September 1-3, 2021 | Hybrid Event | Hyatt Regency Bethesda, MD, USA

Conference Agenda 2021

Wednesday September 1

Conference Day 1

08:00 - 09:00 Registration

09:00 - 10:35 Plenary Keynote Session

Regency Ballroom III, IV
9:00 Conference Welcome (P10a) Yi Mao, atsec, United States


9:10 Plenary Keynote: Cryptography in Critical Infrastructures (P10b) Annabelle Lee, Chief Cyber Security Specialist, Nevermore Security, United States

9:50-10:40 Networking Break in Exhibits

Regency Ballroom I, II

10:40-12:10 Track Sessions

Certification Track

10:40 ISO 19790 Update (C11a) Miguel Banon, Independent Consultant, Spain

11:10 FIPS 140 & the DoDIN APL: Recent Changes and Impacts (C11b) Kathleen Moyer, Senior Program Manager, APL Corsec Security, Inc., United States

11:40 NIST and NIAP Working Together (C11c)  Matthew Downey, Project Director ,NIAP, United States and Michael Cooper, NIST, United States

PCI Track

10:40 Cloud HSMs – The Risks and Opportunities (I11a) Andrew Jamieson, Director, Security and Technology Underwriters Laboratories, Australia

11:10 PIN Management Security (I11b) Ralph Poore, Director, Emerging Standards PCI Security Standards Council, United States and Jeff Stapleton, Director, Emerging Standards ASC X9 Financial Services, United States (60 Min)

Crypto Technology Track

10:40 How Cryptographic Proof of ID will Enable the Future of Identity Transactions (G11a) David Kelts, Director of Mobile ID Product Development, GET Group North America, United States

11:10 Supporting Privacy-Enhancing Cryptography with Cryptographic Modules (G11b) Luís Brandão, Researcher NIST/Strativia, United States

11:40 Integrating Identity Quality Metrics with OCSP Responses (G11c) Wes Kussmaul, President, The Authenticity Institute, United States

12:10-13:30 Lunch in Exhibit Area

13:30-15:00 Track Sessions

Certification Track

13:30 CAVP Programmatic Update (C12a) Chris Celi, CAVP Program Manager, NIST, United States

14:00 CMVP Programmatic Update (C12b) Carolyn French, CCCS & NIST CMVP Program Managers, Canadian Centre for Cyber Security (CCCS), Canada and Beverly Trapnell, CCCS & NIST CMVP Program Managers, NIST, United States

14:30 CMVP Implementation Guidance (IG) Updates (C12c) Alex Calis, Computer Scientist, NIST, and Allen Roginsky,  Computer Scientist, NIST, United States

PCI Track

13:30 State of Payment Card Security Standards (I12a) Troy Leach, SVP, Engagement Officer — Market Intelligence & Engagement, PCI Security Standards Council, United States

14:00 PANEL: Status of Cryptographic Standards (I12b) Ralph Poore (Moderator) Director, Emerging Standards, PCI Security Standards Council, United States , Lily Chen, Manager, Emerging Cryptographic Technology Group, NIST, United States, Tony Seymour, Director, Emerging Standards ISO TC69 SC2 WG8, United Kingdom, and Jeff Stapleton, Director, Emerging Standards ASC X9 Financial Services, United States and (60 Min)

Crypto Technology Track

13:30 FIPS 140-3: Non-invasive Attacks – When Dora finds Waldo (G12a) Iain Holness, Documentation Manager, EWA-Canada, Intertek EWA, Canada and Dawn Adams, Documentation Manager, EWA-Canada, Intertek EWA-Canada

14:00 Improved Side-Channel Leakage Detection and its Suitability with ISO/IEC 17825 Methodology (G12b) Sylvain Guilley, CTO Secure-IC S.A.S., France and Randy Easter, NIST, United States

14:30 MACsec Testing: Lessons Learnt (G12c) Long Ngo, Senior Security Engineer, Teron Labs, Australia

15:00-15:30 Networking Break in Exhibits

Regency Ballroom I, II

15:30-17:00 Track Sessions

Certification Track

15:30 A Journey Towards Side-Channel Attack Resistances (C13a) Fabien Deboyser, Security Certification Expert, NXP, France and Markus Hinkelmann, Security Certification Expert, NXP, Germany

16:00 ACVT – The atsec Experiment (C13b) Quentin Gouchet, Security Consultant, atsec information security corporation, United States

16:30 Single-Chip and Bound/Embedded Working Group Updates (C13c) Marc Ireland, Federal Certifications Expert NXP Semiconductors, United States

PCI Track

15:30 PCI-PTS Evaluation Challenges (I13a) Steve Jia, Director EWA-Canada, Canada and Smita Mahapatra, Security and Certifications Analyst, Thales, Canada

16:00 Path to PCI HSM: IBM (I13b) Richard Kisley, Firmware & Security Architect, IBM Senior Technical Staff Member IBM, United States

16:30 Presentation TBA (I13c) Speaker TBA

Crypto Technology Track

15:30 NIST’s Crypto Publications Review: Lessons Learned from Reviewing AES and the NIST-Recommended Modes of Operation (G13a) Nicky Mouha, Researcher, NIST, United States

16:00 Encryption Is Easy, Key Management Is… Also Easy? (G13b) Adam Cason, VP, Global and Strategic Alliances Futurex, United States

16:30 Cryptographic Module Functionalities for Randomness Beacons (G13c) Rene Peralta, Researcher, NIST, United States

17:00 - 19:00 Welcome Reception in Exhibits

Regency Ballroom I, II

Thursday September 2

Conference Day 2

08:00 - 09:00 Coffee in the Exhibits

Regency Ballroom I, II

9:00 - 9:50 Plenary Keynote


9:00 Plenary Keynote (P20a) Margaret Salter, Director AWS Applied Crypto,  Amazon, United States


9:50-10:40 Networking Break in Exhibits

Regency Ballroom I, II

10:40-12:10 Track Sessions

Certification Track

10:40 Valuable Certifications (C21a) Wouter Slegers, CEO TrustCB, Netherland

11:10 PANEL: Cryptography and HSMs in the Cloud (C21c) Paul Hampton, Senior Product Manager, Thales Cloud Protection & Licensing (CPL), United Kingdom (60 Min)

Embedded/IoT Track

10:40 The IoT Cybersecurity Improvement Act (E21a) Speaker TBA

11:10 PANEL: Global Evolution of IoT Schemes, Standards and Testing (E21b) John Boggie Director, Head of Cybersecurity Certification, NXP Semiconductors, United Kingdom; Brad Ree CTO ioXt, United States; Martin Schaffer Global Head of Cybersecurity Services SGS Group, Switzerland; Wayne Stewart, Vice President, Cyber Security, Canada Intertek, Canada; Olivier Van Nieuwenhuyze, Secretary/Treasurer GlobalPlatform, United Kingdom

Post Quantum Track

10:40 Post Quantum Cryptography and National Security Systems (Q21a) William Layton, NSA Cybersecurity, United States

11:10 Quantum Threat (Q21b) Michele Mosca, Co-Founder, President and CEO evolutionQ Inc., United States

11:40 Session Title TBA (Q21c) Brian LaMacchia, Distinguished Engineer Microsoft, United States

12:10 - 13:30 Lunch in Exhibit Area

Regency Ballroom I, II; Regency Foyer; Cabinet/Judiciary/Congressional/Foyer; Terrace

13:30 - 15:00 Track Sessions

Certification Track

13:30 FIPS 140-3 Requirements Overview (C22a) Kim Schaffer, National Institute of Standards and Technology (NIST), United States

14:00 CMVP Automation (C22b) Gavin O’Brien, Computer Scientist National Institute of Standards and Technology (NIST), United States

14:30 HB 150-17 Updates (C22c) Roy Crombie, IT Security Analyst CMVP, Canadian Centre for Cyber Security, Canada; Jim Fox, Computer Scientist, National Institute of Standards and Technology (NIST), United States

Embedded/IoT Track

13:30 The IoT Cybersecurity Improvement Act and FIPS Validation (E22a) Loren Shade, Vice President of Marketing, Allegro Software, United States

14:00 Update on the NIST Lightweight Cryptography Standardization Process (E22b) Kerry McKay, NIST, United States & Meltem Sonmez Turan, NIST, United States

14:30 How to Certify a DICE Implementation under FIPS 140-3? (E22c) Matthew Pirretti, Firmware Engineer, Intel, United States

Post-Quantum Track

13:30 Cryptographic Agility: Did we say enabling PQC would be easy? (Q22a) David Ott, Sr. Staff Researcher and Academic Program Director, VMware, United States

14:00 Transitioning to Post-Quantum: How PQC affects Protocols and What we Can do Today (Q22b) Tanja Lange, Prof. Dr. Eindhoven University of Technology, Netherlands

14:30 Post-Quantum LMS and SPHINCS+ Hash-Based Signatures for UEFI Secure Boot (Q22c) Michael Curcio, Product Manager, Cisco Systems, United States

15:00-15:30 Networking Break in Exhibits

Regency Ballroom I, II (Exhibits Close at 15:30)

15:30 - 17:00 Track Sessions

Certification Track

15:30 NIAP Update: Crypto Policy Insight (C23a) LaChiah Fugh, NIAP, United States

16:00 Multi-Party Threshold Schemes with Cryptographic Modules (C23b) Luís Brandão, Researcher, NIST/Strativia, United States

16:30 Transitioning to SP800-56A Rev3 (C23c) Swapneela Unkule, atsec information security corp, United States

Embedded/IoT Track

15:30 Cloud HSM Cryptography and Key Management (E23a) Jeff Stapleton, Chair of the X9F4 Cybersecurity and Cryptographic Solutions Workgroup, United 

16:00 FIPS140-3 L4 Multi-Factor Authentication (E23b) William Santiago, Silvio Dragone – Crypto Hardware Specialist, IBM Research IBM, United States

16:30 How to Develop a Certified Cloud Service (E23c) Andreas Philipp, Business Development Manager PrimeKey, Germany; and Kim Nguyen, Business Development Manager, D-Trust GmbH, Germany

Post Quantum Track

15:30 The Beginning of the End? An Update on the NIST PQC “”Competition (Q23a) Dustin Moody, Mathematician NIST, United States

16:00 PQC Modules: Requirement Specifications, Integration, and Testing (Q23b) Markku-Juhani Saarinen, PQShield, United Kinngdom

16:30 Session TBA (Q23c) Speaker TBA

Friday September 3

Conference Day 3

08:00 - 09:00 Coffee

Regency Foyer

09:00 - 10:30 Track Sessions

RBG Track

9:00 Update on NIST SP 800-90C (N30a) Meltem Sonmez Turan, National Institute of Standards and Technology, United States

9:30 PANEL: SP 800-90 (N30b) Steve Weingart (Moderator), Highland Tech, United States; Tim Hall Director NIST CMVP, United States; Stuart Kincaid, Rambus, United Kingdom; Ed Morris, Gossamer Security Solutions, United States; Stephan Mueller, Consultant atsec information security corp, Germany (60 Min)

Open Source Crypto Track

9:00 Open Source and Certifications (S30a) Simo Sorce, Senior Principal Software Engineer, Red Hat Inc., United States

9:30 PKCS #11 and FIPS 140-3 (S30b) Robert Relyea, Principle Programmer, Red Hat, United States

10:00 KMIP vs PKCS#11 Revisited – A Winning Combination (S30c) Tony Cox, VP Partners Alliances & Standards, OASIS, Australia

Post Quantum Track

9:00 Quantum Internet (Q30a) Qiang Zhang, Professor University of Science and Technology of China, China

9:30 Towards Secure QKD (Q30b) Manfred Lochter, Senior Expert BSI, Germany

10:00 Integration Challenges of Quantum-Safe Cryptography into Hyper-Scale Hyper-Connected IoT Devices (Q30c) Reza Azarderakhsh, CEO and Associate Professor Florida Atlantic University and PQSecure Technologies, United States

10:30 - 11:00 Networking Break

Regency Foyer

11:00-12:30 Track Sessions

RBG Track

11:00 An Update on AIS 20/31 (N31a) Werner Schindler, BSI, Germany

11:30 RNG Terminology Guide: Comparing AIS 20/31 and NIST SP 800 90 (N31b) Kerry McKay, NIST, United States; Werner Schindler, BSI, Germany

12:00 Common Operating Systems and SP 800-90C Compliance (N31c) Stephan Mueller, Consultant, atsec information security corp., Germany

Open Source Crypto Track

11:00 Overview of Open-Source Cryptography Vulnerabilities (S31a) Javed Samuel, NCC Group Cryptography Services, United States

11:30 TLS Standards (S31b) Tim Dierks, Director of Engineering, Google, United States

12:00 OpenSSL Update (S31c) Rich Salz, Principal Architect, Akamai Technologies, United States

Post Quantum Track

11:00 Fast Verified Post-Quantum Software (Q31a) Daniel J. Bernstein, Professor ,University of Illinois at Chicago, United States

11:30 Speeding Up Post-Quantum TLS Handshakes by Suppressing Intermediate CA Certificates (Q31b) Panos Kampanakis, Senior Technical Program Manager, Amazon Web Services, United States

12:00 Suitability of NIST Post-Quantum Signature Candidates for Vehicle-to-Vehicle Communication (Q31c) Sarah McCarthy, Postdoctoral Fellow, Institute for Quantum Computing, University of Waterloo, Canada

12:30 - 13:00 CMUF Monthly Meeting

12:30 - 13:45 Lunch

13:45 - 15:15 Track Sessions

RBG Track

13:45 Entropy Source Validation (ESV) with Demonstration (N32a) Chris Celi, CAVP Program Manager, National Institute of Standards and Technology (NIST), United States

14:15 Building and Testing a Modern TRNG/RBG: The RISC-V Entropy Source Interface
(N32b) Markku-Juhani Saarinen, Senior Cryptography Engineer, PQShield, United Kingdom

14:45 Some Approaches to Generate H_submitter for Periodically Sampled Ring Oscillators
(N32c) Joshua Hill, Information Security Scientist, KeyPair Consulting, United States

Open Source Crypto Track

13:45 Python Crypto Libraries (S32a) Alex Gaynor, Resilience Engineer, United States Digital Service, United States

14:15 Open Cryptographic Instruction Set Design: The RISC-V Scalar Cryptography ISE
(S32b) Ben Marshall, Cryptography Engineer, PQShield, United States

14:45 Session TBA (S32c) Speaker TBA

Post Quantum Track

13:45 Updates from the Open Quantum Safe Project (Q32a) Christian Paquin, Principal Program Manager, Microsoft Research, United States

14:15 ETSI Quantum-Safe Cryptography Technical Committee (Q32b) Matthew Campagna, Sr Principal Engineer, Amazon Web Services, and Chairman of ETSI Quantum-safe Cryptography Technical Committee, United States

14:45 Fast Quantum-Safe Cryptography on IBM Z (Q32b) Basil Hess, Research Engineer, IBM Research Europe, Switzerland

15:15-15:45 Networking Break

Regency Foyer

15:45 - 17:15 Closing Remarks, Summary Panel Discussion

Regency Ballroom I

15:45 Summary Panel Discussion (P33a) An expert panel discussion on a topic of great importance to industry as selected by participants. Moderator:Mark Minnoch, Founder, KeyPair Consulting, United States. Panelists: Chris Brych, Senior Principal Security Analyst, Oracle, Canada; Shawn Geddis, Security Consulting Engineer, Apple, United States; Yi Mao, Vice President and Lab Director, atsec, United States; Ashit Vora, Vice President, Acumen Security, United States

16:45 Closing Remarks (P33b), Nithya Rachamadugu, Consultant, VAAN Consultants, LLC, United States