Conference Agenda 2023

Room 214

11:05 CMVP Programmatic Update (C11a) Kailai Chen, CMVP Program Manager (Canada), Canadian Centre for Cyber Security (CCCS), Canada; Alex Ca|is, CMVP Deputy Program Manager (US), National Institute of Standards and Technology, United States

11:35 CAVP Programmatic Update (C11b) Tim Hall, Security Testing, Validation, and Measurement Manager, NIST, United States

12:05 CMVP and CAVP Automation (C11c) Gavin O’Brien, Computer Scientist, National Institute of Standards and Technology (NIST), United States; David Hawes, Computer Scientist, National Institute of Standards and Technology (NIST), United States

Room 213/215

11:05 RSA Will Fall, How Do We Get Back Up? (Q11a) John Gray, Senior Principal Software Developer, Entrust, Canada

11:35 Detecting the Quantum-Vulnerable Cryptography in Your Enterprise (Q11b) David McGrew, Cisco Fellow, Cisco Systems, United States

12:05 The PQC Coalition: The Bright Present and Future of PQC Migration in the Real World (Q11c) Daniel Apon, Applied Cryptography Lead, MITRE, United States

Room 212

11:05 Multi-Certifiability of Cryptographic Modules: How to Make a TRNG Multi-Certifiable? (N11a) Ritu Ranjan Shrivastwa, Certification & Standardization Program Manager, Secure-IC, France

11:35 Assessing Random Bit Generator Quality with Granger Causality Extensions (N11b) Micah Thornton, Post-doctoral Researcher, University of Texas Southwestern Medical Center, Southern Methodist University, United States

12:05 Customer-Provided Entropy Provision for Virtual Machines in Hypervisor Environments (N11c) Rumman Mahmud, Staff 2 Security Compliance Engineer, VMware, United States

Room 214

13:35 EFP/EFT Testing at Security Level 3 and 4 and Remote Testing Advocacy (C12a) Renaudt Nunez, Senior Consultant/Deputy Lab Manager, atsec information security corporation, United States

14:05 ISO 19790:2024 and 24579:2024 – How is Progress and What Has Changed? (C12b) Graham Costa, Security Architect and Certifications Manager, Thales, United Kingdom

14:35 Adoption of the Next Version of 19790 by the CMVP (C12c) Carolyn French, Canadian Centre for Cyber Security (CCCS), Canada

Room 213/215

13:35 The First NIST PQC Standards (Q12a) Lily Chen, Mathematician and Manager, National Institute of Standards and Technology (NIST), United States; Dustin Moody, Mathematician, National Institute of Standards and Technology (NIST), United States

14:05 Migration to Post-Quantum Cryptography—Panel Presentation on NIST’s NCCoE Collaborative Efforts (Q12b) Leader: William Newhouse, Cybersecurity Engineer, National Cybersecurity Center of Excellence, National Institute of Standards and Technology (NIST), United States Panelists: David McGrew, Cisco Fellow, Cisco Systems, United States; Christian Paquin, Principal Software Engineer, Microsoft, United States; Evan Pelecky, Product Manager, Thales Trusted Cyber Technologies (TCT), United States [60MIN]

Room 212

13:35 Update on AIS 20/31 (N12a) Werner Schindler, Head of Section, Bundesamt fur Sicherheit in der Informationstechnik (BSI), Germany

14:05 Update on SP 800-90 (N12b) John Kelsey, Computer Scientist, NIST and KU Leuven, United States

14:35 Bridging the Gap Between the SP 800-90 Series and AIS 20/31 (N12c) Kerry McKay, National Institute of Standards and Technology (NIST), United States; Werner Schindler, Head of Section, Bundesamt fur Sicherheit in der Informationstechnik (BSI), Germany

Room 214

15:35 Panel: Facing the Future: The Next ISO/IEC 19790 (C13a) Leader: Yi Mao, Managing Director, atsec U.S.A., atsec information security corporation, United States Panelists: Chris Brych, Senior Principal Security Analyst, Oracle, Canada; Carolyn French, Manager Cryptographic Module Validation Program, Canadian Centre for Cyber Security, Canada; Graham Costa, Security Architect and Certifications Manager, Thales, United Kingdom; Jonathan Smith, Senior FIPS Tester, Dekra, United States [60MIN]

16:35 Staying Active (and not Historical). FIPS Programmatic Algorithm Transitions by EOY and Early 2024 (C13c) William Tung, Sr. Security Analyst, Thales, United States

Room 213/215

15:35 A Vendor’s View on PQC Challenges (Q13a) Quang Trinh, Certification Product Manager, Palo Alto Networks, United States

16:05 Simple and Effective Steps to Achieve Quantum Safety Today (Q13b) Daniel Shiu, Chief Cryptographer, Arqit Quantum, United Kingdom

16:35 Integrating Quantum and Post-Quantum into 140-3 Modules Today (Q13c) Jonathan Smith, Senior FIPS Tester, Dekra, United States

Room 212

15:35 Tailored Health Tests for Physical Entropy Sources (N13a) Johannes Mittmann, Mathematician, Bundesamt fur Sicherheit in der Informationstechnik (BSI), Germany; John Kelsey, NIST, United States

16:05 Entropy Reviewers Open Floor (N13b) Tim Hall, Security Testing, Validation, and Measurement Manager, NIST, United States

Room 214

09:00 NIAP Update (C20a) Jon Rolf, NIAP Director, NSA, United States

09:30 NIAP Entropy Analysis Report Guidance Update (C20b) Mary Baish, NSA, United States; Jon Rolf, NIAP Director, NSA, United States

10:00 NIAP CNSA 2.0 Plans (C20c) Rebecca Guthrie, NSA, Center for Cybersecurity Standards, United States; Jon Rolf, NIAP Director, NSA, United States

Room 215

09:00 PQC – First Real Life Implementations (Q20a) Volker Krummel, Chapter Lead PQC, Utimaco, Germany

09:30 Implementing a Post-Quantum End-To-End Encrypted Messaging Service (Q20b) Jaimee Brown, Senior Research Engineer, Teron Labs, Australia

10:00 Challenges of Hardware Chips Based on Post-Quantum Cryptographic and Physical Security Requirements (Q20c) Dr. Reza Azarderakhsh, Professor at FAU and CEO at PQSecure, United States

Room 212

09:00 The Legion Goes Native, Experiences and Findings in the Hardware Jungle (S20a) David Hook, VP Software Engineering, Legion of the Bouncy Castle/Keyfactor, Australia

09:30 Update on PKCS #11 3.1/3.2 (S20b) Robert Relyea, Principle Programmer, Red Hat, United States

10:00 A Practical Guide for Proactive Key Management and PQ Readiness Using KMIP (S20c) Tony Cox, Consultant, TC Logic, Australia

Room 214

11:00 NIAP Equivalency Revisited (C21a) Jade Stewart, NIAP Staff, NIAP, United States; Edward Morris, CST Lab Manager, Gossamer Security Solutions, United States

11:30 Panel Discussion: CPU Equivalency (C21b) Leader: Kevin Micciche, Senior Manager, Product Trust and Assurance, Aruba, United States Panelists: Edward Morris, CST Lab Manager, Gossamer Security Solutions, United States; Ryan Thomas, Director, Lightship Security, Canada [60MIN]

Room 215

11:00 Lattice Cryptography Exposed! (Q21a) Luis Antonio Ruiz Lopez, Cryptographer, Lorica Cybersecurity, Canada

11:30 Panel Discussion: Testing and Assessment for Quantum Safe Cryptography (Q21b) Leader: Michele Mosca, Co-founder and CEO, evolutionQ, and Co-founder, Institute for Quantum Computing, Canada; Donna Dodson, Senior Strategy Advisor, evolutionQ, United States; Werner Schindler, Head of Section, Bundesamt fur Sicherheit in der Informationstechnik (BSI), Germany; Bruno Couillard, President & CEO, Crypto4A Technologies, Inc., Canada; Marcos Portnoi, Lab Director, atsec information security, United States [60MIN]

Room 212

11:00 An Overview of Recent Vulnerabilities in OpenSSL (S21a) Dr. Seth Nielson, Founder and Chief Scientist, Crimson Vista, United States

11:30 New Initiatives in Open Source Post-Quantum Software (S21b) Douglas Stebila, Associate Professor of Cryptography, Department of Combinatorics & Optimization, University of Waterloo, Canada

12:00 Open SSL Update (S21c) Anton Arapov, Engineering Manager, OpenSSL Software Foundation, Czechia; Tomas Mraz, OpenSSL Software Foundation, Czechia

Room 214

13:30 Security: The Second Wave of Convergence (C22a) Dan O’Loughlin, Vice President, Engineering, Qualcomm Technologies Incorporated, United States

14:00 Panel Discussion: Security vs Compliance Part 2 (C22b) Leader: Joshua Brickman, Senior Director, Security Evaluations, Oracle, United States Panelists: Alicia Squires, Principal FIPS Technical Program Manager, Amazon Web Services (AWS), United States; Jon Rolf, NSA, United States; Carolyn French, Manager Cryptographic Module Validation Program, Canadian Centre for Cyber Security, Canada  [60MIN]

Room 215

13:30 Kyber and Dilithium Real Life Lessons (Q22a) Stephan Mueller, Primary Security Consultant, atsec information security corporation, United States

14:00 The State of the Art in Stateful Hash-Based Signatures (Q22b) Jim Goodman, Principal Security Architect, Crypto4A Technologies, Canada

14:30 Reimagining the State: Hash-Based Signatures in Merkle Tree Ladder Mode (Q22c) Dr. Burt Kaliski Jr., Senior Vice President and Chief Technology Officer, Verisign, United States

Room 212

13:30 CVE-2022-37454: A Buffer Overflow Vulnerability Affecting Implementations of SHA-3 (G22a) Nicky Mouha, Researcher, Strativia, United States

14:00 Equivalence Classes in AES (G22b) David Cornwell, Principal Cryptographic and Security Consultant, atsec information security corporation, United States

14:30 Filling the Gaps in FIPS Cryptography (G22c) Joachim Vandersmissen, IT Security Consultant, atsec information security corporation, United States

Room 214

15:30 Introduction of Quantum Safe Equipment Certification Program in Korea (C23a) Min Hyung Kim, Project Manage for QKD Network, SK Telecom, South Korea

16:00 Panel Discussion: Towards Certification of Quantum Technologies (C23b) Leader: Sarah McCarthy, Cryptographic Strategist, EvolutionQ, Canada Panelists: Norbert Lutkenhaus, Institute for Quantum Computing, University of Waterloo, Canada; Chris Erven, CEO, KETS Quantum Security, United Kingdom; Bruno Huttner, Director of Strategic Quantum Initiatives, ID Quantique, Switzerland; Sylvain Chenard, Networks Infrastructure Business Group, Senior Product Manager at Nokia, Canada [60MIN]

Room 215

15:30 CVE Management: When is the Right Time to Revalidate? (U23a) Jennifer Brady, Senior Principal Security Analyst, Oracle, United States

16:00 Mitigating Non-Invasive Attacks (U23b) Iain Holness, Senior Program Manager – Common Criteria, Corsec Security, United States

16:30 A Modern Approach to HSM Form Factors (U23c) John O’Connor, VP Product Management, Crypto4A Technologies, Canada

Room 212

15:30 Panel Discussion: Trends and Issues in Cloud Computing Cryptography (G23a) Leader: Ryan Thomas, Director, Lightship Security, Canada Panelists: Sam Pfanstiel, PhD, Principal Security Consultant, Coalfire, United States; Jeff Andersen, Staff Software Engineer, Google, United States; Adam Cason, Vice President of Global and Strategic Alliances, Futurex, United States; Evgeny Gervis, CEO, Safelogic, United States [60MIN]

16:30 Digital Identity Wallet and the Cloud (G23c) Fabien Deboyser, Security Certification Expert, NXP Semiconductors, France

Room 214

09:00 Satisfying Seemingly Divergent Requirements—Taking Common Criteria into Consideration When Architecting Products for FIPS 140 Certifiability, What the FIPS Certification Specialist Needs to Know (C30a) Kelvin Desplanque, Platform Architect, Intel, Canada; Alicia Squires, Principal FIPS Technical Program Manager, Amazon Web Services (AWS), United States

09:30 Panel: Bringing Crypto Compliance and Validation Testing Objectives Together for FIPS 140-3 (C30b) Leader: Apostol Vassilev, Research Supervisor, National Institute of Standards and Technology (NIST), United States Panelists: Rochelle Casey, Principal Program Manager, Amazon Web Services (AWS), United States; Barry Fussell, Principal Engineer, Cisco Systems, United States; Andrew Karcher, Software Engineer, Cisco, United States; Yi Mao, Managing Director, atsec information security, United States; Stephan Mueller, Principal Consultant, atsec information security, United States; Murugiah Souppaya, Computer Scientist, National Institute of Standards and Technology (NIST), United States [60MIN]

Room 215

09:00 Updates in PCI Security Standards Council (I30a) Tim Cormier, Director of Lab Solutions, Payment Card Industry Security Standards Council (PCI SSC), United States

09:30 Payment Cryptography and the Cloud: Industry Trends in 2023 (I30b) Adam Cason, VP, Global and Strategic Alliances, Futurex, United States

10:00 Evolution of Payment HSM Standards (I30c) Tim Winston, Principal Industry Specialist, Amazon Web Services (AWS), United States; Smita Mahapatra, Senior Industry Specialist, Amazon Web Services (AWS), United States

Room 212

09:00 NIST Call for Multi-Party Threshold Schemes: Brief Notes at ICMC 2023 (G30a) Lily Chen, Mathematician and Manager, National Institute of Standards and Technology (NIST), United States

09:30 Attestation and FIPS: Past, Present and Future (G30b) Alessandro Fazio, atsec information security corporation, Italy

10:00 Doing Key Attestation Inside a FIPS Boundary and CA/B Forum BRs (G30c) Mike Ounsworth, Software Security Architect, Entrust, Canada

Room 214

10:45 FIPS Physical Testing: A Ridiculous(ly) Informative Tutorial (C31a) Seamus Mulready, Cryptographic Security Tester (FIPS), Lightship Security, Inc., Canada

11:15 Panel: Looking beyond 1SUBs (C31b) Leader: Bishakha Banerjee, Director – VMware Trust and Assurance, VMware, United States Panelists: David Hook, VP Software Engineering, Legion of the Bouncy Castle/Keyfactor, Australia; Graham Costa, Security Architect and Certifications Manager, Thales, United Kingdom; Nithya Rachamadugu, VP Cybersecurity Certification, DEKRA, United States [60MIN]

Room 215

10:45 You Can Change the Future: Your Voice at the Foundation of Payment Security (I31a) Richard Kisley, Senior Technical Staff Member, IBM, United States

11:15 Panel: Status of Cryptographic Security Standards (I31b) Leader: Ralph Poore, Associate Director, Payment Card Industry Security Standards Council (PCI SSC), United States Panelists: Lily Chen, Mathematician and Manager, National Institute of Standards and Technology (NIST), United States; Richard Kisley, Senior Technical Staff Member, IBM, United States; Jeff Stapleton, X9F4 Working Group Chair, Accredited Standards Committee X9, United States; Emma Sutcliffe, SVP, PCI Security Standards Council, United States [60MIN]

Room 212

10:45 Physically Uncloneable Function (PUF) in CMVP Modules (G31a) Sylvain Guilley, CTO, Secure-IC, France

11:15 Extensible Key Attestation for Cryptographic Modules (G31b) Jean-Pierre Fiset, Principal System Architect, Crypto4A Technologies, Canada

11:45 Challenges in Automating Formal Methods for Cryptographic Algorithm Validation and Protocol Verification—The Use of Experimental Platform (G31c) Elzbieta Andrukiewicz, Head of Cybersecurity Department, National Institute of Telecommunications, Poland; Tomasz Brengos, Assistant Professor, Warsaw University of Technology

Room 214

13:30 Software Modules: Is it time to update tested configurations? (C32a) Kaleb Himes, Senior Software Engineer, wolfSSL, United States

14:00 Panel/Open Floor: Ideas and Issues for Speeding Up the CMVP Queue (C32b) Leader: Nithya Rachamadugu, VP Cybersecurity Certification, Dekra, United States Panelists: Jake Bajic, Director, Product Line Manager, Palo Alto Networks, United States; Carol Cantlon, Quality Manager Lightship Security, Canada, Steve Weymann, Co-Founder, KeyPair Consulting Inc., United States [60MIN]

Room 215

13:30 Ascon – The New NIST Standard for Lightweight Authenticated Encryption and Hashing (E32a) Maria Eichlseder, Assistant Professor of Cryptography, Co-designer of Ascon, Graz University of Technology, Austria 

14:00 Panel: Trends and Issues in IoT Cryptography (E32b) Leader: Loren Shade, Founder, IoT Security Forum, & VP Marketing, Allegro Software, United States Panelists: Kaleb Himes, Senior Software Engineer, wolfSSL, United States; David Hook, VP Software Engineering, Legion of the Bouncy Castle/Keyfactor, Australia [60MIN]

Room 212

13:30 Practical Open-Source Fully Homomorphic Encryption with the OpenFHE Software Library (G32a) Kurt Rohloff, Co-Founder, OpenFHE, CTO & Co-Founder, Duality Technologies, United States

14:00 Enabling Large-Scale Privacy-Preserving Recurrent Neural Networks with Fully Homomorphic Encryption (G32b) Vele Tosevski, MASc Candidate, University of Toronto, Canada

14:30 Enhancing Privacy in the Age of AI: Cryptographic Schemes for Identity (G32c) Christian Paquin, Principal Software Engineer, Microsoft, United States