HyLeak takes as input a program written in a simple imperative language (a slight extension of the input language used in the QUAIL tool) and computes its Shannon leakage, i.e., the mutual information between the variables defined as secrets and those as observable outputs in the given program.
Following the theoretical results in Kawamoto et al., HyLeak divides the input program into (terminal) components and decides for each of them whether to analyze it using precise or statistical analysis, by applying heuristics that evaluate the analysis cost of each component.
Then, HyLeak composes the analysis results of all components into an approximate joint probability distribution of the secret and observable variables in the program. Finally, the tool estimates the Shannon leakage and its confidence interval.
People
HyLeak is the result of a collaboration between CentraleSupelec Rennes, AIST Tsukuba, and INRIA Rennes. The people currently working on the tool are:
- Fabrizio Biondi is a Chair of Threat Analysis at CentraleSupelec Rennes and developer of the project.
- Yusuke Kawamoto is a research scientist at AIST Tsukuba and developer of the project.
- Axel Legay is the leader of the TAMIS team at INRIA Rennes and supervisor of the project.
- Louis-Marie Traonouez is a research engineer at INRIA Rennes and developer of the project.
