lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <5416ABFC.6040807@thorsheim.net>
Date: Mon, 15 Sep 2014 11:06:04 +0200
From: Per Thorsheim <per@...rsheim.net>
To: bugtraq@...urityfocus.com
Subject: Passwords^14 Norway - CFP

                    CALL FOR PAPERS AND TUTORIALS


                              PASSWORDS'14
                            passwordscon.org

               The 7th International Conference on Passwords
                           8-10 December 2014
                            Trondheim,Norway


The Passwords conference was launched in 2010 as a response to the lack
of robustness and usability of current personal authentication practices
and solutions. Annual participation has doubled over the past three years.

Venue: NTNU campus, Trondheim, Norway.


Conference Aim

The technical and practical problem addressed by the conference is
illustrated by the fact that more than half a billion user passwords
have been compromised over the last five years, including breaches at
internet companies such as Adobe, Twitter, Forbes, LinkedIn, Yahoo, and
LivingSocial. Yet passwords, PIN codes, and similar remain the most
prevalent method of personal authentication. Clearly, we have a systemic
problem.

Passwords is the singular conference gathering researchers, password
crackers, and enthusiastic experts from around the globe, aiming to
better understand the challenges surrounding the methods personal
authentication and passwords, and how to adequately solve these
problems. The Passwords conference series seek to provide a friendly
environment for participants with plenty opportunity to communicate with
the speakers before, during, and after their presentations.
(https://passwordscon.org/)


Scope

This call for papers seeks original contributions that present attacks,
analyses, designs, applications, protocols, systems, practical
experiences, and theory. Submitted papers may include, but are not
limited to, the following topics, all related to passwords and personal
authentication:

Best practice reports
Costs and economy
Cryptanalytic attacks
Cryptographic formal attack models
Cryptographic protections
Cryptographic protocols
Dictionary attacks
Digital forensics
Gestures and graphical patterns
Guessing attacks
Hash functions
Human factors and behavior
Implementations and tests
Incident and attack reports
Key-stroke dynamics
Languages, letters and symbols
Management and authorization
Markov models
Memorability
One-time passwords
Passphrase techniques
Password based encryption
Password based key derivation
Password based key exchange
Password protection
Password replacements
Passwords and biometrics
Performance and scalability
Physical traces and smudges
Rainbow tables and trade-offs
Reset and recovery procedures
Side-channel attacks
Single sign-on
Social engineering
Statistical patterns and analyses
Time-memory tradeoffs
Tokens and devices
Usability studies


We seek submissions for review in the following three categories:

(i) Research Papers    (ii) Short papers    (iii) Tutorials


Instructions for paper submission

Accepted papers presented at the workshop will be included in the event
proceedings and published by Springer in the Lecture Notes in Computer
Science (LNCS) series. All submission must be done at
https://easychair.org/conferences/?conf=passwords14

Research Papers should describe novel, previously unpublished technical
contributions within the scope of the call. The papers will be in-depth
reviewed and selected using a double-blind review process by at least
three members of the program committee. Paper length is limited to 16
pages (LNCS format) excluding references and well-marked appendices. The
paper submitted for review must be anonymous, hence author names,
affiliations, acknowledgements, or obvious references must be
temporarily edited out for the review process.  The submitted paper (PDF
or PostScript format) must follow the template described by Springer at
http://www.springer.de/comp/lncs/authors.html.

Short Papers will also be subject to peer review, where the emphasis
will be put on work in progress, hackers achievements, industrial
experiences, and incidents explained, aiming at novelty and promising
directions. Short paper submissions should not be more than 6 pages in
standard LNCS format in total. A short paper must be labeled by the
subtitle "Short Paper." Accepted short paper submissions may be included
in the conference proceedings. Short papers do not need to be anonymous.
 The program committee may accept full research
papers as short papers.

Tutorial proposals are expected to explain new methods, techniques,
tools, systems, and services within the Passwords scope. The time frame
is one hour. Proposals can be submitted in any format. Publication will
be by streaming, video and web.


Important dates

Papers: Submissions by October 27.
Acceptance notification: November 10, 2014.
Tutorials: Proposals by November 10, 2014.


Conference Organizing Chair

Per Thorsheim, God Praksis AS


Technical Papers Program Committee

Stig F. Mjolsnes, (chair) Norwegian University of Science and Technology (N)
Jean-Phillipe Aumasson, Kudelski Security (CH)
Markus Durmuth, Ruhr-University Bochum (D)
Jeremy Gosney, Stricture Consulting Group (USA)
Tor Helleseth, University of Bergen (N)
Audun Josang, University of Oslo (N)
Stefan Lucks, Bauhaus-University Weimar (D)
Markku-Juhani O.  Saarinen, ERCIM Research Fellow at NTNU (N)
Frank Stajano, University of Cambridge (UK)
Kenneth White, Open Crypto Audit Project (USA)


Sponsor

FRISC, a research value network funded by the Norwegian Research Council.
(www.frisc.no)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ