20 research outputs found
Quantifying Information Leakage in Finite Order Deterministic Programs
Information flow analysis is a powerful technique for reasoning about the
sensitive information exposed by a program during its execution. While past
work has proposed information theoretic metrics (e.g., Shannon entropy,
min-entropy, guessing entropy, etc.) to quantify such information leakage, we
argue that some of these measures not only result in counter-intuitive measures
of leakage, but also are inherently prone to conflicts when comparing two
programs P1 and P2 -- say Shannon entropy predicts higher leakage for program
P1, while guessing entropy predicts higher leakage for program P2. This paper
presents the first attempt towards addressing such conflicts and derives
solutions for conflict-free comparison of finite order deterministic programs.Comment: 14 pages, 1 figure. A shorter version of this paper is submitted to
ICC 201
LIBQIF: a quantitative information flow C++ toolkit library
A fundamental concern in computer security is to control information ow, whether to protect con dential information from being leaked, or to protect trusted information from being tainted. A classic approach is to try to enforce non-interference. Unfortunately, achieving non-interference is often not possible, because often there is a correlation between secrets and observables, either by design or due to some physical feature of the computation (side channels). One promising approach to relaxing noninterference, is to develop a quantitative theory of information ow that allows us to reason about how much information is being leaked, thus paving the way to the possibility of tolerating small leaks.
In this work, we aim at developing a quantitative information ow C++ toolkit library, implementing several algorithms from the areas of QIF (more speci cally from four theories: Shannon Entropy, Min-Entropy, Guessing Entropy and G-Leakage) and Di erential Privacy. The library can be used by academics to facilitate research in these areas, as well as by students as a learning tool. A primary use of the library is to compute QIF measures as well as to generate plots, useful for understanding their behavior. Moreover, the library allows users to compute optimal di erentially private mechanisms, compare the utility of known mechanisms, compare the leakage of channels, compute gain functions that separate channels, and various other functionalities related to QIF.Trabajo final de carreraSociedad Argentina de Informática e Investigación Operativa (SADIO
LIBQIF: a quantitative information flow C++ toolkit library
A fundamental concern in computer security is to control information ow, whether to protect con dential information from being leaked, or to protect trusted information from being tainted. A classic approach is to try to enforce non-interference. Unfortunately, achieving non-interference is often not possible, because often there is a correlation between secrets and observables, either by design or due to some physical feature of the computation (side channels). One promising approach to relaxing noninterference, is to develop a quantitative theory of information ow that allows us to reason about how much information is being leaked, thus paving the way to the possibility of tolerating small leaks.
In this work, we aim at developing a quantitative information ow C++ toolkit library, implementing several algorithms from the areas of QIF (more speci cally from four theories: Shannon Entropy, Min-Entropy, Guessing Entropy and G-Leakage) and Di erential Privacy. The library can be used by academics to facilitate research in these areas, as well as by students as a learning tool. A primary use of the library is to compute QIF measures as well as to generate plots, useful for understanding their behavior. Moreover, the library allows users to compute optimal di erentially private mechanisms, compare the utility of known mechanisms, compare the leakage of channels, compute gain functions that separate channels, and various other functionalities related to QIF.Trabajo final de carreraSociedad Argentina de Informática e Investigación Operativa (SADIO
LIBQIF: a quantitative information flow C++ toolkit library
A fundamental concern in computer security is to control information ow, whether to protect con dential information from being leaked, or to protect trusted information from being tainted. A classic approach is to try to enforce non-interference. Unfortunately, achieving non-interference is often not possible, because often there is a correlation between secrets and observables, either by design or due to some physical feature of the computation (side channels). One promising approach to relaxing noninterference, is to develop a quantitative theory of information ow that allows us to reason about how much information is being leaked, thus paving the way to the possibility of tolerating small leaks.
In this work, we aim at developing a quantitative information ow C++ toolkit library, implementing several algorithms from the areas of QIF (more speci cally from four theories: Shannon Entropy, Min-Entropy, Guessing Entropy and G-Leakage) and Di erential Privacy. The library can be used by academics to facilitate research in these areas, as well as by students as a learning tool. A primary use of the library is to compute QIF measures as well as to generate plots, useful for understanding their behavior. Moreover, the library allows users to compute optimal di erentially private mechanisms, compare the utility of known mechanisms, compare the leakage of channels, compute gain functions that separate channels, and various other functionalities related to QIF.Trabajo final de carreraSociedad Argentina de Informática e Investigación Operativa (SADIO
Naturally Rehearsing Passwords
We introduce quantitative usability and security models to guide the design of \emph{password
management schemes} --- systematic strategies to help users create and remember multiple
passwords. In the same way that security proofs in cryptography are based on
complexity-theoretic assumptions (e.g., hardness of factoring and discrete logarithm), we quantify
usability by introducing \emph{usability assumptions}. In particular, password management relies
on assumptions about human memory, e.g., that a user who follows a particular rehearsal
schedule will successfully maintain the corresponding memory. These assumptions are informed by research in cognitive science and can be tested empirically. Given rehearsal requirements and a user\u27s
visitation schedule for each account, we use the total number of extra rehearsals that
the user would have to do to remember all of his passwords as a measure of the usability of
the password scheme. Our usability model leads us to a key observation: password reuse benefits users not only by reducing the number of passwords that the user has to memorize, but more importantly by increasing the natural rehearsal rate for each password. We also present a security model which accounts for the complexity of password
management with multiple accounts and associated threats,
including online, offline, and plaintext password leak attacks. Observing that current
password management schemes are either insecure or unusable, we present Shared Cues--- a new scheme in which the underlying secret is strategically
shared across accounts to ensure that most rehearsal requirements are satisfied naturally while
simultaneously providing strong security. The construction uses the Chinese Remainder Theorem to achieve these competing goals
Naturally Rehearsing Passwords
We introduce quantitative usability and security models to guide the design
of password management schemes --- systematic strategies to help users create
and remember multiple passwords. In the same way that security proofs in
cryptography are based on complexity-theoretic assumptions (e.g., hardness of
factoring and discrete logarithm), we quantify usability by introducing
usability assumptions. In particular, password management relies on assumptions
about human memory, e.g., that a user who follows a particular rehearsal
schedule will successfully maintain the corresponding memory. These assumptions
are informed by research in cognitive science and validated through empirical
studies. Given rehearsal requirements and a user's visitation schedule for each
account, we use the total number of extra rehearsals that the user would have
to do to remember all of his passwords as a measure of the usability of the
password scheme. Our usability model leads us to a key observation: password
reuse benefits users not only by reducing the number of passwords that the user
has to memorize, but more importantly by increasing the natural rehearsal rate
for each password. We also present a security model which accounts for the
complexity of password management with multiple accounts and associated
threats, including online, offline, and plaintext password leak attacks.
Observing that current password management schemes are either insecure or
unusable, we present Shared Cues--- a new scheme in which the underlying secret
is strategically shared across accounts to ensure that most rehearsal
requirements are satisfied naturally while simultaneously providing strong
security. The construction uses the Chinese Remainder Theorem to achieve these
competing goals