Skip to main content
SpringerLink
Log in

Exploiting Timing Side Channel in Secure Cloud Scheduling

  • Chapter
  • First Online:
High Performance Cloud Auditing and Applications

  • 1651 Accesses

Abstract

Traditionally, scheduling policies used in event schedulers have been designed to optimize performance based metrics such as throughput and delay while maintaining some notion of fairness. In multi-tenancy cloud environments, it is important to ensure privacy of the users because a scheduler creates a timing based side channel through which malicious users can learn about the service usage pattern of the others. In this chapter, we demonstrate the existence of a timing side channel in shared schedulers and discuss the design of secure scheduling policies. When a processor is shared by multiple users, the delays experienced by jobs from one user are a function of the arrival pattern of jobs from other users, and the scheduling policy of the server. Consequently, a scheduling system creates a timing side channel in which information about arrival pattern from one user is inadvertently leaked to another. In this work, this information leakage is studied for a two user scheduling system. We first introduce a measure of privacy and then demonstrate that no scheduler can provide maximum privacy without idling/taking vacations, and consequently no policy can simultaneously be delay and privacy optimal.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Agat, J.: Transforming out timing leaks. In: Proceedings of the 27th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL’00, Boston, pp. 40–53. ACM, New York (2000). doi:10.1145/325694.325702

    Google Scholar 

  2. Anantharam, V., Verdu, S.: Bits through queues. IEEE Trans. Inf. Theory 42(1), 4–18 (2006). doi:10.1109/18.481773

    Article  Google Scholar 

  3. Askarov, A., Zhang, D., Myers, A.C.: Predictive black-box mitigation of timing channels. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS’10, Chicago, pp. 297–307. ACM, New York (2010). doi:10.1145/1866307.1866341

    Google Scholar 

  4. Asmussen, S.: Applied Probability and Queues. Wiley, Hoboken (1989). doi:10.1002/asm.3150050208

    Google Scholar 

  5. Bertsekas, D.P., Gallager, R.G.: Data Networks. Prentice-Hall, Englewood Cliffs (1987)

    Google Scholar 

  6. Bissias, G.D., Liberatore, M., Jensen, D., Levine, B.N.: Privacy vulnerabilities in encrypted HTTP streams. In: Proceedings of the 5th International Conference on Privacy Enhancing Technologies, PET’05, Cavtat, pp. 1–11. Springer, Berlin/Heidelberg (2006). doi:10.1007/ 11767831_1

    Google Scholar 

  7. Bortz, A.,Boneh, D.: Exposing private information by timing web applications. In: Proceedings of the 16th International Conference on World Wide Web, WWW’07, Banff, pp. 621–628. ACM, New York (2007). doi:10.1145/1242572.1242656

    Google Scholar 

  8. Brumley, D., Boneh, D.: Remote timing attacks are practical. In: Proceedings of the 12th Conference on USENIX Security Symposium, SSYM’03, Washington, DC, pp. 1–1. USENIX Association, Berkeley (2003)

    Google Scholar 

  9. Brumley, B.B., Tuveri, N.: Remote timing attacks are still practical. In: Proceedings of the 16th European Conference on Research in Computer Security, ESORICS’11, Leuven, pp. 355–371. Springer, Berlin/Heidelberg (2011)

    Google Scholar 

  10. Cabuk, S., Brodley, C.E., Shields, C.: IP covert timing channels: design and detection. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS’04, Washington, DC, pp. 178–187. ACM, New York (2004). doi:10.1145/1030083.1030108

    Google Scholar 

  11. Chaum, D.: Blind signatures for untraceable payments. In: Proceedings of the 1982 CRYPTO: Advances in Cryptology, CRYPTO’82, Santa Barbara, vol. 82, pp. 199–203. Plenum, New York (1983)

    Google Scholar 

  12. Crosby, S.A., Wallach, D.S., Riedi, R.H.: Opportunities and limits of remote timing attacks. ACM Trans. Inf. Syst. Secur. 12(3), 17:1–17:29 (2009). doi:10.1145/1455526.1455530

    Google Scholar 

  13. Csiszár, I., Korner, J.: Broadcast channels with confidential messages. IEEE Trans. Inf. Theory 24, 339–348 (1978)

    Article  MATH  Google Scholar 

  14. Evans, N.S., Dingledine, R., Grothoff, C.: A practical congestion attack on tor using long paths. In: Proceedings of the 18th Conference on USENIX Security Symposium, SSYM’09, Montreal, pp. 33–50. USENIX Association, Berkeley (2009)

    Google Scholar 

  15. Felten, E.W., Schneider, M.A.: Timing attacks on web privacy. In: Proceedings of the 7th ACM Conference on Computer and Communications Security, CCS’00, Athens, pp. 25–32. ACM, New York (2000). doi:10.1145/352600.352606

    Google Scholar 

  16. Froscher, J., Payne, C.: The Handbook for the Computer Security Certification of Trusted Systems. Naval Research Laboratory, Washington, DC (1992)

    Google Scholar 

  17. Ghaderi, J., Srikant, R.: Towards a theory of anonymous networking. In: Proceedings of the 29th Conference on Information Communications, INFOCOM’10, San Diego, pp. 686–694. IEEE, Piscataway (2010)

    Google Scholar 

  18. Giles, J., Hajek, B.: An information-theoretic and game-theoretic study of timing channels. IEEE Trans. Inf. Theory 48(9), 2455–2477 (2002). doi:10.1109/TIT.2002.801405

    Article  MathSciNet  MATH  Google Scholar 

  19. Gong, X., Borisov, N., Kiyavash, N., Schear, N.: Website detection using remote traffic analysis. In: Proceedings of the 12th International Conference on Privacy Enhancing Technologies, PETS’12, Vigo, pp. 58–78. Springer, Berlin/Heidelberg (2012). doi:10.1007/ 978-3-642-31680-7_4

    Google Scholar 

  20. Hu, W.M.: Reducing timing channels with fuzzy time. In: Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, pp. 8–20 (1991). doi:10.1109/RISP.1991.130768

    Google Scholar 

  21. Hu, W.M.: Lattice scheduling and covert channels. In: Proceedings of the 1992 IEEE Symposium on Security and Privacy, SP’92, Oakland, pp. 52–61. IEEE Computer Society, Washington, DC (1992)

    Google Scholar 

  22. Kadloor, S., Kiyavash, N., Venkitasubramaniam, P.: Mitigating timing based information leakage in shared schedulers. In: Proceedings of the 2012 IEEE INFOCOM, INFOCOM’12, Orlando, pp. 1044–1052 (2012). doi:10.1109/INFCOM.2012.6195460

    Google Scholar 

  23. Kemmerer, R.A.: A practical approach to identifying storage and timing channels: twenty years later. In: Proceedings of the 18th Annual Computer Security Applications Conference, ACSAC’02, Los Alamitos, p. 109. IEEE Computer Society, Washington, DC (2002). doi:10.1109/CSAC.2002.1176284

    Google Scholar 

  24. Kocher, P.C.: Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In: Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO’96, Santa Barbara, pp. 104–113. Springer, London (1996)

    Google Scholar 

  25. Lam, S.: Delay analysis of a time division multiple access (TDMA) channel. IEEE Trans. Commun. 25(12), 1489–1494 (1977). doi:10.1109/TCOM.1977.1093784

    Article  Google Scholar 

  26. Lampson, B.W.: A note on the confinement problem. Commun. ACM 16(10), 613–615 (1973). doi:10.1145/362375.362389

    Article  Google Scholar 

  27. Liberatore, M., Levine, B.N.: Inferring the source of encrypted HTTP connections. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS’06, Alexandria, pp. 255–263. ACM, New York (2006). doi:10.1145/1180405.1180437

    Google Scholar 

  28. Liu, Y., Ghosal, D., Armknecht, F., Sadeghi, A.R., Schulz, S., Katzenbeisser, S.: Hide and seek in time: robust covert timing channels. In: Proceedings of the 14th European Conference on Research in Computer Security, ESORICS’09, Saint-Malo, pp. 120–135. Springer, Berlin/Heidelberg (2009)

    Google Scholar 

  29. McFadden, J.A.: The entropy of a point process. SIAM J. Appl. Math. 13(4), 988–994 (1965). doi:10.1137/0113066

    Article  MathSciNet  MATH  Google Scholar 

  30. Millen, J.K.: Covert channel capacity. In: Proceedings of the 1987 IEEE Symposium on Security and Privacy, SP’87, Oakland, pp. 60–66 (1987)

    Google Scholar 

  31. Moskowitz, I.S., Miller, A.R.: The channel capacity of a certain noisy timing channel. IEEE Trans. Inf. Theory 38(4), 1339–1344 (1992). doi:10.1109/18.144712

    Article  MATH  Google Scholar 

  32. Murdoch, S.J., Danezis, G.: Low-cost traffic analysis of tor. In: Proceedings of the 2005 IEEE Symposium on Security and Privacy, SP’05, Oakland, pp. 183–195. IEEE Computer Society, Washington, DC (2005). doi:10.1109/SP.2005.12

    Google Scholar 

  33. Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Proceedings of the 2006 The Cryptographers’ Track at the RSA Conference on Topics in Cryptology, CT-RSA’06, San Jose, pp. 1–20. Springer, Berlin/Heidelberg (2006). doi:10.1007/11605805_1

    Google Scholar 

  34. Padlipsky, M.A., Snow, D.W., Karger, P.A.: dtic.mil,ESD-TR-78-158: limitations of end-to-end encryption in secure computer networks. http://goo.gl/ujLfa (1978)

  35. Page, D.: Theoretical use of cache memory as a cryptanalytic side-channel. Techincal Report CSTR-02-003, Department of Computer Science, University of Bristol (2002)

    Google Scholar 

  36. Percival, C.: Cache missing for fun and profit. In: Proceedings of the 2005 BSDCan, BSDCan’05, Ottawa (2005)

    Google Scholar 

  37. Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS’09, Chicago, pp. 199–212. ACM, New York (2009). doi:10.1145/1653662.1653687

    Google Scholar 

  38. Rom, R., Sidi, M.: Multiple Access Protocols: Performance and Analysis. Springer, New York (1990)

    Book  MATH  Google Scholar 

  39. Saponas, T.S., Lester, J., Hartung, C., Agarwal, S., Kohno, T.: Devices that tell on you: privacy trends in consumer ubiquitous computing. In: Proceedings of the 16th USENIX Security Symposium, SS’07, Boston, pp. 5:1–5:16 (2007)

    Google Scholar 

  40. Schinzel, S.: An efficient mitigation method for timing side channels on the web. In: Proceedings of the 2nd International Workshop on Constructive Side-Channel Analysis and Secure Design (2011)

    Google Scholar 

  41. Shah, G., Molina, A., Blaze, M.: Keyboards and covert channels. In: Proceedings of the 15th USENIX Security Symposium, USENIX-SS’06, Vancouver. USENIX Association, Berkeley (2006)

    Google Scholar 

  42. Song, D.X., Wagner, D., Tian, X.: Timing analysis of keystrokes and timing attacks on SSH. In: Proceedings of the 10th Conference on USENIX Security Symposium, SSYM’01, Washington, DC, pp. 25–25. USENIX Association, Berkeley (2001)

    Google Scholar 

  43. Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M.: Cryptanalysis of DES implemented on computers with cache. In: Proceedings of the 2003 Cryptographic Hardware and Embedded Systems Workshop, CHES’03, Cologne, pp. 62–76. Springer, Berlin/Heidelberg (2003)

    Google Scholar 

  44. Venkitasubramaniam, P., Anantharam, V.: On the anonymity of chaum mixes. In: Proceedings of the 2008 IEEE International Symposium on Information Theory, Toronto (2008). doi:10.1109/ISIT.2008.4594929

    Google Scholar 

  45. Wagner, A.B., Anantharam, V.: NATO/ASI Workshop on Network Security and Intrusion Detection: Information Theory of Covert Timing Channels (2005)

    Google Scholar 

  46. Wang, Z., Lee, R.B.: Covert and side channels due to processor architecture. In: Proceedings of the 22nd Annual Computer Security Applications Conference, ACSAC ’06, Miami Beach, pp. 473–482. IEEE Computer Society, Washington, DC (2006). doi:10.1109/ACSAC.2006.20

    Google Scholar 

  47. Wang, Y., Moulin, P.: Perfectly secure steganography: capacity, error exponents, and code constructions. IEEE Trans. Inf. Theory 54(6), 2706–2722 (2008). doi:10.1109/TIT.2008.921684

    Article  MathSciNet  Google Scholar 

  48. Wang, X., Reeves, D.S.: Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, CCS’03, Washington, DC, pp. 20–29. ACM, New York (2003). doi:10.1145/948109.948115

    Google Scholar 

  49. Wang, X., Chen, S., Jajodia, S.: Tracking anonymous peer-to-peer voip calls on the internet. In: Proceedings of the 12th ACM Conference on Computer and communications security, CCS’05, Alexandria, pp. 81–91. ACM, New York (2005). doi:10.1145/1102120.1102133

    Google Scholar 

  50. Wray, J.C.: An analysis of covert timing channels. In: Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, Oakland, p. 2. IEEE Computer Society, Los Alamitos (1991). doi:10.1109/RISP.1991.130767

    Google Scholar 

  51. Wright, C.V., Ballard, L., Coull, S.E., Monrose, F., Masson, G.M.: Spot me if you can: uncovering spoken phrases in encrypted voip conversations. In: Proceedings of the 2008 IEEE Symposium on Security and Privacy, SP’08, Oakland, pp. 35–49. IEEE Computer Society, Washington, DC (2008). doi:10.1109/SP.2008.21

    Google Scholar 

  52. Wyner, A.: The wiretap channel. Bell Syst. Tech. J. 54, 1355–1387 (1975)

    Article  MathSciNet  MATH  Google Scholar 

  53. Zhang, D., Askarov, A., Myers, A.C.: Predictive mitigation of timing channels in interactive systems. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS’11, Chicago, pp. 563–574. ACM, New York (2011). doi:10.1145/2046707.2046772

    Google Scholar 

  54. Zukerman, M., Neame, T., Addie, R.: Internet traffic modeling and future technology implications. In: Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications, INFOCOM’03, San Francisco, pp. 587–596 (2003). doi:10.1109/INFCOM.2003.1208709

    Google Scholar 

Download references

Acknowledgements

This material is based upon work partially supported by the Air Force Office of Scientific Research (AFOSR) grants Sub TX 0200-07UI, FA9550-11-1-0016, FA9550-10-1-0573 and FA9550-10-1-0345.

Author information

Authors and Affiliations

  1. University of Illinois at Urbana-Champaign, Urbana, IL, USA

    Sachin Kadloor & Negar Kiyavash

Authors
  1. Sachin Kadloor
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Negar Kiyavash
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sachin Kadloor .

Editor information

Editors and Affiliations

  1. Air Force Research Laboratory, Rome, New York, USA

    Keesook J. Han

  2. School of Computing and Engineering, University of Missouri - Kansas City, Kansas City, Missouri, USA

    Baek-Young Choi

  3. Department of Engineering Technology The Dwight Look College of Engineering, Texas A&M University, College Station, Texas, USA

    Sejun Song

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer Science+Business Media New York

About this chapter

Cite this chapter

Kadloor, S., Kiyavash, N. (2014). Exploiting Timing Side Channel in Secure Cloud Scheduling. In: Han, K., Choi, BY., Song, S. (eds) High Performance Cloud Auditing and Applications. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-3296-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-1-4614-3296-8_6

  • Published:

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-1-4614-3295-1

  • Online ISBN: 978-1-4614-3296-8

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation