Abstract
A range of attacks on network components, such as algorithmic denial-of-service attacks and cryptanalysis via timing attacks, are enabled by data structures for which an adversary can predict the durations of operations that he will induce on the data structure. In this paper we introduce the problem of designing data structures that confound an adversary attempting to predict the timing of future operations he induces, even if he has adaptive and exclusive access to the data structure and the timings of past operations. We also design a data structure for implementing a set (supporting membership query, insertion, and deletion) that exhibits timing unpredictability and that retains its efficiency despite adversarial attacks. To demonstrate these advantages, we develop a framework by which an adversary tracks a probability distribution on the data structure’s state based on the timings it emitted, and infers invocations to meet his attack goals.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
McIlroy, M.D.: A killer adversary for quicksort. Software – Practice and Experience 29, 341–344 (1999)
Fisk, M., Varghese, G.: Fast content-based packet handling for intrusion detection. Technical Report CS2001-0670, University of California at San Diego (May 2001)
Crosby, S.A., Wallach, D.S.: Denial of service via algorithmic complexity attacks. In: Proceedings of the 12th USENIX Security Symposium (August 2003)
Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Brumley, D., Boneh, D.: Remote timing attacks are practical. Computer Networks: The International Journal of Computer and Telecommunications Networking 48(5), 701–716 (2005)
Sleator, D.D., Tarjan, R.E.: Self-adjusting binary search trees. J. ACM 32(3), 652–686 (1985)
Adelson-Velskii, G., Landis, E.M.: An algorithm for the organization of information. Proceedings of the USSR Academy of Sciences 146, 263–266 (1962) (Russian); English translation by Ricci, M.J.: Soviet Math. Doklady 3, 1259–1263 (1962)
Seidel, R., Informatik, F., Aragon, C.R.: Randomized search trees. Algorithmica, 540–545 (1989)
Carter, J.L., Wegman, M.N.: Universal classes of hash functions (extended abstract). In: STOC 1977: Proceedings of the ninth annual ACM symposium on Theory of computing, pp. 106–112. ACM, New York (1977)
Bagchi, A., Buchsbaum, A.L., Goodrich, M.T.: Biased skip lists. Algorithmica 42, 31–48 (2005)
Cho, S., Sahni, S.: Biased leftist trees and modified skip lists. Technical Report 96-002, University of Florida (1996)
Ergun, F., Ahinalp, S.C.S., Sinha, R.K.: Biased skip lists for highly skewed access patterns. In: Proceedings of the 3rd Workshop on Algorithm Engineering and Experiments, pp. 216–229. Springer, Heidelberg (2001)
Pugh, W.: A skip list cookbook. Technical Report UMIACS-TR-89-72.1, University of Maryland (1990)
Aspnes, J.: Skip graphs. In: Proceedings of the fourteenth annual ACM-SIAM symposium on Discrete algorithms, pp. 384–393 (2003)
Messeguer, X.: Skip trees, an alternative data structure to skip lists in a concurrent approach. Informatique Théorique et Applications 31(3), 251–269 (1997)
Pugh, W.: Concurrent maintenance of skip lists. Technical Report CS-TR-2222.1, University of Maryland (1989)
Borodin, A., El-Yaniv, R.: Online Computation and Competitive Analysis. Cambridge University Press, Cambridge (1998)
Pugh, W.: Skip lists: a probabilistic alternative to balanced trees. Communications of the ACM 33(6), 668–676 (1990)
Mallows, C.L.: A note on asymptotic joint normality. Annals of Mathematical Statistics 43(2), 508–515 (1972)
Elizaveta, L., Bickel, P.: The earth mover’s distance is the Mallows distance: Some insights from statistics. In: Proceedings of the 8th International Conference on Computer Vision, pp. 251–256 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bethea, D., Reiter, M.K. (2009). Data Structures with Unpredictable Timing. In: Backes, M., Ning, P. (eds) Computer Security – ESORICS 2009. ESORICS 2009. Lecture Notes in Computer Science, vol 5789. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04444-1_28
Download citation
DOI: https://doi.org/10.1007/978-3-642-04444-1_28
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04443-4
Online ISBN: 978-3-642-04444-1
eBook Packages: Computer ScienceComputer Science (R0)