Prominent academics, researchers and developers in cyber security arrived in Malta this week to attend the ‘21st annual Financial Cryptography and Data Security conference’ – on the use of cryptography in financial and commercial security. New research on blockchain, bitcoin, data security and privacy was presented at the week-long event, which focuses on the security of vital systems – from finance and banking to the Internet to air travel – and ensuring they are resistant to hackers.
The goal of the conference is to bring security and cryptography researchers and practitioners together with economists, bankers, implementers and policy-makers. The program features talks, academic presentations, technical demonstrations and panel discussions – the session on bitcoin and blockchain was held on Tuesday.
Attendees included Adam Back, CEO of Blockstream; Emin Gün Sirer of Cornell University; Vitalik Buterin of Ethereum; Charles Hoskinson, CEO of IOHK, and Silvio Micali, Turing Prize winner and cryptography pioneer who delivered the keynote address on Monday. Aggelos Kiayias, Chair of Cyber Security and privacy at the University of Edinburgh and director of its Blockchain Technology Laboratory, organised the programme.
One of the pieces of research shown at the event was ‘Economy Class Crypto: Exploring Weak Cipher Usage in Avionic Communications via ACARS’, describing how hackers can exploit a previously undiscovered vulnerability in aircraft communications and interfere with the control of airplanes by deciphering the signals sent between the plane and control towers. This has prompted conversations with authorities to discuss how to combat this risk around the globe.
‘Why Banker Bob (still) Can’t Get TLS Right: A Security Analysis of TLS in Leading UK Banking Apps’ was comprised of an evaluation of the cryptography of apps from the top 15 consumer banks. Security flaws in popular banking apps from the biggest UK banks could make them an easy target for phishing and other attacks. With 11 million logins to UK banking apps each day, the findings from the researchers at the University of Birmingham highlight a need for banks to promptly undertake a thorough review of their security.
The issue of trust was tackled in ‘Trust Is Risk: A Decentralized Financial Trust Platform’. Researchers combined principles of game theory with bitcoin to create a system that vouches for individuals’ reputations so you know how much you can trust them. This reputation verification works without the need for the stars and reviews that are commonplace on centralized platforms.
A voting system to ensure maximum privacy for voters was the focus of ‘A Smart Contract for Boardroom Voting with Maximum Voter Privacy;. By avoiding using a third party to count the votes and using a self-executing smart contract to do it instead, the service keeps data private. The execution of the protocol is enforced using the consensus mechanism that also secures the Ethereum blockchain.
New options on purchasing options with cryptocurrencies were discussed in ‘Escrow protocols for cryptocurrencies: How to buy physical goods using Bitcoin’. In practice a third-party escrow service is used to offer the buyer and seller security over the transactions; however, there are privacy and security issues with this which this discussion tackled.
Kiayias commented: “The conference is a unique opportunity for world leading researchers in cryptography, data security and privacy to come together. The findings presented in the conference will influence best practices and contribute to new standards for cyber security in the information technology industry,”