TY  - CHAP
T2  - Computer Security ? ESORICS 2011
EP  - 606
N1  - Proceedings of the 16th European Symposium on Research in Computer Security, Leuven, Belgium, September 12-14,2011
ID  - eprints1244
UR  - http://dx.doi.org/10.1007/978-3-642-23822-2_32
KW  - Quantitative information flow; statistical attacks; anonymity; privacy; information theory 
AV  - public
TI  - Quantitative information flow, with a view
M1  - 6879
N2  - We put forward a general model intended for assessment of system security against passive eavesdroppers, both quantitatively ( how much information is leaked) and qualitatively ( what properties are leaked). To this purpose, we extend information hiding systems ( ihs ), a model where the secret-observable relation is represented as a noisy channel, with views : basically, partitions of the state-space. Given a view W and n independent observations of the system, one is interested in the probability that a Bayesian adversary wrongly predicts the class of W the underlying secret belongs to. We offer results that allow one to easily characterise the behaviour of this error probability as a function of the number of observations, in terms of the channel matrices defining the ihs and the view W . In particular, we provide expressions for the limit value as n ? ?, show by tight bounds that convergence is exponential, and also characterise the rate of convergence to predefined error thresholds. We then show a few instances of statistical attacks that can be assessed by a direct application of our model: attacks against modular exponentiation that exploit timing leaks, against anonymity in mix-nets and against privacy in sparse datasets.
SN  - 978-3-642-23821-5
ED  - Atluri, Vijay
ED  - Diaz, Claudia
Y1  - 2011///
T3  - Lecture Notes in Computer Science
SP  - 588
PB  - Springer
A1  - Boreale, Michele
A1  - Pampaloni, Francesca
A1  - Paolini, Michela
ER  -