This is an archive site. For information regarding the current edition of ICMC, please visit www.ICMConference.org.

An Expert Community of Users Focused on The FIPS 140-2 Standard

Experts from around the world convened at ICMC 2013 to address the unique challenges faced by those who produce, use, and test cryptographic modules that conform with standards such as FIPS 140-2 and the ISO/IEC 19790 standard. The conference  helped to foster a focused, organized community of users. ICMC covered the technical design problems to meet the standard, with a particular emphasis on the challenges posed as technology advances with respect to the current standards.

ICMC reviewed technical topics underlying the implementation of a cryptographic module including physical security, key management, side-channel analysis, cryptographic algorithm implementation testing, standardization (FIPS 140-2, ISO/IEC 19790), validation programs and more.

Who Should Attend

The conference is for those interested in developing, specifying and procuring certified commercial off the shelf cryptographic modules; manufacturers of cryptographic modules compliant with FIPS 140-2 or ISO/IEC 19790 around the world; laboratories and government departments responsible for testing cryptographic modules against FIPS 140-2 or ISO/IEC 19790 including the U.S., Canada, Japan, South Korea and Spain; key players and stakeholders in standards development; leading members of the academic community; embedded systems OEMs; and the side channel research community.

Conference Agenda

A detailed conference agenda is now available. Presentations included:

  • CAVP/CMVP Status – What’s Next? by Sharon Keller, NIST, Carolyn French, CSEC, Randall Easter, NIST
  • The Current Status of CMVP in Korea by Yongdae Kim, Korea Advanced Institute of Science and Technology
  • Physical Security Protection Based on Non-deterministic Configuration of Integrated Microelectronic Security Features by Tamas Visegrady, Silvio Dragone, and Michael Osborne, IBM Research – Zurich
  • Non-Invasive Attacks Testing: Feedback on Relevant Methods by Sylvain Guilley, TELECOM-ParisTech, Robert Nguyen, Secure-IC S.A.S, Laurent Sauvage, Secure-IC
  • Panel: How Can The Validation Queue For The CMVP Be Improved? Moderated by: Fiona Pattinson, Director of Strategy and Business Development, atsec security, Panelists: Michael Cooper, NIST, Steve Weymann, Infogard, James McLaughlin, Gemalto and others TBA
  • Test Vector Leakage Assessment (TVLA) Methodology in Practice by Jeremy Cooper, Elke Demulder, Gilbert Goodwill, Joshua Jaffe, Gary Kenworthy, Pankaj Rohatgi, Cryptography Research
  • High Impact CMVP and FIPS 140-2 Implementation Guidance by Kim Schaffer, Apostol Vassilev, Jim Fox, NIST
  • Electro Magnetic Fault Injection in Practice by Rajesh Velegalati, Jasper Van Woudenberg, Riscure
  • Understanding the FIPS Government Crypto Regulations for 2014 by Edward Morris, Co-Founder, Gossamer Security Solutions
  • Analysis of an Anti-CPA Cryptographic Module Structure, the Pipelined DES Module by Jian Liu, CEC Huada Electronic Design
  • FIPS and FUD by Ray Potter, CEO, SafeLogic
  • Double DPA Attacks That Can Eliminate Power Hiding Effectively by Jianfeng Liu, Zhe Wang, Feiyu Wang, Shunxian Gao, Xiaguang Zheng, CEC Huada Electronic Design
  • A Study on the Certify Interoperability of Commercial Cryptographic Module Validation by Neng Gao, Jiwu Jing, Yuewu Wang, Limin Liu, State Key Laboratory of Information Engineering, Chinese Academy of Sciences, Beijing, China
  • Entropy: Order from Disorder by Tim Hall, Apostol Vassilev, NIST
  • The Upcoming Transition to New Algorithms and Key Sizes by Allen Roginsky, Kim Schaffer, NIST
  • On The Physical Security of Random Number Generators in Practice by Hongsong Shi, CNITSEC
  • Approved vs. Non-Approved: Decoding the Language by Yi Mao, atsec Information Security
  • Software in Silicon: Cryto-Capable Processors by Valerie Fenwick, Oracle Solaris Security, Darren Moffat, Oracle Solaris Secruity, David Weaver, Oracle SPARC Hardware, Wajdi Feghali, Intel
  • Pattern Based FIPS 140-2 Crytographic Module Validation by Steve Weymann & Mark Minnoch, InfoGard Laboratories
  • Key Management Overview by Allen Roginsky & Kim Schaffer, NIST
  • Securing the Supply Chain for COTS ICT Products by Sally Long, The Open Group
  • Implementing SM2 Crytographic Module on Graphics Processing Units by Neng Gao, Jiwu Jing, Yuewu Wang, Limin Liu, State Key Laboratory of Information Engineering, Chinese Academy of Sciences, Beijing, China
  • Implementation and Assessment on Cryptography for Payment Solutions by Yan Liu, atsec Information Security
  • Panel: Everything You Always Wanted to Know About Labs (But Were Afraid to Ask…)
  • Static and Dynamic Libraries: Loading Mechanisms