21st International Conference on Applied Cryptography and Network Security
| 19-22 June, 2023
PQShield Ltd, U.K. and AIST, Japan
In recent years, secure messaging protocols such as the Signal protocol and the Messaging Layer Security (MLS) protocol have garnered interest in both academia and industry. However, these protocols were primarily designed with "classical" cryptography in mind, rendering them vulnerable to attacks from quantum computers. We explain several challenges of adapting these classical secure messaging protocols to be post-quantum secure; typically due to the lack of a suitable counterpart to the Diffie-Hellman key exchange protocol and the higher communication costs associated with post-quantum cryptography. We will then discuss solutions to these challenges, including techniques tailored to lattice-based cryptography.
Biography: Dr. Shuichi Katsumata is a Lead Cryptography Researcher at PQShield Ltd, U.K., where he specializes in the construction and security analysis of cryptographic primitives/protocols with a focus on post-quantum security. He is also a Collaborative Researcher at the National Institute of Advanced Industrial Science and Technology (AIST), Japan. He received his Ph.D. in Science from the University of Tokyo as well as his Masters and BS degrees. He is the recipient of the MIT Technology Review, Innovators Under 35 Japan, 2022 for his work on post-quantum secure messaging protocols.
Department of Computer Science, Stony Brook University, U.S.A.
As control flow hijacking attacks become more challenging due to the deployment of exploit mitigation technologies, the leakage of sensitive process data through the exploitation of memory disclosure vulnerabilities is becoming an increasingly important threat. To make matters worse, the threat of data leakage has been exacerbated by the recent spate of transient execution attacks, which can leak otherwise inaccessible process data through residual microarchitectural side effects. Numerous attack variants have aptly shown that existing isolation and sandboxing technologies are not adequate for preventing the in-process and cross-process leakage of sensitive application data. In this talk I will present our line of research on elevating data confidentiality as a core language feature. Preventing the exposure of plaintext developer-annotated data in memory provides future-proof protection against both memory disclosure and transient execution attacks, by accepting the fact that sensitive data may be leaked, and ensuring that it will always remain useless for the attacker, as any leaked data will always remain encrypted.
Biography: Michalis Polychronakis is an associate professor in the Computer Science Department at Stony Brook University. He received the BSc ('03), MSc ('05), and PhD ('09) degrees in Computer Science from the University of Crete, Greece, while working as a research assistant in the Distributed Computing Systems Lab at FORTH-ICS. His research aims to improve the security of computer systems and networks, build defenses against malicious software and online threats, reinforce the privacy of our online interactions, and enhance our understanding of the internet and its darker sides. He has published more than 100 peer-reviewed papers, and is the recipient of the DARPA Young Faculty Award and the NSF CAREER Award.
Jian Guo (NTU, Singapore)
Zhiguo Wan (Zhejiang Laboratory, China)
Shivam Bhasin (NTU, Singapore)
Maria Mushtaq (Telecom Paris, France)
Bo Li (UIUC, USA)
Jianying Zhou (SUTD, Singapore)
Michail Maniatakos (NYU Abu Dhabi, UAE)
Weizhi Meng (DTU, Denmark)
Sara Foresti (Universita' degli Studi di Milano, Italy)
Rongxing Lu (University of New Brunswick, Canada)
Danfeng (Daphne) Yao (Virginia Tech, USA)
Chunyang Chen (Monash University, Australia)
Narseo Vallina Rodriguez (IMDEA Networks, Madrid, Spain)
Masashi Sugiyama (RIKEN, Japan)