Calculating Information Leakage in Continuous Domains

Tom Chothia

Information theory provides a range of useful methods to analyse probability distributions and these techniques have been successfully applied to measure information flow and the loss of anonymity in secure systems. However, previous work has tended to assume that the exact probabilities of every action are known, or that the system is non-deterministic. In this talk I will describe a result, developed with Guha and Chatzikokolakis that makes it possible to calculate measures of information leakage based on mutual information and capacity from trial runs of a system alone. I will demonstrate the calculation of information flow from a program with a small domain of secrets but which uses the Java Random library, sockets and multi-threading. When the observable actions of a system come from a continuous domain (e.g. time or power measurements) but the secret values are still discrete (e.g. bytes) it is necessary to use a hybrid version of mutual information in order to calculate information leakage. I will sketch some initial results on the convergence of mutual information estimates for these hybrid processes and I will illustrate these results by analysing an attack against e-passports.