Queen Mary, University of London
4pm Tuesday 22nd April 2008
Room 2511, JCMB, King's Buildings
Recently the National Academy of Engineering, in listing Computer Security among its 14 grand challenges wrote: "research and development for security systems has not progressed much beyond a strategy akin to plugging the hole in the dike - cobbling together software patches when vulnerabilities are discovered." But how can security of a system be assessed before vulnerabilities are discovered? Our work aims to answer this question by quantifying (language based) security. We consider several types of possible security threats, all based on a notion of possible observation of the memory and code. The most powerful attacker has available the source code and the memory trace of the public data during execution. Weaker attackers are derived by weakening the capability of memory observations. Security is quantified using Information Theory as the amount of information the observations reveal about the secret. This definition will allow us to address the important question: what is the most that can be leaked in these models? We show how this question can be answered using Lagrange Multipliers.