Training School 2018 :: Event

Training School
16-20 April 2018
Azores, Portugal
Training School Cryptacus Azores 2018
 
Home


The Event
Programme >>
Speakers >>

Participation Info
Registration >>
Grants >>

Practical Info
Venue >>
Travel info >>
Accommodation >>

Social Activities
Gala Dinner >>
Social Event >>
City Hall Reception >>


PhD Session >>
Pitches & Posters >>
Extended Abstracts >>


COST Meetings >>


FutureDB Workshop >>


Contact >>


Sponsors >>


sponsors

 

 

 

Programme

trsc18_program

Speakers

  • Lejla Batina, Radboud University, NL
    Talk: “Physical attacks: from a concept to real-world
  • Herbert Bos, Vrije Universiteit Amsterdam, NL
    Talk: “The vulnerability of bug-free software: scary side channels and hardware horrors
  • Srdjan Capkun, ETH Zurich, CH
    Talk: “On Secure Positioning and Location-Based Security
  • Ricardo Chaves, INESC-ID/IST, University of Lisbon, PT
    Talk: “Science and Communication
  • Joan Daemen, Radboud University, NL and STmicroelectronics, BE
    Talk: “Recent Innovations in lightweight crypto
  • Tiago Dias, ISEL, Polytechnic of Lisbon, PT
    Talk: “Science and Communication
  • Maria Eichlseder, Graz University of Technology, AT
    Talk: “Differential cryptanalysis
  • Daniel Gruss, Graz University of Technology, AT
    Talk: “Software-based Microarchitectural Attacks: The Case of Meltdown and Spectre
  • Handan Kılınç, EPFL, CH
    Talk: “Threat Models in Distance Bounding
  • Markus Kuhn, University of Cambridge, UK
    Talk: “Efficient, Portable Template Attacks
  • Mirosław Kutyłowski, Wrocław University of Science and Technology, PL
    Talk: “GDPR and legal challenges for designing distance bounding protocols
  • Pedro Matutino, ISEL, Polytechnic of Lisbon, PT
    Student Demo Session
  • Nele Mentens, KU Leuven, BE
    Talk: “Configurable computing for cryptographic implementations
  • Kasper Rasmussen, University of Oxford, UK
    Talk: “Body Impedance for Authentication, Key Generation and Device Pairing
  • Mark Ryan, University of Birmingham and HP Labs Bristol, UK
    Talk: “Hardware-assisted secure execution environments
  • Nuno Santos, INESC-ID/IST, University of Lisbon, PT
    Student Demo Session
  • Patrick Schaumont, Virginia Tech, US
    Talk: “Fault-Attacks on Embedded Software: Threats, Design and Evaluation
  • Kevin Valk and Andres Wandurraga, RISCURE, NL
    Talk: “A day in the life of an embedded security analyst
  • Practical Session: “Defeating SCA countermeasures on a real device

Talks and Practical Sessions

lejla_batina Lejla Batina
Radboud University, NL
Monday, April 16, 11h30
Title: Physical attacks: from a concept to real-world
Abstract: Physical attacks are a continuous and present threat for embedded devices. In this talk I will survey relevant issues with side-channel and fault attacks on embedded crypto implementation and adequate countermeasures. Then I will present some recent attacks on real-world implementations and in particular I will explain how we break an Ed25519 implementation in WolfSSL, which is a use case for IoT applications. I will describe two recent attacks on the scheme, one of which is based on power analysis and the other one relies on fault injection by glitching techniques.
Bio: Lejla Batina is a full professor at the Institute of Computer and Information Sciences at the Radboud University in Nijmegen, the Netherlands. Her research focuses on applied cryptography and hardware security, and in particular on public-key cryptography.  She received a VIDI grant by the Dutch government, which allowed her to start her own research group working on different aspects of applied cryptography and embedded security. She received her Ph.D. in cryptography from Katholieke Universiteit Leuven, Belgium in 2005 and her M.Sc. degree from the University of Zagreb Croatia (1995). She has also studied at the Eindhoven University of Technology, (Mathematics for industry, Professional Doctorate in Engineering in 2001) and worked as a cryptographer for SafeNet B.V. (2001-2003).
She has published more than 100 refereed papers, served at 70+ program committees and gave more than 30 invited talks at conferences and summer schools. She has chaired RFIDSec09 and CHES 2012 (as general co-chair) she was a program co-chair of CHES 2014 (the IACR flagship conference on cryptographic hardware) in Busan, Korea. For more information please see: http://www.cs.ru.nl/~lejla/.
herbert_bos Herbert Bos
Vrije Universiteit Amsterdam, NL
Thursday, April 19, 09h00
Title: The Vulnerability of Bug-free Software: Scary Side Channels and Hardware Horrors
Abstract: Just a few years ago, my security lectures at the university would start with the observation that security problems are caused by bad software. But as it turns out, even “perfect” software can be exploited. A new wave of vulnerabilities attacks software by exploiting bizarre effects in common hardware. Some of the best-known examples are Meltdown, Spectre, and the Rowhammer bug in modern DRAM chips. Moreover, these attacks may sound like science fiction, but they have now become entirely practical and even deployable at scale.
In this session, we will explore how these vulnerabilities work, and where they occur. Rowhammer is only one example. Other fundamental issues with hardware elements such as caches and MMUs are equally relevant. The effects of these attacks are often devastating. Examples are leakage of sensitive data and the corruption of a system’s control flow. We will cover some issues and techniques to exploit “perfect” software.
Bio: Herbert Bos is a professor at Vrije Universiteit Amsterdam in the Netherlands where he heads the VUSec research group. He obtained his Ph.D. from Cambridge University Computer Laboratory (UK). Coming from a systems background, he drifted into security a few years ago and never left. He is very proud of his (former) students, three of whom have won the Roger Needham Ph.D. Award for best Ph.D. thesis in systems in Europe. In addition, VUSec has won three of the four Pwnie Awards awarded to researchers in the Netherlands. He claims that his life would be happier if he found a very good systems postdoc to hire (so if this is you, do apply!).
srdjan_capkun Srdjan Capkun
ETH Zurich, CH
Monday, April 16, 10h30
Title: On Secure Positioning and Location-Based Security
Abstract: In this talk I will review security issues in today’s navigation and close-range positioning systems. I will discuss why GNS systems like GPS are hard to fully secure and will present novel solutions that can be used to improve the robustness of GNS systems to attacks. I will then show how a different design of a positioning system can enable secure positioning, but also that this requires solving a set of relevant physical- and logical- layer challenges. Finally I will present a design and implementation of a fully integrated IR UWB secure distance measurement (distance bounding) system that solves these challenges and enables secure distance measurement and secure positioning in IoT applications. Finally, I will review possible uses of positioning in security applications such as authentication and access control.
Bio: Srdjan Capkun (Srđan Čapkun) is a Full Professor in the Department of Computer Science, ETH Zurich and Director of the Zurich Information Security and Privacy Center (ZISC). He was born in Split, Croatia. He received his Dipl.Ing. Degree in Electrical Engineering / Computer Science from the University of Split in 1998, and his Ph.D. degree in Communication Systems from EPFL in 2004. Prior to joining ETH Zurich in 2006 he was a postdoctoral researcher in the Networked & Embedded Systems Laboratory (NESL), University of California Los Angeles and an Assistant Professor in the Informatics and Mathematical Modelling Department, Technical University of Denmark (DTU). His research interests are in system and network security. One of his main focus areas is wireless security. He is a co-founder of 3db Access, a company focusing on secure distance measurement and proximity-based access control, and of Sound-Proof a spin-off focusing on usable on-line authentication. In 2016 he received an ERC Consolidator Grant for a project on securing positioning in wireless networks.
joan_daemen_crop Joan Daemen
Radboud University, NL and STmicroelectronics, BE
Tuesday, April 17 at 10h30
Title: Recent Innovations in Lightweight Crypto
Abstract: Imagine there’s no block ciphers, it’s easy if you try:-) A (cryptographic) permutation can be thought of as a block cipher (like AES or DES) without a key (or with a fixed key if you prefer). During the SHA-3 competition it became clear that permutation-based hashing, e.g., by using the sponge construction, is superior to block-cipher based hashing (as in MD5, SHA-1 and SHA-2). By including a key in the sponge input, it can readily be used for message authentication (MAC) and by exploiting the arbitrarily long sponge output even for stream encryption. The duplex variant of sponge widens the spectrum to, among other, authenticated encryption and reseedable pseudorandom generation and was adopted by a dozen submissions to the CAESAR competition for authenticated ciphers. The disadvantage of the sponge and duplex constructions is that they are inherently serial. To address this, we introduced a fully parallel counterpart of the sponge, called Farfalle and propose a brand new permutation called Xoodoo. Clearly, there is a lot going on in permutation-based crypto and this talk will get you up to date.
Bio: Joan Daemen is full Professor symmetric cryptography at Radboud University and is also affiliated to STmicroelectronics as a security architect. He works in symmetric cryptography and is best known for the design of Rijndael together with Vincent Rijmen and the conception of sponge functions and Keccak, together with Guido Bertoni, Gilles Van Assche and Michaël Peeters. The former won the AES contest in 2000 and the latter won the SHA-3 contest in 2012. His current research interests include permutation-based symmetric cryptography, secure implementations and correlation matrices.
maria_eichlseder Maria Eichlseder
Graz University of Technology, AT
Friday, April 20, 11h30
Title: The toolbox of differential cryptanalysis
Abstract: Differential cryptanalysis is a swiss army knife for the security analysis of symmetric cryptographic algorithms, such as (authenticated) encryption schemes or hash functions. By investigating the behavior of a cryptographic algorithm for two similar, but slightly different inputs, we can extract secret information or forge malicious messages. In this talk, I will discuss how differential cryptanalysis can be applied to different types of crypto algorithms, how automated tools can help the cryptanalyst or designer, and what challenges can arise when designing lightweight ciphers.
Bio: Maria Eichlseder is a PhD candidate in the Cryptography group at Graz University of Technology. Before, she completed the master studies programme Computer Science and the two bachelor programmes Computer Science and Technical Mathematics. Her main research interests are the design and cryptanalysis of symmetric cryptographic algorithms, in particular hash functions like SHA-2, as well as authenticated encryption algorithms and their primitives. She is a co-designer of Ascon, currently competing as a finalist in the ongoing CAESAR competition for authenticated ciphers, and several other designs.
IT Sicherheit
IT Sicherheit
Daniel Gruss
Graz University of Technology, AT
Thursday, April 19, 10h30 (Talk)
April 19 and 20 (Practical Session)
Title: Software-based Microarchitectural Attacks: The Case of Meltdown and Spectre
Abstract: When asked how to crack a safe open, most people will have a picture in mind, where a thief uses a stethoscope to listen to the inadvertent clicking noises of the lock. Despite usually not being clicking noises, the security of modern computers suffers similar problems. Adversaries can use inadvertent side effects of caching to crack our digital safes open. In this talk we will start with the basics on software-based microarchitectural attacks like Flush+Reload and then look at the simple attacks that can be performed. Based on this, we will gain a deep understanding of the recent Meltdown and Spectre attacks. Finally, we will discuss what consequences we should take, given the increasing relevance of microarchitectural attacks.
Practical Session: How to have a Meltdown
In this practical session we will start with simple cache attacks and gradually move towards Meltdown. For this purpose we will start measuring cache timings. We will then use cache timing to transmit information between two processes – a so-called covert channel. Afterwards we will proceed to a more malicious scenario where we spy on keystrokes of another process. Finally we will mount a Meltdown attack against our own operating system.
Bio: Daniel Gruss (@lavados) is a PostDoc at Graz University of Technology. He finished his PhD with distinction in less than 3 years. He has been involved in teaching undergraduate courses since 2010. Daniel’s research focuses on software-based side-channel attacks that exploit timing differences in hardware and operating systems. He implemented the first remote fault attack running in a website, known as Rowhammer.js. He spoke at top international venues, including Black Hat USA 2016, Usenix Security 2015 & 2016, ACM CCS 2016, the Chaos Communication Congress 2015, and many more. His research team was one of the four teams that found the Meltdown and Spectre bugs published in early 2018.
handan_kilinc Handan Kılınç
École Polytechnique Fédérale de Lausanne (EPFL), CH
Wednesday, April 18, 11h30
Title: Threat Models in Distance Bounding
Abstract: A distance bounding (DB) protocol is a two-party authentication protocol between a prover and a verifier which is based on the distance between the prover and the verifier. It aims to defeat threats by malicious provers (Distance Fraud, Distance Hijacking, Terrorist Fraud) who try to convince that they are closer to the verifier or adversaries which seek to impersonate a far-away prover (Man-in-the-Middle Adversaries). All these threats are covered in several security definitions and it is not possible to have a single definition covering all. In this talk, I will talk about these threats and explain a new security model called secure hardware model where we can have a single definition covering all.
Bio: Handan Kılınç is a Ph.D. student in Computer and Communication Sciences at Ecole Polytechnique Fédérale de Lausanne, under supervision of Professor Serge Vaudenay. She is currently working on position in cryptography. She earned her M.Sc. degree in Computer Sciences and Engineering from Koç University in 2014, under the supervision of Assistant Professor Alptekin Küpçü. She did her research in secure and fair multi-two party computation during her master studies. She earned double B.Sc. degrees in Mathematics and Computer Engineering in 2012, from TOBB University of Economics and Technology.
markus_kuhn Markus Kuhn
University of Cambridge, UK
Monday, April 16, 14h00
Title: Efficient, Portable Template Attacks
Abstract: Template attacks recover data values processed by tamper-resistant devices from side-channel waveforms, such as supply-current fluctuations (power analysis) or electromagnetic emissions. They first profile a device to generate multivariate statistics of the waveforms emitted for each of a set of known processed values, which then identify maximum-likelihood candidates of unknown processed values during an attack. We identify several practical obstacles arising in the implementation of template attacks, ranging from numerical errors to the incompatibility of templates across different devices, and propose and compare several solutions. We identify pooled covariance matrices and prior dimensionality reduction through Fisher’s linear discriminant analysis as particularly efficient and effective, especially where many attack traces can be acquired. We evaluate alternative algorithms not only for the task of recovering key bytes from a hardware implementation of the Advanced Encryption Standard; we even reconstruct the value transferred by an individual byte-load instruction, with success rates reaching 85% (or a guessing entropy of less than a quarter bit remaining) after 1000 attack traces, thereby demonstrating direct eavesdropping of eight-bit parallel data lines. Using different devices during the profiling and attack phase can substantially reduce the effectiveness of template attacks. We demonstrate that the same problem can also occur across different measurement campaigns with the same device and that DC offsets (e.g., due to temperature drift) are a significant cause. We improve the portability of template parameters across devices by manipulating the DC content of the eigenvectors that form the projection matrix used for dimensionality reduction of the waveforms.
Bio: Markus G. Kuhn received the Diplom-Informatiker degree from the University of Erlangen-Nürnberg, Germany, in 1996, the M.Sc. degree from Purdue University, IN, in 1997, and the Ph.D. degree from the University of Cambridge, U.K., in 2002, all in computer science. He is currently a Senior Lecturer in computer science with the University of Cambridge. His research interests include hardware and signal-processing aspects of computer security, in particular compromising emanations, side-channel attacks, distance bounding protocols, and the security of RFID and navigation systems.
miroslaw_kutylowski Mirosław Kutyłowski
Wrocław University of Science and Technology, PL
Wednesday, April 18, 14h00
Title: GDPR and legal challenges for designing distance bounding protocols
Abstract: Introduction of General Personal Data Regulation (GDPR) in Europe creates new challenges for design and implementation of IoT. Due to a large scale deployment and distributed nature of such systems, the range of potential problems is very broad. Among others, such systems might be used for evil purposes hidden behind innocent functionalities. On the other hand, according to GDPR a party deploying IoT is responsible for potential security breaches. Moreover, security of such a system must be demostrable, meaning at least immunity against known attack techniques. So despite physical and economical limitations of the devices concerned, possibilities of subversion by malicious parties, the overall system should be to secure against realistic threats. We present practical consequences of GDPR for design and implementation of GDPR compliant IoT systems. We discuss some attack scenarios focused on violation of privacy as well as basic protection techniques.
Bio: Mirosław Kutyłowski is a full professor at Wrocław University of Science and Technology. Graduated at Wrocław University, later a Humboldt Fellow at Technical University Darmstadt and Hochschuldozent at Paderborn University. Currently elected to the state Commission for Academic Degrees in Poland. He is a visiting professor at Xidian University. He specializes in technologies devoted to personal data protection, such as anonymous communication protocols, e-voting, pseudonymous signatures, as well as privacy protection mechanisms for electronic identity documents and IoT. He also focuses on protection against malicious cryptography and subversion resilience.
nele_mentens Nele Mentens
KU Leuven, BE
Tuesday, April 17, 11h30
Title: Configurable computing for cryptographic implementations
Abstract: The security strength and the implementation security of cryptographic algorithms are continuously analyzed and improved. Therefore, cryptographic agility is desirable, i.e. the ability of cryptographic algorithms and implementations to cope with changing attack scenarios and security requirements. In this talk, cryptographic agility is addressed from the implementation perspective, namely through configurable computing. The talk will cover both commercial off-the-shelf and application-specific configurable computing platforms. The differences in design approach, performance and security properties will be compared.
Bio: Nele Mentens received her master and Ph.D. degree from KU Leuven in 2003 and 2007, respectively. Her Ph.D. focused on secure and efficient coprocessor design for cryptographic applications on FPGAs. Currently, Nele is an associate professor at KU Leuven. Her research interests are in the domains of reconfigurable platforms for security applications, design automation for cryptographic hardware and security in constrained environments. Nele was a visiting researcher for 3 months at the Ruhr University Bochum in 2013 and at EPFL in 2017. She was/is the PI in around 15 finished and ongoing research projects with national and international funding. She served as a reviewer for many international conferences and journals and was/is part of the program committee of around 50 international conference editions. Nele is (co-)author in approximately 100 publications in international journals, conferences and books.
kasper_rasmussen Kasper Rasmussen
University of Oxford, UK
Wednesday, April 18, 10h30
Title: Body Impedance for Authentication, Key Generation and Device Pairing
Abstract: Body Impedance is an effective biometric because each human body exhibits a unique response to a signal applied at the palm of one hand and measured in the palm of the other hand. We will see how body impedance can be used both as a traditional biometric; to generate cryptographic keys for use in traditional security purposes; or for device pairing.
Our device pairing scheme is based on the idea that two devices can pair, if they are physically held by the same person (at the same time). To pair two devices, a person touches a conductive surface on each device. While the person is in contact with both devices, the human body acts as a transmission medium for intra-body communication and the two devices can communicate through the body. This body channel is used as part of a pairing protocol which allows the devices to agree on a mutual secret and, at the same time, extract physical features to verify that they are being held by the same person. We prove that our device pairing protocol is secure with respect to a strong threat model and we build a proof of concept set-up and conduct experiments with 15 people to verify the idea in practice.
Bio: Kasper Rasmussen is an Associate Professor in the Computer Science Department at the University of Oxford. He joined the department in 2013 and in 2015 was awarded a University Research Fellowship from the Royal Society in London. Prior to being at Oxford, Kasper Rasmussen spent two years as a post-doc at University of California, Irvine. Kasper Rasmussen did his Ph.D. with prof. Srdjan Capkun at the Department of Computer Science at ETH Zurich (Switzerland), where he worked on security issues relating to secure time synchronization and secure localization with a particular focus on distance bounding. His thesis won the “ETH Medal” for an outstanding dissertation from the Swiss Federal Institute of Technology and he was additionally awarded the Swiss National Science Foundation (SNSF), Fellowship for prospective researchers.
mark_ryan Mark Ryan
University of Birmingham and HP Labs, Bristol, UK
Wednesday, April 18, 09h00
Title: Hardware-assisted secure execution environments
Abstract: A wide variety of hardware-assisted secure execution environments (SEEs) have been proposed and built in recent years, but it’s quite hard to understand what they can do, and how secure they are. The talk will focus on how they can be used to support security guarantees to cloud computing clients. The first part of the talk will describe a perspective for understanding SEEs and how they relate to each other, and what they’re good for. Next, I will focus on TPM and Intel SGX, and highlight some interesting technical features with examples. Finally, I will speculate on what is needed in this area to improve things (audience participation will be welcomed :-)
Bio: Mark Ryan is Professor of Computer Security and leads the Security and Privacy group in Birmingham, where he also holds the HP Research Chair in Cyber Security. From 2010 to 2015, he was EPSRC Leadership Fellow, also at Birmingham. He is best known for his work on analysis of security systems (e.g. electronic passport security and mobile phone security), electronic voting privacy and anonymity (e.g. in trusted computing, electronic voting, passports, telephones and email), and the tension between security and privacy. In recent work, he has focussed on technologies that support the relationship between privacy and security.
patrick_schaumont Patrick Schaumont
Virginia Tech, US
Friday, April 20, 09h00
Title: Fault-Attacks on Embedded Software: Threats, Design and Evaluation
Abstract: Embedded software is developed under the assumption that hardware execution is always correct. Fault attacks break and exploit that assumption. Through the careful introduction of targeted faults, an adversary modifies the control-flow or data-flow integrity of software. The modified program execution is then analyzed and used as a source of information leakage, or as a mechanism for privilege escalation. Due to the increasing complexity of modern embedded systems, and due to the difficulty of guaranteeing correct hardware execution even under a weak adversary, fault attacks are a growing threat. We present a review on hardware-based fault attacks on software, with emphasis on the context of embedded systems. We present a detailed discussion of the anatomy of a fault  attack, and we make a review of fault attack evaluation techniques. In the first part of the talk, we bring the perspective from the attacker, rather than the perspective of countermeasure development. However, we emphasize that improvements to countermeasures often build on insight into the attacks. In the second part of the talk, we discuss a generic countermeasure against fault injection attacks, based on micro-architecture enhancements and software support. The FAME (Fault Aware Microprocessor Extension) architecture uses sensors to capture fault injection and uses software to provide a user-defined fault response. FAME also has specialized support to analyze the effect of fault injection into the microprocessor, leading a better insight into the failing of embedded software under a fault attack. We present a prototype ASIC design and preliminary testing data. We demonstrate that, compared to traditional redundancy based techniques, FAME has a lower overhead in area as well as in performance.
Bio: Patrick Schaumont is a Professor in Computer Engineering at Virginia Tech. His research interests are in design and design methods of secure, efficient and real-time embedded computing systems. He received the Ph.D. degree in Electrical Engineering from UCLA in 2004 and the MS degree in Computer Science from Ghent University in 1990. In 2014 he was a visiting researcher at the National Institute of Information and Telecommunications Technology (NICT) in Japan. He served as program co-chair for several conferences in cryptographic and secure engineering, including CHES, HOST, WESS, and RFIDsec. He received the National Science Foundation CAREER Award in 2007, and received a Certificate of Teaching Excellence from Virginia Tech in 2017.
Kevin Valk
RISCURE, NL
Thursday, April 19, 11h30 (Talk)
Andres Wandurraga
RISCURE, NL
April 19 and 20 (Practical Session)
Talk: A day in the life of an embedded security analyst
Abstract: Testing embedded systems security is a complex task, their security can be compromised by software or hardware vulnerabilities. Testing (breaking) the products is done by specialized companies and security analysts. We present a normal day from the job of an embedded system security analysts, and perform an introduction to practical side channel attacks.
Practical Session: Defeating SCA countermeasures on a real device
In this practical session we will use the Riscure Hack me (RHme) hardware platform to run cryptographic algorithms. We will attack the provided implementation and review basic side channel analysis countermeasures. We will then attack these countermeasures and try to extract the keys from the protected implementations.
Bio: Kevin Valk earned his M.Sc in Computer Science (security track) from the Radboud University.  He works as a security analyst at Riscure, where he performs security evaluations on software-based solutions. He works on the mobile security market and has a special love for whitebox-cryptography. He helps organize and run an annual hardware hacking contest called the Riscure Hack me.
Bio: Andres Wandurraga is an Electrical Engineer with a M.Sc on Embedded Systems at TU Delft. He is currently a security analyst at Riscure. He works in the mobile security market, embedded systems, and occasionally trusted execution environments, and chipsets. He spends most of his time reverse engineering software, analyzing payment solutions, and performing penetration tests.  He helps organize and run an annual hardware hacking contest called the Riscure Hack me.
Ricardo Chaves
INESC-ID/IST, University of Lisbon, PT
Tiago Dias
ISEL, Polytechnic of Lisbon, PT
Friday, April 20, 10h30 (Talk)
Talk: Science and Communication
Abstract: Communication is an essential part of knowledge and human evolution. However, as any other tool, if not properly used, it can be rather inefficient or even cause damage. In this talk, we will discuss how to make a successful use of several communication techniques during a talk, varying from written language to body language. Additionally, we will also discuss practical aspects related to scientific research, including information gathering, result usage and analyses, and associated methodology.
Bio: Ricardo Chaves is an Associate professor at the Computer Science Department at the University of Lisbon/IST and a researcher at INESC-ID. He received his Ph.D. degree, in 2007, in electrical and computer engineering from TUDelft and from the University of Lisbon. His research interests are focused on cryptography systems, reconfigurable hardware architectures, and on embedded and user oriented systems. He is an active member of HiPEAC and in the Management Committee of the CRYPTARCUS (of which he is the vice-leader of WG3) and is an IEEE senior member. He was also a member of the EU COST Actions TRUDEVICE. He was involved in several ongoing project European projects, such as EMC2 (focused on critical computational systems) and Rethink (the future of peer-to-peer internet). As also participated in several other European and National project (FARNuSyC, Threads, Mobipag, HELIX, Sideworks, SCryBAM, CORTIVIS, Safira). He recently organized the TRUDEVICE 2014 training school and the CRYPACUS 2018 training school.
Bio: Tiago Dias received his PhD degree in Electrical and Computer Engineering from the University of Lisbon in 2015. Currently, he is an assistant professor in the Electronics, Telecommunications and Computers Engineering Department at ISEL, the engineering school of the Polytechnic of Lisbon, and a researcher at INESC-ID Lisbon. His research interests include the design of embedded systems, computer architectures and specialized hardware structures for cryptography and video coding. Tiago has been involved in several European and National projects, such as EMC2, Threads, HELIX, AMEP or COSME, and he is (co-)author of several scientific papers on international journals and conferences. Also, his research work has been recognized with several international and national awards, namely the DASIP’13 Best Paper Award, the 2011 “Stamatis Vassiliadis” Best Paper Award, the DASIP’10 Best Poster Award and the REC’05 Best Paper Award.
Pedro Matutinos
ISEL, Polytechnic of Lisbon, PT
Nuno Santos
INESC-ID/IST, University of Lisbon, PT
Tuesday, April 17, 09h00 (Demos)
Student Demo Session
Abstract: This session will allow the participants of the training school to showcase their ongoing work via the live demonstration of software and / or hardware artifacts, which can range from a simple proof-of-concept prototypes to full-featured systems or tools.
Bio: Pedro Miguens Matutino is Assistant Professor, at the Electronic and Telecommunications and Computer Engineering Department (DEETC) of the High Institute of Engineering of Lisbon (ISEL), Polytechnic Institute of Lisbon (IPL), in Portugal, since 2002. He is also a researcher at INESC-ID, where he is working in the Signal Processing Systems (SIPS) research group. He received the B.Sc., M.Sc. and Ph.D degrees on Electrical and Computers Engineering from Instituto Superior Técnico (IST), University of Lisbon, in 1999, 2002 and 2015, respectively. He was involved in National project (FARNuSyC, Threads, Semi-automatic mobile system for detecting defects in landfill liners). His current research work is mainly focused on the research, development and implementation of Residue Number Systems architectures, namely on RNS coprocessors, arithmetic units and conversions units. He recently organized the CRYPACUS 2018 training school.
Bio: Nuno Santos is an Assistant Professor of the Computer and Information Systems Department at Instituto Superior Técnico, University of Lisbon, and a research member of the Distributed System Group at INESC-ID Lisbon. His research interests span the areas of security and trusted computing. He finished his PhD in 2013 at Max-Planck Institute for Software Systems / Saarland University, Germany. During his PhD, he built several systems aimed at improving trust in cloud, enterprise, and mobile platforms. He developed novel policy-based trusted execution runtimes that take advantage of trusted computing hardware, namely Trusted Platform Module (TPM) in the context of cloud infrastructures, and ARM TrustZone in the context of mobile devices. His work has resulted in the publication of multiple peer-reviewed articles in journals and conferences, such as ASPLOS, USENIX Security, PETS, and Middleware. He was the recipient of a best paper award in Middleware’07.