09: 00 – 09:15 – Opening words by Antoine JOUX and Marine MINIER
09:15 – 09:55 – How will our cryptographic toolkit and cyber security solutions be impacted by Machine Learning?
Najwa Aaraj – Chief Researcher at the Cryptography Research Centre at Technology Innovation Institute (TII, Abu Dhabi, United Arab Emirates)
A part of this talk will focus on the impact of quantum computers on cryptographic algorithms and the changes that are required to protect against both passive and active quantum attacks. We cover the new set of post quantum cryptographic (PQC) schemes that are being proposed to protect current and future systems, the implied security thereof, as well as their practicality when deployed in real world systems. We also discuss standardization efforts, industry challenges, and complexities of the roadmap to transition current cryptographic systems and secure communications solutions to quantum-resistant alternatives.
We will also discuss briefly the role of Machine Learning in advancing cyber security solutions, including (1) cryptographic schemes for privacy preserving technologies; (2) theoretical and implementation-focused (side channel) cryptanalysis techniques; and (3) vulnerability management and automated incident response systems. We cover the role of cryptography in securing Machine Learning models by (1) ensuring confidentiality of both data & model during training and classification; (2) protection of models from being tampered-with or introducing bias for profit or control; (3) protection against model poisoning; and (4) introducing cryptographic randomness in training Deep Neural Networks.
09:55 – 10:35 – When Fuzzing Meets Crypto – Fuzzing SSL Certificates
Andreas ZELLER – Professor for Software Engineering at Saarland University and research at CISPA Helmholtz Center for Information Security
FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs. It takes a binary template that describes the format of a binary input and generates an executable that produces and parses the given binary format. From a binary template for MP4, for instance, FormatFuzzer produces a MP4 generator, which can also parse and mutate existing MP4s, even guided by coverage in the target program. We are currently working on binary templates for inputs as complex as X.509/SSL certificates. This allows systematic parsing, checking, mutating, and producing SSL certificates, including some with subtle semantic flaws, to thoroughly test SSL infrastructures, with thousands of valid (or seemingly valid) inputs per second.
10:35 – 11:10 – CTET+: A Beyond-Birthday-Bound Secure Tweakable Enciphering Scheme Using a Single Pseudorandom Permutation
Virginie LALLEMAND – CNRS researcher on security by symmetric cryptography
Benoit COGLIATI – Research Group Leader at the CISPA on security by symmetric cryptography
In this talk, we propose a construction of 2-round tweakable substitution-permutation networks using a single secret S-box. This construction is based on non-linear permutation layers using independent round keys, and achieves security beyond the birthday bound in the random permutation model. When instantiated with an n-bit block cipher with κ-bit keys, the resulting tweakable block cipher, dubbed CTET+, can be viewed as a tweakable enciphering scheme that encrypts wn-bit messages for any integer w>1 using 5n+κ-bit keys and n-bit tweaks, providing 2n/3-bit security. Furthermore, we propose a new tweakable enciphering scheme, dubbed AES6-CTET+, which is an actual instantiation of CTET+ using a reduced round AES block cipher as the underlying secret S-box.
11:10 – 11:30 – Time break
11:30 – 12:20- Network Agnostic Protocols for Distributed Computations
Julian LOSS – Tenure-track faculty at CISPA Helmholtz Center for Information Security.
Distributed tasks such as agreeing on a common output (consensus) or joint computation of a public function on private inputs (multi-party computation) are typically studied in two types of models. The first model is the synchronous model, where parties have synchronized clocks and messages are delivered within some upper known bound. The second model is the asynchronous model, where no timing assumptions are made. Using the synchronous model (and cryptographic setup), it is possible to design protocols that allow to solve the above tasks among n parties that tolerate up to t<n/2 corrupted parties. On the downside, synchronous protocols, in general, lose all security guarantees once synchrony assumptions cease to hold. By comparison, asynchronous protocols work without any synchrony assumptions, but can tolerate only t<n/3 corrupted parties, even if the network happens to be synchronous. A natural question is whether there exist protocols which are network agnostic: they achieve the optimal corruption tolerance in both types of networks.
In a recent line of work, we give a complete answer to this question. More precisely, fix some thresholds n/3<t_s<n/2,t_a<n/3. We ask whether there exist protocols that tolerate t_s many corrupted parties whenever the network is synchronous, but tolerate t_a many corrupted parties even when no synchrony assumptions hold. We show that this is possible if and only if t_a+2t_s<n.
12:20 – 13:00 – Differential analysis of a cipher using Constraint Programming
Marine MINIER – Professor for Mathematics and Software Engineering at Université de Lorraine and researcher at LORIA for Information security
The aim of this presentation is to show the problems raised by modeling a differential attack on a given cipher. The main obstacle lies on the difficulty of correctly modeling the XOR operator that increases the size of the search tree. For this, we will first use high-level the language Minizinc and a SAT solver then the constraint programming language written in Java, Choco.
13:00 – 14:00- Lunch time
14:00 – 16:00 – Brainstorming time (speed-dating- Teams room available by research subject)
16:30-17:00- Final conclusion by Antoine JOUX and Marine MINIER