All projects Privacy Protection & CryptographyBlockchains & Smart ContractsSoftware VerificationDevice & System SecurityMachine LearningFinanceHealthGovernment & HumanitarianCritical InfrastructureDigital Information
Sep 2020 → Dec 2021 Project

Secure Distributed-Learning on Threat Intelligence

Partner: armasuisse
Partner contact: Alain Mermoud
EPFL laboratory: Laboratory for Data Security (LDS)
EPFL contact: Prof. Jean-Pierre Hubaux, Juan Troncoso, Romain Bouyé

Cyber security information is often extremely sensitive and confidential, it introduces a tradeoff between the benefits of improved threat-response capabilities and the drawbacks of disclosing national-security-related information to foreign agencies or institutions. This results in the retention of valuable information (a.k.a. as the free-rider problem), which considerably limits the efficacy of data sharing. The purpose of this project is to resolve the cybersecurity information-sharing tradeoff by enabling more accurate insights on larger amounts of more relevant collective threat-intelligence data. This project will have the benefit of enabling institutions to build better models by securely collaborating with valuable sensitive data that is not normally shared. This will expand the range of available intelligence, thus leading to new and better threat analyses and predictions.

TopicsPrivacy Protection & CryptographyMachine Learning

Sep 2019 → Nov 2021 Project

Analysis of encryption techniques in ACARS communications

Partner: armasuisse
Partner contact: Martin Strohmeier
EPFL laboratory: Security and Privacy Engineering Laboratory (SPRING)
EPFL contact: Prof. Carmela Troncoso, Wouter Lueks

In this collaboration (structured in two projects) we develop an automated tool to flag messages sent by planes which are suspicious of using weak encryption mechanisms. We mainly focus on detecting the use of classical ciphers like substitution and transposition ciphers. The tool flags messages and identifies the family of ciphers. We also aim to develop automated decryption techniques for the weakest ciphers.

TopicsPrivacy Protection & CryptographyCritical Infrastructure

Apr 2019 → Apr 2020 Project

Auditable Sharing and Management of Sensitive Data Across Jurisdictions

Partner: Swiss Re
Partner contact: Stephan Schreckenberg
EPFL laboratory: Decentralized Distributed Systems Laboratory (DEDIS)
EPFL contact: Prof. Bryan Ford

This work aims at creating a Proof of Concept of storing and managing data on a blockchain. This work answers the following two use-cases: (i) compliant storage, transfer and access management of (personal) sensitive data and (ii) compliant cross-border or cross-jurisdiction data sharing. DEDIS brings to the table a permissioned blockchain and distributed ledger using a fast catch up mechanism that allows for very fast processing of the requests, while staying secure. It also includes a novel approach to encryption and decryption, where no central point of failure can let the documents be published to outsiders (Calypso). Swiss Re brings to the table interesting use cases which will require DEDIS to extend Calypso to implement data location policies.

TopicsPrivacy Protection & CryptographyBlockchains & Smart ContractsSoftware Verification