Axioms for Information Leakage

Alvim, Mário S.; Chatzikokolakis, Konstantinos; McIver, Annabelle; Morgan, Carroll; Palamidessi, Catuscia; Smith, Geoffrey

doi:10.1109/csf.2016.13

Cited by 38 publications

(49 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is known from the literature [5] that the posterior vulnerability is a convex function of π. Namely, for any channel C, any family of distributions {π i }, and any set of convex coefficients {c i }, we have:…”

Section: Secrets and Vulnerabilitymentioning

confidence: 99%

“…In this paper we consider a very general notion of vulnerability, following [5], and we define a vulnerability V to be any continuous and convex function of type DX → R. It has been shown in [5] that these functions coincide with the set of g-vulnerabilities, and are, in a precise sense, the most general information measures w.r.t. a set of basic axioms.…”

Section: Secrets and Vulnerabilitymentioning

confidence: 99%

“…A central notion in this model is that of entropy, but here we use its converse, vulnerability, which represents the magnitude of the threat. In order to derive results as general as possible, we adopt the very comprehensive notion of vulnerability as any convex and continuous function, as used in [5,8]. This notion has been shown [5] to subsume most information measures, including Bayes vulnerability (aka minvulnerability, aka (the converse of) Bayes risk) [10,27], Shannon entropy [26], guessing entropy [22], and g-vulnerability [6].…”

Section: Example 3 (Crime Attack)mentioning

confidence: 99%

“…Indeed, nowadays there is a tendency to use abstract channels [5,23], which capture exactly the important behavior with respect to any form of leakage. In this paper, however, we cannot use abstract channels because the hidden choice operator needs a concrete representation in order to be defined unambiguously.…”

Section: Definition 4 (Equivalence Of Channels)mentioning

confidence: 99%

See 3 more Smart Citations

Leakage and Protocol Composition in a Game-Theoretic Perspective

Alvim

Chatzikokolakis

Kawamoto

et al. 2018

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. In the inference attacks studied in Quantitative Information Flow (QIF), the adversary typically tries to interfere with the system in the attempt to increase its leakage of secret information. The defender, on the other hand, typically tries to decrease leakage by introducing some controlled noise. This noise introduction can be modeled as a type of protocol composition, i.e., a probabilistic choice among different protocols, and its effect on the amount of leakage depends heavily on whether or not this choice is visible to the adversary. In this work we consider operators for modeling visible and invisible choice in protocol composition, and we study their algebraic properties. We then formalize the interplay between defender and adversary in a game-theoretic framework adapted to the specific issues of QIF, where the payoff is information leakage. We consider various kinds of leakage games, depending on whether players act simultaneously or sequentially, and on whether or not the choices of the defender are visible to the adversary. Finally, we establish a hierarchy of these games in terms of their information leakage, and provide methods for finding optimal strategies (at the points of equilibrium) for both attacker and defender in the various cases.

show abstract

Section: Secrets and Vulnerabilitymentioning

confidence: 99%

Section: Secrets and Vulnerabilitymentioning

confidence: 99%

Section: Example 3 (Crime Attack)mentioning

confidence: 99%

Section: Definition 4 (Equivalence Of Channels)mentioning

confidence: 99%

See 2 more Smart Citations

Leakage and Protocol Composition in a Game-Theoretic Perspective

Alvim

Chatzikokolakis

Kawamoto

et al. 2018

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…Entropy can conveniently represent the information that the adversary has about the secret message before and after an attack. Consequently entropy can be used to quantify the information gained by the adversary due to the attack [19], [20], [21], [5], [22], [23]. The entropy of a probability distribution ρ over a support set X = {x 1 , .…”

Section: A Khouzani-malacaria Entropymentioning

confidence: 99%

Universal Optimality of Apollonian Cell Encoders

Biondi

Given-Wilson

Legay

2018

2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/ 12th IEEE International

View full text Add to dashboard Cite

Abstract-Preserving privacy of private communication against an attacker is a fundamental concern of computer science security. Unconditional encryption considers the case where an attacker has unlimited computational power, hence no complexity result can be relied upon for encryption. Optimality criteria are defined for the best possible encryption over a general collection of entropy measures. This paper introduces Apollonian cell encoders, a class of shared-key cryptosystems that are proven to be universally optimal. In addition to the highest possible security for the message, Apollonian cell encoders prove to have perfect secrecy on their key allowing unlimited key reuse. Conditions for the existence of Apollonian cell encoders are presented, as well as a constructive proof. Further, a compact representation of Apollonian cell encoders is presented, allowing for practical implementation.

show abstract

Automated Formal Analysis of Side-Channel Attacks on Probabilistic Systems

Novakovic

Parker

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

The security guarantees of even theoretically-secure systems can be undermined by the presence of side channels in their implementations. We present Sch-imp, a probabilistic imperative language for side channel analysis containing primitives for identifying secret and publiclyobservable data, and in which resource consumption is modelled at the function level. We provide a semantics for Sch-imp programs in terms of discrete-time Markov chains. Building on this, we propose automated techniques to detect worst-case attack strategies for correctly deducing a program's secret information from its outputs and resource consumption, based on verification of partially-observable Markov decision processes. We implement this in a tool and show how it can be used to quantify the severity of worst-case side-channel attacks against a selection of systems, including anonymity networks, covert communication channels and modular arithmetic implementations used for public-key cryptography.

show abstract

Axioms for Information Leakage

Cited by 38 publications

References 29 publications

Leakage and Protocol Composition in a Game-Theoretic Perspective

Leakage and Protocol Composition in a Game-Theoretic Perspective

Universal Optimality of Apollonian Cell Encoders

Automated Formal Analysis of Side-Channel Attacks on Probabilistic Systems

Contact Info

Product

Resources

About