Call for Papers and Talks
Security protocols are essential for safeguarding the digital communications and interactions that form the backbone of modern society. These protocols are increasingly under pressure from both classical vulnerabilities, such as implementation flaws, as well as emerging threats, such as posed by quantum computing. The migration to post-quantum cryptographic (PQC) algorithms is a complex process that will affect the design, implementation, and analysis of security protocols in the coming years.
The workshop on Secure Protocol Implementations in the Quantum Era (SPIQE) seeks contributed papers and talks that present case studies addressing the challenges of implementing traditional security protocols and how these can be used to build secure quantum-resistant solutions. As with classical protocols, many security vulnerabilities stem from implementation errors, exacerbated by the increasing complexity of protocol specifications. The introduction of post-quantum algorithms adds further complexity, raising new questions on how to implement and analyze these protocols securely and efficiently.
We invite submissions from both academia and industry that present cutting-edge research on security protocol implementations, particularly those that address the unique challenges of post-quantum migration. How can we ensure that the transition to PQC is both smooth and secure? How can we systematically analyze implementations, statically and dynamically, to mitigate the introduction of flaws during this transition? How can we ensure that specifications are precise, easily understandable, and capable of being correctly implemented, especially when considering the additional complexity introduced by PQC?
Relevant topics include (but are not limited to)
- Formal verification of code, including post-quantum cryptographic algorithms
- Security models and formal analysis for PQC-based protocols
- Post-quantum migration strategies for security protocols
- Software engineering approaches to transform classical protocol specifications into quantum-resistant implementations
- Automated techniques for identifying vulnerabilities in protocol implementations (e.g., fuzzing, testing, state learning, symbolic execution)
- LangSec approaches for improving the robustness of protocol specifications and implementations
- Model-based testing of classical and post-quantum protocol implementations
- Hybrid classical-post-quantum security protocol implementations and their analyses
- Large-scale analyses of post-quantum protocol deployments
- Post-quantum key management and PKIs
- Lessons learned from recent attacks on post-quantum implementations
- Standardization of post-quantum algorithms: current state and challenges
Program Committee
TBA