This cross-disciplinary project is a collaboration between Yale Law School and Yale University’s Department of Computer Science focused on legal and technical aspects of cyber conflict.  Traditionally, cyber security research and policy have proceeded on the (sometimes tacit) assumption that attackers are motivated by “profit, protest, challenge, enjoyment, or [the desire to] evaluate security weaknesses to assist in removing them.” Such motivations naturally impose limits on the resources that attackers can or will bring to bear. Preventive security technology such as firewalls, authentication protocols, access controls, and encryption can fend off many such attacks. System redundancy and information back-up can help targeted organizations continue to operate while under attack, or at least resume operation after an attack. Increasingly, however, international conflict and other political motivations are playing a role in cyber attacks. How do attacks motivated by conflicts between nations or between rival factions within nations differ from the better-studied attacks motivated by profit, protest, challenge, enjoyment, or security testing? Do they pose new technical challenges for defenders of computer networks and other cyber and physical resources?

Will attackers of this sort be far better resourced, able to attack continuously for long periods of time, eliminating the targets’ option of simply waiting out the attack and then reconstituting their operations? These questions are the starting point for exploration of what the investigators call “cyber conflict.”

Syllabus for 2016-2017 Course on Law and Technology of Cyber Conflict

Website for Spring 2018 Course on Topics in Computer Science and Law

Student papers

Gupta, Lauppe, Ravishankar, Fedcoin – A Blockchain-Backed Central Bank Cryptocurrency

Sankaran, Gullapalli, Swaine-Moore, The Implementation and Extension of an Anonymous, Receipt-Free, Universally Verifiable Voting System

Perloff-Giles, A “Problem Without A Passport”: Overcoming Jurisdictional Challenges for Transnational Cyber Aggressions

Van De Velde, The Law of Cyber Interference in Elections

Tran, The Law of Attribution: Rules for Attributing the Source of a Cyber-Attack

People

PIs

Oona Hathaway - Gerard C. and Bernice Latrobe Smith Professor of International Law and Counselor to the Dean

Scott Shapiro - Charles F. Southmayd Professor of Law and Professor of Philosophy

Joan Feigenbaum - Grace Murray Hopper Professor of Computer Science

Researchers

Mahdi Zamani - Research Scientist at VISA Research in Palo Alto, CA

Ido Kilovaty - Research Scholar in Law; Cyber Fellow, Center for Global Legal Challenges; and Resident Fellow, Information Society Project

Publications by the Project’s associates/members

"On the incommensurability of laws and technical mechanisms: Or, what cryptography can't do," to appear in Proceedings of the 26th International Workshop on Security Protocols, Lecture Notes in Computer Science, Springer Verlag, 2018. (by Joan Feigenbaum and Daniel J. Weitzner)

"Multiple Objectives of Lawful-Surveillance Protocols," in Proceedings of the 25th International Workshop on Security Protocols, Lecture Notes in Computer Science, volume 10476, Springer, 2017, pp. 1–8. (by Joan Feigenbaum and Bryan Ford,)

"Avoiding The Man on the Wire: Improving Tor's Security with Trust-Aware Path Selection," in Proceedings of the 24th Network and Distributed System Security Symposium, 2017. 
(by Aaron JohnsonRob JansenAaron D. JaggardJoan Feigenbaum, and Paul Syverson.)

"PriFi: A Low-Latency and Tracking-Resistant Protocol for Local-Area Anonymous Communication," in Proceedings of the 2016 ACM Workshop on Privacy in the Electronic Society, 2016, pp. 181 - 184.
(by Ludovic Barman, Mahdi Zamani, Italo Dacosta, Joan Feigenbaum, Bryan Ford, Jean-Pierre Hubaux, and David Wolinsky.)

"Privacy-Preserving Lawful Contact Chaining (Preliminary Report)," in Proceedings of the 2016 ACM Workshop on Privacy in the Electronic Society, 2016, pp. 185 - 188.
(by Aaron Segal, Joan Feigenbaum, and Bryan Ford.)

"Open, privacy-preserving protocols for lawful surveillance," http://arxiv.org/abs/1607.03659. Also available as YALEU/DCS/TR1526.
(by Aaron Segal, Joan Feigenbaum, and Bryan Ford.)

Doxfare – Politically Motivated Leaks and the Future of the Norm on Non-Intervention in the Era of Weaponized Information, 9 Harv. Nat’l. Sec. J. (Forthcoming Fall 2017)
(by Ido Kilovaty.)

World Wide Web of Exploitations: The Case of Peacetime Cyber Espionage Operations Under International Law: Towards a Contextual Approach, 18 Columb. Sci. & Tech. L. Rev. 42 (2017).
(by Ido Kilovaty.)

Virtual Violence – Disruptive Cyberspace Operations as "Attacks" under International Humanitarian Law, 22 Mich. Telecomm. & Tech. L. Rev. 113 (2017).
(by Ido Kilovaty.)

ICRC, NATO and the U.S. – Direct Participation in “Hacktivities” – Targeting Private Contractors in Cyberspace under the Law of Armed Conflict, 15 Duke L. & Tech. Rev. 1 (2016).
(by Ido Kilovaty.)