Related papers: A Call to Reconsider Certification Authority Autho…
Large language models (LLMs) are often deployed to perform constrained tasks, with narrow domains. For example, customer support bots can be built on top of LLMs, relying on their broad language understanding and capabilities to enhance…
We propose a quantum authentication protocol that is robust against the theft of secret keys. In the protocol, disposable quantum passwords prevent impersonation attacks with stolen secret keys. The protocol also prevents the leakage of…
Nuclear monitoring must considered as high precedence against national security. Now with the increasing nuclear threats it is crucial to ensure that malicious entity never procure nuclear warheads. Which comprises the prevention of illegal…
Deep Neural Networks (DNNs), as valuable intellectual property, face unauthorized use. Existing protections, such as digital watermarking, are largely passive; they provide only post-hoc ownership verification and cannot actively prevent…
We describe TrustBase, an architecture that provides certificate-based authentication as an operating system service. TrustBase enforces best practices for certificate validation for all applications and transparently enables existing…
We define a problem of certifying computation integrity performed by some remote party we do not necessarily trust. We present a multi-party interactive protocol called SafeComp that solves this problem under specified constraints.…
AARC (Authentication and Authorisation for Research Communities) is a two-year EC-funded project to develop and pilot an integrated cross-discipline authentication and authorisation framework, building on existing authentication and…
The Web public key infrastructure is essential to providing secure communication on the Internet today, and certificate authorities play a crucial role in this ecosystem by issuing certificates. These authorities may misissue certificates…
Code authorship attribution (CAA) supports software forensics, plagiarism detection, and intellectual property protection. However, existing supervised CAA approaches suffer from scarce training data and closed-world assumptions: they…
Conference key agreement (CKA), or multipartite key distribution, is a cryptographic task where more than two parties wish to establish a common secret key. A composition of bipartite quantum key distribution protocols can accomplish this…
Recently, two certificateless three-party authenticated key agreement protocols were proposed, and both protocols were claimed they can meet the desirable security properties including forward security, key compromise impersonation…
This paper proposes a defense scheme against malicious use of DNS tunnel. A tunnel validator is designed to provide trustworthy tunnel-aware defensive recursive service. In addition to the detection algorithm of malicious tunnel domains,…
Authentication systems are designed to give the right person access to an organization's information system and to restrict it from the wrong person. Such systems are designed by IT professionals to protect an organization's assets (e.g.,…
As artificial intelligence (AI) systems are increasingly deployed, principles for ethical AI are also proliferating. Certification offers a method to both incentivize adoption of these principles and substantiate that they have been…
Collective remote attestation (CRA) is a security service that aims to efficiently identify compromised (often low-powered) devices in a (heterogeneous) network. The last few years have seen an extensive growth in CRA protocol proposals,…
The ever increasing push towards reliance upon computerised technology in commercial, general, and military aerospace brings with it an increasing amount of potential cyber hazards and attacks. Consequently, the variety of attack vectors is…
Artificial Intelligence (AI) methods are powerful tools for various domains, including critical fields such as avionics, where certification is required to achieve and maintain an acceptable level of safety. General solutions for…
Passwords are a fragile, inadequate, and insecure tool for authenticating users, and are especially fraught with problems when used to secure access to network resources and services. In many cases, passwords provide a false sense of…
In this work-in-progress, we investigate the certification of AI systems, focusing on the practical application and limitations of existing certification catalogues in the light of the AI Act by attempting to certify a publicly available AI…
Conference Key Agreement (CKA) is a cryptographic effort of multiple parties to establish a shared secret key. In future quantum networks, generating secret keys in an anonymous way is of tremendous importance for parties that want to keep…