Security and complexity of the McEliece cryptosystem based on QC-LDPC codes

In the context of public key cryptography, the McEliece cryptosystem represents a very smart solution based on the hardness of the decoding problem, which is believed to be able to resist the advent of quantum computers. Despite this, the original McEliece cryptosystem, based on Goppa codes, has encountered limited interest in practical applications, partly because of some constraints imposed by this very special class of codes. We have recently introduced a variant of the McEliece cryptosystem including low-density parity-check codes, that are state-of-the-art codes, now used in many telecommunication standards and applications. In this paper, we discuss the possible use of a bit-flipping decoder in this context, which gives a significant advantage in terms of complexity. We also provide theoretical arguments and practical tools for estimating the trade-off between security and complexity, in such a way to give a simple procedure for the system design.Comment: 22 pages, 1 figure. This paper is a preprint of a paper accepted by IET Information Security and is subject to Institution of Engineering and Technology Copyright. When the final version is published, the copy of record will be available at IET Digital Librar

Information security collaboration formation in organisations

This is an accepted manuscript of an article published by The Institution of Engineering and Technology in IET Information Security, available online: https://doi.org/10.1049/iet-ifs.2017.0257 The accepted version of the publication may differ from the final published version.Collaboration between employees in the domain of information security efficiently mitigates the effect of information security attacks on organisations. Collaboration means working together to do or to fulfil a shared goal, the target of which in this paper is the protection of the information assets in organisations. Information Security Collaboration (ISC) aims to aggregate the employees’ contribution against information security threats. This study clarifies how ISC is to be developed and how it helps to reduce the effect of attacks. The socialisation of collaboration in the domain of information security applies two essential theories: Social Bond Theory (SBT) and the Theory of Planned Behaviour (TPB). The results of the data analysis revealed that personal norms, involvement, and commitment significantly influence the employees’ attitude towards ISC intention. However, contrary to our expectation, attachment does not influence the attitude of employees towards ISC. In addition, attitudes towards ISC, perceived behavioural control, and personal norms significantly affect the intention towards ISC. The findings also show that the intention for ISC and organisational support positively influence ISC, but that trust does not significantly affect ISC behaviour.Published versio

Personal security in travel by public transport : the role of traveller information and associated technologies

Acknowledgement This research reported in this paper has been funded by a grant award from the Engineering and Physical Sciences Research Council: EP/I037032/1.Peer reviewedPublisher PD

Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644429 and No 780351, MUSA project and ENACT project, respectively. We would also like to acknowledge all the members of the MUSA Consortium and ENACT Consortium for their valuable help

Online coherency identification and stability condition for large interconnected power systems using an unsupervised data mining technique

Identification of coherent generators and the determination of the stability system condition in large interconnected power system is one of the key steps to carry out different control system strategies to avoid a partial or complete blackout of a power system. However, the oscillatory trends, the larger amount data available and the non-linear dynamic behaviour of the frequency measurements often mislead the appropriate knowledge of the actual coherent groups, making wide-area coherency monitoring a challenging task. This paper presents a novel online unsupervised data mining technique to identify coherent groups, to detect the power system disturbance event and determine status stability condition of the system. The innovative part of the proposed approach resides on combining traditional plain algorithms such as singular value decomposition (SVD) and K -means for clustering together with new concept based on clustering slopes. The proposed combination provides an added value to other applications relying on similar algorithms available in the literature. To validate the effectiveness of the proposed method, two case studies are presented, where data is extracted from the large and comprehensive initial dynamic model of ENTSO-E and the results compared to other alternative methods available in the literature