Quantitative Analysis of Information Flow Using Theorem Proving

Quantitative analysis of information flow is widely used to measure how much information was leaked from the secret inputs to the outputs or public inputs of a program. We propose to conduct the quantitative analysis of information flow within the trusted kernel of a higher-order-logic theorem prover in order to overcome the inaccuracy limitations of traditional analysis techniques used in this domain. For this purpose, we present the formalization of the Kullback-Leibler divergence that can be used as a unified measure of information leakage. Furthermore, we propose two new measures of information leakage, namely the information leakage degree and the conditional information leakage degree. We also formalize the notion of anonymity-based single MIX and use the channel capacity as a measure of information leakage in the MIX. Finally, for illustration purposes, we show how our framework allowed us to find a counter-example for a theorem that was reported in the literature to describe the leakage properties of the anonymity-based single MIX.

[1]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[2]  Sofiène Tahar,et al.  Formalization of Entropy Measures in HOL , 2011, ITP.

[3]  R. Gallager Information Theory and Reliable Communication , 1968 .

[4]  R. Goldberg Methods of Real Analysis , 1964 .

[5]  Jun Pang,et al.  Measuring Anonymity with Relative Entropy , 2006, Formal Aspects in Security and Trust.

[6]  Michael J. C. Gordon,et al.  Mechanizing programming logics in higher order logic , 1989 .

[7]  Aaron Richard Coble,et al.  Formalized Information-Theoretic Proofs of Privacy Using the HOL4 Theorem-Prover , 2008, Privacy Enhancing Technologies.

[8]  Bart Preneel,et al.  Towards Measuring Anonymity , 2002, Privacy Enhancing Technologies.

[9]  Geoffrey Smith,et al.  On the Foundations of Quantitative Information Flow , 2009, FoSSaCS.

[10]  Theo Dimitrakos,et al.  Formal Aspects in Security and Trust, Fourth International Workshop, FAST 2006, Hamilton, Ontario, Canada, August 26-27, 2006, Revised Selected Papers , 2007, Formal Aspects in Security and Trust.

[11]  Ian Stark,et al.  Free-Algebra Models for the pi-Calculus , 2005, FoSSaCS.

[12]  Sofiène Tahar,et al.  On the Formalization of the Lebesgue Integration Theory in HOL , 2010, ITP.

[13]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[14]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[15]  Prakash Panangaden,et al.  Anonymity protocols as noisy channels , 2008, Inf. Comput..

[16]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[17]  Jane Hillston,et al.  Challenges for Quantitative Analysis of Collective Adaptive Systems , 2013, TGC.

[18]  Marta Z. Kwiatkowska,et al.  Quantitative Analysis With the Probabilistic Model Checker PRISM , 2006, QAPL.

[19]  Riccardo Bettati,et al.  Information Leakage as a Model for Quality of Anonymity Networks , 2009, IEEE Transactions on Parallel and Distributed Systems.

[20]  Alan Bundy,et al.  Constructing Induction Rules for Deductive Synthesis Proofs , 2006, CLASE.

[21]  M. Gordon,et al.  Introduction to HOL: a theorem proving environment for higher order logic , 1993 .

[22]  George Danezis,et al.  Towards an Information Theoretic Metric for Anonymity , 2002, Privacy Enhancing Technologies.

[23]  Pasquale Malacaria,et al.  Assessing security threats of looping constructs , 2007, POPL '07.