Information Theory and Reliable Communication
Information Theory and Reliable Communication
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Dimensions and Principles of Declassification
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Quantitative Information Flow, Relations and Polymorphic Types
Journal of Logic and Computation
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
Measuring relationship anonymity in mix networks
Proceedings of the 5th ACM workshop on Privacy in electronic society
Assessing security threats of looping constructs
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Probability of Error in Information-Hiding Protocols
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
An information-theoretic model for adaptive side-channel attacks
Proceedings of the 14th ACM conference on Computer and communications security
Anonymity protocols as noisy channels
Information and Computation
A static analysis for quantifying information flow in a simple imperative language
Journal of Computer Security
Lagrange multipliers and maximum information leakage in different observational models
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data
SIAM Journal on Computing
Adversaries and information leaks (Tutorial)
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Information theory and security: quantitative information flow
SFM'10 Proceedings of the Formal methods for quantitative aspects of programming languages, and 10th international conference on School on formal methods for the design of computer, communication and software systems
The optimum leakage principle for analyzing multi-threaded programs
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
Compositionality of secure information flow
MPC'10 Proceedings of the 10th international conference on Mathematics of program construction
Information flow in interactive systems
CONCUR'10 Proceedings of the 21st international conference on Concurrency theory
On bounding problems of quantitative information flow
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Trust in crowds: probabilistic behaviour in anonymity protocols
TGC'10 Proceedings of the 5th international conference on Trustworthly global computing
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
Unifying theories of confidentiality
UTP'10 Proceedings of the Third international conference on Unifying theories of programming
Non-uniform distributions in quantitative information-flow
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Automatically deriving information-theoretic bounds for adaptive side-channel attacks
Journal of Computer Security
Asymptotic information leakage under one-try attacks
FOSSACS'11/ETAPS'11 Proceedings of the 14th international conference on Foundations of software science and computational structures: part of the joint European conferences on theory and practice of software
On the relation between differential privacy and quantitative information flow
ICALP'11 Proceedings of the 38th international conference on Automata, languages and programming - Volume Part II
Quantitative information flow and applications to differential privacy
Foundations of security analysis and design VI
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Quantitative information flow, with a view
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Anonymity attacks on mix systems: a formal analysis
IH'11 Proceedings of the 13th international conference on Information hiding
Predictive mitigation of timing channels in interactive systems
Proceedings of the 18th ACM conference on Computer and communications security
Poster: on quantitative information flow metrics
Proceedings of the 18th ACM conference on Computer and communications security
Probable innocence in the presence of independent knowledge
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Measuring query privacy in location-based services
Proceedings of the second ACM conference on Data and Application Security and Privacy
Quantitative information flow: from theory to practice?
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Calculating bounds on information leakage using two-bit patterns
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Limiting information leakage in event-based communication
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
Computing the leakage of information-hiding systems
TACAS'10 Proceedings of the 16th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Language-based control and mitigation of timing channels
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Verified indifferentiable hashing into elliptic curves
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Automatic quantification of cache side-channels
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
Differential privacy: on the trade-off between utility and information leakage
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Min-Entropy leakage of channels in cascade
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Symbolic quantitative information flow
ACM SIGSOFT Software Engineering Notes
Formalization of Measure Theory and Lebesgue Integration for Probabilistic Analysis in HOL
ACM Transactions on Embedded Computing Systems (TECS) - Special Issue on Modeling and Verification of Discrete Event Systems
Worst- and average-case privacy breaches in randomization mechanisms
TCS'12 Proceedings of the 7th IFIP TC 1/WG 202 international conference on Theoretical Computer Science
Quantitative analysis of information flow using theorem proving
ICFEM'12 Proceedings of the 14th international conference on Formal Engineering Methods: formal methods and software engineering
Confidentiality for probabilistic multi-threaded programs and its verification
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
A differentially private mechanism of optimal utility for a region of priors
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
SideAuto: quantitative information flow for side-channel leakage in web applications
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
A tool for estimating information leakage
CAV'13 Proceedings of the 25th international conference on Computer Aided Verification
QUAIL: a quantitative security analyzer for imperative code
CAV'13 Proceedings of the 25th international conference on Computer Aided Verification
SAT-Based analysis and quantification of information flow in programs
QEST'13 Proceedings of the 10th international conference on Quantitative Evaluation of Systems
CacheAudit: a tool for the static analysis of cache side channels
SEC'13 Proceedings of the 22nd USENIX conference on Security
Dynamic enforcement of knowledge-based security policies using probabilistic abstract interpretation
Journal of Computer Security
On bounding problems of quantitative information flow
Journal of Computer Security - ESORICS 2010
Quantitative information flow in interactive systems
Journal of Computer Security - ARSPA-WITS'10
Verified indifferentiable hashing into elliptic curves
Journal of Computer Security - Security and Trust Principles
Effective verification of confidentiality for multi-threaded programs
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 0.00 |
There is growing interest in quantitative theories of information flow in a variety of contexts, such as secure information flow, anonymity protocols, and side-channel analysis. Such theories offer an attractive way to relax the standard noninterference properties, letting us tolerate "small" leaks that are necessary in practice. The emerging consensus is that quantitative information flow should be founded on the concepts of Shannon entropy and mutual information . But a useful theory of quantitative information flow must provide appropriate security guarantees: if the theory says that an attack leaks x bits of secret information, then x should be useful in calculating bounds on the resulting threat. In this paper, we focus on the threat that an attack will allow the secret to be guessed correctly in one try. With respect to this threat model, we argue that the consensus definitions actually fail to give good security guarantees--the problem is that a random variable can have arbitrarily large Shannon entropy even if it is highly vulnerable to being guessed. We then explore an alternative foundation based on a concept of vulnerability (closely related to Bayes risk ) and which measures uncertainty using Rényi's min-entropy , rather than Shannon entropy.