Probable Innocence Revisited

International audienceOften we wish to ensure that the identity of the user performing a certain action is maintained secret. This property is called anonymity. Examples of situations in which we may wish to provide anonymity include: publishing on the web, retrieving information from the web, sending a message, etc. Many protocols have been designed for this purpose, for example, Crowds [15], Onion Routing [23], the Free Haven [7], Web MIX [1] and Freenet [4]

Asymptotic information leakage under one-try attacks

We study the asymptotic behaviour of (a) information leakage and (b) adversary’s error probability in information hiding systems modelled as noisy channels. Specifically, we assume the attacker can make a single guess after observing n independent executions of the system, throughout which the secret information is kept fixed. We show that the asymptotic behaviour of quantities (a) and (b) can be determined in a simple way from the channel matrix. Moreover, simple and tight bounds on them as functions of n show that the convergence is exponential. We also discuss feasible methods to evaluate the rate of convergence. Our results cover both the Bayesian case, where a prior probability distribution on the secrets is assumed known to the attacker, and the maximum-likelihood case, where the attacker does not know such distribution. In the Bayesian case, we identify the distributions that maximize the leakage. We consider both the min-entropy setting studied by Smith and the additive form recently proposed by Braun et al., and show the two forms do agree asymptotically. Next, we extend these results to a more sophisticated eavesdropping scenario, where the attacker can perform a (noisy) observation at each state of the computation and the systems are modelled as hidden Markov models

Trust in Crowds: probabilistic behaviour in anonymity protocols

The existing analysis of the Crowds anonymity protocol assumes that a participating member is either ‘honest’ or ‘corrupted’. This paper generalises this analysis so that each member is assumed to maliciously disclose the identity of other nodes with a probability determined by her vulnerability to corruption. Within this model, the trust in a principal is defined to be the probability that she behaves honestly. We investigate the effect of such a probabilistic behaviour on the anonymity of the principals participating in the protocol, and formulate the necessary conditions to achieve ‘probable innocence’. Using these conditions, we propose a generalised Crowds-Trust protocol which uses trust information to achieves ‘probable innocence’ for principals exhibiting probabilistic behaviour

Compositionality Results for Quantitative Information Flow

International audienceIn the min-entropy approach to quantitative information flow, the leakage is defined in terms of a minimization problem, which, in case of large systems, can be computationally rather heavy. The same happens for the recently proposed generalization called g-vulnerability. In this paper we study the case in which the channel associated to the system can be decomposed into simpler channels, which typically happens when the observables consist of several components. Our main contribution is the derivation of bounds on the g-leakage of the whole system in terms of the g-leakage of its components

Probabilistic Anonymity

The concept of anonymity comes into play in a wide range of situations, varying from voting and anonymous donations to postings on bulletin boards and sending mails. A formal definition of this concept has been given in literature in terms of nondeterminism. In this paper, we investigate a notion of anonymity based on probability theory, and we we discuss the relation with the nondeterministic one. We then formulate this definition in terms of observables for processes in the probabilistic $pi$-calculus, and propose a method to verify automatically the anonymity property. We illustrate the method by using the example of the dining cryptographers

Probabilistic Reachability for Parametric Markov Models

Abstract. Given a parametric Markov model, we consider the problem of computing the formula expressing the probability of reaching a given set of states. To attack this principal problem, Daws has suggested to first convert the Markov chain into a finite automaton, from which a regular expression is computed. Afterwards, this expression is evaluated to a closed form expression representing the reachability probability. This paper investigates how this idea can be turned into an effective procedure. It turns out that the bottleneck lies in an exponential growth of the regular expression relative to the number of states. We therefore proceed differently, by tightly intertwining the regular expression computation with its evaluation. This allows us to arrive at an effective method that avoids the exponential blow up in most practical cases. We give a detailed account of the approach, also extending to parametric models with rewards and with non-determinism. Experimental evidence is provided, illustrating that our implementation provides meaningful insights on non-trivial models.

Magnetic polarons in weakly doped high-Tc superconductors

We consider a spin Hamiltonian describing $d$-$d$ exchange interactions between localized spins $d$ of a finite antiferromagnet as well as $p$-$d$ interactions between a conducting hole ($p$) and localized spins. The spin Hamiltonian is solved numerically with use of Lanczos method of diagonalization. We conclude that $p$-$d$ exchange interaction leads to localization of magnetic polarons. Quantum fluctuations of the antiferromagnet strengthen this effect and make the formation of polarons localized in one site possible even for weak $p$-$d$ coupling. Total energy calculations, including the kinetic energy, do not change essentially the phase diagram of magnetic polarons formation. For parameters reasonable for high-$T_c$ superconductors either a polaron localized on one lattice cell or a small ferron can form. For reasonable values of the dielectric function and $p$-$d$ coupling, the contributions of magnetic and phonon terms in the formation of a polaron in weakly doped high-$T_c$ materials are comparable.Comment: revised, revtex-4, 12 pages 8 eps figure

Engineering Privacy in Public: Confounding Face Recognition

The objective of DARPA’s Human ID at a Distance (HID) program is to develop automated biometric identification technologies to detect, recognize and identify humans at great distances. While nominally intended for security applications, if deployed widely, such technologies could become an enormous privacy threat, making practical the automatic surveillance of individuals on a grand scale. Face recognition, as the HID technology most rapidly approaching maturity, deserves immediate research attention in order to understand its strengths and limitations, with an objective of reliably foiling it when it is used inappropriately. This paper is a status report for a research program designed to achieve this objective within a larger goal of similarly defeating all HID technologies

What Can Be Implemented Anonymously?

Abstract. The vast majority of papers on distributed computing assume that processes are assigned unique identifiers before computation begins. But is this assumption necessary? What if processes do not have unique identifiers or do not wish to divulge them for reasons of privacy? We consider asynchronous shared-memory systems that are anonymous. The shared memory contains only the most common type of shared objects, read/write registers. We investigate, for the first time, what can be implemented deterministically in this model when processes can fail. We give anonymous algorithms for some fundamental problems: timestamping, snapshots and consensus. Our solutions to the first two are wait-free and the third is obstruction-free. We also show that a shared object has an obstruction-free implementation if and only if it satisfies a simple property called idempotence. To prove the sufficiency of this condition, we give a universal construction that implements any idempotent object