Joan Daemen will speak about a counter-movement they started to clean up symmetric cryptography. In particular, this is a re-factoring where block ciphers are replaced by cryptographic permutations and so-called deck functions as central primitives - more information below.
Lejla Batina's talk will survey some recent results on two-fold connection between deep learning and side-channel analysis and discuss directions for future work - more information below.
Both talks will take place on Thursday 28 April 2022 at Thákurova 9, Prague, room T9:105, at 4:30pm and 6pm respectively. There will be no stream or recording. No reservation is necessary.
Joan Daemen: Permutation-based cryptography
At 4:30pm. Facebook event. Faculty website / fakultní web (in czech).
Symmetric cryptography is the subfield of cryptography that deals with encryption, MAC computation and authenticated encryption secured by shared secret keys and cryptographic hashing. Ever since the introduction of DES in the seventies, this field has been dominated by block ciphers. Encryption, authentication and hashing are usually performed using modes of block ciphers. Over the years an impressive panoply of modes of ever-increasing complexity have been developed: CBC, CBC-MAC, Counter-mode, GCM, Davies-Meyer with Merkle-Damgard, OCB, just to name a few. This has lead to a rather messy situation.
I will speak about a counter-movement we started to clean up symmetric cryptography. In particular, this is a re-factoring where block ciphers are replaced by cryptographic permutations and so-called deck functions as central primitives. Important milestones in this movement were the introduction of three permutation-based constructions: sponge for hashing in 2007, duplex for lightweight authenticated encryption in 2011 and farfalle for high-speed authenticated encryption in 2017. It turns out that permutation-based cryptography is at the same time simpler and more efficient than old-school block cipher based crypto.
About Joan Daemen
After graduating in electromechanical engineering Joan Daemen was awarded his PhD in 1995 from KU Leuven, Belgium. After his contract ended at COSIC, he privately continued his crypto research and contacted Vincent Rijmen to continue their collaboration that would lead to the Rijndael block cipher, and this was selected by NIST as the new Advanced Encryption Standard in 2000. After over 20 years of security industry experience, including work as a security architect and cryptographer for STMicroelectronics, he is now full professor in the Digital Security Group at Radboud University Nijmegen. He co-designed the Keccak cryptographic hash function that was selected as the SHA-3 hash standard by NIST in 2012 and is one of the founders of the permutation-based cryptography movement and co-inventor of the sponge, duplex and farfalle constructions. In 2017 he won the Levchin Prize for Real World Cryptography "for the development of AES and SHA3". In 2018 he was awarded an ERC advanced grant for research on the foundations of security in symmetric cryptography called ESCADA and an NWO TOP grant for the design of symmetric crypto in the presence of efficient multipliers called SCALAR.
Lejla Batina: Deep Learning and Physical Attacks on Embedded Systems: How Deep can we go?
At 6pm. Facebook event. Faculty website / fakultní web (in czech).
Recently, the potential of machine and consequently deep learning on side-channel analysis was discovered and confirmed even on protected cryptographic implementations. The success of those experiments has led to deep learning techniques becoming a mainstream component in side-channel leakage evaluations.
Conversely, recent work has shown that neural networks can be reversed engineered by the side-channel attacker, i.e., the adversary using physical leakage such as timing and EM. This makes neural nets an interesting target as in some applications such as security evaluation, HD maps for autonomous vehicles etc. as optimized network architectures are considered an IP.
This talk will survey some recent results on this two-fold connection between deep learning and side-channel analysis and discuss directions for future work.
About Lejla Batina
Lejla Batina is a Full Professor in the Institute for Computing and Information Sciences (iCIS) at Radboud University and Teaching director of the Institute. She received the Dipl. Ing. (equivalent) Degree in Mathematics and Physics and the Master of Science Degree in Pure Mathematics from University of Zagreb, Croatia (1995). Her Ph.D. degree in Cryptography is from KU Leuven, Belgium (2005). Prior to joining Radboud University in 2009 she was a postdoctoral researcher with the COSIC group at KU Leuven (2006-2009) and a cryptographer at Pijnenburg Securealink (later SafeNet B.V.) in The Netherlands (2001-2003). Her research interests include cryptographic implementations and physical attacks and countermeasures. She has served on the program committees of all top crypto and security conferences (USENIX Security, CCS, EUROCRYPT, CRYPTO, etc.). She was a program co-chair of ACM WiSec 2021 and CHES 2014 and a general co-chair of CHES 2012, EUROCRYPT 2021 and RWC 2021. She received a VIDI grant from the Dutch government in 2014 and acted as the PI in several research projects with national and EU funding. She leads a group of 11 researchers at Radboud and 9 PhD students graduated under her supervision.