstract

We present leakiEst, a tool that estimates how much information leaks from systems. To use leakiEst, an analyst must run a system with a range of secret values and record the outputs that may be exposed to an attacker. Our tool then estimates the amount of information leaked from the secret values to the observable outputs of the system. Importantly, our tool calculates the confidence intervals for these estimates, and tests whether they represent real evidence of an information leak in the system. leakiEst is freely available and has been used to verify the security of a range of real-world systems, including e-passports and Tor.

Original languageEnglish
Title of host publicationComputer Aided Verification - 25th International Conference, CAV 2013, Proceedings
Pages690-695
Number of pages6
DOIs
Publication statusPublished - 12 Aug 2013
Event25th International Conference on Computer Aided Verification, CAV 2013 - Saint Petersburg, Russian Federation
Duration: 13 Jul 201319 Jul 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8044 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference25th International Conference on Computer Aided Verification, CAV 2013
Country/TerritoryRussian Federation
CitySaint Petersburg
Period13/07/1319/07/13

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'A tool for estimating information leakage'. Together they form a unique fingerprint.

Cite this