Secure money and payments serve a fundamental societal need: Already over 30,000 years ago, wooden sticks with notches were used as first “payment instruments”, followed by seashells and coins from rare natural materials. With the rise of paper money, sophisticated man-made security features came into focus: Extra elements were added to paper to combat counterfeiting, often operating at the scientific and technological edge of their time. Today, the emergence of electronic payment systems has taken money to its next evolutionary level, including digital currencies, bitcoin, or Apple Pay. Various advanced technologies, such as chip cards, encryption, biometrics, and cryptographic protocols, may interact to secure modern monetary transactions. Can perfect payment security finally be achieved in this manner? The talk puts particular emphasis on the science behind securing money and payments and takes a short “payment journey” through the past, and via Web 3.0 and Metaverse also risks a short glimpse at the future of currencies. | Michael Tagscherer ist Chief Technology Officer von Giesecke & Devrient in München.

In modern electronic systems, analog circuits are primarily used to condition and discretize physical signals, while most of the information processing occurs in the digital domain. The digital abstraction has allowed us to focus on bits as atomic carriers of information, largely ignore analog nuances in the underlying physical signals, and hence scale hierarchical systems toward transistor counts of over 100 billion on a single chip. While this approach has been a key enabler for managing complexity, it has always been scrutinized for its potential inefficiencies. Why don't we prefer to perform an addition by simply connecting two wires carrying analog currents? Similarly, why not compute an integral by collecting charges on a capacitor? This talk will aim to provide some answers to these questions, with the specific focus on domain-specific circuits for machine learning and hardware security. | Boris Murmann is Professor of Electrical Engineering at Stanford University and Fellow in the context of the CAS Research Focus "Physics and Security".

Attackers have targeted software and networking for a long time. Now they are also attacking the hardware foundations of computers. Attacks on microprocessors, the brains of computers, can be devastating. We illustrate with the recent rush of speculative execution attacks that exploit the performance optimization features at the microarchitecture level of modern microprocessors, to leak arbitrary secrets. To defend against these attacks without suffering severe performance degradation and software incompatibility, hardware solutions are desired. In this talk, Lee sheds light on the critical attack steps of speculative execution attacks (also called transient execution attacks), and why these attacks succeed. She discusses potential hardware defense strategies, and defenses proposed by the computer architecture research community. Beyond current attacks and defenses, are there new proactive design strategies that enable future microprocessors to improve both attack-resilience and performance? | Ruby B. Lee is Forest G. Hamrick Professor and Professor of Electrical and Computer Engineering emeritus at Princeton University.

Deep learning (DL) models are enabling a significant paradigm shift in a diverse range of fields, including natural language processing, computer vision, as well as the design and automation of complex integrated circuits. While the deep models – and optimizations- based on them, e.g., Deep Reinforcement Learning (RL) – demonstrate a superior performance and a great capability for automated representation learning, earlier works have revealed the vulnerability of DLs to various attacks. The vulnerabilities include adversarial samples, model poisoning, fault injection, and Intellectual Property (IP) infringement attacks. On the one hand, these security threats could divert the behavior of the DL model and lead to incorrect decisions in critical tasks. On the other hand, the susceptibility of DLs to IP piracy attacks might thwart trustworthy technology transfer as well as reliable DL deployment. In this talk, Farinaz Koushanfar investigates the existing defense techniques to protect DLs against the above-mentioned security threats. Particularly, she reviews end-to-end defense schemes for robust deep learning in both centralized and federated learning settings. Her comprehensive taxonomy and horizontal comparisons reveal an important fact that defense strategies developed using DL/software/hardware co-design outperform the DL/software-only counterparts and show how they can achieve very efficient and latency-optimized defenses for real-world applications. She believes his systemization of knowledge sheds light on the promising performance of hardware-based DL security methodologies and can guide the development of future defenses. | Farinaz Koushanfar is professor in the Electrical and Computer Engineering department at the University of California San Diego (UCSD), where she is also the co-founder and co-director of the UCSD Center for Machine-Intelligence, Computing & Security.

A future Quantum Computer would allow to break public key systems like RSA. Ironically, quantum physics offers also an alternative way to distribute keys, Quantum Key Distribution, which can be shown to be information theoretically secure. Hugo Zbinden gives a short introduction on QKD and overview of the state of the art. He presents a so-called self-testing Quantum Random Number generator (QRNG), which has the unique feature that the generated entropy can be measured in real time. | Hugo Zbinden ist Professor an der Universität Genf und leitet die Quantum Technologies Group.

Super-resolution optical microscopy has become a powerful tool to study the nanoscale spatial distribution of molecules of interest in biological cells, tissues and other structures over the last years. Imaging these distributions in the context of other molecules or the general structural context is, however, still challenging. Jörg Bewersdorf presents recent developments of his lab focusing on instrumentation, fluorescent probes and sample preparation techniques which tackle this challenge. | Jörg Bewersdorf ist Professor für Zellbiologie, Biomedizintechnik und Physik an der Yale University.

Ueli Maurer is Professor of Computer Science at ETH Zurich and member of the advisory board of the CAS Research Focus „Physics and Security". | Modularization is a key principle in any constructive discipline. One wants to obtain complex constructions as the composition of simpler, modular construction steps, where each step constructs an object satisfying a certain specification from other objects satisfying certain (weaker) specifications. This principle can be captured abstractly by an algebraic specification theory in which the objects of interest are specifications (for example, in a concrete instantiation, specifications of probabilistic discrete systems). The set of specifications form an algebra equipped with a lattice structure. Many relevant concepts like constructions, relaxations, projections, etc., are specification homomorphisms. Goals of such an abstract approach are simplicity (or even minimality), maximal generality and reusability, and the definition of a set of rewriting rules allowing to derive new facts from given facts. One of the goals of such a theory is the suitability for formal proofs. Constructive cryptography is an instantiation of such a specification theory in which cryptographic methods can be understood (and defined) as construction step. For example, a secure encryption scheme constructs a secure channel from an authenticated channel and a shared secret key. The design of cryptographic protocols corresponds to the composition of such construction steps, where for example the shared secret key needed in the above construction can itself be constructed, e.g. by a key agreement protocol. The security proof for the protocol is then simply a consequence of the security proofs of the individual steps. In his talk Ueli Maurer gives a self-contained introduction to constructive cryptography suitable for a non specialist audience, presents many recent new developments, and shows how the theory applies to other areas.

The question of whether or not we are living inside a computer simulation has inspired a large amount of fiction (notably the novel Simulacron-3 and the movie The Matrix), but, unsurprisingly, not much serious research. Among the more reasonable and quantitative attempts, let us mention Nick Bostrom’s simulation argument: if societies do not tend to self-destruct before acquiring a technology sufficiently advanced to create simulations that are indistinguishable from reality, in which countless simulated beings strive, our probability of living inside such a simulation approaches unity. More recently, Elon Musk, who is the richest person on the planet, declared in 2016 that "the odds we’re in base reality is one in billions". Was he right? Through a refinement of Bostrom's argument and the introduction of an equation reminiscent of the one Drake postulated to estimate the number of extraterrestrial civilisations in the universe, Gilles Brassard comes to the opposite conclusion: the probability that we live in base reality is rather high. Nevertheless, he analyses in his talk one consequence should we actually live in a computer simulation: How could we preserve our privacy against our overlords? The talk is based on the original doctoral work of Alexandre Bibeau-Delisle while under the supervision of Gilles Brassard. The work was published recently in the Proceedings of the Royal Society and available open access at https://doi.org/10.1098/rspa.2020.0658 Titel anhand dieser DOI in Citavi-Projekt übernehmen.

Disorder and scattering in photonic systems have long been considered a nuisance that should be circumvented. Recently, disorder has been harnessed for a rapidly growing number of applications, including imaging, sensing, and spectroscopy. The chaotic dynamics and extreme sensitivity to external perturbations make random media particularly well-suited for optical cryptography and security applications. In this talk, Hui Cao presents two examples. The first one is massive-parallel ultrafast random bit generation using a multimode laser. Random numbers are widely used for information security, cryptography, stochastic modeling, and quantum simulations. Key technical challenges for physical random number generation are speed and scalability. She and her team demonstrate a new method for ultrafast generation of hundreds of random bit streams in parallel with a single laser diode. Spatio-temporal interference of many lasing modes in a specially designed cavity is introduced as a scheme for greatly accelerated random bit generation. Spontaneous emission, caused by quantum fluctuations, produces stochastic noise that makes the bit streams unpredictable. They achieve a total bit rate of 250~Tb/s with off-line post-processing, which is more than two orders of magnitude higher than the current post-processing record. Their approach is robust, compact, energy efficient, and should impact applications in secure communication and high-performance computation. The second example is remote key establishment using a long optical fiber. Using random media for distribution of secret keys between remote users is challenging since it requires the users have access to the same scattering sample. Hui Cao and her team utilize random mode mixing in a long multimode fiber to generate and distribute keys simultaneously. Fast fluctuations in fiber mode mixing provide the source of randomness for key generation, and optical reciprocity guarantees that the keys at the two ends of the fiber are identical. They experimentally demonstrate the scheme using classical light and off-the-shelf components, opening the door for a practically secure key establishment at the physical layer of fiber-optic networks.

Privacy of data processing is ensured using Fully Homomorphic Encryption (FHE), where an untrusted device computes on encrypted data. Integrity is assured through the use of Verifiable Computation (VC), where the untrusted device produces a proof of correct computation that can be verified by the user. Unfortunately, state-of-the-art approaches to FHE and VC incur a slowdown that ranges from four to six orders of magnitude over native computation, meaning that this approach is only viable for small-scale programs today. Srini Devadas describes ongoing research on hardware acceleration infrastructure to enable the deployment of FHE and VC for important classes of applications.