Detecting “Harvest Now, Decrypt Later” Attacks Using AI/ML Models

495 views

Skip to first unread message

Mallikarjunarao Kosuri

unread,

Jul 9, 2024, 1:14:06 PM (13 days ago) Jul 9

to pqc-forum

Dear Friends,

I’m researching strategies to detect the “Harvest Now, Decrypt Later” attack

Specifically, I’m interested in exploring AI and machine learning models that can identify signs of this attack.

Are there any existing models or techniques that can help detect instances of data harvesting with the intention of future decryption?

I have posted this question in the security exchange as well https://security.stackexchange.com/questions/277751/detecting-harvest-now-decrypt-later-attacks-using-ai-ml-models

Regards,

Malli

John Mattsson

unread,

Jul 19, 2024, 5:38:46 AM (3 days ago) Jul 19

to Mallikarjunarao Kosuri, pqc-forum

Hi Malli,

Harvest now, decrypt later attacks are not new. Governments have long engaged in this practice for both wireless and wired communications deemed potentially valuable for future analysis.

- Passive harvesting of wireless communication is undetectable unless you locate the receiver.

- Active attacks on physical communication cables you own can potentially be detected. Such detection technology is subject to export controls, as outlined in the Wassenaar Arrangement, specifically under 5.A.3.a: "Communications cable systems designed or modified to use mechanical, electrical, or electronic means to detect surreptitious intrusion."

For more details, refer to the Wassenaar Arrangement's List of Dual-Use Goods and Technologies and Munitions List 2023.

Using AI to detect surreptitious intrusion in communications cable systems would require modeling these intrusions accurately, which might be hard. I am not sure how much public information there is on surreptitious intrusion and its detection.

- You could also use AI to try to detect devices of software forwarding encrypted information to some third party, either by looking at the incoming and outgoing communication or by looking at the source code.

Cheers,
John Preuß Mattsson

From: pqc-...@list.nist.gov <pqc-...@list.nist.gov> on behalf of Mallikarjunarao Kosuri <mall...@gmail.com>
Date: Tuesday, 9 July 2024 at 19:16
To: pqc-forum <pqc-...@list.nist.gov>
Subject: [pqc-forum] Detecting “Harvest Now, Decrypt Later” Attacks Using AI/ML Models

You don't often get email from mall...@gmail.com. Learn why this is important

--
You received this message because you are subscribed to the Google Groups "pqc-forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pqc-forum+...@list.nist.gov.
To view this discussion on the web visit https://groups.google.com/a/list.nist.gov/d/msgid/pqc-forum/c4d9959f-0fbb-4332-9340-d5cc9fe043dan%40list.nist.gov.

Reply all

Reply to author

Forward

0 new messages