Abstract
We study the problem of giving formal bounds on the information leakage of deterministic programs, when only a black-box access to the system is provided, and little is known about the input generation mechanism. After introducing a statistical set-up and defining a formal notion of information leakage estimator, we prove that, in the absence of significant a priori information about the output distribution, no such estimator can in fact exist that does significantly better than exhaustive enumeration of the input domain. Moreover, we show that the difficult part is essentially obtaining tight upper bounds. This motivates us to consider a relaxed scenario, where the analyst is given some control over the input distribution: an estimator is introduced that, with high probability, gives lower bounds irrespective of the underlying distribution, and tight upper bounds if the input distribution induces a “close to uniform” output distribution. We then define two methods, one based on Metropolis Monte Carlo and one based on Accept-Reject, that can ideally be employed to sample from one such input distribution, and discuss a practical methodology based on them. We finally demonstrate the proposed methodology with a few experiments, including an analysis of cache side-channels in sorting algorithms.
Work partially supported by the eu project Ascens under the fet open initiative in fp7 and by Italian PRIN project cina.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Agat, J., Sands, D.: On Confidentiality and Algorithms. In: IEEE Symposium on Security and Privacy, pp. 64–77 (2001)
Batu, T., Dasgupta, S., Kumar, R., Rubinfeld, R.: The Complexity of Approximating the Entropy. SIAM J. Comput. 35(1), 132–150 (2005)
Boreale, M., Pampaloni, F., Paolini, M.: Asymptotic Information Leakage under One-Try Attacks. In: Hofmann, M. (ed.) FOSSACS 2011. LNCS, vol. 6604, pp. 396–410. Springer, Heidelberg (2011)
Boreale, M., Pampaloni, F., Paolini, M.: Quantitative Information Flow, with a View. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 588–606. Springer, Heidelberg (2011)
Braun, C., Chatzikokolakis, K., Palamidessi, C.: Quantitative Notions of Leakage for One-try Attacks. Electr. Notes Theor. Comput. Sci. 248, 75–91 (2009)
Casella, G., Robert, C.: Monte Carlo Statistical Methods, 2nd edn. Springer (2004)
Chao, A., Lee, S.-M.: Estimating the number of classes via sample coverage. Journal of the American Statistical Association 87(417), 210–217 (1992)
Chatzikokolakis, K., Chothia, T., Guha, A.: Statistical Measurement of Information Leakage. In: Esparza, J., Majumdar, R. (eds.) TACAS 2010. LNCS, vol. 6015, pp. 390–404. Springer, Heidelberg (2010)
Chatzikokolakis, K., Palamidessi, C., Panangaden, P.: Anonymity protocols as noisy channels. Inf. Comput. 206(2-4), 378–401 (2008)
Chatzikokolakis, K., Palamidessi, C., Panangaden, P.: On the Bayes risk in information-hiding protocols. Journal of Computer Security 16(5), 531–571 (2008)
Chothia, T.: Personal communication to the authors (2014)
Chothia, T., Guha, A.: A Statistical Test for Information Leaks Using Continuous Mutual Information. In: CSF, pp. 177–190 (2011)
Chothia, T., Kawamoto, Y.: Statistical Estimation of Min-entropy Leakage. Manuscript available at http://www.cs.bham.ac.uk/research/projects/infotools/leakiest/
Chothia, T., Kawamoto, Y., Novakovic, C.: A Tool for Estimating Information Leakage. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 690–695. Springer, Heidelberg (2013)
Chothia, T., Kawamoto, Y., Novakovic, C., Parker, D.: Probabilistic Point-to-Point Information Leakage. In: CSF, pp. 193–205 (2013)
Chothia, T., Kawamoto, Y., Novakovic, C.: LeakWatch: Estimating Information Leakage from Java Programs. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014, Part II. LNCS, vol. 8713, pp. 219–236. Springer, Heidelberg (2014)
Doychev, G., Feld, D., Köpf, B., Mauborgne, L., Reineke, J.: CacheAudit: A Tool for the Static Analysis of Cache Side Channels. In: USENIX Security, pp. 431–446 (2013)
Dubhashi, D.P., Panconesi, A.: Concentration of Measure for the Analysis of Randomized Algorithms. Cambridge University Press (2009)
Goguen, J.A., Meseguer, J.: Security Policies and Security Models. In: IEEE Symposium on Security and Privacy, pp. 11–20 (1998)
Köpf, B., Rybalchenko, A.: Automation of Quantitative Information-Flow Analysis. In: Bernardo, M., de Vink, E., Di Pierro, A., Wiklicky, H. (eds.) SFM 2013. LNCS, vol. 7938, pp. 1–28. Springer, Heidelberg (2013)
Köpf, B., Rybalchenko, A.: Approximation and Randomization for Quantitative Information-Flow Analysis. In: CSF, pp. 3–14 (2010)
Massey, J.L.: Guessing and Entropy. In: Proc. 1994 IEEE Symposium on Information Theory (ISIT 1994), vol. 204 (1994)
Smith, G.: On the Foundations of Quantitative Information Flow. In: de Alfaro, L. (ed.) FOSSACS 2009. LNCS, vol. 5504, pp. 288–302. Springer, Heidelberg (2009)
Yasuoka, H., Terauchi, T.: On bounding problems of quantitative information flow. Journal of Computer Security 19(6), 1029–1082 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Boreale, M., Paolini, M. (2014). On Formally Bounding Information Leakage by Statistical Estimation. In: Chow, S.S.M., Camenisch, J., Hui, L.C.K., Yiu, S.M. (eds) Information Security. ISC 2014. Lecture Notes in Computer Science, vol 8783. Springer, Cham. https://doi.org/10.1007/978-3-319-13257-0_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-13257-0_13
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-13256-3
Online ISBN: 978-3-319-13257-0
eBook Packages: Computer ScienceComputer Science (R0)