CARDIS 2014: Program

Note: All sessions are held in G. Planté room (CNAM, 2 Rue Conté)

Wednesday, November 5, 2014
11:00 – 13:45 Registration
13:45 – 14:00 Opening remarks
14:00 – 14:10 Best Paper award
Keynote Talk I
Chair: Marc Joye
14:10 – 15:10 A Chip Card Sidelight on Lightweight Crypto
Marc Girault
Session 1 – Java Cards
Chair: Samia Bouzefrane
15:10 – 15:35 Memory Forensics of a Java Card Dump
Jean-Louis Lanet, Guillaume Bouffard, Rokia Lamrani, Ranim Chakra, Afef Mestiri, Mohammed Monsif, and Abdellatif Fandi
15:35 – 16:00 Heap Hop! The Heap Is Also Vulnerable
Guillaume Bouffard, Michael Lackner, Jean-Louis Lanet, and Johannes Loining
16:00 – 16:30 coffee break
Session 2 – Software Countermeasures
Chair: Stefan Mangard
16:30 – 16:55 Study of a Novel Software Constant Weight Implementation
Victor Servant, Nicolas Debande, Houssem Maghrebi, and Julien Bringer
16:55 – 17:20 Balanced Encoding to Mitigate Power Analysis: A Case Study
Cong Chen, Thomas Eisenbarth, Aria Shahverdi, and Xin Ye
17:20 – 17:45 On the Cost of Lazy Engineering for Masked Software Implementations
Josep Balasch, Benedikt Gierlichs, Vincent Grosso, Oscar Reparaz, and François-Xavier Standaert
Thursday, November 6, 2014
Session 3 – Side-Channel Analysis
Chair: Emmanuel Prouff
09:15 – 09:40 Efficient Stochastic Methods: Profiled Attacks Beyond 8 Bits
Omar Choudary and Markus Kuhn
09:40 – 10:05 Kangaroos in Side-Channel Attacks
Tanja Lange, Christine van Vredendaal, and Marnix Wakker
10:05 – 10:30 Combining Leakage-Resilient PRFs and Shuffling – Towards Bounded Security for Small Embedded Devices
Vincent Grosso, Romain Poussier, François-Xavier Standaert, and Lubos Gaspar
10:30 – 11:00 coffee break
Panel Discussion
Chair: Jean-Jacques Quisquater
11:00 – 12:00 20 years of CARDIS, 40 years of smart cards: Where do we go from there?
David M'Raihi (Moderator)
12:00 – 14:00 lunch
Session 4 – Embedded Implementations
Chair: Jean-Louis Lanet
14:30 – 14:55 Double Level Montgomery Cox-Rower Architecture
Jean-Claude Bajard and Nabil Merkiche
14:55 – 15:20 How to Use Koblitz Curves on Small Devices?
Kimmo Järvinen and Ingrid Verbauwhede
15:20 – 15:50 coffee break
Session 5 – Public-Key Cryptography
Chair: Keith Mayes
15:50 – 16:15 Caml Crush: a PKCS#11 Filtering Proxy
Ryad Benadjila, Thomas Calderon, and Marion Daubignard
16:15 – 16:40 Algorithms for Outsourcing Pairing Computation
Aurore Guillevic and Damien Vergnaud
Social Event
Chair: Pierre Paradinas
17:00 – 19:30 Visit of Musée des arts et métiers (National Conservatory of Arts and Crafts)
19:30 – 21:00 Conference dinner
Friday, November 7, 2014
Session 6 – Leakage and Fault Attacks
Chair: François-Xavier Standaert
09:15 – 09:40 Bounded, yet Sufficient? How to Determine Whether Limited Side Channel Information Enables Key Recovery
Xin Ye, Thomas Eisenbarth, and William Martin
09:40 – 10:05 On the Security of Fresh Re-Keying to Counteract Side-Channel and Fault Attacks
Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, and Florian Mendel
10:05 – 10:30 Evidence of a Larger EM-induced Fault Model
Sébastien Ordas, Ludovic Guillaume-Sage, Karim Tobich, Jean-Max Dutertre, and Philippe Maurine
10:30 – 11:00 coffee break
Keynote Talk II
Chair: Amir Moradi
11:00 – 12:00 Designing Secure Smart Cards
Stefan Mangard
12:00 – 12:15 Closing remarks and announcements
12:15 – 14:00 lunch

Invited Speakers

Marc Girault Marc Girault
Orange Labs, France
Title: A Chip Card Sidelight on Lightweight Crypto
Abstract: Lightweight cryptography is commonly believed to start with the new century, along with emerging RFID technology. While this can be considered as true from public point of view, work in this domain actually started more than ten years before, at a time not all chip cards were smart. Among them, some prepaid telephone cards were only equipped with a very small memory (not exceeding 512 bits) and, in place of a microprocessor, a very small logic unit (not exceeding 500 gates). Surprisingly, this was just enough to embed a (ultra-)light authentication algorithm, as demonstrated in the mid 90’s by French and German telecom companies. In this talk we first recall the context related to chip cards, telecoms and cryptology in 1985, year when the first prepaid telephone cards were distributed, followed by billions of others. Then we address the specific problem of putting in cryptology on such low-resource devices. Finally we describe some of the components which were developed in order to solve it.
Biography: Marc Girault has worked for 26 years (with some interruption) in Orange Labs, as an expert in public-key cryptography, electronic payment, and smart cards. In these topics, he supervised ten PhD theses, published fifty research papers and filed as many patents. Pioneer of lightweight cryptography (at a time it was not named so), he co-invented two ultra-light authentication algorithms: one symmetric for (billions of) prepaid phone cards (500 GE), the other one asymmetric dedicated to RFID tags, called cryptoGPS in ISO standards (2600 GE).
Stefan Mangard Stefan Mangard
Graz University of Technology, Austria
Title: Designing Secure Smart Cards
Abstract: The security of many applications relies on the fact that the code and data, which are processed on smart cards, remain confidential and unchanged even in the presence of all kinds of attacks. This talk discusses the main challenges for designing secure smart card controllers from an industry as well as from an academic perspective. The talk in particular focusses highlighting similarities and differences in the approaches from industry and academia. It not only discusses classical topics, such as power analysis and fault attacks on cryptographic algorithms. It also focuses on open research topics that have so far not received a comparable attention in academia. An example in this context is the efficient protection of general-purpose processors and software against fault attacks.
Biography: Stefan Mangard is professor at Graz University of Technology since November 2013. Before moving to Graz, he was working as leading security architect at Infineon Technologies in Munich. In this role he was responsible for defining the security concepts for the smart card platforms at Infineon.
His research interests include security architectures, system security, cryptography, as well as all kinds of physical attacks and corresponding countermeasures.
David M'Raihi David M'Raihi
Perzo, USA
Biography: Dr. David M'Raihi has 23 years of experience in cryptology and computer security. As Chief Security Officer at Perzo, David is responsible of the full security posture of the company, with a focus on information and product security. He joined Perzo from Verayo, a Khosla Ventures company, where he was CTO after his tenure as security architect at Apple and principal scientist at VeriSign. David co-founded the crypto team at Gemplus with David Naccache, authored and co-authored more than 100 papers and patents. David completed his PhD in cryptography with Jacques Stern, former Director of the Computer Science Department of Ecole Normale Supérieure, Paris, France.
Springer's LNCS