IEEE Secure Development Conference

October 18 - 20, 2021
Virtual Conference

Sponsored by the IEEE Computer Society Technical Committee on Security and Privacy



Posted on: October 4th, 2021 by SecDev
Panel: Challenges and Opportunities in Implementation and Verification of Cryptography

Moderator: Daniel Dinu, Intel
  • Joey Dodds, Galois
  • Dave Novick, Intel
  • Bryan Parno, Carnegie Mellon University
  • Sophie Schmieg, Google
  • Yuval Yarom, University of Adelaide

Abstract: Cryptography is an important component of the security of many information systems, providing foundational security services, such as confidentiality, integrity, and authentication. Implementation and verification of cryptographic algorithms is a demanding task because any mistake or unintended optimization may result in an exploitable security vulnerability. In addition, correct utilization of cryptographic implementations requires some knowledge of cryptography to avoid security issues. At the same time, many have difficulty in choosing a secure and easy-to-use implementation from the abundance of cryptographic implementations written in different languages.

This panel will focus on the challenges and opportunities that stem from the implementation and verification of cryptography in both hardware and software. The discussion aims to cover different aspects of this topic, such as correct and secure implementations of cryptographic algorithms, design, and utilization of cryptographic libraries, tools for secure implementation and automated verification, design of cryptographic interfaces, audit and certification of code, training, and patch management.