From 29a5b73a1a7b0add7841a78e3bf395ce31254e66 Mon Sep 17 00:00:00 2001 From: Gabriele Spini Date: Fri, 28 Oct 2022 14:22:55 +0200 Subject: [PATCH 1/2] Add SACTI logo --- ...e_aggregation_of_cyber_threat_intelligence.md | 2 +- static/img/blog/sacti/SACTI_logo_small.jpg | Bin 0 -> 6734 bytes 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 static/img/blog/sacti/SACTI_logo_small.jpg diff --git a/content/blog/SACTI_Secure_aggregation_of_cyber_threat_intelligence.md b/content/blog/SACTI_Secure_aggregation_of_cyber_threat_intelligence.md index d896434..a2f4fbd 100644 --- a/content/blog/SACTI_Secure_aggregation_of_cyber_threat_intelligence.md +++ b/content/blog/SACTI_Secure_aggregation_of_cyber_threat_intelligence.md @@ -2,7 +2,7 @@ title: SACTI - Secure aggregation of cyber threat intelligence date: 2022-10-27 layout: post -banner: /img/blog/sacti/Picture4.png +banner: /img/blog/sacti/SACTI_logo_small.jpg --- # **SACTI: Secure aggregation of cyber threat intelligence** diff --git a/static/img/blog/sacti/SACTI_logo_small.jpg b/static/img/blog/sacti/SACTI_logo_small.jpg new file mode 100644 index 0000000000000000000000000000000000000000..fdb6f16b95a87352e23af14b4d9f1e6d1e46699f GIT binary patch literal 6734 zcmcI{Wl)^kvi9IXgG123;2I!6un-{Fuwjre5Om}2IuIbiCD;JNhTsx(f(OxsS3S?OR#jJb-_PE!0LVcq>M8&%EGz*0;RD>y z1C#*xxVX4@xcGQ@_=NZmKk*}c{71wjL`1|yL?q-S|1xqCvd83)$w;WEsHv%_m>3xu znV$Y*e}iBV5D<`(kkXTr(=*Ue&@lWH{GTrFzXB*80c5ejI9L<_YzizK3atAc022U! zjq{)u3-FH-;Nd^Q#likNszVOI!okMI$08#n#3TIs3>G#HE&vaof`F2WO+-P5nvPvm zLRa6y<3n;y-S{IKAjcc;)citPdPOBY&#;tQh^1BN1gDs!7p$POYwYL&lJSA+Z^nP< z00103Y+QUSf`_2ggEA~^Y&;@796SKdzmEJ(NFjnp$)=z~MNK0rru)FviJzQ5c0|jr z2(*ONtUmWVzDEN{a2{|ea3}!sfT`zLuc!%9GdwICk+2hbw+;^l;9-@n^NFs8D7J0V z(Z@f%a?;gqX%*8iKBO<}@jJBjA**;1YaynU{5eLo?^;9-A@4?laZQ2Xo}{QESs({V zNpV4l@=8(An$5*D8QRH1z>T+Ut@YE?XYrcB!f~`_TT$82DVcA@6J_>>S42$Ufjx%J@NENN<>2{^AI5d|fRQ$VlXyG?QygS~Y(vreqQA z=kFg(V%(D~v^Jq2YW;ZJ;Lek=ZnLk@j?wD{sLg(ub z=iMka3{D1j662OS=wrDCgr8Q3>xTWAlQ8Yi-cP(ZX9J4lDQm=r21P`p+RahjQ<-Q? z;^Pq+Vt-M;)xckqVz*KTZLFoi9<#=sDILVipY#6z8)epCuME3U&0f{)&u`ww7dpb% zaL?@-6Usnot#)0l9$&}X$HWDHRvtNhZGmtaYU5$y#2k;%b@PC~QRxnTA(>A|g6u@8 zDSAoykL;WQUD17r;DVm$n(a6&GcGPhv5!zPW=IMzUS8o3+CZk!r<#G~!kI!7)`DY~^635SNpIs!dn;J#vO7nfmXAD5m@l zKGPT~?q#^;BqNbNp1q6UKDyoU;`LA}%I}OalVSZ)bjRAJWh2Dno%%v-o58X=?R_as z7v@*N!PIe3BAWhwo5$T|__~NoFt!OXno*2s|KX+bHdMB?LSOl3K#F{+D(iZF0c5QYN`KOE zhjM34LWJ2FNvz^j*r6Nj#eKOp((8?{a0_MYBg+i1ReS`E$Z)BJ3iT`n^s#EG3Bu=o ztn`^=ByvVl%)h8hs9;PSl9__g?igxFoR^_z?_--gkjGve3#-s{_Q>u){lQS_d)w?CI43GPKNLYUeD zY;Hs6PzwgGK#ZX~J6IhAtBJTg4D{g`d%1dS}~r6NHkTX&;r_{y?Am&RZ$5 z*IlbZ?clf9Dcj-%aW9h#e+BXL1&ntyNp#p;A{{McB_q9UoE_uY31puCpvAEws&k3zKHr>Q5tGYwx-?Aorr7E||7?XI)gI+U9Rf zjSm@zOMHs;5ZiKblt8)i#(5F0ypk>+YAWjzJ8>;5NVo?m&+$=rG;Ln47`xvCI;Y>Y z1bVvBz06Bmnch)Bqf>E~OUr;SlL&HZy!c&TvVXJ*2UemmpkNpGR@u$DiMwL)etBJu zrn7s%hs*k|qtjeF@Kx#zYZ>Rl)jiFy z4otv9$C->2DZ@)Qe00SdvrwCcO_m1B+t3A715(3ubWa%(PVAX)oE=i5Swl)Say;8y zeTupCI0dB*kLT8P0%Q}Ed)J5Ti9No|`U? zq%C&Su~CwE15Tp8ESCbpC*ZMZ&ISYk7>#zd~3B=FyY({ z+Q*0ekYR+NT_cBsxxr)tv4p@;J9)FE6!9$iJZWxv>LvjE^hKGz1*G?Q{^mV^Bk-(jw3YPkqX~Gaj-r*XV=XZt>-wv=C5G7+=&v6#z;Y&a@qVkf=gLXx znbP|fPal^%m@ZluoRt<(HfoMDRY*s9#y&xK4MJ$BXirXeYkR(8CfC7cJGnAl47nx*VUPRwun zr~8klMormF#N@=AK%ZMZ_`mRadQJ&Wn^LQy(3W6H8VPG;x`sub=k$~HoN9!_;>yw2 z#p1%rf*h&rw*M%%7;Pn#7V!{3Y2beC{$zvPDN=ujiTsNLH9HFe-7=!(g{xP~yY^Pvmh$Eh2U?kJ zkmM#_=GwFYUS_VkaHgC`2?%|>II6lY^odMMy4}2-)n2wQ+?HsP#QB(E09# zO6u=I%h%13r)R09yKk~td4hjCtgrtxqH$$vrEpRlc_<#j(Qe7k@RBc-l93k@vzYpv zDfWUAQo9f0j^z}+(QyY)o6RTB20>J%Bbyx2r2HUeLiJ;bN~tB4M9lYkWEUsS8~N`zf2ebo$agAaYqz zby?@TVb(NkTo;x8NFaUTuop!;A5CdCRO12iF;0>UCBQ|<_G+lCcK7F_knvy<2mICO zBk}b=q+yKQl2$1vU|_rY8AEld6@>E-I~gb$Kj#kV#?r!;#OXVLSKYwvr0JO>_mNdMg7ndVZGvdNkLy_ zL&^0dp?yR}w*>3@c~++SNhu99!VcGa`LPjZ(V)fhLaLo?RvkOJ4fMlj{0W56^6BiYJO>%-v_Ze6gs)H7K|lWh%C{Td5F8K_ zL}&?)scE5DfK(cn?np|DPkLEj`dqWh*>QMZxz4BNE&blV&I~Si@hXp+!O|#!J^JG{ zb&onupNW^e{@Xd9Ado5NjG6L`ih#rtX(W;)^(4nQs#swPD6gpOXez(tW>~e&K4rAA zqKyamw9mVk?_y%3vv`R5U@ftz zdjP?FK}r2SMOo0C{O~%R(&B{r73{V`zbSC)jQ^LL{Y`s!WCd{zb8J=ZF$Cx;rfNek zRUJ9e_Wns$>`X2;n4zIqQ!i$8LEon&aNg=G0LM$hy;m$Qj9?}9Cn}VvSv(y=%Ye?ujNLj}wuyl`^#_k`SU+Ap<4qSS7 zAe4O7a0%1epOOo>YN53@l2;wUIB@8DsPMM^+#NFJg!5%KNFcInr@SB237&;sic9j8t(^4tH*z0dl)J@#~uR zbf%B|*+Sdga>0#~XNzV_xmQH5K*QFSR=~iN+L|c#=jP7^a6Fm_2hBl>FeBw;ikRvJ z#@i+xYf=OJ--qjS679L%YGu6o?*2(LdF873yzceqW;8vnD&G56bP`kyPIUypBqLFb z!YV}Hp*)$_Wv5xJ+xPgVKKCoTTQU2FRhCU4<=esxa!$&<4TdL(bgi?hH*P!zlu)M2 zH_6E}TQ0nGG$1!ZfmV=d7>FLzO`_Pikjf79a&8WnrogD6bkvSXr&40 zHLRZ548BH#`(DJ+HM%r^R~n-ptl-hm%-iK~T}mQ_@}y-NtLPM}8WFq7s`{vSZl*Tr zV3Y$)(jtF;Q_O~Tck;X%Rvp44$$x0VhBIg{J)5iqEPug&=<{tqm88izt%>66pz%maj~WGhTp@dGH* zK_>e7Q&FxL)oqa?AGb&;(N=Bs;Wa(at5WU5#<6g|^LYo+_BB^2YsAhUILb1IxRG1L z`7FvIKY#Eh(<-TPhr&q}$2ymcPsDA=NHVHOE#yA4Y!?QpvrM7uYIm+uGc}NA=ALJT zW*EeB-}x>==F1qIRt|Qv^mYfwnFss*zg^8ispW||YNn3H#c7g9_!=U9ve!r@N~zqjpkX^X=2%2;VqjaZ^OQ%ow!X&O(LhN zR~YO~;GsFZ2G!8**bf^yWt|u3qj8{BR#Jn1q8ck$bn^_?2tt@T6`zs6H?kKkd{a5l-puHDWS3IulG^G=-{e*pmzsxwyydBZZ z+!(u%19*Z|pYlzU>lgy#%XEe@eemeL17)NdN;+Fl>Xmrz-u!4tR*L>bO7H5|#<9tx z1X+!J2RQqM8iS%M(A5Yb#SYTih!sQuH1s*+jq~Q z%iRUdzs#mXJGIoIS&OdjtnZ)R1K3z^J`1E2xyqbeMj2-jtUQwMSG@=D#xVmumeYqS z9F%ZZiGy)kh9c}@81yvrkf$!3eCk4ZuD~8Ap0>|-AKMTz(PirOn=1lH!g~OD=2hKY z{#!8nDLCZkRpB3#s$_h>9<&WNl8IX-v=*Bt4%+mnx&?IXLX`T%Dp%reu^g)OQlYB1 zsrP`e4eFiwg^x;XPrfz8r#kojWb15ATu`{~wUIEqQShn2)3g(~iAfB932c8IJntBL znwK{f=D9dSeTxblV8H0X|!5bqZ#;kxNl6T~A)B5J!Te`3<4H zPltk;o96l4h68h131rnXg@ro_np?eJI${ELh-$W9 z)>Wn)1@!8+0URV{Epk2ceQqrHW7)|9g^^X_wx@U?Z2IpLHnT3;6Qw@ z*VyQci1=S}Zco?v*TzkJcZz~WNZsERc zE!YZdc97RKuXk(|4rnh9j^AfZpLL(I@WsUzmFdLr;3bHU#m1()R~O1&bLS-*n;jMw zG;W!?ChPfFwX*^b2`uN^Y6tmzf$ox4q2hX+H{I)v3*3D;rKK>aJiP*Uj|SU`s}*A zQI(GWwDi(1=FyCSKkUmC^7bqgeZHp(EPkG*5fwXN9m_mJX4Qfi7!Y$gY~t*0U7!6h zz$>)|s8D-TLQ|6!4-zjCF!E3NZTI?Q`h>$=%^~%0=QY!G6=kX<)>^6KVim^u$Jn7% z`fd(;_p}5yr@G5~w5O}IWEC3<5Ppc@nMfUcG94j~G{U%WnH=Z(Ln-Oa4w+#n4dMQG|F6PI)c1^zZf1TXsiVa&c}jaEXRhzDHP>aToI|fKoQZ zG1ia^ah}#ckL)&Bx~55FD0Chkl_D+MPLxkKHKesZjpuSWU~a#63N-qp_3de#v!MCW zV%Luia~bR6T7LopYjo=%V2l`alV&&?CfY~ZE+0`7&L5UnSjIXxhv1< zf1Oy=xIyRF&NW6$O$$pTy?@#k4&|t;Z4~xvXGRd}!z+CoY==~%k5y7?WS;$5i-@ct z{}X3cBEhxU-!9#`>RB1=>ptTDrOK=-wn*r+(}Ec$6Ssssx@Db5XyG>8b3{pD_MZ)H zEfoC@azNeHpH0@W-g8$vQEYRgI<2T_eq!EYvHiF=NWmKKVBS1uPK zY+h)&6f*YKE5MfNq>*aEp=hwn6W=SoqEI3!Bv0>3XC*KmdMvXaz}f!YY<%O2{pq3h zsN?D{U-=*l{{G4anBLe#kV_cBsri$WPYU=G>B~$)S$eGOn&Cv&%%}Xo#(O@)9NWMZQEO#O>TQ z4M9MTKvZ+BCoO&^arlXUxIDx>>*p@K=Ew4%T9CalMS73$9~hhS>lJYdlGE zvyLly=#%n}SM=_B;yvJHfw{u0;Pq!-WwbFd?XJQ1Vn;1?lO#_UK#p`tt(1Ge_aw{? zTq692*OB|W_%5DPhe_@4VdTjt%~|zpEs=mg68=)5xtHj1veI`4K2I)sm5fJqd$aq( zTl9H$+L68it}JM2&0%_$?{S&b3q2|zNW@1tW%lqcnbeL=jt^6vlqRrZaMVCR{Zn=W z^9b<|Tc88;DlDorA(ZUctWQgr+F*o8gCHrtW2^lhfVIwt{qk8>P(I2q=pJueAlH{I6}mm z5CO7Llj0RZhLuBqC7XSAv)_%;t<3V<10ppeoTr@yX-y>B{oI|U_&^s3Q^HYSb*6|w bF3sXECAt-0o;A}7%F2J5=l|{Ee(t{jx6Q;@ literal 0 HcmV?d00001 From be2e683459aa7a6e8b60f00cac0061d899b798b7 Mon Sep 17 00:00:00 2001 From: Gabriele Spini Date: Fri, 28 Oct 2022 14:23:25 +0200 Subject: [PATCH 2/2] Editorial changes to SACTI --- .../SACTI_Secure_aggregation_of_cyber_threat_intelligence.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/blog/SACTI_Secure_aggregation_of_cyber_threat_intelligence.md b/content/blog/SACTI_Secure_aggregation_of_cyber_threat_intelligence.md index a2f4fbd..9e1ee1a 100644 --- a/content/blog/SACTI_Secure_aggregation_of_cyber_threat_intelligence.md +++ b/content/blog/SACTI_Secure_aggregation_of_cyber_threat_intelligence.md @@ -37,7 +37,7 @@ Each participant uses the binary encoding of the (integer) number of sightings. The next check counts the number of zero-sightings. Only if all 7 bits of a number are equal to zero, we have a zero-sighting. This means that we would like to compute $`\prod_{i=1}^{7}(1-b_{i})`$, which is equal to 1 if and only if the submitted integer is equal to zero. Summing this over all participants yields the number of submitted zeros. Comparing this with the pre-set threshold of the maximum number of tolerable zero-sightings is the second check. If both check yield positive results, it is time to perform the final aggregation and reveal the result. -Secure multiplication of secret shares must be designed carefully to provide both security and correctness. For that reason, some extra information on the submitted bits is provided and used. This also means that additional consistency check must be performed. The above sketch of the protocol does not yet contain all details. For questions about further details we may be contacted via our [Slack channel](cossas.slack.com). +Secure multiplication of secret shares must be designed carefully to provide both security and correctness. For that reason, some extra information on the submitted bits is provided and used. This also means that additional consistency check must be performed. The above sketch of the protocol does not yet contain all details. # Security model @@ -49,7 +49,7 @@ The solution is secure in the semi-honest model; this means that participants ar # Implementation -The demonstrator is build in Python using the Shamir secret-sharing library from mpc.tno.nl. The, code, installation instructions and usage instructions can be found [here](https://github.com/COSSAS/sacti). A demonstration video can be found [here](https://vimeo.com/748755803). +The demonstrator is built in Python using the Shamir secret-sharing library from mpc.tno.nl. The, code, installation instructions and usage instructions can be found [here](https://github.com/COSSAS/sacti). Further backgrounds (including a demonstration video) can be found [here](https://cossas-project.org/portfolio/sacti/). Since the software was developed within the EU's [Prometheus](h2020.prometheus.eu) project, the PKI in the demonstrator is self-made and based on lattice-based standardization candidates from NIST's PQC standardization competition. However, it is not suitable for operational applications. It is only suitable for simulation on one machine and for research purposes. Organizations using this protocol should replace it with a properly implemented and tested PKI.