CryptoBG*2018
International Summer School in Cryptology and Cyber-Resilience
8 – 15 July 2018 (Sunday-Sunday), “National Institute of Education”, Oriahovitza, Bulgaria
(view more about the location)
Registration is closed >>> to download the registration form, click here.
CryptoBG*2018 First announcement >>> download from here
CryptoBG*2018 Sponsorship package >>> download from here
Queries and interest >>> info (at) cryptoBG (dot) org
One intensive week of theory, practice and discussions: 4-hour lectures and tutorials by international experts extended with practical workshops, labs and seminars, simulations, round-table discussions and working groups on hot topics
Topics of the year:
- Symmetric Encryption
- White-Box Cryptogaphy
- Blockchain
- Secure Multi-Party Computation
- Deep Learning
- Biometrics
And a round of CTF*BG (Capture The Flag) by the CyResLab of ESI CEE – RED <>BLUE teams in 3 sessions:
- CTF “warm up” & challenges explained
- Active security
- CTF*BG Ultimate
Especially for the Industry and Sponsors: Challenge the CryptoBG*2018 team – define a problem/challenge, bring it on day 1 and get a solution in a week
Lectures and Tutorials
Dr. Claude Barral (Bactech, France) – Evaluation of biometric systems: who said straightforward?
The current rapid growth of biometric authentication features within consumer devices paves the way to security and performance certification needs. For more than a decade, IT security players tried to map certification schemes from smartcards and ICT systems to the area of Biometrics without success. Why?
We will discuss all the issues one may face while setting up an evaluation environment for any biometric systems: which biometric data is targeted? How many different security settings? What is a representative database? Public vs Private databases? Target database size and architecture? How many authentication tests needed to claim a 0,001% false acceptance rate?
Which evaluation target: Compliance? Interoperability? Security? Performances? Well, definitely not straightforward indeed! You will see…
Dr. Christina Boura (Université de Versailles, France) – Block Ciphers and Boolean Functions for Symmetric CryptographyWe will discuss all the issues one may face while setting up an evaluation environment for any biometric systems: which biometric data is targeted? How many different security settings? What is a representative database? Public vs Private databases? Target database size and architecture? How many authentication tests needed to claim a 0,001% false acceptance rate?
Which evaluation target: Compliance? Interoperability? Security? Performances? Well, definitely not straightforward indeed! You will see…
Block ciphers are probably the most employed and well studied primitives in symmetric-key cryptography. This course will start by analysing the design principles behind these constructions and focus on some of the most important attacks against them, notably the differential, linear and higher-order differential attacks. To avoid these attacks, block cipher designers must carefully choose the inner primitives, especially for the non-linear layer. The second part of this course will focus on vectorial Boolean functions for symmetric key cryptography by discussing the most important properties that such functions should have in order to be used as inner parts of block ciphers.
Dr. Nadia El Mrabet (ENSMSE, France) – Introduction to Cryptography
Cryptography is the art of sending message and making them incomprehensible without the correct decryption method. We will make an historical survey of cryptography and present the cryptography that is used today, before a short introduction to the futur cryptosystems.
Dr. Nicolas Gama (Inpher, Switzerland) – Privacy Preserving ComputationIn this course, we introduce two famous families for privacy-preserving computations for the cloud: fully homomorphic encryption (FHE) and multiparty computations (MPC). We give an overview of the main constructions, as well as the underlying security assumptions, and the adversarial models behind these models. For homomorphic encryption, we explain the notion of encryption with noise, and the bootstrapping concept introduced by Gentry in 2009. We explain the current state of the art, both in theory (with the underlying Approx-GCD and RingLWE lattice problems), and in practice by introducing a few open source libraries, and how to interconnect them. For MPC, we present the concept of masking, secret sharing, oblivious transfer and garbled circuits, and illustrate a few examples. Finally, we compare both approaches, if the final goal is to achieve privacy preserving computations in the cloud.
Dr. Pascal Paillier (CryptoExperts, France) – White-Box Cryptography: A bit of Theory and a Live Hands-On Tutorial
White-box cryptography (WBC) is probably one of the most intriguing subjects at the moment. The subject is twofold, and the theoretical and practical sides of WBC are extreme opposites. The theory of WBC is almost non-existent: most cryptographers have pessimistic views on the question of its being achievable at all, even though the recent emergence of new constructions such as Indistinguishability Obfuscation may open the way to the first ever proven secure construction with polynomial efficiency. At the same time, proprietary solutions are all over the place in the industry of secure content distribution, and last year’s WhibOx competition has shown that there exists a huge appetite for both solutions that are secure enough to resist hacking on the field, and attack tools that defeat deployed white-box software. This course is also two-fold. The first part is a lecture that presents the definitional framework of WBC and the different notions that capture what cryptographers are trying to achieve. The second part is a hands-on, live demo that shows how to break typical white-box implementations of AES by applying differential computation analysis, fault attacks or structural analysis using Mathematica.
Prof. Krzysztof Pietrzak (IST, Austria) – Beyond Proofs of Work: New Proof Systems for Sustainable BlockchainsBitcoin is the by far most successful digital currency. What distinguishes it from previous proposals is the fact that it’s decentralized, so its security does not rely on any trusted authorities, such as banks. To achieve decentralization, Bitcoin requires that the majority of computing power dedicated towards securing the blockchain underlying it is controlled by honest parties, the so called miners. Miners must generate “proofs of work” to add a block to the blockchain, and they are incentivized to do so by rewards (currently 12.5 bitcoin per block). This results in a massive waste of energy.
In this lecture, Prof. Pietrzak will introduce two new proof systems, “proofs of space” and “proofs of sequential work”, and sketch how new blockchain designs, like Spacemint and the Chia network, use them to realize ecologically and also economically, a more sustainable blockchain design.
Dr. Adrian Thillard (ANSSI, France) –Deep Learning Techniques for Side-Channel Analysis
Implementations of cryptographic algorithms on embedded devices often leak information on the manipulated secret datas. This information can be retrieved through the observation of physical channels, such as the power consumption, time of response, or electro-magnetic emanations of the device. So-called Side-Channel Attacks exploiting this kind of observations are known since the late 1990s.
Deep learning methods are a subclass of machine learning algorithms based on multiple layers of nonlinear processing units for feature extraction and transformation. These methods have been successfully used in the recent years in many fields, such as image recognition, speech recognition, bioinformatics, or even chess and go.
During this tutorial, we will start with a description of the main steps of side-channel attacks, and highlight the distinction between profiled and non-profiled side-channel attacks.
We will then introduce the basics of Multi-Layer Perceptrons and Convolutional Neural Networks, and illustrate how these algorithms can be used to automatically solve some problems encountered by a side-channel evaluator.
Working on a public database of real side-channel acquisitions, we will apply those methods to retrieve the secret key. To do so, we will be using the Keras library on top of Google’s Tensorflow, allowing us to build layer by layer a neural network. We will then train our network and use it to predict the correct manipulated values. We will then study the relevance and impact of hyperparameters on our results, and compare its performance against classical side-channel approaches.
Deep learning methods are a subclass of machine learning algorithms based on multiple layers of nonlinear processing units for feature extraction and transformation. These methods have been successfully used in the recent years in many fields, such as image recognition, speech recognition, bioinformatics, or even chess and go.
During this tutorial, we will start with a description of the main steps of side-channel attacks, and highlight the distinction between profiled and non-profiled side-channel attacks.
We will then introduce the basics of Multi-Layer Perceptrons and Convolutional Neural Networks, and illustrate how these algorithms can be used to automatically solve some problems encountered by a side-channel evaluator.
Working on a public database of real side-channel acquisitions, we will apply those methods to retrieve the secret key. To do so, we will be using the Keras library on top of Google’s Tensorflow, allowing us to build layer by layer a neural network. We will then train our network and use it to predict the correct manipulated values. We will then study the relevance and impact of hyperparameters on our results, and compare its performance against classical side-channel approaches.
Short talks
Adrián Ranea (KU Leuven, Belgium) – Affine Encodings for White-Box Cryptography
All white-box implementations of existing ciphers are heavily based on the pioneer white-box implementation of AES by Chow et al., where individual steps of the cipher are represented with look-up tables and compose with random permutations. We will introduce a new method that represents individual steps with polynomials over finite fields and encodes them with affine permutations. This method can encode individual steps with wide permutations and evaluate affine steps directly on encoded values. We will show how to apply our method to AES to obtain a white-box implementation with less memory requirements than a look-up table-based approach.
Ilia Dafchev (Telelink, Bulgaria) – Practical Malware Analysis of the Crysis/Dharma Ransomware
A malware sample of a variation of the Crysis/Dharma ransomware was obtained during a real case from an infected host. The malware was analysed using reverse engineering. The approach for the static analysis and the internal logic will be presented. The malware spreading, installation, encryption mechanisms, obfuscation and integrated static analysis prevention techniques will be discussed. The main focus of the presentation and the discussion will be on static analysis and cryptographic algorithms used in the malware
Marius Lombard-Platet (ENS Paris / Almerys, Clermont-Ferrand, France) – Anonymity in Blockchain
Since the design of Bitcoin by Satoshi in 2008, several blockchains have been designed. However, even though privacy and anonymity is often advertised as a core feature of many of these blockchains, most of them are actually easily traceable, and as such offer limited anonymity. We will first consider the first tries at anonymization, then look at the design of ZCash, a fully anonymous blockchain.
Agenda
To view or download the presentations, please follow this link (for participants only, password required)
Organized by:
Supported by:
