Digital emblem for humanitarian law in cyberspace

November 29, 2023

“A digital emblem has a unique combination of security requirements, namely authenticity, accountability and a property that we call covert inspection,” Linker says. Another key requirement is for the digital emblem to be managed in a decentralised way rather than by a central authority. His evaluation shows that the digital emblem cannot be misused by attackers and acts as a security guarantee. However, it will probably be several years before the digital emblem actually starts helping to protect the ICRC’s critical digital infrastructure and hospitals in war zones. It will also present legal pathways for bringing the digital emblem into operation.

Three years ago, the ICRC contacted the Centre for Cyber Trust, a research collaboration between ETH Zurich and the University of Bonn in the field of cybersecurity, with this idea of establishing a digital emblem. One of the people working on this since then is Felix Linker, who is currently writing his doctoral thesis in the group led by David Basin, Professor of Information Security at the Department of Computer Science at ETH Zurich. “A digital emblem has a unique combination of security requirements, namely authenticity, accountability and a property that we call covert inspection,” Linker says. The Authentic Digital EMblem (ADEM), which he has developed together with Basin, is based on the web PKI and CT ecosystem (Web PKI and CT stand for Web Public Key Infrastructure and Certificate Transparency). “We rely on existing best practices on the internet. What makes our work innovative is how we’ve combined different solutions to meet the technical requirements,” Linker says. In an article recently published in the Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, Linker and Basin describe in detail for the first time how ADEM works.

Machine-readable and decentralised

The emblem they have developed is cryptographically secured using a digital signature – a long sequence of bits that can be read by a program developed for this purpose. This makes it possible to retrieve information about the owner, the IP or domain worthy of protection, as well as the publisher of the emblem. “It’s important that the emblem can be read by machines, because most cyberattacks today are automated,” Linker says. In other words, hacker software needs to automatically load and read the emblem, so it can recognise that it is accessing a system belonging to an organisation that is protected by international humanitarian law. And that needs to happen during the software’s first reconnaissance, before it does any damage to the system.

Another key requirement is for the digital emblem to be managed in a decentralised way rather than by a central authority. States that are committed to international humanitarian law should be able to verify that a certain digital infrastructure on their territory is entitled to protection and therefore bears an emblem. To this end, ADEM is based on an open standard, so governments can adapt the emblem’s implementation as flexibly as possible to their own requirements.

Hackers remain undetected

Potential attacks on servers and networks can come from hacker groups, but also from states during a war. These want to remain undetected at all costs. “That’s why attackers must be able to view the emblem without either the protected institution or the issuer of the digital signature being able to tell that the emblem has been looked at.” Only then will potential attackers be prepared to have their systems run the scanner for detecting the emblem. “Standard internet authentication protocols aren’t suitable for this because they require interaction between the two parties involved,” Linker says. “That attracts attention, which means it won’t work in a conflict.” He managed to come up with a combination of suitable internet protocols (UDP, TLS and DNS) to mask the distribution of the emblem.

Linker has now evaluated the system in a security analysis under a comprehensive threat model. His evaluation shows that the digital emblem cannot be misused by attackers and acts as a security guarantee. He says that this provides proof of concept. He is now developing the first prototypes further, while colleagues from the Centre for Cyber Trust in Bonn will conduct interviews with hackers to find out how willing people are to respect such an emblem. After all, only then will they bother to run a program that can recognise emblems. But this is something Linker is confident about: in the past, hackers have been known to avoid humanitarian targets on occasion, “for ethical reasons or simply to avoid attracting too much attention.”

Difficult legal implementation

Vignati from the ICRC is satisfied: “ADEM fulfils all our original requirements for a digital emblem.” The main task now is to further optimise the emblem’s visibility to potential attackers. However, it will probably be several years before the digital emblem actually starts helping to protect the ICRC’s critical digital infrastructure and hospitals in war zones. “The legal implementation is very challenging,” Vignati says. Implementing the emblem in the legal framework calls for adjustments to the Geneva Conventions: “Either through a new additional protocol or through an addition to the existing protocols.” The ICRC plans to showcase ADEM, along with another system designed at John Hopkins University, at an international humanitarian law conference to be held in October 2024. It will also present legal pathways for bringing the digital emblem into operation. “That would be an important first step in strengthening humanitarian protection in cyberspace,” Vignati says.

The source of this news is from ETH Zurich

Popular in Research

1

Feb 15, 2024

Fifth cohort of Hansen Scholars join the University of Melbourne

2

Feb 13, 2024

£11m semiconductor research centre could be key player in UK’s net zero mission

3

Feb 15, 2024

MIT community members elected to the National Academy of Engineering for 2024

4

5 days ago

Stitch3D is powering a new wave of 3D data collaboration

5

Feb 9, 2024

Engineers to develop robot maintenance crews in space

Roundup of Key Statements

Oct 14, 2023

New path facilitates campus access for students

Feb 2, 2023