Eckhard Pfluegel

Willie Kouam, Stefan Rass, Zahra Seyedi et al.

Similar to a strategic interaction between rational and intelligent agents, cryptography problems can be examined through the prism of game theory. In this setting, the agent aiming to protect a message is called the defender, while the one attempting to decrypt it, generally for malicious purposes, is the attacker. To strengthen security in cryptography, various strategies have been developed, among which hybridization stands out as a key concept in modern cryptographic design. This strategy allows the defender to select among different encryption algorithms (classical, post-quantum, or hybrid) while carefully balancing security and operational costs. On the other side, the attacker, limited by available resources, chooses cryptanalysis methods capable of breaching the selected algorithm. We model this interaction as a Stackelberg cryptographic hybridization problem under resource constraints. Here, the defender randomizes over encryption algorithms, and the attacker observes the choice before selecting suitable cryptanalysis methods. The attacker's decision is framed as a conditional optimization problem, which we refer to as the ``attacker subgame''. We then propose a dynamic programming approach for the attacker's subgame, while the defender's Stackelberg optimization is formulated as a linear program.

Matthias Pilz, Fariborz Baghaei Naeini, Ketil Grammont et al.

The introduction of advanced communication infrastructure into the power grid raises a plethora of new opportunities to tackle climate change. This paper is concerned with the security of energy management systems which are expected to be implemented in the future smart grid. The existence of a novel class of false data injection attacks that are based on modifying forecasted demand data is demonstrated, and the impact of the attacks on a typical system's parameters is identified, using a simulated scenario. Monitoring strategies that the utility company may employ in order to detect the attacks are proposed and a game--theoretic approach is used to support the utility company's decision--making process for the allocation of their defence resources. Informed by these findings, a generic security game is devised and solved, revealing the existence of several Nash Equilibrium strategies. The practical outcomes of these results for the utility company are discussed in detail and a proposal is made, suggesting how the generic model may be applied to other scenarios.