A tool for estimating information leakage
Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Authors
Colleges, School and Institutes
Abstract
We present leakiEst, a tool that estimates how much information leaks from systems. To use leakiEst, an analyst must run a system with a range of secret values and record the outputs that may be exposed to an attacker. Our tool then estimates the amount of information leaked from the secret values to the observable outputs of the system. Importantly, our tool calculates the confidence intervals for these estimates, and tests whether they represent real evidence of an information leak in the system. leakiEst is freely available and has been used to verify the security of a range of real-world systems, including e-passports and Tor.
Details
| Original language | English |
|---|---|
| Title of host publication | Computer Aided Verification - 25th International Conference, CAV 2013, Proceedings |
| Publication status | Published - 12 Aug 2013 |
| Event | 25th International Conference on Computer Aided Verification, CAV 2013 - Saint Petersburg, Russian Federation Duration: 13 Jul 2013 → 19 Jul 2013 |
Publication series
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 8044 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | 25th International Conference on Computer Aided Verification, CAV 2013 |
|---|---|
| Country | Russian Federation |
| City | Saint Petersburg |
| Period | 13/07/13 → 19/07/13 |