On the Foundations of Quantitative Information Flow

There is growing interest in quantitative theories of information flow in a variety of contexts, such as secure information flow, anonymity protocols, and side-channel analysis. Such theories offer an attractive way to relax the standard noninterference properties, letting us tolerate "small" leaks that are necessary in practice. The emerging consensus is that quantitative information flow should be founded on the concepts of Shannon entropy and mutual information . But a useful theory of quantitative information flow must provide appropriate security guarantees: if the theory says that an attack leaks x bits of secret information, then x should be useful in calculating bounds on the resulting threat. In this paper, we focus on the threat that an attack will allow the secret to be guessed correctly in one try. With respect to this threat model, we argue that the consensus definitions actually fail to give good security guarantees--the problem is that a random variable can have arbitrarily large Shannon entropy even if it is highly vulnerable to being guessed. We then explore an alternative foundation based on a concept of vulnerability (closely related to Bayes risk ) and which measures uncertainty using Renyi's min-entropy , rather than Shannon entropy.

[1]  A. Rényi On Measures of Entropy and Information , 1961 .

[2]  R. Gallager Information Theory and Reliable Communication , 1968 .

[3]  D. A. Bell,et al.  Information Theory and Reliable Communication , 1969 .

[4]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[5]  James W. Gray,et al.  Probabilistic interference , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[6]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[7]  J. Massey Guessing and entropy , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[8]  Christian Cachin,et al.  Entropy measures and unconditional security in cryptography , 1997 .

[9]  David Clark,et al.  Quantitative Analysis of the Leakage of Confidential Data , 2002, QAPL.

[10]  Chris Hankin,et al.  Approximate non-interference , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[11]  Gavin Lowe,et al.  Quantifying information flow , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[12]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[13]  G. Tóth,et al.  Measuring Anonymity Revisited , 2004 .

[14]  Michael R. Clarkson,et al.  Belief in information flow , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[15]  David Clark,et al.  Quantitative Information Flow, Relations and Polymorphic Types , 2005, J. Log. Comput..

[16]  David Sands,et al.  Dimensions and principles of declassification , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[17]  Thomas M. Cover,et al.  Elements of information theory (2. ed.) , 2006 .

[18]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[19]  Vitaly Shmatikov,et al.  Measuring relationship anonymity in mix networks , 2006, WPES '06.

[20]  Prakash Panangaden,et al.  Anonymity protocols as noisy channels , 2006, Inf. Comput..

[21]  David A. Basin,et al.  An information-theoretic model for adaptive side-channel attacks , 2007, CCS '07.

[22]  David Clark,et al.  A static analysis for quantifying information flow in a simple imperative language , 2007, J. Comput. Secur..

[23]  Geoffrey Smith,et al.  Adversaries and Information Leaks (Tutorial) , 2007, TGC.

[24]  Prakash Panangaden,et al.  Probability of Error in Information-Hiding Protocols , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[25]  Pasquale Malacaria,et al.  Assessing security threats of looping constructs , 2007, POPL '07.

[26]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[27]  Pasquale Malacaria,et al.  Lagrange multipliers and maximum information leakage in different observational models , 2008, PLAS '08.

[28]  Prakash Panangaden,et al.  Anonymity protocols as noisy channels , 2008, Inf. Comput..