[crypto] [secdm at tue.nl: Program Crypto Working Group, December 16, 2016]

R. Hirschfeld ray at unipay.nl
Tue Dec 13 10:32:20 CET 2016


------- Start of forwarded message -------
From: Secretariaat DM <secdm at tue.nl>
Subject: Program Crypto Working Group, December 16, 2016
Date: Mon, 12 Dec 2016 13:15:07 +0000

Dear all,

Herewith I send you the program of the CWG-meeting this Friday, December 16, 2016.

With kind regards / Met vriendelijke groeten,
Anita Klooster
secretary of the section Discrete Mathematics

[cid:image001.gif at 01CB8FB5.88A9C0F0]

Dept. of Mathematics and Computer Science
MF 4.058
Office hours: Monday and Friday 08.30-12.30 h / Tuesday and Wednesday 08.30-17.00 h
Telephone: +31 (0)40 2472254
Email: secdm at tue.nl<mailto:secdm at tue.nl>




CRYPTO WORKING GROUP


Friday, December 16, 2016
                                                De Kargadoor (http://www.kargadoor.nl/utrecht/zaalverhuur.html)
                                                Oudegracht 36, Utrecht



Program

10.45 - 11.30 hrs.    Léon Groot Bruinderink (TU/e),
                                   Flush, Gauss, and Reload - A Cache-attack on the BLISS Lattice-based Signature Scheme

11.30 -  11.45 hrs.  Coffee / tea break


11.45 - 12.30 hrs.   Joost Renes (RU Nijmegen),
          Efficient compression of SIDH public keys

12.30 -  14.00 hrs.  Lunch break (lunch not included)


14.00 - 14.45 hrs.   Ismail Khoffi (EPFL),

                                    Overview and challenges of CONIKS-like transparency overlays for key-management


14.45 - 15.00 hrs.   Coffee / tea break


15.00 - 15.45 hrs.   Kostas Papagiannopoulos (RU Nijmegen),

                                    Bitsliced Masking and ARM: Friends or Foes?



Abstract talk Kostas Papagiannopoulos: Bitsliced Masking and ARM: Friends or Foes?
Software-based cryptographic implementations can be vulnerable to side-channel analysis. Masking countermeasures rank among the most prevalent techniques against it, ensuring formally the protection vs. value-based leakages. However, its applicability is halted by two factors. First, a masking countermeasure involves a computational overhead that can render implementations inefficient. Second, physical effects such as glitches and distance-based leakages can cause the reduction of the security order in practice, rendering the masking protection less effective. In order to reduce the computational cost, we implement a high-throughput, bitsliced, 2nd-order masked implementation of the PRESENT cipher, in ARM Cortex-M4. Second, we analyze experimentally the effectiveness of masking in ARM devices, i.e. we examine the effects of distance-based leakages on the security order of our implementation. We confirm the theoretical model behind distance leakages for the first time in ARM-!
 based architectures.
------- End of forwarded message -------


More information about the crypto mailing list