CHES Tutorial
SEPT
13
Sunday
8:30 - 9:00: Registration & Welcome Coffee
9:00 - 12:20
Tutorial 1
(coffee break 10:45 - 11:10)
Fault Analysis of Cryptosystems: Attacks, Countermeasures and Metrics
Debdeep Mukhopadhyay and Sikhar Patranabis
Download the slides
13:40 - 17:00
Tutorial 2
(coffee break 15:10 - 15:35)
RFID and NFC security in practice
David Oswald and Timo Kasper
Download the slides (password sent by email)
18:00 - 21:00: Welcome cocktail & Registration
CHES Day 1
SEPT
14
Monday
8:15 - 8:50: Registration
8:50 - 9:00: Opening Remarks
9:00 - 10:15
S1: Processing Techniques in Side-Channel Analysis
Session chair: Elke De Mulder
- Robust Profiling for DPA-Style Attacks [ slides ]
Carolyn Whitnall, Elisabeth Oswald (University of Bristol) - Less is More -- Dimensionality Reduction, from a Theoretical Perspective
[ slides ]
[ video ]
Nicolas Bruneau (Telecom ParisTech & STMicroelectronics); Sylvain Guilley (Telecom ParisTech & Secure-IC S.A.S.); Annelie Heuser (Telecom ParisTech); Damien Marion (Telecom ParisTech & Secure-IC S.A.S.); Olivier Rioul (Telecom ParisTech & Ecole Polytechnique) - Blind Source Separation from Single Measurements using Singular Spectrum Analysis
[ slides ]
[ video ]
Santos Merino Del Pozo, François-Xavier Standaert (ICTEAM/ELEN/Crypto Group, Université catholique de Louvain)
Coffee Break (30min)
10:45 - 12:25
S2: Cryptographic Hardware Implementations
Session chair: Junfeng Fan
- Highly Efficient GF(2^8) Inversion Circuit Based on Redundant GF Arithmetic and Its Application to AES Design
[ slides ]
[ video ]
Rei Ueno (Tohoku University); Naofumi Homma (Tohoku University); Yukihiro Sugawara (Tohoku University); Yasuyuki Nogami (Okayama University); Takafumi Aoki (Tohoku University) - NaCl's crypto_box in hardware
[ slides ]
[ video ]
Wolfgang Wieser (Graz University of Technology); Jürgen Schilling (Graz University of Technology); Peter Schwabe (Radboud University of Nijmegen); Michael Hutter (Cryptography Research Inc.) - Lightweight Coprocessor for Koblitz Curves: 283-bit ECC Including Scalar Conversion with only 4300 Gates
[ slides ]
[ video ]
Sujoy Sinha Roy, Kimmo Järvinen, Ingrid Verbauwhede (KU Leuven ESAT/COSIC and iMinds) - Single Base Modular Multiplication for Efficient Hardware RNS Implementations of ECC
[ slides ]
[ video ]
Karim Bigou, Arnaud Tisserand (CNRS, IRISA, INRIA Centre Rennes - Bretagne Atlantique, University Rennes 1)
Lunch Break (1h 35min)
14:00 - 15:15
S3: Homomorphic Encryption in Hardware
Session chair: Christof Paar
- Accelerating Homomorphic Evaluation on Reconfigurable Hardware
[ slides ]
[ video ]
Thomas Pöppelmann (Ruhr-Universität Bochum); Michael Naehrig (Microsoft Research); Andrew Putnam (Microsoft Research); Adrian Macias (Altera Corporation) - Modular Hardware Architecture for Somewhat Homomorphic Function Evaluation
[ slides ]
[ video ]
Sujoy Sinha Roy (KU Leuven ESAT/COSIC and iMinds); Kimmo Järvinen (KU Leuven ESAT/COSIC and iMinds); Frederik Vercauteren (KU Leuven ESAT/COSIC and iMinds); Vassil Dimitrov (University of Calgary, Department of Electrical and Computer Engineering); Ingrid Verbauwhede (KU Leuven ESAT/COSIC and iMinds) - Accelerating LTV Based Homomorphic Encryption in Reconfigurable Hardware
[ slides ]
[ video ]
Yarkın Doröz (Worcester Polytechnic Institute); Erdinç Öztürk (Istanbul Commerce University); Erkay Savaş (Sabancı University); Berk Sunar (Worcester Polytechnic Institute)
Coffee Break (30min), until 15:45
16:00: Guided Excursion and Dinner
CHES Day 2
SEPT
15
Tuesday
9:00 - 10:15
S4: Side-Channel Attacks on Public-Key Cryptography
Session chair: Emmanuel Prouff
- Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation
[ slides ]
[ video ]
Daniel Genkin (Technion and Tel-Aviv University); Lev Pachmanov (Tel-Aviv University); Itamar Pipman (Tel-Aviv University); Eran Tromer (Tel-Aviv University) - Exclusive Exponent Blinding May Not Suffice to Prevent Timing Attacks on RSA
[ slides ]
[ video ]
Werner Schindler (Bundesamt für Sicherheit in der Informationstechnik (BSI)) - Who watches the watchmen? : Utilizing Performance Monitors for Compromising keys of RSA on Intel Platforms
[ slides ]
[ video ]
Sarani Bhattacharya, Debdeep Mukhopadhyay (Indian Institute of Technology Kharagpur)
Coffee Break (30min)
Poster session #1: list of accepted posters
10:45 - 12:25
S5: Cipher Design and Cryptanalysis
Session chair: Bart Preneel
- Improved Cryptanalysis of the DECT Standard Cipher
[ slides ]
[ video ]
Iwen Coisel, Ignacio Sanchez (European Commission - Joint Research Centre) - Practical Key Recovery for Discrete-Logarithm Based Authentication Schemes from Random Nonce Bits
[ slides ]
Aurélie Bauer (ANSSI); Damien Vergnaud (Ecole Normale Supérieure) - The Simeck Family of Lightweight Block Ciphers
[ slides ]
[ video ]
Gangqiang Yang, Bo Zhu, Valentin Suder, Mark Aagaard, Guang Gong (Department of Electrical and Computer Engineering, University of Waterloo) - TriviA: A Fast and Secure Authenticated Encryption Scheme
[ slides ]
[ video ]
Avik Chakraborti (Indian Statistical Institute Kolkata); Anupam Chattopadhyay (School of Computer Engineering, NTU Singapore); Muhammad Hassan (RWTH Aachen University); Mridul Nandi (Indian Statistical Institute Kolkata)
Lunch Break (1h 35min)
14:00 - 14:50
S6: TRNGs and Entropy Estimations
Session chair: Jean-Sébastien Coron
- A Physical Approach for Stochastic Modeling of TERO-based TRNG
[ slides ]
Patrick Haddad (STMicroelectronics); Viktor Fischer (Hubert Curien Laboratory, Jean Monnet University, St.-Etienne); Florent Bernard (Hubert Curien Laboratory, Jean Monnet University, St.-Etienne); Jean Nicolai (STMicroelectronics) - Predictive Models for Min-Entropy Estimation
[ slides ]
[ video ]
John Kelsey (NIST); Kerry A. McKay (NIST); Meltem Sonmez Turan (NIST and Dakota Consulting)
14:50 - 15:50
Invited Talk
Secure protocols in a hostile world
[ slides ]
[ video ]
Matthew D. Green (Johns Hopkins University)
Matthew D. Green (Johns Hopkins University)
Coffee Break (30min)
16:20 - 17:35
S7: Side-Channel Analysis and Fault Injection Attacks
Session chair: Naofumi Homma
- Improved Side-Channel Analysis of Finite-Field Multiplication
[ slides ]
[ video ]
Sonia Belaïd (École Normale Supérieure and Thales Communications & Security); Jean-Sébastien Coron (University of Luxembourg); Pierre-Alain Fouque (IRISA, Université de Rennes 1); Benoît Gérard (DGA.MI and IRISA, Université de Rennes 1); Jean-Gabriel Kammerer (DGA.MI and IRMAR, Université de Rennes 1); Emmanuel Prouff (ANSSI) - Evaluation and Improvement of Generic-Emulating DPA Attacks
[ slides ]
[ video ]
Weijia Wang (Shanghai Jiao Tong University), Yu Yu (Shanghai Jiao Tong University), Junrong Liu (Shanghai Jiao Tong University), Zheng Guo (Shanghai Jiao Tong University), François-Xavier Standaert (UCL Crypto Group), Dawu Gu (Shanghai Jiao Tong University), Sen Xu (Shanghai Jiao Tong University), Rong Fu (Tsinghua University) - Transient-Steady Effect Attack on Block Ciphers
[ slides ]
Yanting Ren, An Wang, Liji Wu (Institute of Microelectronics, Tsinghua University)
19:30 - 23:00: Rump session & cocktail dinner
CHES Day 3
SEPT
16
Wednesday
9:00 - 10:15
S8: Higher-Order Side-Channel Attacks
Session chair: Matthieu Rivain
- Assessment of Hiding the Higher-Order Leakages in Hardware, what are the achievements versus overheads?
[ slides ]
[ video ]
Amir Moradi, Alexander Wild (Ruhr-Universität Bochum) - Multi-variate High-Order Attacks of Shuffled Tables Recomputation
[ slides ]
[ video ]
Nicolas Bruneau (Telecom-ParisTech & STMicroelectronics); Sylvain Guilley (Telecom-ParisTech & Secure-IC S.A.S.); Zakaria Najm (Telecom-ParisTech); Yannick Teglia (STMicroelectronics) - Leakage Assessment Methodology - a clear roadmap for side-channel evaluations
[ slides ]
[ video ]
Tobias Schneider, Amir Moradi (Ruhr-Universität Bochum)
Coffee Break (30min)
Poster session #2: list of accepted posters
10:45 - 12:25
S9: Physically Unclonable Functions and Hardware Trojans
Session chair: Ulrich Rührmair
- Secure Key Generation from Biased PUFs
[ slides ]
[ video ]
Roel Maes (Intrinsic-ID); Frans Willems (Universiteit Eindhoven); Vincent van der Leest (Intrinsic-ID); Erik van der Sluis (Intrinsic-ID) - The Gap Between Promise and Reality: On the Insecurity of XOR Arbiter PUFs
[ slides ]
Georg T. Becker (Ruhr-Universität Bochum) - End-to-end Design of a PUF based Privacy Preserving Authentication Protocol
[ slides ]
[ video ]
Aydin Aysu (Virginia Tech); Ege Gulcan (Virginia Tech); Daisuke Moriyama (NICT); Patrick Schaumont (Virginia Tech); Moti Yung (Google and Columbia University) - Improved Test Pattern Generation for Hardware Trojan Detection using Genetic Algorithm and Boolean Satisfiability
[ slides ]
[ video ]
Sayandeep Saha, Rajat Subhra Chakraborty, Srinivasa Shashank Nuthakki, Anshul, Debdeep Mukhopadhyay (Indian Institute of Technology Kharagpur)
Lunch Break (1h 35min)
14:00 - 15:15
S10: Side-Channel Attacks in Practice
Session chair: Amir Moradi
- DPA, Bitslicing and Masking at 1 GHz
[ slides ]
[ video ]
Josep Balasch, Benedikt Gierlichs, Oscar Reparaz and Ingrid Verbauwhede (KU Leuven and iMinds) - SoC it to EM: electromagnetic side-channel attacks on a complex system-on-chip
[ slides ]
Jake Longo (University of Bristol); Elke De Mulder (Cryptography Research Inc.); Dan Page (University of Bristol); Michael Tunstall (Cryptography Research Inc.) - Finding the AES Bits in the Haystack: Reverse Engineering and SCA Using Voltage Contrast
[ slides ]
[ video ]
Christian Kison (Ruhr-Universität Bochum); Jürgen Frinken (Bundeskriminalamt); Christof Paar (Ruhr-Universität Bochum)
Coffee Break (30min)
15:45 - 16:35
S11: Lattice-Based Implementations
Session chair: Bo-Yin Yang
- Efficient Ring-LWE Encryption on 8-bit AVR Processors
[ slides ]
[ video ]
Zhe Liu (University of Luxembourg); Hwajeong Seo (Pusan National University); Sujoy Sinha Roy (K.U. Leuven); Johann Großschädl (University of Luxembourg); Howon Kim (Pusan National University); Ingrid Verbauwhede (K.U. Leuven) - A masked ring-LWE implementation
[ slides ]
[ video ]
Oscar Reparaz, Sujoy Sinha Roy, Frederik Vercauteren, Ingrid Verbauwhede (KU Leuven/COSIC)