{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2026:7M66NF4PLDOOI2I7OPBBD3SBLK","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"51eaa7e7cefa519046fa30c83d872e403bc1fcafb70363cf196c05fadfde2847","cross_cats_sorted":["cs.SY","eess.SY"],"license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","primary_cat":"cs.CR","submitted_at":"2026-05-14T00:49:46Z","title_canon_sha256":"9c94098a85b402fa7173ef156ae91afbf69d841757b32abad1cbbe21bb724ef2"},"schema_version":"1.0","source":{"id":"2605.14230","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"2605.14230","created_at":"2026-05-17T23:39:10Z"},{"alias_kind":"arxiv_version","alias_value":"2605.14230v1","created_at":"2026-05-17T23:39:10Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.2605.14230","created_at":"2026-05-17T23:39:10Z"},{"alias_kind":"pith_short_12","alias_value":"7M66NF4PLDOO","created_at":"2026-05-18T12:33:37Z"},{"alias_kind":"pith_short_16","alias_value":"7M66NF4PLDOOI2I7","created_at":"2026-05-18T12:33:37Z"},{"alias_kind":"pith_short_8","alias_value":"7M66NF4P","created_at":"2026-05-18T12:33:37Z"}],"graph_snapshots":[{"event_id":"sha256:4d9370131cdeff62db690bf454c34d2d333b9534c2356dd933f9304cf601ad12","target":"graph","created_at":"2026-05-17T23:39:10Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":4,"items":[{"attestation":"unclaimed","claim_id":"C1","kind":"strongest_claim","source":"verdict.strongest_claim","status":"machine_extracted","text":"NCS are vulnerable to covert attacks, even when encrypted control is employed. Remarkably, this remains possible without knowledge of an unencrypted model."},{"attestation":"unclaimed","claim_id":"C2","kind":"weakest_assumption","source":"verdict.weakest_assumption","status":"machine_extracted","text":"The attacker can exploit the inherent malleability of public-key HE schemes to craft valid ciphertexts that produce the desired covert effect on the closed-loop system."},{"attestation":"unclaimed","claim_id":"C3","kind":"one_line_summary","source":"verdict.one_line_summary","status":"machine_extracted","text":"Public-key homomorphic encryption does not make networked controllers resilient to covert attacks, even without model knowledge, but verifiable computation can restore security with no extra communication cost."},{"attestation":"unclaimed","claim_id":"C4","kind":"headline","source":"verdict.pith_extraction.headline","status":"machine_extracted","text":"Networked control systems using encrypted controllers remain vulnerable to covert attacks because public-key homomorphic encryption is malleable."}],"snapshot_sha256":"09f7c9ff1758389fe366069b2055a9a5927e4b08ecb6ff351c2de1f34dcf413e"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"The security of networked control systems (NCS) is receiving increasing attention from both cyber-security and system-theoretic perspectives. The former focuses on classical IT security goals such as confidentiality, integrity, and availability of process data, while the latter investigates tailored attacks (and detection schemes), including covert and zero-dynamics attacks. Confidentiality in control systems can, for instance, be achieved by securely outsourcing the evaluation of the controller to third-party platforms, such as cloud services. The underlying technology enabling such secure co","authors_text":"Janis Adamek, Moritz Schulze Darup, Philipp Binfet","cross_cats":["cs.SY","eess.SY"],"headline":"Networked control systems using encrypted controllers remain vulnerable to covert attacks because public-key homomorphic encryption is malleable.","license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","primary_cat":"cs.CR","submitted_at":"2026-05-14T00:49:46Z","title":"On the (non-)resilience of encrypted controllers to covert attacks"},"references":{"count":20,"internal_anchors":0,"resolved_work":20,"sample":[{"cited_arxiv_id":"","doi":"","is_internal_anchor":false,"ref_index":1,"title":"Adamek, J., Binfet, P., Schl ¨uter, N., and Schulze Darup, M. (2024). Encrypted system identification as-a-service via re- liable encrypted matrix inversion. In2024 IEEE 63rd Conf. Decis. Control (CDC","work_id":"3ef7235f-02b8-405d-a50e-d1543223bc84","year":2024},{"cited_arxiv_id":"","doi":"","is_internal_anchor":false,"ref_index":2,"title":"Alexandru, A.B., Burbano, L., C ¸ eliktu˘g, M.F., Gomez, J., Car- denas, A.A., Kantarcioglu, M., and Katz, J. (2022). Private anomaly detection in linear controllers: Garbled circuits vs. homomorphic ","work_id":"bfb95a1b-f240-482a-a4ac-8a486d3e8c2d","year":2022},{"cited_arxiv_id":"","doi":"","is_internal_anchor":false,"ref_index":3,"title":"Reuter, C.A., and Strand, M. (2015). A guide to fully ho- momorphic encryption. Cryptology ePrint Archive, Paper 2015/1192","work_id":"cf410099-97a6-4197-81a0-3661c1b58b6d","year":2015},{"cited_arxiv_id":"","doi":"","is_internal_anchor":false,"ref_index":4,"title":"Catalano, D. and Fiore, D. (2013). Practical homomorphic MACs for arithmetic circuits. In T. Johansson and P.Q. Nguyen (eds.),Adv. Cryptol. – EUROCRYPT 2013, 336–352. Springer Berlin Heidelberg, Berli","work_id":"108534c0-1e3b-4b81-9a9f-30bf62122a91","year":2013},{"cited_arxiv_id":"","doi":"","is_internal_anchor":false,"ref_index":5,"title":"Hubaux, J.P. (2024). Veritas: Plaintext encoders for prac- tical verifiable homomorphic encryption. InProc. 2024 ACM SIGSAC Conf. Comput. Commun. Secur., CCS ’24, 2520–2534. Association for Computing ","work_id":"d2ac9c80-2dd3-4944-9ce6-eeb96f09a68a","year":2024}],"snapshot_sha256":"8b971c70333ca04428930706c8fcf9cfb4a339b386b5820ec91836fa563fc780"},"source":{"id":"2605.14230","kind":"arxiv","version":1},"verdict":{"created_at":"2026-05-15T02:49:32.983629Z","id":"e7e09151-6c89-4594-88c1-26ef448e799e","model_set":{"reader":"grok-4.3"},"one_line_summary":"Public-key homomorphic encryption does not make networked controllers resilient to covert attacks, even without model knowledge, but verifiable computation can restore security with no extra communication cost.","pipeline_version":"pith-pipeline@v0.9.0","pith_extraction_headline":"Networked control systems using encrypted controllers remain vulnerable to covert attacks because public-key homomorphic encryption is malleable.","strongest_claim":"NCS are vulnerable to covert attacks, even when encrypted control is employed. Remarkably, this remains possible without knowledge of an unencrypted model.","weakest_assumption":"The attacker can exploit the inherent malleability of public-key HE schemes to craft valid ciphertexts that produce the desired covert effect on the closed-loop system."}},"verdict_id":"e7e09151-6c89-4594-88c1-26ef448e799e"}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:a8b188fea1d669efcfe7c65d173992af355cd89167a2629061f5249990eaf3e9","target":"record","created_at":"2026-05-17T23:39:10Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"51eaa7e7cefa519046fa30c83d872e403bc1fcafb70363cf196c05fadfde2847","cross_cats_sorted":["cs.SY","eess.SY"],"license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","primary_cat":"cs.CR","submitted_at":"2026-05-14T00:49:46Z","title_canon_sha256":"9c94098a85b402fa7173ef156ae91afbf69d841757b32abad1cbbe21bb724ef2"},"schema_version":"1.0","source":{"id":"2605.14230","kind":"arxiv","version":1}},"canonical_sha256":"fb3de6978f58dce4691f73c211ee415a89525902283e8f09979aa415a3eadbbf","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"fb3de6978f58dce4691f73c211ee415a89525902283e8f09979aa415a3eadbbf","first_computed_at":"2026-05-17T23:39:10.744675Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-17T23:39:10.744675Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"hEDU9DX18h/psaFKbhIylvut2c9bvvm2+oT5WiFRsKEoWO9RACxRFHsuw+k/jIYgP0fpZnim6bMj+pguEeGoAA==","signature_status":"signed_v1","signed_at":"2026-05-17T23:39:10.745096Z","signed_message":"canonical_sha256_bytes"},"source_id":"2605.14230","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:a8b188fea1d669efcfe7c65d173992af355cd89167a2629061f5249990eaf3e9","sha256:4d9370131cdeff62db690bf454c34d2d333b9534c2356dd933f9304cf601ad12"],"state_sha256":"1010b17d99403015d5a3a2a4695db8bfbf73be615d26140ce50866d654c8d392"}