Skip to content
Information Technology

Aussie tech breakthrough to protect critical infrastructure from cyber attacks

RMIT University 3 mins read

A cutting-edge collaboration between tech startup Tide Foundation and RMIT University is translating ground-breaking research into homegrown cybersecurity capability. 

Australia’s critical infrastructure – including ports, energy grids and water supplies – reported 143 cyber attacks over the past year, up from 95 incidents the year before, according to the Australian Cyber Security Centre. 

In response to this growing threat, Federal Minister for Cyber Security Clare O'Neil recently announced 168 of the country’s critical infrastructure assets would now require enhanced cyber security, almost double the 87 assets previously deemed ‘systems of national significance’. 

Now a mathematical breakthrough allows system access authority to be spread invisibly and securely across a network, so there’s no weak link. This enables a fundamentally new approach to cybersecurity for critical infrastructure, which can be especially vulnerable to hacking thanks to legacy systems and its interconnected nature. 

The new technology, dubbed ‘ineffable cryptography’, has been explained in a joint study by Tide and RMIT mathematicians, recently pre-published online by arXiv. 

Study lead author from RMIT’s School of Science, Dr Joanne Hall, said the advance was built on multi-disciplinary collaboration, bringing her team’s expertise on mathematics and cryptography together with computing, technology and business insights to produce a thorough, cutting-edge solution. 

“With this collaboration we’re really looking ahead at what the next standard will be,” Hall said.   

Meanwhile, the technology has been incorporated into a prototype access control system specifically for critical infrastructure management, known as KeyleSSH, and successfully tested with multiple companies. 

Decentralised authority means no-one holds the key 

Tide Foundation Co-Founder, Michael Loewy, said traditional password-protected approaches to infrastructure access-control had proven insecure.  

Alternatives such as multifactor authentication and key-based access are expensive, carry their own vulnerabilities and can be overly complicated for users.  

“Ultimately, these approaches blindly trust the secrets that protect a system to individuals that hold the keys to the kingdom, an Achilles’ heel that today’s state of the art doesn’t address,” he said. 

Tide’s ineffable cryptography, on the other hand, allows data and devices to be locked with keys that no-one will ever hold.  

It works by generating and operating keys, in secrecy, across a decentralised network of servers, each operated by independent organisations.  

Each server in the network can only hold part of a key: no one can see the full keys, nor the entirety of the processes they are partially actioning, nor the assets they are unlocking. 

By spreading the process invisibly across the network, the keys that would-be hackers are seeking are never exposed. 

“It means no single point of failure or compromise and ultimately, keys that you can’t steal, lose or misuse,” Loewy said. 

“The applications enabled by this technology go well beyond cybersecurity for critical infrastructure to include securing identities, health information, financial systems, and privacy in AI applications.” 

Industry collaboration to build a cutting-edge solution 

 RMIT has been collaborating for three years with Tide – which amongst other accolades won Australian Information Security Association’s Cyber Startup of the Year in 2021.  

The technology’s bold claims have been scientifically validated during this collaboration, which has involved RMIT’s own Chief Information Security Officer and top mathematicians and cybersecurity experts in the School of Science and Centre for Cyber Security Research and Innovation. 

Most recently, a select group of cybersecurity students, supported by the RMIT Cloud Innovation Centre and RMIT’s AWS Cloud Supercomputing Hub (RACE), worked with industry partners to test the technology and prove its ability to solve critical infrastructure security challenges in ways that weren’t previously possible.   

RACE is Australia’s first university cloud supercomputing facility, allowing researchers, students and industry partners to test ideas and solutions together more than 100 times faster than existing on-site servers. 

RACE Director Dr Robert Shen said the student project, KeyleSSH, focused on integrating the Tide technology with SSH – a method for remote infrastructure management – then testing it with multiple industry partners. 

“The resulting project moves from the theoretical to the commercial and elevates the security benefits beyond key-base access control, without the complexity and cost,” Shen said. 

This project showcases a key element of what RACE brings to RMIT: empowering our researchers and industry partners with the tools and infrastructure necessary to enhance operational efficiency and accelerate innovation.” 

The solution has been met with enthusiasm by managed service providers involved in the trial, including Australian company Smart Building Services (SBS) Digital, which offers smart metering systems to industrial complexes.  

The company’s Chief Technology Officer, Jonathan Spinks, said that in the face of growing geopolitical complexities, it was imperative that entities responsible for servicing vital infrastructure such as airports and utilities could demonstrate they are beyond reproach. 

“Integrating Tide’s decentralised solution would ensure that access controls in SBS Digital’s Netstream utility platform are virtually immune to tampering,” Spinks said. 

Manifesting Unobtainable Secrets: Threshold Elliptic Curve Key Generation using Nested Shamir Secret Sharing’ (DOI: 10.48550/arXiv.2309.00915) by Joanne Hall, Yuval Hertzog, Michael Loewy, Matt Skerritt, Dominique Valladolid and Geetika Verma is available now as pre-print via ArXiv. 


Contact details:
Michael Loewy - michael@tide.org  +61 403 188 351
Dr Joanne Hall - joanne.hall@rmit.edu.au  +61 407 511 232

Media

More from this category

  • Information Technology
  • 18/09/2024
  • 23:10
Zoom Video Communications, Inc.

Zoom and Mitel announce strategic partnership to deliver differentiated AI-first hybrid communications and collaboration solution for enterprises worldwide

Mitel selects Zoom to jointly develop an exclusive hybrid offering with bi-directional capabilities between Zoom Workplace and Mitel communications platforms; enables Mitel customers with a path to transition to Zoom UCaaS on their termsSAN JOSE, Calif., Sept. 18, 2024 (GLOBE NEWSWIRE) -- Today, Zoom Video Communications, Inc. (NASDAQ: ZM) and Mitel, a global leader in business communications, announced a strategic partnership designed to empower enterprises worldwide with a unique hybrid cloud solution that combines Zoom Workplace and Zoom AI Companion with Mitel’s flagship communications platform in a modern, deeply integrated communication experience. The partnership will address growing enterprise demand for…

  • Information Technology
  • 17/09/2024
  • 22:10
Teledyne DALSA

Teledyne unveils the first 16k TDI line scan camera with a 1-Megahertz line rate

WATERLOO, Canada, Sept. 17, 2024 (GLOBE NEWSWIRE) -- Teledyne DALSA, a Teledyne Technologies [NYSE:TDY] company, is pleased to introduce the Linea™ HS2 TDI line scan camera family. Drawing on over four decades of industry leading expertise, this innovative camera series represents a significant breakthrough in next generation TDI technology. Designed for ultra-high-speed imaging in light starved conditions, it delivers exceptional image quality with 16k/5 µm resolution and boasts an industry leading maximum line rate of 1 Megahertz, or 16 Gigapixels per second data throughput.The Linea HS2 features a highly sensitive Backside Illuminated (BSI) multi-array charge-domain TDI CMOS sensor with 16k/5…

  • Business Company News, Information Technology
  • 17/09/2024
  • 13:08
Jane Morgan Management

Bigtincan Holdings Receives Non-Binding Proposal from Vector Capital for Potential Take-private Transaction

Sydney, 17 September 2024 | Bigtincan Holdings Limited (ASX: BTH) (“Bigtincan” or the “Company”), a leading provider of platform for AI-powered sales enablement automation services, has received a revised non-binding proposal (the “Proposal”) from Vector Capital Management, L.P. (“Vector” or “Vector Capital”) for a potential take-private transaction. The proposal includes an offer price of A$0.20 per share, reflecting an increase from previous communications. Proposal Details & Process: Having recently engaged with several shareholders and the Company, Vector Capital has secured investment committee approval and the necessary financing commitments to proceed with a potential transaction. The proposal outlines Vector’s intent to…

  • Contains:

Media Outreach made fast, easy, simple.

Feature your press release on Medianet's News Hub every time you distribute with Medianet. Pay per release or save with a subscription.