Asymptotic Information Leakage under One-Try Attacks

  • Michele Boreale
  • Francesca Pampaloni
  • Michela Paolini
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6604)


We study the asymptotic behaviour of (a) information leakage and (b) adversary’s error probability in information hiding systems modelled as noisy channels. Specifically, we assume the attacker can make a single guess after observing n independent executions of the system, throughout which the secret information is kept fixed. We show that the asymptotic behaviour of quantities (a) and (b) can be determined in a simple way from the channel matrix. Moreover, simple and tight bounds on them as functions of n show that the convergence is exponential. We also discuss feasible methods to evaluate the rate of convergence. Our results cover both the Bayesian case, where a prior probability distribution on the secrets is assumed known to the attacker, and the maximum-likelihood case, where the attacker does not know such distribution. In the Bayesian case, we identify the distributions that maximize the leakage. We consider both the min-entropy setting studied by Smith and the additive form recently proposed by Braun et al., and show the two forms do agree asymptotically. Next, we extend these results to a more sophisticated eavesdropping scenario, where the attacker can perform a (noisy) observation at each state of the computation and the systems are modelled as hidden Markov models.


security quantitative information leakage information theory Bayes risk hidden Markov models 


  1. 1.
    Backes, M., Köpf, B.: Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 517–532. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  2. 2.
    Bérard, B., Mullins, J., Sassolas, M.: Quantifying Opacity. In: Proc. of QEST 2010, pp. 263–272. IEEE Society, Los Alamitos (2010)Google Scholar
  3. 3.
    Boreale, M.: Quantifying information leakage in process calculi. Information and Computation 207(6), 699–725 (2009)MathSciNetCrossRefGoogle Scholar
  4. 4.
    Boreale, M., Pampaloni, F., Paolini, M.: Asymptotic information leakage under one-try attacks, Full version of the present paper
  5. 5.
    Braun, C., Chatzikokolakis, K., Palamidessi, C.: Compositional Methods for Information-Hiding. In: Amadio, R.M. (ed.) FOSSACS 2008. LNCS, vol. 4962, pp. 443–457. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. 6.
    Braun, C., Chatzikokolakis, K., Palamidessi, C.: Quantitative Notions of Leakage for One-try Attacks. In: Proc. of MFPS 2009. Electr. Notes Theor. Comput. Sci, vol. 249, pp. 75–91 (2009)CrossRefGoogle Scholar
  7. 7.
    Chatzikokolakis, K., Palamidessi, C., Panangaden, P.: Anonymity protocols as noisy channels. Information and Computation 206(2-4), 378–401 (2008)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Chatzikokolakis, K., Palamidessi, C., Panangaden, P.: On the Bayes risk in information-hiding protocols. Journal of Computer Security 16(5), 531–571 (2008)CrossRefGoogle Scholar
  9. 9.
    Clark, D., Hunt, S., Malacaria, P.: Quantitative Analysis of the Leakage of Confidential Data. Electr. Notes Theor. Comput. Sci. 59(3) (2001)CrossRefGoogle Scholar
  10. 10.
    Cover, T.M., Thomas, J.A.: Elements of Information Theory, 2/e. John Wiley & Sons, Chichester (2006)zbMATHGoogle Scholar
  11. 11.
    Goldschlag, D.M., Reed, M.G., Syverson, P.F.: Anonymous Connections and Onion Routing. IEEE Journal on Selected Areas in Communication, Special Issue on Copyright and Privacy Protection (1998)Google Scholar
  12. 12.
    Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  13. 13.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  14. 14.
    Köpf, B., Basin, D.A.: An information-theoretic model for adaptive side-channel attacks. In: ACM Conference on Computer and Communications Security 2007, pp. 286–296 (2007)Google Scholar
  15. 15.
    Köpf, B., Dürmuth, M.: A Provably Secure and Efficient Countermeasure against Timing Attacks. In: CSF 2009, pp. 324–335 (2009)Google Scholar
  16. 16.
    Köpf, B., Smith, G.: Vulnerability Bounds and Leakage Resilience of Blinded Cryptography under Timing Attacks. In: CSF 2010, pp. 44–56 (2010)Google Scholar
  17. 17.
    Mantel, H., Sudbrock, H.: Information-Theoretic Modeling and Analysis of Interrupt-Related Covert Channels. In: Degano, P., Guttman, J., Martinelli, F. (eds.) FAST 2008. LNCS, vol. 5491, pp. 67–81. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  18. 18.
    Massey, J.L.: Guessing and Entropy. In: Proc. 1994 IEEE Symposium on Information Theory (ISIT 1994), vol. 204 (1994)Google Scholar
  19. 19.
    Rabiner, L.R.: A tutorial on Hidden Markov Models and selected applications in speech recognition. Proc. of the IEEE 77(2), 257–286 (1989)CrossRefGoogle Scholar
  20. 20.
    Reiter, M.K., Rubin, A.D.: Crowds: Anonymity for Web Transactions. ACM Trans. Inf. Syst. Secur. 1(1), 66–92 (1998)CrossRefGoogle Scholar
  21. 21.
    Smith, G.: On the Foundations of Quantitative Information Flow. In: de Alfaro, L. (ed.) FOSSACS 2009. LNCS, vol. 5504, pp. 288–302. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  22. 22.
    Standaert, F.-X., Malkin, T.G., Yung, M.: A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Michele Boreale
    • 1
  • Francesca Pampaloni
    • 2
  • Michela Paolini
    • 2
  1. 1.Università di FirenzeItaly
  2. 2.IMTLuccaItaly

Personalised recommendations