Title: New Technology Innovation Sandbox 1:00 p.m. – 6:00 p.m.Paul Kocher, president and chief scientist at CRI, and executives at Greylock Partners, In-Q-Tel, Red Cross, Sophos and The McGraw-Hill Companies
In this half-day program, Paul Kocher and other leading security leaders will explore and evaluate new technologies that promise to transform the information security industry, now and in the future, including the “Most Innovative Company at RSA Conference 2012” contest.
Wednesday, February 29, 2012
Title: Innovation and Technology Transfer in Security: From the Lab to General Use 8:00 a.m. – 9:10 a.m. – Room 310Paul Kocher, president and chief scientist at CRI, and executives at Cigital, Fortify Software, the National Science Foundation, and the Naval Postgraduate SchoolIn this session, Paul Kocher will join other distinguished innovation experts and entrepreneurs to discuss their experiences in making technology transfer work; exploring key gaps in a system where security technologies move from start-ups, to early adopters, to global technologies. Title: Minding the App Store - Protecting Software and Device Features 9:30 a.m. – 10:10 a.m. – Room 302Benjamin Jun, vice president & chief technology officer at CRI This talk focuses on “app store” business models—the shiny new platform capabilities that can be unleashed with simple enablement messages, and the potential vulnerabilities that occur when locked features are valuable. Learn developer techniques for protecting platform features, building infrastructure for cryptographic authorization management, and defending software clients from unauthorized upgrades. Friday, March 2, 2012 Title: Is Your Mobile Device Radiating Keys? 8:00 a.m. – 8:50 a.m. – Room 305Benjamin Jun, vice president & chief technology officer at CRI and Gary Kenworthy, senior principal engineer at CRI In this session, CRI will explain why EM emission from mobile devices may be leaking cryptographic keys. A mobile app can inadvertently radiate secret data as cryptographic processing is done by the CPU. The session will include a live demonstration where a simple antenna and radio are used to perform key extractions from several modern handheld devices. Participants will learn several techniques developers can use to mitigate risk whenever applications use high-valued cryptographic keys.