Responding to Election Meddling in the Cyberspace: An International Law Case Study on the Russian Interference in the 2016 Presidential Election

International law is not the most perfect legal regime, and, perhaps to no one’s surprise, it is even less perfect in cyberspace. The United States has been a victim to a series of malicious cyber operations in recent years, and the key question is how to respond to and deter them. This Article offers a detailed survey of the Russian interference in the 2016 presidential election in the context of international law. Adapting the framework created by Tallinn Manual 2.0 , the Article examines the international legal basis of the response measures employed by the United States and other possible alternative responses to the Russian operation. It concludes that none of these responses are both squarely supported by international law and desirable as a matter of national security police. This Article intends to show that international law contains considerable gray areas in the cyber realm that allow sophisticated adversaries like Russia to harm the core interest of the United States without substantial legal repercussions. The Article concludes by suggesting that a deterrence mechanism based on proactive national security policy would be more effective and practical than one based on international law

An Outline of Security in Wireless Sensor Networks: Threats, Countermeasures and Implementations

With the expansion of wireless sensor networks (WSNs), the need for securing the data flow through these networks is increasing. These sensor networks allow for easy-to-apply and flexible installations which have enabled them to be used for numerous applications. Due to these properties, they face distinct information security threats. Security of the data flowing through across networks provides the researchers with an interesting and intriguing potential for research. Design of these networks to ensure the protection of data faces the constraints of limited power and processing resources. We provide the basics of wireless sensor network security to help the researchers and engineers in better understanding of this applications field. In this chapter, we will provide the basics of information security with special emphasis on WSNs. The chapter will also give an overview of the information security requirements in these networks. Threats to the security of data in WSNs and some of their counter measures are also presented

Combatting electoral traces: the Dutch tempest discussion and beyond

In the Dutch e-voting debate, the crucial issue leading to the abandonment of all electronic voting machines was compromising radiation, or tempest. Other countries, however, do not seem to be bothered by this risk. In this paper, we use actor-network theory to analyse the socio-technical origins of the Dutch tempest issue in e-voting, and its consequences for e-voting beyond the Netherlands. We introduce the term electoral traces to denote any physical, digital or social evidence of a voter's choices in an election. From this perspective, we provide guidelines for risk analysis as well as an overview of countermeasures

Formal verification of a software countermeasure against instruction skip attacks

Fault attacks against embedded circuits enabled to define many new attack paths against secure circuits. Every attack path relies on a specific fault model which defines the type of faults that the attacker can perform. On embedded processors, a fault model consisting in an assembly instruction skip can be very useful for an attacker and has been obtained by using several fault injection means. To avoid this threat, some countermeasure schemes which rely on temporal redundancy have been proposed. Nevertheless, double fault injection in a long enough time interval is practical and can bypass those countermeasure schemes. Some fine-grained countermeasure schemes have also been proposed for specific instructions. However, to the best of our knowledge, no approach that enables to secure a generic assembly program in order to make it fault-tolerant to instruction skip attacks has been formally proven yet. In this paper, we provide a fault-tolerant replacement sequence for almost all the instructions of the Thumb-2 instruction set and provide a formal verification for this fault tolerance. This simple transformation enables to add a reasonably good security level to an embedded program and makes practical fault injection attacks much harder to achieve