pith. sign in
Pith Number

pith:7M66NF4P

pith:2026:7M66NF4PLDOOI2I7OPBBD3SBLK
not attested not anchored not stored refs resolved

On the (non-)resilience of encrypted controllers to covert attacks

Janis Adamek, Moritz Schulze Darup, Philipp Binfet

Networked control systems using encrypted controllers remain vulnerable to covert attacks because public-key homomorphic encryption is malleable.

arxiv:2605.14230 v1 · 2026-05-14 · cs.CR · cs.SY · eess.SY

Open paper page JSON Open Graph Bundle Merged state Verified badge What is a Pith Number?
Add to your LaTeX paper 
\usepackage{pith}
\pithnumber{7M66NF4PLDOOI2I7OPBBD3SBLK}

Prints a linked badge after your title and injects PDF metadata. Compiles on arXiv. Learn more · Embed verified badge

Record completeness

1 Bitcoin timestamp
2 Internet Archive
3 Author claim open · sign in to claim
4 Citations open
5 Replications open
Portable graph bundle live · download bundle · merged state
The bundle contains the canonical record plus signed events. A mirror can host it anywhere and recompute the same current state with the deterministic merge algorithm.

Claims

C1strongest claim

NCS are vulnerable to covert attacks, even when encrypted control is employed. Remarkably, this remains possible without knowledge of an unencrypted model.

C2weakest assumption

The attacker can exploit the inherent malleability of public-key HE schemes to craft valid ciphertexts that produce the desired covert effect on the closed-loop system.

C3one line summary

Public-key homomorphic encryption does not make networked controllers resilient to covert attacks, even without model knowledge, but verifiable computation can restore security with no extra communication cost.

References

20 extracted · 20 resolved · 0 Pith anchors

[1] Adamek, J., Binfet, P., Schl ¨uter, N., and Schulze Darup, M. (2024). Encrypted system identification as-a-service via re- liable encrypted matrix inversion. In2024 IEEE 63rd Conf. Decis. Control (CDC 2024
[2] Alexandru, A.B., Burbano, L., C ¸ eliktu˘g, M.F., Gomez, J., Car- denas, A.A., Kantarcioglu, M., and Katz, J. (2022). Private anomaly detection in linear controllers: Garbled circuits vs. homomorphic 2022
[3] Reuter, C.A., and Strand, M. (2015). A guide to fully ho- momorphic encryption. Cryptology ePrint Archive, Paper 2015/1192 2015
[4] Catalano, D. and Fiore, D. (2013). Practical homomorphic MACs for arithmetic circuits. In T. Johansson and P.Q. Nguyen (eds.),Adv. Cryptol. – EUROCRYPT 2013, 336–352. Springer Berlin Heidelberg, Berli 2013
[5] Hubaux, J.P. (2024). Veritas: Plaintext encoders for prac- tical verifiable homomorphic encryption. InProc. 2024 ACM SIGSAC Conf. Comput. Commun. Secur., CCS ’24, 2520–2534. Association for Computing 2024
Receipt and verification
First computed 2026-05-17T23:39:10.744675Z
Builder pith-number-builder-2026-05-17-v1
Signature Pith Ed25519 (pith-v1-2026-05) · public key
Schema pith-number/v1.0

Canonical hash

fb3de6978f58dce4691f73c211ee415a89525902283e8f09979aa415a3eadbbf

Aliases

arxiv: 2605.14230 · arxiv_version: 2605.14230v1 · doi: 10.48550/arxiv.2605.14230 · pith_short_12: 7M66NF4PLDOO · pith_short_16: 7M66NF4PLDOOI2I7 · pith_short_8: 7M66NF4P
Agent API
Resolver JSON Graph JSON Events JSON Schema Signing key
Verify this Pith Number yourself 
curl -sH 'Accept: application/ld+json' https://pith.science/pith/7M66NF4PLDOOI2I7OPBBD3SBLK \
  | jq -c '.canonical_record' \
  | python3 -c "import sys,json,hashlib; b=json.dumps(json.loads(sys.stdin.read()), sort_keys=True, separators=(',',':'), ensure_ascii=False).encode(); print(hashlib.sha256(b).hexdigest())"
# expect: fb3de6978f58dce4691f73c211ee415a89525902283e8f09979aa415a3eadbbf
Canonical record JSON 
{
  "metadata": {
    "abstract_canon_sha256": "51eaa7e7cefa519046fa30c83d872e403bc1fcafb70363cf196c05fadfde2847",
    "cross_cats_sorted": [
      "cs.SY",
      "eess.SY"
    ],
    "license": "http://creativecommons.org/licenses/by-nc-nd/4.0/",
    "primary_cat": "cs.CR",
    "submitted_at": "2026-05-14T00:49:46Z",
    "title_canon_sha256": "9c94098a85b402fa7173ef156ae91afbf69d841757b32abad1cbbe21bb724ef2"
  },
  "schema_version": "1.0",
  "source": {
    "id": "2605.14230",
    "kind": "arxiv",
    "version": 1
  }
}