CHES

IACR

Conference on Cryptographic Hardware and Embedded Systems 2016 (CHES 2016)

CHES 2016 Panel

Goal of this panel is to have a discussion centering around the most important security challenges for the next ten years. In particular the paradigm change from standalone offline solutions (e.g. smartcards) to connected always online solutions (e.g. smartphone) will fundamentally change security architectures for many use cases. On the one hand there is a huge additional attack vector, but on the other hand it allows to mitigate risks via frequent updates and/or real-time anomaly checks. At the same time, traditional offline attack methods (e.g. side-channel or fault attacks) are more and more utilized by hackers remotely via software only, such as the Rowhammer attack for privilege escalation or cache-timing attacks on cloud based server instances to retrieve secret-keys. Further directions include IoT, V2X, autonomous driving, Industrial Control Systems, Smart Health, etc.

We chose 4 panelists in order to bring new insights to the CHES community, beyond secure co-processors, lightweight crypto, side-channel and fault attacks. We would like to see a few trade-offs addressed including secure hardware and software-only solutions, safety and security, data-driven security and privacy, amongst others. Each panelist will give a short opening statement, followed by a moderated on-stage discussion between the panelists. Then we will open up the floor for questions from the audience.

Panelists:

Gemma Galdon Clavell

Gemma Galdon Clavell

Director
Eticas Research & Consulting
Spain

Dr. Gemma Galdon Clavell is a policy analyst working on surveillance, social, legal and ethical impacts of technology, smart cities, privacy, security policy, resilience and policing. She is a founding partner at Eticas Research & Consulting and a researcher at the Universitat de Barcelona's Sociology Department. She completed her PhD on surveillance, security and urban policy in early 2012 at the Universitat Autonoma de Barcelona, where she also received an MSc in Policy Management, and was later appointed Director of the Security Policy Programme at the Universitat Oberta de Catalunya (UOC). Previously, she worked at the Transnational Institute, the United Nations' Institute for Training and Research (UNITAR) and the Catalan Institute for Public Security. She teaches topics related to her research at several foreign universities, mainly in Latin America, and is a member of the IDRC-funded Latin American Surveillance Studies Network. Additionally, she is a member of the international advisory board of Privacy International and a regular analyst on TV, radio and print media. Her recent academic publications tackle issues related to the proliferation of surveillance in urban settings, urban security policy and community safety, security and mega events, the relationship between privacy and technology and smart cities.


Alex Gantman

Alex Gantman

Vice President of Engineering
Qualcomm Technologies, Inc.
USA

Alex Gantman serves as Vice President of Engineering for Qualcomm Technologies Inc. He is responsible for leading the Qualcomm Product Security Initiative (QPSI), and was one of the founding members of QPSI in 2006. In his current role, he oversees product security support across all business units and market segments, including Mobile Computing, Networking, Automotive, Healthcare, Smart Home, Wearables, and Internet of Things.
Alex joined Qualcomm in 1996 as a software engineer and supported a variety of product teams until 2001 when he received his master's degree in Cryptography and Network Security. He then transitioned to a product security role where he focused on architectural risk assessments, secure system design, and secure protocol analysis and design. His technical expertise spans a wide domain of computer security, from silicon-level hardware security to web application and protocol security.
Alex holds numerous patents in the field of computer security. He received Bachelor's (1998) and Master's (2001) degrees in Computer Science from the University of California, San Diego.


Daniele Perito

Daniele Perito

Senior Software Engineer
Square
USA

Daniele Perito works at Square as a senior software engineer where he leads the security and anti-fraud team working on Square Cash. Prior to working at Square, Daniele was a postdoctoral researcher at UC Berkeley where he worked on a broad range of research topics ranging from machine learning and security to the security of brain/computer interfaces. Daniele completed his PhD at Inria Rhône-Alpes where he focused on software based attestation of embedded devices.


David M. Uze

David M. Uze

President & CEO
Trillium Incorporated
Japan

With more than twenty-five years of experience in the high-tech arena as a senior executive, David has had extensive involvement in the field of cybersecurity throughout his career.
Broad industry experience in technology comes from executive leadership roles in Semiconductors (President of Freescale Semiconductor Japan & Korea; Corporate Vice President of Asia Pacific Commercial Sales & Marketing at Advanced Micro Devices), PC/Server/Data Security Systems (General Manager of Global Corporate Programs at Dell), Enterprise Software & Solutions (CEO of Metatron Technologies, Inc.) and Wireless Telecommunications (General Manager of North Asia at LCC International; General Manager of Japan at Marconi Communications (Mobile Systems International).
Before entering the technology sector, Mr. Uze worked in management consulting at Deloitte & Touche, banking and finance at Continental Bank & First Options of Chicago. Apart from his broad experience in the technology sector, David brings to the panel a unique understanding for the complex relationship between customer demands, cryptographic technical hurdles and industry resistance to paradigm shifting revolutionary leaps forward in cyber security technology. David and Trillium's technology strategy are driven by a conviction that the future of IoT and automotive cybersecurity must be software based to adapt to the rapidly evolving cyber threats faced by the connected economy.