Invited Speakers

Eric Vétillard

[slides]Three Views on IoT Security

After a few years of peddling IoT security to a wide variety of people, it is clear that one of the main problems with IoT Security is the difficulty to pinpoint the problem. Traditional security consultants teach a functional view of IoT security, where authentication, encryption, Web security, blockchain if they are up-to-date, address the issue. Some other specialists insist on a resilient view, where hardware security and resistance to attacks play an essential role. IoT developers, on the other hand, have a practical view that comes from hard real-life constraints, such as the decentralized nature of IoT, as well as economic constraints. A great challenge for the IoT security community is to pinpoint issues and propose solutions that reconcile these three views of security into solutions that are safe, robust, and practical. Drawing from examples, this talk will propose a few directions of investigation for developers and researchers.

Eric VĂ©tillard is a security architect at Prove&Run, building IoT security solutions based on formally-proven microkernels for customers around the world. Before that, he was a Product Manager for Oracle, in charge of the security of Oracle's IoT Cloud Service and of Java Card technology. Before that, Eric spent 15 years working in various companies on all aspects of Java Card technology, from implementation to attacks, specification to application validation, as architect, evaluator, consultant, and blogger. Eric holds a Ph.D. from the University of Marseille.

Ventzi Nikov

[slides]Security outside the black-box model :
Challenges and Countermeasures

For nearly two decades we know that one should not only consider security in the black-box model. Various physical (passive/active/combined) or pure SW attacks have been introduced in the grey and white box adversary models. How did we as community cope with the much stronger and practical attacks, how did we counter such adversaries? Do we have sound models reflecting those attacks? Do we have provably secure theoretical countermeasures? Are they also practical?

In this talk I will use a bottom up approach starting from unprotected implementations, going through protected symmetric crypto implementations in both HW and SW and I will wrap-up with secure execution and platform security. I will show what in my opinion has been achieved in the last decade in defensive plan against passive (SCA), active (FA), combined and pure SW attacks. In parallel I will also list the challenges which remain open. This talk will conclude with a discussion on what level of security is considered relevant nowadays and how can we improve upon the current status.

Ventzislav Nikov received master's degree in mathematics from Sofia University, Bulgaria and Ph.D. degree in cryptography from the Eindhoven University of Technology, The Netherlands. He was a Security Expert and Architect from 2000 to 2002, with ACUNIA, Belgium, and from 2004 to 2007, with Philips, Belgium. Since 2007, Ventzislav Nikov is with NXP Semiconductors, Belgium, first as a Principal Security Researcher and then Cryptographer, Security Expert and Architect in BU S&C. His current research interests include cryptography, in particular side-channel resistant implementations and symmetric cryptographic primitives; security applications such as content protection and software/hardware IP protection; and secure computation.

David Oswald

[slides]Breaking automotive remote keyless entry systems, or :
Why your car is not a safe box.

In recent years, the security analysis of automotive systems has gained significant attention. Notable contributions include attacks on the vehicle CAN bus (Miller/Valasek and Koscher et al.) and the immobilizer system (Garcia/Verdult and Bono et al.). In this talk, we present our work on the (in)security of automotive remote keyless entry (RKE) systems, i.e., the part of the car key that allows to wirelessly open and close the doors and the trunk. We demonstrate different attacks on two extremely wide-spread RKE systems: the scheme used by the VW group (Volkswagen, Seat, Skoda, Audi) and the Hitag2 system (employed by a number of vendors including Alfa Romeo, Peugeot, Lancia, Opel, Renault, and Ford among others).

The VW system can be broken due to the lack of key diversification - its security relies on a few global keys, which, once extracted from control units in the vehicle, allow to clone a VW remote by eavesdropping a single rolling code from a distance. In contrast, the Hitag2 system is vulnerable to cryptanalytic attacks on the outdated stream cipher. Using a new correlation-based attack, extracting the secret key of a remote requires four to eight rolling codes and negligible computation.

This talk concludes with a discussion of these attacks in a broader context and an outline of potential countermeasures.

David Oswald is a lecturer at the University of Birmingham in the Security and Privacy Group. His main field of research is the security of embedded systems in the real world. On the one hand, the focus is on attack methods that exploit weaknesses in the physical implementation of mathematically secure cryptographic algorithms. Those techniques include both (passive) side-channel analysis and (active) fault injection. On the other hand, he is working on the practical realization of security systems in embedded applications. He is co-founder of the Kasper & Oswald GmbH, offering innovative products and services for security engineering. His research on vulnerabilities of various wide-spread systems (e.g. automotive RKE systems, DESFire RFID smartcards, two-factor authentication tokens, and electronic locking systems) has created awareness for the crucial importance of security for embedded devices.

Important Dates

15 Jan. 2017Final version
07-09 Nov. 2016Conference
07 Oct. 2016Pre-proceeding version
08 Sept. 2016Notification
15 July 2016Submission deadline


Mar. 2017Proceedings are freely available online (for 4 weeks) on
04 Oct. 2016Final program is online.
03 Oct. 2016Early-bird deadline has been extended to Oct. 5th.
02 Oct. 2016List of accepted papers is online.
27 Sept. 2016Call for Participation is online.
15 Sept. 2016Preliminary program is online.
16 Aug. 2016Registration is now open.
12 Aug. 2016LightCrypto will be collocated with CARDIS the 09-10th of November.
02 May 2016Website is online.

Organised by: