Key Trends in Cryptography
Abstracts due to the guest editors: 15 March 2014
Final submissions due: 1 May 2014
Publication date: January/February 2015
Cryptography has advanced from an arcane craft to a mathematical discipline with established principles, widely-accepted standards, and daily use in Internet and many other computer applications. Yet its actual utility and future are clouded topics that hit at two widely separated poles: the limits of computation and the role of government.
Articles for this special issue of IEEE Security & Privacy magazine will cover recent research trends in cryptology and their implications for emerging computing techniques (such as cloud computing), collaboration between researchers and governments in defining cryptographic standards, how physics and mathematics shape and limit cryptology, and how cryptology implements privacy and security in an interconnected world. Potential articles for this issue might address:
- Is cryptology an ongoing research area? What are the remaining challenges that have not been solved by public key systems and the AES cipher?
- What new cryptographic methods are on the horizon? How could techniques such as homomorphic encryption affect computers and applications? What synergies do new methods have with emerging technologies such as cloud computing, digital commerce, tablets and cellphones, personal health and safety systems, etc.?
- What are the known or potential failures of cryptology? Are mathematical advances eroding the fundamental "hard problems" such as discrete logarithms or factoring? How can one be sure that a system employing cryptographic techniques is implemented securely? Is it better to use specialized hardware instead of software? Should cryptographic software be open source? How will advances in computing hardware, such as graphics processors, affect the use of cryptography?
- Is quantum key distribution a realistic method for day-to-day applications? Is quantum computing a serious threat to the strength of cryptography? Do quantum principles have wider application to cryptology? When are these technologies likely to move from research to proof-of-concept to widespread use?
- As more and more small devices contain general purpose computers and wireless communication, should they also employ cryptography? What physical constraints such as size, power demand, ruggedness or heat dissipation affect the ability to integrate cryptography in all devices? If device-based cryptography is readily available, will it be used? Will it be used appropriately?
- Is there such a thing as "user-friendly cryptography"? How much of the arcane side of cryptography can be shielded from the user without weakening its impact? Do users care whether they employ cryptography or at what strength? Do users worry about traffic interception by criminals, businesses, or governments?
- How and why does the U.S. government develop standards for cryptography? What standards are being developed now? How have the Snowden disclosures affected that process? Are there non-governmental approaches to developing these standards?
- What are the scientific and political limits to actual secrecy and privacy? Malware, man-the-middle attacks, hardware Trojans, collusion by businesses and governments – in this environment, what protection is available to end users?
Many readers of IEEE Security & Privacy magazine are not experts in advanced mathematics; this magazine is not an appropriate venue for detailed mathematical arguments. Our readers are interested in understanding cryptography and its application to and implications for modern computing. We welcome original work, such as research results, experience analyses, case studies, practices, and standards reports. Industry experiences, especially resulting from carefully-controlled empirical studies, are certainly of interest. Reports of failures, in research, development or use, can also serve as valuable learning experiences.
Authors are strongly encouraged to submit an abstract of a proposed paper by 15 March 2014 to the guest editors at firstname.lastname@example.org. Although submission of an abstract is not mandatory, doing so will help the guest editors to advise the authors whether a topic is appropriate for this special issue, make suggestions as to content, scope, style and tone before the paper is finalized, and facilitate the submission and reviewing process. It is always appropriate to contact the guest editors for guidance while writing a paper.
Complete articles should be a maximum of 6,000 words with at most 15 references. The content and style of articles should make them accessible to a broad audience of people interested in security, privacy and dependability. Articles should be submitted by 1 May 2014 to ScholarOne at https://mc.manuscriptcentral.com/cs-ieee. Submissions will be subject to the IEEE Computer Society's peer-review process, and all accepted articles will be edited according to the IEEE Computer Society style guide and practices.