Conference Speakers

September 18-20, 2018
Rennes, France


Programme >>
Speakers >>
Registration >>
Venue >>
Social Event >>




Invited speakers include (list in progress):

Note that there are also two sessions devoted to 5-min talks about the Cryptacus’ book written n 2018. The list of short-talk speakers will be released soon.

Lejla Batina
Radboud University Nijmegen, The Netherlands
Title Physical attacks on EdDSA
Abstract Physical attacks are a continuous and present threat for embedded devices. In this talk I will present some recent attacks on real-world implementations and in particular I will explain how to break an Ed25519 implementation in WolfSSL, which is a use case for IoT applications. I will describe two recent attacks on the scheme, one of which is based on power analysis and the other one relies on fault injection by glitching techniques.
Biography Lejla Batina is a professor in the Institute of Computer and Information Sciences at the Radboud University in Nijmegen, the Netherlands. Her research focuses on applied cryptography and hardware security, and in particular on public-key cryptography. She is the recipient of a VIDI grant by the Dutch government, which allowed her to start her own research group working on different aspects of applied cryptography and embedded security. She received her Ph.D. in cryptography from Katholieke Universiteit Leuven, Belgium in 2005. She has also studied at the Eindhoven University of Technology,(Mathematics for industry, Professional Doctorate in Engineering in 2001) and worked as a cryptographer for SafeNet B.V. (2001-2003).

She has published more than 100 refereed papers and served at 70+ program committees and gave more than 40 invited talks at conferences and summer schools. She has chaired RFIDSec09 and CHES 2012 (as general co-chair) and she was the general chair of RFIDSec12 in Nijmegen. She was a program co-chair of CHES 2014 (the IACR flagship conference on cryptographic hardware) in Busan, Korea.

Orr Dunkelman
University of Haifa, Israel
Title Old Attacks and Tricks on New Lightweight Designs
Abstract Lightweight cryptographic designs try to push the security/efficiency tradeoff to the point of maximal efficiency which is still secure. This optimization sometimes leads to successful cryptanalytic attacks against the newly proposed schemes. In this talk we will show how this aggresive optimization allows for “old” attacks such as meet in the middle attacks and fixed-point based attacks.
Biography Orr Dunkelman is an associate professor in the Computer Science department at the University of Haifa. His research focuses on cryptanalysis, cryptography, security, and privacy. He is best known for his work on symmetric-key cryptanalysis, mostly of block ciphers, and the introduction of new cryptanalytic techniques. Orr has worked on many of the most widely deployed ciphers such as the AES, KASUMI (used in 3G mobile networks), A5/1 (used in GSM networks), and IDEA, publishing more than 90 papers in international venues.

He served in more than 80 conference committees, five times as the program chair (FSE 2009, CT-RSA 2012, SAC 2015, INDOCRYPT 2016, and LATINCRYPT 2017), and has won several distinctions and awards (e.g., best paper awards in Crypto 2012 and FSE 2012). In addition, he has served as the general chair of EUROCRYPT 2018. Orr obtained his Ph.D. in computer science in 2006 from the Technion and a B.A. in computer science in 2000 from the Technion.

aurel Aurélien Francillon
Eurecom, France
Title Screaming Channels: When Electromagnetic Side Channels Meet Radio Transceivers
Abstract The drive for ever smaller and cheaper components in microelectronics has popularized so-called “mixed-signal circuits,” in which analog and digital circuitry are residing on the same silicon die. A typical example is WiFi chips which include a microcontroller (digital logic) where crypto and protocols are implemented together with the radio transceiver (analog logic). The special challenge of such designs is to separate the “noisy” digital circuits from the sensitive analog side of the system.

In this talk, we show that although isolation of digital and analog components is sufficient for those chips to work, it’s often insufficient for them to be used securely. This leads to novel side-channel attacks that can break cryptography implemented in mixed-design chips over potentially large distances. This is crucial as the encryption of wireless communications is essential to widely used wireless technologies, such as WiFi or Bluetooth, in which mixed-design circuits are prevalent on consumer devices.

The key observation is that in mixed-design radio chips the processor’s activity leaks into the analog portion of the chip, where it is amplified, up-converted and broadcast as part of the regular radio output. While this is similar to electromagnetic (EM) side-channel attacks which can be mounted only in close proximity (millimeters, and in a few cases a meter), we show that it is possible to recover the original leaked signal over large distances on the radio. As a result, variations of known side-channel analysis techniques can be applied, effectively allowing us to retrieve the encryption key by just listening on the air with a software defined radio (SDR).

Biography Aurélien Francillon is an assistant professor in the Networking and Security department at EURECOM, in the System and Software Security group ( Before this he received PhD degree in 2009 from INRIA and Grenoble INP, then, he was a postdoctoral researcher in the System Security Group at ETH Zurich. He is mainly interested in practical aspects of the security of embedded devices. In this context he has worked on topics such as code injection, code attestation, random number generation, hardware support for software security, bug finding techniques as well as on broader security and privacy topics.
aurel Yanick Fratantonio
Eurecom, France
Title Betrayed by the Android User Interface: why a Trusted UI Matters
Abstract In the latest years, the Android platform went through a lot of changes and security enhancements. Most of these improvements relate to low-level mechanisms and current devices are significantly more difficult to compromise than ever before. This talk will show, however, that without a “trusted UI” many of these mechanisms can be bypassed. In particular, we will cover two main UI-related open problems, clickjacking and phishing, and we will discuss possible solutions.
Biography Yanick Fratantonio is an assistant professor in the Digital Security department within the Software and System Security group at Eurecom. He obtained a PhD in Computer Science from University of California, Santa Barbara (2017). His research interests span many areas of systems and software security, such as mobile system security, program analysis, malware detection, and vulnerability analysis. Yanick has published more than 20 papers, many of which appeared in top-tier academic and industry conferences, such as IEEE Security & Privacy, USENIX Security, ACM CCS, NDSS, and Black Hat. His work has received the Distinguish Practical Paper Award from IEEE Security & Privacy 2017 and a Pwnie Award for Best Privilege Escalation. He is serving on the program committee of leading systems security conferences and workshops, such as USENIX Enigma, ACSAC, and USENIX WOOT. Yanick is also a member of the “Order of the Overflow” team, the current DEF CON CTF organizers.
Kevin Fu
The University of Michigan, USA
Title Analog Cybersecurity and Transduction Attacks
Abstract Medical devices, autonomous vehicles, and the Internet of Things depend on the integrity and availability of trustworthy data from sensors to make safety-critical, automated decisions. How can such cyberphysical systems remain secure against an adversary using intentional interference to fool sensors? Building upon classic research in cryptographic fault injection and side channels, research in analog cybersecurity explores how to protect digital computer systems from physics-based attacks. Analog cybersecurity risks can bubble up into operating systems as bizarre, undefined behavior. For instance, transduction attacks exploit vulnerabilities in the physics of a sensor to manipulate its output. Transduction attacks using audible acoustic, ultrasonic, or radio interference can inject chosen signals into sensors found in devices ranging from fitbits to implantable medical devices to drones and smartphones.

Why do microprocessors blindly trust input from sensors, and what can be done to establish trust in unusual input channels in cyberphysical systems? Why are students taught to hold the digital abstraction as sacrosanct and unquestionable? Come to this talk to learn about undefined behavior in basic building blocks of computing. I will discuss how to design out analog cybersecurity risks by rethinking the computing stack from electrons to bits.

Biography Kevin Fu is Associate Professor of EECS at the University of Michigan where he directs the SPQR lab ( and the Archimedes Center for Medical Device Security ( His research focuses on analog cybersecurity—how to model and defend against threats to the physics of computation and sensing. His embedded security research interests span from the physics of cybersecurity through the operating system to human factors. Past research projects include MEMS sensor security, pacemaker/defibrillator security, cryptographic file systems, web authentication, RFID security and privacy, wirelessly powered sensors, medical device safety, and public policy for information security & privacy.

Kevin was recognized as an IEEE Fellow, Sloan Research Fellow, MIT Technology Review TR35 Innovator of the Year. He received best paper awards from USENIX Security, IEEE S&P, and ACM SIGCOMM. He co-founded healthcare cybersecurity startup Virta Labs. He is a member the Computing Community Consortium Council, ACM Committee on Computers and Public Policy, and the USENIX Security Steering Committee. Kevin previously served as program chair of USENIX Security, a member of the U.S. NIST Information Security and Privacy Advisory Board, a visiting scientist at the U.S. Food & Drug Administration, and an advisor for Samsung’s Strategy and Innovation Center. Kevin received his B.S., M.Eng., and Ph.D. from MIT. He earned a certificate of artisanal bread making from the French Culinary Institute.

Flavio Garcia
University of Birmingham, UK
Title Beneath the Bonnet: a Breakdown of Automotive Diagnostic Security
Biography Flavio Garcia is a Professor of Computer Security at the Birmingham Centre for Cyber Security and Privacy, University of Birmingham. His work focuses on the design and evaluation of cryptographic primitives and protocols for embedded devices like smart cards and automotive components. His research achievements include breakthroughs such as the discovery of vulnerabilities in four of the most widely used contactless smart cards in electronic payment (e.g. Oyster Card) and access control systems (e.g. Amsterdam Airport).

In the field of automotive security, Garcia has found critical security vulnerabilities in the HiTag2 and Megamos Crypto immobilizer key fobs. Furthermore, his research shows that many automotive remote keyless entry systems have serious vulnerabilities that allow an adversary to wirelessly open the vehicle’s doors (without having the key).

Over the last few years, Garcia has been working on the development of semi-automated security analysis tools, some of which have been able to detect MITM TLS vulnerabilities in several banking apps.

Daniel Gruss
IT Sicherheit, Austria
Title Recent Developments in Microarchitectural Attacks: Meltdown, Spectre, and Rowhammer.
Abstract In this talk, we will discuss software-based microarchitectural attacks, with a focus on Meltdown and Spectre. We will discuss memory timing and cache attacks. After building our first cache
attack we will directly continue with Meltdown and Spectre. The talk will provide a detailed explanation of how these attacks fundamentally work. We will discuss countermeasures to protect against these attacks. Finally, we will discuss how we got into this situation with microarchitectural attacks and what we can learn from this development.
Biography Daniel Gruss (@lavados) is a PostDoc at Graz University of Technology. He has been involved in teaching undergraduate courses since 2010. Daniel’s research focuses on software-based side-channel attacks that exploit timing differences in hardware and operating systems. He implemented the first remote fault attack running in a website, known as Rowhammer.js. He spoke at top international venues, including Black Hat USA 2016, Usenix Security 2015 & 2016, ACM CCS 2016, IEEE S&P 2018, the Chaos Communication Congress 2015, and many more. His research team was one of the four teams that found the Meltdown and Spectre bugs published in early 2018.
Mirosław Kutyłowski
Wroclaw University of Technology, Poland
Title Emerging security challenges for ubiquitous devices
Abstract Creation of widespread systems composed of presumably low cost devices brings new and severe security challenges.

The first challenge discussed is loosing strict control over device production and distribution — they have to be considered as retail market products of an uncertain origin. Consequently, we cannot assume that they do not contain trapdoors and weaknesses (both intentional as well as unintentional ones). Our approach proposed is to deploy watchdog devices that secure protocol execution. The strategy is not to redesign the protocols from scratch, but to replace problematic basic components of these protocols by their secure versions controlled by the watchdog.

The second challenge concerned is privacy is ad hoc networks. In most situations we require identification of at least one of the protocol partners and transmitting its identifier in clear. As communication is frequently over a public channel, this inevitably creates a good opportunity for a Big Brother. Unfortunately, in this area there are only some partial solutions, especially if only symmetric cryptography is concerned.

Biography Mirosław Kutyłowski is a full professor at Wrocław University of Science and Technology. Graduated at Wrocław University, later a Humboldt Fellow at Technical University Darmstadt and Hochschuldozent at Paderborn University. Currently elected to the state Commission for Academic Degrees in Poland. He is a visiting professor at Xidian University. He specializes in technologies devoted to personal data protection, such as anonymous communication protocols, e-voting, pseudonymous signatures, as well as privacy protection mechanisms for electronic identity documents and IoT. He also focuses on protection against malicious cryptography and subversion resilience.
Bart Preneel
University of Leuven, Belgium
Title Challenges for Embedded Cryptography
Agusti Solanas
Universitat Rovira i Virgili, Spain
Title An Introduction to Privacy-Preserving Process Mining: A Study in the Healtcare Sector
Abstract In this invited talk we will recall the idea of Process Mining (PM) and, we will revise its origins and current state of development. Since PM has been applied to a variety of fields, we will focus on its use in the healthcare sector, and explore its main applications in this field. After identifying the most relevant challenges that PM has to face, we will concentrate on one of the most relevant: Privacy, and we’ll propose the notion of Privacy-Preserving Process Mining (3PM). We will show some simple privacy vulnerabilities of common process mining techniques and suggest possible countermeasures. We will illustrate those vulnerabilities with real examples from the healthcare sector, and show some preliminary analyses and experimental results. The talk will be introductory in nature and might be of interest to researchers in the field of privacy protection, data science, and hospital management.
Biography Dr. Solanas is the head of the Smart Health Research Group and Associate Professor at the Rovira i Virgili University (URV), Catalonia. He obtained an M.Sc. degree in Computer Engineering from URV in 2004 with honours (Outstanding Graduation Award). He received a Diploma of Advanced studies (M.Sc.) in Telematics from Technical University of Catalonia (UPC) in 2006. He obtained a Ph.D. in Telematics Engineering from UPC in 2007 with honours (A cum laude). In 2012 and 2013, he was visiting researcher in the Department of Mathematics and Physics of the University of Rome Tre (Italy), and in the Department of Mathematics of the University of Padua (Italy), respectively. His fields of activity are mobile health, smart health, privacy, ubiquitous computing, and artificial intelligence specifically: clustering, pattern recognition and evolutionary computation. He has participated and led several research projects, and authored over 150 publications. He is senior member of the IEEE.
Edgar Weippl
TU Wien, Austria
Title Distributed Ledger Technology, Blockchain & Crypto Currencies – Hype & an Opportunity for Interdisciplinary Research
Abstract With the increase of interconnectivity and ubiquitous data access, new services have emerged. Distributed Ledger Technologies and their underlying principles can be used to reach agreement or consensus upon a distributed state in a highly distributed environment. They have many different aspects and can therefore be viewed from various angles, including the financial and economic, legal, political, and sociological perspective, as well as considering technical and socio-technical points of view.

In the presentation I will show three aspects that are important in our research: (1) theoretical foundations, (2) understanding real world phenomena, and (3) impact. For instance, proof-of-work (PoW) as used in Bitcoin is not only relevant to achieving consensus but also serves as a source of randomness. Without it leader selection becomes an issue. Finally, understanding economic incentives and malicious behavior to undermine consensus in public blockchains is important to create a stable cryptocurrency environment upon which new services can be built.

Biography Edgar R. Weippl is Research Director of SBA Research and Privatdozent at the Vienna University of Technology and teaches at several universities of applied sciences. He focuses on (1) fundamental and applied research on blockchain and distributed ledger technologies and (2) security of production systems engineering.
He is on the editorial board of Elsevier’s Computers & Security journal (COSE), PC chair of ESORICS 2015, general chair of ACM CCS 2016 and PC Chair of SACMAT 2017.
Wenyuan Xu
Zhejiang University, China