Keynote lectures are plenary sessions which are scheduled for taking about 45 minutes + 10 minutes for questions.
- Ueli Maurer, Swiss Federal Institute of Technology (ETH), Switzerland
- Bart Preneel, University of Leuven, Belgium
Keynote Lecture 1
Rethinking Digital Signatures
Ueli Maurer,
Swiss Federal Institute of Technology (ETH), Switzerland
Brief Bio:
Ueli Maurer is professor of computer science and head of the Information Security and Cryptography Research Group at the Swiss Federal Institute of Technology (ETH), Zurich. His research interests include information security, theory of cryptography (new paradigms, security proofs), applications of cryptography (e.g. digital signatures, public-key infrastructures, digital payment systems, e-voting), theoretical computer science, discrete mathematics, and information theory. He is also interested in the impact of IT on the society and economy at large. Maurer graduated in electrical engineering (1985) and received his Ph.D. degree in Technical Sciences (1990) from ETH Zurich. From 1990 to 1991 he was DIMACS research fellow at the Department of Computer Science at Princeton University, and in 1992 he joined the CS Department at ETH Zurich where he is a full professor. He has served extensively as an editor and a member of program committees. Currently he is Editor-in-Chief of the Journal of Cryptology, Editor-in-Chief of Springer Verlag's book series in Information Security and Cryptography, and serves on the Board of Directors of the International Association for Cryptologic Research (IACR). He is a Fellow of the IEEE, a Fellow of the IACR, and was the 2000 Rademacher Lecturer of the Department of Mathematics at the University of Pennsylvania. Maurer has served as a consultant for many companies and government organisations, both at the management and the technical level. He serves on a few boards, including the board of directors of Tamedia, a Swiss media company, and the scientific advisory board of PricewaterhouseCoopers. He is a co-founder of the Zurich-based security software company Seclutions and holds several patents for cryptographic systems.

Digital evidence, such as digital signatures, is of crucial importance in the emerging digitally operating economy because it is easy to transmit, archive, search, and verify. Nevertheless the initial promises of the usefulness of digital signatures were too optimistic. This calls for a systematic treatment of digital evidence. The goal of this talk is to provide a foundation for reasoning about digital evidence systems and legislation, thereby identifying the roles and limitations of digital evidence, in the apparently simple scenario where it should prove that an entity A agreed to a digital contract d. Our approach is in sharp contrast to the current general views documented in the technical literature and in digital signature legislation. We propose an entirely new view of the concepts of certification, time-stamping, revocation, and other trusted services, potentially leading to new and more sound business models for trusted services. Some of the perhaps provocative implications of our view are that certificates are generally irrelevant as evidence in a dispute, that it is generally irrelevant *when* a signature was generated, that a commitment to be liable for digital evidence cannot meaningfully be revoked, and that there is no need for *mutually* trusted authorities like certification authorities. We also propose a new type of digital evidence called digital declarations, based on a digital recording of a willful act indicating agreement to a document or contract.

Keynote Lecture 2

Cryptographic Algorithms: Successes, Failures and Challenges

Bart Preneel,
University of Leuven, Belgium
Brief Bio:
Bart Preneel received the Doctorate in Applied Sciences from the Katholieke Universiteit Leuven (Belgium) where he is currently a full professor. He was visiting professor at several universities in Europe. His main research interests are cryptography and information security. He has authored and co-authored more than 200 scientific publications. He is president of the IACR (International Association for Cryptologic Research) and a member of the Editorial Board of the Journal of Cryptology and of the IEEE Transactions on Forensics and Information Security. He has participated to 25 research projects sponsored by the European Commission, for five of these as project manager. He has been program chair of ten international conferences and he has been invited speaker at more than 30 conferences. In 2003, he has received the European Information Security Award in the area of academic research. He has been a member of the TCPA Advisory Board. He is president of L-SEC vzw. (Leuven Security Excellence Consortium), an association of 60 companies and research institutions in the area of e-security. He is cofounder and conductor of the jazz ensemble of the K.U.Leuven.

The exponential progress of hardware during the past decades and the explosion of wired and wireless networks has resulted in a large scale deployment of cryptography in financial applications and e-commerce, in mobile phones and in electronic identity cards.  In parallel with his deployment the insight has grown that building secure information systems is a very hard problem: cryptography is an essential building block that may have helped us to win some battles, but one still has the impression that we are losing the information security “war.”  The development of more secure information systems will require expertise from many areas of computer science but also from economics, law and psychology.

In this talk we will first attempt to clarify the role of cryptology.  Subsequently we will discuss the challenges that are faced by this discipline.  In the last thirty years, the scientific foundations of the cryptology have been established by using tools from complexity theory and information theory.  Nevertheless, there are still major issues and shortcomings, as witnessed by the recent hash function crisis.  This talk will discuss the status of cryptographic algorithms using four examples: block ciphers, stream ciphers, hash functions and public-key encryption algorithms.  In the development of future algorithms, we need to develop algorithms that offer better trade-offs between performance, cost and security.  In addition we face challenges related to secure implementations in software and hardware and in the area of algorithm agility.  We will conclude with a brief discussion of opportunities offered by the progress made in the area of cryptographic protocols and with a discussion of some research challenges.