Document Type
Dissertation
Degree
Doctor of Philosophy (PhD)
Major/Program
Computer Science
First Advisor's Name
Mark Finlayson
First Advisor's Committee Title
Committee Chair
Second Advisor's Name
Ning Xie
Second Advisor's Committee Title
Committee member
Third Advisor's Name
Naphtali Rishe
Third Advisor's Committee Title
Committee member
Fourth Advisor's Name
Catuscia Palamidessi
Fourth Advisor's Committee Title
Committee member
Fifth Advisor's Name
Kemal Akkaya
Fifth Advisor's Committee Title
Committee member
Keywords
information flow, privacy, security metrics, information leakage
Date of Defense
6-29-2022
Abstract
Across our digital lives, two powerful forces of data utility and data privacy push and pull against each other. In response, technologies have been designed to help navigate this tension, by revealing, or leaking, information that could be useful to an adversary in exchange for some added utility. For many of these technologies, there is uncertainty about how harmful these leaks are. How much security and privacy are we sacrificing? Under what circumstances are these technologies safe to use?
To bring clarity to these compromises between security and utility, this dissertation applies the information-theoretic framework of quantitative information flow (QIF), which models systems as channels correlating secret inputs with observable outputs. The QIF framework can determine an optimal adversary's expected probability of success, and thereby isolate the effect that these technologies have on security and privacy.
In this work, we apply QIF to three applications: We first examine two forms of property-revealing encryption: equality- and order-revealing encryption. These techniques allow database management systems to respond to queries and sort much faster without direct access to sensitive values, but the leakage implications are still unclear. The third application is local differential privacy and the shuffle model. Differential privacy aims to protect the privacy of individuals participating in statistical databases but must balance utility and privacy. The shuffle model can improve this balance, but exactly how much security it is providing is uncertain.
Through novel combinatorics and exact calculations, we precisely quantify the leakage of these applications under different parameters and relevant adversaries. For each application, we provide clarity about how much information is leaked and under what circumstances an application could be safe to deploy.
Identifier
FIDC010783
ORCID
0000-0002-9719-3106
Previously Published In
Chapter 2:
M. Jurado and G. Smith, “Quantifying information leakage of deterministic
encryption,” in Proceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop, CCSW’19, (New York, NY, USA), p. 129–139, Association for Computing Machinery, 2019.
Chapter 3:
M. Jurado, C. Palamidessi, and G. Smith, “A formal information-theoretic
leakage analysis of order-revealing encryption,” in 2021 IEEE 34th Computer
Security Foundations Symposium (CSF), pp. 1–16, 2021.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Jurado, Mireya Anita, "Applications of Quantitative Information Flow to Property-Revealing Encryption and Differential Privacy" (2022). FIU Electronic Theses and Dissertations. 5032.
https://digitalcommons.fiu.edu/etd/5032
Rights Statement
In Copyright. URI: http://rightsstatements.org/vocab/InC/1.0/
This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s).