Paper 2023/813
Bayesian Leakage Analysis: A Framework for Analyzing Leakage in Cryptography
Abstract
We introduce a framework based on Bayesian statistical inference for analyzing leakage and its vulnerability to inference attacks. Our framework naturally integrates auxiliary information, defines a notion of adversarial advantage, and provides information-theoretic measures that capture the security of leakage patterns against both full and functional recovery attacks. We present two main theorems that bound the advantage of powerful inference techniques: the maximum a posteriori (MAP), the maximum likelihood estimate (MLE) and the MAP test. Specifically, we show that the advantage of these methods is exponentially bounded by new entropy measures that capture the susceptibility of leakage patterns to inference. To demonstrate the applicability of our framework, we design and implement an automated leakage attack engine, \bleak, which leverages a novel inference algorithm that efficiently computes MAP estimates for a large class of i.i.d. leakage models. These models include, for example, query equality, the combination of query equality and volume, and leakage patterns arising from naive conjunctions.
Metadata
- Available format(s)
-
PDF
- Category
- Foundations
- Publication info
- Preprint.
- Keywords
- encrypted searchleakageleakage attacks
- Contact author(s)
-
zachary espiritu @ mongodb com
seny kamara @ mongodb com
tarik moataz @ mongodb com - History
- 2025-01-14: revised
- 2023-06-02: received
- See all versions
- Short URL
- https://ia.cr/2023/813
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/813,
author = {Zachary Espiritu and Seny Kamara and Tarik Moataz},
title = {Bayesian Leakage Analysis: A Framework for Analyzing Leakage in Cryptography},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/813},
year = {2023},
url = {https://eprint.iacr.org/2023/813}
}
