THE 1^st INTERNATIONAL CONFERENCE ON CRYPTOGRAPHY AND INFORMATION SECURITY

– VCRIS 2024 –

December 03-04, 2024

Academy of Cryptography Techniques, Hanoi, Vietnam

Keynote Speakers

Professor Edgar Weippl

Workplace: Edgar R. Weippl is a professor for Security and Privacy at the University of Vienna and Research Director of SBA Research and Head of the Christian Doppler Laboratory for Security and Quality Improvement in Production Systems.

He is on the editorial board of IEEE Transactions on Information Forensics and Security (T-IFS), ACM Transactions TOPS and of Elsevier’s Computers & Security journal (COSE), in the steering committee of ESORICS and ARES, general chair of ACM CCS 2016, and of Euro S&P 2024.

Research field: He focuses on (1) fundamental and applied research on blockchain and distributed ledger technologies and (2) security of production systems engineering.

Tittle: Exposing Network Vulnerabilities: Security Insights from Tor, VoWiFi, and Cellular Networks.

Abstract: In this research talk on security and privacy in communication networks, we will focus on potential security vulnerabilities and measurement methods. The primary focus will be on a Tor network paper that examines the potential for deanonymization attacks by AS-level adversaries. This study will highlight the changing risks over time, the impact of IPv6, and specific regional threats such as increased censorship in Russia.

In addition, we will examine vulnerabilities in VoWiFi through Diffie-Hellman key exchange methods, highlighting issues such as the use of weak DH groups, fallback to insecure modes, and shared private keys between operators. These vulnerabilities compromise the security of VoWiFi communications. I will also present our work on MobileAtlas, a framework for performing geographically decoupled measurements in cellular networks. This framework allows for scalable, low-cost measurements and can be used to uncover security and privacy vulnerabilities, such as traffic measurement inconsistencies and problematic IPv6 firewall configurations.

Through these studies, we aim to provide a comprehensive understanding of the current state of network security and the innovative approaches being used to identify and mitigate these vulnerabilities.

Biography:

After graduating with a Ph.D. from the Vienna University of Technology, Edgar worked for two years in a research startup. He spent one year as an assistant professor at Beloit College, WI. From 2002 to 2004, while with the software vendor ISIS Papyrus, he worked as a consultant for an HMO in New York, NY, and Albany, NY, and for the financial industry in Frankfurt, Germany. In 2004 he joined the Vienna University of Technology and founded the research center SBA Research with A Min Tjoa and Markus Klemen. In 2020 Edgar became a full professor for Security and Privacy at the University of Vienna; a year later, he became Visiting Professor at the National Institute of Informatics (NII), Tokyo.

Prof. Dr. Ing. Ahmad-Reza Sadeghi

Workplace: Ahmad-Reza Sadeghi is a Full Professor of Computer Science at the Technical University of Darmstadt, Germany, head of System Security Lab.

Research field: Hardware-Assisted Software Security, Hardware Security, Software Security, Security for the Internet of Things, Security for Machine Learning, Secure Decentralization in Dynamic Networks.

Tittle: N/A

Abstract: N/A

Biography:

Ahmad-Reza Sadeghi is a Full Professor of Computer Science at the Technical University of Darmstadt, Germany, where he heads the System Security Lab.

Since 2012 Prof. Sadeghi has established a long-term cooperation with Intel. It has already emerged in several Collaborative Research Centers on various topics, such as Secure Computing in Mobile and Embedded Systems, Autonomous and Resilient Systems, and Private AI. Moreover, he also established the Open Lab for Sustainable Security and Safety (OpenS3 Lab) with Huawei in 2019.

He received his Ph.D. in Computer Science with a focus on Cryptography from the University of Saarland, Germany.

Before academia, he worked for several years in the Research and Development of the Telecommunications industry, amongst others, Ericsson. He has been leading and involved in many national and international research and development projects in the design and implementation of Trustworthy Computing Platforms, Hardware-assisted Security, IoT Security and Privacy, Applied Cryptography, and Trustworthy AI.

Prof. Sadeghi has been serving as General or Program Chair and Program Committee member of major Information Security and Privacy and Design and Automation venues, such as ACM CCS, IEEE Security & Privacy, NDSS, USENIX Security, DAC, DATE, and ICCAD.

He was Editor-In-Chief of IEEE Security and Privacy Magazine. Ahmad served on several editorial boards, such as ACM Transactions on Information & System Security (TISSEC), as Guest editor of the IEEE TCAD, ACM Books, and ACM DIOT. He is on the editorial board of ACM TODAES and ACM DTRAP.

In 2008 Prof. Sadeghi was awarded the renowned German prize “Karl Heinz Beckurts” for his research on Trusted and Trustworthy Computing technology and its transfer to industrial practice.

The award honors excellent scientific achievements with a high impact on industrial innovations in Germany.In 2010 his group received the German IT Security Competition Award.

In 2018 he received the ACM SIGSAC Outstanding Contributions Award for dedicated research, education, and management leadership in the security community and pioneering contributions in content protection, mobile security, and hardware-assisted security. SIGSAC is ACM’s Special Interest Group on Security, Audit, and Control.

In 2021 he was honored with the Intel Academic Leadership Award at USENIX Security for his influential research in information and computer security, particularly hardware-assisted security.

In 2022 he received the prestigious European Research Council (ERC) Advanced Grant.

Professor Kwangjo Kim

The fisrt Korean IACR Fellow (2017)

Workplace: Korea Advanced Institute of Science and Technology.

Research field: Theory and practice in cryptology and information security, security management and policy, network and computer security, ubiquitous security and critical infrastructure protection.

Tittle: SOLMAE: Faster and simpler quantum-safe signature based on NTRU-lattices

Abstract: Designing cryptographically strong primitives like digital signatures and key encapsulation mechanisms is a complex challenge that requires the expertise of a group of skilled designers. These experts must possess a comprehensive understanding of known theoretical and implementation-based attacks while also anticipating potential future threats, particularly from emerging technologies like quantum computing. Our team, composed of top-level cryptographers from around the world, has focused on developing a long-term quantum-secure signature scheme based on NTRU lattices—a well-established concept within the cryptographic community for over two decades.

One significant outcome of this effort is Falcon, a finalist in the NIST PQC standardization project in 2023, alongside Dilithium and SPHINCS+. Falcon is recognized for its robust security, compact signatures, and efficient verification times, comparable to elliptic curve signatures. However, its implementation is complex and computationally intensive, leveraging the Fast Fourier Orthogonalization (FFO) technique.

To address these challenges, Espitau et al. introduced Mitaka, a scheme that simplifies the sampling procedure without sacrificing efficiency. Mitaka’s design leads to faster operations, maintaining compact signature sizes, and adding new features such as cost-effective masking and parallelizability. Further advancements were made with ANTRAG, an improved version of Mitaka, designed to meet all NIST security levels. The culmination of these efforts is SOLMAE, which combines the strengths of Falcon, Mitaka, and ANTRAG, offering enhanced performance while preserving security, particularly at NIST security levels I and V. This talk will delve into the details of SOLMAE, including practical performance evaluations.

Biography:

Kwangjo Kim received his B.Sc. and M.Sc. degrees in Electronic Engineering from Yonsei University, Seoul, Korea, in 1980 and 1983, and his Ph.D. in Electrical and Computer Engineering from Yokohama National University, Japan, in 1991. He was a Visiting Professor at MIT, USA, and UC San Diego, USA, in 2005, as well as at Khalifa University, UAE, in 2012. In 2013, he served as an education specialist at the Bandung Institute of Technology, Indonesia.

From 1979 to 1997, he served as a section head at the Electronics and Telecommunications Research Institute (ETRI) in Korea. He then became a full professor at the School of Computing at KAIST, Korea, where he taught from 1988 until his retirement in 2021.

He has held various leadership roles, including Korean representative to IFIP TC-11, honorary President of the Korea Institute of Information Security and Cryptology (KIISC), and a board member of the International Association for Cryptologic Research (IACR) from 2000 to 2004. He chaired the Asiacrypt Steering Committee from 2005 to 2008 and served as KIISC president in 2009.

Prof. Kim became the first Korean Fellow of the IACR in 2017 and is a member of IEEE, ACM, IEICE, and the IACR Fellow Selection Committee. He was the general chair for CHES 2014, Asiacrypt 2020, and PQCrypto 2021 and served as editor-in-chief of the online journal Cryptography and as an editor for the Journal of Mathematical Cryptology.

Currently, he is an Emeritus Professor at KAIST’s School of Computing and president of the International Research Institute for Cyber Security (IRCS), a non-profit organization approved by the Korean government to enhance national cyber security capabilities in the civilian sector.

Prof. Kim was recognized on Stanford University’s 2023 World’s Top 2% Scientists list for his outstanding academic contributions.

He authored two books associated with AI for security entitled “Network Intrusion detection using deep learning: A feature learning approach” and “Privacy-preserving deep learning: A comprehensive survey” which were published by Springer in 2018 and 2021, respectively.

Professor Sylvain Guilley

Workplace: General Manager and CTO at Secure-IC, a French company offering security for embedded systems.

Secure-IC’s flagship product is the multi-certified Securyzr integrated Secure Element (iSE).

Sylvain is also research associate at Ecole Normale Superieure (ENS)

Research field: trusted computing, cyber-physical security, secure prototyping in FPGA and ASIC, and formal / mathematical methods.

Tittle: Secure implementation of Post-Quantum Cryptography

Abstract: Post-Quantum Cryptography (PQC) is now required by several institutions and vendors, especially for applications related to low-level security functions (secure boot, firmware management, secure channels establishment, etc.).
Not only standardized PQC algorithms must match correctly their specification, but also they must be implemented in accordance with market requirements.
Those mostly consist of Performance-Power-Area (PPA) and certification constraints.
In turn, the PPA encompasses tradeoffs between speed and implementation size, but also optimal adequation with available resources (vectorization in software, parallelism in hardware, dedicated accelerators in embedded systems, etc.).
The certification relates to secure implementation in the context of adversaries trying to gain information on the secrets, exploiting for instance some surreptitious information leakage (secret-dependent timing or power consumption).
There is an interplay between PPA and certification aspects that I will detail in this talk, for different classes of PQC algorithms.

Biography

Since 2012, he has organized the PROOFS workshop (http://www.proofs-workshop.org/2020/), which brings together researchers whose objective is to increase the trust in the security of embedded systems.

Sylvain is also lead editor of international standards, such as ISO/IEC 20897 (Physically Unclonable Functions), ISO/IEC 20085 (Calibration of non-invasive testing tools), and ISO/IEC 24485 (White Box Cryptography).

He is leading the topic “High Level Principles for Design & Architecture” in the editing team of TR68 (Autonomous Vehicles—Singapore, Standards Development Organisation), and is member of the French BNA (Bureau de Normalisation de l’Automobile).

Sylvain is associate editor of the Springer Nature Journal of Cryptography Engineering (JCEN).

He has co-authored 250+ research papers and filed 40+ invention patents.

He is member of the IACR, senior member of the IEEE and the CryptArchi club.

He is an alumnus from Ecole Polytechnique and Télécom-Paris.