Information leakage

Information leakage defines as actions of revealing information to an unauthorized party. Human factors cause the issue of information leakage. Human factors can be categorized as intentional actions and unintentional actions. An example of intentional action is that employees take risk of wreaking vengeance on the company due to dissatisfaction with the company. The example of unintentional action is that new employees are negligent of risk behaviors due to the over-enthusiasm for new ideas[1]. Information leakage happens whenever a system that is designed to be closed to an eavesdropper reveals some information to unauthorized parties nonetheless. For example, when designing an encrypted instant messaging network, a network engineer without the capacity to crack encryption codes could see when messages are transmitted, even if he could not read them. During the Second World War, the Japanese used secret codes such as PURPLE. Even before such codes were cracked, some basic information could be extracted about the content of the messages by looking at which relay stations sent a message onward. As another example of information leakage, Graphics Processing Unit (GPU) drivers do not erase their memories and thus, in shared/local/global memories, data values persist after de-allocation.[2] These data can be retrieved by a malicious agent.

Design issues

Designers of secure systems often forget to take information leakage into account. A classic example of this is when the French government designed a mechanism to aid encrypted communications over an analog line, such as at a phone booth. It was a device that clamped onto both ends of the phone, performed the encrypting operations, and sent the signals over the phone line. Unfortunately for the French, the rubber seal that attached the device to the phone was not airtight. It was later discovered that although the encryption itself was solid, if heard carefully, one could hear the speaker, since the phone was picking up some of the speech. Information leakage can subtly or completely destroy the security of an otherwise secure system.

Risk vectors

A modern example of information leakage is the leakage of secret information via data compression, by using variations in data compression ratio to reveal correlations between known (or deliberately injected) plaintext and secret data combined in a single compressed stream.[3] Another example is the key leakage that can occur when using some public-key systems when cryptographic nonce values used in signing operations are insufficiently random. Bad randomness cannot protect proper functioning of a cryptographic system, even in a benign circumstance, it can easily produce crackable keys that cause key leakage.[4]

Information leakage can sometimes be deliberate: for example, an algorithmic converter may be shipped that intentionally leaks small amounts of information, in order to provide its creator with the ability to intercept the users' messages, while still allowing the user to maintain an illusion that the system is secure. This sort of deliberate leakage is sometimes known as a subliminal channel.[5]

Generally, only very advanced systems employ defenses against information leakage.

Following are the commonly implemented countermeasures :

  • Use steganography to hide the fact that a message is transmitted at all.
  • Use chaffing to make it unclear to whom messages are transmitted (but this does not hide from others the fact that messages are transmitted).
  • For busy re-transmitting proxies, such as a Mixmaster node: randomly delay and shuffle the order of outbound packets - this will assist in disguising a given message's path, especially if there are multiple, popular forwarding nodes, such as are employed with Mixmaster mail forwarding.
  • When a data value is no longer going to be used, erase it from the memory.

References
  1. Wong, Wai Peng; Tan, Hwee Chin; Tan, Kim Hua; Tseng, Ming-Lang (2019-07-08). "Human factors in information leakage: mitigation strategies for information sharing integrity". Industrial Management & Data Systems. 119 (6): 1242–1267. doi:10.1108/imds-12-2018-0546. ISSN 0263-5577.
  2. "A Survey of Techniques for Improving Security of GPUs", Mittal et al., Hardware and Systems Security, 2018
  3. Kelsey, J. (2002). "Compression and Information Leakage of Plaintext". Fast Software Encryption. Lecture Notes in Computer Science. 2365. p. 263. doi:10.1007/3-540-45661-9_21. ISBN 978-3-540-44009-3.
  4. Schneier, Bruce; Fredrikson, Matthew; Kohno, Tadayoshi; Ristenpart, Thomas (2015). "Surreptitiously Weakening Cryptographic Systems". Schneier on Security. Archived from the original on 2015.
  5. Ron Rivest (October 3, 2002). "6.857 Computer and Network Security Lecture Notes 9 : DSA/DSS, RSA, chosen-ciphertext attack" (PDF). MIT. Retrieved 2012-09-14.

See also
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.