This work explores the problem of designing a channel that leaks the least amount of information while respecting a set of operational constraints. This paper focuses on deterministic channels and deterministic solutions. This setting is relevant because most programs and many channel design problems are naturally modelled by deterministic channels. Moreover, the setting is also relevant when considering an attacker who can observe many outputs of an arbitrary channel while the secret input stays the same: when the number of observations is arbitrarily large, the channel of minimal leakage is deterministic. The deterministic channel design problem has different solutions depending on which leakage measure is chosen. The problem is shown to be NP-hard in general. However, for a particular class of constraints, called k-complete hypergraph constraints, a greedy algorithm is shown to provide the optimal solution for a wide class of leakage measures.• Section II overviews preliminary concepts of QIF and introduces core-concave entropies. • Section III presents the deterministic channel design problem. The problem is shown to be NP-hard, and it is proven that, in general, it does not have a universal solution.
This work presents an axiomatization for entropy based on an extension of concavity called core-concavity. We show that core-concavity characterizes the largest class of functions for which the data-processing inequality holds, under the assumption that conditional entropy is defined as a generalized average. Also, under the same assumption, we show that data-processing and "conditioning reduces entropy" properties are equivalent. We prove several properties of core-concave functions, including generalization of perfect secrecy and of Fano's inequality. We also show that definitions of conditional entropy based on worstcase can be retrieved as limit cases of generalized averages. A connection between statistical decision making and this axiomatic approach is also presented.
This paper concerns the analysis of information leaks in security systems. We address the problem of specifying and analyzing large systems in the (standard) channel model used in quantitative information flow (QIF). We propose several operators which match typical interactions between system components. We explore their algebraic properties with respect to the security-preserving refinement relation defined by Alvim et al. and McIver et al. [1,2]. We show how the algebra can be used to simplify large system specifications in order to facilitate the computation of information leakage bounds. We demonstrate our results on the specification and analysis of the Crowds Protocol. Finally, we use the algebra to justify a new algorithm to compute leakage bounds for this protocol.
arXiv:1801.08090v4 [cs.CR] 8 Jul 2018Crypto 1 (t 1 , t 2 , t 3 , t 4 , x) = 1, if t 4 = t 1 and x = c 1 , or t 4 = t 1 and x = c 1 0, otherwise Channels Crypto 2 , Crypto 3 and Crypto 4 describing the remaining cryptographers are defined analogously. Channel Announcements is, hence, defined as Announcements = Crypto 1 Crypto 2 Crypto 3 Crypto 4 .Proposition 7. Let D 1 : Y 1 ×Z 1 → R, D 2 : Y 2 ×Z 2 → R be channels. Then,
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.