CWI researchers Steven Pemberton, Marc Stevens and Robbert de Haan will give four lectures at the OHM conference, which takes place from 31 July to 4 August 2013 in Geestmerambacht, the Netherlands.
- 31 July 2013, 17h, T1, Steven Pemberton: What do we Want from the Web?
- 1 August 2013, 13h, T2, Marc Stevens: Counter-cryptanalysis: fire retardant for the next Flame-like attack on MD5 & SHA-1
- 1 August 2013, 13h, T4, Robbert de Haan: Secure Multi-Party Computation
- 1 August 2013, 17h, T1, Steven Pemberton: Evolution, memory, sex, computers
OHM2013: Observe. Hack. Make. is an international technology and security conference in a unique form. Five days of technology, ideological debates and hands-on tinkering. OHM2013 is the largest hackercamp in its kind in Europe in 2013 and will attract thousands of visitors.
Summarized abstracts of the CWI speakers:
What do we Want from the Web?
By Steven Pemberton
The web is now over 20 years old, but still in its infancy. Books printed 100 years ago are still readable, and available in many cases. Will we still be able to read and access websites made today in 100 years time? Or will all our content be lost to future ages? What is needed to make the web age-tolerant? What do we want from the web in both the short and long term?
Counter-cryptanalysis: fire retardant for the next Flame-like attack on MD5 & SHA-1
By Marc Stevens
The supermalware Flame spread itself using the Microsoft Windows Update platform as a properly, but illegitimately, signed security patch. Flame achieved this with a cryptanalytic attack on the core PKI of Microsoft to forge a signature. In this talk I will discuss the state-of-the-art in collision attacks on MD5 and SHA-1, present details about my surprising discovery about Flame's cryptanalytic attack and show how a novel technique called "counter-cryptanalysis'' can prevent the next Flame-like attack.
Secure Multi-Party Computation
By Robbert de Haan
During this talk I will provide a general introduction to secure multi-party computation, which is the cryptographic research area that studies techniques that allow two or more parties to securely simulate a trusted third party. I will also discuss some practical applications and recent developments. (...) There are in fact many applications that could use such a system, such as for instance auctions, voting or simply the secure storage and handling of a company database. Unfortunately, actually finding an incorruptible party with a perfectly secure system is quite a challenging task. The cryptographic research area of secure multi-party computation therefore studies techniques that allow two or more parties to securely simulate such an incorruptible party in order to obtain a similar level of security. Such a secure simulation can be set up in a number of different ways depending on the number of participating parties and the amount of trust the participants are willing to invest in each other. In the strictest setup possible, where the parties opt to only trust themselves, any hacker attacking the system after its initialization is forced to successfully compromise all of the participating parties in order to obtain any data at all. This for instance makes it a very potent tool for stalling or preventing attacks that aim to compromise company databases.
Evolution, memory, sex, computers.
By Steven Pemberton
In genetics they talk of the "phenotype". This is any observable characteristic or trait of an organism including its form and structure, development, behaviour, and even products of behaviour such as a bird's nest. An unusual property of humans (compared with other organisms) is language, since for the first time information about long-term survival can be passed by other means than genes. This has led to the creation of the subject of 'memes', as analogous to genes, as carriers of information in human society.
Memes have allowed humans to create buildings, cities, and to fly like gods through the sky, albeit often in rather cramped surroundings with terrible food. And to create computers. So should we regard computers as part of the phenotype of humans? And if so, should we care? (...) So since memes have become just as important as genes for survival, this means that it is just as important to have ideas as to have babies (...).
But what happens when our computers start having better ideas than us?
