defining perceived information based on shannon s
play

Defining Perceived Information based on Shannons Communication - PowerPoint PPT Presentation

Dec 27, 2022 •253 likes •695 views

Defining Perceived Information based on Shannons Communication Theory Cryptarchi 2016 June 21-24, 2016 La Grande Motte, France Eloi de Chrisey, Sylvain Guilley, & Olivier Rioul Tlcom ParisTech, Universit Paris-Saclay, France.

  1. Defining Perceived Information based on Shannon’s Communication Theory Cryptarchi 2016 June 21-24, 2016 La Grande Motte, France Eloi de Chérisey, Sylvain Guilley, & Olivier Rioul Télécom ParisTech, Université Paris-Saclay, France.

  2. Contents Introduction Motivation Assumptions and Notations How to Define Perceived Information? Markov Chain From MAP to PI Application of Shannon’s Theory Minimum Number of Traces Worst Possible Case for Designers Link with Perceived Information Conclusion 2 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  3. Contents Introduction Motivation Assumptions and Notations How to Define Perceived Information? Markov Chain From MAP to PI Application of Shannon’s Theory Minimum Number of Traces Worst Possible Case for Designers Link with Perceived Information Conclusion 3 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  4. Motivation Consolidate the state of the art about Perceived Information (PI) metrics; Continue the work of Annelie Heuser presented last year at CryptArchi; Establish clear and coherent definitions for PI based on optimal distinguishers and Shannon’s theory ; 4 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  5. Motivation Consolidate the state of the art about Perceived Information (PI) metrics; Continue the work of Annelie Heuser presented last year at CryptArchi; Establish clear and coherent definitions for PI based on optimal distinguishers and Shannon’s theory ; Deduce tests in order to evaluate the success of an attack; 4 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  6. Motivation Consolidate the state of the art about Perceived Information (PI) metrics; Continue the work of Annelie Heuser presented last year at CryptArchi; Establish clear and coherent definitions for PI based on optimal distinguishers and Shannon’s theory ; Deduce tests in order to evaluate the success of an attack; Introduce communication channels in Side-Channel Analysis (SCA). Is Shannon’s channel capacity useful in SCA? 4 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  7. Assumptions and Notations What is an attack? Two phases: profiling phase & attacking phase. 5 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  8. Assumptions and Notations What is an attack? Two phases: profiling phase & attacking phase. Profiling phase : secret key ˆ q textbytes ˆ k is known. A vector of ˆ t is given and ˆ q traces ˆ x are measured; Attacking phase : secret key ˜ k is unknown. A vector of ˜ q textbytes ˜ t is given and ˜ q traces ˜ x are measured; 5 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  9. Assumptions and Notations What is an attack? Two phases: profiling phase & attacking phase. Profiling phase : secret key ˆ q textbytes ˆ k is known. A vector of ˆ t is given and ˆ q traces ˆ x are measured; Attacking phase : secret key ˜ k is unknown. A vector of ˜ q textbytes ˜ t is given and ˜ q traces ˜ x are measured; The leakages follow some unknown distribution P ; x , ˆ x , ˜ Estimate P based on either ˆ t or ˜ t . 5 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  10. Assumptions and Notations (Cont’d) Consider the following sets and variables. X and ˜ ˆ X for ˆ x and ˜ x . T and ˜ ˆ T for ˆ t and ˜ t . 6 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  11. Assumptions and Notations (Cont’d) Consider the following sets and variables. X and ˜ ˆ X for ˆ x and ˜ x . T and ˜ ˆ T for ˆ t and ˜ t . Random variable ˆ X , ˜ X , ˆ T and ˜ T . Random vectors ˆ X , ˜ X , ˆ T and ˜ T . Generic notation x (either profiling or attacking) 6 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  12. Leakage Model Noise y x ¯ k ∗ Algorithmic Distinguish Emanation k t t Recall our notational conventions: − profiling phase with a hat ˆ • . − attacking phase with a tilde ˜ • . 7 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  13. Leakage Equivalent Flow-Graph Y X ¯ Leakage K Model Distinguisher K side information T Markov Chain We have the following Markov Chain given T : → ¯ K − → Y − → X − K The attacker receives X . 8 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  14. Estimations of the Probability Distribution P Definition (Profiled Estimation: OffLine) ˆ q P ( x, t ) = 1 � ˆ ∀ x, t (1) 1 ˆ x i = x, ˆ t i = t ˆ q i =1 9 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  15. Estimations of the Probability Distribution P Definition (Profiled Estimation: OffLine) ˆ q P ( x, t ) = 1 � ˆ ∀ x, t (1) 1 ˆ x i = x, ˆ t i = t q ˆ i =1 Definition (On-the-fly Estimation: OnLine) q ˜ P ( x, t ) = 1 � ˜ ∀ x, t (2) 1 ˜ x i = x, ˜ t i = t ˜ q i =1 9 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  16. Optimal Distinguisher Theorem (Optimal Distinguisher) The optimal distinguisher [2] is the maximum a posteriori (MAP) distinguisher defined by x , ˜ x , ˜ D Opt (˜ t ) = arg max P ( k | ˜ t ) (3) 10 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  17. Optimal Distinguisher Theorem (Optimal Distinguisher) The optimal distinguisher [2] is the maximum a posteriori (MAP) distinguisher defined by x , ˜ x , ˜ D Opt (˜ t ) = arg max P ( k | ˜ t ) (3) As P is unknown, we may replace it by ˆ P in the distinguisher : t ) = arg max ˆ x , ˜ x , ˜ D (˜ P ( k | ˜ t ) (4) 10 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  18. Contents Introduction Motivation Assumptions and Notations How to Define Perceived Information? Markov Chain From MAP to PI Application of Shannon’s Theory Minimum Number of Traces Worst Possible Case for Designers Link with Perceived Information Conclusion 11 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  19. SCA Seen as a Markov Chain Theorem (SCA as a Markov Chain) The following is a Markov Chain: → ( ¯ ( K, T ) − → ( Y , T ) − → ( X , T ) − K, T ) In other words: as T is known everywhere we can put it at every stage. Therefore, Mutual Information I ( K, T ; X , T ) is a relevant quantity. 12 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  20. Mutual Information Theorem (i.i.d. Channel) For an i.i.d. channel, we have: I ( K, T ; X , T ) = q · I ( K, T ; X, T ) (5) The relevant quantity becomes I ( K, T ; X, T ) . Proof. Using independence, I ( K, T ; X , T ) = H ( X , T ) − H ( X , T | K, T ) = q · H ( X, T ) − H ( X | K, T ) = q · H ( X, T ) − qH ( X | K, T ) = q · I ( K, T ; X, T ) 13 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  21. The Role of Perceived Information Mutual Information I ( K, T ; X, T ) is important in order to evaluate the attack. We have: I ( K, T ; X, T ) = H ( K, T ) − H ( K, T | X, T ) (6) � �� � � �� � = H ( K )+ H ( T ) = H ( K | X,T ) 14 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  22. The Role of Perceived Information Mutual Information I ( K, T ; X, T ) is important in order to evaluate the attack. We have: I ( K, T ; X, T ) = H ( K, T ) − H ( K, T | X, T ) (6) � �� � � �� � = H ( K )+ H ( T ) = H ( K | X,T ) giving � � � I ( K, T ; X, T ) = H ( K ) + H ( T ) − P ( k ) P ( t ) P ( x | k, t ) log P ( k | x, t ) . k t x (7) 14 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  23. The Role of Perceived Information (Cont’d) Issues P ( k | x, t ) is unknown! It has to be estimated: ˆ P and ˜ P . How to use ˆ P and ˜ P in order to estimate the Mutual Information? 15 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  24. The Role of Perceived Information (Cont’d) Issues P ( k | x, t ) is unknown! It has to be estimated: ˆ P and ˜ P . How to use ˆ P and ˜ P in order to estimate the Mutual Information? Answer We define the Perceived Information as the estimation of Mutual Information using the MAP distinguisher. 15 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  25. Deriving the Perceived Information The MAP distinguishing rule is given by MAP = arg max ˆ x , ˜ P ( k | ˜ t ) q ˜ � ˆ = arg max P ( k | x i , t i ) i =1 � P ( k | x, t ) ˜ ˆ n x,t = arg max x,t � ˜ P ( x, t | k ) log ˆ = arg max P ( k | x, t ) x,t � � ˜ P ( x | k, t ) log ˆ ˜ = arg max P ( t | k ) P ( k | x, t ) x t 16 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

  26. The Role of Perceived Information (Cont’d) One obtains � � ˜ P ( x | k, t ) log ˆ ˜ MAP = arg max P ( t | k ) P ( k | x, t ) (8) t x Summming over P ( k ) and adding H ( K ) + H ( T ) yields the form � � � ˜ ˜ P ( x | k, t ) log ˆ H ( K ) + H ( T ) + P ( k ) P ( t ) P ( k | x, t ) k t x 17 Télécom ParisTech Defining PI Thanks to Shannon June 21-24, 2016

Recommend

Evaluation of the Dizzy Patient Shannon Fraser Outline Vestibular anatomy Defining and

Evaluation of the Dizzy Patient Shannon Fraser Outline Vestibular anatomy Defining and

Evaluation of the Dizzy Patient Shannon Fraser Outline Vestibular anatomy Defining and describing dizziness History Physical exam Differential diagnosis Central versus peripheral Treatment Vestibular Anatomy 3

965 views • 50 slides
Entropy and Shannon information Entropy and Shannon information For a random variable X with

Entropy and Shannon information Entropy and Shannon information For a random variable X with

Entropy and Shannon information Entropy and Shannon information For a random variable X with distribution p(x), the entropy is H[ X ] = - S x p( x ) log 2 p( x ) Information is defined as I[ X ] = - log 2 p( x ) Mutual information Typically,

695 views • 47 slides
Quantum Lecture 6 Shannon information Quantum information Distance measures Mikael

Quantum Lecture 6 Shannon information Quantum information Distance measures Mikael

Quantum Lecture 6 Shannon information Quantum information Distance measures Mikael Skoglund, Quantum Info 1/16 Shannon Entropy and Information The Shannon entropy for a discrete variable X with alphabet X and pmf p ( x ) = Pr( X = x

440 views • 8 slides
Outline 1. Standing on the Shoulders of Giants . . . 2. What is Information? 3. Shannon

Outline 1. Standing on the Shoulders of Giants . . . 2. What is Information? 3. Shannon

What is Information? W. Szpankowski Department of Computer Science Purdue University W. Lafayette, IN 47907 April 30, 2008 AofA and IT logos INRIA 2008 Participants of Information Beyond Shannon, Orlando, 2005, and J. Konorski, Gdansk,

725 views • 36 slides
Prosody in Dialog Predicting Accent based on Information Structure and context Defining

Prosody in Dialog Predicting Accent based on Information Structure and context Defining

Prosody in Dialog Predicting Accent based on Information Structure and context Defining Prosodic Features in English Pitch Accent Local Maxima or Minima in f0 o Variable depending on discourse o Lexical Stress Stress results in

501 views • 13 slides
The dual geometry of Shannon information Frank Nielsen 12 @FrnkNlsn 1 cole Polytechnique 2 Sony

The dual geometry of Shannon information Frank Nielsen 12 @FrnkNlsn 1 cole Polytechnique 2 Sony

The dual geometry of Shannon information Frank Nielsen 12 @FrnkNlsn 1 cole Polytechnique 2 Sony CSL Shannon centennial birth lecture October 28th, 2016 Outline A storytelling... Getting started with the framework of information geometry:

1.01k views • 79 slides
Shannon, Turing and Hats: Information Theory Incompleteness Francois Durand, Fabien Mathieu,

Shannon, Turing and Hats: Information Theory Incompleteness Francois Durand, Fabien Mathieu,

Shannon, Turing and Hats: Information Theory Incompleteness Francois Durand, Fabien Mathieu, Philippe Jacquet WITMSE 2017 September 13 th , 2017 Roadmap 1 Getting Rich without a DeLorean 2 The Shannon Approach 3 Days of infinite past 2 /

953 views • 83 slides
perceived vulnerability and perceived risk: Implications for health theory and interventions

perceived vulnerability and perceived risk: Implications for health theory and interventions

Differences between perceived vulnerability and perceived risk: Implications for health theory and interventions Jennifer J. Harman, PhD Colorado State University 2005-2010 Assistant Professor, Applied Social Psychology Colorado State

439 views • 32 slides
A User -Perceived Availability Evaluation of a Web-based Travel Agency Mohamed Kaniche, Karama

A User -Perceived Availability Evaluation of a Web-based Travel Agency Mohamed Kaniche, Karama

A User -Perceived Availability Evaluation of a Web-based Travel Agency Mohamed Kaniche, Karama Kanoun, Magnos Martinello Partially supported by the European Community, DSoS - Project IST-1999-11585 DSN-2003, IPDS, 22-25 June 2003, San

479 views • 17 slides
Perceived vs. Accuracy: A Comparison of Patient Perceived STI testing vs. Actual Tests Performed

Perceived vs. Accuracy: A Comparison of Patient Perceived STI testing vs. Actual Tests Performed

Perceived vs. Accuracy: A Comparison of Patient Perceived STI testing vs. Actual Tests Performed in a Community Health Center Andrea Lewis CentroMed-Walzem Rd. San Antonio, TX GE-NMF PCLP Summer 2014 Introduction CentroMed-Walzem Clinic

535 views • 15 slides
Information Exchange Organizations Based on the HIMSS 2016 HIE Measures and Enterprise Survey

Information Exchange Organizations Based on the HIMSS 2016 HIE Measures and Enterprise Survey

Real vs. Perceived Views on Health Information Exchange Organizations Based on the HIMSS 2016 HIE Measures and Enterprise Survey Moderator: Joshua Vest, PhD, MPH Associate Professor, Health Policy and Management, Indiana University

372 views • 16 slides
Mid Shannon Wilderness Park The potential future of the Longford bogs Mid Shannon Potential 22

Mid Shannon Wilderness Park The potential future of the Longford bogs Mid Shannon Potential 22

Mid Shannon Wilderness Park The potential future of the Longford bogs Mid Shannon Potential 22 Longford Tourism Projects-Mid Shannon Wilderness Park Mid Shannon Trail Longford Shannon Greenway Our National Goal

601 views • 20 slides
Discovering silver. Defining value. www.aftermathsilver.com | TSX.V : AAG Important Information

Discovering silver. Defining value. www.aftermathsilver.com | TSX.V : AAG Important Information

A FTERMATH S ILVER I NVESTOR P RESENTATION December 2019 TSX.V: AAG OTCQB: FLMZF Discovering silver. Defining value. www.aftermathsilver.com | TSX.V : AAG Important Information Cautionary Statement on Forward Looking Information This

493 views • 24 slides
Multiplicity Issues in Defining the Testing Strategy for Two Large Outcome Studies By: Jennifer

Multiplicity Issues in Defining the Testing Strategy for Two Large Outcome Studies By: Jennifer

Multiplicity Issues in Defining the Testing Strategy for Two Large Outcome Studies By: Jennifer Shannon, Rebekkah Brown, Greg Cicconetti, and Rich Davies STABILITY and SOLID-TIMI 52 Primary Endpoint is first occurrence MACE CV death

127 views • 8 slides
3. Information-Theoretic Foundations Founder: Claude Shannon, 1940s Gives bounds for:

3. Information-Theoretic Foundations Founder: Claude Shannon, 1940s Gives bounds for:

3. Information-Theoretic Foundations Founder: Claude Shannon, 1940s Gives bounds for: Ultimate data compression Ultimate transmission rate of communication Measure of symbol information: Degree of surprise / uncertainty

758 views • 13 slides
Applied Information Theory Daniel Bosk Department of Information and Communication Systems, Mid

Applied Information Theory Daniel Bosk Department of Information and Communication Systems, Mid

Introduction Shannon entropy Applications References Applied Information Theory Daniel Bosk Department of Information and Communication Systems, Mid Sweden University, Sundsvall. 14th March 2019 1 Introduction Shannon entropy

775 views • 59 slides
for Assessing Fidelity to Evidence-Based Interventions Shannon Wiltsey Stirman, PhD National

for Assessing Fidelity to Evidence-Based Interventions Shannon Wiltsey Stirman, PhD National

1 A Comparison of Strategies for Assessing Fidelity to Evidence-Based Interventions Shannon Wiltsey Stirman, PhD National Center for PTSD and Stanford University @slwiltsey Acknowledgements 2 Coauthors Candice Monson, PhD (Co-PI)

816 views • 25 slides
Shannon-type Inequalities, Submodular Width, and Disjunctive Datalog Hung Q. Ngo (Stealth Mode)

Shannon-type Inequalities, Submodular Width, and Disjunctive Datalog Hung Q. Ngo (Stealth Mode)

Shannon-type Inequalities, Submodular Width, and Disjunctive Datalog Hung Q. Ngo (Stealth Mode) With Mahmoud Abo Khamis and Dan Suciu @ PODS 2017 Table of Contents Connecting the Dots Output Size Bounds and Information Theory Shannon-flow

2.22k views • 190 slides
Robust Bounds for Emptiness Formation Probability for Dimers Shannon Starr University of Alabama

Robust Bounds for Emptiness Formation Probability for Dimers Shannon Starr University of Alabama

Robust Bounds for Emptiness Formation Probability for Dimers Shannon Starr University of Alabama at Birmingham October 9, 2016 Based on joint work with Scott Williams, UAB (undergraduate). Preprint, in progress. Shannon Starr UAB Dimer

186 views • 14 slides
( la Shannon) A multi-channel extension A multi-channel extension u 1 = h (y 1 ,..,y n ) T R

( la Shannon) A multi-channel extension A multi-channel extension u 1 = h (y 1 ,..,y n ) T R

Classical Communication Setting OUTLINE ! Game Theoretic Approach to ( la Shannon) Information Security Fundamental problem in information transmission / communication The fundamental problem of communication TAMER BA AR

81 views • 7 slides
Monitoring US Military and CIA use of Shannon Airport www.shannonwatch.org John Lannon Shannon

Monitoring US Military and CIA use of Shannon Airport www.shannonwatch.org John Lannon Shannon

Monitoring US Military and CIA use of Shannon Airport www.shannonwatch.org John Lannon Shannon a Civilian Airport? Facilitating US war activities in Afghanistan and Iraq An important node in the US renditions network Munitions

450 views • 18 slides
Comparing Compartment and Agent-based Models Shannon Gallagher JSM Baltimore, MD August 2, 2017

Comparing Compartment and Agent-based Models Shannon Gallagher JSM Baltimore, MD August 2, 2017

Comparing Compartment and Agent-based Models Shannon Gallagher JSM Baltimore, MD August 2, 2017 Thesis work with: William F. Eddy (Chair) Joel Greenhouse Howard Seltman Cosma Shalizi Samuel L. Ventura Goal: Combine two good models into a

447 views • 34 slides
Information Recovery from Pairwise Measurements A Shannon-Theoretic Approach Yuxin Chen ,

Information Recovery from Pairwise Measurements A Shannon-Theoretic Approach Yuxin Chen ,

Information Recovery from Pairwise Measurements A Shannon-Theoretic Approach Yuxin Chen , Changho Suh , Andrea Goldsmith Stanford University KAIST Page 1 Recovering data from correlation measurements A large collection of

691 views • 49 slides
Exploring Idiomaticity with Variant-based Distributional Measures and Shannon Entropy Marco S. G.

Exploring Idiomaticity with Variant-based Distributional Measures and Shannon Entropy Marco S. G.

Exploring Idiomaticity with Variant-based Distributional Measures and Shannon Entropy Marco S. G. Senaldi 1 Gianluca E. Lebani 2 Alessandro Lenci 2 1 Scuola Normale Superiore, Pisa 2 University of Pisa DGfS 2017 Saarbrcken | 9 th March 2017

736 views • 38 slides

More recommend