| 1. |
- Bengtsson, Johnny, et al.
(författare)
-
The Manifestation of Chinese Strategies Into Offensive Cyberspace Operations Targeting Sweden
- 2021
-
Ingår i: Proceedings of the 20th European Conference on Cyber Warfare and Security. - Reading, UK : Academic Conferences International Limited. - 9781912764990 ; , s. 35-43
-
Konferensbidrag (refereegranskat)abstract
- The aim of this article is to present how Chinese strategies are manifested into offensive cyberspace operations targeting Sweden. It is commonly known that People’s Republic of China (PRC, and in this definition the meaning of thegovernment and its military), uses five-year plans (FYP) for social and economic steering strategy of their country. This has been going on since 1953 until today. In 2015, the national strategic plan Made in China 2025 (中国制造2025) was launched by Le Keqiang, the Premier of the State Council of PRC. The main goal with this plan is to strengthen the economic development. In addition, Chinese military strategists noted the importance of information warfare and intelligence during military operations. This article is based on open sources: the official English translated version of the 13th Five-year plan (FYP) and other reporting on cyberspace operations linked to the PRC. A number of cases are presented to highlight the link between the PRC FYP and their targets. Next, the current situation in Sweden is presented and how the country is targeted by PRC-linked activities, both in and through cyberspace, but also military infiltration on academia. The results show that Sweden has been, and is continuously the target of offensive cyberspace operations. In parallel, the country is also the target of military infiltration on the academia, and direct investment strategies such as Huawei attempting to compete for the 5G frequency actions arranged by the Swedish Post and Telecom Authority. In conclusion, Sweden will continue to experience cyberespionage from PRC on all levels and on all domains; science, technology, IP and privacy information theft. Previously unveiled cyberspace operations cases in this article have proven to be a convenient strategy for the PRC to reduce its research and development gap in several ways; innovatively, financially and to shortening the time-to-market (TTM).
|
|
| 2. |
|
|
| 3. |
- Boschetti, Nicolò, et al.
(författare)
-
A Hybrid Space Architecture for Robust and Resilient Satellite Services
- 2023
-
Ingår i: 2023 IEEE International Conference on Space Mission Challenges for Information Technology (SMC-IT). - : Institute of Electrical and Electronics Engineers (IEEE). - 9798350341386 - 9798350341379 ; , s. 114-122
-
Konferensbidrag (refereegranskat)abstract
- A 'hybrid space architecture' has been proposed to facilitate robust and resilient satellite data downlink, integration and analysis; however, the technical details for what may comprise a hybrid space architecture are severely lacking. Thus far, 'hybrid' principally entails the diversity of commercial providers. While diverse suppliers can contribute to hybrid space architectures, we argue that robustness and resilience will only be achieved through heterogeneous network and asset architectures. A connected satellite services ecosystem composed of the union of different networks with different characteristics would limit single points of failure, thereby generating high levels of redundancy, resilience and scalability. This research outlines parameters of a hybrid space architecture, documents satellite service reference architectures and provides a comparative analysis of the features for each architecture. Further, through a case study of existing satellite service providers, we propose how a hybrid space architecture could be piloted in Northern Europe and the High North.
|
|
| 4. |
- Boschetti, Nicolò, et al.
(författare)
-
Commercial Space Risk Framework Assessing the Satellite Ground Station Security Landscape for NATO in the Arctic and High North
- 2022
-
Ingår i: 40th IEEE Military Communications Conference, Rockville, MD, USA, November 28 - December 2, 2022.. - : IEEE. - 9781665485357 - 9781665485340 ; , s. 679-686
-
Konferensbidrag (refereegranskat)abstract
- Satellite ground stations in the Arctic and High North are of strategic importance to NATO, given their ability to collect intelligence from space assets in polar Earth orbit. Commercial space infrastructure such as ground systems are increasingly dual-use, employed for both civilian and defense purposes. Their dual-use could cause them to become military targets. As such, commercial operators must strategically consider ground station placement to optimize for utility, while accounting for their security risk. This research presents a frame-work to assess the commercial satellite ground station security landscape by outlining security and performance tradeoffs given geographic location, including proximity to potential adversaries, and designates eight separate risk regions. Particularly, Sweden's and Finland's space infrastructure is of focus given their recent application to join NATO in the wake of Russian aggression. The paper concludes that, to secure ground stations and the assets and services that they enable, a comprehensive risk evaluation including positioning of ground stations is critical.
|
|
| 5. |
- Boschetti, Nicolò, et al.
(författare)
-
Ground Station as a Service Reference Architectures and Cyber Security Attack Tree Analysis
- 2023
-
Ingår i: 2023 IEEE Aerospace Conference. - : Institute of Electrical and Electronics Engineers (IEEE). - 9781665490320
-
Konferensbidrag (refereegranskat)abstract
- As the Ground Station as a Service (GSaaS) paradigm transforms space infrastructure operations, new attack surface emerges for malicious actors. While the space community generally refers to GSaaS as a singular model, there are several flavors of these systems. After a description of the general GSaaS network's basic structure, this paper presents an analysis of four reference architectures of GSaaS. On the basis of this systems engineering analysis, a cybersecurity analysis of the critical nodes will be carried out through the attack tree method. Later the cybersecurity implication both of technical and strategic characteristic of GSaaS networks will be discussed and put in relation with the current state of space cyberwarfare landscape.
|
|
| 6. |
- Dansarie, Marcus, doktorand, 1985-, et al.
(författare)
-
Breaking HALFLOOP-24
- 2022
-
Ingår i: IACR Transactions on Symmetric Cryptology. - Bochum : Ruhr-Universität Bochum. - 2519-173X. ; :3, s. 217-238
-
Tidskriftsartikel (refereegranskat)abstract
- HALFLOOP-24 is a tweakable block cipher that is used to protect automatic link establishment messages in high frequency radio, a technology commonly used by government agencies and industries that need highly robust long-distance communications. We present the first public cryptanalysis of HALFLOOP-24 and show that HALFLOOP-24, despite its key size of 128 bits, is far from providing 128 bit security. More precisely, we give attacks for ciphertext-only, known-plaintext, chosen-plaintext and chosen-ciphertext scenarios. In terms of their complexities, most of them can be considered practical. However, in the real world, the amount of available data is too low for our attacks to work. Our strongest attack, a boomerang key-recovery, finds the first round key with less than 210 encryption and decryption queries. In conclusion, we strongly advise against using HALFLOOP-24.
|
|
| 7. |
- Dansarie, Marcus, doktorand, 1985-
(författare)
-
Cryptanalysis of the SoDark Cipher for HF Radio Automatic Link Establishment
- 2021
-
Ingår i: IACR Transactions on Symmetric Cryptology. - : Ruhr University Bochum. - 2519-173X. ; 2021:3, s. 36-53
-
Tidskriftsartikel (refereegranskat)abstract
- The SoDark cipher is used to protect transmitted frames in the second and third generation automatic link establishment (ALE) standards for high frequency (HF) radios. The cipher is primarily meant to prevent unauthorized linking and attacks on the availability of HF radio networks. This paper represents the first known security analysis of the cipher used by the second generation ALE protocol—the de facto world standard—and presents a related-tweak attack on the full eight round version of the algorithm. Under certain conditions, collisions of intermediate states several rounds into the cipher can be detected from the ciphertext with high probability. This enables testing against the intermediate states using only parts of the key. The best attack is a chosen-ciphertext attack which can recover the secret key in about an hour with 100% probability, using 29 chosen ciphertexts.
|
|
| 8. |
- Dansarie, Marcus, doktorand, 1985-
(författare)
-
sboxgates : A program for finding low gate count implementations of S-boxes
- 2021
-
Ingår i: Journal of Open Source Software. - : Open Journals. - 2475-9066. ; 6:62, s. 1-3
-
Tidskriftsartikel (refereegranskat)abstract
- S-boxes are often the only nonlinear components in modern block ciphers. They are commonly selected to comply with very specific criteria in order to make a cipher secure against, for example, linear and differential attacks. An M x N S-box can be thought of as a lookup table that relates an M-bit input value to an N-bit output value, or as a set of N boolean functions of M variables (Schneier, 1996).Although cipher specifications generally describe S-boxes using their lookup tables, they can also be described as boolean functions or logic gate circuits. sboxgates, which is presented here, finds equivalent logic gate circuits for S-boxes, given their lookup table specification. Generated circuits are output in a human-readable XML format. The software can convert the output files into C or CUDA (a parallel computing platform for Nvidia GPUs) source code. The generated circuits can also be converted to the DOT graph description language for visualization with Graphviz (Ellson et al., 2002).
|
|
| 9. |
- Huskaj, Gazmend, et al.
(författare)
-
An anticipatory ethical analysis of offensive cyberspace operations
- 2020
-
Ingår i: Proceedings of the 15th International Conference on Cyber Warfare and Security, ICCWS 2020. - Reading : Academic Conferences and Publishing International Limited. - 9781912764525 - 9781912764532 - 1912764539 ; , s. 512-520
-
Konferensbidrag (refereegranskat)abstract
- This article presents the ethical issues using offensive cyberspace operations. Previously enshrouded in secrecy, and now becoming the new norm, countries are using offensive cyberspace operations to achieve their strategic interests. Russia has conducted multiple offensive operations targeting Estonia, Georgia and the Ukraine; Hamas has targeted Israeli targets; and Iran has been targeting U.S. targets. The response to these operations has varied; Estonia and Georgia struggled with the attacks and were unable to respond while Ukraine tried to respond but the response was inefficient. Israel's response on Hamas offensive operations was an air strike on a building with Hamas Cyber-operatives. Iran shot down a U.S. Drone over the Strait of Hormuz, and the U.S. initially intended to respond with kinetic capabilities in the form of missile strikes. However, in the last minute, the U.S. chose to respond with offensive cyberspace operations targeting the Iranian missile systems. This last-minute change of response choosing between kinetic or cyber capabilities shows a need to further investigate how offensive cyberspace operations can be used against which targets from an ethical perspective. This article applies anticipatory ethical analysis on U.S. offensive operations in the “Global Hawk”-case when Iran shot down a U.S. drone over the Strait of Hormuz. Anticipatory ethical analysis looks at emerging technologies and their potential consequences. Offensive cyberspace operations present a range of possibilities, which include lowering the risk of harm to cyber operatives' lives belonging to the responding nation. However, a response can also be kinetic. Therefore, the analysis of the “Global Hawk”-case is compared with the Israeli-air strike of the building of Hamas Cyber-operatives. The authors argue that applying anticipatory ethical analysis on offensive operations and kinetic operations assist decision makers in choosing response actions to re-establish deterrence through the use of offensive cyberspace operations.
|
|
| 10. |
- Huskaj, Gazmend, et al.
(författare)
-
Anticipatory ethics for vulnerability disclosure
- 2020
-
Ingår i: Proceedings of the 15th International Conference on Cyber Warfare and Security, ICCWS 2020. - Reading : Academic Conferences and Publishing International Limited. - 9781912764525 - 1912764539 - 9781912764532 ; , s. 254-261
-
Konferensbidrag (refereegranskat)abstract
- This article presents the ethical dilemma related to under what circumstances vulnerabilities should be disclosed. Vulnerabilities exist in hardware and software, and can be as a consequence of programming errors or design flaws. Threat actors can exploit these vulnerabilities to gain otherwise unintended access to information systems, resources and/or stored information. In other words, they can be used to impact the confidentiality, integrity and availability of information in information systems. As a result, various types of vulnerabilities are highly sought after since they enable this type of access. The most highly sought are so-called “zero-day”-vulnerabilities. These are vulnerabilities that exist but are unknown, and when exploited, enable one way of entry into a system that is not thought possible. This is also why zero-day vulnerabilities are very popular among criminal organizations, states and state-sponsored advanced persistent threats. The other side of the coin is when a state identifies a zero-day, and ends up in the ethical dilemma of whether to release the news and inform the vendor to patch it, i.e. close the vulnerability, or to use it for offensive or intelligence purposes. This article employs these distinctions to apply anticipatory ethics in the Stuxnet-case. Stuxnet was a computer software that was allegedly developed by the U.S. together with Israel to disrupt Iran's development of uranium for their nuclear program. More exactly, it was developed to disable the uranium centrifuges used to enrich uranium. To achieve this, Stuxnet exploited four zero-day vulnerabilities and, according to some experts, managed to delay Iran's nuclear program by one to two-years, forcing them to the negotiation table. Using vulnerabilities like zero-days presents opportunities but also risks. The results of the application of anticipatory ethics to the Stuxnet case are then compared with the “Osirak”-case and the “al-Kibar”-case. Osirak was the nuclear reactor in Iraq and was bombed in 1981; al-Kibar was the nuclear reactor being built up in Syria, also bombed in 2007.
|
|
