lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <57324DD0.1000303@thorsheim.net>
Date: Tue, 10 May 2016 23:08:32 +0200
From: Per Thorsheim <per@...rsheim.net>
To: fulldisclosure@...lists.org
Subject: [FD] CFP: Passwords 2016, Ruhr-University Bochum, Germany, Dec 5-7

====================================================================
Call for Papers
The 11th International Conference on Passwords
PASSWORDS 2016

5-7 December 2016
Ruhr-University Bochum, Germany

https://passwords2016.rub.de/
====================================================================


The Passwords conference was launched in 2010 as a response to
the lack of robustness and usability of current personal
authentication practices and solutions. Annual participation has
doubled over the past three years. Since 2014, the conference
accepts peer-reviewed papers.


* IMPORTANT DATES *

Research papers and short papers:
- Title and abstract submission: 2016-07-04 (23:59 UTC-11)
- Paper submission: 2016-07-11 (23:59 UTC-11)
- Notification of acceptance: 2016-09-05
- Camera-ready from authors: 2016-09-19

Hacker Talks:
- Talk proposal submission: 2016-09-15 (23:59 UTC-11)
- Notification of acceptance: 2016-09-30


* CONFERENCE AIM *

More than half a billion user passwords have been compromised
over the last five years, including breaches at internet
companies such as Target, Adobe, Heartland, Forbes, LinkedIn,
Yahoo, and LivingSocial. Yet passwords, PIN codes, and similar
remain the most prevalent method of personal
authentication. Clearly, we have a systemic problem.

This conference gathers researchers, password crackers, and
enthusiastic experts from around the globe, aiming to better
understand the challenges surrounding the methods personal
authentication and passwords, and how to adequately solve these
problems. The Passwords conference series seek to provide a
friendly environment for participants with plenty opportunity to
communicate with the speakers before, during, and after their
presentations.

* SCOPE *

We seek original contributions that present attacks, analyses,
designs, applications, protocols, systems, practical experiences,
and theory. Submitted papers may include, but are not limited to,
the following topics, all related to passwords and
authentication:

- Technical challenges and issues:
- Cryptanalytic attacks
- Formal attack models
- Cryptographic protocols
- Dictionary attacks
- Digital forensics
- Online attacks/Rate-limiting
- Side-channel attacks
- Administrative challenges:
- Account lifecycle management
- User identification
- Password resets
- Cross-domain and multi-enterprise system access
- Hardware token administration
- Password "replacements":
- 2FA and multifactor authentication
- Risk-based authentication
- Password managers
- Costs and economy
- Biometrics
- Continous authentication
- FIDO - U2F
- Deployed systems:
- Best practice reports
- Incident reports/Lessons learned
- Human factors:
- Usability
- Design & UX
- Social Engineering
- Memorability
- Accessibility
- Pattern predictability
- Gestures and graphical patterns
- Psychology
- Statistics (languages, age, demographics...)
- Ethics


* INSTRUCTIONS FOR AUTHORS *

Papers must be submitted as PDF using the Springer LNCS format
for Latex. Abstract and title must be submitted one week ahead of
the paper deadline.

We seek submissions for review in the following three categories:

- Research Papers
- Short Papers
- "Hacker Talks" (talks without academic papers attached)

RESEARCH PAPERS should describe novel, previously unpublished
technical contributions within the scope of the call. The papers
will be subjected to double-blind peer review by the program
committee. Paper length is limited to 16 pages (LNCS format)
excluding references and well-marked appendices. The paper
submitted for review must be anonymous, hence author names,
affiliations, acknowledgements, or obvious references must be
temporarily edited out for the review process. The program
committee may reject non-anonymized papers without reading
them. The submitted paper (in PDF format) must follow the
template described by Springer at
http://www.springer.de/comp/lncs/authors.html.

SHORT PAPERS will also be subject to peer review, where the
emphasis will be put on work in progress, hacker achievements,
industrial experiences, and incidents explained, aiming at
novelty and promising directions. Short paper submissions should
not be more than 6 pages in standard LNCS format in total. A
short paper must be labeled by the subtitle "Short
Paper". Accepted short paper submissions may be included in the
conference proceedings. Short papers do not need to be
anonymous. The program committee may accept full research papers
as short papers.

HACKER TALKS are presentations without an academic paper
attached. They will typically explain new methods, techniques,
tools, systems, or services within the Passwords scope. Proposals
for Hacker Talks can be submitted by anybody ("hackers",
academics, students, enthusiasts, etc.) in any format, but
typically will include a brief (2-3 paragraphs) description of
the talk's content and the person presenting. They will be
evaluated by a separate subcommittee led by Per Thorsheim,
according to different criteria than those used for the refereed
papers.

At least one of the authors of each accepted paper must register
and present the paper at the conference. Papers without a full
registration will be withdrawn from the proceedings and from the
conference programme.

Papers that pass the peer review process and that are presented
at the conference will be included in the event proceedings,
published by Springer in the Lecture Notes in Computer
Science (LNCS) series.

Papers must be unpublished and not being considered elsewhere for
publication. Plagiarism and self-plagiarism will be treated as a
serious offense. Program committee members may submit papers but
program chairs may not. The time frame for each presentation
will be either 30 or 45 minutes, including Q&A. Publication will
be by streaming, video and web.

* ORGANIZERS *

- General chair: Per Thorsheim, God Praksis AS (N)
- Program co-chair and host: Markus Dürmuth, Ruhr-University Bochum (DE)
- Program co-chair: Frank Stajano, University of Cambridge (UK)


* PROGRAM COMMITTEE *

(to be announced)


* STEERING COMMITTEE *

- Per Thorsheim, God Praksis AS (N)
- Stig F. Mjolsnes, Norwegian University of Science and Technology (N)
- Frank Stajano, University of Cambridge (UK)


More and updated information can be found at the conference website
https://passwords2016.rub.de/

-- 
Per Thorsheim | Founder of PasswordsCon.org | @thorsheim

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ