Experts expect the arrival of the era of quantum computers in the near future, and that is why the main topics of this year's CHES conference were post-quantum cryptography, attacks on cryptographic implementations, and how to protect against them. Unfortunately, some contemporary cryptographic algorithms are vulnerable to hacking attacks led by quantum computers. The conference showed new protection solutions that will be resistant to these attacks.
One of the keynote speakers, Prof. Peter Schwabe, in his talk entitled "High-Security Cryptography in Practice - Challenges and Recent Results" justified why we need to change the way we build cryptographic software. He showed that tools and languages from the field of so-called "high assurance cryptography" are much more suitable for creating trustworthy cryptography implementations and are starting to be usable even for users who are not experts. He discussed the challenges we need to address to make high assurance cryptography the de facto standard in cryptographic engineering. Schwabe is a research group leader at the Max Planck Institute for Security and Privacy and a professor at Radboud University in the Netherlands. He works on post-quantum cryptography and co-authored security keys that help secure Google's Internet communications.
The second keynote speaker, Thomas Unterluggauer, discussed how Intel is addressing the security of Intel Core and Intel Atom processors in his talk "Microarchitecture Security: the Current State". He presented an overall strategy to help protect customers from security vulnerabilities in Intel microarchitectures. He also described how hardware and software resources can work together to mitigate different classes of vulnerabilities so that software has control over specific tradeoffs between security level and performance. He presented all of this with specific examples to help developers understand the potential threats, and explained how to specifically mitigate the risks. Unterluggauer is a security researcher at Intel Labs (Security & Privacy Research), where he researches attacks on microarchitectures and defenses against them.
"The conference was of great benefit to the participants, they received the latest information from the world of cyber security, as evidenced by the very positive feedback we received from the participants during the conference," says Prof. Hana Kubátová, co-chair of the conference. "Our students from the Department of Digital Design at FIT CTU got a unique opportunity to learn new trends in the field they are studying, to meet scientists and industry experts from all over the world," adds Dr. Ing. Martin Novotný, co-chair of the conference, who is engaged in cryptological research at the Embedded Security Laboratory at FIT CTU.
The Test of Time Award is traditionally presented at the conference. This award is given to a paper that was published at CHES 20 years ago and whose quality and relevance to cryptology has been tested by time. This year, this award was given to the 2003 publication A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD. In it, authors Gilles Piret and Jean-Jacques Quisquater described a fault injection attack that has subsequently become the standard for testing the robustness of cryptographic implementations against this class of attacks. This attack is still used today in testing both in industry and in certification labs.
On the occasion of the 25th edition of the conference, its founders Prof. Çetin Kaya Koç, Prof. Christof Paar and long-time participant Prof. Jean-Jacques Quisquater talked about the history of CHES - how a small workshop in 1999 became the world's largest and most important conference on hardware cryptography under the auspices of the IACR.
Information on CHES https://fit.cvut.cz/cs/zivot-na-fit/aktualne/udalosti/19103-conference-on-cryptographic-hardware-and-embedded-systems-2023