Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks

Köpf, Boris; Smith, Geoffrey

doi:10.1109/csf.2010.11

Cited by 79 publications

(108 citation statements)

References 25 publications

Supporting

Mentioning

107

Contrasting

Order By: Relevance

“…Quantitative Information Flow (qif) is a well-established approach to confidentiality analysis: the basic idea is measuring how much information flows from sensitive to observable data, relying on tools from Information Theory [14,3,12,32,11,4,27,5,6].…”

Section: Introductionmentioning

confidence: 99%

Quantitative Information Flow under Generic Leakage Functions and Adaptive Adversaries

Boreale

Pampaloni

2014

Formal Techniques for Distributed Objects, Components, and Systems

View full text Add to dashboard Cite

Abstract. We put forward a model of action-based randomization mechanisms to analyse quantitative information flow (qif) under generic leakage functions, and under possibly adaptive adversaries. This model subsumes many of the qif models proposed so far. Our main contributions include the following: (1) we identify mild general conditions on the leakage function under which it is possible to derive general and significant results on adaptive qif; (2) we contrast the efficiency of adaptive and non-adaptive strategies, showing that the latter are as efficient as the former in terms of length up to an expansion factor bounded by the number of available actions; (3) we show that the maximum information leakage over strategies, given a finite time horizon, can be expressed in terms of a Bellman equation. This can be used to compute an optimal finite strategy recursively, by resorting to standard methods like backward induction.

show abstract

Section: Introductionmentioning

confidence: 99%

Quantitative Information Flow under Generic Leakage Functions and Adaptive Adversaries

Boreale

Pampaloni

2014

Formal Techniques for Distributed Objects, Components, and Systems

View full text Add to dashboard Cite

show abstract

“…There is a large body of recent literature on qif [8,19,5,6] and dp [13,14]. The earliest proposal of a worst-case security notion is, to the best of our knowledge, found in [15].…”

Section: Related Workmentioning

confidence: 99%

“…[19]. We would also like to apply and possibly extend the results of the present paper to the setting of de-anonymization attacks on dataset containing micro-data.…”

Section: Conclusion and Further Workmentioning

confidence: 99%

“…Two major areas have by now clearly emerged: Quantitative Information Flow (qif) [8,19,5,6,9,10,26] and Differential Privacy (dp) [13,14,21,22,16,17]. As discussed in [4], qif is mainly concerned with quantifying the degree of protection offered against an adversary trying to guess the whole secret; dp is rather concerned with protection of individual bits of the secret, possibly in the presence of background information, like knowledge of the remaining bits.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Worst- and Average-Case Privacy Breaches in Randomization Mechanisms

Boreale¹,

Paolini²

2012

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. In a variety of contexts, randomization is regarded as an effective technique to conceal sensitive information. We model randomization mechanisms as information-theoretic channels. Our starting point is a semantic notion of security that expresses absence of any privacy breach above a given level of seriousness , irrespective of any background information, represented as a prior probability on the secret inputs. We first examine this notion according to two dimensions: worst vs. average case, single vs. repeated observations. In each case, we characterize the security level achievable by a mechanism in a simple fashion that only depends on the channel matrix, and specifically on certain measures of "distance" between its rows, like norm-1 distance and Chernoff Information. We next clarify the relation between our worst-case security notion and differential privacy (dp): we show that, while the former is in general stronger, the two coincide if one confines to background information that can be factorised into the product of independent priors over individuals. We finally turn our attention to expected utility, in the sense of Ghosh et al., in the case of repeated independent observations. We characterize the exponential growth rate of any reasonable utility function. In the particular case the mechanism provides -dp, we study the relation of the utility rate with : we offer either exact expressions or upper-bounds for utility rate that apply to practically interesting cases, such as the (truncated) geometric mechanism.

show abstract

“…Henceforth, a major challenge is being able to give simple and tight bounds on leakage in general, or exact expressions for some important cases. For instance, Köpf and Smith (2010) give a simple formula for the min-entropy capacity of a system, which corresponds to the worst-case leakage after a single observation under one-try attacks.…”

mentioning

confidence: 99%

Asymptotic information leakage under one-try attacks

Boreale¹,

Pampaloni

Paolini

2014

Math. Struct. Comp. Sci.

View full text Add to dashboard Cite

We study the asymptotic behaviour of (a) information leakage and (b) adversary's error probability in information hiding systems modelled as noisy channels. Specifically, we assume the attacker can make a single guess after observing n independent executions of the system, throughout which the secret information is kept fixed. We show that the asymptotic behaviour of quantities (a) and (b) can be determined in a simple way from the channel matrix. Moreover, simple and tight bounds on them as functions of n show that the convergence is exponential. We also discuss feasible methods to evaluate the rate of convergence. Our results cover both the Bayesian case, where an a priori probability distribution on the secrets is assumed known to the attacker, and the maximum-likelihood case, where the attacker does not know such distribution. In the Bayesian case, we identify the distributions that maximize leakage. We consider both the min-entropy setting studied by Smith and the additive form recently proposed by Braun et al. and show the two forms do agree asymptotically. Next, we extend these results to a more sophisticated eavesdropping scenario, where the attacker can perform a (noisy) observation at each state of the computation and the systems are modelled as hidden Markov models.

show abstract

Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks

Cited by 79 publications

References 25 publications

Quantitative Information Flow under Generic Leakage Functions and Adaptive Adversaries

Quantitative Information Flow under Generic Leakage Functions and Adaptive Adversaries

Worst- and Average-Case Privacy Breaches in Randomization Mechanisms

Asymptotic information leakage under one-try attacks

Contact Info

Product

Resources

About