[crypto] past the submission deadline, but perhaps still of interest

R. Hirschfeld ray@unipay.nl
Thu, 19 May 2005 14:15:14 +0200 

------- Start of forwarded message -------
Date: Mon, 16 May 2005 12:06:13 -0400
From: Be Blackburn <be@theory.csail.mit.edu>
Subject: TIPPI workshop at Stanford Universityi

FIRST TIPPI WORKSHOP
Trustworthy Interfaces for Passwords and Personal Information

Sponsored by the PORTIA project

DATE:         MONDAY, JUNE 13th, 2005

LOCATION:     Stanford University
	      Gates Computer Science Building, Room B12 

ORGANIZERS:   Burt Kaliski, RSA Security 
	      Dan Boneh, Stanford University 

WEBSITE:         http://crypto.stanford.edu/TIPPI


WORKSHOP PURPOSE

Despite tremendous advances in computer technology in general and
information security in particular, users still typically provide
personal information and credentials such as passwords the same way
they did 30 years ago: through a text interface that they assume they
can trust. Today, that trust assumption clearly can no longer be
relied on.

Many security protocols have been proposed to protect credentials and
personal information, but few are used in practice. A major reason is
that the protocols have not been implemented in a way that ensures
that they are actually used. For instance, a rogue Web site can still
just ask the user for her password, regardless of how sophisticated a
protocol the correct site employs.

The purpose of the workshop is to facilitate an effective solution to
these problems by bringing together the designers of the cryptographic
protocols with the implementers of the user interfaces.

Ideally, a user should have confidence that when she provides a
password or other personal information, she can trust the interface
she interacts with to protect her data from misuse - even if an
attacker happens to be the one that asked her to provide it.

In short, our hope is that the workshop will motivate a trend where
trustworthy interfaces for passwords and personal information - TIPPI
- - are the typical ones in our industry.

Speakers

Current confirmed speakers include:

Todd Inskeep, Bank of America
      Roots of Trusted Interfaces and the User Experience.
 
Dave Jevans, Anti-Phishing Working Group
 
Ramesh Kesanupalli, Phoenix Technologies
      Solutions for Secure and Trustworthy Authentication.
 
Steve Myers, Indiana University
      Delayed Password Disclosure.

SUBMISSIONS: 

We welcome additional presentations, both long (30 minutes) and short
(10 minutes). If you would like to give a presentation, please send us
a proposed title and abstract by MAY 15. 

There will be no proceedings, but presentations and research papers
(if available) will be posted on the Web.

For more information, please contact Burt Kaliski
<bkaliski@rsasecurity.com> or Dan Boneh <dabo@cs.stanford.edu>.
------- End of forwarded message -------