Avatar

Panos Kampanakis

Product Manager

Security & Trust Organization

Panos Kampanakis was born in Athens, Greece. He received his first degree on Electrical and Computer engineering from National Technical University of Athens. He received his MSc from NC State University. His thesis was on efficient elliptic curve cryptography and bilinear pairing on sensor networks.

He has extensive experience on cryptography, security automation, vulnerability management and cyber security. In his professional career, Panos has supported and provided security advice to multiple Cisco customers. He has trained and presented on various security topics at Cisco Live for numerous years. He has co-authored Cisco Press books, various standards and research publications. He has participated in various security standards bodies to provide common interoperable protocols and languages for security information sharing, cryptography and PKI. Previously he had worked extensively with Cisco's PSIRT to provide vulnerability mitigations. His current interests include next-generation cryptography, post-quantum cryptography, participation in standards efforts that enable cryptographic implementation interoperability and IoT security.

Articles

June 29, 2020

2

SECURITY

Post-Quantum TLS 1.3 and SSH Performance (preliminary results)

So far, the industry has been testing post-quantum key exchange and authentication separately in a quest for a quantum-secure future. We recently have been experimenting with TLS and SSH using both post-quantum key exchange and authentication. The preliminary results are promising for some algorithms.

April 17, 2020

8

SECURITY

Post-quantum MACsec in Cisco switches

Quantum Computers could threaten encryption tunnels like IPsec, MACsec, and TLS. MACsec is an authenticated encryption protocol that, if appropriately configured, can be quantum-safe. The whitepaper shows how.

April 9, 2020

SECURITY

Promising Results for Post-Quantum Certificates in TLS 1.3

Quantum Computers could threaten the security of TLS key exchange and authentication. To assess the performance of post-quantum certificates TLS 1.3, we evaluated NIST Round 2 signature algorithms. See results.

May 18, 2018

SECURITY

Collaborating with NCSU to deliver certificate validation and crypto validation reusable implementations.

Cryptography is very important in today’s world. Improper or maliciously altered crypto implementations have been a concern for the industry in recent years.

April 19, 2018

3

SECURITY

Towards Backward-Compatible Post-Quantum Certificate Authentication

Quantum computers would pose a threat to PKI algorithms and systems as we know today.

December 18, 2017

SECURITY

Collaborating with NCSU to promote lightweight crypto validation and assessment

Cryptography is very important in today’s world. Improper or maliciously altered crypto implementations have been a concern for the industry in recent years. To alleviate the risk, Cisco has been working with the industry, the National Institute of Standards and Technology (NIST) and other international organizations on finding ways to validate crypto implementations and speed […]

June 5, 2017

2

SECURITY

Taking certificate enrollment to the next level

Bouncy Castle adds support for EST Note: We would especially like to thank the Crypto Workshop team for their contributions to this post and the fruitful collaboration. Recently Crypto Workshop has been working on adding support for the EST protocol in Bouncy Castle (BC) Cryptography APIs. Bouncy Castle (BC) is a prominent library that provides cryptography […]

February 1, 2017

1

SECURITY

Lessons Learned from Testing Cisco EST Implementations with Entrust Datacard

[Note: We would especially like to thank the Entrust Datacard team for their contributions to this post and the fruitful collaboration. More info at Entrust Datacard’s Digital DNA blog series and Twitter handle (@entrustdatacard).] Products and solutions do not operate in silos. In technology, interoperability is a top priority. Thus, making a transition to different communication […]

December 6, 2016

SECURITY

FIPS and Deterministic ECDSA: Achieving robust security and conformance

Digital signatures are used to verify the authenticity of a message. For example, when a message is signed, the verifier can rest assured that only the signer could have signed it. ECDSA and DSA are two widely used, standardized digital signature schemes. In order to sign a message, internally both of them require the use […]