posted by organizer: mjolsnes || 2906 views || tracked by 5 users: [display]

Passwords 2014 : The 7th International Conference on Passwords


When Dec 8, 2014 - Dec 10, 2014
Where Trondheim, Norway
Submission Deadline Oct 27, 2014
Notification Due Nov 10, 2014
Categories    personal authentication   access control   passwords   cryptography

Call For Papers


The 7th International Conference on Passwords
8-10 Dec 2014,
Trondheim, Norway

The Passwords conference was launched in 2010 as a response to the lack of robustness and
usability of current personal authentication practices and solutions. Annual participation has
doubled over the past three years.

Venue NTNU campus, Trondheim, Norway.

Conference Aim
The technical and practical problem addressed by the conference is illustrated by the fact that
more than half a billion user passwords have been compromised over the last five years,
including breaches at internet companies such as Adobe, Twitter, Forbes, LinkedIn, Yahoo,
and LivingSocial. Yet passwords, PIN codes, and similar remain the most prevalent method
of personal authentication. Clearly, we have a systemic problem.

Passwords is the singular conference gathering researchers, password crackers, and
enthusiastic experts from around the globe, aiming to better understand the challenges
surrounding the methods personal authentication and passwords, and how to adequately solve
these problems. The Passwords conference series seek to provide a friendly environment for
participants with plenty opportunity to communicate with the speakers before, during, and
after their presentations. (
This call for papers seeks original contributions that present attacks, analyses, designs,
applications, protocols, systems, practical experiences, and theory. Submitted papers may
include, but are not limited to, the following topics, all related to passwords and personal

Best practice reports
Costs and economy
Cryptanalytic attacks
Cryptographic formal attack models
Cryptographic protections
Cryptographic protocols
Dictionary attacks
Digital forensics
Gestures and graphical patterns
Guessing attacks
Hash functions
Human factors and behavior
Implementations and tests
Incident and attack reports
Key-stroke dynamics
Languages, letters and symbols
Management and authorization
Markov models
One-time passwords
Passphrase techniques
Password based encryption
Password based key derivation
Password based key exchange
Password protection
Password replacements
Passwords and biometrics
Performance and scalability
Physical traces and smudges
Rainbow tables and trade-offs
Reset and recovery procedures
Side-channel attacks
Single sign-on
Social engineering
Statistical patterns and analyses
Time-memory tradeoffs
Tokens and devices
Usability studies

We seek submissions for review in the following three categories:

(i) Research Papers (ii) Short papers (iii) Tutorials

Instructions for paper submission

Accepted papers presented at the workshop will be included in the event proceedings and
published by Springer in the Lecture Notes in Computer Science (LNCS) series. All
submission must be done at

Research Papers should describe novel, previously unpublished technical contributions
within the scope of the call. The papers will be in-depth reviewed and selected using a
double-blind review process by at least three members of the program committee. Paper
length is limited to 16 pages (LNCS format) excluding references and well-marked
appendices. The paper submitted for review must be anonymous, hence author names,
affiliations, acknowledgements, or obvious references must be temporarily edited out for the
review process. The submitted paper (PDF or PostScript format) must follow the template
described at ( by Springer.

Short Papers will also be subject to peer review, where the emphasis will be put on work in
progress, hackers achievements, industrial experiences, and incidents explained, aiming at
novelty and promising directions. Short paper submissions should not be more than 6 pages in
standard LNCS format in total. A short paper must be labeled by the subtitle "Short Paper."
Accepted short paper submissions may be included in the conference proceedings. Short
papers do not need to be anonymous. The program committee may accept full research
papers as short papers.

Tutorial proposals are expected to explain new methods, techniques, tools, systems, and
services within the Passwords scope. The time frame is one hour. Proposals can be submitted
in any format. Publication will be by streaming, video and web.

Important dates of submissions
Papers Submissions by October 27. Acceptance notification by November 10, 2014.
Tutorials Proposals by November 10, 2014.

Conference Organizing Chair
Per Thorsheim, God Praksis AS

Technical Papers Program Committee
Stig F. Mjolsnes, (chair) Norwegian University of Science and Technology (N)
Jean-Phillipe Aumasson, Kudelski Security (CH)
Markus Durmuth, Ruhr-University Bochum (D)
Jeremy Gosney, Stricture Consulting Group (USA)
Tor Helleseth, University of Bergen (N)
Audun Josang, University of Oslo (N)
Stefan Lucks, Bauhaus-University Weimar (D)
Markku-Juhani O. Saarinen, ERCIM Research Fellow at NTNU (N)
Frank Stajano, University of Cambridge (UK)
Kenneth White, Open Crypto Audit Project (USA)

Sponsor: FRISC, a research value network funded by the Norwegian Research Council.

Related Resources

CEVVE 2023   2023 International Conference on Electric Vehicle and Vehicle Engineering (CEVVE 2023)
BINLP 2023   3rd International Conference on Big Data, IOT & NLP
CHAINSCI 2023   ChainScience: Advances in Blockchain Science
CSEIJ 2023   Computer Science & Engineering: An International Journal
SI ETRACNS 2023   Special Issue on Emerging Trends and Recent Advances in Communication Networks Security
SP2I 2023   The 3rd International Workshop on Security and Privacy in Intelligent Infrastructures
IWSEC 2023   International Workshop on Security
WIFS 2023   IEEE International Workshop on Information Forensics and Security
ML4CS 2023   5th International Conference on Machine Learning for Cyber Security
SECPID 2023   5th Workshop on Security, Privacy, and Identity Management in the Cloud