Argues that standard measurement of size of information leaks based on Shannon entropy are not useful because the number cannot be used to bound the resulting threat. Proposes alternative based on threat that secret can be guessed correctly in a single try that is equivalent to min-entropy. Uses examples to show that this results in different measures for leaks that intuitively seem different (and that Shannon entropy views as same). Tackles general form with non-uniform input distribution and derives simpler formulae for special cases. As it is arguing that prior art has wrong definition, it has good survey of the state of art when written. Highly cited (500+).

## On the foundations of quantitative information flow

Geoffrey Smith[doi] [Google Scholar] [DBLP] [Citeseer]

Read: 06 October 2019

International Conference on Foundations of Software Science and Computational Structures

Springer

Pages 288-302

2009

Note(s): information flow

Springer

Pages 288-302

2009

Note(s): information flow