- Jaap-Henk Hoepman (Radboud University Nijmegen, The Netherlands)
Talk title. The Gospel of IRMA
Talk abstract. Attribute Based Credentials allow people to prove properties about themselves (like their age, or their nationality, or their entitlement to travel with public transport) without revealing their identity, in fact without being traceable at all. The IRMA (I Reveal My Attributes) project (www.irmacard.org) has implemented this technology efficiently on a smart card. The talk will describe the IRMA ecosystem, and discuss the advantages and disadvantages of such a privacy friendly identity management system.
Short bio (Jaap-Henk). Jaap-Henk Hoepman studied computer science at the Rijksuniversiteit Groningen, the Netherlands, and obtained his PhD at the University of Amsterdam based on work done at the Centre for Mathematics and Computer Science (CWI).
For several years he worked for the security group of KPN Research, the research division of one of the main Dutch telcos. He then returned to academia as an assistant professor at the Faculty of Computer Science of the University of Twente. From 2006 to 2013 he was senior scientist in the security group of TNO ICT, Groningen. Currently he is an associate professor at the Institute for Computing and Information Sciences of the Radboud University Nijmegen. He is also scientific director of the Privacy and Identity Lab.
His research interests focus on privacy by design, and privacy friendly protocols for identity management and the Internet of Things.
He also maintains a blog covering his research and activities.
Martijn Sprengers (KPMG, The Netherlands)
Jeroen de Wit (KPMG, The Netherlands)
Talk title. We have crypto, and now what?
Talk abstract. KPMG will present what they come across in real life relating to cryptography. This insight into the practical (mis)use of cryptography will be a down-to-earth, practical and sometimes shocking review of the current state of cryptography within (criminal) organizations. KPMG will try to provoke and disrupt your (academic) view on cryptography in this defiant talk, with examples from their clients. Is cryptography the holy grail to security challenges faced by multinationals? What did cryptography bring to cyber criminals? How does the academic cryptographic community fight the enormous number of cryptographers working for nation states? These questions, and many more, will be addressed in this courageous talk among academic cryptographers like you.
Short bio (Martijn). Martijn is employed at KPMG in The Netherlands as IT Security Advisor and has more than 6 years of relevant experience with IT Security. He is specialised in (cryptographic) protocol reviews, black-, grey- and white-box penetration testing, network and infrastructure security design, social engineering and cyber defence implementations. More recently, Martijn has developed into the realm of industrial IT security and red teaming. Martijn performed research on password encryption techniques and has written multiple articles in the field of IT security, cybercrime and cryptography. His passion is to bypass encryption and security measures, not to break them.
Short bio (Jeroen). Jeroen is employed at KPMG IT Advisory in The Netherlands as an IT Security Advisor since 2012. He possesses a wide experience in a variety of Information Security related engagements, including black-, grey- and white-box penetration testing, network and infrastructure security design and review, (web) application and protocol security, and Cyber Defense design, implementation and review. Furthermore, Jeroen has performed multiple (technical) IT audits and architecture design reviews in large heterogeneous (IT) environments, taking a holistic approach consisting of people, processes and technology. The combination of these aspects allows Jeroen to show organizations the real-life scenarios of bypassing security mechanisms, instead of purely theoretical security offense and defense approaches.