Financial Cryptography and Data Security (FC 2011)
Bay Gardens Beach Resort, St. Lucia
February 28 — March 4, 2011
Financial Cryptography and Data Security is a major international forum for research, advanced development, education, exploration, and debate regarding information assurance, with a specific focus on commercial contexts. The conference covers all aspects of securing transactions and systems.
NB: Discounted hotel rate is available only until December 30, 2010
Topics include:
Anonymity and Privacy, Auctions and Audits, Authentication and Identification, Backup Authentication, Biometrics, Certification and Authorization, Cloud Computing Security, Commercial Cryptographic Applications, Transactions and Contracts, Data Outsourcing Security, Digital Cash and Payment Systems, Digital Incentive and Loyalty Systems, Digital Rights Management, Fraud Detection, Game Theoretic Approaches to Security, Identity Theft, Spam, Phishing and Social Engineering, Infrastructure Design, Legal and Regulatory Issues, Management and Operations, Microfinance and Micropayments, Mobile Internet Device Security, Monitoring, Reputation Systems, RFID-Based and Contactless Payment Systems, Risk Assessment and Management, Secure Banking and Financial Web Services, Securing Emerging Computational Paradigms, Security and Risk Perceptions and Judgments, Security Economics, Smartcards, Secure Tokens and Hardware, Trust Management, Underground-Market Economics, Usability, Virtual Economies, Voting Systems
Important Dates
Hotel room reduced rate cut-off: December 30, 2010
Reduced registration rate cut-off: January 21, 2011
Please send any questions to fc11general@ifca.ai
Invited Talks
Markus Jakobsson (PayPal)
Why Mobile Security is not Like Traditional Security
Keynote TBC
Program
Rainer Boehme and Stefanie Poetzsch
Collective Exposure: Peer Effects in Voluntary Disclosure of Personal Data
Nicolas Christin, Serge Egelman, Timothy Vidas and Jens Grossklags
It’s All About The Benjamins: Incentivizing users to ignore security advice
Julien Freudiger, Reza Shokri and Hubaux Jean-Pierre
Evaluating the Privacy Risk of Location-Based Services
Jeremy Clark and Urs Hengartner
Selections: An Internet Voting System with Over-the-Shoulder Coercion-Resistance
Benedikt Westermann and Dogan Kesdogan
Malice versus AN.ON: Possible Risks of Missing Replay and Integrity Protection
Guomin Yang, Shanshan Duan, Duncan Wong, Chik-How Tan and Huaxiong Wang
Authenticated Key Exchange under Bad Randomness
Martin Franz, Bogdan Carbunar, Radu Sion, Stefan Katzenbeisser, Miroslava Sotakova, Peter Williams and Andreas Peter
Oblivious Outsourced Storage with Delegation
Rob Johnson, Leif Walsh and Michael Lamb
Homomorphic Signatures for Digital Photographs
Femi Olumofin and Ian Goldberg
Revisiting the Computational Practicality of Private Information Retrieval
Ulrich Rührmair, Christian Jaeger and Michael Algasinger
An Attack on PUF-based Session Key Exchange and a Hardware-based Countermeasure
Henryk Plötz and Karsten Nohl
Peeling Away Layers of an RFID Security System
Ross Anderson, Omar Choudary and Steven Murdoch
Might Financial Cryptography Kill Financial Innovation? — The Curious Case of EMV
Shujun Li, Ahmad-Reza Sadeghi, Soeren Heisrath, Roland Schmitz and Junaid Jameel Ahmad
hPIN/hTAN: A Lightweight and Low-Cost e-Banking Solution against Untrusted Computers
Theodoor Scholte, Davide Balzarotti and Engin Kirda
Quo Vadis? A Study of the Evolution of Input Validation Vulnerabilities in Web Applications
Pern Hui Chia and Svein Knapskog
Re-Evaluating the Wisdom of Crowds in Assessing Web Security
Mohammad Mannan, David Barrera, Carson Brown, David Lie and Paul Van Oorschot
Recovering Forgotten Passwords Using Personal Devices
Short Papers
Jay Novak, Jonathan Stribley, Kenneth Meagher, Scott Wolchok and Alex Halderman
Absolute Pwnage: Security Risks of Remote Administration Tools
Ben Palmer, kris bubendorfer and Ian Welch
A Protocol for Anonymously Establishing Digital Provenance in Reseller Chains
Philip Marquardt, David Dagon and Patrick Traynor
Impeding Individual User Profiling in Shopper Loyalty Programs
Debin Liu, Ninghui Li, XiaoFeng Wang and L. Jean Camp
Beyond Risk-Based Access Control: Towards Incentive-Based Access Control
Mohammed Tuhin and Reihaneh Safavi-Naini
Optimal One Round Almost Perfectly Secure Message Transmission
Oliver Spycher, Reto König, Rolf Haenni and Michael Schläpfer
A New Approach Towards Coercion-Resistant Remote E-Voting in Linear Time
Christopher Soghoian and Sid Stamm
Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL
Kirill Levchenko and Damon McCoy
Proximax: Fighting Censorship With an Adaptive System for Distribution of Open Proxies
Peter Lofgren and Nicholas Hopper
BNymble: More anonymous blacklisting at almost no cost
Martin Franz, Stefan Katzenbeisser, Bjoern Deiseroth, Kay Hamacher, Somesh Jha and Heike Schroeder
Towards Secure Bioinformatics Services
Workshops
FC11 is held in conjunction with the following workshops, all to be held on March 4 2011:
Workshop on Ethics in Computer Security Research
Computer security often leads to discovering interesting new problems and challenges. The challenge still remains to follow a path acceptable for Institutional Review Boards at academic institutions, as well as compatible with ethical guidelines for professional societies or government institutions.
The Future of User Authentication and Authorization on the Web
The web is essential for business and personal activities well beyond information retrieval, such online banking, financial transactions, and payment authorization, but reliable user authentication remains a challenge. The one-day workshop will explore important questions in this area.
Real-Life Cryptographic Protocols and Standardization
The purpose of this workshop is to study the design criteria of real-life cryptographic protocols, how one prioritized the requirements and limitations, and how one modeled real life entities. This workshop also aims to stimulate discussions on standardizing cryptographic protocols to proliferate their use.
Social Program
In addition to the technical sessions, the program includes a rum-punch reception, beach BBQ, half-day excursions, and rump session.
Organizers
General Chair: Steven Murdoch, University of Cambridge, UK
Local Arrangements Chair: Fabian Monrose, University of North Carolina Chapel
Hill, US
Program Committee
Program Chair: George Danezis, Microsoft Research, UK
Ross Anderson, University of Cambridge, UK
Tuomas Aura, Helsinki University of Technology, FI
Lucas Ballard, Google, US
Adam Barth, UC Berkeley, US
Elisa Bertino, Purdue University, US
Kevin Butler, University of Oregon, US
Srdjan Capkun, ETH Zurich, CH
Veronique Cortier, CNRS / LORIA, FR
Ernesto Damiani, University of Milan, IT
Claudia Diaz, K.U.Leuven, BE
Roger Dingledine, The Tor Project, US
Orr Dunkelman, Weizmann Institute of Science, IL
Simone Fisher-Hubner, Karlstad University, SE
Craig Gentry, IBM T.J.Watson Research Center, US
Dieter Gollmann, Technische Universitat Harburg, DE
Rachel Greenstadt, Drexel University, US
Jean-Pierre Hubaux, Ecole Polytechnique Federale de Lausanne, CH
Markus Jakobsson, Indiana University, US
Jaeyeon Jung, Intel Research, US
Stefan Katzenbeisser, Technische Universitat Darmstadt, DE
Angelos Keromytis, Columbia University, US
Arjen Lenstra, Ecole Polytechnique Federale de Lausanne, CH
Helger Lipmaa, Cybernetica AS, EE
Evangelos Markatos, FORTH, GR
David Molnar, Microsoft Research, US
Tyler Moore, Harvard University, US
David Naccache, Ecole normale superieure, FR
Thomas Ristenpart, University of Wisconsin, US
Peter Ryan, Universite du Luxembourg, LU
Ahmad-Reza Sadeghi, Ruhr-University Bochum, DE
Rei Safavi-Naini, University of Calgary, CA
Nigel Smart, University of Bristol, UK
Jessica Staddon, Google, US
Angelos Stavrou, George Mason University, US
Paul Syverson, Naval Research Laboratory, US
Nicholas Weaver, International Computer Science Institute, US
Moti Yung, Google, US
The Financial Cryptography and Data Security Conference is organized by The International Financial Cryptography Association (IFCA).