The dining cryptographers problem: unconditional sender and recipient untraceability
Journal of Cryptology
Elements of information theory
Elements of information theory
Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security (TISSEC)
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Achieving k-anonymity privacy protection using generalization and suppression
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
Probabilistic Noninterference for Multi-Threaded Programs
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Probabilistic Analysis of Anonymity
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Covert channels and anonymizing networks
Proceedings of the 2003 ACM workshop on Privacy in the electronic society
PRISM 2.0: A Tool for Probabilistic Model Checking
QEST '04 Proceedings of the The Quantitative Evaluation of Systems, First International Conference
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Anonymity vs. Information Leakage in Anonymity Systems
ICDCS '05 Proceedings of the 25th IEEE International Conference on Distributed Computing Systems
CONCUR 2005 - Concurrency Theory
Anonymity and information hiding in multiagent systems
Journal of Computer Security
Measuring the confinement of probabilistic systems
Theoretical Computer Science - Theoretical foundations of security analysis and design II
Theoretical Computer Science - Automated reasoning for security protocol analysis
Electronic Notes in Theoretical Computer Science (ENTCS)
Probability of Error in Information-Hiding Protocols
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Journal of Computer Security - Special issue on WITS'02
Information hiding, anonymity and privacy: a modular approach
Journal of Computer Security - Special issue on WITS'02
The modelling and analysis of security protocols: the csp approach
The modelling and analysis of security protocols: the csp approach
Quantified Interference for a While Language
Electronic Notes in Theoretical Computer Science (ENTCS)
Towards an information theoretic metric for anonymity
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Measuring anonymity with relative entropy
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Authentication theory and hypothesis testing
IEEE Transactions on Information Theory
On the Bayes risk in information-hiding protocols
Journal of Computer Security - 20th IEEE Computer Security Foundations Symposium (CSF)
A Monotonicity Principle for Information Theory
Electronic Notes in Theoretical Computer Science (ENTCS)
Probabilistic and Concurrent Models for Security
ICLP '08 Proceedings of the 24th International Conference on Logic Programming
On the Foundations of Quantitative Information Flow
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Bounds on the Leakage of the Input's Distribution in Information-Hiding Protocols
Trustworthy Global Computing
Quantitative Notions of Leakage for One-try Attacks
Electronic Notes in Theoretical Computer Science (ENTCS)
Probabilistic and nondeterministic aspects of anonymity
Theoretical Computer Science
Compositional methods for information-hiding
FOSSACS'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Foundations of software science and computational structures
Adversaries and information leaks (Tutorial)
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Risk assessment of security threats for looping constructs
Journal of Computer Security - Security Issues in Concurrency (SecCo'07)
Information theory and security: quantitative information flow
SFM'10 Proceedings of the Formal methods for quantitative aspects of programming languages, and 10th international conference on School on formal methods for the design of computer, communication and software systems
Compositionality of secure information flow
MPC'10 Proceedings of the 10th international conference on Mathematics of program construction
Information flow in interactive systems
CONCUR'10 Proceedings of the 21st international conference on Concurrency theory
Trust in crowds: probabilistic behaviour in anonymity protocols
TGC'10 Proceedings of the 5th international conference on Trustworthly global computing
Reasoning about probabilistic security using task-PIOAs
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
Non-uniform distributions in quantitative information-flow
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Asymptotic information leakage under one-try attacks
FOSSACS'11/ETAPS'11 Proceedings of the 14th international conference on Foundations of software science and computational structures: part of the joint European conferences on theory and practice of software
Symbolic model checking of probabilistic knowledge
Proceedings of the 13th Conference on Theoretical Aspects of Rationality and Knowledge
Quantitative information flow and applications to differential privacy
Foundations of security analysis and design VI
Low-cost mitigation of privacy loss due to radiometric identification
VANET '11 Proceedings of the Eighth ACM international workshop on Vehicular inter-networking
Quantitative information flow, with a view
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Anonymity attacks on mix systems: a formal analysis
IH'11 Proceedings of the 13th international conference on Information hiding
Probable innocence in the presence of independent knowledge
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Measuring query privacy in location-based services
Proceedings of the second ACM conference on Data and Application Security and Privacy
Quantitative information flow: from theory to practice?
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Squeeziness: An information theoretic measure for avoiding fault masking
Information Processing Letters
Calculating bounds on information leakage using two-bit patterns
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Computing the leakage of information-hiding systems
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Statistical measurement of information leakage
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Epistemic Strategies and Games on Concurrent Processes
ACM Transactions on Computational Logic (TOCL)
Measuring vote privacy, revisited
Proceedings of the 2012 ACM conference on Computer and communications security
Worst- and average-case privacy breaches in randomization mechanisms
TCS'12 Proceedings of the 7th IFIP TC 1/WG 202 international conference on Theoretical Computer Science
A differentially private mechanism of optimal utility for a region of priors
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Quantitative information flow in interactive systems
Journal of Computer Security - ARSPA-WITS'10
Hi-index | 0.01 |
We consider a framework in which anonymity protocols are interpreted as noisy channels in the information-theoretic sense, and we explore the idea of using the notion of capacity as a measure of the loss of anonymity. Such idea was already suggested by Moskowitz, Newman and Syverson, in their analysis of the covert channel that can be created as a result of non-perfect anonymity. We consider the case in which some leak of information is intended by design, and we introduce the notion of conditional capacity to rule out this factor, thus retrieving a natural correspondence with the notion of anonymity. Furthermore, we show how to compute the capacity and the conditional capacity when the anonymity protocol satisfies certain symmetries. We also investigate how the adversary can test the system to try to infer the user's identity, and we study how his probability of success depends on the characteristics of the channel. We then illustrate how various notions of anonymity can be expressed in this framework, and show the relation with some definitions of probabilistic anonymity in literature. Finally, we show how to compute the matrix of the channel (and hence the capacity and conditional capacity) using model checking.