Security protocols are essential for safeguarding the digital communications and interactions that form the backbone of modern society. These protocols are increasingly under pressure from both classical vulnerabilities, such as implementation flaws, as well as emerging threats, such as posed by quantum computing. The migration to post-quantum cryptographic (PQC) algorithms is a complex process that will affect the design, implementation, and analysis of security protocols in the coming years.

The workshop on Secure Protocol Implementations in the Quantum Era (SPIQE) seeks contributed papers and talks that present case studies addressing the challenges of implementing traditional security protocols and how these can be used to build secure quantum-resistant solutions. As with classical protocols, many security vulnerabilities stem from implementation errors, exacerbated by the increasing complexity of protocol specifications. The introduction of post-quantum algorithms adds further complexity, raising new questions on how to implement and analyze these protocols securely and efficiently.

We invite submissions from both academia and industry that present cutting-edge research on security protocol implementations, particularly those that address the unique challenges of post-quantum migration. How can we ensure that the transition to PQC is both smooth and secure? How can we systematically analyze implementations, statically and dynamically, to mitigate the introduction of flaws during this transition? How can we ensure that specifications are precise, easily understandable, and capable of being correctly implemented, especially when considering the additional complexity introduced by PQC?

• Formal verification of code, including post-quantum cryptographic algorithms
• Security models and formal analysis for PQC-based protocols
• Post-quantum migration strategies for security protocols
• Software engineering approaches to transform classical protocol specifications into quantum-resistant implementations
• Automated techniques for identifying vulnerabilities in protocol implementations (e.g., fuzzing, testing, state learning, symbolic execution)
• LangSec approaches for improving the robustness of protocol specifications and implementations
• Model-based testing of classical and post-quantum protocol implementations
• Hybrid classical-post-quantum security protocol implementations and their analyses
• Large-scale analyses of post-quantum protocol deployments
• Post-quantum key management and PKIs
• Lessons learned from recent attacks on post-quantum implementations
• Standardization of post-quantum algorithms: current state and challenges

Authors are invited to submit papers using EasyChair: https://easychair.org/cfp/SPIQE-2025

Submitted papers must be written in English and be anonymous (with no author names, affiliations, acknowledgments, or obvious references), as we follow the double-blinded review process. All submissions must follow the original LNCS format with a page limit of 18 pages, excluding references and possible appendices and a total page limit of 24 pages. Papers must be submitted electronically in PDF format. They must be original and not simultaneously submitted to another journal, conference, or workshop. Accepted papers will appear in Springer’s LNCS series. Every accepted paper must have at least one author registered for the workshop.

Proposals for talks should conform to the submission format, as described above. They are not required to be full-length research papers, and they must be non-anonymous. They should present the key themes of the talk for the reviewers to assess its potential impact and quality. Talks will be judged on this basis, competitively with paper submissions, to select high-quality and/or high-impact talks and papers. Talk proposals should be clearly marked as such by having their title begin with "Talk Proposal:".

• Workshop paper submission deadline: March 23, 2025 (AoE)
• Workshop paper notification: April 23, 2025
• Camera-ready papers for pre-proceedings: May 12, 2025 (hard deadline)
• Workshop date: June 24, 2025

• Marcus Brinkmann (Ruhr University Bochum)
• Sofía Celi (Brave)
• Chitchanok Chuengsatiansup (Univesity of Klagenfurt)
• Tibor Jager (University of Wuppertal)
• Franziskus Kiefer (Cryspen)
• Yong Li (Huawei)
• Robert Merget (Technology Innovation Institute Abu Dhabi)
• Johannes Mittmann (Federal Office for Information Security, Germany)
• Thyla van der Merwe (Google)
• Kenneth G. Paterson (ETH Zürich)
• Jörg Schwenk (Ruhr University Bochum)
• Juraj Somorovsky (Paderborn University)
• Douglas Stebila (University of Waterloo)
• Filippo Valsorda (https://filippo.io)