Next Article in Journal
On f-Divergences: Integral Representations, Local Behavior, and Inequalities
Next Article in Special Issue
Optimal Channel Design: A Game Theoretical Analysis
Previous Article in Journal
Observables and Unobservables in Quantum Mechanics: How the No-Hidden-Variables Theorems Support the Bohmian Particle Ontology
Previous Article in Special Issue
Password Security as a Game of Entropies
Open AccessArticle

A Game-Theoretic Approach to Information-Flow Control via Protocol Composition

1
Computer Science Department, Universidade Federal de Minas Gerais (UFMG), Belo Horizonte-MG 31270-110, Brazil
2
École Polytechnique, 91128 Palaiseau, France
3
Centre National de la Recherche Scientifique (CNRS), 91190 Gif-sur-Yvette, France
4
National Institute of Advanced Industrial Science and Technology (AIST), Tsukuba 305-8560, Japan
5
INRIA Saclay, 91120 Palaiseau, France
*
Authors to whom correspondence should be addressed.
Entropy 2018, 20(5), 382; https://doi.org/10.3390/e20050382
Received: 24 March 2018 / Revised: 8 May 2018 / Accepted: 11 May 2018 / Published: 18 May 2018
(This article belongs to the Special Issue Information Theory in Game Theory)
In the inference attacks studied in Quantitative Information Flow (QIF), the attacker typically tries to interfere with the system in the attempt to increase its leakage of secret information. The defender, on the other hand, typically tries to decrease leakage by introducing some controlled noise. This noise introduction can be modeled as a type of protocol composition, i.e., a probabilistic choice among different protocols, and its effect on the amount of leakage depends heavily on whether or not this choice is visible to the attacker. In this work, we consider operators for modeling visible and hidden choice in protocol composition, and we study their algebraic properties. We then formalize the interplay between defender and attacker in a game-theoretic framework adapted to the specific issues of QIF, where the payoff is information leakage. We consider various kinds of leakage games, depending on whether players act simultaneously or sequentially, and on whether or not the choices of the defender are visible to the attacker. In the case of sequential games, the choice of the second player is generally a function of the choice of the first player, and his/her probabilistic choice can be either over the possible functions (mixed strategy) or it can be on the result of the function (behavioral strategy). We show that when the attacker moves first in a sequential game with a hidden choice, then behavioral strategies are more advantageous for the defender than mixed strategies. This contrasts with the standard game theory, where the two types of strategies are equivalent. Finally, we establish a hierarchy of these games in terms of their information leakage and provide methods for finding optimal strategies (at the points of equilibrium) for both attacker and defender in the various cases. View Full-Text
Keywords: information leakage; quantitative information flow; game theory; algebraic properties information leakage; quantitative information flow; game theory; algebraic properties
Show Figures

Figure 1

MDPI and ACS Style

Alvim, M.S.; Chatzikokolakis, K.; Kawamoto, Y.; Palamidessi, C. A Game-Theoretic Approach to Information-Flow Control via Protocol Composition. Entropy 2018, 20, 382.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop