Cristofaro Mune and Niek Timmers presented a seminar on bypassing unbreakable crypto using fault injection on Espressif ESP32 chips. The presentation detailed how the hardware-based Encrypted Secure Boot implementation of the ESP32 SoC was bypassed using a single EM glitch, without knowing the decryption key. This attack exploited multiple hardware vulnerabilities, enabling arbitrary code execution and extraction of plain-text data from external flash. Why it matters: The research highlights critical security vulnerabilities in embedded systems and the potential for fault injection attacks to bypass secure boot mechanisms, necessitating stronger hardware-level security measures.
Abu Dhabi’s Technology Innovation Institute (TII) announced that its Cryptography Research Center (CRC) has developed the UAE’s first national crypto library. The library is designed to protect sensitive data using custom symmetric and asymmetric cryptographic primitives. It will be integrated into the UAE’s critical digital infrastructure across sectors like finance, healthcare, and telecommunications. Why it matters: This establishes sovereign capability in cryptography and enhances security levels against increasingly sophisticated cyberattacks in the UAE.
Technology Innovation Institute (TII) in Abu Dhabi has launched the UAE’s first secure cloud technologies programme via its Cryptography Research Center (CRC). The program will focus on advancing Privacy Enhancing Technologies (PETs) like fully homomorphic encryption (FHE) and secure multi-party computation (MPC). TII researchers are also developing hardware accelerators to improve the efficiency of FHE. Why it matters: The initiative addresses growing security and privacy challenges in cloud computing, positioning the UAE as a leader in advanced cryptographic solutions for data protection.
Researchers from KAUST and KACST have developed a quantum random number generator (QRNG) that is almost 1000 times faster than existing QRNGs. The device utilizes micro-LEDs and advanced post-processing algorithms and has passed randomness tests by the National Institute of Standards and Technology. The QRNG's portability and high generation rate will benefit industries such as health, finance, and defense. Why it matters: This advancement significantly strengthens data security capabilities in Saudi Arabia, aligning with Vision 2030 goals for technological leadership and innovation.
An MBZUAI team developed a self-ensembling vision transformer to enhance the security of AI in medical imaging. The model aims to protect patient anonymity and ensure the validity of medical image analysis. It addresses vulnerabilities where AI systems can be manipulated, leading to misinterpretations with potentially harmful consequences in healthcare. Why it matters: This research is crucial for building trust and enabling the safe deployment of AI in sensitive medical applications, protecting against fraud and ensuring patient safety.
Researchers including Dr. Najwa Aaraj developed ML-FEED, a new exploit detection framework using pattern-based techniques. The model is 70x faster than LSTMs and 75,000x faster than Transformers in exploit detection tasks, while also being slightly more accurate. The "ML-FEED" paper won best paper at the 2022 IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications. Why it matters: This research enables more efficient real-time security applications and highlights growing AI expertise in the Arab world.
The Secure Systems Research Center (SSRC) has partnered with the University of New South Wales (UNSW Sydney) to research enhancements and scaling of the seL4 microkernel on edge devices. The collaboration aims to extend the seL4 microkernel to support dynamic virtualization, combining minimal trusted computing base with strong isolation. This will address challenges related to heterogeneous hardware, software, and environmental factors in edge computing. Why it matters: This partnership aims to improve the security of edge devices in critical sectors, addressing vulnerabilities in cyber-physical and autonomous systems.
MBZUAI Assistant Professor Samuel Horváth is researching federated learning to address the tension between data privacy and the predictive power of machine learning models. Federated learning trains models on decentralized data, keeping sensitive information on devices. Horváth's research focuses on designing algorithms that can efficiently train on distributed data while respecting user privacy. Why it matters: This work is crucial for advancing AI in sensitive domains like healthcare, where privacy regulations limit centralized data collection.