Automatically deriving information-theoretic bounds for adaptive side-channel attacks

Köpf, Boris; Basin, David

doi:10.3233/jcs-2009-0397

Cited by 21 publications

(24 citation statements)

References 52 publications

(78 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Previous formal analyses of this program [19,37] assume uniformly distributed PINs; they are not fully accurate because PIN generation methods typically produce a skewed distribution. Using the techniques presented in this paper, we perform the first formal analysis that takes this skew into account.…”

Section: Case Studymentioning

confidence: 99%

See 1 more Smart Citation

Non-uniform distributions in quantitative information-flow

Backes

Berg

Köpf

2011

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

Quantitative information-flow analysis (QIF) determines the amount of information that a program leaks about its secret inputs. For this, QIF requires an assumption about the distribution of the secret inputs. Existing techniques either consider the worst-case over a (sub-)set of all input distributions and thereby over-approximate the amount of leaked information; or they are tailored to reasoning about uniformly distributed inputs and are hence not directly applicable to non-uniform use-cases; or they deal with explicitly represented distributions, for which suitable abstraction techniques are only now emerging. In this paper we propose a novel approach for a precise QIF with respect to non-uniform input distributions: We present a reduction technique that transforms the problem of QIF w.r.t. non-uniform distributions into the problem of QIF for the uniform case. This reduction enables us to directly apply existing techniques for uniform QIF to the non-uniform case. We furthermore show that quantitative information flow is robust with respect to variations of the input distribution. This result allows us to perform QIF based on approximate input distributions, which can significantly simplify the analysis. Finally, we perform a case study where we illustrate our techniques by using them to analyze an integrity check on non-uniformly distributed PINs, as they are used for banking.

show abstract

Section: Case Studymentioning

confidence: 99%

“…The basis for our analysis is the formal model for knowledge refinement in adaptive attacks described in [19,20]. In this model, each attack strategy induces a partition on the set of secret inputs.…”

Section: Automated Analysis Of Adaptive Attacksmentioning

confidence: 99%

Non-uniform distributions in quantitative information-flow

Backes

Berg

Köpf

2011

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

show abstract

“…We adopt a probabilistic version of the model of deterministic systems and attacks proposed by Köpf and Basin [17]. Let S be a finite set of secrets, A be a finite set of adversary-controlled inputs or attacks, and O be a finite set of observables.…”

Section: A Worth-based Approach To Qifmentioning

confidence: 99%

“…Köpf and Basin [17] proposed the model for deterministic systems we extended in this paper. Shannon [23] points out the independence of the information contents with respect to its representation, and gives the first steps in trying to understand how Shannon entropy would behave in a lattice of partitions.…”

mentioning

confidence: 99%

When Not All Bits Are Equal: Worth-Based Information Flow

Alvim

Scedrov

Schneider

2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Only recently have approaches to quantitative information flow started to challenge the presumption that all leaks involving a given number of bits are equally harmful. This paper proposes a framework to capture the semantics of information, making quantification of leakage independent of the syntactic representation of secrets. Secrets are defined in terms of fields, which are combined to form structures; and a worth assignment is introduced to associate each structure with a worth (perhaps in proportion to the harm that would result from disclosure). We show how worth assignments can capture inter-dependence among structures within a secret, modeling: (i) secret sharing, (ii) information-theoretic predictors, and (iii) computational (as opposed to information-theoretic) guarantees for security. Using non-trivial worth assignments, we generalize Shannon entropy, guessing entropy, and probability of guessing. For deterministic systems, we give a lattice of information to provide an underlying algebraic structure for the composition of attacks. Finally, we outline a design technique to capture into worth assignments relevant aspects of a scenario of interest.

show abstract

“…Fundamental to unconditional encryption is the information measure used to quantify the security of the system being considered, as it is correlated with the attacks against which the cryptosystem is resistant [9]. The first formal results on unconditional encryption were published by Shannon [4] using results from the formal theory of communication [10].…”

Section: Introductionmentioning

confidence: 99%

Universal Optimality of Apollonian Cell Encoders

Biondi

Given-Wilson

Legay

2018

2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/ 12th IEEE International

View full text Add to dashboard Cite

Abstract-Preserving privacy of private communication against an attacker is a fundamental concern of computer science security. Unconditional encryption considers the case where an attacker has unlimited computational power, hence no complexity result can be relied upon for encryption. Optimality criteria are defined for the best possible encryption over a general collection of entropy measures. This paper introduces Apollonian cell encoders, a class of shared-key cryptosystems that are proven to be universally optimal. In addition to the highest possible security for the message, Apollonian cell encoders prove to have perfect secrecy on their key allowing unlimited key reuse. Conditions for the existence of Apollonian cell encoders are presented, as well as a constructive proof. Further, a compact representation of Apollonian cell encoders is presented, allowing for practical implementation.

show abstract

Automatically deriving information-theoretic bounds for adaptive side-channel attacks

Cited by 21 publications

References 52 publications

Non-uniform distributions in quantitative information-flow

Non-uniform distributions in quantitative information-flow

When Not All Bits Are Equal: Worth-Based Information Flow

Universal Optimality of Apollonian Cell Encoders

Contact Info

Product

Resources

About