Conference Agenda 2021
Wednesday September 1
Conference Day 1
08:00 - 09:00 Registration
09:00 - 09:50 Plenary Keynote Session
Regency Ballroom III, IV
9:00 Conference Welcome (P10a) Yi Mao, Vice President and Lab Director, atsec information security corporation, United States; Moderator: Erin Connor, Consultant, Program Director, ICMC, Canada
PLENARY KEYNOTE
9:10 Plenary Keynote: Cryptography in Critical Infrastructures (P10b) Annabelle Lee, Chief Cyber Security Specialist, Nevermore Security, United States
9:50-10:40 Networking Break in Exhibits
Regency Ballroom I, II
10:40-12:10 Track Sessions
| Certification Track |
| Moderator: Nithya Rachamadugu, Consultant, VAAN Consultants, United States |
10:40 ISO 19790 Update (C11a) Miguel Banon, Independent Consultant, Spain
11:10 FIPS 140 & the DoDIN APL: Recent Changes and Impacts (C11b) Kathleen Moyer, Senior Program Manager APL, Corsec Security, United States
11:40 NIST and NIAP Working Together (C11c) Matthew Downey, Project Director NIAP, United States; Michael Cooper, NIST, United States
| PCI Track |
| Moderator: Ralph Poore, Director, PCI Security Standards Council, United States |
10:40 Cloud HSMs – The Risks and Opportunities (I11a) Andrew Jamieson, Vice President, Standards, PCI Security Standards Council, Australia
11:10 PIN Management Security (I11b) Ralph Poore, Director, Emerging Standards PCI Security Standards Council, United States; Jeff Stapleton, Director, Emerging Standards ASC X9 Financial Services, United States [60 Min]
| Crypto Technology Track |
| Moderator: Loren Shade, Vice President of Marketing, Allegro Software, United States |
10:40 How Cryptographic Proof of ID Will Enable the Future of Identity Transactions (G11a) David Kelts, Director of Mobile ID Product Development, GET Group North America, United States
11:10 Supporting Privacy-Enhancing Cryptography with Cryptographic Modules (G11b) Luís Brandão, Researcher NIST/Strativia, United States
11:40 Integrating Identity Quality Metrics with OCSP Responses (G11c) Wes Kussmaul, President, The Authenticity Institute, United States
12:10-13:30 Lunch in Exhibit Area
13:30-15:00 Track Sessions
| Certification Track |
| Moderator: Joshua Brickman, Senior Director, Security Evaluations, Oracle Corp., United States |
13:30 CAVP Programmatic Update (C12a) Chris Celi, CAVP Program Manager, NIST, United States
14:00 CMVP Programmatic Update (C12b) Carolyn French, CCCS & NIST CMVP Program Managers, Canadian Centre for Cyber Security (CCCS), Canada and Beverly Trapnell, CCCS & NIST CMVP Program Managers, NIST, United States
14:30 CMVP Implementation Guidance (IG) Updates (C12c) Alex Calis, Computer Scientist, NIST, and Allen Roginsky, Computer Scientist, NIST, United States
| PCI Track |
| Moderator: Ralph Poore, Director, PCI Security Standards Council, United States |
13:30 State of Payment Card Security Standards (I12a) Troy Leach, SVP, Engagement Officer — Market Intelligence & Engagement, PCI Security Standards Council, United States
14:00 PANEL: Status of Cryptographic Standards (I12b) Moderator: Ralph Poore Director, Emerging Standards, PCI Security Standards Council, United States Panelists: Lily Chen, Manager, Emerging Cryptographic Technology Group, NIST, United States; Jim Northey, Director, FIX Trading Community and Chair, ISO TC68 Financial Services; Jeff Stapleton, Director, Emerging Standards ASC X9 Financial Services, United States [60 Min]
| Crypto Technology Track |
| Moderator: Steve Weingart, Consultant, Highland Tech LLC, United States |
13:30 FIPS 140-3: Non-invasive Attacks – When Dora finds Waldo (G12a) Iain Holness, Documentation Manager, EWA-Canada, Intertek EWA, Canada
14:00 Improved Side-Channel Leakage Detection and its Suitability with ISO/IEC 17825 Methodology (G12b) Sylvain Guilley, CTO Secure-IC S.A.S., France; Randy Easter, NIST, United States
14:30 MACsec Testing: Lessons Learnt (G12c) Long Ngo, Senior Security Engineer, Teron Labs, Australia
15:00-15:30 Networking Break in Exhibits
Regency Ballroom I, II
15:30-17:00 Track Sessions
| Certification Track |
| Moderator: Brian Wood, Device Security Certification Manager, Samsung Research America, United States |
15:30 A Journey Towards Side-Channel Attack Resistances (C13a) Fabien Deboyser, Security Certification Expert, NXP, France; Markus Hinkelmann, Security Certification Expert, NXP, Germany
16:00 ACVT – The atsec Experiment (C13b) Quentin Gouchet, IT Security Consultant, atsec information security, United States; Joachim Vandersmissen, Consultant, atsec information security, United States
16:30 Single-Chip and Bound/Embedded Working Group Updates (C13c) Marc Ireland, Federal Certifications Expert, NXP Semiconductors, United States
| PCI Track |
| Moderator: Ralph Poore, Director, PCI Security Standards Council, United States |
15:30 PCI-PTS Evaluation Challenges (I13a) Steve Jia, Director EWA-Canada, Canada; Smita Mahapatra, Security and Certifications Analyst, Thales, Canada
16:00 Path to PCI HSM: IBM (I13b) Richard Kisley, Firmware & Security Architect, IBM Senior Technical Staff Member, IBM, United States
16:30 Solving Provider Challenges with P2PE v3 – an Assessor’s Perspective (I13c) Sam Pfansiel, Director, Security Consulting Services Viking Cloud, a Sysnet Company, United States
| Crypto Technology Track |
| Moderator: Seth Nielson, Founder, Chief Scientist, Crimson Vista, United States |
15:30 NIST’s Crypto Publications Review: Lessons Learned from Reviewing AES and the NIST-Recommended Modes of Operation (G13a) Nicky Mouha, Researcher, NIST, United States
16:00 Encryption Is Easy, Key Management Is… Also Easy? (G13b) Adam Cason, VP, Global and Strategic Alliances Futurex, United States
16:30 Cryptographic Module Functionalities for Randomness Beacons (G13c) Rene Peralta, Researcher, NIST, United States
17:00 - 19:00 Welcome Reception in Exhibits
Regency Ballroom I, II
Thursday September 2
Conference Day 2
08:00 - 09:00 Coffee in the Exhibits
Regency Ballroom I, II
9:00 - 9:50 Plenary Keynote
PLENARY KEYNOTE
9:00 Plenary Keynote: AWS, FIPS and PQ (P20a) Margaret Salter, Director AWS Applied Crypto, Amazon, United States
9:50-10:40 Networking Break in Exhibits
Regency Ballroom I, II
10:40-12:10 Track Sessions
| Certification Track |
| Moderator: Joshua Brickman, Senior Director, Security Evaluations, Oracle Corp., United States |
10:40 Valuable Certifications (C21a) Wouter Slegers, CEO, TrustCB, Netherlands
11:10 PANEL: Cryptography and HSMs in the Cloud (C21c) Il-Sung Lee, Senior PM Manager, Google, United States; Paul Hampton, Senior Product Manager, Thales Cloud Protection & Licensing (CPL), United Kingdom; Pali Surdhar, Chief Security Officer, nCipher, United States [60 Min]
| Embedded/IoT Track |
| Moderator: Loren Shade, Vice President of Marketing, Allegro Software, United States |
10:40 The IoT Cybersecurity Improvement Act (E21a) Michael Fagan, Technical Lead, Cybersecurity for IoT Program NIST, United States
11:10 PANEL: Global Evolution of IoT Schemes, Standards and Testing (E21b) Moderator: John Boggie Director, Head of Cybersecurity Certification, NXP Semiconductors, United Kingdom Panelists: Brad Ree CTO, ioXt, United States; Carlos Serratos, Senior Director Strategy, Policy and Advocacy SGS Brightsight, Netherlands; Wayne Stewart, Vice President, Cyber Security, Canada Intertek, Canada; Olivier Van Nieuwenhuyze, Secretary/Treasurer, GlobalPlatform, United Kingdom [60 Min]
| Post Quantum Track |
| Moderator: Marcus Streets, Principal Security Architect, Arm, United Kingdom |
10:40 Post Quantum Cryptography and National Security Systems (Q21a) William Layton, NSA Cybersecurity, United States
11:10 Quantum Threat (Q21b) Michele Mosca, Co-Founder, President and CEO, evolutionQ Inc., Canada
11:40 Quantum Presentation (Q21c) Brian LaMacchia, Distinguished Engineer Microsoft, United States
12:10 - 13:30 Lunch in Exhibit Area
Regency Ballroom I, II; Regency Foyer; Cabinet/Judiciary/Congressional/Foyer; Terrace
13:30 - 15:00 Track Sessions
| Certification Track |
| Moderator: Nithya Rachamadugu, Consultant, VAAN Consultants, United States |
13:30 FIPS 140-3 Requirements Overview (C22a) Kim Schaffer, NIST, United States
14:00 CMVP Automation (C22b) Gavin O’Brien, NIST, United States; David Hawes, Computer Scientist, NIST, United States
14:30 HB 150-17 Updates (C22c) Roy Crombie, IT Security Analyst CMVP, Canadian Centre for Cyber Security, Canada; Jim Fox, Computer Scientist, NIST, United States
| Embedded/IoT Track |
| Moderator: Shawn Geddis, Security & Certifications Engineer, United States |
13:30 The IoT Cybersecurity Improvement Act and FIPS Validation (E22a) Loren Shade, Vice President of Marketing, Allegro Software, United States
14:00 Update on the NIST Lightweight Cryptography Standardization Process (E22b) Kerry McKay, NIST, United States; Meltem Sonmez Turan, NIST, United States
14:30 How to Certify a DICE Implementation under FIPS 140-3? (E22c) Matthew Pirretti, Firmware Engineer, Intel, United States
| Post-Quantum Track |
| Moderator: Roberta Faux, Director of Innovation and Strategic Initiatives, Lorica Systems, United States |
13:30 Cryptographic Agility: Did we say enabling PQC would be easy? (Q22a) David Ott, Sr. Staff Researcher and Academic Program Director, VMware, United States
14:00 Transitioning to Post-Quantum: How PQC affects Protocols and What we Can do Today (Q22b) Tanja Lange, Prof. Dr. Eindhoven University of Technology, Netherlands
14:30 Post-Quantum LMS and SPHINCS+ Hash-Based Signatures for UEFI Secure Boot (Q22c) Michael Curcio, HW Engineering Technical Leader, Cisco Systems, United States
15:00-15:30 Networking Break in Exhibits
Regency Ballroom I, II (Exhibits Close at 15:30)
15:30 - 17:00 Track Sessions
| Certification Track |
| Moderator: Simo Sorce, Senior Principal Software Engineer, Red Hat Inc., United States |
15:30 NIAP Update: Crypto Policy Insight (C23a) LaChiah Fugh, NIAP, United States
16:00 Multi-Party Threshold Schemes with Cryptographic Modules (C23b) Luís Brandão, Researcher, NIST/Strativia, United States
16:30 Transitioning to SP800-56A Rev3 (C23c) Swapneela Unkule, atsec information security corp, United States
| User Experience Track |
| Moderator: Shawn Geddis, Security & Certifications Engineer, United States |
15:30 How to Develop a Certified Cloud Service (U23a) Andreas Philipp, Business Development Manager, PrimeKey, Germany; Kim Nguyen, CEO, D-Trust GmbH, Germany
16:00 FIPS140-3 L4 Multi-Factor Authentication (U23b) Yi Mao, Vice President and Lab Director, atsec information security corporation, United States; William Santiago, Crypto Hardware Specialist, IBM Research IBM, United States
16:30 Cloud HSM Cryptography and Key Management (U23c) Jeff Stapleton, Chair, X9F4 Cybersecurity and Cryptographic Solutions Workgroup, United
| Post Quantum Track |
| Moderator: Michele Mosca, Co-Founder, President and CEO, evolutionQ Inc., Canada |
15:30 The Beginning of the End? An Update on the NIST PQC “Competition” (Q23a) Dustin Moody, Mathematician, NIST, United States
16:00 PQC Modules: Requirement Specifications, Integration, and Testing (Q23b) Markku-Juhani Saarinen, PQShield, United Kinngdom
16:30 PQC Key Serialization and Identification (Q23c) Silvio Dragone, PhD, Research Staff Member—Crypto and Security Specialist, IBM Research GmbH, Switzerland
Friday September 3
Conference Day 3
08:00 - 09:00 Coffee
Regency Foyer
09:00 - 10:30 Track Sessions
| RBG Track |
| Moderator: Steve Weingart, Consultant, Highland Tech LLC, United States |
9:00 Update on NIST SP 800-90C (N30a) Meltem Sonmez Turan, National Institute of Standards and Technology, United States
9:30 PANEL: SP 800-90 (N30b) Steve Weingart (Moderator), Highland Tech, United States; Tim Hall Director NIST CMVP, United States; Stuart Kincaid, Rambus, United Kingdom; Ed Morris, Gossamer Security Solutions, United States; Stephan Mueller, Consultant atsec information security corp, Germany (60 Min)
| Open Source Crypto Track |
| Moderator: Seth Nielson, Founder, Chief Scientist, Crimson Vista, United States |
9:00 Open Source and Certifications (S30a) Simo Sorce, Senior Principal Software Engineer, Red Hat, United States
9:30 PKCS #11 and FIPS 140-3 (S30b) Robert Relyea, Principle Programmer, Red Hat, United States
10:00 KMIP vs PKCS#11 Revisited – A Winning Combination (S30c) Tony Cox, VP Partners Alliances & Standards, OASIS, Australia
| Post Quantum Track |
| Moderator: Marcus Streets, Principal Security Architect, Arm, United Kingdom |
9:00 Quantum Internet (Q30a) Qiang Zhang, Professor, University of Science and Technology of China, China
9:30 Towards Secure QKD (Q30b) Manfred Lochter, Senior Expert, BSI, Germany
10:00 Integration Challenges of Quantum-Safe Cryptography into Hyper-Scale Hyper-Connected IoT Devices (Q30c) Reza Azarderakhsh, Associate Professor, Florida Atlantic University and CEO, PQSecure Technologies, United States
10:30 - 11:00 Networking Break
Regency Foyer
11:00-12:30 Track Sessions
| RBG Track |
| Moderator: Steve Wainwright, Director, Enterprise Sales QuintessenceLabs, United States |
11:00 An Update on AIS 20/31 (N31a) Werner Schindler, BSI, Germany
11:30 RNG Terminology Guide: Comparing AIS 20/31 and NIST SP 800 90 (N31b) Kerry McKay, NIST, United States; Werner Schindler, BSI, Germany
12:00 Common Operating Systems and SP 800-90C Compliance (N31c) Stephan Mueller, Consultant, atsec information security corp., Germany
| Open Source Crypto Track |
| Moderator: Brian Wood, Device Security Certification Manager, Samsung Research America, United States |
11:00 Overview of Open-Source Cryptography Vulnerabilities (S31a) Javed Samuel, NCC Group Cryptography Services, United States
11:30 TLS Standards (S31b) Tim Dierks, Director of Engineering, Google, United States
12:00 OpenSSL Update (S31c) Rich Salz, Principal Architect, Akamai Technologies, United States
| Post Quantum Track |
| Moderator: Roberta Faux, Director of Innovation and Strategic Initiatives, Lorica Systems, United States |
11:00 Fast Verified Post-Quantum Software (Q31a) Daniel J. Bernstein, Professor, University of Illinois at Chicago, United States
11:30 Speeding Up Post-Quantum TLS Handshakes by Suppressing Intermediate CA Certificates (Q31b) Panos Kampanakis, Senior Technical Program Manager, Amazon Web Services, United States
12:00 Suitability of NIST Post-Quantum Signature Candidates for Vehicle-to-Vehicle Communication (Q31c) Sarah McCarthy, Postdoctoral Fellow, Institute for Quantum Computing, University of Waterloo, Canada
12:30 - 13:45 Lunch
Regency Foyer
12:45 - 13:30 CMUF Monthly Meeting
Regency Ballroom IV
13:45 - 15:15 Track Sessions
| RBG Track |
| Moderator: Steve Weingart, Consultant, Highland Tech LLC, United States |
13:45 Entropy Source Validation (ESV) with Demonstration (N32a) Chris Celi, CAVP Program Manager, NIST, United States
14:15 Building and Testing a Modern TRNG/RBG: The RISC-V Entropy Source Interface (N32b) Markku-Juhani Saarinen, Senior Cryptography Engineer, PQShield, United Kingdom
14:45 Some Approaches to Generate H_submitter for Periodically Sampled Ring Oscillators (N32c) Joshua Hill, Information Security Scientist, KeyPair Consulting, United States
| Open Source Crypto Track |
| Moderator: Simo Sorce, Senior Principal Software Engineer, Red Hat Inc., United States |
13:45 Python Crypto Libraries (S32a) Paul Kehrer, Developer, United States
14:15 Open Cryptographic Instruction Set Design: The RISC-V Scalar Cryptography ISE (S32b) Ben Marshall, Cryptography Engineer, PQShield, United States
14:45 Session Adjourns
| Post Quantum Track |
| Moderator: Roberta Faux, Director of Innovation and Strategic Initiatives, Lorica Systems, United States |
13:45 Updates from the Open Quantum Safe Project (Q32a) Christian Paquin, Principal Program Manager, Microsoft Research, United States
14:15 ETSI Quantum-Safe Cryptography Technical Committee (Q32b) Matthew Campagna, Sr Principal Engineer, Amazon Web Services, and Chairman, ETSI Quantum-safe Cryptography Technical Committee, United States
14:45 Fast Quantum-Safe Cryptography on IBM Z (Q32c) Basil Hess, Research Engineer, IBM Research Europe, Switzerland; Jonathan Bradbury, Senior Technical Staff Member, IBM Systems, United States
15:15-15:45 Networking Break
Regency Foyer
15:45 - 17:15 Closing Remarks, Summary Panel Discussion
Regency Ballroom I
15:45 Summary Panel Discussions: Industry Perspectives on Recent Transitions (P33a) An expert panel discussion on recent transitions affecting the industry including FIPS 140-3, 800-90B, automation of ACVP, CMVP, and ISO. Moderator: Nithya Rachamadugu, Consultant VAAN Consultants, United States. Panelists: Chris Brych, Senior Principal Security Analyst, Oracle, Canada; Shawn Geddis, Security Consulting Engineer, United States; Yi Mao, Vice President and Lab Director, atsec, United States; Ashit Vora, Vice President, Acumen Security, United States
16:45 Closing Remarks (P33b), Nithya Rachamadugu, Consultant, VAAN Consultants, LLC, United States