sponsored by

Cryptography research

RFI Global


Invited Speakers

Elisabeth Oswald

Elisabeth Oswald


Elisabeth Oswald received her Msc and PhD from Graz University of Technology. Her research interest is mainly in information leakage attacks and most of her publications are within the area of power analysis. Lately she has been a keen promotor of research into foundations of side channel attacks: i.e. techniques which unterpin a wide variety of attack methods. For her research in this area and vision for future development she was awarded a Leadership Fellowship from the UK government (EPSRC). She now spearheads the side channel group within Bristol University and focuses mainly on research and postgraduate supervision.

Talk: Do we need a theory for side channel attacks?

Research in side channel attacks has come a long way from the early publications around the year 2000. Back then the hallmark of a high quality paper was to provide some concrete results, i.e. any good paper would show results of actual measurements and analysis. However, it became clear soon that the result of a single successful (or unsuccessful) attack is often insufficient evidence, we rather need metrics or even a theory to make any meaningful statements about attacks and countermeasures. In this talk I would like to look into what kinds of theory we currently have, including an honest assessment of what theory can and cannot do for us. As part of my talk I intend to cover known grounds such as proofs around masking (and their limitations), recent separability results on profiled vs. non-profiled distinguishers, and touch on leakage detection strategies.

Gilles Van Assche

Gilles Van Assche


Gilles Van Assche currently works in the Secure Microcontrollers Division of STMicroelectronics in Diegem, Belgium and teaches cryptography at the École Supérieure d'Informatique in Brussels. He received the Physics Engineer degree from the Université Libre de Bruxelles (ULB) in 1998. He then joined the company Proton World, which later became part of STMicroelectronics. Between 2000 and 2005, in parallel with his job, he worked on a PhD thesis at the Center for Quantum Information and Communication of the ULB. He is a co-recipient of the prize Le Prix La Recherche mention Mobilités 2004 for his work in quantum cryptography. He is the author of the book "Quantum Cryptography and Secret-Key Distillation" (Cambridge University Press) and of about 30 scientific papers, and has served in the program committee of various conferences. His current research interests are hash function design, modes of operation and side channel attacks. Together with Guido Bertoni, Joan Daemen and Michaël Peeters, he is a co-designer of the Keccak sponge function, which was selected by NIST as the winner of the SHA-3 competition. At ST, he works on security and testing aspects of software on secure microcontrollers.

Talk: Implementation aspects of KECCAK

In October 2012, the American National Institute of Standards and Technology (NIST) announced the selection of Keccak as the winner of the SHA-3 Cryptographic Hash Algorithm Competition. This concluded an open competition that was remarkable both for its magnitude and the involvement of the cryptographic community. Keccak relies on a new construction, called the sponge construction, which allows for simple and flexible modes of use, not only for all the flavors of hashing, but also for keyed modes such as stream encryption, authentication, and authenticated encryption. Internally, the Keccak-f permutation uses bitwise operations and its round function has algebraic degree two, which makes it suitable for protection against side-channel attacks. In this talk, I will introduce Keccak and give an overview of its implementation properties. In particular, I will focus on aspects relevant to low-resource devices and on resistance and countermeasures against side channel attacks.

Organised by

Supported by