Prof. Elisa Bertino (Purdue University)
Elisa Bertino is Samuel Conte professor of Computer Science at Purdue University. She serves as Director of the Purdue Cyberspace Security Lab (Cyber2Slab). Prior to joining Purdue, she was a professor and department head at the Department of Computer Science and Communication of the University of Milan. She has been a visiting researcher at the IBM Research Laboratory in San Jose (now Almaden), at Rutgers University, at Telcordia Technologies. She has also held visiting professor positions at the Singapore National University and the Singapore Management University. Her recent research focuses on cybersecurity and privacy of cellular networks and IoT systems, and on edge analytics for cybersecurity. Elisa Bertino is a Fellow member of IEEE, ACM, and AAAS. She received the 2002 IEEE Computer Society Technical Achievement Award for “For outstanding contributions to database systems and database security and advanced data management systems”, the 2005 IEEE Computer Society Tsutomu Kanai Award for “Pioneering and innovative research contributions to secure distributed systems”, and the 2019-2020 ACM Athena Lecturer Award.
Title - Privacy and Transparency with Blockchain in the Era of Big Data, Machine Learning, IoT, and 5G
Abstract - Technological advances, such as IoT devices, cyber-physical systems, smart mobile devices, cloud systems, data analytics, social networks and increased communication capabilities, are making possible to capture, and to quickly process and analyze huge amounts of data from which to extract information critical for many critical tasks, such as healthcare security and cyber security. In the area of cyber security, such tasks include user authentication, access control, anomaly detection, user monitoring, and protection from insider threat. By collecting and mining data concerning user travels, contacts and disease outbreaks one can predict disease spreading across geographical areas. And those are just a few examples. The use of data for those tasks raises however major privacy concerns. Collected data, even if anonymized by removing identifiers such as names or social security numbers, when linked with other data may lead to re-identify the individuals to which specific data items are related to. Also, as organizations, such as governmental agencies, often need to collaborate on security tasks, data sets are exchanged across different organizations, resulting in these data sets being available to many different parties. Privacy breaches may occur at many different layers and components in our interconnected systems. In this talk, I first present an interesting privacy attack that exploits paging occasion in 5G cellular networks. Such attack shows that achieving privacy is challenging and there is no unique technique that one can use; rather one must combine different techniques depending also on the intended use of data. Examples of these techniques and their applications are presented. Then, I discuss the notion of data transparency – critical for fair and correct data use, and how blockchain technologies can support data transparency.
Dr. Matthias J. Kannwischer (Academia Sinica)
Matthias Kannwischer is a post-doctoral researcher at Academia Sinica in Taipei, Taiwan. He received his MSc in IT Security from TU Darmstadt in 2017 and defended his doctoral thesis on Polynomial Multiplication for Post-Quantum Cryptography at Radboud University in April 2022. His research focuses on the implementation of post-quantum cryptography, in particular lattice-based cryptography on Arm processors. He is one of the creators of pqm4 - a benchmarking and testing framework for post-quantum cryptography on the Cortex-M4.
Title - Implementing Kyber and Dilithium
Abstract - In July 2022, the US National Institute Institute of Standards and Technology (NIST) has announced the first set of post-quantum schemes to be standardized: Kyber, Dilithium, Falcon, and SPHINCS+. It is expected that NIST will publish its first post-quantum cryptography standard including those schemes soon. This talk will cover the implementation of the lattice-based key-encapsulation mechanism Kyber and the digital signature scheme Dilithium. I will introduce the core construction of the schemes and essential implementation techniques. This will cover number-theoretic transforms, Montgomery multiplication, Barrett multiplication, and Plantard multiplication. I will present how these techniques can be used to obtain fast implementations on both low-end Arm microcontrollers, as well as high-end Arm processors supporting the Neon vector instructions.