Workshop on Security Protocol Implementations: Development and Analysis (SPIDA)
    23 April 2018
   London, United Kingdom
Welcome

Welcome

Welcome to the home page of the workshop on Security Protocol Implementations: Development and Analysis (SPIDA). It will be held in London (United Kingdom), 23 April, 2018. The workshop will be organized in conjunction with IEEE EuroS&P 2018.

News

Important Dates

  • Abstract submission deadline: January 8, 2018
  • Paper submission deadline: January 12, 2018
  • Notification: February 5, 2018
  • Camera-ready submission: February 23, 2018
  • Workshop: April 23, 2018

About

Security protocols (such as TLS for internet, WPA2 for WiFi, GSM for mobile telephony, to mention just some of the broadly used ones) play a crucial role in protecting the digital communications and interactions we rely on in our modern society. The security of such protocols can break because of fundamental, inherent flaws, but the bulk of the security flaws are due to implementation flaws. The complexity and unclarity of typical protocol specifications makes it more likely to introduce such flaws and makes it harder to spot them. SPIDA seeks novel contributions and case studies that address the challenges when implementing security protocols. How can implementations be analysed, statically or dynamically, in a systematic way? How can we make sure that the specifications are precise, but still easy to understand and implement correctly? And how to assure implementations faithfully follow such specifications?

The workshop seeks submissions from academia and industry presenting novel research results to tackle this issue. Relevant topics include, but are not limited to:

  • Formal verification of code
  • Software engineering approaches to go from specifications to implementations
  • Protocol reverse engineering
  • LangSec approaches to security protocols
  • Fuzzing techniques, e.g. evolutionary or white-box fuzzing
  • State machine inference
  • Symbolic execution
  • Model-based testing of protocol implementations
  • Methods and languages to write rigorous protocol specifications

Organized by

The workshop is jointly organized by Mathy Vanhoef from the iMinds-DistriNet group, KU Leuven (Belgium) and Joeri de Ruiter from the Digital Security group, Radboud University (The Netherlands).