Quantifying information leakage in process calculi

Authors:
Michele Boreale
Affiliations:
Dipartimento di Sistemi e Informatica, Università di Firenze, Firenze, Italy
Venue:
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Year:
2006

Citing 10
Cited 11

Symbolic bisimulations

MFPS '92 Selected papers of the meeting on Mathematical foundations of programming semantics
Testing equivalence for mobile processes

Information and Computation
A symbolic semantics for the &pgr;-calculus

Information and Computation
A calculus for cryptographic protocols

Information and Computation
Verifying secrets and relative secrecy

Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
PI-Calculus: A Theory of Mobile Processes

PI-Calculus: A Theory of Mobile Processes
Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Defining information flow quantity

Journal of Computer Security - Special issue on CSFW15
Inequalities between entropy and index of coincidence derived from information diagrams

IEEE Transactions on Information Theory

Quantitative analysis of leakage for multi-threaded programs

Proceedings of the 2007 workshop on Programming languages and analysis for security
Lagrange multipliers and maximum information leakage in different observational models

Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Quantifying Timing Leaks and Cost Optimisation

ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Quantifying maximal loss of anonymity in protocols

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Quantifying information leakage in process calculi

Information and Computation
An Interval-based Abstraction for Quantifying Information Flow

Electronic Notes in Theoretical Computer Science (ENTCS)
Formal approaches to information-hiding (Tutorial)

TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Risk assessment of security threats for looping constructs

Journal of Computer Security - Security Issues in Concurrency (SecCo'07)
Measuring information flow in reactive processes

ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Value-passing CCS with noisy channels

Theoretical Computer Science
A differentially private mechanism of optimal utility for a region of priors

POST'13 Proceedings of the Second international conference on Principles of Security and Trust

Quantified Score

Hi-index	0.00

Visualization

Abstract

We study two quantitative models of information leakage in the pi-calculus. The first model presupposes an attacker with an essentially unlimited computational power. The resulting notion of absolute leakage, measured in bits, is in agreement with secrecy as defined by Abadi and Gordon: a process has an absolute leakage of zero precisely when it satisfies secrecy. The second model assumes a restricted observation scenario, inspired by the testing equivalence framework, where the attacker can only conduct repeated success-or-failure experiments on processes. Moreover, each experiment has a cost in terms of communication actions. The resulting notion of leakage rate, measured in bits per action, is in agreement with the first model: the maximum information that can be extracted by repeated experiments coincides with the absolute leakage A of the process. Moreover, the overall extraction cost is at least A/ R, where R is the rate of the process. Strategies to effectively estimate both absolute leakage and rate are also discussed