Information leakage happens when a system helps an adversary achieve some goal. We can understand leakage through quantitative information flow (QIF), a robust framework that gives ways to quantify the amount of leakage of a system. In this post, we will walk through how we can statically model a system as a channel matrix. We'll also see how a channel maps a prior probability distribution to a hyper-distribution that helps an adversary narrow down the…
Here I introduce an introductory overview of quantitative information flow (QIF), a mathematical framework used to precisely discuss leakage. We start with a system that takes some sensitive information as input, processes it, and produces some publicly observable output. We want to determine how the system affected the sensitive information. This overview will focus on the often relevant and intuitive measure of Bayes vulnerability, which addresses when the adversary must guess the value of the…
I jumped in the middle of a "Deal or No Deal" episode at my family's house during the holidays. The contestant had 3 remaining briefcases in addition to the one she had chosen. Howie Mandel said, "You have a 1/4 chance." .... That doesn't sound right. According to the famous Monty Hall problem, it isn't. Let's apply the logic of the Monty Hall problem to the game show "Deal or No Deal" to determine the…