- ZK-PAR 0x02: On Hacking Hardware Wallets and Advanced Cryptography on Tezos
You’re invited to join us for our second Zero Knowledge meetup in Paris on the 15th of October! We will be hosting Charles Guillemet from Ledger and Marc Beunardeau from the Tezos Foundation. Charles is the Chief Security Officer at Ledger and actively testing the hardware crypto space security via Ledger Donjon. He will be presenting an overview of vulnerabilities and attacks vectors on hardware wallets. Marc is a full-time researcher for Tezos, implementing anonymous payments for the Tezos blockchain. He will be presenting the Sapling protocol which realizes a decentralized anonymous payement systems using zero knowledge argument, and its integration in the Tezos blockchain. Schedule: 6:45pm: doors open, chat with the organizers and speakers 7:15-8pm: Presentation from Charles Guillemet (Ledger) 8:00-8:45pm: Presentation from Marc Beunardeau (Tezos) 8:45pm-9:30pm: food and drinks, networking The presentation will be given in English. —————————————————— Below are the abstracts and bios of our speakers: Talk title: Security Study of various cryptocurrency wallets With the rise of cryptocurrencies, comes the challenge of their security. Hardware-based solutions have proven their security in various applications. With higher stakes, it's expected to see attackers with higher potential. In this context, we have studied the security of several cryptocurrency wallets against a high potential attacker. Our study targets several hardware wallets as well as Android-based wallets - of which some use Trustzone. The findings of our study revealed vulnerabilities in every tested wallet. Each of the vulnerabilities has been responsibly disclosed to the vendors. These vendors patched the attacks where possible. However, some of the attacks can simply NOT be patched, requiring a full redesign. In all cases, the primary assets (private keys or seeds) were successfully retrieved by the attacker, allowing them to get ownership of the crypto assets. Bio: Charles joined Ledger in 2017 as Chief Security Officer after working for 10 years of in the Cryptography & Hardware Security sector. He started his career at Tiempo, an innovative startup in the Secure industry, where he was designing the security of EAL5+ secure integrated circuits. He then worked as Technical Manager in an Information Technology Security Evaluation Facility (ITSEF) at the CEA (French research organisation in the areas of energy, defense and security, information technologies and health technologies). Charles holds a Master of Science in Cryptography & Security at the Engineering School ENSIMAG, with a Major Cryptography and Security (Valedictorian), where he is now a Lecturer. —————————————————— Talk title: Anonymous payments for the Tezos blockchain Abstract: Marc will talk about privacy issues in the blockchain and introduces cryptographic techniques to tackle this issue. He will notably introduces Zcash's Sapling protocol and its integration in Tezos. Bio: Marc Beunardeau is a full-time researcher for Nomadic Labs (https://www.nomadic-labs.com) on the Tezos blockchain, implementing anonymous payments for the Tezos blockchain. Previously, he got his PhD from the Ecole normale supérieure de Paris (ENS), under the supervision of Pr. David Naccache, and was a member of the ENS Information security group, part of the Computer Science department. Thanks to Beam (https://beam.mw), EY and Startup Inside for making this event possible.
- ZK-PAR 0x01: On Bitcoin Lightning network and a take on Elliptic Curve creation
You’re invited to join us for our first Zero Knowledge meetup in Paris on the 4th of July! We will be hosting Bastien Teinturier from Acinq (Lightning Network implementation) and Youssef El Housni from EY. Bastien is a Software Developer working on the Bitcoin Lightning Network at Acinq. He will be presenting an overview of Anonymous Payments in the Lightning Network. Youssef is cryptography engineer working at EY. He will be presenting an history on Elliptic Curve Cryptography (ECC) and the means to find such cryptosystems. Schedule: 6:30-7:00 pm: Greetings, food and drinks (including vegan options) 7:00-7:50 pm: Presentation from Bastien Teinturier (Acinq)[masked]:40 pm: Presentation from Youssef El Housni (EY) The presentation will be given in English. Read more about Lightning Network: https://s-tikhomirov.github.io/how-lightning-works-part-1/ —————————————————— Below are the abstracts and bios of our speakers: Talk title: Anonymous Payments in the Lightning Network Abstract: This presentation gives an overview of the Sphinx Onion Routing construction used in Bitcoin's Lightning Network. The Bitcoin Lightning Network is a payment channel network that provides layer 2 scalability improvements to Bitcoin. Payment anonymity is guaranteed by several mechanisms, some of which are already implemented and others are under active development. Several academic papers have studied the security and anonymity of the Lightning Network: we will summarize their findings in this talk. Bio: Bastien is a Software Developer working on the Bitcoin Lightning Network at Acinq, focusing on the cryptography and routing parts of the protocol. Before joining Acinq, Bastien worked for Stratumn on p2p networks and zero-knowledge cryptography, and at Microsoft on backend web services for the Windows 10 ecosystem. —————————————————— Talk title: The generation of elliptic curves in cryptography This presentation is a dive into the history of Elliptic Curve Cryptography and the generation processes for applications ranging from signatures to Zero Knowledge Proof. We will be going over the different purposes of using EC and the different requirements in their generations. We will be also going over the generation methods and the output families for each purpose. Bio: Youssef is a cryptography engineer working at EY to build and deliver to clients blockchain solutions with focus on privacy issues. Prior to joining EY, he worked in R&D at a French startup, called Secure-IC, on different topics ranging from video steganography to side-channel attacks on post-quantum cryptography.