Security and Cryptography

The Automatic Identification System (AIS) is critical in maritime operations, military, law enforcement, and other fields. However, its security has been weak, particularly in terms of authentication. Despite efforts to improve AIS security, a standard has not yet been established. This paper assesses the current state of research and proposes an authentication scheme that uses certificateless cryptography compatible with standard AIS versions. Simulations and theoretical analysis demonstrate that this proposed scheme provides strong security guarantees and efficient performance, making it a promising candidate for authenticating AIS signals.

The research field of software protections—including code obfuscation and software tamperproofing—has introduced many new concepts and methodologies over the past three decades. However, while in other research fields (such as cryptography) the strength of new approaches can be accurately measured, evaluations in the field of software protections are often less methodologically sound due to several challenges. One major problem is the poor availability of samples. The majority of evaluations in the field of software protections is based on small, single-function toy programs or benchmarks borrowed from other domains and do not represent very well the variety of programs that are to be protected in practice. Furthermore, most measurements performed on these samples focus on evaluating the costs (i. e. negative effects on runtime performance) and not the strength of a protection. In this paper, we present OSAGE, a novel, open framework for creating and evaluating appropriate samples for software protections research. It combines a hand-crafted set of 141 programs including individual test cases as a foundation for sample generation, several different compilers and obfuscators, as well as a set of 16 static code analysis methods in a fully automated sample generation and analysis framework. OSAGE enables software protection researchers to easily conduct sound evaluations of their methodologies in regard to costs, protection strength, and stealth and helps compare the results with other protections. In a large-scale evaluation of the framework we demonstrate its practicality in software protections research as well as the reproducibility and comparability of research utilizing OSAGE.

Digital healthcare systems have revolutionized medical services, facilitating provider collaboration, enhancing diagnosis, and optimizing and improving treatments. They deliver superior quality, faster, reliable, and cost-effective services. Researchers are addressing pressing health challenges by integrating information technology, computing resources, and digital health records. However, digitizing healthcare introduces significant risks to patient data privacy and security, with the potential for unauthorized access to protected health information. Although patients can authorize data access through consent, there is a pressing need for mechanisms to ensure such given consent is informed and executed properly and timely. Patients deserve transparency and accountability regarding the access to their data: who access it, when, and under what circumstances. Current healthcare systems, often centralized, leave much to be desired in managing these concerns, leading to numerous security incidents. To address these issues, we propose a system based on blockchain and smart contracts for managing informed consent for accessing health records by the treatment team members, incorporating safeguards to verify that consent processes are correctly executed. Blockchain’s inherent immutability ensures the integrity of consent. Smart contracts automatically execute agreements, enhancing accountability. They provide a robust framework for protecting patient privacy in the digital age. Experimental evaluations show that the proposed approach can be integrated easily with the existing healthcare systems without incurring financial and technological challenges.

We address the question of communication, computation and storage in a world in which the infrastructure is either under attack and/or evolving. In earlier work, we showed a proof of concept to achieve both reliable and private email even when the availability of untrusted cloud servers was not guaranteed. In this paper we survey this earlier work. We use this successful demonstration to propose a blueprint for a new communication infrastructure to address the aforementioned concerns.

The Internet of Things (IoT) is evolving rapidly in many sectors, including personal health, home automation, industrial controls, and smart city infrastructures, with the number of connected devices constantly increasing. However, this growth has also increased the vulnerability space for Distributed Denial of Service (DDoS) attacks, which are becoming more frequent and sophisticated, making it difficult to detect them using conventional methods. To address this issue, machine learning approaches, especially deep learning-based techniques, have emerged as powerful tools for detecting and mitigating DDoS attacks. This paper reviews the state-of-the-art deep learning techniques for detecting DDoS attacks in the IoT. We have analyzed the origin, evolution, and taxonomy of DDoS attacks, benchmark datasets, ongoing research challenges, and future research directions.

Traditional iris recognition systems rely on dedicated sensors, typically using near-infrared illumination, which demand a high degree of user cooperation. Recent studies have demonstrated the feasibility of performing iris recognition on samples captured from uncooperative users in uncontrolled environments, including ocular images cropped from high-resolution facial portraits posted on websites and social media. These advancements are largely driven by novel artificial intelligence techniques and the availability of datasets containing ocular samples collected under non-ideal conditions. Nevertheless, the improved accuracy and robustness of iris recognition methods introduce new challenges related to privacy protection. This chapter examines recent advancements in iris recognition using samples obtained from websites and social media, focusing on algorithms, public datasets, privacy concerns, and potential mitigation strategies.

This study extends our previous work by analyzing the impact of biases and proposing a refined single-factor countermeasure that aligns with the original scheme structure. Key contributions include introducing a distance measure for biometric sets to optimize error correction parameters, formalizing attacker models for various scenarios, and using simplified datasets to examine bias effects. Real biometric sets are also analyzed, and FAR/FRR graphs are presented to validate the mitigation strategy, which uses a quantile-based approach to reduce bias exploitation without adding external factors.

While the first bitcoin was launched on 3 Jan 2009 with the creation of the genesis block, XRP, formerly called XNS, a cryptocurrency affiliated with Ripple Labs., was launched on 2 June 2012. XRP was introduced by Ripple Labs., as a bridge currency in its’ solutions because of its’ speed, efficiency and reliability with the intention of making it ideal for financial use cases like payment systems. While most general consensus algorithms have been based directly or indirectly on the Byzantine fault tolerant algorithm (BFT), the two widely used consensus approaches used in blockchain platforms are the proof-of-work (PoW) and the proof-of-stake (PoS). The initial design of the XRP consensus protocol was referred to as Ripple Protocol consensus algorithm (RPCA). It is based on the BFT agreement protocol but does not use standard models of implementation like PoW or PoS, but utilizes collectively-trusted sub-networks within a large network; it is often referred to as proof-of-association (PoA) where consensus is achieved by maintaining a certain level of “trust” for the sub-networks and a certain minimal connectivity throughout the network(We use the following abbreviations to avoid any confusion: XRP ledger is a decentralized public blockchain that is open source and powered by global developer community that uses XRP as the native cryptocurrency or the digital token; the underlying network of the XRP ledger is referred to as XRP network.) so that it remains robust in spite of Byzantine failures. For each server in the XRP network, there is a sub-network of validators, referred to as the Unique Node List (UNL) consisting of a subset of the servers of the network leading to realize performance and safety through the enforcement of a certain percentage of overlap of the nodes among UNLs. Such a consensus protocol for XRP network is referred to as XRPL ledger consensus protocol (abbreviated XRPL). XRPL demands 80% quorum and a certain percentage of overlap of nodes among the UNLs to realize robustness. The overlap was initially specified to be 20% that was increased to 40%; which was further enhanced to be greater than 90% to satisfy conditions of safety and liveness. However, even with such an enhancement, it has been shown that safety and liveness are not guaranteed.

In this paper, we characterize, the XRPL for consensus correctness using a notion of similarity metric called rand-index (RI) used for cluster analysis of networks. We establish that XRPL with 80% quorum (as per the XRPL original specifications) and UNLs satisfying 50% RI similarity, is robust against 20% failures; i.e., no fraudulent transactions will be accepted by the network. Further, the network is said to satisfy consensus correctness, if the UNLs of the network are more than 50% RI similar which would imply at least 80% quorum across all the UNLs. In other words, we establish that instead of just an overlap of the nodes, it is necessary to guarantee how well the UNLs are bound with each other to realize the need of fault tolerance (note that XRPL specifies/permits at most 20% failures), safety and liveness. That is, the results succinctly bring out a characterization of the notion of overlap that has been used in the XRP network for safety and robustness highlighting the need to check \(n^2\) overlaps for safety rather than just n overlaps. To understand the clairvoyance that has been embodied in the XRPL ledger consensus right from the beginning to attain safety, and performance, we shall take a comparative look at the underlying common theme of quorum in consensus protocols like proof-of-authority, PoA and PoS systems in the context of blockchain trilemma introduced much later by Vitalik Buterin.

Federated Learning (FL) has gained considerable interest due to its capacity to allow multiple participants to train a model without centralizing their data. However, due to the number of entities involved and the data sensitivity (e.g., in healthcare or military fields), there is a need to ensure some security and privacy requirements using specific tools. The problem is that combining these different mechanisms is not trivial. In particular, protecting intellectual property, using watermarking, with encrypted parameters is a problem that has been recently investigated. Even if the technical issue behind the problem of embedding a watermark in the ciphertext is resolved, some facets of the problem have not been covered. Starting from the existing solution [23], we propose a FL watermarking framework compatible with homomorphic encryption as a privacy mechanism that integrates two important functionalities in such a way as to complete the previous framework. On one hand, using the blinding computation principle, we allow the server to compute the watermark success rate of the extracted encrypted watermark at each round allowing it to follow the correct course of the embedding. On the other hand, we consolidate the proof of ownership by incorporating saves of the watermarking and model information in the blockchain. To diversify our proof of concept, we conduct experiments on three classification models to demonstrate the generality of our framework.

In cryptography, the Man-in-the-Middle Model (MitMM) is a widely used model for formally representing attackers in multi-party communication scenarios. It assumes that an attacker has unrestricted control over the communication, including the ability to intercept, block, and modify messages at her discretion. However, we show that the MitMM is too strong for accurately capturing the peculiarities of wireless communication. Consequently, the MitMM cannot accommodate security mechanisms that leverage unique wireless properties, such as friendly jamming or Distance Bounding (DB) protocols. Moreover, the absence of a specialized model hinders the design and formal analysis of new wireless security schemes.

To address these limitations, we introduce a novel formal Wireless Communication Model (WCM) tailored to the wireless domain. Building on the MitMM, our model incorporates three key elements missing in the traditional MitMM: communication channels, signals, and locality. These aspects allow for a more realistic representation of wireless communication. To illustrate the model’s utility, we provide a concrete example of representing QPSK modulation within our model. With the WCM as a basis, we define a Wireless Attacker Model, which formally captures the constraints faced by attackers in wireless environments.

Using our model, we formalize the concept of friendly jamming and propose a new security notion, \(\textsf{IND}\text {-}\textsf{CSA}\text {-}{n}\) (Indistinguishability under Chosen Signal Attack). We further demonstrate the utility of our model by providing a formal security proof for DB protocols.

SQL-Identifier Injection Vulnerabilities (SQL-IDIVs) are a class of SQL Injection Vulnerabilities (SQLIVs) that originate from the insertion of user-specified SQL identifiers into SQL code. SQL-IDIVs are noteworthy because prepared statements - the standard defense against SQLIVs - do not support placeholders for SQL identifiers. We verified this incompleteness of prepared statements through a survey of 10 public prepared statement implementations, finding that all of these implementations lack support for identifier insertion. This article measures the absolute prevalence of concatenation into SQL statements and SQL-IDIVs via what is, as far as we know, the most comprehensive study of publicly available code ever conducted. Using our automated GitHub crawler program, we obtained 4,762,175 source code files from 944,316 GitHub projects to uncover instances of concatenation into SQL statements. Our crawler program classified whether each concatenation constitutes a potential SQL-IDIV. The crawler flagged 63% of the obtained files as containing at least one instance of SQL statement concatenation. Of these files that concatenate into SQL code, 15% contain SQL-identifier concatenation. We manually verified these results, finding that our SQL-IDIV classifier exhibits an accuracy of 93.4%. In addition, we attempted to exploit a subset of the manually verified applications, finding that about 22.7% of these web applications meet all the additional requirements to be exploitable in practice via SQL-identifier injection. We also investigated the prevalence of SQL-IDIVs relative to other software vulnerabilities by analyzing all 3,757 CVE reports of SQLIVs published in 2022-2023, and finding that at least 8% of these reports pertain to SQL-IDIVs. We observed that the prevalence of SQL-IDIVs has risen from 2022 to 2023. Based on these results, we conclude that SQL-IDIVs are nontrivially represented in publicly available code and public vulnerability records.

Smart contracts on blockchain platforms like Ethereum are increasingly used to automate complex transactions in a secure and transparent manner. However, ensuring their correctness and resistance to attacks remains a significant challenge.

This paper presents a formal approach for modeling and assessing the security of Ethereum smart contracts using Abstract State Machines (ASMs).

ASMs provide a rigorous framework for precisely describing smart contract behavior, including interactions with potentially malicious contracts. By modeling attackers as contracts designed to exploit known vulnerabilities, our method enables the systematic evaluation of a contract’s robustness in adversarial scenarios, thereby providing a quantifiable assessment of its security. We demonstrate this approach on a Solidity smart contract, assessing its resilience against three well-known vulnerabilities to illustrate the effectiveness of our security analysis.