Skip to content
Information Technology

Aussie tech breakthrough to protect critical infrastructure from cyber attacks

RMIT University 3 mins read
RMIT Mathematician Dr Joanne Hall with Tide Co-Founder Michael Loewy and RMIT AWS Cloud Supercomputing Hub Director Dr Robert Shen. Credit: Peter Clarke.

A cutting-edge collaboration between tech startup Tide Foundation and RMIT University is translating ground-breaking research into homegrown cybersecurity capability. 

Australia’s critical infrastructure – including ports, energy grids and water supplies – reported 143 cyber attacks over the past year, up from 95 incidents the year before, according to the Australian Cyber Security Centre. 

In response to this growing threat, Federal Minister for Cyber Security Clare O'Neil recently announced 168 of the country’s critical infrastructure assets would now require enhanced cyber security, almost double the 87 assets previously deemed ‘systems of national significance’. 

Now a mathematical breakthrough allows system access authority to be spread invisibly and securely across a network, so there’s no weak link. This enables a fundamentally new approach to cybersecurity for critical infrastructure, which can be especially vulnerable to hacking thanks to legacy systems and its interconnected nature. 

The new technology, dubbed ‘ineffable cryptography’, has been explained in a joint study by Tide and RMIT mathematicians, recently pre-published online by arXiv. 

Study lead author from RMIT’s School of Science, Dr Joanne Hall, said the advance was built on multi-disciplinary collaboration, bringing her team’s expertise on mathematics and cryptography together with computing, technology and business insights to produce a thorough, cutting-edge solution. 

“With this collaboration we’re really looking ahead at what the next standard will be,” Hall said.   

Meanwhile, the technology has been incorporated into a prototype access control system specifically for critical infrastructure management, known as KeyleSSH, and successfully tested with multiple companies. 

Decentralised authority means no-one holds the key 

Tide Foundation Co-Founder, Michael Loewy, said traditional password-protected approaches to infrastructure access-control had proven insecure.  

Alternatives such as multifactor authentication and key-based access are expensive, carry their own vulnerabilities and can be overly complicated for users.  

“Ultimately, these approaches blindly trust the secrets that protect a system to individuals that hold the keys to the kingdom, an Achilles’ heel that today’s state of the art doesn’t address,” he said. 

Tide’s ineffable cryptography, on the other hand, allows data and devices to be locked with keys that no-one will ever hold.  

It works by generating and operating keys, in secrecy, across a decentralised network of servers, each operated by independent organisations.  

Each server in the network can only hold part of a key: no one can see the full keys, nor the entirety of the processes they are partially actioning, nor the assets they are unlocking. 

By spreading the process invisibly across the network, the keys that would-be hackers are seeking are never exposed. 

“It means no single point of failure or compromise and ultimately, keys that you can’t steal, lose or misuse,” Loewy said. 

“The applications enabled by this technology go well beyond cybersecurity for critical infrastructure to include securing identities, health information, financial systems, and privacy in AI applications.” 

Industry collaboration to build a cutting-edge solution 

 RMIT has been collaborating for three years with Tide – which amongst other accolades won Australian Information Security Association’s Cyber Startup of the Year in 2021.  

The technology’s bold claims have been scientifically validated during this collaboration, which has involved RMIT’s own Chief Information Security Officer and top mathematicians and cybersecurity experts in the School of Science and Centre for Cyber Security Research and Innovation. 

Most recently, a select group of cybersecurity students, supported by the RMIT Cloud Innovation Centre and RMIT’s AWS Cloud Supercomputing Hub (RACE), worked with industry partners to test the technology and prove its ability to solve critical infrastructure security challenges in ways that weren’t previously possible.   

RACE is Australia’s first university cloud supercomputing facility, allowing researchers, students and industry partners to test ideas and solutions together more than 100 times faster than existing on-site servers. 

RACE Director Dr Robert Shen said the student project, KeyleSSH, focused on integrating the Tide technology with SSH – a method for remote infrastructure management – then testing it with multiple industry partners. 

“The resulting project moves from the theoretical to the commercial and elevates the security benefits beyond key-base access control, without the complexity and cost,” Shen said. 

This project showcases a key element of what RACE brings to RMIT: empowering our researchers and industry partners with the tools and infrastructure necessary to enhance operational efficiency and accelerate innovation.” 

The solution has been met with enthusiasm by managed service providers involved in the trial, including Australian company Smart Building Services (SBS) Digital, which offers smart metering systems to industrial complexes.  

The company’s Chief Technology Officer, Jonathan Spinks, said that in the face of growing geopolitical complexities, it was imperative that entities responsible for servicing vital infrastructure such as airports and utilities could demonstrate they are beyond reproach. 

“Integrating Tide’s decentralised solution would ensure that access controls in SBS Digital’s Netstream utility platform are virtually immune to tampering,” Spinks said. 

Manifesting Unobtainable Secrets: Threshold Elliptic Curve Key Generation using Nested Shamir Secret Sharing’ (DOI: 10.48550/arXiv.2309.00915) by Joanne Hall, Yuval Hertzog, Michael Loewy, Matt Skerritt, Dominique Valladolid and Geetika Verma is available now as pre-print via ArXiv. 

Contact details:
Michael Loewy -  +61 403 188 351
Dr Joanne Hall -  +61 407 511 232


More from this category

  • Information Technology
  • 01/12/2023
  • 01:07

Cleverbridge Launches CleverInsights to Deliver Accurate, AI-Powered Analytics for Subscription Businesses

The product's easy-to-use dashboards empower companies to accurately benchmark and forecast performance, calculate robust customer health scores, and more.COLOGNE, GERMANY / ACCESSWIRE / November 30, 2023 / Cleverbridge, a growth engine for global technology companies, today announced the launch of CleverInsights, an advanced analytics suite that leverages AI and 18+ years of eCommerce data to provide unparalleled visibility into recurring revenue, retention, and other essential subscription metrics. Pre-built dashboards for benchmarking, forecasting, anomaly detection, and customer health scoring empower organizations to derive deep insights and optimize performance in near real-time amid an uncertain and ever-changing business environment. These features streamline…

  • Information Technology
  • 29/11/2023
  • 10:07
SEAtS Software

SEAtS Software, a Leading EdTech Provider, Announces Global Launch of Stand-Alone Mitigating Circumstances Solution

DUBLIN, Ireland, Nov. 28, 2023 (GLOBE NEWSWIRE) -- SEAtS Software, a leading provider of student success solutions, is proud to announce the global availability of their stand-alone mitigating & special circumstances solution. This solution is designed to help higher education institutions manage the increasing volume and complexity of mitigating and special circumstances applications from students.Mitigating and special circumstances are situations that affect a student's ability to perform academically, such as illness, bereavement, or personal issues. These situations require a fair and transparent process to assess the impact on the student's grades and provide appropriate support and adjustments.However, many institutions are…

  • Information Technology
  • 29/11/2023
  • 07:07
CSP, Inc.

ARIA Cybersecurity Partners With Logi-Tech To Protect Australia’s Critical Infrastructure From Growing Cyberthreat

Leading Australian MSSP launches new managed Security Operations Center (SOC) service for IT and critical infrastructure customersBOSTON, MA / ACCESSWIRE / November 28, 2023 / ARIA Cybersecurity Solutions, a CSPi business (NASDAQ:CSPI), has launched its AZT PROTECT™ solution in Australia via a partnership with Logi-Tech, a leading local managed security service provider (MSSP). By adding AZT PROTECT to its portfolio, Logi-Tech can offer a groundbreaking service for protecting critical applications in operational technology (OT) environments such as manufacturing, mining, and government.Logi-Tech's new managed Security Operations Center (SOC) service is based on a combination of the ARIA Advanced Detection Response (ADR)…

Media Outreach made fast, easy, simple.

Feature your press release on Medianet's News Hub every time your distribute with Medianet. Pay per release or save with a subscription.