Profile

Cover photo
Valerie Fenwick
Attended Purdue University
312 followers|43,966 views
AboutPostsPhotosYouTube

Stream

Valerie Fenwick

Shared publicly  - 
 
ICMC16: Unboxing the White-Box: Practical Attacks Against Obfuscated Ciphers
Jasper van Woudenberg , CTO North America, Riscure Jasper has been doing white boxing for a long time - hacking assembly in a video game to get passwords for higher levels as a kid :-) It's important to protect the keys. Is it possible to do it with just so...
Jasper van Woudenberg, CTO North America, Riscure Jasper has been doing white boxing for a long time - hacking assembly in a video game to get passwords for higher levels as a kid :-) It's important to protect the keys. Is it...
1
Add a comment...

Valerie Fenwick

Shared publicly  - 
 
ICMC16: Entropy As a Service: Unlocking the Full Potential of Cryptography
Apostol Vassilev , Research Lead–STVM, Computer Security Division, NIST Crypto is going smaller and light weight, lightweight protocols, apis, etc. In modern cryptography, the algorithms are known. Key generation and management govern the strength of the ke...
Apostol Vassilev, Research Lead–STVM, Computer Security Division, NIST Crypto is going smaller and light weight, lightweight protocols, apis, etc. In modern cryptography, the algorithms are known. Key generation and managemen...
1
Add a comment...

Valerie Fenwick

Shared publicly  - 
 
ICMC16: Improving Module's Performance When Executing the Power-up Tests
Allen Roginsky, CMVP NIST There are power-up tests and conditional tests. Power-up includes integrity test, approved algorithm test, critical functions tests.  Conditional are things like generating key pairs, a bypass test. Implementations have become more...
Allen Roginsky, CMVP NIST There are power-up tests and conditional tests. Power-up includes integrity test, approved algorithm test, critical functions tests. Conditional are things like generating key pairs, a bypass test. ...
1
Add a comment...

Valerie Fenwick

Shared publicly  - 
 
ICMC16: LibreSSL
Giovanni Bechis , Owner, System Administrator and Developer, SnB, Developer, OpenBSD The LibreSSL project started in April 2014, after heartbleed was discovered in OpenSSL. Man vendors and systems were impacted by this, and there is no way to tell if you ha...
Giovanni Bechis, Owner, System Administrator and Developer, SnB, Developer, OpenBSD The LibreSSL project started in April 2014, after heartbleed was discovered in OpenSSL. Man vendors and systems were impacted by this, and th...
1
Add a comment...

Valerie Fenwick

Shared publicly  - 
 
ICMC16: Secure Access with Open Source Authentication
Donald Malloy , LSExperts For years, Mastercard and Visa said the cost to implement the chips in cards cost more than the fraud, but that has all changed in recent years.  EMV (Chip and Pin) is being rolled out in the US, which will push the US fraud to onl...
Donald Malloy, LSExperts For years, Mastercard and Visa said the cost to implement the chips in cards cost more than the fraud, but that has all changed in recent years. EMV (Chip and Pin) is being rolled out in the US, whic...
1
Add a comment...

Valerie Fenwick

Shared publicly  - 
 
ICMC16: Introduction on the Commercial Cryptography Scheme in China
Di Li , Senior Consultant, atsec information security corporation Please note: Di Li works for atsec, and is not speaking for the Chinese Government. Their focus is on certifying both hardware and software, including HSMs and smart cards.  In China, only ce...
Di Li, Senior Consultant, atsec information security corporation Please note: Di Li works for atsec, and is not speaking for the Chinese Government. Their focus is on certifying both hardware and software, including HSMs and ...
1
Add a comment...
Have her in circles
312 people
Moya Watson's profile photo
Petr Zahradnik's profile photo
African PRIDE Centre's profile photo
Teodora Ngo's profile photo
Joan Hamdan's profile photo
Samantha Aguirre's profile photo
Helen Kerrison's profile photo
Salima Alami (Jobligne)'s profile photo
Evan Layton's profile photo

Valerie Fenwick

Shared publicly  - 
 
ICMC16: Cryptography as a Service (CaaS) for Embedded Security Infrastructure
Matt Landrock , CEO, Cryptomathic  What can we expect from embedded systems?  Internet of Things.... Things: PCs, Phones, Smartmeters,dishwashers, cars, apps.  Often want to validate code running on the "thing" and enable the thing to carry out basic crypto...
Matt Landrock, CEO, Cryptomathic What can we expect from embedded systems? Internet of Things.... Things: PCs, Phones, Smartmeters,dishwashers, cars, apps. Often want to validate code running on the "thing" and enable the ...
1
Add a comment...

Valerie Fenwick

Shared publicly  - 
 
ICMC16: Entropy Requirements Comparison between FIPS 140-2, Common Criteria and ISO 19790 Standards
  Richard Wang , FIPS Laboratory Manager, Gossamer Security Solutions, Tony Apted , CCTL Technical Director, Leidos Entropy is a measure of the disorder, randomeness or uncertainty in a closed system.  Entropy underpins cryptography, and if it's bad, things...
Richard Wang, FIPS Laboratory Manager, Gossamer Security Solutions, Tony Apted, CCTL Technical Director, Leidos Entropy is a measure of the disorder, randomeness or uncertainty in a closed system. Entropy underpins cryptogra...
1
Add a comment...

Valerie Fenwick

Shared publicly  - 
 
ICMC16: Finding Random Bits for OpenSSL
Denis Gauthier, Oracle OpenSSL provides entropy for the non FIPS case, but not for the FIPS case. BYOE - Bring your own entropy, if you're running in FIPS mode. OpenSSL gets its entropy from /dev/urandom, /dev/random, /dev/srandom, but since /dev/urandom do...
Denis Gauthier, Oracle OpenSSL provides entropy for the non FIPS case, but not for the FIPS case. BYOE - Bring your own entropy, if you're running in FIPS mode. OpenSSL gets its entropy from /dev/urandom, /dev/random, /dev/sr...
1
Add a comment...

Valerie Fenwick

Shared publicly  - 
 
ICMC16: The OpenSSL 1.1 Audit
Kenneth White There is an Open Crypto Audit Project. Originally formed to do an audit of the TrueCrypt audit.  Currently seeking non-profit status.  More recently looking ath OpenSSL.  Why? It's everywhere! OpenSSL 1.0.2 FIPS is in over a 100 validations. E...
Kenneth White There is an Open Crypto Audit Project. Originally formed to do an audit of the TrueCrypt audit. Currently seeking non-profit status. More recently looking ath OpenSSL. Why? It's everywhere! OpenSSL 1.0.2 FIPS...
1
Add a comment...

Valerie Fenwick

Shared publicly  - 
 
ICMC16: The Current Status and Entropy Estimation Methodology in Korean CMVP
Yongjin Yeom , Kookmin University; Seog Chung Seo , National Security Research Institute NSR is the only company testing in Korea. We have vendors, testing authority and certification authority. NSR tests according to Korean standards. NSR develops and stan...
Yongjin Yeom, Kookmin University;Seog Chung Seo, National Security Research Institute NSR is the only company testing in Korea. We have vendors, testing authority and certification authority. NSR tests according to Korean sta...
1
Add a comment...

Valerie Fenwick

Shared publicly  - 
 
ICMC16: Automated Run-time Validation for Cryptographic Modules
Apostol Vassilev , Technical Director, Research Lead–STVM, Computer Security Division, NIST Barry Fussel, Senior Software Engineer, Cisco Systems Take a look at Verizon's Breach report. It's been going on for 9 years, and we see things are not getting bette...
Apostol Vassilev, Technical Director, Research Lead–STVM, Computer Security Division, NIST Barry Fussel, Senior Software Engineer, Cisco Systems Take a look at Verizon's Breach report. It's been going on for 9 years, and we s...
1
Add a comment...
People
Have her in circles
312 people
Moya Watson's profile photo
Petr Zahradnik's profile photo
African PRIDE Centre's profile photo
Teodora Ngo's profile photo
Joan Hamdan's profile photo
Samantha Aguirre's profile photo
Helen Kerrison's profile photo
Salima Alami (Jobligne)'s profile photo
Evan Layton's profile photo
Work
Occupation
Software Engineer
Basic Information
Gender
Female
Story
Introduction
Valerie is has over a decade of experience with computer security and operating systems. Her interests include reading, skiing, singing, dancing, women in science and computing and... beer :)
Education
  • Purdue University
    Computer Science, 1992 - 1996