Federated Space Public Key Infrastructure (PKI) can offer a scalable foundation for secure and interoperable communications in collaborative space missions. Yet, its deployment faces challenges stemming from resource-constrained assets, architectural complexity, and the transition to post-quantum (PQ) cryptography. Current CCSDS space guidelines rely on the Internet X.509 profile, whose extensive feature set—if left unrestricted—can increase implementation complexity, certificate size (especially under PQ algorithms), and the risk of interoperability issues. In parallel, the IETF C509 Certificates draft emerges as a streamlined subset of X.509 with a compact encoding specifically tailored for constrained environments. This paper provides an empirical comparison between X.509 and C509 to inform space mission designers about the associated advantages and costs of each, specifically when PQ cryptography is incorporated into space PKIs. To help pave the way for interoperability in federated space missions, a minimal certificate profile for space PKI is proposed.

In addition, the work introduces the first open-source native C509 toolkit that supports PQ algorithms and evaluates open-source and proprietary certificate parsers. While the IETF C509 draft proposal reports a size reduction of over 50%, our evaluation confirms approximately 40% savings for classical certificates generated according to our proposed minimal certificate profile. For PQ certificates, the savings plateau at around 200 bytes, rendering the size gains negligible. However, revocation lists consistently achieve a 60% reduction for 30,000 entries, independent of the cryptographic scheme (PQ or traditional). To quantify and compare the software implementation complexity of X.509 and C509, we conduct software complexity analysis using well-established heuristic metrics (e.g., cyclomatic complexity, Halstead metrics, logical lines of code). The findings further highlight the relative simplicity of the C509 parser implementation in software. Defining a standardised certificate profile for federated space would advance interoperability; however, adopting C509 requires carefully balancing modest PQ size savings against software simplification and the uncertainties associated with a draft standard.

While securing data-in-use was assured by well-known encryption algorithms, the industry shifted towards trusting hardware manufacturers in exchange for efficiency speedups through Trusted Execution Environments. However, there are many technologies to choose from, each with its own design and trade-offs. Additionally, no work was conducted to systematically compare Trusted Execution Environments side-by-side with privacy-preserving techniques. Therefore, this literature review analyzes, in the first part, Intel's SGX, Keystone, Intel's TDX, and AMD's SEV from four angles that are strongly tied to data-in-use protection (functionality, efficiency, security, and usability). We observed that even though complex and inherently suffering to hardware-related attacks, TEEs offer a great option for confidential computing. Lastly, this research compares these state-of-the-art technologies to four other privacy-preserving techniques (Fully Homomorphic Encryption, Secure Multi-Party Computation, Oblivious RAM, and Structured Encryption) by drawing common properties and displaying them in equal use cases, showing that TEEs are a great choice for many use cases, but with stronger security issues.

Secure multi-party computation (MPC) allows parties to compute on their secret inputs, without revealing them to each other. As an area of theoretical interest, many MPC protocol have been developed in the last four decades. They each present different characteristics and are classified under distinct categories depending on their generality, security assumptions, and functionality. More recently, MPC has also become an area of practical interest due to optimizations in performance of the protocols. In this paper, we compare MPC protocols and other techniques for computing on encrypted data, considering how their properties affect security, efficiency, usability, and functionality. We show that there is a trade-off between security and efficiency when different adversarial models are used, as well as a trade-off between efficiency and flexibility in specialized protocols.

In the digital economy, individual data sovereignty is a requirement for sustainable and secure development. With an increase in the number of outsourced computations, due to the adoption of web services, artificial intelligence and research-based innovation, privacy became one of the main concerns for individuals and third parties alike. Fully Homomorphic Encryption (FHE) addresses this gap by enabling secure computations on encrypted data. This paper reviews and presents the FHE literature in a structural manner, covering the topics of mathematical constructions, security, efficiency and functionality. In doing so, it highlights the current state-of-the-art techniques and provides a systemic comparison with other privacy enhancing mechanisms. In addition, it discusses its applicability in the practical domain, such as Confidential Machine Learning, Medical Data Analysis and Recommender Systems, mentioning potential impediments and their solutions for mass adoption.

Outsourcing data to the cloud can pose serious security threats due to an attacker observing the data access patterns, even though data is encrypted. Ideally, confidentiality should not depend on the server being a trusted party. Oblivious Random Access Machines are tackling this problem by obfuscating data access patterns and ensuring obliviousness of the server towards the data. Thus, this paper studies the evolution of Oblivious Random Access Machines and highlights the steps taken so far to discover a more practical algorithm for hiding data access patterns on an un trusted server. In addition, other approaches for privacy-preserving computation, such as Homomorphic Encryption, Structured Encryption, Multi Party Computation and Trusted Execution Environments are discussed and contrasted to ORAM to assess the costs and benefits they come with, but also the trade-offs in security and usability.

With the ever-growing cloud capacity in our society, being able to harness that immense computational power while keeping our data private has become a strong point of interest. This can be achieved with Structured Encryption, which allows a data structure to be encrypted and stored remotely, but still queryable by the client owning
the encryption key. This report is a literature review of the field of Structured Encryption (StE). We analyze the state-of-the-art technologies and their characteristics on the following aspects: security, efficiency, functionality and usability, and discuss their capabilities and limitations. We then compare StE schemes with other promising technologies in the area of computation on encrypted data: Fully Homomorphic Encryption, Oblivious RAM, Secure Multiparty Computation and Trusted Execution Environments.

This paper explores the scalability of Graph Neural Networks (GNNs) in the context of traffic forecasting, a critical area for improving urban mobility and reducing congestion. Despite GNNs’ demonstrated effectiveness in handling complex spatiotemporal dependencies in traffic data, scaling them to large road networks remains challenging due to increased computational requirements. This study aims to evaluate how the accuracy and computational cost of a state-of-the-art traffic forecasting GNN, the Decoupled Dynamic Spatio-Temporal Graph Neural Network, change with varying road network sizes and complexities (i.e., sensor density). Using two real-world datasets, three experiments are conducted: scaling map area, scaling graph complexity, and testing the geographic location effect. Findings show that larger graphs generally improve accuracy and GPU efficiency. Moreover, geographic location affects accuracy, whereas sensor density has minimal impact.