Attribution of Cyber Incidents in International Diplomacy using Zero Knowledge Proofs

State-sponsored cyber operations benefit from a lack of a suitable attribution mechanism in international diplomacy. Whilst the inability to definitively point to a state actor undermines the deterrent objective of many states' cyber strategies, the cost of misattribution is great - potentially leading to unnecessary conflict escalation.

Further complication arises where such judgements involve intelligence derived from clandestine sources, which victim states may be hesitant to divulge. As such, given limitations on the use of kinetic force in international law, cyberspace has become increasingly weaponised in hostile state action. The focus of this project is therefore to consider technical approaches to the difficulties of cyber attribution in international diplomacy.

Zero-knowledge proofs (ZKPs) are mathematical constructs which allow information to be verified between parties - a prover and a verifier - without being divulged. This feature, which has seen their application in contexts requiring high confidentiality and integrity (such as distributed ledger technology and blockchain), makes them an attractive area for research in this regard.

Thus, the currently proposed direction is to investigate the suitability of ZKPs in the context of information-sharing in international diplomacy; in particular, attributing acts of cyber malfeasance to state actors.

The EPSRC Centre for Doctoral Training in Cybersecurity will train over 55 experts in multi-disciplinary aspects of cybersecurity, from engineering to crime science and public policy.

Short term impacts are associated with the research outputs of the 55+ research projects that will be undertaken as part of the doctoral studies of CDT students. Each project will tackle an important cybersecurity problem, propose and evaluate solutions, interventions and policy options. Students will publish those in international peer-reviewed journals, but also disseminate those through blog posts and material geared towards decision makers and experts in adjacent fields. Through industry placements relating to their projects, all students will have the opportunity to implement and evaluate their ideas within real-world organizations, to achieve short term impact in solving cybersecurity problems.

In the longer term graduates of the CDT will assume leading positions within industry, goverment, law enforcement, the third sector and academia to increase the capacity of the UK in being a leader in cybersecurity. From those leadership positions they will assess options and formulate effective interventions to tackle cybercrime, secure the UK's infrastructure, establish norms of cooperation between industries and government to secure IT systems, and become leading researcher and scholars further increasing the UK's capacity in cybersecurity in the years to come. The last impact is likely to be significant give that currently many higher education training programs do not have capacity to provide cybersecurity training at undergraduate or graduate levels, particularly in non-technical fields.

The full details of our plan to achieve impact can be found in the "Pathways to Impact" document.