Tue 20 Jun 2023 09:20 - 09:40 at Cypress 1 - PLDI: Security Chair(s): Limin Jia

Information flow security ensures that the secret data manipulated by a program does not influence its observable output. Proving information flow security is especially challenging for concurrent programs, where operations on secret data may influence the execution time of a thread and, thereby, the interleaving between different threads. Such internal timing channels may affect the observable outcome of a program even if an attacker does not observe execution times. Existing verification techniques for information flow security in concurrent programs attempt to prove that secret data does not influence the relative timing of threads. However, these techniques are often restrictive (for instance because they disallow branching on secret data) and make strong assumptions about the execution platform (ignoring caching, processor instructions with data-dependent runtime, and other common features that affect execution time).

In this paper, we present a novel verification technique for secure information flow in concurrent programs that lifts these restrictions and does not make any assumptions about timing behavior. The key idea is to prove that all mutating operations performed on shared data commute, such that different thread interleavings do not influence its final value. Crucially, commutativity is required only for an abstraction of the shared data that contains the information that will be leaked to a public output. Abstract commutativity is satisfied by many more operations than standard commutativity, which makes our technique widely applicable.

We formalize our technique in CommCSL, a relational concurrent separation logic with support for commutativity-based reasoning, and prove its soundness in Isabelle/HOL. We implemented CommCSL in HyperViper, an automated verifier based on the Viper verification infrastructure, and demonstrate its ability to verify challenging examples.

Tue 20 Jun

Displayed time zone: Eastern Time (US & Canada) change

09:00 - 11:00
PLDI: SecurityPLDI Research Papers at Cypress 1
Chair(s): Limin Jia Carnegie Mellon University

#pldi-tue-0900-security-cypress Discord icon small YouTube icon small

09:00
20m
Talk
Obtaining Information Leakage Bounds via Approximate Model Counting
PLDI Research Papers
Seemanta Saha University of California Santa Barbara, Surendra Ghentiyala University of California Santa Barbara, Shihua Lu University of California Santa Barbara, Lucas Bang Harvey Mudd College, Tevfik Bultan University of California at Santa Barbara
DOI
09:20
20m
Talk
CommCSL: Proving Information Flow Security for Concurrent Programs using Abstract Commutativity
PLDI Research Papers
Marco Eilers ETH Zurich, Thibault Dardinier ETH Zurich, Peter Müller ETH Zurich
DOI
09:40
20m
Talk
Discrete Adversarial Attack to Models of Code
PLDI Research Papers
Fengjuan Gao Nanjing University of Science and Technology, Yu Wang Nanjing University, Ke Wang Visa Research
DOI
10:00
20m
Talk
Generalized Policy-Based Noninterference for Efficient Confidentiality-Preservation
PLDI Research Papers
Shamiek Mangipudi Università della Svizzera italiana (USI), Pavel Chuprikov USI Lugano, Patrick Eugster USI Lugano; Purdue University, Malte Viering TU Darmstadt, Savvas Savvides Purdue University
DOI
10:20
20m
Talk
Taype: A Policy-Agnostic Language for Oblivious Computation
PLDI Research Papers
Qianchuan Ye Purdue University, Benjamin Delaware Purdue University
DOI
10:40
20m
Talk
Automated Detection of Under-Constrained Circuits in Zero-Knowledge Proofs
PLDI Research Papers
Shankara Pailoor University of Texas at Austin, Yanju Chen University of California at Santa Barbara, Franklyn Wang Harvard University, 0xparc, Clara Rodríguez-Núñez Complutense University of Madrid, Jacob Van Geffen Veridise Inc., Jason Morton ZKonduit, Michael Chu 0xparc, Brian Gu 0xparc, Yu Feng University of California at Santa Barbara, Işıl Dillig University of Texas at Austin
DOI