政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/142645
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  全文筆數/總筆數 : 113160/144130 (79%)
造訪人次 : 50753389      線上人數 : 667
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋
    政大機構典藏 > 商學院 > 資訊管理學系 > 學位論文 >  Item 140.119/142645
    請使用永久網址來引用或連結此文件: https://nccur.lib.nccu.edu.tw/handle/140.119/142645


    題名: python程式執行的資訊洩漏研究與應用
    Information Leakage on Python Runtime Execution
    作者: 藍加良
    Lan, Jia-Liang
    貢獻者: 郁方
    Yu, Fang
    藍加良
    Lan, Jia-Liang
    關鍵詞: 資訊洩漏
    旁通道攻擊
    密碼學
    AES
    RSA
    SHA-1
    Side-channel attack
    Information leakage
    Cryptography
    AES
    RSA
    SHA-1
    日期: 2022
    上傳時間: 2022-12-02 15:21:26 (UTC+8)
    摘要: 當觀察者可以透過旁通道觀察程式在執行中的差異(例如時間、快取和記憶體消耗等)並使用它們來推測機密資料(例如程式的輸入和輸出)時,就會發生資訊洩漏。儘管加密技術使用加密和解密來保護機密資料,但在加、解密執行期間的資訊洩漏可能還是有被推測出機密資料的風險。在這個實驗中,我們在 Python 直譯器中插入可以側錄程式執行相關資訊的程式碼,來實作了一個新的 Python 直譯器,並將側錄執行結果轉換為 JSON 格式,而在這個側錄檔中記錄了程式的執行資訊,包含函式呼叫順序、執行時間、輸入值、回傳值等資訊,我們收集並比較不同輸入集合的執行情況是否存在資訊洩漏,並用來推測出規則從加密資料中恢復機密資料。
    我們發現只觀察函式呼叫次數和執行時間的情況下,AES、RSA 和 SHA-1 並沒有發現資訊洩漏,但是可以透過觀察函式的回傳值(int 型別)來推測出輸入長度,而 bytes 型別的回傳值可以得到輸入內容,因此,使用這些 Python 公開的應用程式不僅要保護執行前的輸入和執行後的輸出,也要保護執行過程中內部函式呼叫的回傳值。
    Information leakage occurs when an observer can observe differences between executions in the side channel, e.g., time and memory consumption, and uses them to speculate secrets, such as inputs and outputs of the program. Although cryptography techniques protect data using encryption and decryption, information leakage during program execution can be a detrimental side effect.
    In this work, we review the leakage of the encryption and decryption of Python programs that are publicly available.
    We automatically collect detailed statuses of Python call executions and set the difference in call sets as information leakage to infer rules for restoring secrets (inputs in encryption or outputs in decryption).
    Specifically, we first implement a new Python interpreter to insert instrumentation in the synthesized bytecode to dump detailed call execution statuses systematically as our side-channel observation. The profile includes nested call sequences with each call`s time consumption and return values.
    We collect and compare executions against different inputs to identify potential leakage on call counts, call execution time, and call return values with the aim of recovering (partial) secrets information from the encrypted data.
    We report no useful leakage on call count and call execution time against the Python implementation of AES, RSA, and SHA-1. However, we can infer the input length by observing the return value (integer) of a {\\it bord} function called in the encryption of AES-CBC and SHA-1, and we can obtain the input contents by observing the return value of the {\\it unpad} function called in decryption of RSA, and SHA-1. Therefore, an application using these Python implementations must protect not only the input and output of the procedure but also the return values of inner calls during the procedure.
    參考文獻: [1] N.Apthorpe,D.Reisman,S.Sundaresan,A.Narayanan,andN.Feamster.Spyingon the smart home: Privacy attacks and defenses on encrypted iot traffic. arXiv preprint arXiv:1708.05044, 2017.
    [2] A. Aydin, L. Bang, and T. Bultan. Automata-based model counting for string con- straints. In International Conference on Computer Aided Verification, pages 255– 272. Springer, 2015.
    [3] M. Backes, M. Dürmuth, S. Gerling, M. Pinkal, C. Sporleder, et al. Acoustic {Side- Channel} attacks on printers. In 19th USENIX Security Symposium (USENIX Secu- rity 10), 2010.
    [4] L.Bang,N.Rosner,andT.Bultan.Onlinesynthesisofadaptiveside-channelattacks based on noisy observations. In 2018 IEEE European Symposium on Security and Privacy (EuroS&P), pages 307–322. IEEE, 2018.
    [5] G. Barthe, T. Rezk, and M. Warnier. Preventing timing leaks through transactional branching instructions. Electronic Notes in Theoretical Computer Science, 153(2): 33–55, 2006.
    [6] L.Batina,N.Mentens,andI.Verbauwhede.Side-channelissuesfordesigningsecure hardware implementations. In 11th IEEE International On-Line Testing Symposium, pages 118–121, 2005. doi: 10.1109/IOLTS.2005.64.
    [7] A. Bortz and D. Boneh. Exposing private information by timing web applications. In Proceedings of the 16th international conference on World Wide Web, pages 621– 628, 2007.
    [8] J. Cathalo, F. Koeune, and J.-J. Quisquater. A new type of timing attack: Applica- tion to gps. In International Workshop on Cryptographic Hardware and Embedded Systems, pages 291–303. Springer, 2003.
    [9] S. Chen, R. Wang, X. Wang, and K. Zhang. Side-channel leaks in web applications: A reality today, a challenge tomorrow. In 2010 IEEE Symposium on Security and Privacy, pages 191–206. IEEE, 2010.
    [10] S. Chen, F. Liu, Z. Mi, Y. Zhang, R. B. Lee, H. Chen, and X. Wang. Leveraging hardware transactional memory for cache side-channel defenses. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pages 601–608, 2018.
    [11] T. Chothia, Y. Kawamoto, and C. Novakovic. A tool for estimating information leakage. In International Conference on Computer Aided Verification, pages 690– 695. Springer, 2013.
    [12] T. Chothia, Y. Kawamoto, and C. Novakovic. Leakwatch: Estimating information leakage from java programs. In European Symposium on Research in Computer Security, pages 219–236. Springer, 2014.
    [13] J. Demme, R. Martin, A. Waksman, and S. Sethumadhavan. Side-channel vulner- ability factor: A metric for measuring information leakage. In 2012 39th Annual International Symposium on Computer Architecture (ISCA), pages 106–117, 2012. doi: 10.1109/ISCA.2012.6237010.
    [14] G. Doychev, B. Köpf, L. Mauborgne, and J. Reineke. Cacheaudit: A tool for the static analysis of cache side channels. ACM Transactions on information and system security (TISSEC), 18(1):1–32, 2015.
    [15] H. Eldib, C. Wang, and P. Schaumont. Smt-based verification of software counter- measures against side-channel attacks. In International Conference on Tools and Algorithms for the Construction and Analysis of Systems, pages 62–77. Springer, 2014.
    [16] K. Gandolfi, C. Mourtel, and F. Olivier. Electromagnetic analysis: Concrete results. In International workshop on cryptographic hardware and embedded systems, pages 251–261. Springer, 2001.
    [17] D. Gullasch, E. Bangerter, and S. Krenn. Cache games–bringing access-based cache attacks on aes to practice. In 2011 IEEE Symposium on Security and Privacy, pages 490–505. IEEE, 2011.
    [18] S. Guo, M. Wu, and C. Wang. Adversarial symbolic execution for detecting concurrency-related cache timing leaks. In Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pages 377–388, 2018.
    [19] W. Hnath and J. Pettengill. Differential power analysis side-channel attacks in cryp- tography. Major Qualifying Project, Worcester Polytechnic Institute, 2010.
    [20] P. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In Annual international cryptology conference, pages 388–397. Springer, 1999.
    [21] P. Kocher, J. Horn, A. Fogh, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, et al. Spectre attacks: Exploiting speculative execution. In 2019 IEEE Symposium on Security and Privacy (SP), pages 1–19. IEEE, 2019.
    [22] P. C. Kocher. Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In Annual International Cryptology Conference, pages 104–113. Springer, 1996.
    [23] D. Kohlbrenner and H. Shacham. Trusted browsers for uncertain times. In 25th USENIX Security Symposium (USENIX Security 16), pages 463–480, Austin, TX, Aug. 2016. USENIX Association. ISBN 978-1-931971-32-4.
    [24] B. Köpf and D. Basin. An information-theoretic model for adaptive side-channel attacks. In Proceedings of the 14th ACM conference on Computer and communica- tions security, pages 286–296, 2007.
    [25] A. Levina, D. Sleptsova, and O. Zaitsev. Side-channel attacks and machine learning approach. In 2016 18th Conference of Open Innovations Association and Seminar on Information Security and Protection of Information Technology (FRUCT-ISPIT), pages 181–186, 2016. doi: 10.1109/FRUCT-ISPIT.2016.7561525.
    [26] M. E. Mazaheri, F. Taheri, and S. B. Sarmadi. Lurking eyes: A method to detect side-channel attacks on javascript and webassembly. In 2020 17th International ISC Conference on Information Security and Cryptology (ISCISC), pages 1–6. IEEE, 2020.
    [27] W. Melicher, B. Ur, S. M. Segreti, S. Komanduri, L. Bauer, N. Christin, and L. F. Cranor. Fast, lean, and accurate: Modeling password guessability using neural net- works. In 25th USENIX Security Symposium (USENIX Security 16), pages 175–191, 2016.
    [28] T. S. Messerges, E. A. Dabbish, and R. H. Sloan. Investigations of power analysis attacks on smartcards. Smartcard, 99:151–161, 1999.
    [29] A. Mosenia and N. K. Jha. A comprehensive study of security of internet-of-things. IEEE Transactions on Emerging Topics in Computing, 5(4):586–602, 2017. doi: 10.1109/TETC.2016.2606384.
    [30] S. Nilizadeh, Y. Noller, and C. S. Pasareanu. Diffuzz: Differential fuzzing for side- channel analysis. In 2019 IEEE/ACM 41st International Conference on Software Engineering (ICSE), pages 176–187, 2019. doi: 10.1109/ICSE.2019.00034.
    [31] Y. Noller, C. S. Păsăreanu, M. Böhme, Y. Sun, H. L. Nguyen, and L. Grunske. Hy- diff: Hybrid differential software analysis. In 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE), pages 1273–1285, 2020.
    [32] A. A. Pammu, K.-S. Chong, W.-G. Ho, and B.-H. Gwee. Interceptive side channel attack on aes-128 wireless communications for iot applications. In 2016 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS), pages 650–653. IEEE, 2016.
    [33] C.S.Pasareanu,Q.-S.Phan,andP.Malacaria.Multi-runside-channelanalysisusing symbolic execution and max-smt. In 2016 IEEE 29th Computer Security Founda- tions Symposium (CSF), pages 387–400. IEEE, 2016.
    [34] H. Patel and R. O. Baldwin. Random forest profiling attack on advanced encryption standard. International Journal of Applied Cryptography, 3(2):181–194, 2014.
    [35] P. Ravi, S. S. Roy, A. Chattopadhyay, and S. Bhasin. Generic side-channel attacks on cca-secure lattice-based pke and kems. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2020(3):307–335, 2020.
    [36] P. Ravi, A. Chattopadhyay, and A. Baksi. Side-channel and fault-injection attacks over lattice-based post-quantum schemes (kyber, dilithium): Survey and new results. Cryptology ePrint Archive, 2022.
    [37] D. X. Song, D. Wagner, and X. Tian. Timing analysis of keystrokes and timing attacks on {SSH}. In 10th USENIX Security Symposium (USENIX Security 01), 2001.
    [38] C. S. Thirumalai and P. Viswanathan. Modelling a side channel resistant chan-pkc cryptomata for medical data security. Multimedia Tools and Applications, 78(18): 25977–25997, 2019.
    [39] A. Wei, Y. Deng, C. Yang, and L. Zhang. Free lunch for testing: Fuzzing deep- learning libraries from open source. arXiv preprint arXiv:2201.06589, 2022.
    [40] M. Wu, S. Guo, P. Schaumont, and C. Wang. Eliminating timing side-channel leaks using program repair. In Proceedings of the 27th ACM SIGSOFT International Sym- posium on Software Testing and Analysis, pages 15–26, 2018.
    [41] F. Y. Yuhou Lin, Shuwen Hsiao. On profiling runtime function call invocation of python script. 2019.
    [42] K. Zhang, Z. Li, R. Wang, X. Wang, and S. Chen. Sidebuster: automated detection and quantification of side-channel leaks in web application development. In Pro- ceedings of the 17th ACM conference on Computer and communications security, pages 595–606, 2010.
    描述: 碩士
    國立政治大學
    資訊管理學系
    109356048
    資料來源: http://thesis.lib.nccu.edu.tw/record/#G0109356048
    資料類型: thesis
    DOI: 10.6814/NCCU202201682
    顯示於類別:[資訊管理學系] 學位論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    604801.pdf1668KbAdobe PDF2125檢視/開啟


    在政大典藏中所有的資料項目都受到原著作權保護.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回饋