David Arroyo

David Arroyo
Spanish National Research Council | CSIC · Centro de Tecnologías Físicas "Leonardo Torres Quevedo"

Nexus Man

About

109
Publications
25,052
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,170
Citations
Introduction
Design and deployment of computational procedures to improve key enabling technologies in the context of security information, electromechanical devices, and neuroscience. Those procedures are based on information theory, cryptography, statistics, cybernetics, formal analysis, and machine learning.
Additional affiliations
January 2011 - present
Universidad Autónoma de Madrid
May 2010 - January 2011
Spanish National Research Council
Position
  • Jae-doc postdoctoral fellow
August 2005 - August 2009
Spanish National Research Council
Description
  • http://www.ifa.csic.es/

Publications

Publications (109)
Article
Full-text available
Network traffic has recently known tremendous growth, and it is set to explode over the next few years. Alongside the increase in traffic, network attacks have become more complex, advanced, and efficient. Therefore, intrusion detection systems (IDS), among other countermeasures, must be adapted accordingly to the development of new threats, which...
Article
This article analyzes the main problems and the solutions adopted in the market for Initial Coin Offerings (ICO), to anticipate the future of this market and determine implications for issuers, investors and regulators. ICOs represent an alternative and innovative financing solution that has experienced spectacular growth and notoriety in recent ye...
Article
Full-text available
Nowadays, information and communications technology systems are fundamental assets of our social and economical model, and thus they should be properly protected against the malicious activity of cybercriminals. Defence mechanisms are generally articulated around tools that trace and store information in several ways, the simplest one being the gen...
Article
With the increase in connectivity, the popularization of cloud services, and the rise of the Internet of Things (IoT), decentralized approaches for trust management are gaining momentum. Since blockchain technologies provide a distributed ledger, they are receiving massive attention from the research community in different application fields. Howev...
Chapter
Blockchain and quantum computing are trending topics in nowadays scientific communication, and they increasingly attract the attention of academia, but also industry stakeholders and policymakers. In this communication, we address the conundrum related to the quantum menace and the deployment of blockchain solutions. As any cryptographic product, b...
Chapter
Nowadays, information is crucial in the configuration of the socio-political space. Data relevance in both decision making and decision taking has exponentially increased. Content examination, social network analysis, information propagation (including epidemic and statistical modeling analysis), or sentiment analysis techniques are currently used...
Article
Full-text available
With the transformation in smart grids, power grid companies are becoming increasingly dependent on data networks. Data networks are used to transport information and commands for optimizing power grid operations: Planning, generation, transportation, and distribution. Performing periodic security audits is one of the required tasks for securing ne...
Conference Paper
Full-text available
To address the challenges of on-chain and off-chain governance of a blockchain project, CLAUDIA combines an on-chain services, such as Ethereum based DAO (Decentralized Autonomous Organization), timestamping solution (WUDDER), and decision making support (ARAGON), with off-chain "compli-ance desk". The off-chain "compliance desk" enables stakeholde...
Article
Full-text available
This paper proposes NetVote, an internet voting protocol where usability and ease in deployment are a priority. We introduce the notion of strict coercion resistance, to distinguish between vote-buying and coercion resistance. We propose a protocol with ballot secrecy, practical everlasting privacy, verifiability and strict coercion resistance in t...
Article
In cybersecurity, there is a call for adaptive, accurate and efficient procedures to identifying performance shortcomings and security breaches. The increasing complexity of both Internet services and traffic determines a scenario that in many cases impedes the proper deployment of intrusion detection and prevention systems. Although it is a common...
Chapter
Full-text available
To address the challenges of on-chain and off-chain governance of a blockchain project, CLAUDIA combines an on-chain services, such as Ethereum based DAO (Decentralized Autonomous Organization), timestamping solution (WUDDER), and decision making support (ARAGON), with off-chain “compliance desk”. The off-chain “compliance desk” enables stakeholder...
Chapter
In this work it is introduced Hyot, a blockchain solution for activity registration in the Internet of Things. Specifically, a permissioned blockchain is used to record anomalous occurrences associated with sensors located on a Raspberry Pi 3. Likewise, a web system is provided to consume the information collected in real time.
Chapter
This paper proposes a coercion-resistant internet voting protocol using a re-voting approach. It is not assumed for voters to own cryptographic keys prior to the election and the voting experience remains simple by only requiring voters to keep their authentication credentials. Furthermore, we reduce complexity in the filtering stage by leveraging...
Preprint
Full-text available
Nowadays, information and communications technology systems are fundamental assets of our social and economical model, and thus they should be properly protected against the malicious activity of cybercriminals. Defence mechanisms are generally articulated around tools that trace and store information in several ways, the simplest one being the gen...
Article
Full-text available
By studying different sources of temporal variability in central pattern generator (CPG) circuits, we unveil fundamental aspects of the instantaneous balance between flexibility and robustness in sequential dynamics -a property that characterizes many systems that display neural rhythms. Our analysis of the triphasic rhythm of the pyloric CPG (Carc...
Chapter
The huge growth of e-shopping has brought convenience to customers and increased revenue to merchants and financial entities. Moreover, e-shopping has evolved to possess many functions, features, and requirements (e.g., regulatory ones). However, customer privacy has been mostly ignored, and while it is easy to add simple privacy to an existing sys...
Conference Paper
Full-text available
Cloud services provide a means to ease information storage and sharing. In the case of Small and Medium Enterprises, this represents a great opportunity to deploy platforms for data exchange without the high costs of traditional Information Technology solutions. Nonetheless, the adoption of the cloud implies a risk in terms of the security and priv...
Preprint
Full-text available
By studying different sources of temporal variability in central pattern generator circuits, in this paper we unveil distinct aspects of the instantaneous balance between flexibility and robustness in sequential dynamics -a property that characterizes many systems that display neural rhythms. The level of irregularity and coordination was character...
Presentation
Full-text available
An introduction to investment crowdfunding research. From the direct equity paradox to disintermidiation of investment banking through crowdfunding securities offerings.
Chapter
The huge growth of e-shopping has brought convenience to customers, increased revenue to merchants and financial entities and evolved to possess a rich set of functionalities and requirements (e.g., regulatory ones). However, enhancing customer privacy remains to be a challenging problem; while it is easy to create a simple system with privacy, thi...
Chapter
The twenty-first century belongs to the world of computing, specially as a result of the so-called cloud computing. This technology enables ubiquitous information management and thus people can access all their data from any place and at any time. In this landscape, the emergence of cloud storage has had an important role in the last 5 years. Nowad...
Presentation
Full-text available
Blockchain: fundamentos técnicos y trabajo futuro
Conference Paper
Logs integration is one of the most challenging concerns in current security systems. Certainly, the accurate identification of security events requires to handle and merge highly heterogeneous sources of information. As a result, there is an urge to construct general codification and classification procedures to be applied on any type of security...
Conference Paper
Full-text available
Using an extracellular medium with high potassium/low magnesium concentration with the addition of 4-AP we induced epileptiform activity in combined hippocampus/entorhinal cortex slices of the rat brain [1]. In this in vitro model of temporal lobe epilepsy, we observed the repeating sequences of interictal discharge (IID) regimes and seizure-like e...
Chapter
Novel experimental techniques in neuroscience research allow observing and interacting with neural activity at a variety of spatial and temporal scales and provide improved coverage and resolution. However, classical stimulus-response paradigms with offline analysis remain prevalent in most experimental studies. In this chapter, we discuss online e...
Article
Full-text available
The 21st century belongs to the world of computing, specially as a result of the so-called cloud computing. This technology enables ubiquitous information management and thus people can access all their data from any place and at any time. In this landscape, the emergence of cloud storage has had an important role in the last five years. Nowadays,...
Article
Full-text available
The application of synchronization theory to build up new cryptosystems has been a hot topic during the last two decades. In this paper we analyze a recent proposal in this field. We pinpoint the main limitations of the software implementation of chaos-based systems designed on the grounds of synchronization theory. In addition, we show that the cr...
Article
Smart cards are well-known tamper-resistant devices, and due to their portability and security they represent an excellent platform for implementing strong authentication services. This contribution analyses three Spanish smart card deployments intended to be used for eGoverment services, comparing their respective contents and capabilities. As a r...
Presentation
Full-text available
Presentation on "25th Annual Computational Neuroscience Meeting: CNS-2016 " BMC Neuroscience 17, 112-113 (2016).
Thesis
Full-text available
The 21st century belongs to the world of computing, specially as a result of the so-called cloud computing. This technology enables ubiquitous information management and thus people can access all their data from any place and at any time. In this landscape, the emergence of cloud storage has had an important role in the last five years. Nowadays,...
Conference Paper
Full-text available
ICGenealogy: towards a common topology of neuronal ion channel function and genealogy in model and experiment Ion channels are fundamental constituents determining the function of single neurons and neuronal circuits. To understand their complex interactions, the field of computational modeling has proven essential: since its emergence, thousands...
Conference Paper
E-shopping has grown considerably in the last years, providing customers with convenience, merchants with increased sales, and financial entities with an additional source of income. However, it may also be the source of serious threats to privacy. In this paper, we review the e-shopping process, discussing attacks or threats that have been analyze...
Conference Paper
Full-text available
E-shopping has grown considerably in the last years, providing customers with convenience, merchants with increased sales, and financial entities with an additional source of income. However , it may also be the source of serious threats to privacy. In this paper, we review the e-shopping process, discussing attacks or threats that have been analyz...
Research
Full-text available
La criptografía contemporánea se halla en un proceso de búsqueda de vías alternativas para la consecución de unos mínimos a la hora de proteger tanto el intercambio como el almacenamiento de información. Hasta ahora el nivel de protección alcanzado descansaba sobre la imposibilidad práctica de efectuar, en un tiempo razonable, una cierta cantidad d...
Conference Paper
Full-text available
The deployment of security measures can lead in many occasions to an infringement of users’ privacy. Indeed, nowadays we have many examples about surveillance programs or personal data breaches in online service providers. In order to avoid the latter problem, we need to establish security measures that do not involve a violation of privacy rights....
Conference Paper
Full-text available
The current technological scenario determines a profileration of trust domains, which are usually defined by validating the digital identity linked to each user. This validation entails critical assumptions about the way users’ privacy is handled, and this calls for new methods to construct and treat digital identities. Considering cryptography, id...
Chapter
Full-text available
Smart cards are well-known tamper-resistant devices, and as such they represent an excellent platform for implementing strong authentication. Many services requesting high levels of security rely on smart cards, which provide a convenient security token due to their portability. This contribution analyses two Spanish smart card deployments intended...
Article
Full-text available
Current anonymizing networks have become an important tool for guaranteeing users' privacy. However, these platforms can be used to perform illegitimate actions, which sometimes makes service providers see traffic coming from these networks as a probable threat. In order to solve this problem, we propose to add support for fairness mechanisms to th...
Article
Privacy has become a major concern in the Internet, resulting in an increased popularity of anonymizing systems aimed to protect users’ identities. However, service providers sometimes interpret this anonymity as a risk, since dishonest users may take advantage of it. A possible solution is to create a practical implementation of fairness mechanism...
Article
In this paper we provide a closed mathematical formulation of our previous results in the field of symbolic dynamics of unimodal maps. This being the case, we discuss the classical theory of applied symbolic dynamics for unimodal maps and its reinterpretation using Gray codes. This connection was previously emphasized but no explicit mathematical p...
Conference Paper
In this work, we apply a secure protocol design methodology to a protocol based on a recently proposed email-based registration protocol. With this task, we aim to emphasize the need of incorporating such techniques as a main component of the protocol design process, not just as a desirable feature. The process herein described highlights the advan...
Article
In this work we propose a methodology for incorporating the verification of the security properties of network protocols as a fundamental component of their design. This methodology can be separated in two main parts: context and requirements analysis along with its informal verification; and formal representation of protocols and the corresponding...
Article
The deployment of Internet based applications calls for adequate users management procedures, being online registration a critical element. In this respect, Email Based Identification and Authentication (EBIA) is an outstanding technique due to its usability. However, it does not handle properly some major issues which make it unsuitable for system...
Article
The generation of coordinated patterns of activity in the nervous system is essential to drive complex behavior in animals, both vertebrates and invertebrates. In many cases rhythmic patterns of activity are the result of the cooperation between groups of small number of neurons bearing overall network dynamics. These patterns encode information in...
Data
Full-text available
Article
n this work, we apply ordinal analysis of time series to the characterisation of neuronal activity. Automatic event detection is performed by means of the so-called permutation entropy, along with the quantification of the relative cardinality of forbidden patterns. In addition, multivariate time series are characterised using the joint permutation...
Article
Full-text available
We report a free-space quantum key distribution system designed for high-speed key transmission in urban areas. Clocking the system at gigahertz frequencies and efficiently filtering background enables higher secure key rates than those previously achieved by similar systems. The transmitter and receiver are located in two separate buildings 300 m...
Conference Paper
Anonymity in information systems has been a very active field of study in recent years. Indeed, it provides fundamental improvements in privacy by protecting users’ identities. However, it also serves as a shield for malicious parties, since it makes tracing users difficult. Many anonymous signature schemes and systems have been proposed to overcom...
Article
Full-text available
The idea of closed-loop interaction in in vitro and in vivo electrophysiology has been successfully implemented in the dynamic clamp concept strongly impacting the research of membrane and synaptic properties of neurons. In this paper we show that this concept can be easily generalized to build other kinds of closed-loop protocols beyond (or in add...
Article
The interleaving of chaos and cryptography has been the aim of a large set of works since the beginning of the nineties. Many encryption proposals have been introduced to improve conventional cryptography. However, many proposals possess serious problems according to the basic requirements for the secure exchange of information. In this paper we hi...
Article
Full-text available
In this work we present and formally analyze CHAT-SRP (CHAos based Tickets-Secure Registration Protocol), a protocol to provide interactive and collaborative platforms with a cryptographically robust solution to classical security issues. Namely, we focus on the secrecy and authenticity properties while keeping a high usability. In this sense, user...
Article
Full-text available
Unimodal maps have been broadly used as a base of new encryption strategies. Recently, a stream cipher has been proposed in the literature, whose keystream is basically a symbolic sequence of the (one-parameter) logistic map or of the tent map. In the present work a thorough analysis of the keystream is made which reveals the existence of some seri...
Chapter
Full-text available
The idea of using chaotic transformations in cryptography is explicit in the foundational papers of Shannon on secrecy systems (e.g., [96]). Although the word “chaos” was not minted till the 1970s [71], Shannon clearly refers to this very concept when he proposes the construction of secure ciphers by means of measure-preserving, mixing maps which d...
Conference Paper
Full-text available
Characterization and control of nonlinear and non-stationary processes is an active topic in the field of the applied theory of dynamical systems. In this context classical control techniques cannot be applied straightforward, and thus observation and actuation should be properly incorporated into a real-time feedback (or closed-loop) methodology....
Conference Paper
Moodle is one of the most popular open source e-learning platforms. It makes available a very easy-to-deploy environment, which once installed, is ready to be used. These two characteristics, make it a very attractive choice. But regarding information security and privacy, it presents several and important drawbacks. This is mainly due to the fact...
Conference Paper
Full-text available
More relevant results in research & technological development achieved in the Dpt. Ultrasonic Signals, Systems & Technologies (CSIC), during the last five years, are commented. They are centered on the Physics and Technology of the Ultrasonic Systems and their associate subject matters, including: modeling, simulation and design of aspects as trans...
Conference Paper
Full-text available
The design and control of any system requires a thorough understanding of its dynamics. In the case of the systems developed within the Group of Power Ultrasound, CSIC, this dynamic is non-linear. Experiments have proven the existence of harmonic and subharmonic components, the displacement of the resonance frequency and routes to chaos. Reporting...
Article
This paper studies the security of a recently proposed chaos-based cryptosystem. It is shown that the encryption architecture of this cryptosystem exhibits some important problems related to its implementation and its robustness against noise. Some security problems are also highlighted.
Article
Full-text available
The security of chaos-based cryptosystems is closely related to the possibility of recovering control parameters and/or initial conditions from partial information on the associated chaotic orbits. In this paper we analyze this possibility for the case of unimodal maps. We show a meaningful set of contexts where the dynamics of unimodal maps can be...
Article
Full-text available
Chaotic systems have been broadly exploited through the last two decades to build encryption methods. Recently, two new image encryption schemes have been proposed, where the encryption process involves a permutation operation and an XOR-like transformation of the shuffled pixels, which are controlled by three chaotic systems. This paper discusses...
Article
Full-text available
In this comment, we analyze a recently proposed Baptista-like cryptosystem and show that it is not invertible. Others weaknesses are also reported. A modified version of this cryptosystem is proposed to show how to overcome the non-invertibility.
Data
Since 1990s chaotic dynamical systems have been widely used to design new strategies to encrypt information. Indeed, the dependency to initial conditions and control parameters, along with the ergodicity of their temporal evolution allow the establishment of chaos as the base of new cryptosystems, i.e., of new schemes of confusion and diffusion of...
Article
Full-text available
Recently, a chaotic cryptographic scheme based on composition maps was proposed. This paper studies the security of the scheme and reports the following findings: 1) the scheme can be broken by a differential attack with $6+\lceil\log_L(MN)\rceil$ chosen-plaintext, where $MN$ is the size of plaintext and $L$ is the number of different elements in p...
Article
This paper analyzes the security of a recently-proposed signal encryption scheme based on a filter bank. A very critical weakness of this new signal encryption procedure is exploited in order to successfully recover the associated secret key. Comment: 6 pages, 1 figure