Quantitative information flow analysis (QIF) is a portfolio of software
security assessment techniques measuring the amount of confidential
information leaked by a program to its public outputs. In this paper, we
extend the scope of precise QIF for deterministic imperative programs
where information flow can be described with linear integer arithmetic.
We propose two novel QIF analyses that precisely measure both residual
Shannon entropy and min-entropy of the secret and that feature improved
tolerance to large leaks and large input domains.

For this purpose, we investigate the use of program specifications in
QIF. We present criteria for specification admissibility and a program
analysis that replaces exhaustive program exploration with symbolic
execution, while incorporating user-supplied (but machine-checked)
specifications. This kind of program analysis allows to trade automation
for scalability, e.g., to programs with unbounded loops. Furthermore, we
show how symbolic projection and counting, based in this instance on
symbolic manipulation of polyhedra, avoid subsequent leak enumeration
and enable precise QIF for programs with large leaks.