Quantitative information flow under generic leakage functions and adaptive adversaries
This work addresses security and privacy concerns in systems vulnerable to information leakage, providing a general framework for analyzing adaptive adversaries, but it is incremental as it builds on existing QIF models.
The paper tackles the problem of analyzing quantitative information flow under generic leakage functions and adaptive adversaries by proposing an action-based randomization mechanism model, showing that non-adaptive strategies are as efficient as adaptive ones up to a bounded expansion factor and that maximum leakage can be computed via a Bellman equation.
We put forward a model of action-based randomization mechanisms to analyse quantitative information flow (QIF) under generic leakage functions, and under possibly adaptive adversaries. This model subsumes many of the QIF models proposed so far. Our main contributions include the following: (1) we identify mild general conditions on the leakage function under which it is possible to derive general and significant results on adaptive QIF; (2) we contrast the efficiency of adaptive and non-adaptive strategies, showing that the latter are as efficient as the former in terms of length up to an expansion factor bounded by the number of available actions; (3) we show that the maximum information leakage over strategies, given a finite time horizon, can be expressed in terms of a Bellman equation. This can be used to compute an optimal finite strategy recursively, by resorting to standard methods like backward induction.