Private Authentication: Optimal Information Theoretic Schemes

The main security service in the connected world of cyber physical systems necessitates to authenticate a large number of nodes privately. In this paper, the private authentication problem is considered, that consists of a certificate authority, a verifier, many legitimate users (prover) and any arbitrary number of illegitimate users. Each legitimate user wants to be authenticated (using his personal key) by the verifier, while simultaneously wants to stay completely anonymous (even to the verifier and the CA). On the other hand, an illegitimate user must fail to authenticate himself. We analyze this problem from an information theoretical perspective. First, we propose a general interactive information-theoretic model for the problem. As a metric to measure the reliability, we consider the authentication key rate whose rate maximization has a trade-off with establishing privacy. Then, we analyze the problem in two different regimes: finite size regime (i.e., the variables are elements of a finite field) and asymptotic regime (i.e., the variables are considered to have large enough length). For both regimes, we propose schemes that satisfy the completeness, soundness and privacy properties. In finite size regime, the idea is to generate the authentication keys according to a secret sharing scheme. In asymptotic regime, we use a random binning based scheme which relies on the joint typicality to generate the authentication keys. Moreover, providing the converse proof, we show that our scheme achieves capacity in the asymptotic regime. For finite size regime our scheme achieves capacity for large field size.Comment: 15 pages, 3 figure

Byzantine Multiple Access Channels -- Part II: Communication With Adversary Identification

We introduce the problem of determining the identity of a byzantine user (internal adversary) in a communication system. We consider a two-user discrete memoryless multiple access channel where either user may deviate from the prescribed behaviour. Owing to the noisy nature of the channel, it may be overly restrictive to attempt to detect all deviations. In our formulation, we only require detecting deviations which impede the decoding of the non-deviating user's message. When neither user deviates, correct decoding is required. When one user deviates, the decoder must either output a pair of messages of which the message of the non-deviating user is correct or identify the deviating user. The users and the receiver do not share any randomness. The results include a characterization of the set of channels where communication is feasible, and an inner and outer bound on the capacity region. We also show that whenever the rate region has non-empty interior, the capacity region is same as the capacity region under randomized encoding, where each user shares independent randomness with the receiver. We also give an outer bound for this randomized coding capacity region.Comment: arXiv admin note: substantial text overlap with arXiv:2105.0338

Cyber Security of Critical Infrastructures

Critical infrastructures are vital assets for public safety, economic welfare, and the national security of countries. The vulnerabilities of critical infrastructures have increased with the widespread use of information technologies. As Critical National Infrastructures are becoming more vulnerable to cyber-attacks, their protection becomes a significant issue for organizations as well as nations. The risks to continued operations, from failing to upgrade aging infrastructure or not meeting mandated regulatory regimes, are considered highly significant, given the demonstrable impact of such circumstances. Due to the rapid increase of sophisticated cyber threats targeting critical infrastructures with significant destructive effects, the cybersecurity of critical infrastructures has become an agenda item for academics, practitioners, and policy makers. A holistic view which covers technical, policy, human, and behavioural aspects is essential to handle cyber security of critical infrastructures effectively. Moreover, the ability to attribute crimes to criminals is a vital element of avoiding impunity in cyberspace. In this book, both research and practical aspects of cyber security considerations in critical infrastructures are presented. Aligned with the interdisciplinary nature of cyber security, authors from academia, government, and industry have contributed 13 chapters. The issues that are discussed and analysed include cybersecurity training, maturity assessment frameworks, malware analysis techniques, ransomware attacks, security solutions for industrial control systems, and privacy preservation methods