Skip to main content
SpringerLink
Log in

Computational probabilistic noninterference

  • Regular contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Information flow and noninterference are popular concepts for expressing confidentiality and integrity properties. We present the first general definition of probabilistic noninterference in reactive systems that includes a computational case. This case is essential for coping with real cryptography since noninterference properties can usually only be guaranteed if the underlying cryptographic primitives have not been broken. This might happen, but only with negligible probability. We show that our noninterference definition is maintained under simulatability, the notion of secure implementation of modern cryptography. This allows secure composition of systems and yields a general strategy for including cryptographic primitives in information-flow proofs. As an example we study a cryptographic firewall guarding two honest users from their environment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Abadi M, Blanchet B (2001) Secrecy types for asymmetric communication. In: Proc. 4th international conference on foundations of SOFTWARE SCIENCE AND COMPUTATION STRUCTURES (FOSSACS), Lecture notes in computer science, vol 2030. Springer, Berlin Heidelberg New York, pp 25–41

  2. Backes M, Jacobi C, Pfitzmann B (2002) Deriving cryptographically sound implementations using composition and formally verified bisimulation. In: Proc. 11th symposium on Formal Methods Europe (FME 2002). Lecture notes in computer science, vol 2391. Springer, Berlin Heidelberg New York, pp 310–329

  3. Backes M, Pfitzmann B (2003) Intransitive non-interference for cryptographic purposes. In: Proc. 24th IEEE symposium on security and privacy, pp 140–152

  4. Backes M, Pfitzmann B, Steiner M, Waidner M (2002) Polynomial fairness and liveness. In: Proc. 15th IEEE Computer Security Foundations Workshop (CSFW), pp 160–174

  5. Backes M, Pfitzmann B, Waidner M (2003) A composable cryptographic library with nested operations (extended abstract). In: Proc. 10th ACM conference on computer and communications security, pp 220–230. Full version in IACR Cryptology ePrint Archive 2003/015, January 2003. http:==eprint.iacr.org/

  6. Backes M, Pfitzmann B, Waidner M (2004) Secure asynchronous reactive systems. IACR Cryptology ePrint Archive 2004/082, March 2004

  7. Beaver D (1991) Secure multiparty protocols and zero knowledge proof systems tolerating a faulty minority. J Cryptol 4(2):75–122

    Article  Google Scholar 

  8. Bell D, LaPadula L (1976) Secure computer systems: unified exposition and multics interpretation. Computer Science Technical Report ESD-TR-75-306, The Mitre Corporation

    Google Scholar 

  9. Bellare M, Canetti R, Krawczyk H (1998) A modular approach to the design and analysis of authentication and key exchange protocols. In: Proc. 30th annual ACM symposium on theory of computing (STOC), pp 419–428

  10. Bellare M, Desai A, Pointcheval D, Rogaway P (1998) Relations among notions of security for public-key encryption schemes. In: Advances in Cryptology: CRYPTO ’98. Lecture notes in computer science, vol 1462. Springer, Berlin Heidelberg New York, pp 26–45

  11. Canetti R (2000) Security and composition of multiparty cryptographic protocols. J Cryptol 3(1):143–202

    Article  MathSciNet  Google Scholar 

  12. Canetti R (2001) Universally composable security: A new paradigm for cryptographic protocols. In: Proc. 42nd IEEE symposium on foundations of computer science (FOCS), pp 136–145 Extended version in Cryptology ePrint Archive, Report 2000/67, http:==eprint.iacr.org/

  13. Canetti R, Goldwasser S (1999) An efficient threshold public key cryptosystem secure against adaptive chosen ciphertext attack. In: Advances in Cryptology: EUROCRYPT ’99. Lecture notes in computer science, vol 1592. Springer, Berlin Heidelberg New York, pp 90–106

  14. Clark D, Hankin C, Hunt S, Nagarajan R (2000) Possibilistic information flow is safe for probabilistic non-interference. In: Proc. WITS. www.doc.ic.ac.uk=∼clh/Papers/witscnh.ps.gz

  15. Cramer R, Shoup V (1998) Practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Advances in Cryptology: CRYPTO ’98. Lecture notes in computer science, vol 1462. Springer, Berlin Heidelberg New York, pp 13–25

  16. Datta A, Derek A, Mitchell JC, Pavlovic D (2003) Secure protocol composition (extended abstract). In: Proc. 1st ACM workshop on formal methods in security engineering (FMSE), pp 11–23

  17. Denning DE (1976) A lattice model of secure information flow. Commun ACM 19(5):236–243

    Article  MathSciNet  Google Scholar 

  18. Denning DE, Denning PJ (1977) Certification of programs for secure information flow. Commun ACM 20(7):504–513

    Article  Google Scholar 

  19. Dolev D, Yao AC (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208

    Article  MathSciNet  Google Scholar 

  20. Focardi R, Gorrieri R (1997) The compositional security checker: a tool for the verification of information flow security properties. IEEE Trans Softw Eng 23(9):550–571

    Article  Google Scholar 

  21. Gennaro R, Micali S (1995) Verifiable secret sharing as secure computation. In: Advances in Cryptology: EUROCRYPT ’95. Lecture notes in computer science, vol 921. Springer, Berlin Heidelberg New York, pp 168–182

  22. Goguen JA, Meseguer J (1982) Security policies and security models. In: Proc. 3rd IEEE symposium on security and privacy, pp 11–20

  23. Goguen JA, Meseguer J (1984) Unwinding and inference control. In: Proc. 5th IEEE symposium on security and privacy, pp 75–86

  24. Goldreich O (1998) Secure multi-party computation. Department of Computer Science and Applied Mathematics, The Weizmann Institute of Science, Rehovot, Israel, June 1998. Revised version 1.4 October 2002. http:==www.wisdom.weizmann.ac.il/users/oded/pp.htm

  25. Goldreich O (2001) Foundations of cryptography: basic tools. Cambridge University Press, Cambridge, UK

    Google Scholar 

  26. Goldreich O, Micali S, Wigderson A (1987) How to play any mental game – or – a completeness theorem for protocols with honest majority. In: Proc. 19th annual ACM symposium on theory of computing (STOC), pp 218–229

  27. Goldwasser S, Levin L (1990) Fair computation of general functions in presence of immoral majority. In: Advances in Cryptology: CRYPTO ’90. Lecture notes in computer science, vol 537. Springer, Berlin Heidelberg New York, pp 77–93

  28. Goldwasser S, Micali S, Rivest RL (1988) A digital signature scheme secure against adaptive chosen-message attacks. SIAM J Comput 17(2):281–308

    Article  MathSciNet  Google Scholar 

  29. Gray III, J.W. (1990) Probabilistic interference. In: Proc. 11th IEEE symposium on security and privacy, pp 170–179

  30. Gray III JW (1992) Toward a mathematical foundation for information flow security. J Comput Secur 1(3):255–295

    Article  Google Scholar 

  31. Hirt M, Maurer U (2000) Player simulation and general adversary structures in perfect multiparty computation. J Cryptol 13(1):31–60

    Article  MathSciNet  Google Scholar 

  32. Hoare CAR (1985) Communicating sequential processes. International Series in Computer Science, Prentice Hall, Hemel Hempstead

  33. Jacob J (1992) Basic theorems about security. J Comput Secur 1(4):385–411

    Article  Google Scholar 

  34. Johnson DM, Javier Thayer F (1988) Security and the composition of machines. In: Proc. 1st IEEE Computer Security Foundations Workshop (CSFW), pp 72–89

  35. Kang MH, Moskowitz IS, Lee DC (1995) A network version of the pump. In: Proc. 16th IEEE symposium on security and privacy, pp 144–154

  36. Laud P (2001) Semantics and program analysis of computationally secure information flow. In: Proc. 10th European symposium on programming (ESOP), pp 77–91

  37. Lincoln P, Mitchell J, Mitchell M, Scedrov A (1998) A probabilistic poly-time framework for protocol analysis. In: Proc. 5th ACM conference on computer and communications security, pp 112–121

  38. Lincoln P, Mitchell J, Mitchell M, Scedrov A (1999) Probabilistic polynomial-time equivalence and security analysis. In: Proc. 8th symposium on Formal Methods Europe (FME 1999). Lecture notes in computer science, vol 1708. Springer, Berlin Heidelberg New York, pp 776–793

  39. Lynch N (1996) Distributed algorithms. Morgan Kaufmann, San Francisco

  40. Mantel H (2000) Unwinding possibilistic security properties. In: Proc. 6th European symposium on research in computer security (ESORICS). Lecture notes in computer science, vol 1895. Springer, Berlin Heidelberg New York, pp 238–254

  41. Mantel H (2001) Information flow control and applications – bridging a gap. In: Proc. 10th symposium on Formal Methods Europe (FME 2001). Lecture notes in computer science, vol 2021. Springer, Berlin Heidelberg New York, pp 153–172

  42. Mantel H (2001) Preserving information flow properties under refinement. In: Proc. 22nd IEEE symposium on security and privacy, pp 78–91

  43. Mantel H (2002) On the composition of secure systems. In: Proc. 23rd IEEE symposium on security and privacy, pp 88–101

  44. Mantel H, Sabelfeld A (2001) A generic approach to the security of multi-threaded programs. In: Proc. 14th IEEE Computer Security Foundations Workshop (CSFW), pp 200–214

  45. McCullough D (1987) Specifications for multi-level security and a hook-up property. In Proc. 8th IEEE symposium on security and privacy, pp 161–166

  46. McCullough D (1990) A hookup theorem for multilevel security. IEEE Trans Softw Eng 16(6):563–568

    Article  Google Scholar 

  47. McLean J (1990) Security models and information flow. In: Proc. 11th IEEE symposium on security and privacy, pp 180–187

  48. McLean J (1994) A general theory of composition for trace sets closed under selective interleaving functions. In: Proc. 15th IEEE symposium on security and privacy, pp 79–93

  49. McLean J (1994) Security models. In: Encyclopedia of Software Engineering

  50. McLean J (1996) A general theory of composition for a class of “possibilistic” security properties. IEEE Trans Softw Eng 22(1):53–67

    Article  Google Scholar 

  51. Micali S, Rogaway P (1991) Secure computation. In: Advances in Cryptology: CRYPTO ’91. Lecture notes in computer science, vol 576. Springer, Berlin Heidelberg New York, pp 392–404

  52. Millen JK (1987) Covert channel capacity. In: Proc. 8th IEEE symposium on security and privacy, pp 60–66

  53. Myers A, Liskov B (2000) Protecting privacy using the decentralized label model. ACM Trans Softw Eng Methodol, pp 410–442

  54. Pfitzmann B, Waidner M (2000) Composition and integrity preservation of secure reactive systems. In: Proc. 7th ACM conference on computer and communications security, pp 245–254. Extended version (with Matthias Schunter) IBM Research Report RZ 3206, May 2000. http:==www.semper.org/sirene/publ/PfSW1_00ReactSimulIBM.ps.gz.

  55. Pfitzmann B, Waidner M (2001) A model for asynchronous reactive systems and its application to secure message transmission. In: Proc. 22nd IEEE symposium on security and privacy, pp 184–200

  56. Pinsky S (1995) Absorbing covers and intransitive non-interference. In: Proc. 16th IEEE symposium on security and privacy, pp 102–113

  57. Roscoe A, Goldsmith M (1999) What is intransitive noninterference? In: Proc. 12th IEEE Computer Security Foundations Workshop (CSFW), pp 226–238

  58. Rushby J (1992) Noninterference, transitivity, and channel-control security. Technical report, Computer Science Laboratory, SRI International

  59. Sabelfeld A, Sands D (1999) A per model of secure information flow in sequential programs. In: Proc. European symposium on programming (ESOP). Springer, Berlin Heidelberg New York, pp 40–58

  60. Sabelfeld A, Sands D (2000) Probabilistic noninterference for multi-threaded programs. In: Proc. 13th IEEE Computer Security Foundations Workshop (CSFW), pp 200–214

  61. Schellhorn G, Reif W, Schairer A, Karger P, Austel V, Toll D (2000) Verification of a formal security model for multiapplicative smart cards. In: Proc. 6th European symposium on research in computer security (ESORICS). Lecture notes in computer science, vol 1895. Springer, Berlin Heidelberg New York, pp 17–36

  62. Smith G (2001) A new type system for secure information flow. In: Proc. 14th IEEE Computer Security Foundations Workshop (CSFW), pp 115–125

  63. Smith G, Volpano D (1998) Secure information flow in a multi-threaded imperative language. In: Proc. 25th ACM symposium on principles of programming languages (POPL), pp 355–364

  64. Sutherland D (1986) A model of information. In: Proc. 9th national conference on computer security, pp 175–183

  65. Volpano D (2000) Secure introduction of one-way functions. In: Proc. 13th IEEE Computer Security Foundations Workshop (CSFW), pp 246–254

  66. Volpano D, Smith G (1997) Eliminating covert flows with minimum typings. In: Proc. 10th IEEE Computer Security Foundations Workshop (CSFW), pp 156–168

  67. Volpano D, Smith G (1998) Probabilistic noninterference in a concurrent language. In: Proc. 11th IEEE Computer Security Foundations Workshop (CSFW), pp 34–43

  68. Volpano D, Smith G, Irvine C (1996) A sound type system for secure flow analysis. J Comput Secur 4(3):167–187

    Article  Google Scholar 

  69. Wittbold JT, Johnson DM (1990) Information flow in nondeterministic systems. In: Proc. 11th IEEE symposium on security and privacy, pp 144–161

  70. Yao AC (1982) Protocols for secure computations. In: Proc. 23rd IEEE symposium on foundations of computer science (FOCS), pp 160–164

  71. Zakinthinos A, Lee ES (1997) A general theory of security properties. In: Proc. 18th IEEE symposium on security and privacy, pp 94–102

  72. Zdancewic S, Myers AC (2001) Robust declassification. In: Proc. 14th IEEE Computer Security Foundations Workshop (CSFW), pp 15–23

Download references

Author information

Authors and Affiliations

  1. IBM Zurich Research Laboratory, Rüschlikon, Switzerland

    Michael Backes & Birgit Pfitzmann

Authors
  1. Michael Backes
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Birgit Pfitzmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michael Backes.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Backes, M., Pfitzmann, B. Computational probabilistic noninterference. IJIS 3, 42–60 (2004). https://doi.org/10.1007/s10207-004-0039-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-004-0039-7

Keywords

Search

Navigation