On the relation between Differential Privacy and Quantitative Information Flow

Differential privacy is a notion that has emerged in the community of statistical databases, as a response to the problem of protecting the privacy of the database's participants when performing statistical queries. The idea is that a randomized query satisfies differential privacy if the likelihood of obtaining a certain answer for a database $x$ is not too different from the likelihood of obtaining the same answer on adjacent databases, i.e. databases which differ from $x$ for only one individual. Information flow is an area of Security concerned with the problem of controlling the leakage of confidential information in programs and protocols. Nowadays, one of the most established approaches to quantify and to reason about leakage is based on the R\'enyi min entropy version of information theory. In this paper, we analyze critically the notion of differential privacy in light of the conceptual framework provided by the R\'enyi min information theory. We show that there is a close relation between differential privacy and leakage, due to the graph symmetries induced by the adjacency relation. Furthermore, we consider the utility of the randomized answer, which measures its expected degree of accuracy. We focus on certain kinds of utility functions called "binary", which have a close correspondence with the R\'enyi min mutual information. Again, it turns out that there can be a tight correspondence between differential privacy and utility, depending on the symmetries induced by the adjacency relation and by the query. Depending on these symmetries we can also build an optimal-utility randomization mechanism while preserving the required level of differential privacy. Our main contribution is a study of the kind of structures that can be induced by the adjacency relation and the query, and how to use them to derive bounds on the leakage and achieve the optimal utility

Joint Relay Selection and Power Allocation in Large-Scale MIMO Systems with Untrusted Relays and Passive Eavesdroppers

In this paper, a joint relay selection and power allocation (JRP) scheme is proposed to enhance the physical layer security of a cooperative network, where a multiple antennas source communicates with a single-antenna destination in presence of untrusted relays and passive eavesdroppers (Eves). The objective is to protect the data confidentially while concurrently relying on the untrusted relays as potential Eves to improve both the security and reliability of the network. To realize this objective, we consider cooperative jamming performed by the destination while JRP scheme is implemented. With the aim of maximizing the instantaneous secrecy rate, we derive a new closed-form solution for the optimal power allocation and propose a simple relay selection criterion under two scenarios of non-colluding Eves (NCE) and colluding Eves (CE). For the proposed scheme, a new closed-form expression is derived for the ergodic secrecy rate (ESR) and the secrecy outage probability as security metrics, and a new closed-form expression is presented for the average symbol error rate (SER) as a reliability measure over Rayleigh fading channels. We further explicitly characterize the high signal-to-noise ratio slope and power offset of the ESR to highlight the impacts of system parameters on the ESR. In addition, we examine the diversity order of the proposed scheme to reveal the achievable secrecy performance advantage. Finally, the secrecy and reliability diversity-multiplexing tradeoff of the optimized network are provided. Numerical results highlight that the ESR performance of the proposed JRP scheme for NCE and CE cases is increased with respect to the number of untrustworthy relays.Comment: 18 pages, 10 figures, IEEE Transactions on Information Forensics and Security (In press

Composable security proof for continuous-variable quantum key distribution with coherent states

We give the first composable security proof for continuous-variable quantum key distribution with coherent states against collective attacks. Crucially, in the limit of large blocks the secret key rate converges to the usual value computed from the Holevo bound. Combining our proof with either the de Finetti theorem or the Postselection technique then shows the security of the protocol against general attacks, thereby confirming the long-standing conjecture that Gaussian attacks are optimal asymptotically in the composable security framework. We expect that our parameter estimation procedure, which does not rely on any assumption, will find applications elsewhere, for instance for the reliable quantification of continuous-variable entanglement in finite-size settings.Comment: 27 pages, 1 figure. v2: added a version of the AEP valid for conditional state