Twenty-sixth International Workshop on Security Protocols

Cambridge, England — 19-21 March 2018

Programme

Monday, 19 March

Afternoon Warmup - failures and attacks
“Raven Authentication Service: Attacks and Countermeasures” Graham Rymer and David Llewellyn-Jones
“Your code is my code: Exploiting a common weakness in OAuth 2.0 implementations” Wanpeng Li, Chris Mitchell and Thomas Chen
“Non-Monotonic Security Protocols and Failures in Financial Intermediation” Fabio Massacci, Nam Ngo, Daniele Venturi and Julian Williams
New protocols
“HoneyPAKEs” José Becerra, Peter Roenne, P. Y. A. Ryan, Petra Sala and Marjan Skrobot
“Entropy crowdsourcing -- protocols for link key updates in wireless sensor networks” Lukas Nemec, Radim Ostadal, Vashek Matyas and Petr Svenda

Tuesday, 20 March

Morning Threat models & incentives (part 1)
“Daemones non Operantur Nisi per Artem - Daemons do not Operate Save through Trickery: Human Tailored Threat Models for Formal Verification of Fail-Safe Security Ceremonies” Taciane Martimiano and Jean Everson Martina
“Intentionality and agency in security” Kat Krol, David Llewellyn-Jones, Seb Aebischer, Claudio Dettoni and Frank Stajano
“Incentives in Security Protocols” Sarah Azouvi, Alexander Hicks and Steven Murdoch
“Too Big to FAIL: What You Need to Know Before Attacking a Machine Learning System” Tudor Dumitras, Yigitcan Kaya, Radu Marginean and Octavian Suciu
Afternoon Threat models & incentives (part 2)
“What does match-fixing inform computer game security?” Jeff Yan
“From Secure Messaging to Secure Collaboration” Martin Kleppmann, Stephan A. Kollmann, Diana A. Vasile and Alastair R. Beresford
“Necessary Conditions for Root of Trust Establishment ” Virgil Gligor and Maverick Woo
“User Authentication for the Internet of Things” Frank Stajano and Mark Lomas

Wednesday, 21 March

Morning Cryptomoney
“Why Preventing a Cryptocurrency Exchange Heist Isn't Good Enough” Patrick McCorry, Malte Moeser and Syed Taha Ali
“Making Bitcoin Legal” Ross Anderson, Mansoor Ahmed and Ilia Shumailov
Crypto dissent
“On the incommensurability of laws and technical mechanisms: Lessons for encryption and surveillance” Joan Feigenbaum and Daniel J. Weitzner
“Shatter Secrets: Using Secret Sharing to Cross Borders with Encrypted Devices” Erinn Atwater and Ian Goldberg