Securing Critical Infrastructures

1noL'abstract è presente nell'allegato / the abstract is in the attachmentopen677. INGEGNERIA INFORMATInoopenCarelli, Albert

Study and development of a remote biometric authentication protocol

This paper reports the phases of study and implementation of a remote biometric authentication protocol developed during my internship at the I.i.t. of the C.n.r. in Pisa. Starting from the study of authentication history we had a look from the first system used since the 60ies to the latest technology; this helped us understand how we could realize a demonstration working protocol that could achieve a web remote authentication granting good reliability: to do this we choosed to modify the SSL handshake with biometric tests and we decided to use smart-cards a secure vault for the sensible biometric data involved. In the first chapter you will find a brief definition of authentication and an introduction on how we can achieve it, with a particular focus on new biometric techniques. In the second chapter there\u27s the history of authentication from the very first password system to actual ones: new token and smart card technolgies are longer stressed in order to introduce the reader to the last chapter. In the third chapter you will find the project framework, the development of our implementation choiches and the source code of the demo project

Security analysis of hardware crypto wallets

Tato práce analyzuje bezpečnost moderních hardwarových krypto peněženek. Různé modely ohrožení a hrozby jsou zhodnoceny. Několik současných hardwarových peněženek je podrobeno recenzi. Potenciální uživatelé jsou poučeni o tom, jak vybrat správnou hardwarovou peněženku a na nekalé praktiky některých výrobců. Původní hardwarová peněženka, Trezor One, je podrobena detailní analýze jak z hardwarové, tak softwarové perspektivy a tvrzení výrobce jsou ověřena. Zvláštní důraz je kladen na útoky postranním kanálem a experimenty s Trezor One.The thesis analyzes the security of modern hardware crypto wallets. Different threat models and threats for users are assessed with some of the current hardware wallets reviewed. Potential users are educated how to choose the right hardware wallet and warned about misleading advertising of some vendors. The original hardware wallet, Trezor One, is thoroughly analyzed from both hardware and software perspective and the security claims of the vendor are verified. A particular emphasis is placed on side-channel attacks and experiments with Trezor One

Improving the security of wireless sensor networks

With the rapid technological advancements of sensors, Wireless Sensor Networks (WSNs) have become the main technology for the Internet of Things (IoT). We investigated the security of WSNs in an environmental monitoring system with the goal to improve the overall security. We implemented a Secure Temperature Monitoring System (STMS), which served as our investigational environment. Our results revealed a security flaw found in the bootstrap loader (BSL) password used to protect firmware in the MSP430 MCU chips. We demonstrated how the BSL password could be brute forced in a matter of days. Furthermore, we illustrate how an attacker can reverse engineer firmware and obtain copies of cryptographic keys. We contributed a solution to improve the BSL password and better protect firmware found in the MSP430 chips. The Secure-BSL software we contributed allows the randomization of the BSL password. Our solution increases the brute force time to decades. The impractical brute force time improves the security of firmware and prevents future reverse engineering tactics. In addition, our Secure-BSL software supports two-factor authentication that allows developers to specify a user-defined passphrase to further protect the MSP430 MCU. Our research serves as proof that any security implemented in a WSN environment is broken if an attacker has access to firmware found in sensor devices

Quantum-based security in optical fibre networks

Electronic communication is used everyday for a number of different applications. Some of the information transferred during these communications can be private requiring encryption and authentication protocols to keep this information secure. Although there are protocols today which provide some security, they are not necessarily unconditionally secure. Quantum based protocols on the other hand, can provide unconditionally secure protocols for encryption and authentication. Prior to this Thesis, only one experimental realisation of quantum digital signatures had been demonstrated. This used a lossy photonic device along with a quantum memory allowing two parties to test whether they were sent the same signature by a single sender, and also store the quantum states for measurement later. This restricted the demonstration to distances of only a few metres, and was tested with a primitive approximation of a quantum memory rather than an actual one. This Thesis presents an experimental realisation of a quantum digital signature protocol which removes the reliance on quantum memory at the receivers, making a major step towards practicality. By removing the quantum memory, it was also possible to perform the swap and comparison mechanism in a more efficient manner resulting in an experimental realisation of quantum digital signatures over 2 kilometres of optical fibre. Quantum communication protocols can be unconditionally secure, however the transmission distance is limited by loss in quantum channels. To overcome this loss in conventional channels an optical amplifier is used, however the added noise from these would swamp the quantum signal if directly used in quantum communications. This Thesis looked into probabilistic quantum amplification, with an experimental realisation of the state comparison amplifier, based on linear optical components and single-photon detectors. The state comparison amplifier operated by using the wellestablished techniques of optical coherent state comparison and weak subtraction to post-select the output and provide non-deterministic amplification with increased fidelity at a high repetition rate. The success rates of this amplifier were found to be orders of magnitude greater than other state of the art quantum amplifiers, due to its lack of requirement for complex quantum resources, such as single or entangled photon sources, and photon number resolving detectors

Cybersecurity: Past, Present and Future

The digital transformation has created a new digital space known as cyberspace. This new cyberspace has improved the workings of businesses, organizations, governments, society as a whole, and day to day life of an individual. With these improvements come new challenges, and one of the main challenges is security. The security of the new cyberspace is called cybersecurity. Cyberspace has created new technologies and environments such as cloud computing, smart devices, IoTs, and several others. To keep pace with these advancements in cyber technologies there is a need to expand research and develop new cybersecurity methods and tools to secure these domains and environments. This book is an effort to introduce the reader to the field of cybersecurity, highlight current issues and challenges, and provide future directions to mitigate or resolve them. The main specializations of cybersecurity covered in this book are software security, hardware security, the evolution of malware, biometrics, cyber intelligence, and cyber forensics. We must learn from the past, evolve our present and improve the future. Based on this objective, the book covers the past, present, and future of these main specializations of cybersecurity. The book also examines the upcoming areas of research in cyber intelligence, such as hybrid augmented and explainable artificial intelligence (AI). Human and AI collaboration can significantly increase the performance of a cybersecurity system. Interpreting and explaining machine learning models, i.e., explainable AI is an emerging field of study and has a lot of potentials to improve the role of AI in cybersecurity.Comment: Author's copy of the book published under ISBN: 978-620-4-74421-