Cryptographic Hardware and Embedded Systems (CHES), one of the world’s most prestigious cybersecurity conferences, brought 520 experts from 37 countries to Prague, and 68 more joined online. Each year, the event significantly influences global trends in cryptology and the security of embedded systems that are part of smart devices, i.e. the security of all of us. The conference was held on 10-14 September 2023 for the first time in the Czech Republic, and FIT CTU had the honour of organizing it.
Experts expect the arrival of the era of quantum computers in the near future, and that is why the main topics of this year’s CHES conference were post-quantum cryptography, attacks on cryptographic implementations, and how to protect against them. Unfortunately, some current cryptographic algorithms are vulnerable to hacking attacks by quantum computers. The conference showed new protection solutions that will be resistant to these attacks.
One of the keynote speakers, Prof. Peter Schwabe, in his talk entitled “High-assurance crypto in practice — Challenges and latest results”, explained why we need to change how we create cryptographic software. He showed that tools and languages from the “high assurance cryptography” field are much more suitable for creating trustworthy cryptography implementations and are starting to be usable even for non-expert users. He discussed the challenges we need to address to make high-security cryptography the de facto standard in cryptographic engineering. Schwabe is a research group leader at the Max Planck Institute for Security and Privacy and a professor at Radboud University in the Netherlands. He works on post-quantum cryptography and is co-author of the security keys that help to secure communications on Google’s Internet.
The second keynote speaker, Thomas Unterluggauer, discussed how Intel addresses the security of Intel Core and Intel Atom processors in his talk “Microarchitectural security: current state of affairs”. He presented an overall strategy to help protect customers from security vulnerabilities in Intel microarchitectures. He also described how hardware and software resources can work together to help mitigate different classes of vulnerabilities so that software can control specific compromises between security level and performance. He presented all of this using particular examples to help developers understand the potential threats and explained how to mitigate the risks specifically. Unterluggauer is a security researcher at Intel Labs (Security & Privacy Research), researching microarchitecture attacks and defences against them.
“The conference was a great benefit for the participants; they received the latest information from the world of cyber security, as evidenced by the very positive feedback we received from the participants during the conference,” said prof. Hana Kubátová, co-chair of the conference.
“Our students from the Department of Digital Design at FIT CTU got a unique opportunity to learn new trends in their field of study and to meet scientists and industry experts from all over the world,” added Dr.-Ing. Martin Novotný, co-chair of the conference, who works on cryptological research at the Embedded Security Laboratory at FIT CTU.
The Test of Time Award is traditionally presented at the conference. This award is given to a paper published at the CHES conference 20 years ago, whose quality and relevance to cryptology have been tested over time. This year, the award went to the 2003 publication “A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD”. Its authors, Gilles Piret and Jean-Jacques Quisquater, described a fault injection attack that has subsequently become the standard in testing the robustness of cryptographic implementations against this class of attacks. This attack is still used today in testing both in industry and in certification laboratories.
On the occasion of the 25th anniversary of the conference, its founders, Prof. Çetin Kaya Koç and Prof. Christof Paar, and its long-time participant, Prof. Jean-Jacques Quisquater, talked about the history of CHES – how a small workshop in 1999 became the world’s largest and most important conference on hardware cryptography under the auspices of the IACR.
