Quantitative Information-Flow Tracking for C and Related Languages

McCamant, Stephen; Ernst, Michael D.

Author(s)

McCamant, Stephen; Ernst, Michael D.

DownloadMIT-CSAIL-TR-2006-076.pdf (440.0Kb)

Additional downloads

Other Contributors

Program Analysis

Advisor

Michael Ernst

Metadata

Show full item record

Abstract

We present a new approach for tracking programs' use of data througharbitrary calculations, to determine how much information about secretinputs is revealed by public outputs. Using a fine-grained dynamicbit-tracking analysis, the technique measures the information revealedduring a particular execution. The technique accounts for indirectflows, e.g. via branches and pointer operations. Two kinds ofuntrusted annotation improve the precision of the analysis. Animplementation of the technique based on dynamic binary translation isdemonstrated on real C, C++, and Objective C programs of up to half amillion lines of code. In case studies, the tool checked multiplesecurity policies, including one that was violated by a previouslyunknown bug.

Date issued

2006-11-17

URI

http://hdl.handle.net/1721.1/34892

Other identifiers

MIT-CSAIL-TR-2006-076

Series/Report no.

Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory

Keywords

Confidentiality, Privacy, Information disclosure, Tainting, Implicit flows, Valgrind, Memcheck, OpenSSH

Collections

CSAIL Technical Reports (July 1, 2003 - present)