Skip to main content Accessibility help
×
Home
Hostname: page-component-78dcdb465f-xl52z Total loading time: 0.32 Render date: 2021-04-19T10:27:47.915Z Has data issue: true Feature Flags: { "shouldUseShareProductTool": true, "shouldUseHypothesis": true, "isUnsiloEnabled": true, "metricsAbstractViews": false, "figures": false, "newCiteModal": false, "newCitedByModal": true }

Compositional methods for information-hiding

Published online by Cambridge University Press:  24 November 2014

KONSTANTINOS CHATZIKOKOLAKIS
Affiliation:
LIX, Bâtiment Alan Turing, 1 rue Honoré d'Estienne d'Orves, Campus de l'École Polytechnique, 91120 Palaiseau, France Email: kostas@lix.polytechnique.fr; catuscia@lix.polytechnique.fr; braun@lix.polytechnique.fr
CATUSCIA PALAMIDESSI
Affiliation:
LIX, Bâtiment Alan Turing, 1 rue Honoré d'Estienne d'Orves, Campus de l'École Polytechnique, 91120 Palaiseau, France Email: kostas@lix.polytechnique.fr; catuscia@lix.polytechnique.fr; braun@lix.polytechnique.fr
CHRISTELLE BRAUN
Affiliation:
LIX, Bâtiment Alan Turing, 1 rue Honoré d'Estienne d'Orves, Campus de l'École Polytechnique, 91120 Palaiseau, France Email: kostas@lix.polytechnique.fr; catuscia@lix.polytechnique.fr; braun@lix.polytechnique.fr

Abstract

Systems concerned with information hiding often use randomization to obfuscate the link between the observables and the information to be protected. The degree of protection provided by a system can be expressed in terms of the probability of error associated with the inference of the secret information. We consider a probabilistic process calculus to specify such systems, and we study how the operators affect the probability of error. In particular, we characterize constructs that have the property of not decreasing the degree of protection, and that can therefore be considered safe in the modular construction of these systems. As a case study, we apply these techniques to the dining cryptographers, and we derive a generalization of Chaum's strong anonymity result.

Type
Paper
Copyright
Copyright © Cambridge University Press 2014 

Access options

Get access to the full version of this content by using one of the access options below.

Footnotes

This work has been partially supported by the project ANR-12-IS02-001 (PACE), by the project ANR-11-IS02-0002 (LOCALI), by the INRIA Large Scale Initiative CAPPRIS, and by the EU FP7 grant no. 295261 (MEALS). A preliminary version of this work appeared in the proceedings of FOSSACS 2008.

References

Alvim, M. S., Andrés, M. E. and Palamidessi, C. (2010) Information flow in interactive systems In: Gastin, P. and Laroussinie, F. (eds.) Proceedings of the 21th International Conference on Concurrency Theory (CONCUR 2010). Springer Lecture Notes in Computer Science 6269 102116.CrossRefGoogle Scholar
Andrés, M. E., Palamidessi, C., van Rossum, P. and Smith, G. (2010a) Computing the leakage of information-hiding systems. In: Esparza, J. and Majumdar, R., (eds.) Proceedings of the 16th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2010). Springer Lecture Notes in Computer Science 6015 373389.CrossRefGoogle Scholar
Andrés, M. E., Palamidessi, C., van Rossum, P. and Sokolova, A. (2010 b) Information hiding in probabilistic concurrent systems. In: Proceedings of the 7th IEEE International Conference on Quantitative Evaluation of SysTems (QEST 2010), IEEE Computer Society 17–26.Google Scholar
Bhargava, M. and Palamidessi, C. (2005) Probabilistic anonymity. In: Abadi, M. and de Alfaro, L. (eds.) Proceedings of the 16th International Conference on Concurrency Theory (CONCUR 2005). Springer Lecture Notes in Computer Science 3653 171185.CrossRefGoogle Scholar
Boreale, M., Pampaloni, F. and Paolini, M. (2011) Asymptotic information leakage under one-try attacks. In: Hofmann, M. (ed.) Proceedings of the 14th International Conference on the Foundations of Software Science and Computational Structures (FOSSACS'11). Springer Lecture Notes in Computer Science 6604 396410.CrossRefGoogle Scholar
Chatzikokolakis, K. and Palamidessi, C. (2010) ‘Making random choices invisible to the scheduler. Information and Computation 208 (6) 694715.CrossRefGoogle Scholar
Chatzikokolakis, K., Palamidessi, C. and Panangaden, P. (2008a) Anonymity protocols as noisy channel. Information and Computation 206 (2–4) 378401.CrossRefGoogle Scholar
Chatzikokolakis, K., Palamidessi, C. and Panangaden, P. (2008b) On the Bayes risk in information-hiding protocols. Journal of Computer Security 16 (5) 531571.CrossRefGoogle Scholar
Chaum, D. (1988) The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of Cryptology 1 6575.CrossRefGoogle Scholar
Chung, K. L. (2000) A Course in Probability Theory, 2nd edition, Academic Press, New York.Google Scholar
Clark, D., Hunt, S. and Malacaria, P. (2001) Quantitative analysis of the leakage of confidential data. In: Proceedings of the Workshop on Quantitative Aspects of Programming Languages (QAPL 2001). Electronic Notes in Theoretical Computer Science 59 (3) 238251.CrossRefGoogle Scholar
Clark, D., Hunt, S. and Malacaria, P. (2005) Quantified interference for a while language. In: Proceedings of the 2nd Workshop on Quantitative Aspects of Programming Languages (QAPL 2004). Electronic Notes in Theoretical Computer Science 112 149166.CrossRefGoogle Scholar
Clarkson, M. R., Myers, A. C. and Schneider, F. B. (2009) Belief in information flow. Journal of Computer Security 17 (5) 655701.CrossRefGoogle Scholar
Cover, T. M. and Thomas, J. A. (1991) Elements of Information Theory, John Wiley and Sons, Inc.CrossRefGoogle Scholar
Deng, Y., Palamidessi, C. and Pang, J. (2005) Compositional reasoning for probabilistic finite-state behaviors. In: Middeldorp, A., van Oostrom, V., van Raamsdonk, F. and de Vrijer, R. C. (eds.) Processes, Terms and Cycles: Steps on the Road to Infinity. Springer Lecture Notes in Computer Science 3838 309337.CrossRefGoogle Scholar
Deng, Y., Pang, J. and Wu, P. (2006) Measuring anonymity with relative entropy. In: Dimitrakos, T., Martinelli, F., Ryan, P. Y. A. and Schneider, S. A. (eds.) Postproceedings of the 4th International Workshop on Formal Aspects in Security and Trust (FAST 2006). Lecture Notes in Computer Science 4691 6579.CrossRefGoogle Scholar
Desharnais, J., Jagadeesan, R., Gupta, V. and Panangaden, P. (2002) The metric analogue of weak bisimulation for probabilistic processes. In: Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science, IEEE Computer Society 413–422.Google Scholar
Díaz, C., Seys, S., Claessens, J. and Preneel, B. (2002) Towards measuring anonymity. In: Dingledine, R. and Syverson, P. F. (eds.) Proceedings of the workshop on Privacy Enhancing Technologies (PET 2002). Springer Lecture Notes in Computer Science 2482 5468.CrossRefGoogle Scholar
Fujioka, A., Okamoto, T. and Ohta, K. (1993) A practical secret voting scheme for large scale elections. In: Seberry, J. and Zheng, Y. (eds.) Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques. Advancaes in Cryptology (AUSCRYPT '92), Springer-Verlag, London, UK 244251.Google Scholar
Garcia, F. D., van Rossum, P. and Sokolova, A. (2007) Probabilistic anonymity and admissible schedulers arXiv:0706.1019v1.Google Scholar
Halpern, J. Y. and O'Neill, K. R. (2005) Anonymity and information hiding in multiagent systems. Journal of Computer Security 13 (3) 483512.CrossRefGoogle Scholar
Hamadou, S., Palamidessi, C. and Sassone, V. (2010) Reconciling belief and vulnerability in information flow. In: Proceedings of the 31st IEEE Symposium on Security and Privacy, IEEE Computer Society 79–92.Google Scholar
Herescu, O. M. and Palamidessi, C. (2000) Probabilistic asynchronous π-calculus. In: Tiuryn, J. (ed.) Proceedings of the 3rd International Conference on Foundations of Software Science and Computation Structures (FOSSACS 2000). Springer Lecture Notes in Computer Science 1784 146160.CrossRefGoogle Scholar
Heusser, J. and Malacaria, P. (2009) Applied quantitative information flow and statistical databases. In: Degano, P. and Guttman, J. D. (eds.) Proceedings of the International Workshop on Formal Aspects in Security and Trust (FAST 2009). Springer Lecture Notes in Computer Science 5983 96110.CrossRefGoogle Scholar
Gray, J. W. III (1991) Toward a mathematical foundation for information flow security. In: Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy (SSP '91), IEEE Computer Society Press 2135.CrossRefGoogle Scholar
Köpf, B. and Basin, D. A. (2007) An information-theoretic model for adaptive side-channel attacks. In: Ning, P., di Vimercati, S. D. C. and Syverson, P. F. (eds.) Proceedings of the 2007 ACM Conference on Computer and Communications Security (CCS 2007), ACM 286–296.Google Scholar
Lowe, G. (2002) Quantifying information flow. In: Proceedings of the 15th IEEE Computer Security Foundations Workshop (CSFW 2002), IEEE Computer Society Press 1831.CrossRefGoogle Scholar
Malacaria, P. (2007) Assessing security threats of looping constructs. In: Hofmann, M. and Felleisen, M. (eds.) Proceedings of the 34th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2007), ACM 225235.Google Scholar
Malacaria, P. and Chen, H. (2008) Lagrange multipliers and maximum information leakage in different observational models. In: Erlingsson, Ú. and Pistoia, M. (eds.) Proceedings of the 2008 Workshop on Programming Languages and Analysis for Security (PLAS 2008), ACM 135146.Google Scholar
McIver, A., Meinicke, L. and Morgan, C. (2010) Compositional closure for bayes risk in probabilistic noninterference. In: Abramsky, S., Gavoille, C., Kirchner, C., auf der Heide, F. M. and Spirakis, P. G. (eds.) Proceedings of the 37th International Colloquium on Automata, Languages and Programming (ICALP 2010). Springer Lecture Notes in Computer Science 6199 223235.CrossRefGoogle Scholar
McLean, J. (1990) Security models and information flow. In: Proceedings of the 1990 IEEE Symposium on Security and Privacy (SSP'90), IEEE 180–189.Google Scholar
Milner, R. (1989) Communication and Concurrency, International Series in Computer Science, Prentice-Hall.Google Scholar
Moskowitz, I. S., Newman, R. E., Crepeau, D. P. and Miller, A. R. (2003b) Covert channels and anonymizing networks. In: Jajodia, S., Samarati, P. and Syverson, P. F. (eds.) Workshop on Privacy in the Electronic Society 2003, ACM 7988.Google Scholar
Moskowitz, I. S., Newman, R. E. and Syverson, P. F. (2003a) Quasi-anonymous channels. In: Proceedings of the IASTED International Conference on Communication, Network, and Information Security (CNIS 2003). IASTED 126–131.Google Scholar
Munkres, J. R. (2000) Topology: A First Course, 2nd edition, Prentice-Hall.Google Scholar
Palamidessi, C. and Herescu, O. M. (2005) A randomized encoding of the π-calculus with mixed choice. Theoretical Computer Science 335 (2–3) 373404.CrossRefGoogle Scholar
Reiter, M. K. and Rubin, A. D. (1998) Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security 1 (1) 6692.CrossRefGoogle Scholar
Rényi, A. (1961) On measures of entropy and information. In: Proceedings of the 4th Berkeley Symposium on Mathematics, Statistics, and Probability 547–561.Google Scholar
Segala, R. (1995) Modeling and verification of randomized distributed real-time systems, Ph.D. thesis. Technical Report MIT/LCS/TR-676.Google Scholar
Segala, R. and Lynch, N. (1995) Probabilistic simulations for probabilistic processes. Nordic Journal of Computing 2 (2) 250273.Google Scholar
Serjantov, A. and Danezis, G. (2002) Towards an information theoretic metric for anonymity. In: Dingledine, R. and Syverson, P. F. (eds.) Proceedings of the Workshop on Privacy Enhancing Technologies (PET 2002). Springer Lecture Notes in Computer Science 2482 4153.CrossRefGoogle Scholar
Smith, G. (2009) On the foundations of quantitative information flow. In: de Alfaro, L. (ed.) Proceedings of the 12th International Conference on Foundations of Software Science and Computation Structures (FOSSACS 2009). Springer Lecture Notes in Computer Science 5504 288302.CrossRefGoogle Scholar

Full text views

Full text views reflects PDF downloads, PDFs sent to Google Drive, Dropbox and Kindle and HTML full text views.

Total number of HTML views: 0
Total number of PDF views: 44 *
View data table for this chart

* Views captured on Cambridge Core between September 2016 - 19th April 2021. This data will be updated every 24 hours.

Send article to Kindle

To send this article to your Kindle, first ensure no-reply@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about sending to your Kindle. Find out more about sending to your Kindle.

Note you can select to send to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be sent to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

Compositional methods for information-hiding
Available formats
×

Send article to Dropbox

To send this article to your Dropbox account, please select one or more formats and confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your <service> account. Find out more about sending content to Dropbox.

Compositional methods for information-hiding
Available formats
×

Send article to Google Drive

To send this article to your Google Drive account, please select one or more formats and confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your <service> account. Find out more about sending content to Google Drive.

Compositional methods for information-hiding
Available formats
×
×

Reply to: Submit a response


Your details


Conflicting interests

Do you have any conflicting interests? *