All times are in CET. Access via BBB at The access password can be requested by email to Aline Bartel (

Tuesday 28.09.

28.09. 8:45 Organisers Welcome

28.09. 8:50 Manfred Lochter (Bundesamt für Sicherheit in der Informationstechnik)
IT security and quantum technologies
The talk discusses the implications of quantum technologies for IT security. The recommendations of the BSI on the migration to quantum secure cryptography will be detailed and current developments will be surveyed. In addition some, from the perspective of the BSI important, research questions and topics will be outlined.

28.09. 10:00 Joppe Bos (NXP Semiconductors)
An Introduction to FrodoKEM and Post-Quantum Crypto for Embedded Devices
One of the Round 3 candidates of the ongoing NIST post-quantum standardization effort is FrodoKEM. In this presentation I will give an introduction to the design of FrodoKEM and show some implications and considerations of post-quantum cryptography in practice on embedded devices.

Coffee break and discussions.

28.09. 12:00 Stiepan Aurélien Kovac (QRCrypto SA)
The Way to Full Range (including Quantum Resistant) Cyber Security
As PR China today and tomorrow, North Korea, criminal and/or terrorist groups attained “quantum supremacy”, the race to put up with the attackers on the defensive side has never been so fierce – with quantum-resistant a.k.a what is considered strong cryptography, “post-quantum”, as a key element of that defense strategy – leading to investments of billions in quantum IT to be on par with what increasingly became the “other side” in a new, global technological war. With the clear support of strong cryptography by the US CISA, followed by the NSA’s non-contradictory post-quantum advice, holistic cyber security systems such as are now in demand, more than ever. And the good news is that, as with the AES competition back in the time, Europe leads this race towards post-quantum “armors”, both symmetric and asymmetric, despite all active (often state-sponsored) & passive attempts at derailing it “at all costs”.

28.09. 15:00 Edoardo Persichetti (Florida Atlantic University)
Code-based Cryptography and Post-Quantum Standardization
Code-based cryptography has emerged as one of the strongest candidate to replace current cryptographic standards based on classical number theory problems such as RSA and El Gamal. In this talk, I will give an overview of the area, and describe some of my work towards the design of secure and efficient post-quantum primitives.

28.09. 16:00 Virendra Sule (Indian Institute of Technology Bombay) and Shravani Shahapure (Data Security Council of India)
Boolean Cryptanalysis: Breaking Bivium
This talk describes an algorithm for computing all solutions of Boolean systems of equations called the implicant based Boolean system solver. This algorithm is an inherently parallel method of solving Boolean systems and is computationally superior than brute force search. Every thread in the algorithm is processed in parallel and discarded if it does not result in a satisfying condition. No re-initialization of starting point is required as in many SAT algorithms. The talk shows an application for solving boolean systems arising in cryptanalysis of stream ciphers. The application to cryptanalysis requires developing and using a boolean symbolic model of the cipher. The talk describes and discusses difficulties and importance of boolean symbolic modeling. A case study demo of modeling and key recovery of a toy cipher and recent results on estimates of breaking the 80 bit symmetric key cipher Bivium in practically feasible time and memory using the Boolean solver are presented.


Wednesday 29.09.

29.09. 10:00 Virendra Sule (Indian Institute of Technology Bombay)
Algorithms for Local Inversion of Maps: Application to Cryptanalysis.
This talk presents an approach to cryptanalysis of block and stream ciphers as an application of an algorithm for local inversion of maps F: GF(2)^n → GF(2)^n. The local inversion problem requires to find all solutions x in GF(2)^n of the equation y = F(x). In cryptanalysis situations y corresponds to known plaintext-ciphertext or known IV-keystream data. A complete algorithm for local inversion is first briefly presented and then an incomplete but practically useful algorithm is presented. The incomplete algorithm shows that when the iterative sequence y, F (y), F^2(y), … has small linear complexity of polynomial order then x can be computed in polynomial time. This would potentially allow symmetric key recovery in polynomial time. But the computation of all solutions x of the local inversion of y by the complete algorithm requires exponential time computation. On the other hand the complete algorithm can be advantageous for the estimation of realistic computational efforts and resources in time and memory for cryptanalysis of realistic cases of cipher algorithms.


29.09. 10:45 Benjamin Sinram (Volkswagen, Blockchain @ Group IT)
Software Innovation meets Cryptography
The automotive world becomes more and more digital. With digital innovations challenges are coming up – also in the area of cryptography. A short glimpse on these topics will give you an impression of the work at Volkswagen Software Innovation Center.

29.09. 11:30 Andy Jenkinson (CyberSec Innovation Partners)
Full digital certificate and key discovery, management and automation
Cryptographic certificates are the key to confidential and authenticated data transfer in all communication networks. Even in quite simple company networks we have thousands of active certificates. Expired certificates can lead to serious system outages, unauthorized certificates on forgotten but active connections can cause network vulnerabilities. The discovery of active certificates in networks is a difficult but necessary technical challenge. The talk discusses some aspects of advanced digital certificate discovery, management and related work.

29.09. 14:00 Peter Nonnenmann (Quant-X Security & Coding GmbH and DHBW Mannheim)
How to compute the security level of a chosen cryptosystem with respect to the Quantum Algebraic Attack
The Quantum Algebraic Attack is a an attack which applies to cryptosystems that can be reduced to a Boolean Multivariate Quadratic Equation System. For a sufficiently high security level, the related Macaulay matrix must have a large condition number /kappa. This talk outlines the challenges and potential solutions to derive /kappa for a chosen cryptosystem, in particular AES and many of the lattice-based Post-Quantum cryptosystems.


29.09. 15:00 Marc Kaplan (VeriQloud)
Applications of quantum networks
hence evolving toward a quantum cloud network. The path that leads from the current situation to the long-term can be decomposed in several steps. As soon as one new pieces of hardware for information processing are available, they can be integrated into the network, which in turn enables new applications on the network. In this talk, I will present these stages of development of quantum networks and the most relevant applications unlocked at each stage.


Back to Industrial Conference Overview

Zurück zur Übersicht der Fachtagung Industrie mit Fokus Kryptographie