Formal Approaches to Information-Hiding (Tutorial)

  • Romain Beauxis
  • Konstantinos Chatzikokolakis
  • Catuscia Palamidessi
  • Prakash Panangaden
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4912)


In this survey paper we consider the class of protocols for information-hiding which use randomization to obfuscate the link between the observables and the information to be protected. We focus on the problem of formalizing the notion of information hiding, and verifying that a given protocol achieves the intended degree of protection. Without the pretense of being omni-comprehensive, we review the main approaches that have been explored in literature: possibilistic, probabilistic, information-theoretic, and statistical.


Mutual Information Information Hiding Posteriori Probability Epistemic Logic Input Distribution 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Fujioka, A., Okamoto, T., Ohta, K.: A practical secret voting scheme for large scale elections. In: ASIACRYPT 1992: Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques, pp. 244–251. Springer, London, UK (1993)Google Scholar
  2. 2.
    Reiter, M.K., Rubin, A.D.: Crowds: anonymity for Web transactions. ACM Transactions on Information and System Security 1, 66–92 (1998)CrossRefGoogle Scholar
  3. 3.
    Chaum, D.: The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of Cryptology 1, 65–75 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Syverson, P., Goldschlag, D., Reed, M.: Anonymous connections and onion routing. In: IEEE Symposium on Security and Privacy, Oakland, California, pp. 44–54 (1997)Google Scholar
  5. 5.
    Clarke, I., Sandberg, O., Wiley, B., Hong, T.W.: Freenet: A distributed anonymous information storage and retrieval system. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 44–66. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Syverson, P.F., Stubblebine, S.G.: Group principals and the formalization of anonymity. World Congress on Formal Methods (1), 814–833 (1999)Google Scholar
  7. 7.
    Halpern, J.Y., O’Neill, K.R.: Anonymity and information hiding in multiagent systems. Journal of Computer Security 13, 483–512 (2005)Google Scholar
  8. 8.
    Hughes, D., Shmatikov, V.: Information hiding, anonymity and privacy: a modular approach. Journal of Computer Security 12, 3–36 (2004)Google Scholar
  9. 9.
    Schneider, S., Sidiropoulos, A.: CSP and anonymity. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 198–218. Springer, Heidelberg (1996)Google Scholar
  10. 10.
    Ryan, P.Y., Schneider, S.: Modelling and Analysis of Security Protocols. Addison-Wesley, Reading (2001)CrossRefGoogle Scholar
  11. 11.
    Delaune, S., Kremer, S., Ryan, M.D.: Verifying properties of electronic voting protocols. In: Proceedings of the IAVoSS Workshop On Trustworthy Elections (WOTE 2006), Cambridge, UK, 45–52 (2006)Google Scholar
  12. 12.
    Delaune, S., Kremer, S., Ryan, M.: Coercion-resistance and receipt-freeness in electronic voting. In: Computer Security Foundations Workshop, pp. 28–42. IEEE Computer Society, Los Alamitos (2006)Google Scholar
  13. 13.
    Chatzikokolakis, K., Palamidessi, C.: A framework for analyzing probabilistic protocols and its application to the partial secrets exchange. Theoretical Computer Science (2005); In: De Nicola, R., Sangiorgi, D. (eds.) TGC 2005. LNCS, vol. 3705, pp. 146–162. Springer, Heidelberg (2005), CrossRefGoogle Scholar
  14. 14.
    Hoare, C.A.R.: Communicating Sequential Processes. Prentice-Hall, Englewood Cliffs (1985)zbMATHGoogle Scholar
  15. 15.
    Bhargava, M., Palamidessi, C.: Probabilistic anonymity. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, pp. 171–185. Springer, Heidelberg (2005), CrossRefGoogle Scholar
  16. 16.
    Chatzikokolakis, K., Palamidessi, C.: Probable innocence revisited. Theoretical Computer Science 367, 123–138 (2006), zbMATHCrossRefMathSciNetGoogle Scholar
  17. 17.
    Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 41–53. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  18. 18.
    Díaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  19. 19.
    Zhu, Y., Bettati, R.: Anonymity vs. information leakage in anonymity systems. In: Proc. of ICDCS, pp. 514–524. IEEE Computer Society, Los Alamitos (2005)Google Scholar
  20. 20.
    Moskowitz, I.S., Newman, R.E., Crepeau, D.P., Miller, A.R.: Covert channels and anonymizing networks. In: Jajodia, S., Samarati, P., Syverson, P.F. (eds.) WPES, ACM, pp. 79–88. ACM, New York (2003)CrossRefGoogle Scholar
  21. 21.
    Moskowitz, I.S., Newman, R.E., Syverson, P.F.: Quasi-anonymous channels. In: IASTED CNIS, pp. 126–131 (2003)Google Scholar
  22. 22.
    Chatzikokolakis, K., Palamidessi, C., Panangaden, P.: Anonymity protocols as noisy channels. In: Information and Computation (to appear, 2007),
  23. 23.
    Deng, Y., Pang, J., Wu, P.: Measuring anonymity with relative entropy. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691, pp. 65–79. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  24. 24.
    Clarkson, M.R., Myers, A.C., Schneider, F.B.: Belief in information flow. Journal of Computer Security. Available as Cornell Computer Science Department Technical Report TR 2007-207 (to appear, 2008)Google Scholar
  25. 25.
    McLean, J.: Security models and information flow. In: IEEE Symposium on Security and Privacy, pp. 180–189 (1990)Google Scholar
  26. 26.
    Gray III, J.W.: Toward a mathematical foundation for information flow security. In: Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy (SSP 1991), pp. 21–35. IEEE, Washington - Brussels - Tokyo (1991)CrossRefGoogle Scholar
  27. 27.
    Clark, D., Hunt, S., Malacaria, P.: Quantitative analysis of the leakage of confidential data. In: Proc. of QAPL 2001. Electr. Notes Theor. Comput. Sci, vol. 59 (3), pp. 238–251. Elsevier Science, Amsterdam (2001)Google Scholar
  28. 28.
    Clark, D., Hunt, S., Malacaria, P.: Quantified interference for a while language. In: Proc. of QAPL 2004. Electr. Notes Theor. Comput. Sci, vol. 112, pp. 149–166. Elsevier Science, Amsterdam (2005)Google Scholar
  29. 29.
    Lowe, G.: Quantifying information flow. In: Proc. of CSFW 2002, pp. 18–31. IEEE Computer Society Press, Los Alamitos (2002)Google Scholar
  30. 30.
    Boreale, M.: Quantifying information leakage in process calculi. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 119–131. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  31. 31.
    Cover, T.M., Thomas, J.A.: Elements of Information Theory. John Wiley & Sons, Chichester (1991)zbMATHGoogle Scholar
  32. 32.
    Compositional Methods for Information-Hiding. In: FOSSACS 2008, LNCS, vol. 4962, pp. 443–457, Springer, Heidelberg (to appear, 2008)Google Scholar
  33. 33.
    Chatzikokolakis, K., Palamidessi, C., Panangaden, P.: Probability of error in information-hiding protocols. In: Proceedings of the 20th IEEE Computer Security Foundations Symposium (CSF20), pp. 341–354. IEEE Computer Society, Los Alamitos (2007), CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Romain Beauxis
    • 1
  • Konstantinos Chatzikokolakis
    • 1
  • Catuscia Palamidessi
    • 1
  • Prakash Panangaden
    • 2
  1. 1.INRIA and LIXÉcole PolytechniquePalaiseauFrance
  2. 2.Mc Gill UniversityMontrealCanada

Personalised recommendations