Advertisement

Abstract

Mobile cloud offloading has been proposed to migrate complex computations from mobile devices to powerful servers. While this may be beneficial from the performance and energy perspective, it certainly exhibits new challenges in terms of security due to increased data transmission over networks with potentially unknown threats. Among possible security issues are timing attacks which are not prevented by traditional cryptographic security. Usually random delays are introduced in such systems as a popular countermeasure. Random delays are easily deployed even if the source code of the application is not at hand. While the benefits are obvious, a random delay introduces a penalty that should be minimized. The challenge is to select the distribution from which to draw the random delays and to set mean and variance in a suitable way such that the system security is maximized and the overhead is minimized. To tackle this problem, we have implemented a prototype that allows us to compare the impact of different random distributions on the expected success of timing attacks. Based on our model, the effect of random delay padding on the performance and security perspective of offloading systems is analyzed in terms of response time and optimal rekeying rate. We found that the variance of random delays is the primary influencing factor to the mitigation effect. Based on our approach, the system performance and security can be improved as follows. Starting from the mission time of a computing job one can select a desired padding policy. From this the optimal rekeying interval can be determined for the offloading system.

Keywords

Mobile cloud offloading Security attributes Random delays Timing side-channels 

References

  1. 1.
    Kumar, K., Liu, J., Lu, Y.-H., Bhargava, B.: A survey of computation offloading for mobile systems. Mob. Netw. Appl. 18(1), 129–140 (2013)CrossRefGoogle Scholar
  2. 2.
    Barbera, M., Kosta, S., Mei, A., Perta, V., Stefa, J.: Mobile offloading in the wild: findings and lessons learned through a real-life experiment with a new cloud-aware system. In: INFOCOM, Proceedings of IEEE, pp. 2355–2363. IEEE (2014)Google Scholar
  3. 3.
    Hong, J.I., Landay, J.A.: An infrastructure approach to context-aware computing. Hum.-Comput. Interact. 16(2), 287–303 (2001)CrossRefGoogle Scholar
  4. 4.
    Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34(1), 1–11 (2011)CrossRefGoogle Scholar
  5. 5.
    Hao, Z., Tang, Y., Zhang, Y., Novak, E., Carter, N., Li, Q.: SMOC: a secure mobile cloud computing platform. In: IEEE Conference on Computer Communications (INFOCOM), pp. 2668–2676. IEEE (2015)Google Scholar
  6. 6.
    Cui, H., Yuan, X., Wang, C.: Harnessing encrypted data in cloud for secure and efficient image sharing from mobile devices. In: IEEE Conference on Computer Communications (INFOCOM), pp. 2659–2667. IEEE (2015)Google Scholar
  7. 7.
    Brumley, B.B., Tuveri, N.: Remote timing attacks are still practical. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 355–371. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  8. 8.
    Brumley, D., Boneh, D.: Remote timing attacks are practical. Comput. Netw. 48(5), 701–716 (2005)CrossRefGoogle Scholar
  9. 9.
    Braun, B.A., Jana, S., Boneh, D.: Robust and efficient elimination of cache and timing side channels (2015). arXiv preprint arxiv:1506.00189
  10. 10.
    Nicol, D.M., Sanders, W.H., Trivedi, K.S.: Model-based evaluation: from dependability to security. IEEE Trans. Dependable Secure Comput. 1(1), 48–65 (2004)CrossRefGoogle Scholar
  11. 11.
    Lenkala, S.R., Shetty, S., Xiong, K.: Security risk assessment of cloud carrier. In: 13th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid), pp. 442–449. IEEE (2013)Google Scholar
  12. 12.
    Rebeiro, C., Mukhopadhyay, D., Bhattacharya, S.: An introduction to timing attacks. In: Timing Channels in Cryptography, pp. 1–11. Springer, Switzerland (2015)Google Scholar
  13. 13.
    Wu, H., Sun, Y., Wolter, K.: Analysis of the energy-response time tradeoff for delayed mobile cloud offloading. SIGMETRICS Perform. Eval. Rev. 43, 33–35 (2015)CrossRefGoogle Scholar
  14. 14.
    Köpf, B., Basin, D.: Automatically deriving information-theoretic bounds for adaptive side-channel attacks. J. Comput. Secur. 19(1), 1–31 (2011)CrossRefGoogle Scholar
  15. 15.
    Coron, J.-S., Kizhvatov, I.: An efficient method for random delay generation in embedded software. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 156–170. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  16. 16.
    Clavier, C., Coron, J.-S., Dabbous, N.: Differential power analysis in the presence of hardware countermeasures. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 252–263. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  17. 17.
    Lu, Y., O’Neill, M.P., McCanny, J.V.: FPGA implementation and analysis of random delay insertion countermeasure against DPA. In: International Conference on ICECE Technology, FPT 2008, pp. 201–208. IEEE (2008)Google Scholar
  18. 18.
    He, Z., Deng, X., Yang, B., Dai, K., Zou, X.: A SCA-resistant processor architecture based on random delay insertion. In: International Conference on Computing and Communications Technologies (ICCCT), pp. 278–281. IEEE (2015)Google Scholar
  19. 19.
    Kotipalli, S., Kim, Y.-B., Choi, M.: Asynchronous advanced encryption standard hardware with random noise injection for improved side-channel attack resistance. J. Electr. Comput. Eng. 2014, 19 (2014)Google Scholar
  20. 20.
    Meng, T., Wang, Q., Wolter, K.: Model-based quantitative security analysis of mobile offloading systems under timing attacks. In: Remke, A., Manini, D., Gribaudo, M. (eds.) ASMTA 2015. LNCS, vol. 9081, pp. 143–157. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  21. 21.
    Stewart, W.J.: Probability, Markov Chains, Queues, and Simulation: The Mathematical Basis of Performance Modeling. Princeton University Press, Princeton (2009)zbMATHGoogle Scholar
  22. 22.
    Coppersmith, D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Crypt. 10(4), 233–260 (1997)MathSciNetCrossRefzbMATHGoogle Scholar
  23. 23.
    Chen, C., Wang, T., Tian, J.: Improving timing attack on RSA-CRT via error detection and correction strategy. Inf. Sci. 232, 464–474 (2013)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.Department of Mathematics and Computer ScienceFreie Universität BerlinBerlinGermany

Personalised recommendations