THE 1^st INTERNATIONAL CONFERENCE ON CRYPTOGRAPHY AND INFORMATION SECURITY

– VCRIS 2024 –

December 03-04, 2024

Academy of Cryptography Techniques, Hanoi, Vietnam

Keynote Speakers

Professor Edgar Weippl

Workplace: Edgar R. Weippl is a professor for Security and Privacy at the University of Vienna and Research Director of SBA Research and Head of the Christian Doppler Laboratory for Security and Quality Improvement in Production Systems.

He is on the editorial board of IEEE Transactions on Information Forensics and Security (T-IFS), ACM Transactions TOPS and of Elsevier’s Computers & Security journal (COSE), in the steering committee of ESORICS and ARES, general chair of ACM CCS 2016, and of Euro S&P 2024.

Research field: He focuses on (1) fundamental and applied research on blockchain and distributed ledger technologies and (2) security of production systems engineering.

Tittle: Exposing Network Vulnerabilities: Security Insights from Tor, VoWiFi, and Cellular Networks.

Abstract: In this research talk on security and privacy in communication networks, we will focus on potential security vulnerabilities and measurement methods. The primary focus will be on a Tor network paper that examines the potential for deanonymization attacks by AS-level adversaries. This study will highlight the changing risks over time, the impact of IPv6, and specific regional threats such as increased censorship in Russia.

In addition, we will examine vulnerabilities in VoWiFi through Diffie-Hellman key exchange methods, highlighting issues such as the use of weak DH groups, fallback to insecure modes, and shared private keys between operators. These vulnerabilities compromise the security of VoWiFi communications. I will also present our work on MobileAtlas, a framework for performing geographically decoupled measurements in cellular networks. This framework allows for scalable, low-cost measurements and can be used to uncover security and privacy vulnerabilities, such as traffic measurement inconsistencies and problematic IPv6 firewall configurations.

Through these studies, we aim to provide a comprehensive understanding of the current state of network security and the innovative approaches being used to identify and mitigate these vulnerabilities.

Biography:

After graduating with a Ph.D. from the Vienna University of Technology, Edgar worked for two years in a research startup. He spent one year as an assistant professor at Beloit College, WI. From 2002 to 2004, while with the software vendor ISIS Papyrus, he worked as a consultant for an HMO in New York, NY, and Albany, NY, and for the financial industry in Frankfurt, Germany. In 2004 he joined the Vienna University of Technology and founded the research center SBA Research with A Min Tjoa and Markus Klemen. In 2020 Edgar became a full professor for Security and Privacy at the University of Vienna; a year later, he became Visiting Professor at the National Institute of Informatics (NII), Tokyo.

Professor Kwangjo Kim

The fisrt Korean IACR Fellow (2017)

Workplace: Korea Advanced Institute of Science and Technology.

Research field: Theory and practice in cryptology and information security, security management and policy, network and computer security, ubiquitous security and critical infrastructure protection.

Tittle: SOLMAE: Faster and simpler quantum-safe signature based on NTRU-lattices

Abstract: Designing cryptographically strong primitives like digital signatures and key encapsulation mechanisms is a complex challenge that requires the expertise of a group of skilled designers. These experts must possess a comprehensive understanding of known theoretical and implementation-based attacks while also anticipating potential future threats, particularly from emerging technologies like quantum computing. Our team, composed of top-level cryptographers from around the world, has focused on developing a long-term quantum-secure signature scheme based on NTRU lattices—a well-established concept within the cryptographic community for over two decades.

One significant outcome of this effort is Falcon, a finalist in the NIST PQC standardization project in 2023, alongside Dilithium and SPHINCS+. Falcon is recognized for its robust security, compact signatures, and efficient verification times, comparable to elliptic curve signatures. However, its implementation is complex and computationally intensive, leveraging the Fast Fourier Orthogonalization (FFO) technique.

To address these challenges, Espitau et al. introduced Mitaka, a scheme that simplifies the sampling procedure without sacrificing efficiency. Mitaka’s design leads to faster operations, maintaining compact signature sizes, and adding new features such as cost-effective masking and parallelizability. Further advancements were made with ANTRAG, an improved version of Mitaka, designed to meet all NIST security levels. The culmination of these efforts is SOLMAE, which combines the strengths of Falcon, Mitaka, and ANTRAG, offering enhanced performance while preserving security, particularly at NIST security levels I and V. This talk will delve into the details of SOLMAE, including practical performance evaluations.

Biography:

Kwangjo Kim received his B.Sc. and M.Sc. degrees in Electronic Engineering from Yonsei University, Seoul, Korea, in 1980 and 1983, and his Ph.D. in Electrical and Computer Engineering from Yokohama National University, Japan, in 1991. He was a Visiting Professor at MIT, USA, and UC San Diego, USA, in 2005, as well as at Khalifa University, UAE, in 2012. In 2013, he served as an education specialist at the Bandung Institute of Technology, Indonesia.

From 1979 to 1997, he served as a section head at the Electronics and Telecommunications Research Institute (ETRI) in Korea. He then became a full professor at the School of Computing at KAIST, Korea, where he taught from 1988 until his retirement in 2021.

He has held various leadership roles, including Korean representative to IFIP TC-11, honorary President of the Korea Institute of Information Security and Cryptology (KIISC), and a board member of the International Association for Cryptologic Research (IACR) from 2000 to 2004. He chaired the Asiacrypt Steering Committee from 2005 to 2008 and served as KIISC president in 2009.

Prof. Kim became the first Korean Fellow of the IACR in 2017 and is a member of IEEE, ACM, IEICE, and the IACR Fellow Selection Committee. He was the general chair for CHES 2014, Asiacrypt 2020, and PQCrypto 2021 and served as editor-in-chief of the online journal Cryptography and as an editor for the Journal of Mathematical Cryptology.

Currently, he is an Emeritus Professor at KAIST’s School of Computing and president of the International Research Institute for Cyber Security (IRCS), a non-profit organization approved by the Korean government to enhance national cyber security capabilities in the civilian sector.

Prof. Kim was recognized on Stanford University’s 2023 World’s Top 2% Scientists list for his outstanding academic contributions.

He authored two books associated with AI for security entitled “Network Intrusion detection using deep learning: A feature learning approach” and “Privacy-preserving deep learning: A comprehensive survey” which were published by Springer in 2018 and 2021, respectively.

Professor Sylvain Guilley

Workplace: General Manager and CTO at Secure-IC, a French company offering security for embedded systems.

Secure-IC’s flagship product is the multi-certified Securyzr integrated Secure Element (iSE).

Sylvain is also research associate at Ecole Normale Superieure (ENS)

Research field: trusted computing, cyber-physical security, secure prototyping in FPGA and ASIC, and formal / mathematical methods.

Tittle: Secure implementation of Post-Quantum Cryptography

Abstract: Post-Quantum Cryptography (PQC) is now required by several institutions and vendors, especially for applications related to low-level security functions (secure boot, firmware management, secure channels establishment, etc.).
Not only standardized PQC algorithms must match correctly their specification, but also they must be implemented in accordance with market requirements.
Those mostly consist of Performance-Power-Area (PPA) and certification constraints.
In turn, the PPA encompasses tradeoffs between speed and implementation size, but also optimal adequation with available resources (vectorization in software, parallelism in hardware, dedicated accelerators in embedded systems, etc.).
The certification relates to secure implementation in the context of adversaries trying to gain information on the secrets, exploiting for instance some surreptitious information leakage (secret-dependent timing or power consumption).
There is an interplay between PPA and certification aspects that I will detail in this talk, for different classes of PQC algorithms.

Biography

Since 2012, he has organized the PROOFS workshop (http://www.proofs-workshop.org/2020/), which brings together researchers whose objective is to increase the trust in the security of embedded systems.

Sylvain is also lead editor of international standards, such as ISO/IEC 20897 (Physically Unclonable Functions), ISO/IEC 20085 (Calibration of non-invasive testing tools), and ISO/IEC 24485 (White Box Cryptography).

He is leading the topic “High Level Principles for Design & Architecture” in the editing team of TR68 (Autonomous Vehicles—Singapore, Standards Development Organisation), and is member of the French BNA (Bureau de Normalisation de l’Automobile).

Sylvain is associate editor of the Springer Nature Journal of Cryptography Engineering (JCEN).

He has co-authored 250+ research papers and filed 40+ invention patents.

He is member of the IACR, senior member of the IEEE and the CryptArchi club.

He is an alumnus from Ecole Polytechnique and Télécom-Paris.

Professor Jean-Yves Marion

Workplace: LORIA, University of Lorraine.

Research field: Computer security and more specifically in malware analysis.

Tittle: A comprehensive view of the malware ecosystem is essential

Abstract: Combating malware involves various aspects such as reverse engineering, detection, and attribution. Each of these areas employs different methods, including binary-level analysis and AI techniques. It is crucial to validate the efficiency and robustness of defense systems. Finally, having a holistic view of the malware ecosystem, which encompasses organizational and communicative dimensions, is essential.

Biography:

Jean-Yves Marion is a professor at Université de Lorraine, France. He is the director of the computer science lab LORIA also affiliated to CNRS, Inria and CentraleSupelec. He got his habilitation thesis in 2002. He spent two years at Indiana University. His research interest is mainly computer security and more specifically in malware analysis. He is one of the co-founders of the High Security Lab (LHS), a quite unique research platform for cybersecurity. He published about 100 papers and supervised about 25 PhD thesis. He is a senior member of Institut Universitaire de France.

Dr. Nguyen Bui Cuong

Workplace: Director of the Cryptographic Science Department, Vietnam Government Information Security Commission.

Research field: Cryptography

Title: MKV: A New Block Cipher of Vietnam for the Post-Quantum Cryptography Transition.

Abstract: Many countries have launched their block cipher standards. These standards are selected carefully and meticulously through selection contests or cryptographic projects, such as the advanced encryption standard process of NIST, the NESSIE project of Europe, the lightweight cryptographic project of NIST, etc. The process of developing these cryptographic standards requires careful and ongoing evaluation.

In the field of civil cryptography, Vietnam does not have our own block cipher standard but uses common block cipher standards such as AES, triple-DES, etc. in their standards: VN 7816:2007, VN 11367-3:2016, etc. Therefore, we have designed and constructed a new block cipher with multiple variants of block size and key length that can be selected for standardization and suitable for information security in the field of civil cryptography in the context of post-quantum transition, namely MKV. There are two block size variants with block sizes of 256-bit for post-quantum and 128-bit for quantum migration. Each variant has three key length options with a flexible level of security suitable for application developers. MKV has achieved some design features as follows:

Construction: MKV is designed based on the Four-Leaf-Clover scheme with an SDS-type round function, called SDS-FLC structure. Consequently, MKV achieves provable security in the Luby-Rackoff model and practical security against differential and linear cryptanalysis. Moreover, MKV has an optimal implementation by such a structure on popular platforms.
The cryptographic components: In the FLC-SDS structure, we use an 8-bit S-box for confusion and Maximum distance separable matrices for diffusion to design MKV. These cryptographic components have good cryptographic properties and are considered to be optimized in software/hardware implementations.
Security: We have evaluated the provable security for the two most popular cryptanalysis (differential and linear cryptanalysis) and the ability to resist some further important cryptanalysis of MKV. Among them, there is provable security with linear and differential cryptanalysis by inheriting the design from the FLC-SDS structure with cryptographic components with good cryptographic properties. Furthermore, MKV also achieves provable security against related-key differential cryptanalysis from the specific design of the key schedule. In addition, the preventive ability against quantum computation is also considered concerning block size and key length based on surveys of quantum resources.
Performance: The implementation is suitable for common applications in information security of hardware and software.

Biography:

Nguyen Bui Cuong is an experienced, professional cryptographer and currently Director of the Cryptographic Science Department at the Institute of Cryptographic Science and Technology, Vietnam’s premier cryptography research institute, in the Vietnam Government Information Security Commission.

He was born in 1982 and completed his undergraduate studies in mathematics at Hanoi National University of Education from 2000 to 2004. He then pursued a Master’s degree in mathematics at the University of Science, Vietnam National University, Hanoi, from 2005 to 2007. He received his PhD in 2018 from the Institute of Military Science and Technology, focusing on ensuring a mathematical foundation for informatics.

His research interests primarily involve the design and evaluation of the security of symmetric-key cryptographic primitives. Additionally, he has led projects aimed at developing cryptographic primitives to protect critical national information and has published numerous articles in international journals and conferences.