Asymptotic information leakage under one-try attacks

Abstract: We study the asymptotic behaviour of (a) information leakage and (b) adversary's error probability in information hiding systems modelled as noisy channels. Specifically, we assume the attacker can make a single guess after observing n independent executions of the system, throughout which the secret information is kept fixed. We show that the asymptotic behaviour of quantities (a) and (b) can be determined in a simple way from the channel matrix. Moreover, simple and tight bounds on them as functions of n sho… Show more

“…The attacker is in a position to ask a source, perhaps the hospital db, queries concerning non sensitive information (ZIP code, age and discharge date) of any individual, including JD, and compare the answers with the table's entries. 5 This situation can be modeled quite simply as an action-based mechanism S, as follows. We pose: Act = {ZIP, Age, Date}; X = {1, .…”

“…Like in the static case, this dynamic g-leakage does not lend itself to be recast in the present framework. A dynamic approach is also at the core of a model in [5] based on Hidden Markov Models, where the observed system evolves over time, although the secret is fixed.…”

“…Quantitative Information Flow (qif) is a well-established approach to confidentiality analysis: the basic idea is measuring how much information flows from sensitive to observable data, relying on tools from Information Theory [14,3,12,32,11,4,27,5,6].…”

Quantitative Information Flow under Generic Leakage Functions and Adaptive Adversaries

“…The attacker is in a position to ask a source, perhaps the hospital db, queries concerning non sensitive information (ZIP code, age and discharge date) of any individual, including JD, and compare the answers with the table's entries. 5 This situation can be modeled quite simply as an action-based mechanism S, as follows. We pose: Act = {ZIP, Age, Date}; X = {1, .…”

“…Like in the static case, this dynamic g-leakage does not lend itself to be recast in the present framework. A dynamic approach is also at the core of a model in [5] based on Hidden Markov Models, where the observed system evolves over time, although the secret is fixed.…”

“…Quantitative Information Flow (qif) is a well-established approach to confidentiality analysis: the basic idea is measuring how much information flows from sensitive to observable data, relying on tools from Information Theory [14,3,12,32,11,4,27,5,6].…”

Quantitative Information Flow under Generic Leakage Functions and Adaptive Adversaries

“…[12,11,3,30,4,5,21] and references therein. In the last few years, various extensions of the basic model have been considered: to mention but a few, [6] considers the case of one-try (min-entropy) attacks under repeated observations, while the worst-vs. average-case dimension is examined in [9]. Especially relevant to the present paper is the issue of partial secret disclosure [7] and, more generally, of leakage characterization in terms of adversary's (generic) gain, or g-leakage [1].…”

Searching secrets rationally

“…Boreale et al [BPP11] proved that ML(C (n) ) converges exponentially quickly to the logarithm of the number of distinct rows in C. (Intuitively, distinct rows of the channel matrix can be distinguished by repeatedly sampling the output.) More precisely, their Theorem 1 restricted to the case of a uniform prior (which realizes min-capacity) can be restated in the following form:…”

Foundations of Quantitative Information Flow: Channels, Cascades, and the Information Order