June 2020


  • Jishan E. Giti, Amin Sakzad, Bala Srinivasan, Joarder Kamruzzaman and Raj Gaire, “Secrecy capacity against adaptive eavesdroppers in a random wireless network using friendly jammers and protected zone”, Journal of Network and Computer Applications, Available online 15 May 2020, 102698. (https://doi.org/10.1016/j.jnca.2020.102698).

In this paper, we have, for the first time, mathematically modelled the secrecy capacity of a channel when friendly jammer are used in a random wireless network, and evaluated the scenarios when friendly jammers can indeed improve the physical layer secrecy capacity. Our mathematical derivations demonstrate the effectiveness of a friendly jammer in a given scenario as well as the power required by a friendly jammer to work effectively against adaptive eavesdroppers. We believe that these mathematical derivations will open doors for developing friendly jammers in various types of wireless networks. This study was conducted by Jishan Giti, who is one of our PhD students at Monash University. Her research focuses on the physical layer security of wireless networks. She has been studying the impact on the physical layer security of a wireless network if friendly jammers, that can emit source like signals to deceive eavesdroppers, are employed. Journal of Network and Computer Applications is a Core Rank A journal with the impact factor of 5.273 and CiteScore of 6.54.

  • Hong Lai, Josef Pieprzyk, Mehmet A. Orgun, “Novel Quantum Key Distribution with Shift Operations based on Fibonacci and Lucas Valued Orbital Angular Momentum Entangled States”, Physica A: Statistical Mechanics and its Applications. (accepted 12 May, 2020)
  • Subhra Mazumdar, Sushmita Ruj, Ram Govind Singh, Arindam Pal., “HushRelay: A Privacy-Preserving, Efficient, and Scalable Routing Algorithm for Off-Chain Payments, IEEE International Conference on Blockchain and Cryptocurrency (ICBC 2020).

IEEE ICBC is a premier Blockchain conference. Payment channel networks (PCN) are used in cryptocurrencies to enhance the performance and scalability of off-chain transactions. Except for opening and closing of a payment channel, no other transaction requests accepted by a PCN are recorded in the Blockchain. Only the parties which have opened the channel will know the exact amount of fund left at a given instant. In real scenarios, there might not exist a single path which can enable transfer of high value payments. For such cases, splitting up the transaction value across multiple paths is a better approach. While there exists several approaches which route transactions via several paths, such techniques are quite inefficient, as the decision on the number of splits must be taken at the initial phase of the routing algorithm (e.g., the state of the art SpeedyMurmur). Algorithms which do not consider the residual capacity of each channel in the network are susceptible to failure. Other approaches leak sensitive information, and are quite computationally expensive [28]. To the best of our knowledge, our proposed scheme HushRelay is an efficient privacy preserving routing algorithm, taking into account the funds left in each channel, while splitting the transaction value across several paths. Comparing the performance of our algorithm with existing routing schemes on real instances (e.g., Ripple Network), we observed that HushRelay attains a success ratio of 1, with an execution time of 2.4 sec. However, SpeedyMurmur attains a success ratio of 0.98 and takes 4.74 sec when the number of landmarks is 6. On testing our proposed routing algorithm on the Lightning Network, a success ratio of 0.99 is observed, having an execution time of 0.15 sec, which is 12 times smaller than the time taken by SpeedyMurmur.

  • Garrison (Yansong) Gao, Marten van Dijk, Lei Xu, Wei Yang, Surya Nepal, and Damith C. Ranasinghe, “Treverse: Trial-and-error lightweight secure reverse authentication with simulatable pufs”, IEEE Transactions on Dependable and Secure Computing. (accepted)

IEEE TDSC core ranking is A. IF is 6.4. It is one of the toppest journal in security.
Overal, this work is the first to fully exploit bit-specific reliability of the physical unclonable function (PUF)—alike hardware fingerprint—to enable an efficient and secure lightweight authentication, which is comparable with classical non-volatile stored key based authentication. The full abstract is as follow:  A physical unclonable function (PUF) generates hardware intrinsic volatile secrets by exploiting uncontrollable manufacturing randomness. Although PUFs provide the potential for lightweight and secure authentication for increasing numbers of low-end Internet of Things devices, practical and secure mechanisms remain elusive. Our work aims to explore simulatable PUFs (SimPUFs) that are physically unclonable but efficiently modeled mathematically through privileged one-time PUF access to address the problem of authentication for resource limited devices. Given a random challenge, a securely stored SimPUF in possession of a trusted server computes the corresponding response and its bit-specific reliability. Consequently, naturally noisy PUF responses generated by a resource-limited prover is immediately processed by a one-way function (OWF) and transmitted to a server, because the resourceful server can exploit the SimPUF to perform a trial-and-error search over likely error patterns to recover the noisy response to authenticate the prover. TREVERSE security is guaranteed by the hardness of inverting the OWF under the random oracle model. We formally evaluate the authentication capability of our trial-and-error reverse (TREVERSE) authentication under two SimPUFs experimentally derived from popular silicon PUFs.


  • Let’s get to know more about one of our students: Chamikara.

Mahawaga Arachchige Pathum Chamikara (Ph.D. at RMIT University) is working on information privacy. He investigates the privacy leaks that can occur during data sharing and machine learning. Many organizations today collect a vast amount of user data (e.g. individual credit information, financial records, health data, and other personal preferences), providing a space for breaching individuals’ privacy. However, it is also essential that aggregated statistics of such data are available for decision-making purposes. Hence, privacy-preserving data analytics and machine learning is an absolute prerequisite for exchanging confidential information in data analysis, validation, and publishing. Although there are more than a few privacy preservation approaches, they have issues of efficiency, scalability, privacy, or utility. Chamikara tries to invent privacy-preserving approaches that surmount the issues of existing approaches to provide enhanced privacy-preserving data analytic and machine learning capabilities for reliable information exchange over distributed systems.


DSS has five successful proposals that moved to the NGTF second stage.


We are organising monthly free seminars in collaboration with Cyber Security CRC opened to all, on Cyber security technical topics, inviting top experts from around the world as guest speakers. Around 125 people attended our first three events.

This month event:

  • Guest speaker: Professor Hyoungshick Kim from Sungkyunkwan University, South Korea
  • Seminar: Towards usable and secure graphical passwords for smartphones
  • When: Friday 19 June, 2-3pm AEST
  • Cost: Free
  • Webcast Link: https://webcast.csiro.au/#/webcasts/graphicalpassword

Future events to be rescheduled

  • The Human Centric Security team was successful in being awarded a Cutting Edge Science and Engineering Symposium award for 2019/2020. The jointly hosted symposium “Advances in personalised healthcare and wellbeing support technologies (OzDHI2020)” will be organised by the Precision Health Future Science Platform, CSIRO’s Data61 and CSIRO’s Health and Biosciences. Originally scheduled for 20 May 2020, the Symposium has been rescheduled for the 19/5/2021. For more details, please email ozdhi@csiro.au.
  • DSS is annually partnering with DSTG to host a national Cyber Security Summer School. This event brings together high profile local and international speakers on the topic of cyber security. After due consideration and anticipating a lower than expected number of attendees due to the impact of COVID-19 on participants, the organising committee and sponsors have agreed that the Cyber Security Summer School (CSSS2020) will not be continuing as planned on 26 and 27 March 2020. We aim to postpone CSSS2020, but the date and relevant details will be confirmed at a later stage. For more information visit http://research.csiro.au/csss.

For more information on our events visit : link

Good news

Several of our DSS staff members won a SCS Program Biannual Awards. Congratulations to:

  • Surya Nepal (Customer First); Seung Jang (Engineering and Technology); Regine Richelle (Women in Support); Muhammad Ejaz Ahmed (Science Excellence); Susmita Ruj (Women in Science); Regine Richelle and Dharma Maddu (Support Excellence); Surya Nepal, Seyit Camtepe, Sushmita Ruj, Sharif Abuadbba, Siqi Ma, Marthie Grobler, Mehwish Nasim (HSE).