Julien Béguinot,Olivier Rioul

2024-01-30

Abstract:We leverage the Gibbs inequality and its natural generalization to Rényi entropies to derive closed-form parametric expressions of the optimal lower bounds of $\rho$th-order guessing entropy (guessing moment) of a secret taking values on a finite set, in terms of the Rényi-Arimoto $\alpha$-entropy. This is carried out in an non-asymptotic regime when side information may be available. The resulting bounds yield a theoretical solution to a fundamental problem in side-channel analysis: Ensure that an adversary will not gain much guessing advantage when the leakage information is sufficiently weakened by proper countermeasures in a given cryptographic implementation. Practical evaluation for classical leakage models show that the proposed bounds greatly improve previous ones for analyzing the capability of an adversary to perform side-channel attacks.

Information Theory

Gowtham R. Kurri,Malhar Managoli,Vinod M. Prabhakaran

2024-05-04

Abstract:We introduce the study of information leakage through \emph{guesswork}, the minimum expected number of guesses required to guess a random variable. In particular, we define \emph{maximal guesswork leakage} as the multiplicative decrease, upon observing $Y$, of the guesswork of a randomized function of $X$, maximized over all such randomized functions. We also study a pointwise form of the leakage which captures the leakage due to the release of a single realization of $Y$. We also study these two notions of leakage with oblivious (or memoryless) guessing. We obtain closed-form expressions for all these leakage measures, with the exception of one. Specifically, we are able to obtain closed-form expression for maximal guesswork leakage for the binary erasure source only; deriving expressions for arbitrary sources appears challenging. Some of the consequences of our results are -- a connection between guesswork and differential privacy and a new operational interpretation to maximal $\alpha$-leakage in terms of guesswork.

Information Theory

Bingzhe Wu,Zhicong Liang,Yatao Bian,ChaoChao Chen,Junzhou Huang,Yuan Yao

2021-01-01

Abstract:Recently, generalization bounds of the non-convex empirical risk minimization paradigm using Stochastic Gradient Langevin Dynamics (SGLD) have been extensively studied. Several theoretical frameworks have been presented to study this problem from different perspectives, such as information theory and stability. In this paper, we present a unified view from privacy leakage analysis to investigate the generalization bounds of SGLD, along with a theoretical framework for re-deriving previous results in a succinct manner. Aside from theoretical findings, we conduct various numerical studies to empirically assess the information leakage issue of SGLD. Additionally, our theoretical and empirical results provide explanations for prior works that study the membership privacy of SGLD.

Arman Rezaee,Ahmad Beirami,Ali Makhdoumi,Muriel Medard,Ken Duffy

DOI: https://doi.org/10.48550/arXiv.1712.09082

2017-12-25

Information Theory

Abstract:We consider an abstraction of computational security in password protected systems where a user draws a secret string of given length with i.i.d. characters from a finite alphabet, and an adversary would like to identify the secret string by querying, or guessing, the identity of the string. The concept of a "total entropy budget" on the chosen word by the user is natural, otherwise the chosen password would have arbitrary length and complexity. One intuitively expects that a password chosen from the uniform distribution is more secure. This is not the case, however, if we are considering only the average guesswork of the adversary when the user is subject to a total entropy budget. The optimality of the uniform distribution for the user's secret string holds when we have also a budget on the guessing adversary. We suppose that the user is subject to a "total entropy budget" for choosing the secret string, whereas the computational capability of the adversary is determined by his "total guesswork budget." We study the regime where the adversary's chances are exponentially small in guessing the secret string chosen subject to a total entropy budget. We introduce a certain notion of uniformity and show that a more uniform source will provide better protection against the adversary in terms of his chances of success in guessing the secret string. In contrast, the average number of queries that it takes the adversary to identify the secret string is smaller for the more uniform secret string subject to the same total entropy budget.

Julien Béguinot,Yi Liu,Olivier Rioul,Wei Cheng,Sylvain Guilley

2023-05-11

Abstract:A common countermeasure against side-channel attacks on secret key cryptographic implementations is $d$th-order masking, which splits each sensitive variable into $d+1$ random shares. In this paper, maximal leakage bounds on the probability of success of any side-channel attack are derived for any masking order. Maximal leakage (Sibson's information of order infinity) is evaluated between the sensitive variable and the noisy leakage, and is related to the conditional ``min-entropy'' (Arimoto's entropy of order infinity) of the sensitive variable given the leakage. The latter conditional entropy is then lower-bounded in terms of the conditional entropies for each share using majorization inequalities. This yields a generalization of Mrs. Gerber's lemma for min-entropy in finite Abelian groups.

Information Theory,Cryptography and Security

Sophie Taylor,Praneeth Kumar Vippathalla,Justin P. Coon

2024-09-20

Abstract:Information theoretic leakage metrics quantify the amount of information about a private random variable $X$ that is leaked through a correlated revealed variable $Y$. They can be used to evaluate the privacy of a system in which an adversary, from whom we want to keep $X$ private, is given access to $Y$. Global information theoretic leakage metrics quantify the overall amount of information leaked upon observing $Y$, whilst their pointwise counterparts define leakage as a function of the particular realisation $y$ that the adversary sees, and thus can be viewed as random variables. We consider an adversary who observes a large number of independent identically distributed realisations of $Y$. We formalise the essential asymptotic behaviour of an information theoretic leakage metric, considering in turn what this means for pointwise and global metrics. With the resulting requirements in mind, we take an axiomatic approach to defining a set of pointwise leakage metrics, as well as a set of global leakage metrics that are constructed from them. The global set encompasses many known measures including mutual information, Sibson mutual information, Arimoto mutual information, maximal leakage, min entropy leakage, $f$-divergence metrics, and g-leakage. We prove that both sets follow the desired asymptotic behaviour. Finally, we derive composition theorems which quantify the rate of privacy degradation as an adversary is given access to a large number of independent observations of $Y$. It is found that, for both pointwise and global metrics, privacy degrades exponentially with increasing observations for the adversary, at a rate governed by the minimum Chernoff information between distinct conditional channel distributions. This extends the work of Wu et al. (2024), who have previously found this to be true for certain known metrics, including some that fall into our more general set.

Information Theory

MHR Khouzani,Pasquale Malacaria

DOI: https://doi.org/10.48550/arXiv.1811.09652

2018-11-23

Information Theory

Abstract:We introduce a novel generalization of entropy and conditional entropy from which most definitions from the literature can be derived as particular cases. Within this general framework, we investigate the problem of designing countermeasures for information leakage. In particular, we seek metric-invariant solutions, i.e., they are robust against the choice of entropy for quantifying the leakage. The problem can be modelled as an information channel from the system to an adversary, and the countermeasures can be seen as modifying this channel in order to minimise the amount of information that the outputs reveal about the inputs. Our main result is to fully solve the problem under the highly symmetrical design constraint that the number of inputs that can produce the same output is capped. Our proof is constructive and the optimal channels and the minimum leakage are derived in closed form.

Benjamin Wu,Aaron B. Wagner,G. Edward Suh

DOI: https://doi.org/10.48550/arXiv.2004.08035

2020-04-17

Information Theory

Abstract:Side channels represent a broad class of security vulnerabilities that have been demonstrated to exist in many applications. Because completely eliminating side channels often leads to prohibitively high overhead, there is a need for a principled trade-off between cost and leakage. In this paper, we make a case for the use of maximal leakage to analyze such trade-offs. Maximal leakage is an operationally interpretable leakage metric designed for side channels. We present the most useful theoretical properties of maximal leakage from previous work and demonstrate empirically that conventional metrics such as mutual information and channel capacity underestimate the threat posed by side channels whereas maximal leakage does not. We also study the cost-leakage trade-off as an optimization problem using maximal leakage. We demonstrate that not only can this problem be represented as a linear program, but also that optimal protection can be achieved using a combination of at most two deterministic schemes.

Gowtham R. Kurri,Lalitha Sankar,Oliver Kosut

2023-12-07

Abstract:We introduce a \emph{gain function} viewpoint of information leakage by proposing \emph{maximal $g$-leakage}, a rich class of operationally meaningful leakage measures that subsumes recently introduced leakage measures -- {maximal leakage} and {maximal $\alpha$-leakage}. In maximal $g$-leakage, the gain of an adversary in guessing an unknown random variable is measured using a {gain function} applied to the probability of correctly guessing. In particular, maximal $g$-leakage captures the multiplicative increase, upon observing $Y$, in the expected gain of an adversary in guessing a randomized function of $X$, maximized over all such randomized functions. We also consider the scenario where an adversary can make multiple attempts to guess the randomized function of interest. We show that maximal leakage is an upper bound on maximal $g$-leakage under multiple guesses, for any non-negative gain function $g$. We obtain a closed-form expression for maximal $g$-leakage under multiple guesses for a class of concave gain functions. We also study maximal $g$-leakage measure for a specific class of gain functions related to the $\alpha$-loss. In particular, we first completely characterize the minimal expected $\alpha$-loss under multiple guesses and analyze how the corresponding leakage measure is affected with the number of guesses. Finally, we study two variants of maximal $g$-leakage depending on the type of adversary and obtain closed-form expressions for them, which do not depend on the particular gain function considered as long as it satisfies some mild regularity conditions. We do this by developing a variational characterization for the Rényi divergence of order infinity which naturally generalizes the definition of pointwise maximal leakage to incorporate arbitrary gain functions.

Information Theory

Zhuangfei Wu,Lin Bai,Lin Zhou

2024-04-18

Abstract:We study the successive refinement setting of Shannon cipher system (SCS) under the maximal leakage secrecy metric for discrete memoryless sources under bounded distortion measures. Specifically, we generalize the threat model for the point-to-point rate-distortion setting of Issa, Wagner and Kamath (T-IT 2020) to the multiterminal successive refinement setting. Under mild conditions that correspond to partial secrecy, we characterize the asymptotically optimal normalized maximal leakage region for both the joint excess-distortion probability (JEP) and the expected distortion reliability constraints. Under JEP, in the achievability part, we propose a type-based coding scheme, analyze the reliability guarantee for JEP and bound the leakage of the information source through compressed messages. In the converse part, by analyzing a guessing scheme of the eavesdropper, we prove the optimality of our achievability result. Under expected distortion, the achievability part is established similarly to the JEP counterpart. The converse proof proceeds by generalizing the corresponding results for the rate-distortion setting of SCS by Schieler and Cuff (T-IT 2014) to the successive refinement setting. Somewhat surprisingly, the normalized maximal leakage regions under both JEP and expected distortion constraints are identical under certain conditions, although JEP appears to be a stronger reliability constraint.

Information Theory

Ibrahim Issa,Amedeo Roberto Esposito,Michael Gastpar

2023-07-19

Abstract:We adopt an information-theoretic framework to analyze the generalization behavior of the class of iterative, noisy learning algorithms. This class is particularly suitable for study under information-theoretic metrics as the algorithms are inherently randomized, and it includes commonly used algorithms such as Stochastic Gradient Langevin Dynamics (SGLD). Herein, we use the maximal leakage (equivalently, the Sibson mutual information of order infinity) metric, as it is simple to analyze, and it implies both bounds on the probability of having a large generalization error and on its expected value. We show that, if the update function (e.g., gradient) is bounded in $L_2$-norm and the additive noise is isotropic Gaussian noise, then one can obtain an upper-bound on maximal leakage in semi-closed form. Furthermore, we demonstrate how the assumptions on the update function affect the optimal (in the sense of minimizing the induced maximal leakage) choice of the noise. Finally, we compute explicit tight upper bounds on the induced maximal leakage for other scenarios of interest.

Machine Learning,Information Theory

Emirhan Gürpınar

2023-10-19

Abstract:This paper is on developing some computer-assisted proof methods involving non-classical inequalities for Shannon entropy. Two areas of the applications of information inequalities are studied: Secret sharing schemes and hat guessing games. In the former a random secret value is transformed into shares distributed among several participants in such a way that only the qualified groups of participants can recover the secret value. In the latter each participant is assigned a hat colour and they try to guess theirs while seeing only some of the others'. The aim is to maximize the probability that every player guesses correctly, the optimal probability depends on the underlying sight graph. We use for both problems the method of non-Shannon-type information inequalities going back to Z. Zhang and R. W. Yeung. We employ the linear programming technique that allows to apply new information inequalities indirectly, without even writing them down explicitly. To reduce the complexity of the problems of linear programming involved in the bounds we extensively use symmetry considerations. Using these tools, we improve lower bounds on the ratio of key size to secret size for the former problem and an upper bound for one of the ten vertex graphs related to an open question by Riis for the latter problem.

Information Theory

Natan Ardimanov,Ofer Shayevitz,Itzhak Tamo

DOI: https://doi.org/10.48550/arXiv.1811.08528

2020-10-11

Abstract:We study a guessing game where Alice holds a discrete random variable $X$, and Bob tries to sequentially guess its value. Before the game begins, Bob can obtain side-information about $X$ by asking an oracle, Carole, any binary question of his choosing. Carole's answer is however unreliable, and is incorrect with probability $\epsilon$. We show that Bob should always ask Carole whether the index of $X$ is odd or even with respect to a descending order of probabilities -- this question simultaneously minimizes all the guessing moments for any value of $\epsilon$. In particular, this result settles a conjecture of Burin and Shayevitz. We further consider a more general setup where Bob can ask a multiple-choice $M$-ary question, and then observe Carole's answer through a noisy channel. When the channel is completely symmetric, i.e., when Carole decides whether to lie regardless of Bob's question and has no preference when she lies, a similar question about the ordered index of $X$ (modulo $M$) is optimal. Interestingly however, the problem of testing whether a given question is optimal appears to be generally difficult in other symmetric channels. We provide supporting evidence for this difficulty, by showing that a core property required in our proofs becomes NP-hard to test in the general $M$-ary case. We establish this hardness result via a reduction from the problem of testing whether a system of modular difference disequations has a solution, which we prove to be NP-hard for $M\geq 3$.

Discrete Mathematics,Information Theory,Combinatorics

Bao Trung Chu,Kenji Hashimoto,Hiroyuki Seki

DOI: https://doi.org/10.1587/transinf.2019EDP7132

2019-03-09

Abstract:A program is non-interferent if it leaks no secret information to an observable output. However, non-interference is too strict in many practical cases and quantitative information flow (QIF) has been proposed and studied in depth. Originally, QIF is defined as the average of leakage amount of secret information over all executions of a program. However, a vulnerable program that has executions leaking the whole secret but has the small average leakage could be considered as secure. This counter-intuition raises a need for a new definition of information leakage of a particular run, i.e., dynamic leakage. As discussed in [5], entropy-based definitions do not work well for quantifying information leakage dynamically; Belief-based definition on the other hand is appropriate for deterministic programs, however, it is not appropriate for probabilistic ones. In this paper, we propose new simple notions of dynamic leakage based on entropy which are compatible with existing QIF definitions for deterministic programs, and yet reasonable for probabilistic programs in the sense of [5]. We also investigated the complexity of computing the proposed dynamic leakage for three classes of Boolean programs. We also implemented a tool for QIF calculation using model counting tools for Boolean formulae. Experimental results on popular benchmarks of QIF research show the flexibility of our framework. Finally, we discuss the improvement of performance and scalability of the proposed method as well as an extension to more general cases.

Cryptography and Security

Farhad Farokhi,Sejeong Kim

2024-03-18

Abstract:Gentle quantum leakage is proposed as a measure of information leakage to arbitrary eavesdroppers that aim to avoid detection. Gentle (also sometimes referred to as weak or non-demolition) measurements are used to encode the desire of the eavesdropper to evade detection. The gentle quantum leakage meets important axioms proposed for measures of information leakage including positivity, independence, and unitary invariance. Global depolarizing noise, an important family of physical noise in quantum devices, is shown to reduce gentle quantum leakage (and hence can be used as a mechanism to ensure privacy or security). A lower bound for the gentle quantum leakage based on asymmetric approximate cloning is presented. This lower bound relates information leakage to mutual incompatibility of quantum states. A numerical example, based on the encoding in the celebrated BB84 quantum key distribution algorithm, is used to demonstrate the results.

Quantum Physics,Cryptography and Security,Information Theory,Systems and Control

Shuaiqi Wang,Zinan Lin,Giulia Fanti

2024-11-28

Abstract:We introduce a privacy measure called statistic maximal leakage that quantifies how much a privacy mechanism leaks about a specific secret, relative to the adversary's prior information about that secret. Statistic maximal leakage is an extension of the well-known maximal leakage. Unlike maximal leakage, which protects an arbitrary, unknown secret, statistic maximal leakage protects a single, known secret. We show that statistic maximal leakage satisfies composition and post-processing properties. Additionally, we show how to efficiently compute it in the special case of deterministic data release mechanisms. We analyze two important mechanisms under statistic maximal leakage: the quantization mechanism and randomized response. We show theoretically and empirically that the quantization mechanism achieves better privacy-utility tradeoffs in the settings we study.

Information Theory

Mohammad Amin Zarrabian,Parastoo Sadeghi

2024-09-06

Abstract:In this paper, we extend the framework of quantitative information flow (QIF) to include adversaries that use Kolmogorov-Nagumo $f$-mean to infer secrets of a private system. Specifically, in our setting, an adversary uses Kolmogorov-Nagumo $f$-mean to compute its best actions before and after observing the system's randomized outputs. This leads to generalized notions of prior and posterior vulnerability and generalized axiomatic relations that we will derive to elucidate how these $f$-mean based vulnerabilities interact with each other. We demonstrate usefulness of this framework by showing how some notions of leakage that had been derived outside of the QIF framework and so far seemed incompatible with it are indeed explainable via such extension of QIF. These leakage measures include $\alpha$-leakage, which is the same as Arimoto mutual information of order $\alpha$, maximal $\alpha$-leakage which is the $\alpha$-leakage capacity, and $(\alpha,\beta)$ leakage, which is a generalization of the above and captures local differential privacy as a special case. We also propose a new pointwise notion of gain function, which we coin pointwise information gain. We show that this pointwise information gain can explain Réyni divergence and Sibson mutual information of order $\alpha \in [0,\infty]$ as the Kolmogorov-Nagumo average of the gain with a proper choice of function $f$.

Information Theory

Shaochen Wang,Yangchun Zhang

DOI: https://doi.org/10.1016/j.spl.2024.110042

IF: 0.718

2024-04-01

Statistics & Probability Letters

Abstract:In this paper, we establish a moderate deviation principle for the logarithm of guesswork, which was initially studied by Massey to quantify the number of guesses needed to ascertain a discrete random variable. Our approach is based on an asymptotic analysis for Perron–Frobenius eigenvalue of some perturbed matrix and several moments estimates bounds for guesswork.

statistics & probability

Shota Saito

2023-12-27

Abstract:This paper deals with the problem of soft guessing under log-loss distortion (logarithmic loss) that was recently investigated by [Wu and Joudeh, IEEE ISIT, pp. 466--471, 2023]. We extend this problem to soft guessing allowing errors, i.e., at each step, a guesser decides whether to stop the guess or not with some probability and if the guesser stops guessing, then the guesser declares an error. We show that the minimal expected value of the cost of guessing under the constraint of the error probability is characterized by the smooth Rényi entropy. Furthermore, we carry out an asymptotic analysis for a stationary and memoryless source.

Information Theory

Farhad Farokhi

DOI: https://doi.org/10.1098/rspa.2024.0319

2024-12-05

Proceedings of the Royal Society A Mathematical Physical and Engineering Sciences

Abstract:Barycentric and pairwise quantum Rényi leakages are proposed as two measures of information leakage for privacy and security analysis in quantum computing and communication systems. These quantities both require minimal assumptions on the eavesdropper, i.e. they do not make any assumptions on the eavesdropper’s attack strategy or the statistical prior on the secret or private classical data encoded in the quantum system. They also satisfy important properties of positivity, independence, post-processing inequality and unitary invariance. The barycentric quantum Rényi leakage can be computed by solving a semi-definite program; the pairwise quantum Rényi leakage possesses an explicit formula. The barycentric and pairwise quantum Rényi leakages form upper bounds on the maximal quantum leakage, the sandwiched quantum α -mutual information, the accessible information and the Holevo’s information. Furthermore, differentially private quantum channels are shown to bound these measures of information leakage. Global and local depolarizing channels, that are common models of noise in quantum computing and communication, restrict private or secure information leakage. Finally, a privacy-utility trade-off formula in quantum machine learning using variational circuits is developed. The privacy guarantees can only be strengthened, i.e. information leakage can only be reduced, if the performance degradation grows larger and vice versa .

multidisciplinary sciences