Crate fbleau[][src]

F-BLEAU is a tool for estimating the leakage of a system about its secrets in a black-box manner (i.e., by only looking at examples of secret inputs and respective outputs). It considers a generic system as a black-box, taking secret inputs and returning outputs accordingly, and it measures how much the outputs "leak" about the inputs.

F-BLEAU is based on the equivalence between estimating the error of a Machine Learning model of a specific class and the estimation of information leakage [1,2,3].

This code was also used for the experiments of [2] on the following evaluations: Gowalla, e-passport, and side channel attack to finite field exponentiation.

Getting started

F-BLEAU is thought to be mainly used via the binary it provides, fbleau. For usage instructions, please refer to fbleau's home page or to the help screen: fbleau -h.

For the library documentation, please refer to the appropriate links within this page.


[1] 2017, "Bayes, not Naïve: Security Bounds on Website Fingerprinting Defenses". Giovanni Cherubin

[2] 2018, "F-BLEAU: Practical Channel Leakage Estimation". Giovanni Cherubin, Konstantinos Chatzikokolakis, Catuscia Palamidessi.

[3] (Blog) "Machine Learning methods for Quantifying the Security of Black-boxes".



This module implements Bayes risk estimates, and heuristics for evaluating convergence.


F-BLEAU estimation routines.


Definitions of security and leakage measures.


Utility routines for loading and storing data into files.

Type Definitions