Bao Trung Chu,Kenji Hashimoto,Hiroyuki Seki

DOI: https://doi.org/10.1587/transinf.2019EDP7132

2019-03-09

Abstract:A program is non-interferent if it leaks no secret information to an observable output. However, non-interference is too strict in many practical cases and quantitative information flow (QIF) has been proposed and studied in depth. Originally, QIF is defined as the average of leakage amount of secret information over all executions of a program. However, a vulnerable program that has executions leaking the whole secret but has the small average leakage could be considered as secure. This counter-intuition raises a need for a new definition of information leakage of a particular run, i.e., dynamic leakage. As discussed in [5], entropy-based definitions do not work well for quantifying information leakage dynamically; Belief-based definition on the other hand is appropriate for deterministic programs, however, it is not appropriate for probabilistic ones. In this paper, we propose new simple notions of dynamic leakage based on entropy which are compatible with existing QIF definitions for deterministic programs, and yet reasonable for probabilistic programs in the sense of [5]. We also investigated the complexity of computing the proposed dynamic leakage for three classes of Boolean programs. We also implemented a tool for QIF calculation using model counting tools for Boolean formulae. Experimental results on popular benchmarks of QIF research show the flexibility of our framework. Finally, we discuss the improvement of performance and scalability of the proposed method as well as an extension to more general cases.

Cryptography and Security

Philipp Schröer,Francesca Randone,Raúl Pardo,Andrzej Wąsowski

2024-12-02

Abstract:It is of utmost importance to ensure that modern data intensive systems do not leak sensitive information. In this paper, the authors, who met thanks to Joost-Pieter Katoen, discuss symbolic methods to compute information-theoretic measures of leakage: entropy, conditional entropy, Kullback-Leibler divergence, and mutual information. We build on two semantic frameworks for symbolic execution of probabilistic programs. For discrete programs, we use weakest pre-expectation calculus to compute exact symbolic expressions for the leakage measures. Using Second Order Gaussian Approximation (SOGA), we handle programs that combine discrete and continuous distributions. However, in the SOGA setting, we approximate the exact semantics using Gaussian mixtures and compute bounds for the measures. We demonstrate the use of our methods in two widely used mechanisms to ensure differential privacy: randomized response and the Gaussian mechanism.

Cryptography and Security

Pritha Gupta,Marcel Wever,Eyke Hüllermeier

2024-07-30

Abstract:In today's data-driven world, the proliferation of publicly available information raises security concerns due to the information leakage (IL) problem. IL involves unintentionally exposing sensitive information to unauthorized parties via observable system information. Conventional statistical approaches rely on estimating mutual information (MI) between observable and secret information for detecting ILs, face challenges of the curse of dimensionality, convergence, computational complexity, and MI misestimation. Though effective, emerging supervised machine learning based approaches to detect ILs are limited to binary system sensitive information and lack a comprehensive framework. To address these limitations, we establish a theoretical framework using statistical learning theory and information theory to quantify and detect IL accurately. Using automated machine learning, we demonstrate that MI can be accurately estimated by approximating the typically unknown Bayes predictor's log-loss and accuracy. Based on this, we show how MI can effectively be estimated to detect ILs. Our method performs superior to state-of-the-art baselines in an empirical study considering synthetic and real-world OpenSSL TLS server datasets.

Machine Learning

Hirotoshi Yasuoka,Tachio Terauchi

DOI: https://doi.org/10.3233/jcs-2011-0437

2011-12-23

Journal of Computer Security

Abstract:Researchers have proposed formal definitions of quantitative information flow based on information theoretic notions such as the Shannon entropy, the min entropy, the guessing entropy, belief, and channel capacity. This paper investigates the hardness of precisely checking the quantitative information flow of a program according to such definitions. More precisely, we study the “bounding problem” of quantitative information flow, defined as follows: Given a program M and a positive real number q, decide if the quantitative information flow of M is less than or equal to q. We prove that the bounding problem is not a k-safety property for any k (even when q is fixed, for the Shannon-entropy-based definition with the uniform distribution), and therefore is not amenable to the self-composition technique that has been successfully applied to checking non-interference. We also prove complexity theoretic hardness results for the case when the program is restricted to loop-free Boolean programs. Specifically, we show that the problem is PP-hard for all definitions, showing a gap with non-interference which is coNP-complete for the same class of programs. The paper also compares the results with the recently proved results on the comparison problems of quantitative information flow.

Michele Boreale,Daniele Gorla

DOI: https://doi.org/10.1007/978-3-030-31175-9_21

2019-07-11

Abstract:The problem of counting the number of models of a given Boolean formula has numerous applications, including computing the leakage of deterministic programs in Quantitative Information Flow. Model counting is a hard, #P-complete problem. For this reason, many approximate counters have been developed in the last decade, offering formal guarantees of confidence and accuracy. A popular approach is based on the idea of using random XOR constraints to, roughly, successively halving the solution set until no model is left: this is checked by invocations to a SAT solver. The effectiveness of this procedure hinges on the ability of the SAT solver to deal with XOR constraints, which in turn crucially depends on the length of such constraints. We study to what extent one can employ sparse, hence short, constraints, keeping guarantees of correctness. We show that the resulting bounds are closely related to the geometry of the set of models, in particular to the minimum Hamming distance between models. We evaluate our theoretical results on a few concrete formulae. Based on our findings, we finally discuss possible directions for improvements of the current state of the art in approximate model counting.

Logic in Computer Science,Data Structures and Algorithms

Fabrizio Biondi,Yusuke Kawamoto,Axel Legay,Louis-Marie Traonouez

DOI: https://doi.org/10.1007/s00165-018-0469-z

2018-09-08

Abstract:Analysis of a probabilistic system often requires to learn the joint probability distribution of its random variables. The computation of the exact distribution is usually an exhaustive precise analysis on all executions of the system. To avoid the high computational cost of such an exhaustive search, statistical analysis has been studied to efficiently obtain approximate estimates by analyzing only a small but representative subset of the system's behavior. In this paper we propose a hybrid statistical estimation method that combines precise and statistical analyses to estimate mutual information, Shannon entropy, and conditional entropy, together with their confidence intervals. We show how to combine the analyses on different components of a discrete system with different accuracy to obtain an estimate for the whole system. The new method performs weighted statistical analysis with different sample sizes over different components and dynamically finds their optimal sample sizes. Moreover, it can reduce sample sizes by using prior knowledge about systems and a new abstraction-then-sampling technique based on qualitative analysis. To apply the method to the source code of a system, we show how to decompose the code into components and to determine the analysis method for each component by overviewing the implementation of those techniques in the HyLeak tool. We demonstrate with case studies that the new method outperforms the state of the art in quantifying information leakage.

Information Theory,Cryptography and Security,Programming Languages

Sari Haj Hussein

DOI: https://doi.org/10.1109/NTMS.2012.6208689

2012-06-05

Abstract:We introduce a new perspective into the field of quantitative information flow (QIF) analysis that invites the community to bound the leakage, reported by QIF quantifiers, by a range consistent with the size of a program's secret input instead of by a mathematically sound (but counter-intuitive) upper bound of that leakage. To substantiate our position, we present a refinement of a recent QIF metric that appears in the literature. Our refinement is based on slight changes we bring into the design of that metric. These changes do not affect the theoretical premises onto which the original metric is laid. However, they enable the natural association between flow results and the exhaustive search effort needed to uncover a program's secret information (or the residual secret part of that information) to be clearly established. The refinement we discuss in this paper validates our perspective and demonstrates its importance in the future design of QIF quantifiers.

Cryptography and Security

Haifeng Xu,Albert X. Jiang,Arunesh Sinha,Zinovi Rabinovich,Shaddin Dughmi,Milind Tambe

DOI: https://doi.org/10.48550/arXiv.1504.06058

2015-05-04

Abstract:Most models of Stackelberg security games assume that the attacker only knows the defender's mixed strategy, but is not able to observe (even partially) the instantiated pure strategy. Such partial observation of the deployed pure strategy -- an issue we refer to as information leakage -- is a significant concern in practical applications. While previous research on patrolling games has considered the attacker's real-time surveillance, our settings, therefore models and techniques, are fundamentally different. More specifically, after describing the information leakage model, we start with an LP formulation to compute the defender's optimal strategy in the presence of leakage. Perhaps surprisingly, we show that a key subproblem to solve this LP (more precisely, the defender oracle) is NP-hard even for the simplest of security game models. We then approach the problem from three possible directions: efficient algorithms for restricted cases, approximation algorithms, and heuristic algorithms for sampling that improves upon the status quo. Our experiments confirm the necessity of handling information leakage and the advantage of our algorithms.

Computer Science and Game Theory,Artificial Intelligence

Sophie Taylor,Praneeth Kumar Vippathalla,Justin P. Coon

2024-09-20

Abstract:Information theoretic leakage metrics quantify the amount of information about a private random variable $X$ that is leaked through a correlated revealed variable $Y$. They can be used to evaluate the privacy of a system in which an adversary, from whom we want to keep $X$ private, is given access to $Y$. Global information theoretic leakage metrics quantify the overall amount of information leaked upon observing $Y$, whilst their pointwise counterparts define leakage as a function of the particular realisation $y$ that the adversary sees, and thus can be viewed as random variables. We consider an adversary who observes a large number of independent identically distributed realisations of $Y$. We formalise the essential asymptotic behaviour of an information theoretic leakage metric, considering in turn what this means for pointwise and global metrics. With the resulting requirements in mind, we take an axiomatic approach to defining a set of pointwise leakage metrics, as well as a set of global leakage metrics that are constructed from them. The global set encompasses many known measures including mutual information, Sibson mutual information, Arimoto mutual information, maximal leakage, min entropy leakage, $f$-divergence metrics, and g-leakage. We prove that both sets follow the desired asymptotic behaviour. Finally, we derive composition theorems which quantify the rate of privacy degradation as an adversary is given access to a large number of independent observations of $Y$. It is found that, for both pointwise and global metrics, privacy degrades exponentially with increasing observations for the adversary, at a rate governed by the minimum Chernoff information between distinct conditional channel distributions. This extends the work of Wu et al. (2024), who have previously found this to be true for certain known metrics, including some that fall into our more general set.

Information Theory

Toby Murray,Pengbo Yan,Gidon Ernst

2023-08-21

Abstract:Memory-safety issues and information leakage are known to be depressingly common. We consider the compositional static detection of these kinds of vulnerabilities in first-order C-like programs. Indeed the latter are relational hyper-safety violations, comparing pairs of program executions, making them more challenging to detect than the former, which require reasoning only over individual executions. Existing symbolic leakage detection methods treat only non-interactive programs, avoiding the challenges of nondeterminism. Also, being whole-program analyses they cannot be applied one-function-at-a-time, thereby ruling out incremental analysis. We remedy these shortcomings by presenting Insecurity Separation Logic (InsecSL), an under-approximate relational program logic for soundly detecting information leakage and memory-safety issues in interactive programs. Importantly, InsecSL reasons about pairs of executions, and so is relational, but purposefully resembles the non-relational Incorrectness Separation Logic (ISL) that is already automated in the Infer tool. We show how InsecSL can be automated by bi-abduction based symbolic execution, and we evaluate two implementations of this idea (one based on Infer) on various case-studies.

Programming Languages,Cryptography and Security,Logic in Computer Science

Chris Chen,Annabelle McIver,Carroll Morgan

2024-05-22

Abstract:We present a novel formal system for proving quantitative-leakage properties of programs. Based on a theory of Quantitative Information Flow (QIF) that models information leakage as a noisy communication channel, it uses "gain-functions" for the description and measurement of expected leaks.

Logic in Computer Science

MHR Khouzani,Pasquale Malacaria

DOI: https://doi.org/10.48550/arXiv.1811.09652

2018-11-23

Information Theory

Abstract:We introduce a novel generalization of entropy and conditional entropy from which most definitions from the literature can be derived as particular cases. Within this general framework, we investigate the problem of designing countermeasures for information leakage. In particular, we seek metric-invariant solutions, i.e., they are robust against the choice of entropy for quantifying the leakage. The problem can be modelled as an information channel from the system to an adversary, and the countermeasures can be seen as modifying this channel in order to minimise the amount of information that the outputs reveal about the inputs. Our main result is to fully solve the problem under the highly symmetrical design constraint that the number of inputs that can produce the same output is capped. Our proof is constructive and the optimal channels and the minimum leakage are derived in closed form.

Kuldeep S. Meel,Moshe Y. Vardi,Supratik Chakraborty

DOI: https://doi.org/10.3233/FAIA201010

2021-02-02

Abstract:Model counting, or counting solutions of a set of constraints, is a fundamental problem in Computer Science with diverse applications. Since exact counting is computationally hard (#P complete), approximate counting techniques have received much attention over the past few decades. In this chapter, we focus on counting models of propositional formulas, and discuss in detail universal-hashing based approximate counting, which has emerged as the predominant paradigm for state-of-the-art approximate model counters. These counters are randomized algorithms that exploit properties of universal hash functions to provide rigorous approximation guarantees, while piggybacking on impressive advances in propositional satisfiability solving to scale up to problem instances with a million variables. We elaborate on various choices in designing such approximate counters and the implications of these choices. We also discuss variants of approximate model counting, such as DNF counting and weighted counting.

Computer Science,Mathematics

Han Chen,Pasquale Malacaria

DOI: https://doi.org/10.4204/EPTCS.7.1

2009-10-21

Abstract:When studying the information leakage in programs or protocols, a natural question arises: "what is the worst case scenario?". This problem of identifying the maximal leakage can be seen as a channel capacity problem in the information theoretical sense. In this paper, by combining two powerful theories: Information Theory and Karush-Kuhn-Tucker conditions, we demonstrate a very general solution to the channel capacity problem. Examples are given to show how our solution can be applied to practical contexts of programs and anonymity protocols, and how this solution generalizes previous approaches to this problem.

Cryptography and Security,Information Theory,Logic in Computer Science,Programming Languages

Mário S. Alvim,Konstantinos Chatzikokolakis,Yusuke Kawamoto,Catuscia Palamidessi

DOI: https://doi.org/10.1145/3517330

2022-01-28

Abstract:A common goal in the areas of secure information flow and privacy is to build effective defenses against unwanted leakage of information. To this end, one must be able to reason about potential attacks and their interplay with possible defenses. In this paper, we propose a game-theoretic framework to formalize strategies of attacker and defender in the context of information leakage, and provide a basis for developing optimal defense methods. A novelty of our games is that their utility is given by information leakage, which in some cases may behave in a non-linear way. This causes a significant deviation from classic game theory, in which utility functions are linear with respect to players' strategies. Hence, a key contribution of this paper is the establishment of the foundations of information leakage games. We consider two kinds of games, depending on the notion of leakage considered. The first kind, the QIF-games, is tailored for the theory of quantitative information flow (QIF). The second one, the DP-games, corresponds to differential privacy (DP).

Cryptography and Security,Artificial Intelligence,Computer Science and Game Theory,Information Theory,Theoretical Economics

Mohammad Amin Zarrabian,Parastoo Sadeghi

2024-09-06

Abstract:In this paper, we extend the framework of quantitative information flow (QIF) to include adversaries that use Kolmogorov-Nagumo $f$-mean to infer secrets of a private system. Specifically, in our setting, an adversary uses Kolmogorov-Nagumo $f$-mean to compute its best actions before and after observing the system's randomized outputs. This leads to generalized notions of prior and posterior vulnerability and generalized axiomatic relations that we will derive to elucidate how these $f$-mean based vulnerabilities interact with each other. We demonstrate usefulness of this framework by showing how some notions of leakage that had been derived outside of the QIF framework and so far seemed incompatible with it are indeed explainable via such extension of QIF. These leakage measures include $\alpha$-leakage, which is the same as Arimoto mutual information of order $\alpha$, maximal $\alpha$-leakage which is the $\alpha$-leakage capacity, and $(\alpha,\beta)$ leakage, which is a generalization of the above and captures local differential privacy as a special case. We also propose a new pointwise notion of gain function, which we coin pointwise information gain. We show that this pointwise information gain can explain Réyni divergence and Sibson mutual information of order $\alpha \in [0,\infty]$ as the Kolmogorov-Nagumo average of the gain with a proper choice of function $f$.

Information Theory

Donghong Sun,Yunchuan Guo,Lihua Yin,Changzhen Hu

2012-01-01

Abstract:Quantifying implicit information leakage is important, especially for fully probabilistic systems (FPS). Although many quantitative methods have been proposed (including methods based on mutual information, on a-mutual information, on relative entropy and on pure probability, etc.), there has been little work analyzing their consistency and accuracy. In order to perform this analysis, these methods must be modeled with a uniform approach. In this paper, a light probabilistic process algebra (PPA-Lite) is presented, and some existing quantitative methods are uniformly characterized by using PPA-Lite. Further, their relationships are analyzed by proof and simulation, respectively. The results show that (1) most of methods concur in determining whether information is leaked; (2) the method based on (alpha-) mutual information is the most accurate if the distribution of the sent information is known. If not, the method based on relative entropy is the most accurate.

Utkarsh Gupta,Hessam Mahdavifar

2024-05-08

Abstract:Secret sharing is an instrumental tool for sharing secret keys in distributed systems. In a classical threshold setting, this involves a dealer who has a secret/key, a set of parties/users to which shares of the secret are sent, and a threshold on the number of users whose presence is needed in order to recover the secret. In secret sharing, secure links with no leakage are often assumed between the involved parties. However, when the users are nodes in a communication network and all the links are physical links, e.g., wireless, such assumptions are not valid anymore. In order to study this critical problem, we propose a statistical leakage model of secret sharing, where some noisy versions of all the secret shares might be independently leaked to an adversary. We then study the resilience of the seminal Shamir's secret sharing scheme with statistical leakage, and bound certain measures of security (i.e., semantic security, mutual information security), given other parameters of the system including the amount of leakage from each secret share. We show that for an extreme scenario of Shamir's scheme, in particular when the underlying field characteristic is $2$, the security of each bit of the secret against leakage improves exponentially with the number of users. To the best of our knowledge, this is the first attempt towards understanding secret sharing under general statistical noisy leakage.

Information Theory

David Glukhov,Ziwen Han,Ilia Shumailov,Vardan Papyan,Nicolas Papernot

2024-10-31

Abstract:Vulnerability of Frontier language models to misuse and jailbreaks has prompted the development of safety measures like filters and alignment training in an effort to ensure safety through robustness to adversarially crafted prompts. We assert that robustness is fundamentally insufficient for ensuring safety goals, and current defenses and evaluation methods fail to account for risks of dual-intent queries and their composition for malicious goals. To quantify these risks, we introduce a new safety evaluation framework based on impermissible information leakage of model outputs and demonstrate how our proposed question-decomposition attack can extract dangerous knowledge from a censored LLM more effectively than traditional jailbreaking. Underlying our proposed evaluation method is a novel information-theoretic threat model of inferential adversaries, distinguished from security adversaries, such as jailbreaks, in that success is measured by inferring impermissible knowledge from victim outputs as opposed to forcing explicitly impermissible outputs from the victim. Through our information-theoretic framework, we show that to ensure safety against inferential adversaries, defense mechanisms must ensure information censorship, bounding the leakage of impermissible information. However, we prove that such defenses inevitably incur a safety-utility trade-off.

Cryptography and Security,Artificial Intelligence,Computers and Society

Sari Haj Hussein

DOI: https://doi.org/10.48550/arXiv.1206.5487

2012-06-24

Cryptography and Security

Abstract:Dempster-Shafer theory of imprecise probabilities has proved useful to incorporate both nonspecificity and conflict uncertainties in an inference mechanism. The traditional Bayesian approach cannot differentiate between the two, and is unable to handle non-specific, ambiguous, and conflicting information without making strong assumptions. This paper presents a generalization of a recent Bayesian-based method of quantifying information flow in Dempster-Shafer theory. The generalization concretely enhances the original method removing all its weaknesses that are highlighted in this paper. In so many words, our generalized method can handle any number of secret inputs to a program, it enables the capturing of an attacker's beliefs in all kinds of sets (singleton or not), and it supports a new and precise quantitative information flow measure whose reported flow results are plausible in that they are bounded by the size of a program's secret input, and can be easily associated with the exhaustive search effort needed to uncover a program's secret information, unlike the results reported by the original metric.