The program for SSR 2023 is as follows. See the Eurocrypt 2023 Affiliated Events page for venue information; SSR 2023 is held in room E.

The conference proceedings of SSR 2023 are published in the Springer LNCS series and available online (free online access during the conference from the link on this page).

Saturday, April 22

Title Session chairs / Authors
09:00–09:15 Welcome PC Chairs: Felix Günther, Julia Hesse
09:15–10:15 Paper session 1: Post-quantum Protocols Chair: Joseph Jaeger
Quantum-resistant MACsec and IPsec for Virtual Private Networks Stefan-Lukas Gazdag, Sophia Grundner-Culeman, Tobias Heider, Daniel Herzinger, Felix Schärtl, Joo Yeon Cho, Tobias Guggemos, and Daniel Loebenberger
genua GmbH, Ludwig-Maximilians-Universität Munich, –, genua GmbH, Fraunhofer Institut AISEC, ADVA Optical Networking, Ludwig-Maximilans-Universität Munich and University of Vienna, and Fraunhofer Institut AISEC
Post-Quantum Security for the Extended Access Control Protocol Marc Fischlin, Jonas von der Heyden, Marian Margraf, Frank Morgner, Andreas Wallner, and Holger Bock
Technische Universität Darmstadt, Bergische Universität Wuppertal, Fraunhofer AISEC, Bundesdruckerei GmbH, Infineon Technologies, and Infineon Technologies
10:15–10:45 Coffee break
10:45-12:00 Invited talk: Nadia Heninger (UC San Diego) Chair: Julia Hesse
A collection of historical vulnerabilities in cryptographic standards
12:00–14:00 Lunch break
14:00–15:00 Joint session with STAP'23 (@ Salle des Thèses)
Presentation by Luís Brandão (NIST/Strativia): Tackling advanced cryptography … toward standards?
Open discussion with the room on related topics
15:00–15:30 Coffee break
15:30–16:00 Paper Session 2: Key Encapsulation Mechanisms Chair: Marc Fischlin
A study of KEM generalizations Bertram Poettering and Simon Rastikian
IBM Research Europe - Zurich
16:00–17:00 Paper session 3: Vision & Extended Discussion Chair: Felix Günther
Vision Paper: Do we need to change some things? Open questions posed by the upcoming post-quantum migration to existing standards and deployments Panos Kampanakis and Tancrède Lepoint
Amazon Web Services

Sunday, April 23

Title Session chairs / Authors
09:00–10:15 Invited talk: Juraj Somorovsky (Paderborn University) Chair: Felix Günther
Lessons learned from the recent TLS attacks
10:15–10:45 Coffee break
10:45–11:45 Paper session 4: IoT and Anonymous Credentials Chair: Markulf Kohlweiss
On Reducing Underutilization of Security Standards by Deriving Actionable Rules: An Application to IoT Md Wasiuddin Pathan Shuvo, Md Nazmul Hoq, Suryadipta Majumdar, and Paria Shirani
Concordia University, Concordia University, Concordia University, and University of Ottawa
SoK: Anonymous Credentials Saqib A. Kakvi, Keith M. Martin, Colin Putman, and Elisabeth A. Quaglia
Royal Holloway University of London
12:00–14:00 Lunch break
14:00–15:15 Invited talk: Christopher Wood (Cloudflare Research) Chair: Julia Hesse
Advancing Science and Software through Specifications
15:15-15:45 Coffee break
16:00–17:00 Panel: How to better integrate research and standardization processes? Chair: Julia Hesse
with Joppe Bos (NXP), Luís Brandão (NIST/Strativia), Nadia Henninger (UC San Diego), Christopher Wood (Cloudflare Research)

Panel Take-Aways

The panel on Sunday led to a lively discussion. Here is a summary of the main take-aways from that discussion.

Q: Should we still standardize non–quantum-safe protocols?

The panelists all agree that it is still viable to standardize non-quantum-safe cryptographic protocols. However, several further remarks were made on this.

It was pointed out that approaches like GREASE can help to ensure protocols are post-quantum ready, e.g., testing with large, variable-length key and ciphertext fields.

Q: Competition (NIST) vs. community effort (IETF/IRTF) – What are the benefits of these different standardization bodies, and what are the drawbacks?

There is actually no clear separation between the NIST and IETF approaches. Competitions are also a community effort, and sometimes NIST and IETF interact (e.g., EdDSA, some AEAD modes). From the panelists’ experience, industry cares for government standards, but not for IETF ones. One benefit of the IETF is that it enables people from different companies to work together because they have to leave their IPR at the doorstep.

Q: How to incentivize research on ongoing standardization vs. attacking existing standards?

The clear and not very surprising reply was: money. Indeed, companies interested in shipping based on a to-be-standard might ask academics to do security analysis for money. Another remark is that dedicated workshops, like NIST’s or those on TLS 1.3 or QUIC, help to raise more interest in investing research on ongoing standardization efforts, in particular if they publish the results in the form of proceedings.

Q: Quo vadis SSR: Where to co-locate in the future? Crypto, Security?

From past editions, co-location with larger conferences has proven very effective. Alternating between crypto and security conferences may benefit attracting different audiences. One recommendation was to strengthen the links to standards bodies by considering to co-locate with an IETF meeting. Further, Real World Crypto was mentioned as an attractive event to co-locate with. The panelists also suggested welcoming negative results in the Call for Papers, or “uninteresting” ones that confirm that a standard works as expected, i.e., without finding any interesting attack on it.