Important Dates
- Articles due to ScholarOne: 12 April 2024
- Publication date: November/December 2024
Security protocols underpin many of our digital activities, such as logging on to a Wi-Fi hotspot, accessing an HTTPS website, monitoring a home IoT network, and making electronic payments. A security protocol utilises cryptographic primitives and protocols as building blocks, but also includes users and computers connected through distributed networks where messages may be intercepted and modified.
Designing and deploying security protocols is a difficult task, with errors occurring at nearly every step of the software and hardware development lifecycle. Flaws are routinely found on well-known, peer-reviewed, and even standardized protocols. Implementations and deployments sometimes diverge from formally analyzed protocols, either through misunderstandings in the protocol itself, failures to replicate the necessary assumptions made in the analysis, or deviations made in the name of improved efficiency or performance. Usability issues sometimes block or impede the successful deployment of a protocol or yield otherwise negative effects for end users.
Over the past several decades, many security protocols have been proposed though not all have made it to production. What are the main considerations for a security protocol to be deployable in the real world? What are the useful lessons that we can learn from the practical deployments of those protocols? What can be done to improve the process by which security protocols are specified, analyzed, implemented, and eventually deployed?
This special issue is dedicated to real-world security protocols. Topics include but are not limited to:
- Case studies of real-world deployments of security protocols (e.g., SSL/TLS, SSH, Wi-Fi WPA, Bluetooth, EMV, e-voting, e-auction, privacy-enhancing technologies, and multi-party computation)
- Implementation challenges (e.g., side-channel attacks) and the common pitfalls
- Standardization of security protocols, the challenges and the lessons
- Human factors (e.g., usability) and their impact on the practical use of a security protocol
- Security proofs, the assurance, limitations and how the security proofs (and the underlying assumptions) stand up to the test in real-world applications
- Aspects of efficiency (e.g., rounds, computation, and bandwidth), their relevance to the real-world adoption of a protocol, and how over-optimization might cause failure
Submission Guidelines
For author information and submission criteria for full-papers, please visit the Author Information page. As stated there, full papers should be 4900 – 7200 words in length, with a maximum of 15 references. Please submit full papers through the ScholarOne system, and be sure to select the special-issue name. Manuscripts should not be published or currently submitted for publication elsewhere.
Questions?
Contact the guest editors at sp6-24@computer.org.
- Feng Hao, University of Warwick, UK
- Christopher Wood, Cloudflare, USA
