3,747 research outputs found
Anonymity Protocols as Noisy Channels
International audienceWe consider a framework in which anonymity protocols are interpreted as noisy channels in the information-theoretic sense, and we explore the idea of using the notion of capacity as a measure of the loss of anonymity. Such idea was already suggested by Moskowitz, Newman and Syverson, in their analysis of the covert channel that can be created as a result of non-perfect anonymity. We consider the case in which some leak of information is intended by design, and we introduce the notion of conditional capacity to rule out this factor, thus retrieving a natural correspondence with the notion of anonymity. Furthermore, we show how to compute the capacity and the conditional capacity when the anonymity protocol satisfies certain symmetries. We also investigate how the adversary can test the system to try to infer the user's identity, and we study how his probability of success depends on the characteristics of the channel. We then illustrate how various notions of anonymity can be expressed in this framework, and show the relation with some definitions of probabilistic anonymity in literature. Finally, we show how to compute the matrix of the channel (and hence the capacity and conditional capacity) using model checking
Studying Maximum Information Leakage Using Karush-Kuhn-Tucker Conditions
When studying the information leakage in programs or protocols, a natural
question arises: "what is the worst case scenario?". This problem of
identifying the maximal leakage can be seen as a channel capacity problem in
the information theoretical sense. In this paper, by combining two powerful
theories: Information Theory and Karush-Kuhn-Tucker conditions, we demonstrate
a very general solution to the channel capacity problem. Examples are given to
show how our solution can be applied to practical contexts of programs and
anonymity protocols, and how this solution generalizes previous approaches to
this problem
Asymptotic information leakage under one-try attacks
We study the asymptotic behaviour of (a) information leakage and (b) adversary’s error probability in information hiding systems modelled as noisy channels. Specifically, we assume the attacker can make a single guess after observing n independent executions of the system, throughout which the secret information is kept fixed. We show that the asymptotic behaviour of quantities (a) and (b) can be determined in a simple way from the channel matrix. Moreover, simple and tight bounds on them as functions of n show that the convergence is exponential. We also discuss feasible methods to evaluate the rate of convergence. Our results cover both the Bayesian case, where a prior probability distribution on the secrets is assumed known to the attacker, and the maximum-likelihood case, where the attacker does not know such distribution. In the Bayesian case, we identify the distributions that maximize the leakage. We consider both the min-entropy setting studied by Smith and the additive form recently proposed by Braun et al., and show the two forms do agree asymptotically. Next, we extend these results to a more sophisticated eavesdropping scenario, where the attacker can perform a (noisy) observation at each state of the computation and the systems are modelled as hidden Markov models
How to Work with Honest but Curious Judges? (Preliminary Report)
The three-judges protocol, recently advocated by Mclver and Morgan as an
example of stepwise refinement of security protocols, studies how to securely
compute the majority function to reach a final verdict without revealing each
individual judge's decision. We extend their protocol in two different ways for
an arbitrary number of 2n+1 judges. The first generalisation is inherently
centralised, in the sense that it requires a judge as a leader who collects
information from others, computes the majority function, and announces the
final result. A different approach can be obtained by slightly modifying the
well-known dining cryptographers protocol, however it reveals the number of
votes rather than the final verdict. We define a notion of conditional
anonymity in order to analyse these two solutions. Both of them have been
checked in the model checker MCMAS
Anonymous transmission in a noisy quantum network using the W state
We consider the task of anonymously transmitting a quantum message in a
network. We present a protocol that accomplishes this task using the W state
and we analyze its performance in a quantum network where some form of noise is
present. We then compare the performance of our protocol with some of the
existing protocols developed for the task of anonymous transmission. We show
that, in many regimes, our protocol tolerates more noise and achieves higher
fidelities of the transmitted quantum message than the other ones. Furthermore,
we demonstrate that our protocol tolerates one non-responsive node. We prove
the security of our protocol in a semi-active adversary scenario, meaning that
we consider an active adversary and a trusted source.Comment: 9 + 12 pages, 9 figure
Differential Privacy versus Quantitative Information Flow
Differential privacy is a notion of privacy that has become very popular in
the database community. Roughly, the idea is that a randomized query mechanism
provides sufficient privacy protection if the ratio between the probabilities
of two different entries to originate a certain answer is bound by e^\epsilon.
In the fields of anonymity and information flow there is a similar concern for
controlling information leakage, i.e. limiting the possibility of inferring the
secret information from the observables. In recent years, researchers have
proposed to quantify the leakage in terms of the information-theoretic notion
of mutual information. There are two main approaches that fall in this
category: One based on Shannon entropy, and one based on R\'enyi's min entropy.
The latter has connection with the so-called Bayes risk, which expresses the
probability of guessing the secret. In this paper, we show how to model the
query system in terms of an information-theoretic channel, and we compare the
notion of differential privacy with that of mutual information. We show that
the notion of differential privacy is strictly stronger, in the sense that it
implies a bound on the mutual information, but not viceversa
Probability of Error in Information-Hiding Protocols
International audienceRandomized protocols for hiding private information can fruitfully be regarded as noisy channels in the information-theoretic sense, and the inference of the concealed information can be regarded as a hypothesis-testing problem. We consider the Bayesian approach to the problem, and investigate the probability of error associated to the inference when the MAP (Maximum Aposteriori Probability) decision rule is adopted. Our main result is a constructive characterization of a convex base of the probability of error, which allows us to compute its maximum value (over all possible input distributions), and to identify upper bounds for it in terms of simple functions. As a side result, we are able to improve substantially the Hellman-Raviv and the Santhi-Vardy bounds expressed in terms of conditional entropy. We then discuss an application of our methodology to the Crowds protocol, and in particular we show how to compute the bounds on the probability that an adversary breaks anonymity
- …