A crucial goal in computer security is to protect sensitive information from unwanted disclosure. However, some leakage is often unavoidable, be it by design of the system or by technological limitations. The field of Quantitative Information Flow (QIF) is concerned with the quantification, and limitation, of information leakage in systems. The QIF framework models systems as information-theoretic channels taking (secret) inputs and producing (observable) outputs, thereby increasing the adversary’s knowledge about the secret value, as measured by some information metric. In this paper we use probabilistic model checking to obtain channels modeling two popular anonymity protocols, the Dining Cryptographers (a.k.a. DC-Nets) and Crowds, in two versions each. We then derive the systems’ capacities w.r.t. the g-leakage framework, which are robust upper bounds on information leakage that hold irrespectively of the probability distribution on secret values, or of the interests and goals of the adversary. To the best of our knowledge, this is the most general QIF analyses of such protocols.
CITATION STYLE
Américo, A., Vaz, A., Alvim, M. S., Campos, S. V. A., & McIver, A. (2017). Formal analysis of the information leakage of the DC-nets and crowds anonymity protocols. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10623 LNCS, pp. 142–158). Springer Verlag. https://doi.org/10.1007/978-3-319-70848-5_10
Mendeley helps you to discover research relevant for your work.