Secure information sharing – secure multi-party computation in air traffic management
Easing confidentiality between business rivals through a clever use of mathematics
Secure Multi-party Computation is the preferred technique when multiple parties have to perform a computation, yet do not want to share private, confidential data. SecureDataCloud, the first research project about the application of SMC in air transport, has been recently completed by a team led by Dr. Zanin. The foundations of this technique are valuable for potential applications in the context of cyber-security, air transport and other domains.
The history of cryptography, i.e. the study of techniques for secure communication in the presence of adversaries, is fascinating and has been linked to social and cultural changes. Over two thousand years ago, the Caesar cypher was the state of the art. It involved an alphabet shift with a constant key, such that “abc” may be encrypted to “bcd”. This concept, while in actuality very simple to understand in present day, was a novel technique in the days of the Roman Empire.
Then, a substantial change in technology occurred in 1553, when the Vigenère cipher was invented by Giovan Battista Bellaso. This new cypher relied on a large key word, which controls the letter substitution depending on the letter used from the key word. If the key word is long enough, ideally, as long as the message itself, this schema is secure. The challenge of transmitting a long secret key was to use sentences from books that were owned by both the sender and the receiver, which in those days was less probable.
The most progress made in the cryptographic evolution has been achieved in the last decades, through the development of Secure Multi-party Computation (SMC) techniques. Previously, the scenario involved two parties trying to maintain privacy against an external adversary. However, in many modern applications, two or more parties need to maintain their privacy against each other, not just external adversaries. Yes, they still need to collaborate to exchange critical information, which is a significant change in the information security framework.
Secure computation was invented by Andrew Yao in 1982, and can be exemplified by the following problem, as originally proposed by Yao himself. Suppose two millionaires, Alice and Bob, are interested in knowing which is wealthier yet they do not want to reveal their actual wealth. To put in a different way, both parties (Alice and Bob) possess some information, respectively represented by A and B; the SMC problem is then an evaluation of a function C = f(A, B), such that at the end both Alice and Bob get to know C, but they don’t gain any additional information about A and B.
Many solutions have been proposed in the last 30 years enabling the evaluation of (almost any) functions. The mathematics involved in such computations could be complex and the computational cost associated with SMC protocols is high. Just to give an example, the secure two-party evaluation of an Advanced Encryption Standard (AES) encryption was achieved in 2007 (Lindell and Pinkas, 2007) but the computation takes around 20 minutes. Using SMC to access your bank account could be really secure but access to the information may take 20 minutes.
Innaxis started working on solving certain information-sharing paradigms in Air Traffic Management (ATM) using SMC in 2012. In these scenarios, different stakeholders must share information to reach a common goal, as mandated by the concept of Collaborative Decision-Making (CDM). Such information may be confidential and parties may not be comfortable sharing them due to high risk and confidentiality. For instance, considering the case of slot trading, airlines may be interested in trading slots, but revealing their target price is tantamount to giving away business information (i.e. the business value of that slot, the number of passengers they expect to allocate there, and so forth). Other applications of SMC could enable the exchange of safety information; exchanging the number of certain safety critical events might be beneficial to all airlines, but this kind of information is confidential and very sensitive and would better be shared through a SMC protocol.
Can these problems be solved by a trusted “neutral-party”, which is in charge of managing the information and ensure no ill-conceived analyses are executed? Possibly, but you have to find and trust the information maintains confidentiality within the neutral-party and ensure the security of the communication links in the transmission of the data. Additionally, having a single entity with access to every piece of data makes the system very vulnerable to cyber-attacks.
Starting from these considerations, we decided to start a research line concerning the use of SMC within air transport. The SESAR programme of the European Union recognised the value of this and financed the research project SecureDataCloud. We addressed two important problems: the trading of airport slots by airlines, and the calculation of delay statistics, both processed in a secure way.
The reader may refer to the several publications that resulted from this research work, with concrete implementation details that take address and solve the mathematical and computation challenges. Specifically, (Zanin et al., 2013) outlines the main ideas beyond the project and how SMC could be applied to ATM. (Zanin et al., 2014) and (Zanin et al., 2016) study a parallel problem, i.e. the creation of a secure CO2 allowance trading mechanism. Finally, (Zanin et al., 2015) deals with the problem of creating a secure trading mechanism for airport slot allocation.
Massimiliano Zanin will present SMC for air transport applications in the forthcoming Eurocontrol Cyber-security workshop, next March 23rd in Toulouse. If you need more details, about this talk or SMC in general, please feel free to contact Massimiliano, at email@example.com.
Y. Lindell and B. Pinkas, “An efficient protocol for secure two-party computation in the presence of malicious adversaries,”Eurocrypt 2007, vol. Springer LNCS 4515, pp. 52-78, 2007.
Zanin, Massimiliano, et al. “SecureDataCloud: Introducing Secure Computation in ATM.” SESAR Innovation Days,Stockholm (2013).
Zanin, Massimiliano, et al. “Enabling the Aviation CO2 Allowance Trading Through Secure Market Mechanisms.” SESAR Innovation Days, Madrid (2014).
Zanin, Massimiliano, et al. “Design and Implementation of a Secure Auction System for Air Transport Slots.” Services (SERVICES), 2015 IEEE World Congress on. IEEE, 2015.
Zanin, Massimiliano, et al. “Towards a Secure Trading of Aviation CO2 Allowance”. Journal of Air Transport Management, in press, 2016.