We are very happy to announce the following keynote speakers (in alphabetical order):
Marten van Dijk, CWI Amsterdam and U Connecticut
Title: Towards Remote Verifiable Computation without Digital Secrets
Speaker: Marten van Dijk, CWI Amsterdam and U Connecticut
Short Summary: The development of secure processor architecture technology has seen many challenges. It turns out difficult to implement efficient resource sharing and at the same time eliminate or protect against side channels as a result of shared caches and other buffers. For this reason, implemented hardware isolation cannot provide confidential computing (as of yet). Nevertheless, the hardware isolation for access control as implemented by micro code and added circuitry cannot be circumvented and this allows for verifiable computation. However, even though computations can be isolated in enclaves, how can we provide remote attestation of computed output? Remote attestation requires digital secrets which may leak due to side channels. We show two puzzle pieces which together can be used to implement remote attestation without secure digital computation or digital secrets: We use a strong PUF for masking ‘session signing keys’ and we use these in a new one-time signature primitive. In essence, computing a signature for an output boils down to directly reading out a signature from unmasked digital storage.
Short Bio: Marten van Dijk is group leader of Computer Security at CWI Amsterdam and has 20+ years research experience in system security both in academia (MIT and UConn) and industry (Philips Research and RSA Laboratories). Marten received the A. Richard Newton Technical Impact Award in Electronic Design Automation in 2015 and the Most Frequently Cited Paper Award (2000-2009) Symposium on VLSI Circuits for his collaborative work on Physical Unclonable Functions. Aegis, the first single-chip secure processor that verifies integrity and freshness of external memory, was selected for inclusion in ”25 years of International Conference on Supercomputing” in 2014 and recently received a test of time award by Intel . Path ORAM received a best paper award at CCS 2013 and was selected as a 2018 Top Pick in Hardware and Embedded Security. Marten is IEEE Fellow for contributions to secure processor design and encrypted computation.
Yuval Yarom, U Adelaide
Title: Automating cryptographic code generation
Speaker: Yuval Yarom, U Adelaide
Short Summary: Cryptography provides the data protection mechanisms that underly security and privacy in the modern connected world. Given this pivotal role, implementations of cryptographic code must not only be correct, but also meet stringent performance and security requirements. Achieving these aims is often difficult and requires significant investment in software development and manual tuning.
This talk presents two approaches for automating the task of generating correct, secure, and efficient cryptographic code. The first, Rosita, uses a power consumption emulator to detect unintended leaky interactions between values in the microarchitecture. It then rewrites the code to eliminate these interactions and produce code that is resistant to power analysis. The second, CryptOpt, uses evolutionary computation to search for the most efficient constant-time implementation of a cryptographic function. It then formally verifies that the produced implementation is semantically equivalent to the original code.
Rosita is a joint work with Lejla Batina, Łukasz Chmielewski, Francesco Regazzoni, Niels Samwel, Madura A. Shelton, and Markus Wagner.
CryptOpt is a joint work with Adam Chlipala, Chitchanok Chuengsatiansup, Andres Erbsen, Daniel Genkin, Jason Gross, Joel Kuepper, Chuyue Sun, Markus Wagner, and David Wu.
Short Bio: Yuval Yarom is an Associate Professor at the School of Computer Science at the University of Adelaide. He earned his Ph.D. in Computer Science from the University of Adelaide in 2014, and an M.Sc. in Computer Science and a B.Sc. in Mathematics and Computer Science from the Hebrew University of Jerusalem in 1993 and 1990, respectively. In between he has been the Vice President of Research in Memco Software and a co-founder and Chief Technology Officer of Girafa.com.
Yuval’s research explores the security of the interface between the software and the hardware. In particular, He is interested in the discrepancy between the way that programmers think about software execution and the concrete execution in modern processors. He works on identifying micro-architectural vulnerabilities, and on exploitation and mitigation techniques.