Identifying critical components during information security evaluations

Electronic communications devices intended for government or military applications must be rigorously evaluated to ensure that they maintain data confidentiality. High-grade information security evaluations require a detailed analysis of the device's design, to determine how it achieves necessary security functions. In practice, such evaluations are labour-intensive and costly, so there is a strong incentive to find ways to make the process more efficient. In this paper we show how well-known concepts from graph theory can be applied to a device's design to optimise information security evaluations. In particular, we use end-to-end graph traversals to eliminate components that do not need to be evaluated at all, and minimal cutsets to identify the smallest group of components that needs to be evaluated in depth.

Coherent-state quantum key distribution without random basis switching

The random switching of measurement bases is commonly assumed to be a necessary step of quantum key distribution protocols. In this paper we present a no-switching protocol and show that switching is not required for coherent-state continuous-variable quantum key distribution. Further, this protocol achieves higher information rates and a simpler experimental setup compared to previous protocols that rely on switching. We propose an optimal eavesdropping attack against this protocol, assuming individual Gaussian attacks. Finally, we investigate and compare the no-switching protocol applied to the original Bennett-Brassard 1984 scheme.

Information flow analysis for fail-secure devices

Information security devices must preserve security properties even in the presence of faults. This in turn requires a rigorous evaluation of the system behaviours resulting from component failures, especially how such failures affect information flow. We introduce a compositional method of static analysis for fail-secure behaviour. Our method uses reachability matrices to identify potentially undesirable information flows based on the fault modes of the system's components.