Argues that standard measurement of size of information leaks based on Shannon entropy are not useful because the number cannot be used to bound the resulting threat. Proposes alternative based on threat that secret can be guessed correctly in a single try that is equivalent to min-entropy. Uses examples to show that this results in different measures for leaks that intuitively seem different (and that Shannon entropy views as same). Tackles general form with non-uniform input distribution and derives simpler formulae for special cases. As it is arguing that prior art has wrong definition, it has good survey of the state of art when written. Highly cited (500+).
On the foundations of quantitative information flow
Geoffrey Smith[doi] [Google Scholar] [DBLP] [Citeseer]
Read: 06 October 2019
International Conference on Foundations of Software Science and Computational Structures
Springer
Pages 288-302
2009
Note(s): information flow
Springer
Pages 288-302
2009
Note(s): information flow