 Mike Mike person Mike person. All right. I'm gonna sacrifice my own Mike Colin. You should swallow this. Okay. All right. There we go Mike, I'm here to talk to you about a problem a problem of a lack of Time-trip time travel resistant crypto because this is what people are gonna see in the future. They're gonna see Everyone looking at post-quantum crypto, but ignoring time travel and And post-quantum crypto There's some theory that maybe there's a good powerful computer that's gonna cause Quantum computing to be possible. Who knows and when it exists. It's very bad. So we should all concentrate on this to me This sounds like something else sounds like time travel and You might ask okay, Colin, but where are the time travelers if time travel is possible surely they would be among us and Maybe we don't know of them yet Maybe honestly, would you visit 2019 if you could time travel? Would you go now? Probably not and maybe we can only transfer little bits of information There's some immediate applications of time travel resistant crypto if you haven't kept up with the academic publications You might have missed time AI which entangles a key stream from both the past and the future And it was presented at black at USA amongst other various steam venues. So this is a very real real problem We need to solve The other thing is that time travel might require us to first create a closed time-like curve So this means time travel will become possible once this happens. So suddenly we will have to deal with time travel Okay, so what are some attacks we look to solve So the first one you could do is we could do a brute force attack and we simply go 14 billion years in the future Once we start our computer, we've recovered the aeski and we go back to the the present. So that's pretty trivial We could transfer the key material if we knew where the HSM is located at a past point in time Could we read the bits out of that HSM? And this is especially critical because maybe we can only transfer particles instead of full humans The other thing we have is the evil cryptographer attack So what if someone from the future went back in time to implement poor crypto and Who would that look like? They would contribute work that's suspiciously open suspiciously free And it would be used in the industry and the industry would very clearly have a vague understanding So I won't name names, but I think among us We might have an idea who could be time travelers and would fit this criteria There's many solutions for it So I would propose for example we could define a standard for where some bits must go that should be encrypted in the future And the future self has solved this problem. They encrypt the bits and then sends it back to us Of course, we would have to figure out how we incentivize the future cryptographers to do this So that's a bit of an open problem, but this would be a great chess 21 2021 topic So I know Benedict will be looking to set the future of chess and so this type of material will be very interesting. I'm sure TTRC is inherently future proof post quantum crypto is not inherently future proof so that you know that sounds cool But it's not we might be new architectures like non-causal cryptography There's quite a bit of possibilities here So I implore you to consider time travel resistant crypto and I look forward to your submissions in future chess sessions Okay Thanks Colleen and the next one is physically unclogable functions stochastic methods wanted and the I guess talk is by Sylvan Gulley Yohi Hori and Jung Samkang sorry for butchering your names and Sylvan will give the talk. There's a time to put up the slides I guess All right Going so in the past or in the future. Let me see. Whoops. Whoops. I need to go in the future Ah maybe missing you know So maybe let's you know Let's And go back in the past apparently we ate his slides And We'll try again We'll try we'll get another chance at the end of the rum session. Sorry about that. Okay, Colleen But you're back on about why go to use the x2020 So you might want to go to use next 2020 and maybe that's because you want a city with Irish heritage Where people like drinking I don't need it. There's one slide and good international flights However, I would say instead of that consider going to selected areas of cryptography, which pending approval is in Halifax Which also has lots of Irish heritage People like drinking and no direct flights to Germany On the plus side slightly cheaper and there's probably gonna be dogs So when you're considering where to go In August I implore you to consider the selected areas in cryptography conference most likely in Halifax Thanks, Colleen Okay, and the next one is sacred open source side channel library by Isherd and Benjamin Timon would give the talk I think you actually have a mic now Try it. Hi everybody. Good evening. Yes, so It works better if you put it here. Sorry the clicker. Yes Going keep going No, other way other way You're going to the past we want the future keep going Yes Yeah, you're still going to the past Yes, one more click good start Okay, so it's a presentation to talk about scared which is a new open source library for side channel so at Isherd we have been working on side channel tools in Python and Jupyter and Some people in the community they express the interest to having access to the code of these tools So we also think open source is a good practice And a good initiative So we decided it's a good time to release our base side channel library in Python make it available to everybody So this is scared So for scared we put a special focus on three things which are the performances the quality and the documentation The documentation is available online already. You can have a look to it So this is an extract of the documentation Inside the library you will find basically Everything you expect from a side channel library. So we have some module to do trace management With different format based on abstract readers We have a preprocessing module to perform preprocessing before the attack for example to do higher-order attacks Some analyzes module to perform analysis with different distinguishes. So we have implemented the different state-of-the-art distinguisher like DPA, CPA, MIA, but also template, ANOVA, etc All these analysis can be performed on different targets So AS, DES with different selection function to target different part of the algorithm We also have different leakage model of course different discriminant to Process a score at the end of the attack For this library, we really want the project to be open So we will keep updating the tool in the future In the coming release you will find some for example some signal processing toolbox to perform Re-synchronization of traces. So All the API are accessible through like a high-level API's which are user-friendly But if you want to do some more complex things if you want to Make attack do more complex analysis You also have access to the low-level API which are composable and extendable So in a few line of code this is an example of how you could be scared So if you are in a notebook, you can just import scared and you can already in a few line of code few line of code perform an attack so For example, you define your data set you can load your data set define your selection function to define where you want to attack Define your attack object and then you can run the attack and the scores are in the attack object and you can exploit this course So concerning performances we we have decided to benchmark the library to know where it stands in terms of performances So this topic is always a bit delicate performances So basically what we did is we we found mainly one reference online Which is this open source open source benchmark of different side-channel Tools what we do what we did is we basically took that as a basis and we extended the result of this benchmark with the latest libraries for side-channel so This is the result we got so the first result on the left the three first result are coming from the original benchmark And we have extended as I said with a new new new new frameworks basically, we Won the same test which was a CPA on 1,000 100,000 traces AS target to the same benchmark test We did it on this equivalent configuration equivalent desktop and so this is the result we got With this result so scared is the last one. This is the time execution of the benchmark test And so this one give us confidence as the the library is quite performant to perform side-channel As I said is one of the thing we try to focus on is the Performances, so we put a special focus on code optimization So just to finish on this part So as I said is maybe a bit delicate to benchmark and compare frameworks if you have different results On on similar benchmark feel free to to to come to us. We will be happy to share and discuss on this topic So to conclude To to get started with scared everything is already available online So to install it you can install through the classic channel you can keep install scared Condo install scared the code is available on git lab and github and the documentation is also available So feel free to have a look to download scared to play with it And we really hope it will bring positive things in the community Thank you Okay, so the next one up announcements for crusade 2020 and Guido and Francisco should be here somewhere Oh, here's Guido. Go ahead. The floor is yours and please use the clicker responsibly The right way. Thank you So 11 edition of cosade probably the best workshop for safe channel So it will be in Lugano which is near Italy in Switzerland and near Germany beautiful lake Topics implementation attacks and exploitation secure implementation residential architecture and scheme secure design and evaluation and design tools. I Don't know what is Alfred. Oh, come on Come on So paper submission December 1st Notification in January 2020 and the workshop will be beginning of April So we wait you to welcome in Lugano sure that most of you want to sponsor So please refer to general chair if you want to sponsor and Francesco myself will be there Program chair. Thank you cool, and now we're gonna retry the failed attempt from last time so Sylvia and are you around for your talk that we messed up come on come on So, let's try that again. Well, Peter manually configures the slide Wonderful Apple GUI right here live. You have to hit. Oh Literally dragon drop. All right, so let's try that Sylvia and the floor is yours So, yeah, I wanted to say a few words about the puffs There are many talks about puffs Most of them are actually, you know, a kind of negative like attacks on the path, but actually there's a lot of Business and good things to do to secure our life and One way to make some progress is actually to do some standardization. Okay this work was initiated, I guess five years ago at ISO and We almost now have something published Regarding the requirements. This means what you expect from a puff. So what is a good puff? There are some properties to be met. Okay, so Basic definitions about things, you know, like how steady is my puff? How random is it, etc? So, okay, let me move to the next one The second part is still at its infancy. So you see it is WD WD means working draft. So we still welcome contributions and The kind of contribution we welcome is here actually some stochastic models to model the steadiness and the entropy So please do some research to also theoretically model the puff and those examples will be used as Kind of motivation in the next standardization Okay, thank you. Don't hesitate to contact actually the the editors So Yoi Hori from Japan Yusung Kang and myself. Okay. Thank you very much All right and for the final talk of the session We have Dominique Forte who is the last minute addition to the program So we're not quite sure what he's gonna talk about but at least we hope he is Okay, thank you everybody for and thank you for the chairs for giving me time to make some shameless plugs So first if you were at the talks earlier today, we talked about thank you Covert gate and one thing that I wanted to mention is that UF and fix is Running a de obfuscation competition actually two obfuscation competitions One of which is starting next month. So please, you know send your send your Request to me if you want more information. We'd be happy to have more folks in the competition and The reason we divided actually into two competitions because our own competition had competition so the first part of the competition is actually focused on a Scan chain protection mechanism for obfuscation and The second part will have to be focused on the covert gates that I presented earlier today And again, if you have more if you want more information, please let me know and the second The second the second thing I wanted to talk about Is actually I wear multiple hats and I'm wearing the host general chair hat this year as well So before I get accused of you know Poaching lots of audience members and exhibitors and folks from chess and causing checks at 2019 I just want to you know, let you know that chess is is basically almost 20 years old, right? So you're almost of legal drinking age in the United States But host is it's still not even old enough to get into a PG-13 movie. It's just 12 years old so please we need we need more folks to join chess as well as host and So at host we have We've been growing we have about 310 d's now Plus and we're trying to grow grow more from there. No 14 minus 1 12 So it also depends on where you start counting from the workshop or the conference so we may actually even be younger than 12 We may actually be 10 years old So yeah, please please, you know join us at at host. We'd be happy to have you know we're welcoming all kind of work there and We're even starting a Hopefully a large-scale exhibition this year It'll be our first year in San Jose and You know, we'd like to have you guys there. That's all I wanted to say Thanks, guys Thank you very much. So this sort of concludes the rum session We hope that you had some fun and there's actually two people we would like to really thank for Well this setup so first Laurence punny who was already mentioned a few times there He wrote that script and this web server that display stuff there on top and Hilary Taylor who gave us her laptop so that we can actually run that web server on some actual hardware So please big. Thank you to the two of them and then And also we had slight concerns if it would be a good idea to let 400 security researchers post completely uncensored comments on slides live and We're very very glad that it worked out that nicely and so also a big applause to you I think it speaks for the community. Thank you and this term session is now closed