May 19 2016
Dr. William Whyte, Chief Scientist for Security Innovation, a cybersecurity provider and leader in the 2015 Gartner Magic Quadrant for Security Awareness Training, will be presenting at the Fourth International Cryptographic Module Conference in Ottawa, Ontario.
The International Cryptographic Module Conference is a growing forum for global expertise in commercial cryptography. At the fourth annual edition of the conference in May, industry leaders from over 20 countries will convene to address the unique challenges faced by those who produce, use, and test cryptographic modules, with a strong focus on standards such as FIPS 140-2, ISO/IEC 19790, and Common Criteria. The conference helps to foster a focused, organized community of users. ICMC covers the technical design problems to meet the standard, with a particular emphasis on the challenges posed as technology advances with respect to the current standards.
At the conference Dr. Whyte will be presenting on Quantum Safety In Certified Cryptographic Modules. In this presentation, Dr. Whyte will be discussing the risk and outline a possible solution, based on the Quantum-Safe Hybrid handshake submitted for consideration to the IETF TLS working group which combines a quantum-safe key exchange based on a one-time key with a standard authenticated classical key exchange. The presentation will survey the acceptability of this approach within different certification regimes and argue that for some cases, including FIPS 140-2, the quantum-safe hybrid approach should form an acceptable certified mode for a module to be run in, thereby providing confidentiality while preserving the certified status of the device. As Dr. Whyte explains it,
“If quantum computers are developed faster than anticipated, certification would mandate insecure modules, given the time to approve and implement new quantum resistant algorithms. Worse, it is conceivable that data encrypted by a certified module is more vulnerable than data encrypted by a non-certified module that has the option of using a quantum-safe encryption algorithm.”
William Whyte is chair of the IEEE 1363 Working Group for new standards in public key cryptography and has served as technical editor of two published IEEE standards, IEEE Std 1363.1-2008 and IEEE Std 1609.2-2006, as well as the ASC X9 standard X9.98. Before joining Security Innovation, he was the Chief Technology Officer of NTRU Cryptosystems. He previously served as Senior Cryptographer with Baltimore Technologies in Dublin, Ireland. Dr. Whyte holds a PhD from Oxford University on Statistical Mechanics of Neural Networks and a B.A. from Trinity College.
About Security Innovation
Since 2002, Security Innovation has been the trusted partner for cybersecurity risk analysis and mitigation for the world’s leading companies, including Microsoft, Sony, GM, Disney, Google and Dell. Recognized as a Leader in the Gartner Magic Quadrant for Security Awareness Computer-Based Training for the second year in a row, Security Innovation is dedicated to securing and protecting sensitive data in the most challenging environments - automobiles, desktops, web applications, mobile devices and in the cloud. Security Innovation is privately held and headquartered in Wilmington, MA USA. For more information, visit www.securityinnovation.com.
About International Cryptographic Module Conference
ICMC is presented by the Cryptographic Module User Forum. CMUF provides a voice and communications channel between the community of unclassified cryptographic module (CM) and unclassified cryptographic algorithm developers, vendors, test labs and other interested parties, and the various national, international, and multi-lateral organizational committees, schemes, and policy makers. For more information, visit icmconference.org