May 8-11, 2018 | Shaw Centre | Ottawa, Ontario, Canada

Conference Agenda

Tuesday 08 May

Pre-Conference Workshops

08:00 - 09:00 Registration

Rideau Canal Atrium

09:00 - 12:30 Pre‑Conference Workshops

Pre-Conference Workshops (Ottawa Salon 210)

 
09:00 Decrypting Crypto: An Introduction to Cryptography (W00a) Jon Green, HPE, United States

Pre-Conference Workshops (Ottawa Salon 212)

 
09:00 Intro to FIPS 140 (W00b) Ray Potter, SafeLogic, United States

Pre-Conference Workshops (Ottawa Salon 211)

 
09:00 Workshop TBA (W00c)

12:30 - 13:30 Lunch

Rideau Canal Atrium

13:30 - 17:00 Pre‑Conference Workshops

Pre-Conference Workshops (Ottawa Salon 210)

 
13:30 The Post Quantum Crypto World and the Need for Crypto Agility (W01a) Tomislav Nad, InfoSec Global, Switzerland; Vladimir Soukharev, InfoSec Global, Canada

Pre-Conference Workshops (Ottawa Salon 212)

 
13:30 FIPS 140-2 Validation Process: Overview and Case Study (W01b) Tammy Green, Senior Principal Security Architect, Symantec, United States; Ian Hall, Certification Architect, Symantec, United States

Pre-Conference Workshops (Ottawa Salon 211)

 
13:30 Workshop TBA (W01c)

Wednesday 09 May

Conference Sessions

08:00 - 09:00 Registration

Rideau Canal Atrium

09:00 - 10:30 Plenary Keynote Session

Ottawa Salon 213-215

09:00 Welcome Address, Yi Mao, atsec information security

09:10 CMUF Update

09:20 Plenary Keynote Address (P10a) Jason Hart, CTO Data Protection, Gemalto, United Kingdom

09:55 Plenary Keynote Address (P10b) Scott Jones, Assistant Deputy Minister, Information Technology Security, Communications Security Establishment, Canada

10:30 - 11:15 Networking Break in Exhibits

Ottawa Salon 214

11:15 - 12:45 Track Sessions

Certification Programs (Ottawa Salon 210)

 
11:15 Certification Track Keynote Address (C11a) Jeff Blank, NSA IAD, United States

11:45 CMVP Programmatic Update (C11b) Carolyn French, GoC, Canada; Beverly Trapnell, NIST, United States

12:15 NIAP Update (C11c) Mary Baish, NIAP, United States

General Technology (Ottawa Salon 209)

 
11:15 General Technology Track Keynote (G11a) Bruno Couillard, Crypto4A, Canada

11:45 General Technology Presentation (G11b) Speaker TBA

12:15 General Technology Presentation (G11c) Speaker TBA

Industry Vertical/Embedded Crypto (Ottawa Salon 211)

 
11:15 Industry Vertical/Embedded Crypto Track Keynote (E11a) Speaker TBA

11:45 “FIPS 140-2 Inside”—You’re (Probably) Doing It Wrong (E11b) Mark Minnoch, KeyPair Consulting, United States

12:15 IoT Security—GAME OF TRUST (E11c) Roland Atoui, Red Alert Labs, France; Isaac Dangana, Red Alert Labs, France

Post-Quantum Crypto (Ottawa Salon 212)

 
11:15 Post-Quantum Crypto Track Keynote (Q11a) Tanja Lange, Eindhoven University of Technology, Netherlands

11:45 Quantum Update (Q11b) Michele Mosca, Institute for Quantum Computing, University of Waterloo & evolutionQ Inc., Canada

12:15 Update: ETSI QSC Group and X.509 Certificate Extension (Q11c) Mark Pecen, ISARA Corp., Canada

12:45 - 13:45 Lunch in Exhibit Area

Ottawa Salon 213-215

13:45 - 15:15 Track Sessions

Certification Programs (Ottawa Salon 210)

 
13:45 Panel Presentation: Update on the Automated Cryptographic Validation Program (ACVP) (C12a) Apostol Vassilev, NIST, United States; Tim Anderson, Amazon, United States; Shawn Geddis, Apple, United States; Barry Fussell, Cisco, United States; Bradley Moore, NIST, United States; Robert Relyea, Red Hat, United States

[90MIN]

General Technology (Ottawa Salon 209)

 
13:45 Using FPGAs in the Cloud for Decentralized Trusted Execution (G12a) Ahmed Ferozpuri, George Mason University, United States

14:15 GlobalPlatform: Cryptography Algorithm Classification and Crypto Agility (G12b) Olivier Van Nieuwenhuyze, GlobalPlatform Board Member and Security Task Force Chair, Netherlands

14:45 Deep Inside: The Benefits and Implications of Sub-Chip FIPS Modules (G12c) Renaudt Nunez, atsec information security, United States

Industry Vertical/Embedded Crypto (Ottawa Salon 211)

 
13:45 FIPS, IoT Medical Devices and the DoD/VA (E12a) Loren Shade, Allegro Software, United States

14:15 FIPS 140-2 Perspectives on IoT Devices in a Blockchain Setting (E12b) William Sandberg-Maitland, SPYRUS, Canada

14:45 Secrets of Crypto Technology Revealed for Enhanced ICS Cybersecurity (E12c) Chris Guo, Ultra Electronics, 3eTI.com, United States

Post-Quantum Crypto (Ottawa Salon 212)

 
13:45 NIST Post-Quantum Cryptography Standardization Update (Q12a) Lily Lidong Chen, NIST, United States; Dustin Moody, NIST, United States

14:15 Post-Quantum Presentation (Q12b) Daniel Bernstein, University of Illinois at Chicago, United States; Technische Universiteit Eindhoven, Netherlands

14:45 Practical Quantum-Resistant Cryptography from Supersingular Isogenies (Q12c) Patrick Longa, Microsoft Research, United States

15:15 - 15:45 Networking Break in Exhibits

Ottawa Salon 213-215

15:45-17:15 Track Sessions

Certification Programs (Ottawa Salon 210)

 
15:45 Mandating CMVP for NIAP Evaluations Panel Presentation (C13a) Mary Baish, NIAP, United States

[60MIN]

16:45 FIPS 140-3 Update (C13c) Speaker TBA

General Technology (Ottawa Salon 209)

 
15:45 Boundaries: Where Do You Draw the Line? (G13a) Alan Gornall, Rycombe Consulting, United Kingdom

16:15 FIPS 140-2 Validations in a Secure Enclave (G13b) Chris Conlon, wolfSSL, United States

16:45 EncryptedQuery: A Practical Solution for PIR (G13c) John Petro, Envieta Systems, United States

Industry Vertical/Embedded Crypto (Ottawa Salon 211)

 
15:45 Trusted and Localized Entropy Source for Advanced IoT Security (E13a) Jongwon Jp Park, EYL, South Korea;Junghyun Francis Baik,EYL Inc.

16:15 Leveraging Blockchain Technology for Identity and Authentication (E13b) Donald Malloy, OATH, United States

E13c. Embedded Crypto Presentation (E13c) Speaker TBA

Post-Quantum Crypto (Ottawa Salon 212)

 
15:45 Recent Progress in Hardware Implementations of Post-Quantum Isogeny-Based Cryptography (Q13a) Reza Azarderakhsh, Florida Atlantic University and PQSecure Technologies, United States

16:15 Integrating Quantum-Resistant Algorithms into Applications (Q13b) Christian Paquin, Microsoft, United States

16:45 Open Quantum Safe (Q13c) Vlad Gheorghiu, University of Waterloo, Canada

17:45 - 18:45 Welcome Reception in Exhibits

Ottawa Salon 213-215

18:45 - 21:15 Dine‑Around Ottawa

Enjoy an informal group dinner at one of Ottawa’s best restaurants with your ICMC colleagues. Select a restaurant and reserve your seat for a prix-fixe dinner at a group table. Reserve early—seating is limited. On site, you’ll meet your group Wednesday at 18:45 at the ICMC registration desk and depart from there.

Thursday 10 May

Conference Sessions

08:00 - 09:00 Coffee in the Exhibits

Ottawa Salon 213-215

09:00 - 10:30 Track Sessions

Certification Programs (Ottawa Salon 210)

 
09:00 NIST and NIAP Working Together (C20a) Mary Baish, NIAP, United States; Michael Cooper, NIST, United States

09:30 “Revalidation in Response to CVE” Working Group (C20b) Fabien Deboyser, Thales eSecurity, United States; Carolyn French, CSE, Canada; Ryan Thomas, Acumen Security, United States

10:00 Touch the Cloud: Closing the FIPS Validation Gap (C20c) Yi Mao, atsec information security, United States

General Technology (Ottawa Salon 209)

 
09:00 Tamper Labels Examined (G20a) Steve Weingart, Aruba, a Hewlett Packard Enterprise company, United States

09:30 GPU-Accelerated High-Performance Hardware Security Module (G20b) Fangyu Zheng, Institute of Information Engineering, CAS, China

10:00 Meeting FIPS 140 Requirements—An RSA Story (G20c) Steven Schmalz, RSA, United States

Common Criteria
(Ottawa Salon 211)

 
09:00 Common Criteria Track Keynote (R20a) Michael Grimm, CCUF, United States

09:30 Is 2018 a Make or Break Year for CC? (R20b) John Boggie, NXP Semiconductors, United Kingdom

10:00 Making Objectivity Work Harder: Text, Tools and Fuzzing (R20c) Tony Boswell, DNV GL Technical Assurance Laboratory, United Kingdom

Post-Quantum Crypto (Ottawa Salon 212)

 
09:00 Advances in Quantum Key Distribution: Standardization, Networking, and Space Applications (Q20a) Bruno Huttner, ID Quantique, Switzerland

09:30 A Session Key Service for Post-Quantum Security in Standard Protocols (Q20b) David Mcgrew, Cisco Systems, United States

10:00 Isogeny-Based Quantum-Resistant Group Key Agreement (Q20c) Vladimir Soukharev, InfoSec Global, Canada

10:30 - 11:00 Networking Break in Exhibits

Ottawa Salon 213-215

11:00 - 12:30 Track Sessions

Certification Programs (Ottawa Salon 210)

 
11:00 Comments on NIST Standards for Random Number Testing (C21a) Yuan Ma, Institute of Information Engineering, Chinese Academy of Sciences, China

11:30 Structured Entropy Assessment and Practical Evaluation Considerations (C21b) Greg Mclearn, Lightship Security, Inc., Canada

12:00 Automation of CAVS Testing: Bringing CAVP and Vendor Together (C21c) Stephan Mueller, atsec information security, United States

General Technology (Ottawa Salon 209)

 
11:00 10 Years of FIPS 140-2 Certifications at Red Hat (G21a) Tomas Mraz, Red Hat, Czech Republic

11:30 Panel Discussion: Technology Challenges in CM Validation (G21b) Moderator: Nithya Rachamadugu, Director, CygnaCom, United States

[60MIN]

Common Criteria
(Ottawa Salon 211)

 
11:00 Identifying Cryptographic Implementations in Common Criteria (R21a) Cory Clark, Government of Canada, Canada

11:30 A Survey of Common Criteria Certification Scheme Cryptographic Algorithm Requirements (R21b) King Ables, atsec information security corporation, United States

12:00 Smart Application of CC: CC Can Actually Be Efficient, Lean and Useful! (R21c) Wouter Slegers, Your Creative Solutions, Netherlands

Post-Quantum Crypto
(Ottawa Salon 212)

 
11:00 Quantum Random Number Generation Overview (Q21a) Speaker TBA

11:30 QRNG Panel Discussion (Q21b) Panelists TBA

[60MIN]

12:30 - 13:30 Lunch in Exhibit Area

Ottawa Salon 213-215

13:30 - 15:00 Track Sessions

Certification Programs (Ottawa Salon 210)

 
13:30 State of CAVP (C22a) Harold Booth, NIST, United States

14:00 Panel Discussion: ACVP—How It Will Change the Way You Work (C22b) Panelists TBA

[60MIN]

General Technology (Ottawa Salon 209)

 
13:30 Analyzing Block Device Timing Events as a Source of Entropy (G22a) Kirill Sinitski, CygnaCom, Canada; Mike Ounsworth, EntrustDatacard, Canada

14:00 The Use of /dev/urandom as the Entropy Source in the Real World (G22b) Rumman Mahmud, Cisco Systems, United States; Zhiqiang Wang, Gossamer Security Solutions, United States

14:30 General Technology Presentation (G22c) Speaker TBA

Common Criteria
(Ottawa Salon 211)

 
13:30 International CC Scheme Perspective (R22a) Speaker TBA

14:00 International CC Scheme Perspective (R22b) Speaker TBA

14:30 International CC Scheme Perspective (R22c) Speaker TBA

Open-Source Crypto
(Ottawa Salon 212)

 
13:30 OS Crypto Track Keynote: Challenges in Implementing Usable Advanced Crypto (S22a) Shai Halevi, Principal Research Staff Member, IBM T. J. Watson Research Center

14:00 Open-Source Validations (S22b) Speaker TBA

14:30 OpenSSL Project Overview (S22c) Speaker TBA

15:00-15:30 Networking Break in Exhibits

Ottawa Salon 213-215 (Exhibits Close at 15:30)

15:30 - 17:00 Track Sessions

Certification Programs (Ottawa Salon 210)

 
15:30 ACVP Client Integration for FIPS Algorithm Testing and Runtime Crypto Assessment (C23a) Barry Fussell, Cisco Systems, United States; Ellie Daw, Cisco Systems, United States

16:00 Realigning (Not Re-inventing!) the Wheel: Applying a Composition Model to FIPS 140-2 Validation (C23b) Steve Weymann, KeyPair Consulting Inc., United States

16:30 In FIPS 140-2 Validations, Why So Much Redundant Data Redundancy in FIPS 140-2 Validations? (C23c) Quentin Gouchet, atsec information security, United States

General Technology (Ottawa Salon 209)

 
15:30 Traditional Hardware Security Modules vs Real World Requirements. Is There a Gap? (G23a) Martin Oczko, PrimeKey Labs GmbH, Germany

16:00 The Details of an Ongoing Transition to the Stronger Key Establishment Methods (G23b) Allen Roginsky, NIST, United States

16:30 KMIP 2.0 vs Crypto in a Cybersecurity Context (G23c) Tony Cox, Cryptsoft, Australia; Chuck White, Fornetix, United States

Common Criteria
(Ottawa Salon 211)

 
15:30 Flaw Remediation Begins Where Product Certification Finishes (R23a) Malcolm Levy, Check Point Software Technologies, United States

16:00 Panel Discussion: FIPS and Common Criteria–How They Play Together (R23b) Moderator: Steve Weingart, Aruba, a Hewlett Packard Enterprise company, United States

[60MIN]

Open-Source Crypto
(Ottawa Salon 212)

 
15:30 OpenSSL FIPS Module Validation Project (S23a) Ashit Vora, Acumen Security, United States

16:00 China and Crypto Open Source Projects (S23b) Paul Yang, OpenSSL Project, China

16:30 LibreSSL (S23c) Speaker TBA

17:00 - 18:00 Cryptographic Module Game Program

Come watch three experienced contestants test their FIPS knowledge in a game of trivia related to algorithms, derived testing requirements, entropy, implementation guidance and more. A few members from the audience will be selected to assist the contestants on specific questions and be eligible to win prizes. Your Host: Nick Goble, CGI, United States

Ottawa Salon 213, 215

Friday 11 May

Conference Sessions

08:00 - 09:00 Coffee

Rideau Canal Atrium

09:00 - 10:30 Track Sessions

Certification Programs (Ottawa Salon 210)

 
09:00 International Crypto Certification Perspective (C30a) Speaker TBA

09:30 International Crypto Certification Perspective (C30b) Speaker TBA

10:00 International Crypto Certification Perspective (C30c) Speaker TBA

Advanced Technology (Ottawa Salon 209)

 
09:00 Advanced Technology Track Keynote (A30a) Speaker TBA

09:30 Permutation-Based Cryptography (A30b) Guido Bertoni, Security Pattern, Italy

10:00 Sizing Up the Threshold: Challenges and Opportunities in the Standardization of Threshold Schemes for Cryptographic Primitives (A30c) Apostol Vassilev, NIST, United States

End-User Experience
(Ottawa Salon 211)

 
09:00 End-User Experience Track Keynote (U30a) Speaker TBA

09:30 The FIPS 140-2 CM Overall Rating: What’s (Not) in It For Me? (U30b) Sridhar Balasubramanian, NetApp, United States; Mike Scanlin, NetApp, United States

[60MIN]

Open-Source Crypto
(Ottawa Salon 212)

 
09:00 TLS 1.3 and NSS (S30a) Robert Relyea, Red Hat, United States

09:30 TLS Panel Discussion (S30b) Panelists TBA

[60MIN]

10:30 - 10:45 Networking Break

Rideau Canal Atrium

10:45 - 12:15 Track Sessions

Certification Programs (Ottawa Salon 210)

 

10:45 CAVP/CMVP Requirements from 800-90B (C31a) Speaker TBA

11:15 TOO MANY CERTIFICATIONS! (C31b) Ken Fuchs, Motorola Solutions, United States

11:45 IG Updates: Chasing the Moving Target (C31c) Swapneela Unkule, atsec information security, United States

Advanced Technology (Ottawa Salon 209)

 
10:45 Panel Discussion: The Future of HSMs and New Technology for Hardware Based Security Solutions (A31a) Tony Cox, Cryptsoft, Australia; Thorsten Groetker CTO, Utimaco; Tim Hudson, Cryptsoft, Australia; Todd Moore, Gemalto, United States; Simon Johnson, Intel, United States; Jon Geater, Thales, United States

[60MIN]

11:45 The Role of Product Platforms in Information Security: Building on the Success of Cryptographic Modules (A31c) Lawrence Dobranski, Catalone IT Security, Canada

End-User Experience
(Ottawa Salon 211)

 
10:45 A Quantum of Safety—Rooting Trust in a Quantum World (U31a) Mike Brown, ISARA Corporation, Canada

11:15 Towards A Crowd-Sourced Cryptographic Knowledge Base (U31b) Debra Baker, Cisco, United States; Seth Nielson, Johns Hopkins University, United States

11:45 Keys, Hollywood, and History: The Truth About ICANN and the DNSSEC Root Key (U31c) Richard Lamb, Former Chair, Policy Management Authority, ICANN, United States

Open-Source Crypto
(Ottawa Salon 212)

 
10:45 A Case Study on Certification and Audit of Open Source Security Software (S31a) Tomas Gustavsson, CTO, PrimeKey Solutions AB, Sweden

11:15 Proving the Correctness of Amazon’s s2n TLS Library (S31b) Aaron Tomb, Galois, United States

11:45 Do You Really Know Where Your Crypto is Executing? (S31c) Kelvin Desplanque, Cisco Systems, Canada; Barry Fussell, Cisco Systems, United States

12:15 - 12:45 CMUF Monthly Meeting—May

Ottawa Salon 210 (Open to All)

12:45 - 13:30 Lunch

Rideau Canal Atrium

13:30 - 15:00 Track Sessions

Advanced Technology (Ottawa Salon 209)

 
13:30 Efficient Side-Channel Testing Using TVLA (A32a) Gilbert Goodwill, Rambus – Cryptography Research, United States; Gary Kenworthy, Rambus – Cryptography Research, United States

14:00 Breaking Symmetric White-Box Algorithms Using CPA and DFA (A32b) Gabriel Goller, G+D Mobile Security GmbH, Germany

14:30 Campfire Stories: Test to Break or Test to Verify? (A32c) Bart Jan Koning, Riscure, United States; Erwin in ‘t Veld, Product Manager, Riscure, United States

End-User Experience
(Ottawa Salon 211)

 
13:30 Update from the “Security Policy” Working Group (U32a) Ryan Thomas, Acumen Security, United States

14:00 We Feel Your Pain! Getting Ready for Certification (U32b) Alan Kaye, Fortinet, Canada; Brad Proffitt, Lightship Security, Canada

14:30 Planning Ahead: Certificate Maintenance (U32c) Abdullah Abubshait, Cygnacom Solutions, United States

Open-Source Crypto
(Ottawa Salon 212)

 
13:30 OpenSSL in an Intel SGX Trusted Enclave (S32a) Speaker TBA

14:00 Kernel Security or Reproducible Build (S32b) Speaker TBA

14:30 Network Authentication (S32c) Speaker TBA

15:00 - 15:15 Networking Break

Rideau Canal Atrium

15:15 - 16:15 Closing Remarks, Summary Panel Discussion

Ottawa Salon 210