Panagiotis Papadimitratos

Musa Furkan Keskin, Muralikrishnan Srinivasan, Onur Gunlu et al.

Integrated sensing and communication (ISAC) will be central to 6G-enabled transportation, providing both seamless connectivity and high-precision sensing. However, this tight integration exposes attack points not encountered in pure sensing and communication systems. In this article, we identify unique ISAC-induced security challenges and opportunities in three interrelated domains: cyber-physical (where manipulation of sensors and actuators can mislead perception and control), physical-layer (where over-the-air signals are vulnerable to spoofing and jamming) and protocol (where complex cryptographic protocols cannot detect lower-layer attacks). Building on these insights, we put forward a multi-domain security vision for 6G transportation and propose an integrated security framework that unifies protection across domains by leveraging existing ISAC measurements for lightweight cross-checks.

Rodothea Myrsini Tsoupidi, Roberto Castañeda Lozano, Elena Troubitsyna et al.

Side-channel attacks impose a serious threat to cryptographic algorithms, including widely employed ones, such as AES and RSA. These attacks take advantage of the algorithm implementation in hardware or software to extract secret information via side channels. Software masking is a mitigation approach against power side-channel attacks aiming at hiding the secret-revealing dependencies from the power footprint of a vulnerable implementation. However, this type of software mitigation often depends on general-purpose compilers, which do not preserve non-functional properties. Moreover, microarchitectural features, such as the memory bus and register reuse, may also leak secret information. These abstractions are not visible at the high-level implementation of the program. Instead, they are decided at compile time. To remedy these problems, security engineers often sacrifice code efficiency by turning off compiler optimization and/or performing local, post-compilation transformations. This paper proposes Secure by Construction Code Generation (SecCG), a constraint-based compiler approach that generates optimized yet secure against power side channels code. SecCG controls the quality of the mitigated program by efficiently searching the best possible low-level implementation according to a processor cost model. In our experiments with twelve masked cryptographic functions up to 100 lines of code on Mips32 and ARM Thumb, SecCG speeds up the generated code from 75% to 8 times compared to non-optimized secure code with an overhead of up to 7% compared to non-secure optimized code at the expense of a high compilation cost. In summary, this paper proposes a formal model to generate power side channel free low-level code.

Nikolaos Alexiou, Marcello Laganà, Stylianos Gisdakis et al.

Standardization and harmonization efforts have reached a consensus towards using a special-purpose Vehicular Public-Key Infrastructure (VPKI) in upcoming Vehicular Communication (VC) systems. However, there are still several technical challenges with no conclusive answers; one such an important yet open challenge is the acquisition of short-term credentials, pseudonym: how should each vehicle interact with the VPKI, e.g., how frequently and for how long? Should each vehicle itself determine the pseudonym lifetime? Answering these questions is far from trivial. Each choice can affect both the user privacy and the system performance and possibly, as a result, its security. In this paper, we make a novel systematic effort to address this multifaceted question. We craft three generally applicable policies and experimentally evaluate the VPKI system performance, leveraging two large-scale mobility datasets. We consider the most promising, in terms of efficiency, pseudonym acquisition policies; we find that within this class of policies, the most promising policy in terms of privacy protection can be supported with moderate overhead. Moreover, in all cases, this work is the first to provide tangible evidence that the state-of-the-art VPKI can serve sizable areas or domain with modest computing resources.

Mahtab Mirmohseni, Panagiotis Papadimitratos

We investigate the problem of reliable communication in the presence of active adversaries that can tamper with the transmitted data. We consider a legitimate transmitter-receiver pair connected over multiple communication paths (routes). We propose two new models of adversary, a "memoryless" and a "foreseer" adversary. For both models, the adversaries are placing themselves arbitrarily on the routes, keeping their placement fixed throughout the transmission block. This placement may or may not be known to the transmitter. The adversaries can choose their best modification strategy to increase the error at the legitimate receiver, subject to a maximum distortion constraint. We investigate the communication rates that can be achieved in the presence of the two types of adversaries and the channel (benign) stochastic behavior. For memoryless adversaries, the capacity is derived. Our method is to use the typical set of the anticipated received signal for all possible adversarial strategies (including their best one) in a compound channel that also captures adversarial placement. For the foreseer adversaries, which have enhanced observation capabilities compared to the memoryless ones, we propose a new coding scheme to guarantee resilience, i.e., recovery of the codeword independently of the adversarial (best) choice. We derive an achievable rate and we propose an upper bound on the capacity. We evaluate our general results for specific cases (e.g., binary symbol replacement or erasing attacks), to gain insights.

Mahtab Mirmohseni, Panagiotis Papadimitratos

We study the secrecy capacity in the vicinity of colluding eavesdroppers. Contrary to the perfect collusion assumption in previous works, our new information-theoretic model considers constraints in collusion. We derive the achievable secure rates (lower bounds on the perfect secrecy capacity), both for the discrete memoryless and Gaussian channels. We also compare the proposed rates to the non-colluding and perfect colluding cases.

Mahtab Mirmohseni, Panagiotis Papadimitratos

We investigate large wireless networks subject to security constraints. In contrast to point-to-point, interference-limited communications considered in prior works, we propose active cooperative relaying based schemes. We consider a network with $n_l$ legitimate nodes, $n_e$ eavesdroppers, and path loss exponent $α\geq 2$. As long as $n_e^2(\log(n_e))^γ=o(n_l)$, for some positive $γ$, we show one can obtain unbounded secure aggregate rate. This means zero-cost secure communication, given fixed total power constraint for the entire network. We achieve this result through (i) the source using Wyner randomized encoder and a serial (multi-stage) block Markov scheme, to cooperate with the relays and (ii) the relays acting as a virtual multi-antenna to apply beamforming against the eavesdroppers. Our simpler parallel (two-stage) relaying scheme can achieve the same unbounded secure aggregate rate when $n_e^{\fracα{2}+1}(\log(n_e))^{γ+δ(\fracα{2}+1)}=o(n_l)$ holds, for some positive $γ,δ$. Finally, we study the improvement (to the detriment of legitimate nodes) the eavesdroppers achieve in terms of the information leakage rate in a large cooperative network in case of collusion. We show that again the zero-cost secure communication is possible, if $n_e^{(2+\frac{2}α)}(\log n_e)^γ=o(n_l)$ holds, for some positive $γ$; i.e., in case of collusion slightly fewer eavesdroppers can be tolerated compared to the non-colluding case.