Chevalier, Céline, Ebrahimi, Ehsan & Vu, Quoc-Huy (2025). On security notions for encryption in a quantum world. Designs, Codes and Cryptography, 93, 4355-4402
Bouaziz, Samuel, Hhan, Minki, Muguruza, Garazi, Vu, Quoc-Huy & others (2025). On limits on the provable consequences of quantum pseudorandomness. Cryptology ePrint Archive
Discrete event systems are increasingly used as a modeling tool to assess safety and cybersecurity of complex systems. In both cases, the analysis relies on the extraction of critical sequences. This approach proves to be very powerful. It suffers however from the combinatorial explosion of the number of sequences to look at. To push the limits of what is feasible with reasonable computational resources, extraction algorithms use cutoffs and minimality criteria. In this article, we review the principles of extraction algorithms and we show that there are important differences between critical sequences extracted in the context of safety analyses and those extracted in the context of cybersecurity analyses. Based on this thorough comparison, we introduce a new cutoff criterion, so-called footprint, that aims at capturing the willfulness of an intruder performing a cyberattack. We illustrate our presentation by means of three case studies, one focused on the analysis of failures and two focused on the analysis of cyberattacks and their effects on safety. We show experimentally the interest of the footprint criterion.
Do, Xuan-Thanh, Mac, Dang-Truong & Vu, Quoc-Huy (2023). zk-SNARKs from Codes with Rank Metrics. In IMA International Conference on Cryptography and Coding (pp. 99-119)
Chevalier, Céline, Hermouet, Paul & Vu, Quoc-Huy (2023). Towards Unclonable Cryptography in the Plain Model. arXiv preprint arXiv:2311.16663
Bouaziz, Samuel, Grilo, Alex B, Vergnaud, Damien, Vu, Quoc-Huy & others (2023). Towards the Impossibility of Quantum Public Key Encryption with Classical Keys from One-Way Functions. Cryptology ePrint Archive
In this article, we present an experiment we conducted with discrete event simulations to analyze the effects of multi-step cyberattacks on the safety of cyber-physical systems. We show how to represent systems, their components (either software and/or hardware), communication links, security measures, and attacks from a malicious intruder. The latter are typically taken from the MITRE ATT&CK knowledge base. The discrete event simulation method makes it possible to represent any event affecting the system. We illustrate our approach by means of an illustrative example involving cyberattacks against the navigation system of an autonomous ship. We show how the formal modeling language AltaRica, primarily dedicated to safety analyses, can assess this illustrative example by representing the system and automatically extracting sequences of attacks, leading to a safety-critical situation, namely the deviation of the ship by the attacker. This article aims to discuss this approach and to outline the lessons learned from our experience.
