May 14-17, 2019 | JW Marriott Parq Vancouver, Canada

Conference Agenda

Tuesday 14 May

Optional Pre-Conference Workshops

08:00 - 09:00 Registration

Parq Grand Ballroom Pre-Function

09:00 - 12:30 Pre‑Conference Workshops

Pre-Conference Workshops
(Parq Salon F)

 
09:00 Cryptographic Lifecycle Management Workshop (W00a) Tomislav Nad, Chief Security Architect and Cryptographer, Infosec Global, Switzerland

Pre-Conference Workshops
(Parq Salon E)

 
09:00 FIPS 140-2 Validation Process: Overview and Case Study (W00b) Alex Calis, NIST, United States; Ian Hall, Certification Architect, Symantec, United States; Brad Proffitt, Director of Operations, Lightship Security, United States; Diana Robinson, Senior Manager for Product Security Certifications & Specialized Testing, Symantec, United States

Pre-Conference Workshops
(Granville)

 
09:00 Seminar on Hardware Attacks to Cryptographic Processors (W00c) David Hernandez, R&D Manager, Applus+ Laboratories, Spain

12:30 - 13:30 Lunch

Parq Grand Ballroom Pre-Function

13:30 - 17:00 Pre‑Conference Workshops

Pre-Conference Workshops
(Parq Salon F)

 
13:30 Introduction to Blockchain Workshop (W01a) William Sandberg-Maitland, Principal Scientist, SPYRUS Inc., Canada

Pre-Conference Workshops
(Parq Salon E)

 
13:30 Workshop on Automated Cryptographic Validation Protocol (ACVP) (W01b) Christopher Celi, Computer Scientist, NIST, United States; Barry Fussell, Software Technical Leader, CISCO, United States; Stephan Mueller, Principal Consultant and Evaluator, atsec, United States; Philip Perricone, Engineer.Software Engineering, Cisco, United States; Apostol Vassilev, Research Lead–STVM, Computer Security Division, NIST, United States

Pre-Conference Workshops
(Granville)

 
13:30 Physical Testing (Beyond FIPS) (W01c) Luis Alfonso García, Technical Manager, Epoche and Espri (a DEKRA company), Spain

Wednesday 15 May

Conference Sessions

08:00 - 09:00 Registration

Parq Grand Ballroom Pre-Function

09:00 - 09:45 Plenary Keynote Session

Parq Grand Ballroom EF

9:00 Conference Welcome (P10a) Yi Mao, atsec, United States; 9:10 CMUF Update (P10b) Matt Keller, CMUF, United States

9:15 Plenary Keynote Presentation (P10c) Mary Ann Davidson, Chief Security Officer, Oracle Corp.
Mary Ann Davidson is responsible for Oracle Software Security Assurance. She represents Oracle on the Board of Directors of the Information Technology Information Sharing and Analysis Center (IT-ISAC), and serves on the international board of the Information Systems Security Association (ISSA) More…

09:45-10:30 Networking Break in Exhibits

Parq Grand Ballroom ABCD

10:30 - 12:30 Track Sessions

Certification Programs
(Parq Grand Ballroom E)

 
10:30 Latest Cryptographic Module Test Technology Development Trends of KCMVP (C11a) Sung Ha Lee, NSR, South Korea


11:00 Update on the Canadian Centre for Cyber Security (C11b) Roy Crombie, Canadian Centre for Cyber Security, Canada; Keith Merlo, Canadian Centre for Cyber Security, Canada


11:30 TBA


12:00 CMVP Programmatic Update (C11d) Carolyn French, Manager Cryptographic Module Validation Program, Canadian Centre for Cyber Security, Canada; Beverly Trapnell, NIST, United States

General Technology
(Parq Grand Ballroom F)

 
10:30 FIPS 140-2 and the Cloud (G11a) Alan Halachmi, Sr. Manager, Solutions Architecture, Amazon, United States


11:00 FIPS In The Cloud Working Group (G11b) Yi Mao, Lab Director, atsec, United States; Ben Tucker, Senior Security Engineer II – Standards & Certifications, Citrix, United States


11:30 Entropy as a Service—A Scheme, Implementation, Experience (G11c) Ravi Jagannathan, Security Architect Vsphere./ESXi, VMware, United States; Apostol Vassilev, Research Lead–STVM, Computer Security Division, NIST, United States


12:00 Cloudy or Clouded? (G11d) Fabien Deboyser, Certification Engineer, Thales, United States

Post-Quantum Crypto
(Cambie)

 
10:30 Post-Quantum Crypto Track Keynote (Q11a) Michele Mosca, University Research Chair and Co-Founder, University of Waterloo and evolutionQ Inc., Canada


11:00 Second Round Candidates in NIST PQC Standardization (Q11b) Lily Lidong Chen, Mathematician, NIST, United States; Dustin Moody, Mathematician, NIST, United States


11:30 Post-Quantum Cryptography Based on Isogenies and Progress in Hardware (Q11c) Reza Azarderakhsh, Assistant Professor, Florida Atlantic University and PQSecure Technologies, United States


12:00 The Post-Quantum Signature Scheme qTESLA and its Integration into the TLS Protocol (Q11d) Patrick Longa, Researcher, Microsoft Research, United States

Embedded Crypto
(Burrard)

 
10:30 IoT and Payments (E11a) Jason Hart, CTO Data Protection, Gemalto, United Kingdom


11:00 Emerging Cryptography Trends in the Internet of Things (E11b) Charles White, CTO, Fornetix, United States


11:30 Building Trust Takes Time. Or Just Cryptography and Secure Execution? (E11c) Martin Oczko, Head of Appliance Technologies, PrimeKey, Germany


12:00 Encryption Standardization for NVDIMM-N Class PMEM Devices (E11d) Sridhar Balasubramanian, Principal Product Security Architect, NetApp, United States

12:30 - 13:45 Lunch in Exhibit Area

Parq Grand Ballroom ABCD

13:45 - 15:15 Track Sessions

Certification Programs
(Parq Grand Ballroom E)

 
13:45 Pearson Testing (C12a) Gavin O’Brien, Computer Scientist, NIST, United States


14:15 NIAP Update (C12b) Dianne Hale, NIAP, United States


14:45 CCUF Update (C12c) Fiona Pattinson, CCUF, United States

Random Bit Generators
(Parq Grand Ballroom F)

 
13:45 Random Numbers, Entropy Sources and You (G12a) John Kelsey, Computer Scientist, NIST, United States


14:15 Panel on Evaluation and Validation of Random Bit Generators (N12b) Moderator: Apostol Vassilev, Research Lead–STVM, Computer Security Division, NIST, United States; Panelists: Allen Roginsky, Mathematician, NIST, United States; John Kelsey, Computer Scientist, NIST, United States; Joshua Hill, UL VS, Inc., United States; Werner Schindler, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany [60 MIN]

Post-Quantum Crypto
(Cambie)

 
13:45 Progress in Post-Quantum Cryptography (Q12a) Tanja Lange, Technische Universiteit Eindhoven, Netherlands


14:15 Panel on Post-Quantum Cryptography Migration: Get Your Organization Ready! (Q12b) Moderator: Bruno Couillard, President & CEO, Crypto4A, Canada; Panelists: Mike Brown, CTO, ISARA, Canada; Basil Hess, Chief Cryptographic Engineer, InfoSec Global, Switzerland; Michael Markowitz, Vice President, Information Security Corporation, United States; David Ott, Sr. Staff Researcher and Academic Research Director, VMware, United States [60 MIN]

Embedded Crypto
(Burrard)

 
13:45 IoT and the NISTIR 8200: A Step Towards Standardization (E12a) Jennifer Brady, Sr. Engineer/Project Manager, Acumen Security, United States


14:15 Panel on Life Cycle for IoT Devices—Crypto Agility and Privacy (E12b) Moderator: Loren Shade, VP Marketing, Allegro Software, United States; Panelist: Florian Caullery, DarkMatter, United Arab Emirates; Tomas Gustavsson, CTO, PrimeKey, United Kingdom; Imran Hajimusa, Global Fintech and Payments Leader, Exponent United States; Marcus Streets, Principal Security Architect, ARM, United Kingdom [60 Min]

15:15 - 15:45 Networking Break in Exhibits

Parq Grand Ballroom ABCD

15:45-17:15 Track Sessions

Certification Programs
(Parq Grand Ballroom E)

 
15:45 ACVP Update (C13a) Christopher Celi, Computer Scientist, NIST, United States


16:15 Panel Discussion: With ACVP Done What’s Next on the Road to Automating the NIST Crypto Validation Programs? (C13b) Moderator: Apostol Vassilev, Research Lead–STVM, Computer Security Division, NIST, United States; Panelists: Tim Anderson, Sr. Technical Industry Specialist, AWS Security, United States; Shawn Geddis, Security & Certifications Engineer, Apple, United States; Robert Relyea, Principal, Red Hat, United States; Dominic Rizzo, Open Secure Silicon Tech Lead, FIPS Security Key Tech Lead, Google, United States [60 MIN]

General Technology
(Parq Grand Ballroom F)

 
15:45 Certificate Maintenance: 3SUB vs 5SUB (G13a) Abdullah Abubshait, Security QA Engineer, Cygnacom, United States


16:15 A Protocol Protocol (G13b) Steve Weymann, Co-Founder, KeyPair Consulting Inc, United States


16:45 TLS v1.3 and FIPS: Can They Be Friends? (G13c) Anthony Busciglio, Co-Founder & Laboratory Director, Acumen Security, United States

Post-Quantum Crypto
(Cambie)

 
15:45 SAFEcrypto Project (Q13a) Sarah McCarthy, Research Assistant at ECIT – Institute of Electronics, Communications & Information Technology, Queen’s University Belfast, United Kingdom


16:15 Panel on Integrating Quantum Key Derivation in the Real World (Q13b) Moderator: Kelly Richdale, EVP Quantum-Safe Security, ID Quantique, Switzerland; Panelist: John Prisco, Quantum Xchange, United States; Panelists TBA [60 Min]

Embedded Crypto 
(Burrard)

 
15:45 FIPS Validation and Mission-Critical IoT Ecosystems (E13a) Loren Shade, VP Marketing, Allegro Software, United States


16:15 HSM Requirements for V2X Connected Car Communications (E13b) Jose Emilio Rico Martinez, Lab Director, Epoche & Espri (A Dekra company), Spain


16:45 Securing the Smart City: Architectural Considerations for CA and Remote Key Distribution (E13c) Adam Cason, Director of Product Marketing, Futurex, United States

17:15 - 18:45 Welcome Reception in Exhibits

Parq Grand Ballroom Pre-Function

18:45 - 21:15 Dine‑Around Vancouver

Enjoy an informal group dinner at one of Vancouver’s best restaurants with your ICMC colleagues. Select a restaurant and reserve your seat for a prix-fixe dinner at a group table. Reserve early—seating is limited. On site, you’ll meet your group Wednesday at 18:45 at the ICMC registration desk and depart from there.

Thursday 16 May

Conference Sessions

08:00 - 09:00 Coffee in the Exhibits

Parq Grand Ballroom ABCD

09:00 - 09:45 Plenary Keynote Session

 
9:00 Securing Cryptographic Modules: A Shades of Gray Story (P20a) Matthieu Rivain, COO, cryptoexperts, France
Matthieu Rivain is COO for CryptoExperts, a solution provider in the area of cryptography. He was program co-chair of CHES 2018, and co-editor-in-chief of IACR TCHES Vol. 2018. He was previously a cryptography engineer at Oberthur Technologies (now Idemia) and PhD student at University of Luxembourg (2006-2009) focusing on cryptographic implementations and side-channel attacks. More…

09:45-10:15 Networking Break in Exhibits

Parq Grand Ballroom ABCD

10:15 - 12:15 Track Sessions

Certification Programs
(Parq Grand Ballroom E)

 
10:15 Secure Components—Certification That Benefits Edge, Fog, and Cloud (C21a) Olivier Van Nieuwenhuyze, Board Member and Security Task Force Chair, GlobalPlatform, United Kingdom


10:45 PSA Certification Programme (C21b) Rob Coombs, Security Director, Arm, United Kingdom; Marcus Streets, Principal Security Architect, Arm, United Kingdom


11:15 FIDO Authenticator Certification—FIPS 140-2 Companion Program (C21c) Roland Atoui, Security Certifications Advisor, Certification Secretariat, FIDO Alliance/Red Alert Labs, France, 


11:45 Eurosmart IOT Device Certification Scheme (C21d) Martin Schaffer, Boardmember, Eurosmart, Austria

General Technology
(Parq Grand Ballroom F)

 
10:15 FedRAMP Introduction (G21a) Ravi Jagannathan, Security Architect Vsphere./ESXi, VMware, United States


14:00 On Password Hashing and Password Hardening Schemes (G21b) Sweta Mishra, Researcher, NIST, United States; Meltem Sonmez Turan, Guest Researcher, NIST, United States


11:15 Shifting POSTs Into High Gear (G21c) Swapneela Unkule, atsec, United States


11:45 KMIP vs PKCS#11—There Is No Contest! (G21d) Tony Cox, VP Partners, Alliances and Standards, OASIS, Australia

Open Source Crypto 
(Cambie)

 
10:15 Title TBA (S21a) Daniel J. Bernstein, Research Professor, University of Illinois at Chicago, United States


10:45 IoT TLS: Why It Is Hard (S21b) David Brown, Senior SW Engineer, Linaro, United States


11:15 Intel® SGX’s Open Source Approach to 3rd Party Attestation (S21c) Dan Zimmerman, Security Technologist, Intel, United States


11:45 TBA

End User Experience 
(Burrard)

 
10:15 Building Security In: Observations From the Front Lines (U21a) Manish Gaur, Director of Security, Trust and Assurance, VMware, United States


10:45 Transition to ACVP: Challenges for CAVS Users (U21b) Stephan Mueller, Principal Consultant and Evaluator, atsec, United States


11:15 Update from the Security Policy Working Group (U21c) Mark Hanson, Program Manager, McAfee LLC, United States; Ryan Thomas, Laboratory Manager, Acumen Security, United States


11:45 Squaring the Circle (U21d) Oreste Panaia, Senior Software Engineer/Architect, PrimeKey, Germany

12:15 - 13:30 Lunch in Exhibit Area

Parq Grand Ballroom ABCD

13:30 - 15:00 Track Sessions

Certification Programs
(Parq Grand Ballroom E)

 
13:30 Securing a Connected World—How to Create a Certification Landscape (C22a) John Boggie, Director, Head of Security Maturity and Certification, NXP Semiconductors, United Kingdom


14:00 Smart CC and CC-like Private Schemes (C22b) Wouter Slegers, CEO, TrustCB, Netherlands


14:30 Composite Evaluation Approach Derived from Decades of Experience in Smartcard Evaluations for HSM and SAM (C22c) Maria Fravventura, Group Manager and Senior Security Evaluator, Brightsight, Netherlands

General Technology
(Parq Grand Ballroom F)
 

 
13:30 Encryption Key Management—Understanding and Mitigating Your Risks (G22a) Bruce Rich, Cryptsoft Fellow and Principal Engineer, Cryptsoft, Australia


14:00 Source Code Reviews: The Good, the Bad, and the Ugly (G22b) Kelvin Desplanque, Security Certification Engineer, Cisco Systems Canada, Canada


14:30 Validating the Implementations of the “New” and “Old” Key Establishment Standards (G22c) Allen Roginsky, Mathematician, NIST, United States

Open Source Crypto
(Cambie)

 
13:30 Update on the New OpenSSL FIPS Module Development Project (S22a) Chris Brych, Senior Principal Security Analyst—Global Product Security, Oracle, Canada


14:00 Panel on OpenSSL Project and the Joy of FIPs 140-2 (S22b) Panelists TBA [60 Min]

End User Experience
(Burrard)

 
13:30 Crypto Done Right, One Year In. Lessons Learned and Next Steps (U22a) Seth Nielson, Director of Advanced Research Projects, Johns Hopkins University, United States


14:00 Can The Complete Application Stack Be Agile and Remain Compliant? (U22b) Tomas Gustavsson, CTO, PrimeKey, Sweden


14:30 Oh Crap, Another Vulnerability Report! Now What? (U22c) Smita Mahapatra, Project Manager, Gemalto, Canada; Shawn Pinet, Senior Security & Certification Analyst, Gemalto, Canada

15:00-15:30 Networking Break in Exhibits

Parq Grand Ballroom ABCD

15:30 - 17:00 Track Sessions

Certification Programs
(Parq Grand Ballroom E)

 
15:30 A New European Regulation Landscape for Secure Signature Devices (C23a) Gonzalo Porlan, Common criteria technical manager, Applus+, Spain


16:00 eIDAS: Will Common Criteria Replace FIPS 140-2? (C23b) Moderator: Maria Fravventura, Group Manager and Senior Security Evaluator, Brightsight, Italy; Panelists: Arnold Abromeit, Senior Security Consultant/Evaluator, TÜV Informationstechnik, Germany; Jonathan Allin, Product Manager, nCipher Security, United Kingdom; Dieter Bong, Product Manager, Utimaco, Germany; Graham Costa, Security and Certification Manager, Gemalto, United Kingdom;  [60 MIN]

General Technology
(Parq Grand Ballroom F)

 
15:30 Encryption Key Management vs Key Vaulting (G23a) Steve Pate, Principal Product Architect, Thales eSecurity, United States


16:00 Equivalency Working Group Report (G23b) Carolyn French, Manager Cryptographic Module Validation Program, Canadian Centre for Cyber Security, Canada; Rumman Mahmud, Technical Marketing Engineer, Cisco Systems, Inc, United States; Steve Weingart, Manager of Public Sector Certifications, Retired, United States


16:30 Towards Standardization of Threshold Cryptography at NIST (G23c) Luis T.A.N. Brandao, NIST, United States; Nicky Mouha, Researcher, NIST, United States; Apostol Vassilev, Research Lead–STVM, Computer Security Division, NIST, United States

Open-Source Crypto 
(Cambie)

 
15:30 A Reflection: Compliance, Security, and the New World of Multi-Release Jars with Bouncy Castle (S23a) David Hook, Director/Consultant, Crypto Workshop, Australia


16:00 Open Source Chinese Blockchain and Services (S23b) Paul Yang, Architect, BaishanCloud, China; Zhenlong Zhao, CTO, Beijing TrustChain Technology Co, China


16:30 System-Wide Cryptographic Policies and FIPS (S23c) Tomas Mraz, Principal SW Engineer, Red Hat, Czechia

Crypto Enterprise Showcase
(Burrard)

 
Note: This track features organization that leverage encryption technologies in new and innovative ways. As such, speakers may focus on proprietary technologies—usually not permitted at ICMC.
15:30 Secure Multiparty Computation Applications for Key Protection and Key Management (T23a) Oz Mishli, VP of Products, Unbound Tech, Israel


16:00 Operating on Encrypted Data Without Compromising Confidentiality (T23b) Priyadarshan Kolte, Co-Founder & CTO, Baffle, United States


16:30 Going Viral: Four Principles of Usable Encryption (T23c) Will Ackerly, Founder, Virtru, United States

17:00 - 18:00 Crypto Jeopardy Game Show

Parq Grand Ballroom ABCD

Your Host: Clint Winebrenner, Technical Lead, Cisco Systems, United States. Answers must be in the form of a question! Come watch last year’s champion versus three new experienced contestants test their FIPS knowledge in a game of trivia related to algorithms, derived testing requirements, entropy, implementation guidance and more. A few members from the audience will be selected to assist the contestants on specific questions and be eligible to win prizes. Drinks and snacks will be served.

Friday 17 May

Conference Sessions

08:00 - 09:00 Coffee

Parq Grand Ballroom Pre-Function

09:00 - 09:45 Plenary Keynote Session

09:45 - 10:00 Networking Break

Parq Grand Ballroom Pre-Function

10:00 - 11:30 Track Sessions

Certification Programs
(Parq Grand Ballroom E)

 
10:00 Dealing with Overlapping Certification Requirements and Maximizing Your FIPS Investment (C31a) Smita Mahapatra, Security and Certifications Analyst, Gemalto, Canada; Shawn Pinet, Senior Security & Certification Analyst, Gemalto, Canada
10:30 ISO/IEC 19790 Updates (C31b) Michael Cooper, IT Specialist, NIST, United States; Fiona Pattinson, Vice President, atsec, United States
11:00 FIPS 140-3 Update (C31c) Matthew Scholl, NIST, United States

Advanced Technology
(Parq Grand Ballroom F)

 
10:00 TBA


10:30 An Architectural Framework for Virtual Trustworthy Systems (A31b) Jeff Hewett, Cisco, United States


11:00 Privacy-Preserving Planning and Coordination Among Autonomous Systems Equipped with Resource-Constrained Devices (A31c) Mehrdad Nojoumian, Assistant Professor, Florida Atlantic University, United States

Open Source Crypto
(Cambie)

 
10:00 PKCS #11 Interface for HKDF to Support TLS 1.3 (S31a) Robert Relyea, Principal, Red Hat, United States


10:30 Panel on TLS: The Problems in Moving to 1.3 (S31b) Moderator: Tim Hudson, CTO and Technical Director, OPENSSL/Cryptsoft, Australia; Panelists:  Matt Caswell, Developer, OPENSSL, United Kingdom; Brent Cook, Engineering Manager, LibreSSL, United States; David Hook, Director/Consultant, Crypto Workshop, Australia; Todd Ouska Founder and CTO, WolfSSL, United States [60 Min]

Random Bit Generators
(Burrard)

10:00 The IID Assumption and You! (N31a) Joshua Hill, Information Security Scientist, UL VS, Inc., United States


10:30 On the Next Revision of SP 800-90B (N31b) Meltem Sonmez Turan, Guest Researcher, NIST, United States


11:00 A Framework for Side-Channel Resistant Hardware/Software Codesign Using Quantum Crypto-Module (QCM) Supported by Quantum Entropy Chip (QEC) (N31c) Jongwon “JP” Park, Chief Strategy Officer, EYL Inc., United States

11:30 - 11:45 Networking Break

Parq Grand Ballroom Pre-Function

11:45 - 12:15 CMUF Monthly Meeting—May

Parq Grand Ballroom E

12:15 - 13:00 Lunch

Parq Grand Ballroom Pre-function

13:00 - 14:30 Track Sessions

Certification Programs
(Parq Grand Ballroom E)

 
13:00 NIST and NIAP Working Together (C32a) Mary Baish, Director, NIAP, United States; Michael Cooper, IT Specialist, NIST, United States


13:30 Panel Discussion on FIPS and CC: Symbiotic Certifications (C32b) Moderator: Nithya Rachamadugu, Senior Director, Cygnacom Solutions, United States; Panelists: Erin Connor, Director, EWA Canada, Canada; Panelists TBA [60 MIN]

Advanced Technology
(Parq Grand Ballroom F)

 
13:00 Kernel FIPS Software Integrity Test and KASLR (A32a) Heorhii Levchenko, Senior Engineer, Samsung Electronics Ukraine Company, LLC, Ukraine


13:30 Adversarial Perspectives on Cryptography (A32b) Brent Cook, Senior Engineering Manager, Rapid7, United States


14:00 The New NIST Reference for Randomness Beacons (A32c) Luis T. A. N. Brandao, NIST, United States; John Kelsey, Computer Scientist, NIST, United States; Rene Peralta, Computer Scientist, NIST, United States

Attacks to Crypto Modules
(Cambie)

 
13:00 Evaluating Cryptography in a Common Criteria Context (K32a) Maria Christofi, Technical Manager of the Cryptography Lab, Oppida, France


13:30 Study Side-Channel Analysis for Hardware Based on Probabilistic Programs (K32b) Mehri Yahyaei, Direct Manager of IT Laboratories, Research Center of Informatics Industries (RCII. Co), Iran


14:00 Back to the Future—A Look into ISO/IEC 19790 Physical Security Requirements (K32c) Renaudt Nunez, IT Security Consultant, atsec, United States

General Technology
(Burrard)

13:00 Arm Platform Security Architecture: An Introduction (G32a) Rob Coombs, Security Director, Arm, United Kingdom; Marcus Streets, Principal Security Architect, Arm, United Kingdom


13:30 CPU Equivalency Working Group Panel Report and Discussion (G32b) Carolyn French, Manager Cryptographic Module Validation Program, Canadian Centre for Cyber Security, Canada; Renaudt Nunez, IT Security Consultant, atsec, United States [60 MIN]

14:30 - 15:00 Networking Break

Parq Grand Ballroom Pre-Function

15:00 - 16:00 Closing Remarks, Summary Panel Discussion

Parq Grand Ballroom E

Closing Remarks: Nithya Rachamadugu, Senior Director, Cygnacom Solutions, United States

ICMC will end with a summary panel discussion by industry experts on a topic chosen by conference participants. What is the issue that is of utmost importance to our industry? Suggest a topic.