Conference Agenda 2023

Room 215

11:05 CMVP Programmatic Update (C11a) Kailai Chen, CMVP Program Manager (Canada), Canadian Centre for Cyber Security (CCCS), Canada

11:35 CAVP Programmatic Update (C11b) Chris Celi, CAVP Program Manager, National Institute of Standards and Technology (NIST), United States

12:05 CMVP and CAVP Automation (C11c) Gavin O’Brien, Computer Scientist, National Institute of Standards and Technology (NIST), United States; David Hawes, Computer Scientist, National Institute of Standards and Technology (NIST), United States

Room 213

11:05 RSA Will Fall, How Do We Get Back Up? (Q11a) John Gray, Senior Principal Software Developer, Entrust, Canada

11:35 Detecting the Quantum-Vulnerable Cryptography in Your Enterprise (Q11b) David McGrew, Cisco Fellow, Cisco Systems, United States

12:05 The PQC Coalition: The Bright Present and Future of PQC Migration in the Real World (Q11c) Daniel Apon, Applied Cryptography Lead, MITRE, United States

Room 212

11:05 Multi-Certifiability of Cryptographic Modules: How to Make a TRNG Multi-Certifiable? (N11a) Ritu Ranjan Shrivastwa, Certification & Standardization Program Manager, Secure-IC, France

11:35 Assessing Random Bit Generator Quality with Granger Causality Extensions (N11b) Micah Thornton, Post-doctoral Researcher, University of Texas Southwestern Medical Center, Southern Methodist University, United States

12:05 Customer-Provided Entropy Provision for Virtual Machines in Hypervisor Environments (N11c) Rumman Mahmud, Staff 2 Security Compliance Engineer, VMware, United States

Room 215

13:35 EFP/EFT Testing at Security Level 3 and 4 and Remote Testing Advocacy (C12a) Renaudt Nunez, Senior Consultant/Deputy Lab Manager, atsec information security corporation, United States

14:05 ISO 19790:2024 and 24579:2024 – How is Progress and What Has Changed? (C12b) Graham Costa, Thales, United Kingdom

14:35 Adoption of the Next Version of 19790 by the CMVP (C12c) Carolyn French, Canadian Centre for Cyber Security (CCCS), Canada

Room 213

13:35 The First NIST PQC Standards (Q12a) Lily Chen, Mathematician and Manager, National Institute of Standards and Technology (NIST), United States; Dustin Moody, Mathematician, National Institute of Standards and Technology (NIST), United States

14:05 Migration to Post-Quantum Cryptography—Panel Presentation on NIST’s NCCoE Collaborative Efforts (Q12b) Leader: William Newhouse, Cybersecurity Engineer, National Cybersecurity Center of Excellence, National Institute of Standards and Technology (NIST), United States, David McGrew, Cisco Fellow, Cisco Systems, Anne Dames, Distinguished Engineer, IBM zSystems Crypto Technology Development, Christian Paquin, Principal Software Engineer, Microsoft, United States, Evan Pelecky, Product Manager, Thales Trusted Cyber Technologies (TCT), United States [60MIN]

Room 212

13:35 Update on AIS 20/31 (N12a) Werner Schindler, Head of Section, Bundesamt fur Sicherheit in der Informationstechnik (BSI), Germany

14:05 Update on SP 800-90 (N12b) John Kelsey, Computer Scientist, NIST and KU Leuven, United States

14:35 Bridging the Gap Between the SP 800-90 Series and AIS 20/31 (N12c) Kerry McKay, National Institute of Standards and Technology (NIST), United States

Room 215

15:35 Panel: Facing the Future: The Next ISO/IEC 19790 (C13a) Leader: Yi Mao, Managing Director, atsec U.S.A., atsec information security corporation, United States, Chris Brych, Senior Principal Security Analyst, Oracle, Canada, Carolyn French, Manager Cryptographic Module Validation Program, Canadian Centre for Cyber Security, Canada, Graham Costa, Thales, Jonathan Smith, Senior FIPS Tester, Dekra, United States [60MIN]

16:35 Staying Active (and not Historical). FIPS Programmatic Algorithm Transitions by EOY and Early 2024 (C13c) William Tung, Sr. Security Analyst, Thales, United States

Room 213

15:35 A Vendor’s View on PQC Challenges (Q13a) Quang Trinh, Certification Product Manager, Palo Alto Networks, United States

16:05 Simple and Effective Steps to Achieve Quantum Safety Today (Q13b) Daniel Shiu, Chief Cryptographer, Arqit Quantum, United Kingdom

16:35 Integrating Quantum and Post-Quantum into 140-3 Modules Today (Q13c) Jonathan Smith, Senior FIPS Tester, Dekra, United States

Room 212

15:35 Tailored Health Tests for Physical Entropy Sources (N13a) Johannes Mittmann, Mathematician, Bundesamt fur Sicherheit in der Informationstechnik (BSI), Germany, John Kelsey, NIST, United States

16:05 Entropy Reviewers Open Floor (N13b) Leader: Chris Celi, CAVP Program Manager, National Institute of Standards and Technology (NIST), United States [60MIN]

Room 215

09:00 NIAP Update (C20a) Jon Rolf, NIAP Director, NSA, United States

09:30 NIAP Entropy Analysis Report Guidance Update (C20b) Mary Baish, NSA, United States, Jon Rolf, NIAP Director, NSA

10:00 NIAP CNSA 2.0 Plans (C20c) Alison Becker, NSA, Center for Cybersecurity Standards, Rebecca Guthrie, NSA, Center for Cybersecurity Standards, United States

Room 213

09:00 PQC – First Real Life Implementations (Q20a) Nils Gerhardt, CTO, Utimaco, Germany

09:30 Implementing a Post-Quantum End-To-End Encrypted Messaging Service (Q20b) Jaimee Brown, Senior Research Engineer, Teron Labs, Australia

10:00 Challenges of Hardware Chips Based on Post-Quantum Cryptographic and Physical Security Requirements (Q20c) Reza Azarderakhsh, CTO, Florida Atlantic University, United States

Room 212

09:00 The Legion Goes Native, Experiences and Findings in the Hardware Jungle (S20a) David Hook, VP Software Engineering, Legion of the Bouncy Castle/Keyfactor, Australia

09:30 Update on PKCS #11 3.1/3.2 (S20b) Robert Relyea, Principle Programmer, Red Hat, United States

10:00 A Practical Guide for Proactive Key Management and PQ Readiness Using KMIP (S20c) Tony Cox, Consultant, TC Logic, Australia

Room 215

11:00 NIAP Equivalency Revisited (C21a) Jade Stewart, NIAP Staff, NIAP, United States

11:30 Panel Discussion: CPU Equivalency (C21b) Leader: Kevin Micciche, Senior Manager, Product Trust and Assurance, Aruba, United States [60MIN]

Room 213

11:00 Lattice Cryptography Exposed! (Q21a) Luis Antonio Ruiz Lopez, Cryptographer, Lorica Cybersecurity, Canada

11:30 Panel Discussion: Trends and Issues in Post Quantum Cryptography (Q21b) Leader: Michele Mosca, University Research Chair & Co-Founder, Institute for Quantum Computing, EvolutionQ, Canada [60MIN]

Room 212

11:00 Formal Verification of Modern Cryptographic Algorithms in Software and Hardware (S21a) Ian Blumenfeld, Research Director – High Assurance Solutions, Two Six Technologies, United States

11:30 Open Quantum Safe Project (S21b) Douglas Stebila, Associate Professor of Cryptography, Department of Combinatorics & Optimization, University of Waterloo, Canada

12:00 Open SSL Update (S21c) Anton Arapov, Engineering Manager, OpenSSL Software Foundation, Czechia

Room 215

13:30 Security: The Second Wave of Convergence (C22a) Dan O’Loughlin, Vice President, Engineering, Qualcomm Technologies Incorporated, United States

14:00 Panel Discussion: Security vs Compliance Part 2 (C22b) Leader: Joshua Brickman, Senior Director, Security Evaluations, Oracle, United States [60MIN]

Room 213

13:30 Kyber and Dilithium Real Life Lessons (Q22a) Stephan Mueller, Primary Security Consultant, atsec information security corporation, United States

14:00 The State of the Art in Stateful Hash-Based Signatures (Q22b) Jim Goodman, Principal Security Architect, Crypto4A Technologies, Canada

14:30 Reimagining the State: Hash-Based Signatures in Merkle Tree Ladder Mode (Q22c) Burt Kaliski, Senior Vice President and Chief Technology Officer, Verisign, United States

Room 212

13:30 CVE-2022-37454: A Buffer Overflow Vulnerability Affecting Implementations of SHA-3 (G22a) Nicky Mouha, Researcher, Strativia, United States

14:00 Equivalence Classes in AES (G22b) David Cornwell, Principal Cryptographic and Security Consultant, atsec information security corporation, United States

14:30 Filling the Gaps in FIPS Cryptography (G22c) Joachim Vandersmissen, IT Security Consultant, atsec information security corporation, United States

Room 215

15:30 Introduction of Quantum Safe Equipment Certification Program in Korea (C23a) Min Hyung Kim, Project Manage for QKD Network, SK Telecom, South Korea

16:00 Panel Discussion: Towards Certification of Quantum Technologies (C23b) Leader: Sarah McCarthy, Cryptographic Strategist, EvolutionQ, Canada [60MIN]

Room 213

15:30 CVE Management: When is the Right Time to Revalidate? (U23a) Jennifer Brady, Senior Principal Security Analyst, Oracle, United States

16:00 Mitigating Non-Invasive Attacks (U23b) Iain Holness, Senior Program Manager – Common Criteria, Corsec Security, United States

16:30 A Modern Approach to HSM Form Factors (U23c) John O’Connor, VP Product Management, Crypto4A Technologies, Canada

Room 212

15:30 Panel Discussion: Trends and Issues in Cloud Computing Cryptography (G23a) Leader: Troy Leach, Chief Strategy Officer, Cloud Security Alliance, United States, Mark Bower, Vice President, Product Management, Anjuna Security, United States, Sam Pfanstiel, Principal Security Consultant, Coalfire, United States [60MIN]

16:30 AWS-Libcrypto Integrations (G23c) Dusan Kostic, Applied Scientist, Amazon Web Services (AWS), United States

Room 215

09:00 Satisfying Seemingly Divergent Requirements—Taking Common Criteria into Consideration When Architecting Products for FIPS 140 Certifiability, What the FIPS Certification Specialist Needs to Know (C30a) Kelvin Desplanque, Platform Architect, Intel, Canada; Alicia Squires, Principal FIPS Technical Program Manager, Amazon Web Services (AWS), United States

09:30 Panel: Bringing Crypto Compliance and Validation Testing Objectives Together for FIPS 140-3 (C30b) Leader: Apostol Vassilev, Research Supervisor, National Institute of Standards and Technology (NIST), United States Panelists: Rochelle Casey, Principal Program Manager, Amazon Web Services (AWS), United States; Barry Fussell, Software Technical Leader, Cisco, United States; Andrew Karcher, Software Engineer, Cisco, United States; Yi Mao, VP, Lab Director, atsec information security, United States; Stephan Mueller, Principal Consultant, atsec information security, United States; Murugiah Souppaya, Computer Scientist, National Institute of Standards and Technology (NIST), United States [60MIN]

Room 213

09:00 Updates in PCI Security Standards Council (I30a) Tim Cormier, Director of Lab Solutions, Payment Card Industry Security Standards Council (PCI SSC), United States

09:30 Payment Cryptography and the Cloud: Industry Trends in 2023 (I30b) Adam Cason, VP, Global and Strategic Alliances, Futurex, United States, Tim Cormier, Device Standards, PCI Security Standards Council, United States

10:00 Evolution of Payment HSM Standards (I30c) Tim Winston, Principal Industry Specialist, Amazon Web Services (AWS), United States; Smita Mahapatra, Senior Industry Specialist, Amazon Web Services (AWS)

Room 212

09:00 NIST Call for Multi-Party Threshold Schemes: Brief Notes at ICMC 2023 (G30a) Luis Brandeo, Researcher, National Institute of Standards and Technology (NIST), United States

09:30 Attestation and FIPS: Past, Present and Future (G30b) Alessandro Fazio, atsec information security corporation, Italy

10:00 Doing Key Attestation Inside a FIPS Boundary and CA/B Forum BRs (G30c) Mike Ounsworth, Software Security Architect, Entrust, Canada

Room 215

10:45 FIPS Physical Testing: A Ridiculous(ly) Informative Tutorial (C31a) Seamus Mulready, Cryptographic Securty Tester (FIPS), Lightship Security, Inc., Canada

11:15 Panel: Looking beyond 1SUBs (C31b) Leader: Bishakha Banerjee, Director – VMware Trust and Assurance, VMware, United States [60MIN]

Room 213

10:45 You Can Change the Future: Your Voice at the Foundation of Payment Security (I31a) Richard Kisley, Chief Engineer, IBM HSM, IBM, United States

11:15 Panel: Status of Cryptographic Security Standards (I31b) Leader: Ralph Poore, Associate Director, Payment Card Industry Security Standards Council (PCI SSC), United States Panelists: Lily Chen, Mathematician and Manager, National Institute of Standards and Technology (NIST), United States; Tim Cormier, Senior Manager, Device Standards, PCI Security Standards Council, United States; Richard Kisley, Chief Engineer, IBM HSM, IBM, United States; Jeff Stapleton, X9F4 Working Group Chair, Accredited Standards Committee X9, United States
[60MIN]

Room 212

10:45 Physically Uncloneable Function (PUF) in CMVP Modules (G31a) Sylvain Guilley, CTO, Secure-IC, France

11:15 Pre-silicon Side Channel Analysis for Certification (and Development) (G31b) Jasper van Woudenberg, CTO North America, Riscure, United States

11:45 Challenges in Automating Formal Methods for Cryptographic Algorithm Validation and Protocol Verification—The Use of Experimental Platform (G31c) Elzbieta Andrukiewicz, Head of Cybersecurity Department, National Institute of Telecommunications, Poland

Room 215

13:30 Software Modules: Is It Time To Update Tested Configurations? (C32a) Kaleb Himes, Senior Software Engineer, wolfSSL, United States

14:00 Panel/Open Floor: Ideas and Issues for Speeding Up the CMVP Queue (C32b) Leader: Nithya Rachamadugu, VP Cybersecurity Certification, Dekra, United States Panelists: Jake Bajic, Director, Product Line Manager, Palo Alto Networks, United States; Carol Cantlon, Quality Manager Lightship Security, Canada [60MIN]

Room 213

13:30 Panel: Trends and Issues in IoT Cryptography (E32a) Leader: Loren Shade, Founder, IoT Security Forum, & VP Marketing, Allegro Software, United States [60MIN]

14:00 Lightweight Encryption (E32b) Speaker TBA

Room 212

13:30 Practical Open-Source Fully Homomorphic Encryption with the OpenFHE Software Library (G32a) Kurt Rohloff, Co-Founder, OpenFHE, CTO & Co-Founder, Duality Technologies, United States

14:00 Enabling Large-Scale Privacy-Preserving Recurrent Neural Networks with Fully Homomorphic Encryption (G32b) Vele Tosevski, MASc Candidate, University of Toronto, Canada

14:30 Enhancing Privacy in the Age of AI: Cryptographic Schemes for Identity (G32c) Christian Paquin, Principal Software Engineer, Microsoft, United States