Information Theory and Security: Quantitative Information Flow

Malacaria, Pasquale; Heusser, Jonathan

doi:10.1007/978-3-642-13678-8_3

Cited by 11 publications

(11 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There is also a vast literature (see [30], Section 3.3, and references therein) studying the "leakage of a program P [...] defined as the (Shannon) entropy of the partition Π(P )" [30]. One can easily see that their "leakage" is the same as the entropy H(f (X)), where X is the r.v.…”

Section: Additional Relationsmentioning

confidence: 99%

Bounds on the Entropy of a Function of a Random Variable and Their Applications

Cicalese

Gargano

Vaccaro

2018

IEEE Trans. Inform. Theory

View full text Add to dashboard Cite

It is well known that the entropy H(X) of a discrete random variable X is always greater than or equal to the entropy H(f (X)) of a function f of X, with equality if and only if f is one-to-one. In this paper, we give tight bounds on H(f (X)) when the function f is not one-to-one, and we illustrate a few scenarios where this matters. As an intermediate step towards our main result, we derive a lower bound on the entropy of a probability distribution, when only a bound on the ratio between the maximal and minimal probabilities is known. The lower bound improves on previous results in the literature, and it could find applications outside the present scenario.I. THE PROBLEM Let X = {x 1 , . . . , x n } be a finite alphabet, and X be any random variable (r.v.) taking values in X according to the probability distribution p = (p 1 , p 2 , . . . , p n ), that is, such that P {X = x i } = p i , for i = 1, 2, . . . , n. A well known and widely used inequality states thatwhere f : X → Y is any function defined on X , and H(·) denotes the Shannon entropy. Moreover, equality holds in (1) if and only if the function f is one-to-one. The main purpose of this paper is to sharpen inequality (1) by deriving tight bounds on H(f (X)) when f is not one-to-one. More precisely, given the r.v. X, an integer 2 ≤ m < n, a set Y m = {y 1 , . . . , y m }, and the family of surjective functions

show abstract

Section: Additional Relationsmentioning

confidence: 99%

Bounds on the Entropy of a Function of a Random Variable and Their Applications

Cicalese

Gargano

Vaccaro

2018

IEEE Trans. Inform. Theory

View full text Add to dashboard Cite

show abstract

“…Hence, leakage H(LoI(P )) for looping programs can be computed in terms of the chain (W 6n ) n>0 and the collision equivalence C. The equivalence of this technique with previous information theoretical analysis of loops (Malacaria 2010) is proved in Malacaria and Heusser (2010). Notice that Propositions 6 and 9 can be used for an analysis of loops using Smith's vulnerability leakage and guessability leakage: ME(P ) = log(G(LoI(P ))) − log(G(h)) = log(G( n>0 W 6n C)) − log(G(h)) (10) GE(P ) = NG(h) − NG(LoI(P )) = NG(h) − NG(LoI( n>0 W 6n C)) (11)…”

Section: Loop Analysismentioning

confidence: 95%

“…is their self-composition ( Barthe et al 2004). Formally (Malacaria and Heusser 2010): Proposition 8. Given programs P 1 , P 2 there exists a program P 1 2 such that LoI(P 1 2 ) = LoI(P 1 ) LoI(P 2 ).…”

Section: Multiple Runsmentioning

confidence: 99%

“…This setting is formalized in Malacaria and Heusser (2010): given a looping program P define W 6n = n>i>0 W i as the equivalence relation corresponding to the output observations available for the loop terminating in 6 n iterations and let the collision equivalence of a loop be the reflexive and transitive closure of the relation σ C σ iff σ, σ generate the same output from different iterations.…”

Section: Loop Analysismentioning

confidence: 99%

See 1 more Smart Citation

Algebraic foundations for quantitative information flow

Malacaria

2014

Math. Struct. Comp. Sci.

Self Cite

View full text Add to dashboard Cite

Link to this article: http://journals.cambridge.org/abstract_S0960129513000649How to cite this article: PASQUALE MALACARIA (2015). Algebraic foundations for quantitative information ow.Several mathematical ideas have been investigated for quantitative information flow. Information theory, probability, guessability are the main ideas in most proposals. They aim to quantify how much information is leaked, how likely is to guess the secret and how long does it take to guess the secret respectively. In this work, we investigate the relationship between these ideas in the context of the quantitative analysis of deterministic systems. We propose the lattice of information as a valuable foundation for these approaches; not only it provides an elegant algebraic framework for the ideas, but also to investigate their relationship. In particular, we will use this lattice to prove some results establishing order relation correspondences between the different quantitative approaches. The implications of these results w.r.t. recent work in the community is also investigated. While this work concentrates on the foundational importance of the lattice of information its practical relevance has been recently proven, notably with the quantitative analysis of Linux kernel vulnerabilities. Overall, we believe these works set the case for establishing the lattice of information as one of the main reference structure for quantitative information flow.

show abstract

“…It provides a framework that associates security policy and implementation of the security policy. While there are lots of classical information security models like BLP model [9],Biba model [13] and secure information flow model [14] and Unwinding and Inference Control model [15]，we chose the BLP model to formally model the security policy of typical security gateway owing to the easy understanding of BLP model itself and familiarity of most projects engineers with BLP model; formal specification aims at describing the system functions in a simple, unanimous ③ manner. This paper presents a method which may be used to formally design and verify the typical security gateway.…”

Section: Introductionmentioning

confidence: 99%

Formal Design and Verification for A Typical Security Gateway

Wang¹,

Zhao²,

Chang³

et al. 2017

Proceedings of the 7th International Conference on Computer Engineering and Networks — PoS(CENet2017)

View full text Add to dashboard Cite

To ensure the security of the top-level design of the security gateway, we proposed a method of formally designing and verifying a typical security gateway. Firstly, we designed the typical security gateway's security policy according to its security requirements. Secondly, we formally modeled the security policy and verified the security model's internal consistency by means of BLP model. In the end, we verified the consistency between the security gateway's functional specifications and its security model. To make sure the reasoning procedure's correctness, we used the theorem prover Isabelle/HOL to formally describe the above work and help us deduce. Our work ensures the security of a typical security gateway in terms of top-level design and exerts certain referential significance on formal design of security gateway.

show abstract

Information Theory and Security: Quantitative Information Flow

Cited by 11 publications

References 42 publications

Bounds on the Entropy of a Function of a Random Variable and Their Applications

Bounds on the Entropy of a Function of a Random Variable and Their Applications

Algebraic foundations for quantitative information flow

Formal Design and Verification for A Typical Security Gateway

Contact Info

Product

Resources

About