CALL FOR PAPERS AND TUTORIALS PASSWORDS'14 passwordscon.org The 7th International Conference on Passwords 8-10 December 2014 Trondheim,Norway The Passwords conference was launched in 2010 as a response to the lack of robustness and usability of current personal authentication practices and solutions. Annual participation has doubled over the past three years. Venue: NTNU campus, Trondheim, Norway. Conference Aim The technical and practical problem addressed by the conference is illustrated by the fact that more than half a billion user passwords have been compromised over the last five years, including breaches at internet companies such as Adobe, Twitter, Forbes, LinkedIn, Yahoo, and LivingSocial. Yet passwords, PIN codes, and similar remain the most prevalent method of personal authentication. Clearly, we have a systemic problem. Passwords is the singular conference gathering researchers, password crackers, and enthusiastic experts from around the globe, aiming to better understand the challenges surrounding the methods personal authentication and passwords, and how to adequately solve these problems. The Passwords conference series seek to provide a friendly environment for participants with plenty opportunity to communicate with the speakers before, during, and after their presentations. (https://passwordscon.org/) Scope This call for papers seeks original contributions that present attacks, analyses, designs, applications, protocols, systems, practical experiences, and theory. Submitted papers may include, but are not limited to, the following topics, all related to passwords and personal authentication: Best practice reports Costs and economy Cryptanalytic attacks Cryptographic formal attack models Cryptographic protections Cryptographic protocols Dictionary attacks Digital forensics Gestures and graphical patterns Guessing attacks Hash functions Human factors and behavior Implementations and tests Incident and attack reports Key-stroke dynamics Languages, letters and symbols Management and authorization Markov models Memorability One-time passwords Passphrase techniques Password based encryption Password based key derivation Password based key exchange Password protection Password replacements Passwords and biometrics Performance and scalability Physical traces and smudges Rainbow tables and trade-offs Reset and recovery procedures Side-channel attacks Single sign-on Social engineering Statistical patterns and analyses Time-memory tradeoffs Tokens and devices Usability studies We seek submissions for review in the following three categories: (i) Research Papers (ii) Short papers (iii) Tutorials Instructions for paper submission Accepted papers presented at the workshop will be included in the event proceedings and published by Springer in the Lecture Notes in Computer Science (LNCS) series. All submission must be done at https://easychair.org/conferences/?conf=passwords14 Research Papers should describe novel, previously unpublished technical contributions within the scope of the call. The papers will be in-depth reviewed and selected using a double-blind review process by at least three members of the program committee. Paper length is limited to 16 pages (LNCS format) excluding references and well-marked appendices. The paper submitted for review must be anonymous, hence author names, affiliations, acknowledgements, or obvious references must be temporarily edited out for the review process. The submitted paper (PDF or PostScript format) must follow the template described by Springer at http://www.springer.de/comp/lncs/authors.html. Short Papers will also be subject to peer review, where the emphasis will be put on work in progress, hackers achievements, industrial experiences, and incidents explained, aiming at novelty and promising directions. Short paper submissions should not be more than 6 pages in standard LNCS format in total. A short paper must be labeled by the subtitle "Short Paper." Accepted short paper submissions may be included in the conference proceedings. Short papers do not need to be anonymous. The program committee may accept full research papers as short papers. Tutorial proposals are expected to explain new methods, techniques, tools, systems, and services within the Passwords scope. The time frame is one hour. Proposals can be submitted in any format. Publication will be by streaming, video and web. Important dates Papers: Submissions by October 27. Acceptance notification: November 10, 2014. Tutorials: Proposals by November 10, 2014. Conference Organizing Chair Per Thorsheim, God Praksis AS Technical Papers Program Committee Stig F. Mjolsnes, (chair) Norwegian University of Science and Technology (N) Jean-Phillipe Aumasson, Kudelski Security (CH) Markus Durmuth, Ruhr-University Bochum (D) Jeremy Gosney, Stricture Consulting Group (USA) Tor Helleseth, University of Bergen (N) Audun Josang, University of Oslo (N) Stefan Lucks, Bauhaus-University Weimar (D) Markku-Juhani O. Saarinen, ERCIM Research Fellow at NTNU (N) Frank Stajano, University of Cambridge (UK) Kenneth White, Open Crypto Audit Project (USA) Sponsor FRISC, a research value network funded by the Norwegian Research Council. (www.frisc.no)