CARDIS 2014: Program
Note: All sessions are held in G. Planté room (CNAM, 2 Rue Conté)
| Wednesday, November 5, 2014 | |
|---|---|
| 11:00 – 13:45 | Registration |
| 13:45 – 14:00 | Opening remarks |
| 14:00 – 14:10 | Best Paper award |
| Keynote Talk I Chair: Marc Joye |
|
| 14:10 – 15:10 | A Chip Card Sidelight on Lightweight Crypto |
| Marc Girault | |
| Session 1 – Java
Cards Chair: Samia Bouzefrane |
|
| 15:10 – 15:35 | Memory Forensics of a Java Card Dump |
| Jean-Louis Lanet, Guillaume Bouffard, Rokia Lamrani, Ranim Chakra, Afef Mestiri, Mohammed Monsif, and Abdellatif Fandi | |
| 15:35 – 16:00 | Heap Hop! The Heap Is Also Vulnerable |
| Guillaume Bouffard, Michael Lackner, Jean-Louis Lanet, and Johannes Loining | |
| 16:00 – 16:30 | coffee break |
| Session 2 – Software Countermeasures Chair: Stefan Mangard |
|
| 16:30 – 16:55 | Study of a Novel Software Constant Weight Implementation |
| Victor Servant, Nicolas Debande, Houssem Maghrebi, and Julien Bringer | |
| 16:55 – 17:20 | Balanced Encoding to Mitigate Power Analysis: A Case Study |
| Cong Chen, Thomas Eisenbarth, Aria Shahverdi, and Xin Ye | |
| 17:20 – 17:45 | On the Cost of Lazy Engineering for Masked Software Implementations |
| Josep Balasch, Benedikt Gierlichs, Vincent Grosso, Oscar Reparaz, and François-Xavier Standaert | |
| Thursday, November 6, 2014 | |
| Session 3 – Side-Channel
Analysis Chair: Emmanuel Prouff |
|
| 09:15 – 09:40 | Efficient Stochastic Methods: Profiled Attacks Beyond 8 Bits |
| Omar Choudary and Markus Kuhn | |
| 09:40 – 10:05 | Kangaroos in Side-Channel Attacks |
| Tanja Lange, Christine van Vredendaal, and Marnix Wakker | |
| 10:05 – 10:30 | Combining Leakage-Resilient PRFs and Shuffling – Towards Bounded Security for Small Embedded Devices |
| Vincent Grosso, Romain Poussier, François-Xavier Standaert, and Lubos Gaspar | |
| 10:30 – 11:00 | coffee break |
| Panel Discussion Chair: Jean-Jacques Quisquater |
|
| 11:00 – 12:00 | 20 years of CARDIS, 40 years of smart cards: Where do we go from there? |
| David M'Raihi (Moderator) | |
| 12:00 – 14:00 | lunch |
| Session 4 – Embedded
Implementations Chair: Jean-Louis Lanet |
|
| 14:30 – 14:55 | Double Level Montgomery Cox-Rower Architecture |
| Jean-Claude Bajard and Nabil Merkiche | |
| 14:55 – 15:20 | How to Use Koblitz Curves on Small Devices? |
| Kimmo Järvinen and Ingrid Verbauwhede | |
| 15:20 – 15:50 | coffee break |
| Session 5 – Public-Key Cryptography Chair: Keith Mayes |
|
| 15:50 – 16:15 | Caml Crush: a PKCS#11 Filtering Proxy |
| Ryad Benadjila, Thomas Calderon, and Marion Daubignard | |
| 16:15 – 16:40 | Algorithms for Outsourcing Pairing Computation |
| Aurore Guillevic and Damien Vergnaud | |
| Social Event Chair: Pierre Paradinas |
|
| 17:00 – 19:30 | Visit of Musée des arts et métiers (National Conservatory of Arts and Crafts) |
| 19:30 – 21:00 | Conference dinner |
| Friday, November 7, 2014 | |
| Session 6 – Leakage and Fault Attacks Chair: François-Xavier Standaert |
|
| 09:15 – 09:40 | Bounded, yet Sufficient? How to Determine Whether Limited Side Channel Information Enables Key Recovery |
| Xin Ye, Thomas Eisenbarth, and William Martin | |
| 09:40 – 10:05 | On the Security of Fresh Re-Keying to Counteract Side-Channel and Fault Attacks |
| Christoph Dobraunig, Maria Eichlseder, Stefan Mangard, and Florian Mendel | |
| 10:05 – 10:30 | Evidence of a Larger EM-induced Fault Model |
| Sébastien Ordas, Ludovic Guillaume-Sage, Karim Tobich, Jean-Max Dutertre, and Philippe Maurine | |
| 10:30 – 11:00 | coffee break |
| Keynote Talk II Chair: Amir Moradi |
|
| 11:00 – 12:00 | Designing Secure Smart Cards |
| Stefan Mangard | |
| 12:00 – 12:15 | Closing remarks and announcements |
| 12:15 – 14:00 | lunch |
Invited Speakers
| Speaker: |
|
||
|---|---|---|---|
| Title: | A Chip Card Sidelight on Lightweight Crypto | ||
| Abstract: | Lightweight cryptography is commonly believed to start with the new century, along with emerging RFID technology. While this can be considered as true from public point of view, work in this domain actually started more than ten years before, at a time not all chip cards were smart. Among them, some prepaid telephone cards were only equipped with a very small memory (not exceeding 512 bits) and, in place of a microprocessor, a very small logic unit (not exceeding 500 gates). Surprisingly, this was just enough to embed a (ultra-)light authentication algorithm, as demonstrated in the mid 90’s by French and German telecom companies. In this talk we first recall the context related to chip cards, telecoms and cryptology in 1985, year when the first prepaid telephone cards were distributed, followed by billions of others. Then we address the specific problem of putting in cryptology on such low-resource devices. Finally we describe some of the components which were developed in order to solve it. | ||
| Biography: | Marc Girault has worked for 26 years (with some interruption) in Orange Labs, as an expert in public-key cryptography, electronic payment, and smart cards. In these topics, he supervised ten PhD theses, published fifty research papers and filed as many patents. Pioneer of lightweight cryptography (at a time it was not named so), he co-invented two ultra-light authentication algorithms: one symmetric for (billions of) prepaid phone cards (500 GE), the other one asymmetric dedicated to RFID tags, called cryptoGPS in ISO standards (2600 GE). |
| Speaker: |
|
||
|---|---|---|---|
| Title: | Designing Secure Smart Cards | ||
| Abstract: | The security of many applications relies on the fact that the code and data, which are processed on smart cards, remain confidential and unchanged even in the presence of all kinds of attacks. This talk discusses the main challenges for designing secure smart card controllers from an industry as well as from an academic perspective. The talk in particular focusses highlighting similarities and differences in the approaches from industry and academia. It not only discusses classical topics, such as power analysis and fault attacks on cryptographic algorithms. It also focuses on open research topics that have so far not received a comparable attention in academia. An example in this context is the efficient protection of general-purpose processors and software against fault attacks. | ||
| Biography: | Stefan Mangard is professor at Graz University of
Technology since November 2013. Before moving to Graz, he
was working as leading security architect at Infineon
Technologies in Munich. In this role he was responsible for
defining the security concepts for the smart card platforms
at Infineon. His research interests include security architectures, system security, cryptography, as well as all kinds of physical attacks and corresponding countermeasures. |
| Moderator: |
|
||
|---|---|---|---|
| Biography: | Dr. David M'Raihi has 23 years of experience in cryptology and computer security. As Chief Security Officer at Perzo, David is responsible of the full security posture of the company, with a focus on information and product security. He joined Perzo from Verayo, a Khosla Ventures company, where he was CTO after his tenure as security architect at Apple and principal scientist at VeriSign. David co-founded the crypto team at Gemplus with David Naccache, authored and co-authored more than 100 papers and patents. David completed his PhD in cryptography with Jacques Stern, former Director of the Computer Science Department of Ecole Normale Supérieure, Paris, France. |
