English
Related papers

Related papers: Quantifying Dynamic Leakage: Complexity Analysis a…

200 papers
On the Compositionality of Dynamic Leakage and Its Application to the Quantification Problem

Quantitative information flow (QIF) is traditionally defined as the expected value of information leakage over all feasible program runs and it fails to identify vulnerable programs where only limited number of runs leak large amount of…

Cryptography and Security · Computer Science 2019-05-14 Bao Trung Chu , Kenji Hashimoto , Hiroyuki Seki
A new measure for dynamic leakage based on quantitative information flow

Quantitative information flow (QIF) is concerned with assessing the leakage of information in computational systems. In QIF there are two main perspectives for the quantification of leakage. On one hand, the static perspective considers all…

Cryptography and Security · Computer Science 2025-10-27 Luigi D. C. Soares , Mário S. Alvim , Natasha Fernandes
Refining a Quantitative Information Flow Metric

We introduce a new perspective into the field of quantitative information flow (QIF) analysis that invites the community to bound the leakage, reported by QIF quantifiers, by a range consistent with the size of a program's secret input…

Cryptography and Security · Computer Science 2012-06-06 Sari Haj Hussein
What's the Over/Under? Probabilistic Bounds on Information Leakage

Quantitative information flow (QIF) is concerned with measuring how much of a secret is leaked to an adversary who observes the result of a computation that uses it. Prior work has shown that QIF techniques based on abstract interpretation…

Programming Languages · Computer Science 2018-02-23 Ian Sweet , Jose Manuel Calderon Trilla , Chad Scherrer , Michael Hicks , Stephen Magill
Source-level reasoning for quantitative information flow

We present a novel formal system for proving quantitative-leakage properties of programs. Based on a theory of Quantitative Information Flow (QIF) that models information leakage as a noisy communication channel, it uses "gain-functions"…

Logic in Computer Science · Computer Science 2025-06-17 Chris Chen , Annabelle McIver , Carroll Morgan
Quantitative information flow under generic leakage functions and adaptive adversaries

We put forward a model of action-based randomization mechanisms to analyse quantitative information flow (QIF) under generic leakage functions, and under possibly adaptive adversaries. This model subsumes many of the QIF models proposed so…

Logic in Computer Science · Computer Science 2019-03-14 M. Boreale , Francesca Pampaloni
Quantifying Information Leakage in Finite Order Deterministic Programs

Information flow analysis is a powerful technique for reasoning about the sensitive information exposed by a program during its execution. While past work has proposed information theoretic metrics (e.g., Shannon entropy, min-entropy,…

Cryptography and Security · Computer Science 2010-09-22 Ji Zhu , Mudhakar Srivatsa
Scalable Precise Computation of Shannon Entropy

Quantitative information flow analyses (QIF) are a class of techniques for measuring the amount of confidential information leaked by a program to its public outputs. Shannon entropy is an important method to quantify the amount of leakage…

Artificial Intelligence · Computer Science 2026-02-19 Yong Lai , Haolong Tong , Zhenghang Xu , Minghao Yin
Quantifying Information Leak Vulnerabilities

Leakage of confidential information represents a serious security risk. Despite a number of novel, theoretical advances, it has been unclear if and how quantitative approaches to measuring leakage of confidential information could be…

Cryptography and Security · Computer Science 2010-07-07 Jonathan Heusser , Pasquale Malacaria
Initial Results for Pairwise Causal Discovery Using Quantitative Information Flow

Pairwise Causal Discovery is the task of determining causal, anticausal, confounded or independence relationships from pairs of variables. Over the last few years, this challenging task has promoted not only the discovery of novel machine…

Machine Learning · Computer Science 2022-12-05 Felipe Giori , Flavio Figueiredo
Quantitative Security Analysis for Multi-threaded Programs

Quantitative theories of information flow give us an approach to relax the absolute confidentiality properties that are difficult to satisfy for many practical programs. The classical information-theoretic approaches for sequential…

Cryptography and Security · Computer Science 2013-06-13 Tri Minh Ngo , Marieke Huisman
Quantitative Information Flow - Verification Hardness and Possibilities

Researchers have proposed formal definitions of quantitative information flow based on information theoretic notions such as the Shannon entropy, the min entropy, the guessing entropy, and channel capacity. This paper investigates the…

Cryptography and Security · Computer Science 2010-04-02 Hirotoshi Yasuoka , Tachio Terauchi
QFlow: Quantitative Information Flow for Security-Aware Hardware Design in Verilog

The enormous amount of code required to design modern hardware implementations often leads to critical vulnerabilities being overlooked. Especially vulnerabilities that compromise the confidentiality of sensitive data, such as cryptographic…

Cryptography and Security · Computer Science 2021-12-23 Lennart M. Reimann , Luca Hanel , Dominik Sisejkovic , Farhad Merchant , Rainer Leupers
Explaining epsilon in local differential privacy through the lens of quantitative information flow

The study of leakage measures for privacy has been a subject of intensive research and is an important aspect of understanding how privacy leaks occur in computer systems. Differential privacy has been a focal point in the privacy community…

Information Theory · Computer Science 2023-05-19 Natasha Fernandes , Annabelle McIver , Parastoo Sadeghi
NIFuzz: Estimating Quantified Information Flow with a Fuzzer

This paper presents a scalable, practical approach to quantifying information leaks in software; these errors are often overlooked and downplayed, but can seriously compromise security mechanisms such as address space layout randomisation…

Cryptography and Security · Computer Science 2025-01-27 Daniel Blackwell , Ingolf Becker , David Clark
On Bounding Problems of Quantitative Information Flow

Researchers have proposed formal definitions of quantitative information flow based on information theoretic notions such as the Shannon entropy, the min entropy, the guessing entropy, belief, and channel capacity. This paper investigates…

Cryptography and Security · Computer Science 2011-12-20 Hirotoshi Yasuoka , Tachio Terauchi
Quantifying vulnerability of secret generation using hyper-distributions (extended version)

Traditional approaches to Quantitative Information Flow (QIF) represent the adversary's prior knowledge of possible secret values as a single probability distribution. This representation may miss important structure. For instance,…

Cryptography and Security · Computer Science 2017-01-24 Mário S. Alvim , Piotr Mardziel , Michael Hicks
A Game-Theoretic Approach to Information-Flow Control via Protocol Composition

In the inference attacks studied in Quantitative Information Flow (QIF), the attacker typically tries to interfere with the system in the attempt to increase its leakage of secret information. The defender, on the other hand, typically…

Cryptography and Security · Computer Science 2018-05-22 Mário S. Alvim , Konstantinos Chatzikokolakis , Yusuke Kawamoto , Catuscia Palamidessi
Self-Defense: Optimal QIF Solutions and Application to Website Fingerprinting

Quantitative Information Flow (QIF) provides a robust information-theoretical framework for designing secure systems with minimal information leakage. While previous research has addressed the design of such systems under hard constraints…

Cryptography and Security · Computer Science 2024-11-18 Andreas Athanasiou , Konstantinos Chatzikokolakis , Catuscia Palamidessi
Output-sensitive Information flow analysis

Constant-time programming is a countermeasure to prevent cache based attacks where programs should not perform memory accesses that depend on secrets. In some cases this policy can be safely relaxed if one can prove that the program does…

Cryptography and Security · Computer Science 2023-06-22 Cristian Ene , Laurent Mounier , Marie-Laure Potet
‹ Prev 1 2 3 10 Next ›