Cybersecurity and Software Assurance

Permanent URI for this collectionhttps://hdl.handle.net/10125/110010

Browse

Recent Submissions

Now showing 1 - 3 of 3
  • Thumbnail Image
    Item type: Item ,
    Hiding Signals in Quantum Random Noise
    (2025-01-07) Fiske, Michael
    An O(n) procedure for hiding m bits of signal inside of n−m bits of quantum random noise is introduced. When the signal and quantum noise have a uniform probability distribution, and the signal size is fixed, the security of a single, hidden signal transmission can be made arbitrarily close to perfect secrecy. Our hiding procedures are implemented with commercially available quantum random number generators, and current TCP/IP infrastructure. A random nonce helps unpredictably change the bit locations of the signal: a prior hidden signal transmission does not reveal information to Eve on where the current signal is hidden. This security property enables a new key exchange that hides public keys in quantum randomness; introduces a post-quantum key exchange with substantially smaller key sizes; offers a substantially greater classical complexity than the underlying public keys; and provides quantum complexity that is comparable to Grover’s quantum computing algorithm.
  • Thumbnail Image
    Item type: Item ,
    Viewing the State of Cybersecurity Through Its “Best Practices” and “Top 10” Lists
    (2025-01-07) Llanso, Thomas
    The field of cybersecurity is still relatively young, having grown up alongside mass adoption of the Internet. As the field has evolved, “Best Practices,” “Top 10,” and other similarly titled lists have emerged as an apparent means of simplifying an otherwise complex endeavor. We became curious about such lists: their audience, composition, length, similarity, and themes. To this end, from among the dozens of best practices lists in circulation, we studied a sample of 25 lists drawn from a range of sources. We find that there are many different view-points as to what best practices should be, with the lists more dissimilar than alike, on average. While our analysis suggests that resilience to adverse cyber events appears to be a common if implicit goal among the lists surveyed, we advance the premise that until the scientific underpinnings of cybersecurity are more firmly established, such lists are unlikely to converge.
  • Thumbnail Image
    Item type: Item ,
    Introduction to the Minitrack on Cybersecurity and Software Assurance
    (2025-01-07) Chamberlain, Luanne; Llanso, Thomas; George, Richard