Skip to content
Information Technology

Aussie tech breakthrough to protect critical infrastructure from cyber attacks

RMIT University 3 mins read
RMIT Mathematician Dr Joanne Hall with Tide Co-Founder Michael Loewy and RMIT AWS Cloud Supercomputing Hub Director Dr Robert Shen. Credit: Peter Clarke.

A cutting-edge collaboration between tech startup Tide Foundation and RMIT University is translating ground-breaking research into homegrown cybersecurity capability. 

Australia’s critical infrastructure – including ports, energy grids and water supplies – reported 143 cyber attacks over the past year, up from 95 incidents the year before, according to the Australian Cyber Security Centre. 

In response to this growing threat, Federal Minister for Cyber Security Clare O'Neil recently announced 168 of the country’s critical infrastructure assets would now require enhanced cyber security, almost double the 87 assets previously deemed ‘systems of national significance’. 

Now a mathematical breakthrough allows system access authority to be spread invisibly and securely across a network, so there’s no weak link. This enables a fundamentally new approach to cybersecurity for critical infrastructure, which can be especially vulnerable to hacking thanks to legacy systems and its interconnected nature. 

The new technology, dubbed ‘ineffable cryptography’, has been explained in a joint study by Tide and RMIT mathematicians, recently pre-published online by arXiv. 

Study lead author from RMIT’s School of Science, Dr Joanne Hall, said the advance was built on multi-disciplinary collaboration, bringing her team’s expertise on mathematics and cryptography together with computing, technology and business insights to produce a thorough, cutting-edge solution. 

“With this collaboration we’re really looking ahead at what the next standard will be,” Hall said.   

Meanwhile, the technology has been incorporated into a prototype access control system specifically for critical infrastructure management, known as KeyleSSH, and successfully tested with multiple companies. 

Decentralised authority means no-one holds the key 

Tide Foundation Co-Founder, Michael Loewy, said traditional password-protected approaches to infrastructure access-control had proven insecure.  

Alternatives such as multifactor authentication and key-based access are expensive, carry their own vulnerabilities and can be overly complicated for users.  

“Ultimately, these approaches blindly trust the secrets that protect a system to individuals that hold the keys to the kingdom, an Achilles’ heel that today’s state of the art doesn’t address,” he said. 

Tide’s ineffable cryptography, on the other hand, allows data and devices to be locked with keys that no-one will ever hold.  

It works by generating and operating keys, in secrecy, across a decentralised network of servers, each operated by independent organisations.  

Each server in the network can only hold part of a key: no one can see the full keys, nor the entirety of the processes they are partially actioning, nor the assets they are unlocking. 

By spreading the process invisibly across the network, the keys that would-be hackers are seeking are never exposed. 

“It means no single point of failure or compromise and ultimately, keys that you can’t steal, lose or misuse,” Loewy said. 

“The applications enabled by this technology go well beyond cybersecurity for critical infrastructure to include securing identities, health information, financial systems, and privacy in AI applications.” 

Industry collaboration to build a cutting-edge solution 

 RMIT has been collaborating for three years with Tide – which amongst other accolades won Australian Information Security Association’s Cyber Startup of the Year in 2021.  

The technology’s bold claims have been scientifically validated during this collaboration, which has involved RMIT’s own Chief Information Security Officer and top mathematicians and cybersecurity experts in the School of Science and Centre for Cyber Security Research and Innovation. 

Most recently, a select group of cybersecurity students, supported by the RMIT Cloud Innovation Centre and RMIT’s AWS Cloud Supercomputing Hub (RACE), worked with industry partners to test the technology and prove its ability to solve critical infrastructure security challenges in ways that weren’t previously possible.   

RACE is Australia’s first university cloud supercomputing facility, allowing researchers, students and industry partners to test ideas and solutions together more than 100 times faster than existing on-site servers. 

RACE Director Dr Robert Shen said the student project, KeyleSSH, focused on integrating the Tide technology with SSH – a method for remote infrastructure management – then testing it with multiple industry partners. 

“The resulting project moves from the theoretical to the commercial and elevates the security benefits beyond key-base access control, without the complexity and cost,” Shen said. 

This project showcases a key element of what RACE brings to RMIT: empowering our researchers and industry partners with the tools and infrastructure necessary to enhance operational efficiency and accelerate innovation.” 

The solution has been met with enthusiasm by managed service providers involved in the trial, including Australian company Smart Building Services (SBS) Digital, which offers smart metering systems to industrial complexes.  

The company’s Chief Technology Officer, Jonathan Spinks, said that in the face of growing geopolitical complexities, it was imperative that entities responsible for servicing vital infrastructure such as airports and utilities could demonstrate they are beyond reproach. 

“Integrating Tide’s decentralised solution would ensure that access controls in SBS Digital’s Netstream utility platform are virtually immune to tampering,” Spinks said. 

Manifesting Unobtainable Secrets: Threshold Elliptic Curve Key Generation using Nested Shamir Secret Sharing’ (DOI: 10.48550/arXiv.2309.00915) by Joanne Hall, Yuval Hertzog, Michael Loewy, Matt Skerritt, Dominique Valladolid and Geetika Verma is available now as pre-print via ArXiv. 


Contact details:
Michael Loewy - michael@tide.org  +61 403 188 351
Dr Joanne Hall - joanne.hall@rmit.edu.au  +61 407 511 232

Media

More from this category

  • Information Technology
  • 13/06/2024
  • 21:52
HotelRunner

HotelRunner Joins MarketHub Europe by HBX Group as Platinum Sponsor

HotelRunner, the leading hospitality and travel technologies platform, will attend MarketHub Europe by HBX Group as the Platinum Sponsor. This year's event will take place to explore "New Frontiers" in the travel industry and beyond from June 25 to 28, 2024, in Istanbul, where HotelRunner has been the undisputed market leader for over a decade.LONDON, UK / ACCESSWIRE / June 13, 2024 / MarketHub Europe by HBX Group has been a pivotal event in the travel and hospitality industry for over 8 years, consistently bringing together top industry players from around the globe. Since its inception in Seville in 2013,…

  • Information Technology
  • 12/06/2024
  • 23:07
21CS

21CS Releases Enhanced Version of IBM Streams

Revolutionizing Real-Time Data AnalyticsBOSTON, MA / ACCESSWIRE / June 12, 2024 / 21CS announces the release of 21CS Streams, formerly IBM Streams, a cutting-edge event stream processing (ESP) platform used to ingest and analyze vast amounts of real-time data with ultra-low-latency. 21CS Streams transforms the way organizations harness and interpret massive amounts of data without interruption. By providing instantaneous insights with AI integration, organizations can swiftly identify both opportunities and risks as they unfold. The applications are limitless. Streams has enabled one of the United States's largest telecommunications companies to predict customer intent on service calls by mining voice data…

  • Information Technology
  • 12/06/2024
  • 11:34
Charles Darwin University

CDU EXPERT: Apple’s changes put users at security and private risk, expert says

12 JUNE, 2024 Who: Charles Darwin University Artificial Intelligence expert Associate Professor Niusha Shafiabady Topics: Apple’s new Artificial Intelligence updates Artificial Intelligence, machine learning, data analysis, modelling, deep learning and more. Contact details: Call +61 8 8946 6721 or email media@cdu.edu.au to arrange an interview. Quotes attributable to Associate Professor Niusha Shafiabady: “Collecting information and data from each user’s communications and contacts and feeding it to an AI engine to produce personalised content to that person puts people at more security and privacy risk. This risk would not come from the OpenAI deal directly but from collecting data from different…

Media Outreach made fast, easy, simple.

Feature your press release on Medianet's News Hub every time you distribute with Medianet. Pay per release or save with a subscription.