Skip to main content
Springer Nature Link
Log in

Information Leakage Games

  • Conference paper
  • First Online:
Decision and Game Theory for Security (GameSec 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10575))

Included in the following conference series:

Abstract

We consider a game-theoretic setting to model the interplay between attacker and defender in the context of information flow, and to reason about their optimal strategies. In contrast with standard game theory, in our games the utility of a mixed strategy is a convex function of the distribution on the defender’s pure actions, rather than the expected value of their utilities. Nevertheless, the important properties of game theory, notably the existence of a Nash equilibrium, still hold for our (zero-sum) leakage games, and we provide algorithms to compute the corresponding optimal strategies. As typical in (simultaneous) game theory, the optimal strategy is usually mixed, i.e., probabilistic, for both the attacker and the defender. From the point of view of information flow, this was to be expected in the case of the defender, since it is well known that randomization at the level of the system design may help to reduce information leaks. Regarding the attacker, however, this seems the first work (w.r.t. the literature in information flow) proving formally that in certain cases the optimal attack strategy is necessarily probabilistic.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Following the convention of security games, we set the first player to be the defender.

  2. 2.

    Conventionally in game theory the utility u is set to be that of the first player, but we prefer to look at the utility from the point of view of the attacker to be in line with the definition of utility as vulnerability, as we will introduce in Sect. 2.3.

  3. 3.

    More precisely, if posterior vulnerability is defined as the expectation of the vulnerability of posterior distributions, the measure respects the data-processing inequality and yields non-negative leakage iff vulnerability is convex.

  4. 4.

    The reason to involve Jeeves is that Alice may not want to reveal a to Don, either.

  5. 5.

    Note that d should not be revealed to the attacker: although d is not sensitive information in itself, knowing it would help the attacker figure out the value of x.

  6. 6.

    Note that two channel matrices with different column indices can always be made compatible by adding appropriate columns with 0-valued cells in each of them.

  7. 7.

    Note that this is true only for \(\delta \), the \(\alpha \)-solution of the minimax problem is not necessarily part of an equilibrium; we need to solve the maximin problem for this.

References

  1. Alon, N., Emek, Y., Feldman, M., Tennenholtz, M.: Adversarial leakage in games. SIAM J. Discret. Math. 27(1), 363–385 (2013)

    Article  MathSciNet  MATH  Google Scholar 

  2. Alvim, M.S., Chatzikokolakis, K., McIver, A., Morgan, C., Palamidessi, C., Smith, G.: Axioms for information leakage. In: Proceedings of CSF, pp. 77–92 (2016)

    Google Scholar 

  3. Alvim, M.S., Chatzikokolakis, K., Palamidessi, C., Smith, G.: Measuring information leakage using generalized gain functions. In: CSF, pp. 265–279 (2012)

    Google Scholar 

  4. Boreale, M., Pampaloni, F.: Quantitative information flow under generic leakage functions and adaptive adversaries. Log. Meth. Comput. Sci. 11(4:5), 1–31 (2015)

    MathSciNet  MATH  Google Scholar 

  5. Boyd, S., Mutapcic, A.: Subgradient methods. Lecture notes of EE364b. Stanford University, Winter Quarter 2007 (2006)

    Google Scholar 

  6. Boyd, S., Vandenberghe, L.: Convex Optimization. Cambridge University Press, New York (2004)

    Book  MATH  Google Scholar 

  7. Braun, C., Chatzikokolakis, K., Palamidessi, C.: Quantitative notions of leakage for one-try attacks. In: Proceedings of MFPS. ENTCS, vol. 249, pp. 75–91. Elsevier (2009)

    Google Scholar 

  8. Chatzikokolakis, K., Palamidessi, C., Panangaden, P.: On the Bayes risk in information-hiding protocols. J. Comput. Secur. 16(5), 531–571 (2008)

    Article  Google Scholar 

  9. Chaum, D.: The dining cryptographers problem: unconditional sender and recipient untraceability. J. Cryptol. 1, 65–75 (1988)

    Article  MathSciNet  MATH  Google Scholar 

  10. Clark, D., Hunt, S., Malacaria, P.: A static analysis for quantifying information flow in a simple imperative language. J. Comput. Secur. 15, 321–371 (2007)

    Article  Google Scholar 

  11. Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006). doi:10.1007/11681878_14

    Chapter  Google Scholar 

  12. Farhang, S., Grossklags, J.: FlipLeakage: a game-theoretic approach to protect against stealthy attackers in the presence of information leakage. In: Zhu, Q., Alpcan, T., Panaousis, E., Tambe, M., Casey, W. (eds.) GameSec 2016. LNCS, vol. 9996, pp. 195–214. Springer, Cham (2016). doi:10.1007/978-3-319-47413-7_12

    Google Scholar 

  13. Khouzani, M., Malacaria, P.: Relative perfect secrecy: universally optimal strategies and channel design. In: Proceedings of CSF, pp. 61–76. IEEE (2016)

    Google Scholar 

  14. Khouzani, M.H.R., Mardziel, P., Cid, C., Srivatsa, M.: Picking vs. guessing secrets: a game-theoretic analysis. In: Proceedings of CSF, pp. 243–257 (2015)

    Google Scholar 

  15. Köpf, B., Basin, D.A.: An information-theoretic model for adaptive side-channel attacks. In: Proceedings of CCS, pp. 286–296. ACM (2007)

    Google Scholar 

  16. Korzhyk, D., Yin, Z., Kiekintveld, C., Conitzer, V., Tambe, M.: Stackelberg vs. nash in security games: an extended investigation of interchangeability, equivalence, and uniqueness. J. Artif. Intell. Res. 41, 297–327 (2011)

    MathSciNet  MATH  Google Scholar 

  17. Manshaei, M.H., Zhu, Q., Alpcan, T., Bacşar, T., Hubaux, J.-P.: Game theory meets network security and privacy. ACM Comput. Surv. 45(3), 25:1–25:39 (2013)

    Article  MATH  Google Scholar 

  18. Mardziel, P., Alvim, M.S., Hicks, M.W., Clarkson, M.R.: Quantifying information flow for dynamic secrets. In: Proceedings of S&P, pp. 540–555 (2014)

    Google Scholar 

  19. Massey, J.L.: Guessing and entropy. In: Proceedings of ISIT, p. 204. IEEE (1994)

    Google Scholar 

  20. Matsui, A.: Information leakage forces cooperation. Games Econ. Behav. 1(1), 94–115 (1989)

    Article  MathSciNet  MATH  Google Scholar 

  21. Nedić, A., Ozdaglar, A.: Subgradient methods for saddle-point problems. J. Optim. Theor. Appl. 142(1), 205–228 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  22. Osborne, M.J., Rubinstein, A.: A Course in Game Theory. MIT Press, Cambridge (1994)

    MATH  Google Scholar 

  23. Reiter, M.K., Rubin, A.D.: Crowds: anonymity for web transactions. ACM Trans. Inf. Syst. Secur. 1(1), 66–92 (1998)

    Article  Google Scholar 

  24. Rubinstein, A.: Lecture Notes in Microeconomic Theory, 2nd edn. Princeton University Press, Princeton (2012)

    Google Scholar 

  25. Shannon, C.E.: A mathematical theory of communication. Bell Syst. Tech. J. 27(379–423), 625–656 (1948)

    MathSciNet  MATH  Google Scholar 

  26. Shmatikov, V.: Probabilistic analysis of anonymity. In: CSFW, pp. 119–128 (2002)

    Google Scholar 

  27. Smith, G.: On the foundations of quantitative information flow. In: de Alfaro, L. (ed.) FoSSaCS 2009. LNCS, vol. 5504, pp. 288–302. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00596-1_21

    Chapter  Google Scholar 

  28. Venkitasubramaniam, P., Tong, L.: A game-theoretic approach to anonymous networking. IEEE/ACM Trans. Netw. 20(3), 892–905 (2012)

    Article  Google Scholar 

  29. Von Neumann, J., Morgenstern, O.: Theory of Games and Economic Behavior. Princeton University Press, Princeton (2007)

    MATH  Google Scholar 

  30. Wang, W., Carreira-Perpinán, M.A.: Projection onto the probability simplex: an efficient algorithm with a simple proof, and an application. arXiv preprint arXiv:1309.1541 (2013)

  31. Xu, H., Jiang, A.X., Sinha, A., Rabinovich, Z., Dughmi, S., Tambe, M.: Security games with information leakage: modeling and computation. In: Proceedings of IJCAI, pp. 674–680 (2015)

    Google Scholar 

  32. Yang, M., Sassone, V., Hamadou, S.: A game-theoretic analysis of cooperation in anonymity networks. In: Degano, P., Guttman, J.D. (eds.) POST 2012. LNCS, vol. 7215, pp. 269–289. Springer, Heidelberg (2012). doi:10.1007/978-3-642-28641-4_15

    Chapter  Google Scholar 

  33. Yao, A.C.: Protocols for secure computations. In: IEEE 54th Annual Symposium on Foundations of Computer Science, pp. 160–164 (1982)

    Google Scholar 

Download references

Acknowledgments

The authors are thankful to Arman Khouzani and Pedro O. S. Vaz de Melo for valuable discussions. This work was supported by JSPS and Inria under the project LOGIS of the Japan-France AYAME Program, and by the project Epistemic Interactive Concurrency (EPIC) from the STIC AmSud Program. Mário S. Alvim was supported by CNPq, CAPES, and FAPEMIG. Yusuke Kawamoto was supported by JSPS KAKENHI Grant Number JP17K12667.

Author information

Authors and Affiliations

  1. Universidade Federal de Minas Gerais, Belo Horizonte, Brazil

    Mário S. Alvim

  2. CNRS and École Polytechnique, Palaiseau, France

    Konstantinos Chatzikokolakis

  3. AIST, Tsukuba, Japan

    Yusuke Kawamoto

  4. INRIA and École Polytechnique, Palaiseau, France

    Catuscia Palamidessi

Authors
  1. Mário S. Alvim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Konstantinos Chatzikokolakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yusuke Kawamoto
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Catuscia Palamidessi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yusuke Kawamoto .

Editor information

Editors and Affiliations

  1. Universität Klagenfurt, Klagenfurt, Austria

    Stefan Rass

  2. Nanyang Technological University, Singapore, Singapore

    Bo An

  3. University of Texas at El Paso, El Paso, Texas, USA

    Christopher Kiekintveld

  4. Carnegie Mellon University, Pittsburgh, Pennsylvania, USA

    Fei Fang

  5. AIT Austrian Institute of Technology GmbH, Klagenfurt, Austria

    Stefan Schauer

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Alvim, M.S., Chatzikokolakis, K., Kawamoto, Y., Palamidessi, C. (2017). Information Leakage Games. In: Rass, S., An, B., Kiekintveld, C., Fang, F., Schauer, S. (eds) Decision and Game Theory for Security. GameSec 2017. Lecture Notes in Computer Science(), vol 10575. Springer, Cham. https://doi.org/10.1007/978-3-319-68711-7_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-68711-7_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-68710-0

  • Online ISBN: 978-3-319-68711-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics