Quantifying Privacy in Nuclear Warhead Authentication Protocols
11 Quantifying Privacy in Nuclear WarheadAuthentication Protocols
Ruaridh R. Macdonald and R. Scott Kemp Massachusetts Institute of Technology, Department of Nuclear Science and Engineering
Abstract —International verification of nuclear warheads is apractical problem in which the protection of secret warheadinformation is of paramount importance. We propose a measurethat would enable a weapon owner to evaluate the privacy ofa proposed protocol in a technology-neutral fashion. We showthe problem is reducible to ‘natural’ and ‘corrective’ learning.The natural learning can be computed without assumptionsabout the inspector, while the corrective learning accounts forthe inspector’s prior knowledge. The natural learning providesthe warhead owner a useful lower bound on the informationleaked by the proposed protocol. Using numerical examples, wedemonstrate that the proposed measure correlates better withthe accuracy of a maximum a posteriori probability estimate thanalternative measures.
I. I
NTRODUCTION
The core technical challenge facing future nuclear warheaddisarmament treaties is how to verify that warheads arebeing irreversibly dismantled without revealing confidentialwarhead-design information to an inspector. Nation statesworry that revealing their nuclear-weapon design secrets maycompromise their nuclear deterrents, for example, by allowingadversaries to fine-tune countermeasures. However, withoutrigorous disarmament verification the disarming state maycheat by dismantling “hoax objects” while retaining theirauthentic warheads in a secret reserve [1–4].Concern about information leakage has prevented the prac-tical use of warhead authentication for more than fifty years.Protocols with significantly enhanced privacy have been morerecently proposed [5–8], but there are no technology-neutralmeasures for comparing their relative merits. Protocols needto be evaluated on their ability to correctly accept authenticwarheads (completeness), reject hoax objects (soundness), andnot reveal secret information (privacy). In this paper wepropose a measure of privacy based on how much an inspectorlearns when executing the protocol. Given a set of assumptionsabout which warhead design details are important to protect,and the prior knowledge of the inspector; our measure can beused to compare competing authentication concepts.II. P
RIVACY MEASURE FOR W ARHEAD V ERIFICATION
We define nuclear warheads by a set of properties, denoted Θ . These could include isotope distributions, detonation yields,or other properties. Due to manufacturing variation, eachwarhead can be slightly different so Θ is a random variablewith alphabet ϑ and specific instances θ ∈ ϑ , distributedaccording to p true (Θ) . This true distribution is only knownto the warhead owner. The inspector starts with a prior belief distribution, p (Θ) , which is their best estimate of p true (Θ) .The inspector updates their beliefs using the measured data, X , according to Bayes’ theorem, shown in Equation 1. Thenumbered subscripts on p denote the number of completedmeasurements. p (Θ = θ ) = p (Θ = θ | X = x ) = p ( x | θ ) p ( θ ) p ( x ) (1) The data, X , is also a random variable, with alphabet X andpossible results x ∈ X , distributed according to p true ( X ) . It isdependent on the properties of the specific warhead being mea-sured as well as the stochastic variation of the measurement.The stochastic variation is described by the likelihood function p ( x | θ ) , which only depends on the physics and procedure ofthe measurement process. We will assume that both the ownerand inspector understand the protocol perfectly, so p ( x | θ ) isknown exactly and for that reason: p ( x | θ ) = p ( x | θ ) = p ( x | θ ) = ... = p true ( x | θ ) (2) To assess privacy, we need a means of quantifying howmuch a measurement improves the accuracy of the inspector’sbeliefs about Θ . There are multiple means of measuring thechange between p (Θ) and p (Θ) , but different measureshighlight different features of any change.The most common approach is to estimate learning bythe reduction in the entropy of the inspector’s beliefs afterconditioning on the measured data, as originally developed byShannon, Lindley, and others[9–11], with the average reduc-tion being described by the mutual information between theproperty of interest and observable data. However, the entropy-based approach suffers from three shortcomings which reduceits usefulness in this application. Mutual information estimatesthe average amount the inspector learns about Θ assumingtheir prior belief distribution was p true (Θ) . This will not(indeed, must not) be generally true in warhead authentication,otherwise there is no private information, which is an essentialfeature of the problem. Furthermore, a reduction in Shannonor differential entropy reflects reduction in uncertainty abouta random variable, rather than necessarily a reduction ininaccuracy. If the inspector becomes convinced of an incorrectvalue for Θ , the entropy of their belief distribution will stilldecrease, but the owner would not consider convergence to awrong answer to be demonstrative of weak privacy. Finally, thefact that Shannon entropy (though not the mutual information)can be negative or undefined for non-discrete random variablesmakes comparisons more difficult. a r X i v : . [ s t a t . O T ] N ov A. Quantifying changes in knowledge by changes in KL di-vergences
We propose to evaluate the inspector’s learning by calcu-lating how much conditioning on the measured data reducesthe Kullback-Leibler divergence between p true (Θ) and theinspectors belief distribution. We quantify the (in)accuracy ofthe inspector beliefs about Θ as the KL divergence betweentheir belief distribution for Θ and the true distribution for Θ .Their initial inaccuracy is given by Equation 3. The smallerthis KL divergence is, the more accurate the inspector’s initialbelief distribution. This initial value is independent of theauthentication protocol being analyzed. As long as the sameproperties are being considered, this is a consistent startingpoint for comparing protocols. D KL ( p true (Θ) || p (Θ)) = (cid:88) θ ∈ ϑ p true ( θ ) log (cid:18) p true ( θ ) p ( θ ) (cid:19) (3) After a measurement X , the inaccuracy in the inspector’sbelief is: D KL ( p true (Θ) || p (Θ)) = D KL ( p true (Θ) || p (Θ | x )) (4) = (cid:88) θ ∈ ϑ p true ( θ ) log (cid:18) p true ( θ ) p ( θ | x ) (cid:19) (5) The change in the accuracy of the inspector’s beliefs in Θ isthe difference between Equations 3 and 5. If x was a usefulmeasurement, the belief inaccuracy will be reduced, thus wesubtract the posterior error from the prior error to calculatethe learning, as shown in Equations 7 to 9. Learning (cid:44) K ( p (Θ) , p true (Θ) , x ) (6) = D KL ( p true (Θ) || p (Θ)) − D KL ( p true (Θ) || p (Θ)) (7) = (cid:88) θ ∈ ϑ p true ( θ ) log (cid:18) p ( θ ) p ( θ ) (cid:19) (8) = (cid:88) θ ∈ ϑ p true ( θ ) log (cid:18) p ( θ | x ) p ( θ ) (cid:19) (9) The learning measure in 9 incorporates the inspector’s initialknowledge p (Θ) , the data available to them x , and thedescription of the true warhead properties p true (Θ) . The in-spector’s method of inference is implied in the posterior beliefdistribution p (Θ | x ) . The owner does not have access to all ofthese components; in most cases the owner will have to guessthe inspector’s prior information and inference method. Wewill see the impact of these approximations in the followingsubsections. Note that if p (Θ) = p true (Θ) , then Equation 9will reduce to the mutual information when averaged over x ∈ X . This suggests a strong link between our method andthe traditional entropy-based approach, but ours accounts forthe inspector’s faulty prior.While the learning measure in Equation 9 shares somesimilarities with Jensen-Shannon divergence and comparativedivergence, the authors could not find it in the literature. Thisis probably because p true ( θ ) is not known a priori in mostinference or learning situations. III. E XPECTATION VALUE OF LEARNING
To expand on the features of our proposed measure, in thissection we calculate how much the owner should expect theinspector to learn about a class of warheads, based on one ormore measurements.
A. Measurement of one warhead
To begin with, we assume the inspector takes one measure-ment of a single warhead. As above, the class of warheads hasproperties Θ , distributed according to p true (Θ) . The specificwarhead which the inspector measures has Θ = θ ∗ : p measured warhead (Θ) = p true (Θ | θ ∗ ) = (cid:40) , if Θ = θ ∗ , otherwise (10) Therefore, after measuring x , the inspector will have learned: K ( p (Θ) , p true (Θ | θ ∗ ) , x | θ ∗ ) = (cid:88) θ ∈ ϑ p true ( θ ) log (cid:18) p ( θ | x ) p ( θ ) (cid:19) (11) = 1 × log (cid:18) p ( θ ∗ | x ) p ( θ ∗ ) (cid:19) (12) We can find the expected result by averaging over all thepossible measurement results: K ( p (Θ) , p true (Θ | θ ∗ ) , X | θ ∗ ) = E x ∈X {K ( p (Θ) , p true (Θ | θ ∗ ) , x | θ ∗ ) } (13) = (cid:88) x ∈X p true ( x | θ ∗ ) log (cid:18) p ( θ ∗ | x ) p ( θ ∗ ) (cid:19) (14) Using Bayes’ law (Equation 1), we can trade the argument ofthe logarithm: p ( θ ∗ | x ) p ( θ ∗ ) = p ( x | θ ∗ ) p ( x ) (15) Remembering also that the likelihood function for x | θ ∗ is thesame for p and p true (Equation 2), we can also exchange p true ( x | θ ∗ ) for p ( x | θ ∗ ) , or vice versa. K ( p (Θ) , p true (Θ | θ ∗ ) , X | θ ∗ ) = (cid:88) x ∈X p ( x | θ ∗ ) log (cid:18) p ( x | θ ∗ ) p ( x ) (cid:19) (16) = D KL ( p ( x | θ ∗ ) || p ( x )) (17) = D KL ( p true ( x | θ ∗ ) || p ( x )) (18) The expected learning is a KL divergence, so it is non-negative. This tells us that, on average, the inspector’s beliefwill be improved or stay the same after measuring the warhead.Individual samples of x may be misleading and produce anegative learning measure, but the owner should expect that,on average, the inspector will learn something about Θ if it isrelated to x . B. Measurements over of a class of warheads
We can average the result in Equation 18 over the classof warheads to see how much the owner should expect theinspector to learn when measuring several different warheads. K ( p (Θ) ,p true (Θ) , X ) = E θ ∗ ∈ Θ {K ( p (Θ) , p true (Θ | θ ∗ ) , X | θ ∗ ) } (19) = (cid:88) θ ∗ ∈ Θ p true ( θ ∗ ) (cid:88) x ∈X p true ( x | θ ∗ ) log (cid:18) p true ( x | θ ∗ ) p ( x ) (cid:19) (20) = (cid:88) θ ∗ ∈ Θ (cid:88) x ∈X p true ( x, θ ∗ ) log (cid:18) p true ( x | θ ∗ ) p ( x ) (cid:19) (21) Using the definition of conditional and joint probabilities, wecan rearrange the arguments of the logarithm again. At thisstage, because we are averaging over Θ , we can revert to using θ rather than θ ∗ to describe the warhead properties. K ( p (Θ) , p true (Θ) , X ) = (cid:88) θ ∈ ϑ (cid:88) x ∈X p true ( x, θ ) log (cid:18) p true ( x, θ ) p ( x ) p true ( θ ) (cid:19) (22) Note that Equation 22 is very similar to the expression formutual information. Because the mutual information is purelya function of the warhead properties and measurement process,the owner can calculate it without having to make assumptionsabout the inspector. It would therefore be useful to describethe inspector’s learning with respect to it. K ( p (Θ) , p true (Θ) , X )= (cid:88) θ ∈ ϑ (cid:88) x ∈X p true ( x, θ ) log (cid:18) p true ( x, θ ) p ( x ) p true ( θ ) p true ( x ) p true ( x ) (cid:19) (23) = (cid:88) θ ∈ ϑ (cid:88) x ∈X p true ( x, θ ) (cid:18) log (cid:18) p true ( x, θ ) p true ( x ) p true ( θ ) (cid:19) + log (cid:18) p true ( x ) p ( x ) (cid:19)(cid:19) (24) = (cid:88) θ ∈ ϑ (cid:88) x ∈X p true ( x, θ ) log (cid:18) p true ( x, θ ) p true ( x ) p true ( θ ) (cid:19) + (cid:88) x ∈X p true ( x ) log (cid:18) p true ( x ) p ( x ) (cid:19) (25) = I ( p true (Θ); p true ( X )) + (cid:88) x ∈X p true ( x ) log (cid:18) p true ( x ) p ( x ) (cid:19) (26) = I ( p true (Θ); p true ( X )) (cid:124) (cid:123)(cid:122) (cid:125) natural learning + D KL ( p true ( X ) || p ( X )) (cid:124) (cid:123)(cid:122) (cid:125) corrective learning (27) Equation 27 is the most important result. It can be used asthe privacy measure for a parameter Θ . There are two terms,a ‘natural learning’ component, which depends on the truecorrelation between Θ and X ; and a ‘corrective learning’component, which depends on how accurate the inspector’sprior belief distribution is. The natural learning is describedby the mutual information between Θ and X under their truedistributions. The owner can calculate it accurately withoutmaking assumptions about the inspector, other than Equa-tion 2. The corrective learning is the KL divergence betweenthe true distribution of the output data, and the inspector’s priorestimate of the same. It is highly dependent on the owner’sestimate of the inspector’s prior. The inspector’s total learning will be greater than the naturallearning because the corrective learning is a KL divergenceand hence non-negative. Starting from a more inaccurateprior accelerates the rate of learning, because there is agreater difference between the measured data and what theinspector expected. The natural learning component is a usefullower bound on the average amount learned by the inspector,but no general upper bound exists. KL divergences are notupper-bounded in general, and can be infinite in some cases.However, maximizing the corrective learning will not leavethe inspector with the most knowledge possible, i.e. minimizeEquation 5, in general. This is expanded on in section III-C.If the the inspector’s prior is equal to the true distribution,the corrective learning will be zero and the total learning equalto the natural learning. This returns us to the typical entropy-based approach, again showing the relationship between it andour proposed measure. Inferring hyper parameters is discussedin more detail in section V. C. Effect of maximizing corrective learning
Choosing a very inaccurate prior belief distribution forthe inspector will increase their average corrective learning.Here we show that choosing a prior to maximize the averagecorrective learning, D KL ( p true ( X ) || p ( X )) , is not guaranteedto maximize the accuracy of the inspector’s final belief distri-bution, D KL ( p true (Θ) || p (Θ | X )) . D KL ( p true (Θ) || p (Θ | X )) = E x ∈X { D KL ( p true (Θ) || p (Θ | x )) } (28) = (cid:88) x ∈X p true ( x | θ ) (cid:88) θ ∈ ϑ p true ( θ ) log (cid:18) p true ( θ ) p ( θ | x ) (cid:19) (29) = (cid:88) θ ∈ ϑ (cid:88) x ∈X p true ( x, θ ) log (cid:18) p true ( θ ) p ( θ | x ) (cid:19) (30) Using Bayes law, we rewrite this equation in terms of thecorrective learning. Reassuringly, we are able to rederive thelearning measure from this alternate starting point. E x ∈X { D KL ( p true (Θ) || p (Θ | x )) } = (cid:88) x ∈X ,θ ∈ ϑ p true ( x, θ ) log (cid:18) p true ( θ ) p ( θ | x ) (cid:19) (31) = (cid:88) x ∈X ,θ ∈ ϑ p true ( x, θ ) log (cid:18) p true ( θ ) p ( x ) p ( x | θ ) p ( θ ) (cid:19) (32) = (cid:88) x ∈X ,θ ∈ ϑ p true ( x, θ ) log (cid:18) p true ( θ ) p ( x ) p ( x | θ ) p ( θ ) p true ( x ) p true ( x ) p true ( θ ) p true ( θ ) (cid:19) (33) = (cid:88) x ∈X ,θ ∈ ϑ p true ( x, θ ) (cid:18) log (cid:18) p true ( θ ) p ( θ ) (cid:19) + log (cid:18) p true ( θ ) p true ( x ) p true ( x | θ ) p true ( θ ) (cid:19) + log (cid:18) p ( x ) p true ( x ) (cid:19)(cid:19) (34) = D KL ( p true (Θ) || p (Θ)) − I ( p true (Θ); p true ( X )) − D KL ( p true ( X ) || p ( X )) (35) = D KL ( p true (Θ) || p (Θ)) − K ( p (Θ) , p true (Θ) , X ) (36) Looking at Equation 35, we see that the accuracy of theinspector’s final belief distribution depends on three factors: the accuracy of their prior belief in Θ , the mutual informationbetween Θ and the data, and the corrective learning. If wechoose p (Θ) to maximize the corrective learning, we wouldexpect the accuracy of the prior in Θ to decrease as well,and the first term of Equation 35 to increase, because the twoare related by the likelihood function p ( x | θ ) . It is simple todemonstrate by example that the first term can grow fasterthan the corrective learning term, showing that maximizingthe corrective learning is not guaranteed to minimize the errorin the inspector’s final belief distribution. D. Multiple measurements of a warhead
If the inspector is allowed to make multiple measurementsof each test object then they will learn more about the warheadproperties. The second result, X , is conditionally dependenton the first if X provides any information about Θ . Thelearning measure for the second measurement is given byEquation 38. K ( p (Θ | X ) , p true (Θ | X ) , X | X )= I ( p true (Θ | X ); p true ( X | X )) + D KL ( p true ( X | X ) || p ( X | X )) (37) = (cid:88) ϑ, X , X p true ( x , x , θ ) log (cid:18) p true ( x | x , θ ) p ( x | x ) (cid:19) (38) The average total learning over both measurements is the sumof Equations 27 and 38. Unless the measurement results areentirely independent Equation 38 will be less than Equation27, and the inspector will face diminishing marginal returnswith each successive measurement.
E. Combining learning measures into utility functions
Nuclear warheads are complicated objects and are bestdescribed by multiple properties. The owner can treat all ofthese together as one variable Θ and calculate a single valuefor the learning measure, in which case the privacy of the pro-tocol is given by the learning measure: K ( p (Θ) , p true (Θ) , X ) .However, some properties may be more important for theowner to protect than others, in which case the warhead canbe described by a set of properties T N = { Θ , Θ , ..., Θ N } .The owner calculates the privacy measure for each property,and combines them in a privacy utility function.The owner can use any privacy utility function they wish,as long as they use the same one for all protocols. Theutility function will embody a combination of political andtechnical concerns about which properties of a warhead aremost important to protect, including emergent properties suchas explosive yield. The owner is unlikely to share their utilityfunction with the inspector, as it reflects sensitive information.In the simplest case, the privacy utility function could be aweighted sum of the individual privacy measures using fixedweights W N = { w , w , ..., w N } , as given in Equation 39. Amore sophisticated function would use weights which dependon the privacy measure values. K ( T N , W N , X ) = (cid:88) i =1: N w i K ( p (Θ i ) , p true (Θ i ) , X ) (39) Fig. 1. Comparison of the measure proposed in this paper [A] and Shannonentropy [B] versus the number of measurements made. The simulation wasrun for 10,000 cases, with M = 40 , S = 7 . The learning measures foreach individual case are shown in grey, the mean result by the solid curve,and the median result by the dashed curve. The median and mean result arealmost identical in [B]. The KL divergence and Shannon entropy of the priordistribution are given by the dot-dashed lines. F. Numerical example
In this section we provide a simple numerical example todemonstrate that our approach is a more accurate measure ofinspector knowledge than Shannon entropy. The expression forthe change in Shannon entropy is given in Equation 40. E { H ( p (Θ)) − H ( p (Θ | x )) } = (cid:88) x ∈X (cid:88) θ ∈ ϑ p true ( x ) p ( θ | x ) log (cid:18) p ( θ | x ) p ( θ ) (cid:19) (40) For this example, we define warheads using one property, Θ , distributed according to a normal distribution with mean M and variance S . The inspector can take measurements of thetest objects, producing data X , which we assume is distributedaccording to a Poisson distribution reflecting the statistics offrequently used radiation-based tools. Starting from a priorbelief distribution p (Θ) , the inspector uses a maximum aposteriori probability (MAP) estimator for Θ , which we denote ˜Θ . p (Θ) is a discrete uniform distribution between two limits. p true (Θ = θ ) = N [ θ, µ = M, σ = S ] (41) p true ( X = x | θ ) = P oisson [ x, λ = θ ] (42) Figures 1, 2, and 3 compare the privacy / learning assessmentsusing the method we propose, and the Shannon entropyapproach. 10,000 warheads were simulated, with the inspectorattempting to infer Θ for each based on up to 100 mea-surements. The grey lines in Figures 1.A and 1.B show theprogression of the two learning measures for each individualcase with each measurement. The Shannon entropy measureincreases with almost every measurement, while our proposedmeasure increases and decreases as more data is collectedbut drifts upwards on average. The prior distribution wasuniformly distributed so any new data, accurate or otherwise,produces a more peaked posterior distribution and reducesthe entropy. Our measure is able to better capture when dataproduces a less accurate estimate of Θ .While the average change in both measures correspondalmost identically with the average change in the error of ˜Θ ,they have very different case-by-case correlation, as shown inFigure 2. Our proposed measure shows an almost one-to-onerelationship with ˜Θ for each posterior, as shown in Figures2.A and 2.D, and there is a linear correlation of . acrossposteriors. While the entropy measure also increases with each Fig. 2. Changes in the values of the two learning measures versus the MAPestimator error for Θ . [A] and [B] show the result for each of the 10,000cases, after 1, 10, and 100 measurements in blue, green, red respectively. [C]depicts the mean absolute MAP error versus both learning measures. [D] givesthe linear correlation between the absolute MAP error and the two measuresafter each measurement.Fig. 3. Changes in the values of the two learning measures versus theuncertainty of the inspector’s belief in Θ . The uncertainty was estimated by thesmallest span around ˜Θ in ϑ which included 30% of the integral of the beliefdistribution. [A] and [B] show the result for each of the 10,000 cases, after1, 10, and 100 measurements in blue, green, red respectively. [C] depicts themean MAP uncertainty versus both learning measures. [D] gives the linearcorrelation between the belief uncertainty and the two measures after eachmeasurement. measurement, there is only a linear correlation of . acrossthe posteriors.A similar relationship exists between the two measuresand the inspector’s belief uncertainty, but the correlation isreversed, as shown in Figure 3. We estimate belief uncertaintyas the smallest span around ˜Θ in ϑ which included 30% ofthe integral of the belief distribution. More work is requiredto understand these relationships in detail and how the operatefor any arbitrary distribution.IV. I NSPECTOR WITH INCORRECT LIKELIHOOD FUNCTION
So far we have assumed that the warhead owner andinspector both understand the protocol and measurement pro-cesses perfectly. This was reflected in them both knowing thelikelihood function of the data given the warhead properties(Equation 2). We made extensive use of this identity whenderiving our privacy measure. If we relax this assumption by removing Equation 2, we canexamine situations in which the inspector attempts to infer Θ with an incorrect or incomplete likelihood function. This couldreflect a range of warhead-protection strategies, for example,where the measured data is scrambled using a secret key,so that the inspector only has access to the naive, key-lesslikelihood function. K ( p (Θ) , p true (Θ) , X ) = (cid:88) x ∈X p true ( x | θ ) (cid:88) θ ∈ ϑ p true ( θ ) log (cid:18) p ( θ | x ) p ( θ ) (cid:19) (43) = (cid:88) x ∈X (cid:88) θ ∈ ϑ p true ( x, θ ) log (cid:18) p ( θ | x ) p ( θ ) (cid:19) (44) Using the result in Equation 21, we can see the differencebetween this measure and our original result. K ( p (Θ) , p true (Θ) , x )= (cid:88) x ∈X (cid:88) θ ∈ ϑ (cid:18) p true ( x, θ ) log (cid:18) p ( θ | x ) p ( θ ) (cid:19) − p true ( x, θ ) log (cid:18) p true ( x | θ ) p ( x ) (cid:19)(cid:19) + I ( p true (Θ); p true ( X )) + D KL ( p true ( X ) || p ( X )) (45) = (cid:88) x ∈X (cid:88) θ ∈ ϑ (cid:18) p true ( x, θ ) log (cid:18) p ( x | θ ) p ( x ) p true ( x | θ ) p ( x ) (cid:19)(cid:19) + I ( p true (Θ); p true ( X )) + D KL ( p true ( X ) || p ( X )) (46) = I ( p true (Θ); p true ( X )) + D KL ( p true ( X ) || p ( X )) − E θ ∈ ϑ { D KL ( p true ( X | θ ) || p ( X | θ )) } (47) An incorrect understanding of the likelihood function candecrease the accuracy of the inspector’s beliefs. While the thirdterm is a sum over both X and Θ , it still has the propertiesof a KL divergence.To demonstrate this more general case, we return to theexample in III-F, but the output X is modified using a randomvariable Y , with alphabet y ∈ Y . A value for Y is assigned toeach measurement of the warheads, as described in Equations48 to 50. The inspector knows the distribution of Y but notits value, so attempts to infer Θ using the likelihood functionin Equation 51 p true (Θ = θ ) = N [ θ, µ = M, σ = S ] (48) p true ( Y = y ) = N [ θ, µ = 20 , σ = 15] (49) p true ( X = x | θ, y ) = P oisson [ x, λ = θ + y ] (50) p true ( X = x | θ ) = (cid:88) y ∈Y p true ( y ) P oisson [ x, λ = θ + y ] (51) This example demonstrates the differences between our pro-posed measure and the entropy-based approach most clearly.Figure 4 compares the two measures with the error in theinspector’s MAP estimate of Θ over 100 measurements of10,000 warheads. The addition of the secret key causes theinspector’s estimate to converge to an incorrect result, onaverage 9.5 away from the mean. While, the entropy-basedmeasure shows almost the same progression as before, grad-ually increasing as the inspectors posterior becomes morepeaked, our proposed measure decreases in almost all cases,as the inspector’s posterior distribution becomes less similarto the correct answer. Because we are most interested in the Fig. 4. Comparison of our proposed measure and the entropy-based approachwhen the inspector attempts to infer Θ using the incorrect likelihood functionin Equation 51. [A] and [B] show the progression of the two measures versusthe number of measurements taken over 10,000 simulated cases. The learningmeasures for each individual case are shown in grey, the mean result by thesolid curve, and the median result by the dashed curve. [C] and [D] comparethe error in the inspector’s MAP estimate of Θ with the value of the learningmeasures in each case. [E] and [F] show the mean result of the same. accuracy, rather than uncertainty, of the inspector’s knowledgeof the warhead, it is far more useful for a measure of inspectorlearning / protocol privacy to be sensitive to this change.V. I NFERRING HYPERPARAMETERS
The examples so far have considered the case where aninspector was interested in learning the value of the parameter Θ for a set of warheads. The inspector may also be interestedin the distribution of Θ itself, governed by the hyperparameters M and S . We can assess the privacy of these hyperparametersusing the same measure as before. K ( p ( M, S ) , p true ( M, S ) , X )= I ( p true ( M, S ); p true ( X )) + D KL ( p true ( X ) || p ( X )) (52) In the example above, M and S take only one value, as shownin the equation below. p true ( M, S ) = (cid:40) , if ( M, S ) = ( M ∗ , S ∗ )0 , otherwise (53) This makes the mutual info / natural learning zero, as there isno uncertainty in M and S if you know p true ( M, S ) , which isan assumption underlying the mutual information calculation. K ( p ( M, S ) , p true ( M, S ) , X ) = 0 + D KL ( p true ( X | M ∗ , S ∗ ) || p ( X )) (54) VI. S
UMMARY
In this paper, we have proposed a new measure for evaluat-ing the privacy of warhead authentication protocols. It allowsfor equitable comparison of any protocol, which is an im-provement over the bespoke measures previously proposed forindividual protocols. We have demonstrated that our measurecorrelates better with the accuracy of a MAP estimate ofwarhead properties than alternative measures. It can be used to predict the average performance of a protocol beforehand,or a post-fact analysis of the knowledge gained given specificmeasured data. The measure accommodates different assump-tions about which warhead properties need to be considered,and the definition of a measurement can be expanded toinclude multiple separate measurements, or measurements ofmultiple objects. This makes the measure flexible and able tobe used to compare protocols under a variety of authenticationrequirements; as long as the same assumptions are used for allof the protocols. These assumptions are a political-technicaljudgment which must be made before serious comparison ofprotocols can happen.While we have focused on privacy and information leakagein a warhead disarmament context, our measure could be usedto assess other protocols which deal with private information.It can be applied to situations where a party releases data,knowing the true distribution of the private information, andwishes to predict how much an adversary will improve giveninaccurate prior beliefs. For example, if an analysis of aperson’s medical records were to be released as part of atrial, the measure could be used to calculate how much anadversary would learn about that person’s medical history. Theadversary’s initial belief distribution is based on the propertiesof the general population (an erroneous p (Θ) ), while the datais only drawn from the patient ( p true (Θ) ). Our measure allowsan individual to assess their privacy before consenting to theanalysis.In the introduction to the paper, we discussed the three re-quirements of authentication protocols: completeness, sound-ness, and privacy. There is a tension between protocol sound-ness and privacy, because the former prefers more transparentinformation to be released to help identify hoaxes, whilethe latter requires less transparency. Our ongoing work is todevelop an equivalent measure for protocol soundness, andunderstand how it trades-off with privacy.R EFERENCES [1] Kyle J Bunch, Mark Jones, Pradeep Ramuhalli, JacobBenz, and Laura Schmidt Denlinger. Supporting tech-nology for chain of custody of nuclear weapons andmaterials throughout the dismantlement and dispositionprocesses.
Science & Global Security , 22(2):111–134,2014.[2] Wyn Q. Bowen, Hassan Elbahtimy, Christopher Hobbs,and Matthew Moran.
Nuclear Warhead DismantlementVerification: Opportunities and Challenges , pages 51–74.Springer International Publishing, Cham, 2018.[3] James Fuller. Verification on the road to zero: Issues fornuclear warhead dismantlement.
Arms Control Today ,40(10):19–27, 2010.[4] J.F.Morgan. Transparency and verification options: Aninitial analysis of approaches for monitoring warheaddismantlement. Technical report, USA Department ofEnergy Office of Arms Control and Nonproliferation,1997.[5] Alexander Glaser, Boaz Barak, and Robert J. Goldston.A zero-knowledge protocol for nuclear warhead verifica-tion.
Nature , 510(7506):497–502, June 2014. [6] R. Scott Kemp, Areg Danagoulian, Ruaridh R. Mac-donald, and Jayson R. Vavrek. Physical cryptographicverification of nuclear warheads.
Proceedings of theNational Academy of Sciences , July 2016.[7] Peter Marleau and Rebecca E. Krentz-Wee. Investigationinto Practical Implementations of a Zero KnowledgeProtocol. Technical Report SAND–2017-1649, 1367490,Sandia National Laboratory, February 2017.[8] Andrew J. Gilbert, Brian W. Miller, Sean M. Robinson,Timothy A. White, William Karl Pitts, Kenneth D. Jar-man, and Allen Seifert. A single-pixel X-ray imagerconcept and its application to secure radiographic inspec-tions.
Nuclear Instruments and Methods in Physics Re-search Section A: Accelerators, Spectrometers, Detectorsand Associated Equipment , 861:90–97, July 2017.[9] Dennis V Lindley. On a measure of the informationprovided by an experiment.
The Annals of MathematicalStatistics , pages 986–1005, 1956.[10] Solomon Kullback.
Information theory and statistics .Courier Corporation, 1997.[11] Ehsan S Soofi. Effects of collinearity on informationabout regression coefficients.