May 11-13, 2022 | Washington, DC

Conference Agenda 2021

Wednesday September 1

Conference Day 1

08:00 - 09:00 Registration

09:00 - 09:50 Plenary Keynote Session

Regency Ballroom III, IV
9:00 Conference Welcome (P10a) Yi Mao, Vice President and Lab Director, atsec information security corporation, United States; Moderator: Erin Connor, Consultant, Program Director, ICMC, Canada

PLENARY KEYNOTE

9:10 Plenary Keynote: Cryptography in Critical Infrastructures (P10b) Annabelle Lee, Chief Cyber Security Specialist, Nevermore Security, United States

9:50-10:40 Networking Break in Exhibits

Regency Ballroom I, II

10:40-12:10 Track Sessions

Certification Track
Moderator: Nithya Rachamadugu, Consultant, VAAN Consultants, United States

10:40 ISO 19790 Update (C11a) Miguel Banon, Independent Consultant, Spain


11:10 FIPS 140 & the DoDIN APL: Recent Changes and Impacts (C11b) Kathleen Moyer, Senior Program Manager APL, Corsec Security, United States


11:40 NIST and NIAP Working Together (C11c) Matthew Downey, Project Director NIAP, United States; Michael Cooper, NIST, United States

PCI Track
Moderator: Ralph Poore, Director, PCI Security Standards Council, United States

10:40 Cloud HSMs – The Risks and Opportunities (I11a) Andrew Jamieson, Vice President, Standards, PCI Security Standards Council, Australia


11:10 PIN Management Security (I11b) Ralph Poore, Director, Emerging Standards PCI Security Standards Council, United States; Jeff Stapleton, Director, Emerging Standards ASC X9 Financial Services, United States [60 Min]

Crypto Technology Track
Moderator: Loren Shade, Vice President of Marketing, Allegro Software, United States

10:40 How Cryptographic Proof of ID Will Enable the Future of Identity Transactions (G11a) David Kelts, Director of Mobile ID Product Development, GET Group North America, United States


11:10 Supporting Privacy-Enhancing Cryptography with Cryptographic Modules (G11b) Luís Brandão, Researcher NIST/Strativia, United States


11:40 Integrating Identity Quality Metrics with OCSP Responses (G11c) Wes Kussmaul, President, The Authenticity Institute, United States

12:10-13:30 Lunch in Exhibit Area

13:30-15:00 Track Sessions

Certification Track
Moderator: Joshua Brickman, Senior Director, Security Evaluations, Oracle Corp., United States

13:30 CAVP Programmatic Update (C12a) Chris Celi, CAVP Program Manager, NIST, United States


14:00 CMVP Programmatic Update (C12b) Carolyn French, CCCS & NIST CMVP Program Managers, Canadian Centre for Cyber Security (CCCS), Canada and Beverly Trapnell, CCCS & NIST CMVP Program Managers, NIST, United States


14:30 CMVP Implementation Guidance (IG) Updates (C12c) Alex Calis, Computer Scientist, NIST, and Allen Roginsky,  Computer Scientist, NIST, United States

PCI Track
Moderator: Ralph Poore, Director, PCI Security Standards Council, United States

13:30 State of Payment Card Security Standards (I12a) Troy Leach, SVP, Engagement Officer — Market Intelligence & Engagement, PCI Security Standards Council, United States


14:00 PANEL: Status of Cryptographic Standards (I12b) Moderator: Ralph Poore Director, Emerging Standards, PCI Security Standards Council, United States Panelists: Lily Chen, Manager, Emerging Cryptographic Technology Group, NIST, United States; Jim Northey, Director, FIX Trading Community and Chair, ISO TC68 Financial Services; Jeff Stapleton, Director, Emerging Standards ASC X9 Financial Services, United States [60 Min]

Crypto Technology Track
Moderator: Steve Weingart, Consultant, Highland Tech LLC, United States

13:30 FIPS 140-3: Non-invasive Attacks – When Dora finds Waldo (G12a) Iain Holness, Documentation Manager, EWA-Canada, Intertek EWA, Canada


14:00 Improved Side-Channel Leakage Detection and its Suitability with ISO/IEC 17825 Methodology (G12b) Sylvain Guilley, CTO Secure-IC S.A.S., France; Randy Easter, NIST, United States


14:30 MACsec Testing: Lessons Learnt (G12c) Long Ngo, Senior Security Engineer, Teron Labs, Australia

15:00-15:30 Networking Break in Exhibits

Regency Ballroom I, II

15:30-17:00 Track Sessions

Certification Track
Moderator: Brian Wood, Device Security Certification Manager, Samsung Research America, United States

15:30 A Journey Towards Side-Channel Attack Resistances (C13a) Fabien Deboyser, Security Certification Expert, NXP, France; Markus Hinkelmann, Security Certification Expert, NXP, Germany


16:00 ACVT – The atsec Experiment (C13b) Quentin Gouchet, IT Security Consultant, atsec information security, United States; Joachim Vandersmissen, Consultant, atsec information security, United States


16:30 Single-Chip and Bound/Embedded Working Group Updates (C13c) Marc Ireland, Federal Certifications Expert, NXP Semiconductors, United States

PCI Track
Moderator: Ralph Poore, Director, PCI Security Standards Council, United States

15:30 PCI-PTS Evaluation Challenges (I13a) Steve Jia, Director EWA-Canada, Canada; Smita Mahapatra, Security and Certifications Analyst, Thales, Canada


16:00 Path to PCI HSM: IBM (I13b) Richard Kisley, Firmware & Security Architect, IBM Senior Technical Staff Member, IBM, United States


16:30 Solving Provider Challenges with P2PE v3 – an Assessor’s Perspective (I13c) Sam Pfansiel, Director, Security Consulting Services Viking Cloud, a Sysnet Company, United States

Crypto Technology Track
Moderator: Seth Nielson, Founder, Chief Scientist, Crimson Vista, United States

15:30 NIST’s Crypto Publications Review: Lessons Learned from Reviewing AES and the NIST-Recommended Modes of Operation (G13a) Nicky Mouha, Researcher, NIST, United States


16:00 Encryption Is Easy, Key Management Is… Also Easy? (G13b) Adam Cason, VP, Global and Strategic Alliances Futurex, United States


16:30 Cryptographic Module Functionalities for Randomness Beacons (G13c) Rene Peralta, Researcher, NIST, United States

17:00 - 19:00 Welcome Reception in Exhibits

Regency Ballroom I, II

Thursday September 2

Conference Day 2

08:00 - 09:00 Coffee in the Exhibits

Regency Ballroom I, II

9:00 - 9:50 Plenary Keynote

PLENARY KEYNOTE

9:00 Plenary Keynote: AWS, FIPS and PQ (P20a) Margaret Salter, Director AWS Applied Crypto, Amazon, United States

9:50-10:40 Networking Break in Exhibits

Regency Ballroom I, II

10:40-12:10 Track Sessions

Certification Track
Moderator: Joshua Brickman, Senior Director, Security Evaluations, Oracle Corp., United States

10:40 Valuable Certifications (C21a) Wouter Slegers, CEO, TrustCB, Netherlands


11:10 PANEL: Cryptography and HSMs in the Cloud (C21c) Il-Sung Lee, Senior PM Manager,  Google, United States; Paul Hampton, Senior Product Manager, Thales Cloud Protection & Licensing (CPL), United Kingdom; Pali Surdhar, Chief Security Officer, nCipher, United States [60 Min]


Embedded/IoT Track
Moderator: Loren Shade, Vice President of Marketing, Allegro Software, United States

10:40 The IoT Cybersecurity Improvement Act (E21a) Michael Fagan, Technical Lead, Cybersecurity for IoT Program NIST, United States


11:10 PANEL: Global Evolution of IoT Schemes, Standards and Testing (E21b) Moderator: John Boggie Director, Head of Cybersecurity Certification, NXP Semiconductors, United Kingdom Panelists: Brad Ree CTO, ioXt, United States; Carlos Serratos, Senior Director Strategy, Policy and Advocacy SGS Brightsight, Netherlands; Wayne Stewart, Vice President, Cyber Security, Canada Intertek, Canada; Olivier Van Nieuwenhuyze, Secretary/Treasurer, GlobalPlatform, United Kingdom [60 Min]


Post Quantum Track
Moderator: Marcus Streets, Principal Security Architect, Arm, United Kingdom

10:40 Post Quantum Cryptography and National Security Systems (Q21a) William Layton, NSA Cybersecurity, United States


11:10 Quantum Threat (Q21b) Michele Mosca, Co-Founder, President and CEO, evolutionQ Inc., Canada


11:40 Quantum Presentation (Q21c) Brian LaMacchia, Distinguished Engineer Microsoft, United States

12:10 - 13:30 Lunch in Exhibit Area

Regency Ballroom I, II; Regency Foyer; Cabinet/Judiciary/Congressional/Foyer; Terrace

13:30 - 15:00 Track Sessions

Certification Track
Moderator: Nithya Rachamadugu, Consultant, VAAN Consultants, United States

13:30 FIPS 140-3 Requirements Overview (C22a) Kim Schaffer, NIST, United States


14:00 CMVP Automation (C22b) Gavin O’Brien, NIST, United States; David Hawes, Computer Scientist, NIST, United States


14:30 HB 150-17 Updates (C22c) Roy Crombie, IT Security Analyst CMVP, Canadian Centre for Cyber Security, Canada; Jim Fox, Computer Scientist, NIST, United States

Embedded/IoT Track
Moderator: Shawn Geddis, Security & Certifications Engineer, Apple, United States

13:30 The IoT Cybersecurity Improvement Act and FIPS Validation (E22a) Loren Shade, Vice President of Marketing, Allegro Software, United States


14:00 Update on the NIST Lightweight Cryptography Standardization Process (E22b) Kerry McKay, NIST, United States; Meltem Sonmez Turan, NIST, United States


14:30 How to Certify a DICE Implementation under FIPS 140-3? (E22c) Matthew Pirretti, Firmware Engineer, Intel, United States

Post-Quantum Track
Moderator: Roberta Faux, Director of Innovation and Strategic Initiatives, Lorica Systems, United States

13:30 Cryptographic Agility: Did we say enabling PQC would be easy? (Q22a) David Ott, Sr. Staff Researcher and Academic Program Director, VMware, United States


14:00 Transitioning to Post-Quantum: How PQC affects Protocols and What we Can do Today (Q22b) Tanja Lange, Prof. Dr. Eindhoven University of Technology, Netherlands

14:30 Post-Quantum LMS and SPHINCS+ Hash-Based Signatures for UEFI Secure Boot (Q22c) Michael Curcio, HW Engineering Technical Leader, Cisco Systems, United States

15:00-15:30 Networking Break in Exhibits

Regency Ballroom I, II (Exhibits Close at 15:30)

15:30 - 17:00 Track Sessions

Certification Track
Moderator: Simo Sorce, Senior Principal Software Engineer, Red Hat Inc., United States

15:30 NIAP Update: Crypto Policy Insight (C23a) LaChiah Fugh, NIAP, United States


16:00 Multi-Party Threshold Schemes with Cryptographic Modules (C23b) Luís Brandão, Researcher, NIST/Strativia, United States


16:30 Transitioning to SP800-56A Rev3 (C23c) Swapneela Unkule, atsec information security corp, United States

User Experience Track
Moderator: Shawn Geddis, Security & Certifications Engineer, Apple, United States

15:30 How to Develop a Certified Cloud Service (U23a) Andreas Philipp, Business Development Manager, PrimeKey, Germany; Kim Nguyen, CEO, D-Trust GmbH, Germany


16:00 FIPS140-3 L4 Multi-Factor Authentication (U23b) Yi Mao, Vice President and Lab Director, atsec information security corporation, United States; William Santiago, Crypto Hardware Specialist, IBM Research IBM, United States


16:30 Cloud HSM Cryptography and Key Management (U23c) Jeff Stapleton, Chair, X9F4 Cybersecurity and Cryptographic Solutions Workgroup, United 

Post Quantum Track
Moderator: Michele Mosca, Co-Founder, President and CEO, evolutionQ Inc., Canada

15:30 The Beginning of the End? An Update on the NIST PQC “Competition” (Q23a) Dustin Moody, Mathematician, NIST, United States


16:00 PQC Modules: Requirement Specifications, Integration, and Testing (Q23b) Markku-Juhani Saarinen, PQShield, United Kinngdom


16:30 PQC Key Serialization and Identification (Q23c) Silvio Dragone, PhD, Research Staff Member—Crypto and Security Specialist, IBM Research GmbH, Switzerland

Friday September 3

Conference Day 3

08:00 - 09:00 Coffee

Regency Foyer

09:00 - 10:30 Track Sessions

RBG Track
Moderator: Steve Weingart, Consultant, Highland Tech LLC, United States

9:00 Update on NIST SP 800-90C (N30a) Meltem Sonmez Turan, National Institute of Standards and Technology, United States


9:30 PANEL: SP 800-90 (N30b) Steve Weingart (Moderator), Highland Tech, United States; Tim Hall Director NIST CMVP, United States; Stuart Kincaid, Rambus, United Kingdom; Ed Morris, Gossamer Security Solutions, United States; Stephan Mueller, Consultant atsec information security corp, Germany (60 Min)

Open Source Crypto Track
Moderator: Seth Nielson, Founder, Chief Scientist, Crimson Vista, United States

9:00 Open Source and Certifications (S30a) Simo Sorce, Senior Principal Software Engineer, Red Hat, United States


9:30 PKCS #11 and FIPS 140-3 (S30b) Robert Relyea, Principle Programmer, Red Hat, United States


10:00 KMIP vs PKCS#11 Revisited – A Winning Combination (S30c) Tony Cox, VP Partners Alliances & Standards, OASIS, Australia

Post Quantum Track
Moderator: Marcus Streets, Principal Security Architect, Arm, United Kingdom

9:00 Quantum Internet (Q30a) Qiang Zhang, Professor, University of Science and Technology of China, China


9:30 Towards Secure QKD (Q30b) Manfred Lochter, Senior Expert, BSI, Germany


10:00 Integration Challenges of Quantum-Safe Cryptography into Hyper-Scale Hyper-Connected IoT Devices (Q30c) Reza Azarderakhsh, Associate Professor, Florida Atlantic University and CEO, PQSecure Technologies, United States

10:30 - 11:00 Networking Break

Regency Foyer

11:00-12:30 Track Sessions

RBG Track
Moderator: Steve Wainwright, Director, Enterprise Sales QuintessenceLabs, United States

11:00 An Update on AIS 20/31 (N31a) Werner Schindler, BSI, Germany


11:30 RNG Terminology Guide: Comparing AIS 20/31 and NIST SP 800 90 (N31b) Kerry McKay, NIST, United States; Werner Schindler, BSI, Germany


12:00 Common Operating Systems and SP 800-90C Compliance (N31c) Stephan Mueller, Consultant, atsec information security corp., Germany

Open Source Crypto Track
Moderator: Brian Wood, Device Security Certification Manager, Samsung Research America, United States

11:00 Overview of Open-Source Cryptography Vulnerabilities (S31a) Javed Samuel, NCC Group Cryptography Services, United States


11:30 TLS Standards (S31b) Tim Dierks, Director of Engineering, Google, United States


12:00 OpenSSL Update (S31c) Rich Salz, Principal Architect, Akamai Technologies, United States

Post Quantum Track
Moderator: Roberta Faux, Director of Innovation and Strategic Initiatives, Lorica Systems, United States

11:00 Fast Verified Post-Quantum Software (Q31a) Daniel J. Bernstein, Professor, University of Illinois at Chicago, United States


11:30 Speeding Up Post-Quantum TLS Handshakes by Suppressing Intermediate CA Certificates (Q31b) Panos Kampanakis, Senior Technical Program Manager, Amazon Web Services, United States


12:00 Suitability of NIST Post-Quantum Signature Candidates for Vehicle-to-Vehicle Communication (Q31c) Sarah McCarthy, Postdoctoral Fellow, Institute for Quantum Computing, University of Waterloo, Canada

12:30 - 13:45 Lunch

Regency Foyer

12:45 - 13:30 CMUF Monthly Meeting

Regency Ballroom IV

13:45 - 15:15 Track Sessions

RBG Track
Moderator: Steve Weingart, Consultant, Highland Tech LLC, United States

13:45 Entropy Source Validation (ESV) with Demonstration (N32a) Chris Celi, CAVP Program Manager, NIST, United States


14:15 Building and Testing a Modern TRNG/RBG: The RISC-V Entropy Source Interface (N32b) Markku-Juhani Saarinen, Senior Cryptography Engineer, PQShield, United Kingdom


14:45 Some Approaches to Generate H_submitter for Periodically Sampled Ring Oscillators (N32c) Joshua Hill, Information Security Scientist, KeyPair Consulting, United States

Open Source Crypto Track
Moderator: Simo Sorce, Senior Principal Software Engineer, Red Hat Inc., United States

13:45 Python Crypto Libraries (S32a) Paul Kehrer, Developer, United States


14:15 Open Cryptographic Instruction Set Design: The RISC-V Scalar Cryptography ISE (S32b) Ben Marshall, Cryptography Engineer, PQShield, United States


14:45 Session Adjourns

Post Quantum Track
Moderator: Roberta Faux, Director of Innovation and Strategic Initiatives, Lorica Systems, United States

13:45 Updates from the Open Quantum Safe Project (Q32a) Christian Paquin, Principal Program Manager, Microsoft Research, United States


14:15 ETSI Quantum-Safe Cryptography Technical Committee (Q32b) Matthew Campagna, Sr Principal Engineer, Amazon Web Services, and Chairman, ETSI Quantum-safe Cryptography Technical Committee, United States


14:45 Fast Quantum-Safe Cryptography on IBM Z (Q32c) Basil Hess, Research Engineer, IBM Research Europe, Switzerland; Jonathan Bradbury, Senior Technical Staff Member, IBM Systems, United States

15:15-15:45 Networking Break

Regency Foyer

15:45 - 17:15 Closing Remarks, Summary Panel Discussion

Regency Ballroom I

15:45 Summary Panel Discussions: Industry Perspectives on Recent Transitions (P33a) An expert panel discussion on recent transitions affecting the industry including FIPS 140-3, 800-90B, automation of ACVP, CMVP, and ISO. Moderator: Nithya Rachamadugu, Consultant VAAN Consultants, United States. Panelists: Chris Brych, Senior Principal Security Analyst, Oracle, Canada; Shawn Geddis, Security Consulting Engineer, Apple, United States; Yi Mao, Vice President and Lab Director, atsec, United States; Ashit Vora, Vice President, Acumen Security, United States

16:45 Closing Remarks (P33b), Nithya Rachamadugu, Consultant, VAAN Consultants, LLC, United States