Hostname: page-component-76fb5796d-vvkck Total loading time: 0 Render date: 2024-04-26T03:44:00.841Z Has data issue: false hasContentIssue false
  • English
  • Français

Asymptotic information leakage under one-try attacks

Published online by Cambridge University Press:  10 November 2014

MICHELE BOREALE ,
FRANCESCA PAMPALONI  and
MICHELA PAOLINI
MICHELE BOREALE*
Affiliation:
Università di Firenze – Dipartimento di Statistica, Informatica, Applicazioni, Viale Morgagni 65, 50134 Firenze, Italy Email: michele.boreale@unifi.it
FRANCESCA PAMPALONI
Affiliation:
IMT Lucca Institute for Advanced Studies - Piazza S. Ponziano 6, 55100 Lucca, Italy Email: francesca.pampaloni@imtlucca.it, michela.paolini@imtlucca.it
MICHELA PAOLINI
Affiliation:
IMT Lucca Institute for Advanced Studies - Piazza S. Ponziano 6, 55100 Lucca, Italy Email: francesca.pampaloni@imtlucca.it, michela.paolini@imtlucca.it
*
Corresponding author: Michele Boreale, Università di Firenze, Dipartimento di Sistemi e Informatica, Viale Morgagni 65, I-50134 Firenze, Italy. E-mail: michele.boreale@unifi.it.
Rights & Permissions [Opens in a new window]

Abstract

Core share and HTML view are not available for this content. However, as you have access to this content, a full PDF is available via the ‘Save PDF’ action button.

We study the asymptotic behaviour of (a) information leakage and (b) adversary's error probability in information hiding systems modelled as noisy channels. Specifically, we assume the attacker can make a single guess after observing n independent executions of the system, throughout which the secret information is kept fixed. We show that the asymptotic behaviour of quantities (a) and (b) can be determined in a simple way from the channel matrix. Moreover, simple and tight bounds on them as functions of n show that the convergence is exponential. We also discuss feasible methods to evaluate the rate of convergence. Our results cover both the Bayesian case, where an a priori probability distribution on the secrets is assumed known to the attacker, and the maximum-likelihood case, where the attacker does not know such distribution. In the Bayesian case, we identify the distributions that maximize leakage. We consider both the min-entropy setting studied by Smith and the additive form recently proposed by Braun et al. and show the two forms do agree asymptotically. Next, we extend these results to a more sophisticated eavesdropping scenario, where the attacker can perform a (noisy) observation at each state of the computation and the systems are modelled as hidden Markov models.

Type
Special Issue: Quantitative Information Flow
Information
Mathematical Structures in Computer Science , Volume 25 , Issue 2: Quantitative Information Flow , February 2015 , pp. 292 - 319
Copyright
Copyright © Cambridge University Press 2014 

Footnotes

Extended version of Boreale et al. (2011). Work partially supported by the eu project Ascens under the fet open initiative in fp7.

References

Andrés, M. E., Palamidessi, C, Van Rossum, P. and Smith, G. (2010) Computing the leakage of information-hiding systems. In: Proceeding of Tools and Algorithms for the Construction and Analysis of Systems 2010. Lecture Notes in Computer Science 6015 373389.CrossRefGoogle Scholar
Backes, M. and Köpf, B. (2008) Formally bounding the side-channel leakage in unknown-message attacks. In: European Symposium on Research in Computer Security 2008. Lecture Notes in Computer Science 5283 517532.CrossRefGoogle Scholar
Baier, C. and Katoen, J-P. (2008) Principles of Model Checking, MIT Press.Google Scholar
Baignéres, T. and Vaudenay, S. (2008) The complexity of distinguishing distributions (invited talk). In: International Conference on Information Theoretic Security 2008. Lecture Notes in Computer Science 5155 210222.CrossRefGoogle Scholar
Bérard, B., Mullins, J. and Sassolas, M. (2010) Quantifying opacity. In: Proceedings of Quantitative Evaluation of Systems 2010, IEEE Society 263272.Google Scholar
Boreale, M. (2009) Quantifying information leakage in process calculi. Information and Computation 207 (6)699725.CrossRefGoogle Scholar
Boreale, M., Pampaloni, F. and Paolini, M. (2011a) Asymptotic information leakage under one-try attacks. In: Proceedings of Foundations of Software Science and Computation Structures 2011. Lecture Notes in Computer Science 6604 396410.CrossRefGoogle Scholar
Boreale, M., Pampaloni, F. and Paolini, M. (2011b) Quantitative information flow, with a view. In: Proceedings of European Symposium on Research in Computer Security 2011. Lecture Notes in Computer Science 6879 588606.CrossRefGoogle Scholar
Braun, C., Chatzikokolakis, K. and Palamidessi, C. (2008) Compositional methods for information-hiding. In: Proceedings of Foundations of Software Science and Computation Structures 2008. Lecture Notes in Computer Science 4962 443457.CrossRefGoogle Scholar
Braun, C., Chatzikokolakis, K. and Palamidessi, C. (2009) Quantitative notions of leakage for one-try attacks. In: Proceedings of Mathematical Foundations of Programming Semantics. Electronic Notes in Theoretical Computer Science 249 7591.CrossRefGoogle Scholar
Brier, E., Clavier, C. and Olivier, F. (2004) Correlation power analysis with a leakage model. In: Proceedings of Cryptographic Hardware and Embedded Systems. Lecture Notes in Computer Science 3156 1629.CrossRefGoogle Scholar
Chatzikokolakis, K., Palamidessi, C. and Panangaden, P. (2008a) Anonymity protocols as noisy channels. Information and Computation 206 (2–4)378401.CrossRefGoogle Scholar
Chatzikokolakis, K., Palamidessi, C. and Panangaden, P. (2008b) On the Bayes risk in information-hiding protocols. Journal of Computer Security 16 (5)531571.CrossRefGoogle Scholar
Clark, D., Hunt, S. and Malacaria, P. (2001) Quantitative analysis of the leakage of confidential data. Electronic Notes in Theoretical Computer Science 59 (3).Google Scholar
Cover, T. M. and Thomas, J. A. (2006) Elements of Information Theory, 2/e, John Wiley & Sons.Google Scholar
Kelsey, J., Schneier, B., Wagner, D. and Hall, C. (2000) Side channel cryptanalysis of product ciphers. Journal of Computer Security 8 (2/3)141158.CrossRefGoogle Scholar
Kocher, P. C. (1996) Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Cryptology Conference 1996. Lecture Notes in Computer Science 1109 104113.CrossRefGoogle Scholar
Kocher, P. C., Jaffe, J. and Jun, B. (1999) Differential power analysis. In: Cryptology Conference 1999. Lecture Notes in Computer Science 1666 388397.CrossRefGoogle Scholar
Köpf, B. and Basin, D. A. (2007) An information-theoretic model for adaptive side-channel attacks. ACM Conference on Computer and Communications Security 286–296.CrossRefGoogle Scholar
Köpf, B. and Dürmuth, M. (2009) A provably secure and efficient countermeasure against timing attacks. In: Computer Security Foundations Symposium 324–335.CrossRefGoogle Scholar
Köpf, B. and Smith, G. (2010) Vulnerability bounds and leakage resilience of blinded cryptography under timing attacks. In: Computer Security Foundations Symposium 44–56.CrossRefGoogle Scholar
Leang, C. C. and Johnson, D. H. (1997) On the asymptotics of M-hypothesis Bayesian detection. IEEE Transactions on Information Theory 43 280282.CrossRefGoogle Scholar
Mantel, H. and Sudbrock, H. (2008) Information-theoretic modelling and analysis of interrupt-related covert channels. Formal Aspects in Security and Trust 67–81.Google Scholar
Massey, J. L. (1994) Guessing and Entropy. In: Proceedings of the 1994 IEEE International Symposium on Information Theory 204.CrossRefGoogle Scholar
Rabiner, L. R. (1989) A tutorial on hidden Markov models and selected applications in speech recognition. In: Proceedings of the IEEE 77 (2)257286.CrossRefGoogle Scholar
Reed, M. G., Syverson, P. F. and Goldschlag, D. M. (1998). Anonymous connections and onion routing. IEEE Journal on Selected Areas in Communications 16 (4)482494.CrossRefGoogle Scholar
Reiter, M. K. and Rubin, A. D. (1998) Crowds: Anonymity for web transactions. ACM Transactions on Information and System Security 1 (1)6692.CrossRefGoogle Scholar
Smith, G. (2009) On the foundations of quantitative information flow. In: Proceedings of Foundations of Software Science and Computation Structures 2009. Lecture Notes in Computer Science 5504 288302.CrossRefGoogle Scholar
Standaert, F.-X., Malkin, T. G. and Yung, M. (2009) A unified framework for the analysis of side-channel key recovery attacks. In: Proceedings of Eurocrypt 2009. Lecture Notes in Computer Science 5479 443461.CrossRefGoogle Scholar