Pub Date : 2023-01-01DOI: 10.5220/0012128400003555
Navya Sivaraman, S. Nadjm-Tehrani
: 5G mobility management is dependent on a couple of complex protocols for managing handovers, based on the available network interfaces (such as Xn and N2). In our work, we focus on the 5G Xn handover procedure, as defined by the 3GPP standard. In Xn handovers, the source base station hands the user equipment (UE) over to a target base station through two different mechanisms: horizontal or vertical key derivation. To ascertain the security of these complex protocols, recent works have formally described the protocols and proved some security properties. In this work, we formulate a new property, forward security, which ensures the secrecy of future handovers following a session key exchange in one handover. Using a formal model and the Tamarin prover, we show that forward security breaks in the 5G Xn handover in presence of an untrusted base station. We also propose a solution to mitigate this counter-example with a small modification of the 3GPP Xn handover procedures based on the perceived source base station state.
{"title":"5G Handover: When Forward Security Breaks","authors":"Navya Sivaraman, S. Nadjm-Tehrani","doi":"10.5220/0012128400003555","DOIUrl":"https://doi.org/10.5220/0012128400003555","url":null,"abstract":": 5G mobility management is dependent on a couple of complex protocols for managing handovers, based on the available network interfaces (such as Xn and N2). In our work, we focus on the 5G Xn handover procedure, as defined by the 3GPP standard. In Xn handovers, the source base station hands the user equipment (UE) over to a target base station through two different mechanisms: horizontal or vertical key derivation. To ascertain the security of these complex protocols, recent works have formally described the protocols and proved some security properties. In this work, we formulate a new property, forward security, which ensures the secrecy of future handovers following a session key exchange in one handover. Using a formal model and the Tamarin prover, we show that forward security breaks in the 5G Xn handover in presence of an untrusted base station. We also propose a solution to mitigate this counter-example with a small modification of the 3GPP Xn handover procedures based on the perceived source base station state.","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"52 1","pages":"503-510"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74870055","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012127100003555
Catalin V. Bîrjoveanu, Mirela Bîrjoveanu
{"title":"Secure E-Commerce Protocol with Complex Trading Capabilities of Intermediaries","authors":"Catalin V. Bîrjoveanu, Mirela Bîrjoveanu","doi":"10.5220/0012127100003555","DOIUrl":"https://doi.org/10.5220/0012127100003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"71 1","pages":"495-502"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86126296","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012046000003555
A. Nygård, S. Katsikas
: Cyber-attacks on digital supply chains are rising, and Critical Infrastructures (CIs) such as the Smart Grid are prime targets. There is increasing evidence that vendors, service providers, and outsourced IT -providers are at equal risk of being used by malicious actors to gain a foothold in the power grid - delivering exploits that can disrupt electric power delivery and severely damage our economy. Long digital supply chains with components from different manufacturers require a new approach and methods to ensure the needed security in Critical Infrastructures. Hardware Reverse Engineering (HRE), commonly used for verifying the security of an embedded system, includes disassembling to analyse, test, and document the functionality and vulnerability of the target system. This paper proposes leveraging HRE for improving both the security and the resilience of the power infrastructure against cyber-attacks enabled through the digital supply chain, by organising HRE activities, and how this can be organized within the equipment procurement process in a Distribution System Operator (DSO).
{"title":"Leveraging Hardware Reverse Engineering to Improve the Cyber Security and Resilience of the Smart Grid","authors":"A. Nygård, S. Katsikas","doi":"10.5220/0012046000003555","DOIUrl":"https://doi.org/10.5220/0012046000003555","url":null,"abstract":": Cyber-attacks on digital supply chains are rising, and Critical Infrastructures (CIs) such as the Smart Grid are prime targets. There is increasing evidence that vendors, service providers, and outsourced IT -providers are at equal risk of being used by malicious actors to gain a foothold in the power grid - delivering exploits that can disrupt electric power delivery and severely damage our economy. Long digital supply chains with components from different manufacturers require a new approach and methods to ensure the needed security in Critical Infrastructures. Hardware Reverse Engineering (HRE), commonly used for verifying the security of an embedded system, includes disassembling to analyse, test, and document the functionality and vulnerability of the target system. This paper proposes leveraging HRE for improving both the security and the resilience of the power infrastructure against cyber-attacks enabled through the digital supply chain, by organising HRE activities, and how this can be organized within the equipment procurement process in a Distribution System Operator (DSO).","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"21 1","pages":"610-616"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80317241","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012140200003555
Mark Dockendorf, R. Dantu
{"title":"Privacy-Preserving Algorithms for Data Cooperatives with Directed Graphs","authors":"Mark Dockendorf, R. Dantu","doi":"10.5220/0012140200003555","DOIUrl":"https://doi.org/10.5220/0012140200003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"6 1","pages":"876-884"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83044324","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012077900003555
Sehrish Shafeeq, Mathias Fischer
{"title":"SEBDA: A Secure and Efficient Blockchain Based Data Aggregation Scheme","authors":"Sehrish Shafeeq, Mathias Fischer","doi":"10.5220/0012077900003555","DOIUrl":"https://doi.org/10.5220/0012077900003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"13 1","pages":"369-376"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87039596","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012060900003555
Mofareh Waqdan, Habib Louafi, Malek Mouhoub
{"title":"A Comprehensive Risk Assessment Framework for IoT-Enabled Healthcare Environment","authors":"Mofareh Waqdan, Habib Louafi, Malek Mouhoub","doi":"10.5220/0012060900003555","DOIUrl":"https://doi.org/10.5220/0012060900003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"39 1","pages":"667-672"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88436908","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012085800003555
El Mahdi Mercha, El Mostapha Chakir, M. Erradi
{"title":"Trans-IDS: A Transformer-Based Intrusion Detection System","authors":"El Mahdi Mercha, El Mostapha Chakir, M. Erradi","doi":"10.5220/0012085800003555","DOIUrl":"https://doi.org/10.5220/0012085800003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"598 1","pages":"402-409"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76792685","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012082700003555
Laltu Sardar, Subhra Mazumdar
{"title":"Fidelis: Verifiable Keyword Search with No Trust Assumption","authors":"Laltu Sardar, Subhra Mazumdar","doi":"10.5220/0012082700003555","DOIUrl":"https://doi.org/10.5220/0012082700003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"129 1","pages":"698-703"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77357818","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012137600003555
Hasina Rahman, P. Nanda, M. Mohanty, N. Sheikh
{"title":"Anomaly Detection in Smart Grid Networks Using Power Consumption Data","authors":"Hasina Rahman, P. Nanda, M. Mohanty, N. Sheikh","doi":"10.5220/0012137600003555","DOIUrl":"https://doi.org/10.5220/0012137600003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"29 1","pages":"830-837"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79475751","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012145800003555
R. Shyamasundar
{"title":"ERC20: Correctness via Linearizability and Interference Freedom of the Underlying Smart Contract","authors":"R. Shyamasundar","doi":"10.5220/0012145800003555","DOIUrl":"https://doi.org/10.5220/0012145800003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"104 1","pages":"557-566"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81663471","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: