hot topic: In Hardware We Trust: Challenges and Opportunities of Hardware Security

Termin: 19.11.2021
Dauer: 10:00-17:40
Ort: Digitaler Workshop mit BigBlueButton

Programm

10:00
Welcome and Moderation
Ahmad-Reza Sadeghi
TU Darmstadt
Ahmad-Reza Sadeghi
10:15
Nele Mentens
Leiden University and KU Leuven
Nele Mentens
Opportunities and security challenges of flexible electronics on plastics

Electronic devices on plastic foil, also referred to as flexible electronics, are making their way into mainstream applications. In the near future, flexible electronic labels can be embedded in smart blisters, but also used as mainstream technology for flexible medical patches. This talk gives an overview of the opportunities of the technology as well as the challenges that arise when secure communication is required between the flexible tag and the reader.

10:55
Lejla Batina
Radboud University
Lejla Batina
Automated power-analysis leakage evaluation and elimination: from Elmo to Rosita

Masked implementations often fail to protect against 1st order side-channel attacks and leak secret information due to unanticipated interactions in the hardware. A number of power-leakage simulators were proposed to improve the process of repeated evaluation and leakage elimination. With this same goal in mind, we created a code rewrite tool called ROSITA that uses a leakage emulator to not just identify “leaky” samples and instructions but to “fix” those as well, resulting in implementations without observable leakage in the 1st order. We demonstrate the usage of ROSITA to automatically protect masked implementations of AES, ChaCha, and Xoodoo with modest performance penalties.

11:35 Break
12:05
Emmanuel Stapf
azura TEC
Emmanuel Stapf
Enclave Computing: The State of Affairs in Hardware-assisted Security Architectures

In recent years, security architectures became popular which isolate sensitive services in software compartments, called enclaves, protected by hardware mechanisms. Enclave computing aims at providing strong protection guarantees and at the same time, a flexible and low-overhead usage. In this talk, we analyze state-of-the-art enclave security architectures from industry and academia and point to missing links and remaining challenges.

12:45
Christian Stueble
Rohde & Schwarz
Christian Stueble
Trusted networks with untrusted infrastructure components – possibilities and limitations

Today’s hardware technologies allow the protection of complex networks consisting of untrusted infrastructure components in such a way that even classified information can be transmitted without relevant performance loss or delays. In this talk, we show how carefully designed security components can make the ongoing political and technical discussions about the exclusion of untrusted network devices – and vendors – somewhat obsolete. Moreover, we discuss the possibilities and the limitations of the used technologies.

13:25 Break
14:30
Tim Güneysu
RUB
Tim Güneysu
Challenges for Long-Term Secure Cryptographic Hardware

Security in hardware poses a variety of challenges for manufacturers, such as robust cryptographic services to provide long-term guarantees over the entire life span of a product. For services such as key exchange and authentication, public-key cryptosystems such as RSA and Elliptic Curve Cryptography have been mostly deployed - two public-key cryptosystems that will be broken as soon as sufficiently powerful quantum computers will become available. This talk highlights the current progress, challenges and latest achievements in the field of post-quantum cryptography paving the way for a next generation of cryptographic hardware.

15:10
Johanna Sepulveda
Airbus
Johanna Sepulveda
Circuits and Systems for Quantum Secure Communications: Challenges and Opportunities

Quantum dawn is threatening the currently used cryptography. While standardization bodies are working towards the selection of quantum secure algorithms and solutions, their implementation is still an open point. In this talk the ongoing efforts towards the implementation of quantum-secure solutions will be presented. In addition the challenges and opportunities from the circuit and system point of view will be discussed.

15:50 Break
16:20
Sergej Dechand
Code Intelligence
Sergej Dechand
The human component in automated bug finding

Tech leaders already find up to 80% of their vulnerabilities and bugs in software completely automated, mostly with fuzz testing. Hardware and firmware programming adds additional layers and challenges to the picture. Establishing automated security testing in large software projects close to hardware requires solving the challenges on a technical level and has to consider the human component. Empathy and intuition are crucial factors for security experts when collaborating with developers. In this talk, Sergej shares insight on use cases where development teams automated their software security testing, despite initial obstacles introducing the process.

17:00
Rosario Cammarota
intel
Rosario Cammarota
A retrospection on Design for Security: the lessons learned in the TAME Forum

In this talk, I will present a retrospection on the findings of the Design for Security group in the Trusted and Assured MicroElectronics (TAME) forum, an eighteen-month effort contributed by academic, industry, and government research groups. I will cover viable strategies to generate metrics for quantifying the different security aspects, and the core principles that can guide the construction of security frameworks.

Anmeldung und Preise

Generell können Sie sich bis zum Veranstaltungstag anmelden. Stichtag für eine Anmeldung zum Frühbucherrabatt ist der 09.11.2021, danach gilt der normale Teilnehmerbetrag. Um den Workshop optimal vorbereiten zu können bitten wir Sie, von dieser Möglichkeit Gebrauch zu machen. Für Schüler, Auszubildende und Studenten können Sonderkonditionen eingeräumt werden.

Bei Anmeldung ... bis zum Stichtag nach dem Stichtag
Teilnahmegebühr des Workshops 200,00 € 250,00 €
für Inhaber eines CAST-Leistungspaketes 100,00 € 125,00 €

Alle Preise inkl. 7% MwSt.

Um den reduzierten Tarif in Anspruch nehmen zu können, beantragen Sie bitte umgehend das CAST Leistungspaket.

Informationen und Kontakt

Wenn Sie noch Fragen haben, wenden Sie sich bitte an:

Moderation

Ahmad-Reza Sadeghi
TU-Darmstadt
E-Mail:

Administration

Claudia Prediger
CAST e.V.
Tel.: +49 6151 869-230
E-Mail:

Bitte beachten Sie, dass wir Anmeldungen zu unseren Veranstaltungen nur über das Online-Formular nicht jedoch über unsere Fax-Nummern entgegen nehmen können.

CAST Online Workshops

Gerade in Zeiten der COVID-19-Beschränkungen bleiben Fragen zur Cybersicherheit hochaktuell. CAST möchte seinen Beitrag leisten und veranstaltet ab Juli 2020 die CAST-Workshops online als virtuelle Veranstaltungen. Damit wird der Wissensaustausch zu aktuellen Themen der Cybersicherheit kontinuierlich sichergestellt.

Die CAST-Workshops im digitalen Format werden mit dem Open-Source-Webkonferenzsystem BigBlueButton umgesetzt, welches zur Wahrung des Datenschutzes mit einem in Darmstadt platzierten CAST-eignen Server betrieben wird.

Sobald die COVID-19-Beschränkungen es zulassen, wird CAST zum gewohnten Workshop-Format zurückkehren und freut sich schon jetzt darauf Sie wieder persönlich in Darmstadt begrüßen zu dürfen.

Kommende CAST Veranstaltungen

Quantentechnologie und Quantencomputer-resistente Sicherheit 02.09.2021
20th International Conference of the Biometrics Special Interest Group (BIOSIG 2021) 15.-17.09.2021
hot topic: In Hardware We Trust: Challenges and Opportunities of Hardware Security 19.11.2021

Registrierung für die Volksverschlüsselung

Zusammen mit dem CAST e.V. bietet das Fraunhofer SIT im Rahmen der CAST-Workshops die Möglichkeit der Vor-Ort-Registrierung an. Möchten Sie diese Gelegenheit wahrnehmen, so bringen Sie hierfür bitte ein gültiges Ausweisdokument mit und tragen Vorname(n) und Nachname aus Ihrem Ausweis, sowie Ihre E-Mail-Adresse, für die Sie ein Zertifikat der Volksverschlüsselung beantragen möchten, in das Formuar ein. Sie können das Registrierungsformular auch vorab ausfüllen und zur Veranstaltung mitbringen.

Weitere Informationen finden Sie unter volksverschluesselung.de.