Conference Agenda 2020

11:15 Revising NIST SP 800 90B (N11a) Meltem Sonmez Turan, Cryptographer, NIST, United States

11:45 NIST Recommendations on Random Number Generation (N11b) John Kelsey, Computer Scientist, NIST, United States; Meltem Sonmez Turan, Cryptographer, NIST, United States

12:15 Integration of the NIST Randomness Beacon with External Modules (N11c) Harold Booth, Computer Scientist, NIST, United States

A seven part overview of the new standard for cryptographic certification presented by NIST.

11:15 FIPS 140-3 Overview: Introduction (C11a) Kim Schaffer, NIST, United States

11:45 FIPS 140-3 Overview: SP 800-140 Overview (C11b) Kim Schaffer, NIST, United States

12:15 FIPS 140-3 Overview: FIPS 140-2 Timeline and 140-2 and 3 Transitions (C11c) Kim Schaffer, NIST, United States; Beverly Trapnell, NIST, United States

TRACK KEYNOTE
11:15 Post Quantum Cryptography (Q11a) Brian LaMacchia, Distinguished Engineer, Microsoft, United States

11:45 Towards PQC Standardization—An Update (Q11b) Lily Chen, Mathematician, Manager of Cryptographic Technology Group, NIST, United States; Dustin Moody, Mathematician, Manager of Cryptographic Technology Group, NIST, United States

12:15 Advanced Cryptography in the Quantum World (Q11c) Sarah Mccarthy, Postdoctoral Cryptographic Researcher, Queen’s University Belfast, United Kingdom

11:15 Threshold Schemes for Cryptographic Modules (G11a) Luís T.A.N. Brandão, Researcher, NIST, United States

11:45 GCM Compliance in IEEE 802.11 GCMP (G11b) Marcos Portnoi, PhD, Information Security Engineer Specialist, atsec information security, United States

TRACK KEYNOTE
12:15 Crypto Past—and Lessons for the Future (G11c) Charles Brookson, OBE CEng FIET FRSA; former Chairman OCG Security and TC Cyber, ETSI; former Security Group Chairman, GSM Association, Zeata Security, United Kingdom

TRACK KEYNOTE
14:00 BSI Approach: RNG Evaluation Methodology (N12a) Werner Schindler, BSI, Germany

14:30 Panel on Challenges of Validating of Random Bit Generators (N12b) Meltem Sonmez Turan, Cryptographer, NIST, United States [60 Min]

Continued: FIPS 140-3 Overview. Please note the unusual timing of these presentations.

14:00 FIPS 140-3 Overview: Non-Invasive (C12a) Carolyn French, Manager Cryptographic Module Validation Program, Canadian Centre for Cyber Security, Canada

14:20 FIPS 140-3 Overview: Authentication (C12b) Kim Schaffer, NIST, United States

14:40 FIPS 140-3 Overview: 90-B Validations (C12c) Christopher Celi, Computer Scientist, NIST, United States; Timothy Hall, NIST, United States

15:10 FIPS 140-3 Overview: CAVP Overview (C12d) Christopher Celi, Computer Scientist, NIST, United States; Timothy Hall, NIST, United States

14:00 Hybrid Key Agreement/KEM Construction and Integration to IPsec IKEv2 VPN (Q12a) Basil Hess, Chief Cryptographic Engineer, InfoSec Global, Switzerland

14:30 Panel Discussion on Post-Quantum Hybrid Implementations: Pros and Cons (Q12b) Moderator: Roberta Faux, Director of Advanced Cryptography, BlackHorse Solutions; Panelists: Shay Gueron, Professor, University of Haifa, Senior Principal Engineer, Cryptography, Amazon Web Services, Israel [60 Min]

14:00 A Countermeasure for Differential Power Analysis Attack (G12a) Mehri Yahyaei, Senior Manager of IT Laboratories, RCII, Iran

14:30 Switching Blindings: Higher Order Side Channel Resistant Conversion of Boolean to Arithmetic Masking and Vice-Versa (G12b) Lars Hoffmann, Technology Director Cryptanalysis, Giesecke+Devrient Mobile Security GmbH, Germany

15:00 Prime Proof Protocol and the Case for Finite Field Cryptography (G12c) Anna Johnston, Cryptographic Researcher, Juniper Networks, United States

16:00 Linux and SP800-90B Compliance (N13a) Stephan Mueller, Principal Consultant, atsec information security corp., United States

16:30 CMUF Entropy WG Report and SP800-90B Estimator Confidence Intervals and Assessment Stability (N13b) Joshua Hill, Information Security Scientist, UL VS, United States [60 Min]

16:00 Getting Ready for FIPS 140-3 (C13a) Yi Mao, VP, Lab Director, atsec information security, United States; Kim Schaffer, NIST, United States

16:30 101 on FIPS 140-3 (C13b) Nithya Rachamadugu, Senior Director, Cygnacom Solutions, United States; Kwok Wong, Senior Security Analyst, Cygnacom Solutions, United States

17:00 Invasive Species—A Guide to FIPS 140-3 Non-Invasive Testing Requirements (C13c) Renaudt Nunez, Senior Consultant, atsec information security, United States

16:00 Towards Post-Quantum TLS (Q13a) Kris Kwiatkowski, Cryptography Engineer, PQshield, United Kingdom

16:30 Experimenting with Post-Quantum Cryptography in TLS/SSH with the Open Quantum Safe Project (Q13b) Christian Paquin, Principal Program Manager, Microsoft Research, United States

17:00 A Window on the Post-Quantum World: Using Merkle-Based Signature Schemes (Q13c) David Hook, Lead Developer, Crypto Workshop/Legion of the Bouncy Castle, Australia

16:00 How Cryptographic Proof of ID will Enable the Future of Identity Transactions (G13a) David Kelts, Director of Mobile ID Product Development, GET Group North America, United States

16:30 The NIST Project on Privacy Enhancing Cryptography (G13b) Angela Robinson, Mathematician, NIST, United States

17:00 Measuring The Reliability Of An Identity Claim (G13c) Wes Kussmaul, President, The Authenticity Institute, City of Osmio, United States

9:00 Latest Developments in PKCS#11 (S20a) Robert Relyea, PKCS#11 TC Co-Chair, OASIS and Principle Software Engineer, Red Hat, United States

9:30 PKCS#11 Panel—Vendor Q&A (S20b) Tony Cox, Co-Chair KMIP TC & Co-Chair PKCS#11 TC, OASIS, and VP Partners Alliances & Standards, Cryptsoft, Australia [60 Min]

9:00 NIST and NIAP Working Together (C20a) Mary Baish, Director, NIAP, United States; Michael Cooper, NIST, United States

9:30 CMVP Programmatic Update (C20b) Carolyn French, Manager Cryptographic Module Validation Program, Canadian Centre for Cyber Security, Canada; Beverly Trapnell, NIST, United States

TRACK KEYNOTE
10:00 Transition to ISO/IEC 19790:2012 in JCMVP (C20c) Dr. Gen’Ya Sakurai, IPA, Japan

9:00 Challenges in Designing and Deploying Some Quantum Safe Key Exchange Schemes (Q20a) Shay Gueron, Professor, University of Haifa, Senior Principal Engineer, Cryptography Amazon Web Services, Israel

9:30 Panel on Post-Quantum Cryptography Migration: Get Your Organization Ready! (Q20b) Bruno Couillard, President & CEO, Crypto4A, Canada; Michael Markowitz, Vice President, Information Security Corporation, United States; David Ott, Sr. Staff Researcher and Academic Research Director, VMware, United States [60 Min]

TRACK KEYNOTE
9:00 Track Keynote: PCI (I20a) Troy Leach, SVP, Engagement Officer, PCI Security Standards Council, Untied States

9:30 PCI Standards Update (I20b) Ralph Spencer Poore, Director, Emerging Standards, PCI Security Standards Council, United States

10:00 PCI-PTS Evaluation Challenges (I20c) Steve Jia, Lab Manager, EWA, Canada; Smita Mahapatra, Security and Certifications Analyst, Thales, Canada

11:00 KMIP vs PKCS#11 Revisited—Still No Contest! (S21a) Tony Cox, Co-Chair KMIP TC & Co-Chair PKCS#11 TC, OASIS, VP Partners Alliances & Standards, Cryptsoft, Australia

TRACK KEYNOTE
11:30 The Value of Open Security (S21b) Jason Keirstead, Chief Architect—Security Threat Management, IBM, Canada

12:00 PARSEC—The Platform Abstraction for SECurity (S21c) Marcus Streets, Principal Security Architect, Arm Ltd, United Kingdom

11:00 NIAP Update—Crypto Policy Insights (C21a) Dianne Hale, Technical Leader, NIAP, United States

11:30 CMUF CPU Equivalency Working Group Panel Report and Discussion (C21b) Kelvin Desplanque, Compliance Engineer, Cisco Systems, Canada; Dianne Hale, Technical Leader, NIAP, United States; Tim Hall, NIST, United States; Kevin Micciche, Manager, Trust and Assurance, Aruba, a Hewlett Packard Enterprise company, United States; Lachlan Turner Director Consulting, Lightship Security, Canada [60 Min]

11:00 Quantum Safe Crypto for National Security Needs (Q21a) Michael Kushin, President and CEO, BlackHorse Solutions, United States

11:30 Quantum Readiness Guide (Q21b) Bob Blakley, Global Head of Information Security Innovation, Citigroup, United States

12:00 Ways to Prepare for a Possible Quantum Future (Q21c) William Layton, NSA Cybersecurity, United States

11:00 Implementing and Auditing Modern PCI Cryptosystems (I21a) Bryan Bell, Principal Consultant, Foregenix, United States

11:30 The Art of Designing Crypto Infrastructure for Payments (I21b) Adam Cason, Director of Product Marketing, Futurex, United States

12:00 Spoofing a Hardware Security Module (I21c) Jeff Stapleton, Security Architect: Cryptography, Wells Fargo, United States

13:30 A Smart Solution to Integrate the Open Source Crypto to the Next-Generation Intel Technology (S22a) Juan Martinez, Junior Cybersecurity Consultant, jtsec Beyond IT Security, Spain; Assaf Cohen, CEO, Anqlave, Singapore

14:00 Open-Source Development of Cryptography: Best Practices and Lessons Learned Through Hyperledger Ursa (S22b) Hart Montgomery, Research Scientist in Cryptography, Fujitsu, United States

14:30 Hyperledger Frameworks in the Enterprise: Open Source and Deployment (S22c) Vipin Bharathan, Digital Transformation Consultant, DLT NYC, United States

13:30 NIST and NIAP: A Tale of Two Crypto Validations (C22a) Kenneth Lasoski, Lead Security Engineer, Acumen Security, United States

14:00 From Turtle to Cheetah: Fast and Effective Common Criteria Evaluations (C22b) Maria Fravventura, Sr. Security Evaluator and System Group Director, Brightsight, Netherlands

14:30 How to Design (and Operate) Efficient Schemes (C22c) Wouter Slegers, CEO, TrustCB, Netherlands

13:30 Research Challenges in PQC Migration and Cryptographic Agility (Q22a) David Ott, Sr. Staff Researcher and Academic Program Director, VMware, United States

14:00 Mobile Energy Requirements of the Upcoming NIST Post-Quantum Cryptography Standards (Q22b) Markku-Juhani Saarinen, Senior Cryptography Engineer, PQShield, United Kingdom

14:30 Post-Quantum Cryptography in Embedded IoT Devices (Q22c) Reza Azarderakhsh, Associate Professor, President/Founder, Florida Atlantic University and PQSecure Technologies, United States

13:30 PCI HSM Standard Against CC and FIPS (I22a) Andrew Jamieson, Technology and Security Director, UL, Australia

14:00 Cryptography and Key Management in PCI PIN and P2PE Standards (I22b) Di Li, atsec, China; Yan Liu, Principal Consultant, atsec, China

14:30 E2EE vs P2PE (I22c) Jordan Wiseman, Senior Consultant, Online Business Systems, United States

15:30 FIPS Surface Reduction in Red Hat Enterprise Linux 8 (S23a) Simo Sorce, Senior Principal Software Engineer, Red Hat, Inc., United States

16:00 OpenSSL Panel Discussion (S23b) Paul Yang, Staff Engineer, Ant Financial, China [60 Min]

15:30 A Multi-Step Transition to New Algorithms: Key Establishment, Entropy and More (C23a) Allen Roginsky, Mathematician, NIST, United States

16:00 Transitioning to SP800-56A Rev3 (C23b) Swapneela Unkule, atsec information security, United States

16:30 Supporting TLSv1.3 in NDcPP (S23c) Michael Vogel, Principal Consultant, atsec information security, Germany

15:30 Post-Quantum Authentication at the Edges of Complex and Highly Dynamic IoT Systems (E23a) Christopher Autry, CEO, Iothic, United Kingdom

16:00 Securing Embedded Systems Using Hardware-based Security Features (E23b) Arlen Baker, Principal Security Architect, Wind River, United States

16:30 Key Per IO Security Subsystem Class for NVM Express Storage Devices (E23c) Sridhar Balasubramanian, Principal Product Security Architect, NetApp, United States; Frederick Knight, Principal Standards Technologist, NetApp, United States

15:30 Inside the Maze: The Challenges of Cryptography During an Assessment (I23a) Jacob Ansari, Senior Manager, Schellman, United States

16:00 Cryptographic Standards and Standards Bodies—Panel Discussion (I23b) Lily Chen, Mathematician, NIST, United States; Ralph Spencer Poore, Director, Emerging Standards, PCI Security Standards Council, United States [60 Min]

9:00 Lessons Learnt from Cryptography Audits (S30a) Javed Samuel, Practice Director, NCC Group Cryptography Services, United States

9:30 TLS 1.3 Panel Discussion (S30b) [60 Min]

9:00 Third Country Perspective to the EU CSA—What Will Be the Next Step? Confusion or Order? (C30a) Ibrahim Kirmizi, Common Criteria Scheme Manager, Turkish Standards Institution, Turkey

9:30 FedRAMP—Introduction and Update (C30b) Ravi Jagannathan, Security Architect, VMware, United States

10:00 Educating the Next Generation of FIPS 140 Certification Specialists (C30c) Kelvin Desplanque, Compliance Engineer, Cisco Systems, Canada

9:00 Mission-Critical IoT Security—a 20/20 Perspective (E30a) Loren Shade, Vice President, Allegro Software, United States

9:30 PSA Certified—Progress and Plans (E30b) Marcus Streets, Principal Security Architect, Arm Ltd, United Kingdom

10:00 Scheme Update: Using SESIP to Simplify Security Evaluation and Build Trusted IoT Products (E30c) Olivier Van Nieuwenhuyze, Security Task Force Chair and Board of Director, GlobalPlatform, United Kingdom

9:00 Secure Development Practices under Agile Methodologies (G30a) Speaker TBA

9:30 The HSM’s Evolving Role in our Future Digital World (G30b) Bruno Couillard, CTO, Crypto4A Technologies, Canada

10:00 Agility and Private Keys (G30c) Vladimir Soukharev, Chief Post-Quantum Researcher and Cryptographer, InfoSec Global, Canada

TRACK KEYNOTE
10:45 Presentation TBA (U31a)

11:15 An Overview of Recent Policy Trends in Data Protection and Regulation: The Potential Impact of State, National, and International Policy on Innovators and Users (U31b) Jennifer Huddleston, Director of Technology and Innovation Policy, American Action Forum, United States

11:45 Cybersecurity Maturity Model Certification (CMMC) Overview (U31c) Katie Arrington, Chief Information Security Officer for Assistant Secretary of Defense for Acquisition, OUSD for A&S, United States

10:45 The Basics of ACVP Communication and Interaction (C31a) Alex Thurston, Senior Software Developer, Lightship Security, Canada

11:15 Extending NIST’s CAVP Testing: Lessons Learned from CVE-2019-8741 (C31b) Nicky Mouha, Researcher, NIST, United States

11:45 FIPS 140-3 is here, great! But…what happens to my 140-2 certs? (C31c) Jonathan Smith, Senior Security Tester, CygnaCom Solutions, United States; Christopher Celi, Computer Scientist, NIST

10:45 IoT Device Security Maturity (E31a) Martin Schaffer, Global Head of Secure Products & Systems, Digital Trust Services, SGS, Austria

TRACK KEYNOTE
11:15 New Directions in Automotive Security: Attacks and Countermeasures (E31b) Jorge Guajardo, Lead Expert & Manager, Security and Privacy Group, Bosch USA, United States

11:45 Practical Product Composition Approach for an Embedded Cryptographic Component (E31c) Robert Clemons, Technical Lead, NIAP, United States; Ken Elliott, NIAP, United States

10:45 Impact of Post Quantum Cryptography on C-ITS (G31a) Maria Christofi, Crypto Lab Manager, Oppida, France

11:15 Deep Learning and Extracting Insights from Encrypted Data with Darknet: Lessons Learnt and Challenges Ahead (G31b) Nayna Jain, Software Engineer, IBM Systems, United States

11:45 Strengths and Weaknesses: A Protection Evaluation of Traditional Hardware, Software Tokens, TEEs and Multi-Party Computation (G31c) Yehuda Lindell, Professor of Computer Science, Bar Ilan University, CEO & Co-Founder, Unbound Tech, Israel