Ariel Waissbein

Foundations and applications for secure triggers

Imagine there is certain content we want to maintain private until some particular event occurs, when we want to have it automatically disclosed. Suppose, furthermore, that we want this done in a (possibly) malicious host. Say the confidential content is a piece of code belonging to a computer program that should remain ciphered and then “be triggered” (i.e., deciphered and executed) when the underlying system satisfies a preselected condition, which must remain secret after code inspection. In this work we present different solutions for problems of this sort, using different “declassification” criteria, based on a primitive we call secure triggers. We establish the notion of secure triggers in the universally composable security framework of Canetti [2001] and introduce several examples. Our examples demonstrate that a new sort of obfuscation is possible. Finally, we motivate its use with applications in realistic scenarios.

The impact of predicting attacker tools in security risk assessments

In this article we present a new model and method for anticipating attacks against the networked computing infrastructures for an organization. The model combines existing models for cyber-attack representation and attack planning, with a new approach at anticipating what tools (e.g., exploits) an unknown attacker may hold. This approach allows us to take statistical samples of exploits an attacker could hold. Combining attack simulation and attack planning with a sampling algorithm, we show that we are able to derive information that can be used to anticipate threats. As a result, the model allows predictive risk assessments improving over older reactive models. We further present a software solution that implements this model by introducing a sampling algorithm and combining it with software for simulating attacks and automatically planning them. Finally, using this tool, we derive a mechanism to compute a security metric that describes which is the most fragile computer in the network.

Efficient Inversion of Rational Maps Over Finite Fields

We study the problem of finding the inverse image of a point in the image of a rational map F : \( \mathbb{F}_q^n \to \mathbb{F}_q^n \) over a finite field \( \mathbb{F}_q \). Our interest mainly stems from the case where F encodes a permutation given by some public-key cryptographic scheme. Given an element y (0)∈F(\( \mathbb{F}_q^n \)), we are able to compute the set of values x (0)∈\( \mathbb{F}_q^n \) for which F(x (0)= y (0) holds with O(Tn 4.38 D 2.38δlog2 q) bit operations, up to logarithmic terms. Here T is the cost of the evaluation of F 1,..., F n, D is the degree of F and δ is the degree of the graph of F.