Metadata only
Date
2023-11Type
- Conference Paper
ETH Bibliography
yes
Altmetrics
Abstract
In times of armed conflict, the emblems of the red cross, red crescent, and red crystal are used to mark physical infrastructure. This enables military units to identify assets as protected under ihl to avoid attacking them. In this paper, we tackle the novel security problem of how to extend such protection to digital, network-connected infrastructure through a digital emblem. A digital emblem has a unique combination of security requirements, namely, authentication, accountability, and a property that we call covert inspection. Covert inspection states that those wishing to authenticate assets as protected must be able to do so without revealing that they may attack unprotected entities.
In this paper, we (i) define the requirements of a digital emblem, emphasizing security requirements, (ii) present adem, a decentralized design that implements a digital emblem analogous to the physical emblems of the red cross, crescent, and crystal, and (iii) provide a comprehensive threat model and analysis that adem achieves strong security guarantees against an active network adversary.
In addition to our security analysis, adem was also evaluated in a series of domain expert meetings at the invitation of the icrc. We report on the feedback we received, which supports our thesis that adem is not just theoretically interesting but practically relevant to limit attacks on protected parties in cyberspace. Show more
Publication status
publishedExternal links
Book title
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages / Article No.
Publisher
Association for Computing MachineryEvent
Subject
Accountability; Authentication; Formal analysis; Security Requirements; Protocol designOrganisational unit
02150 - Dep. Informatik / Dep. of Computer Science03634 - Basin, David / Basin, David
More
Show all metadata
ETH Bibliography
yes
Altmetrics