[Cryptography] LANGSEC Workshop #3 deadline of Feb 3, 2016, comes soon

dan at geer.org dan at geer.org
Fri Jan 22 20:48:10 EST 2016 

In the spirit of Adi Shamir's

  "Cryptography is typically bypassed, not penetrated"

may I recommend this workshop to your consideration..

-----------------8<------------cut-here------------8<-----------------

http://spw16.langsec.org/

The Third Workshop on Language-Theoretic Security (LangSec) at the
IEEE CS Security & Privacy Workshops solicits contributions related
to the growing area of language-theoretic security.

LangSec's goal is to provide the strongest defense for connected
software and hardware, expressed as a practical design methodology
for handling hostile inputs. LangSec offers a coherent computer
science explanation for the current "epidemic of insecurity" and
imposes an easy-to-understand structure on the seemingly ad hoc
collection of software mistakes or design flaws. This explanation
is predicated on the connection between fundamental computability
principles and the continued recurrence of software flaws despite
numerous and diverse secure programming initiatives.

LangSec posits that the only path to trustworthy software that
safely handles untrusted inputs is treating all valid or expected
inputs as a formal language and treating the respective input-handling
routines as a recognizer for that language.

However, far from being an "Ivory Tower" theory, the LangSec approach
to systems design is primarily concerned with achieving practical
assurance: development that is rooted in fundamentally sound theory,
but is expressed in efficient and practical tools for building
software. One major objective of the workshop is to develop and
share this viewpoint with attendees and the broader systems security
community, to help establish a foundation for research based on
LangSec principles.

The overall goal of the workshop is to bring more clarity and focus
to two complementary areas: (1) practical software assurance and
(2) vulnerability analysis (identification, characterization, and
exploit development). The LangSec community views these activities
as related and highly structured engineering disciplines and seeks
to provide a forum to explore and develop this relationship.

Call for Papers is at http://spw16.langsec.org/cfp.pdf
Submission deadline is Feb 3, 2016

Program Committee:

Sergey Bratus (Dartmouth College)
Sofia Bekrar (VUPEN)
Jon Callas (Silent Circle)
Fabien Duchene (Grenoble INP, LIG Labs, IMAG)
Thomas Dullien (Google)
Dan Geer (In-Q-Tel)
David Grawrock (Intel)
Felix Lindner (Recurity Labs / Phenoelit)
Meredith L. Patterson (Nuance Communications / Upstanding Hackers, Inc.)
Erik Poll (Radboud University)
Sean W. Smith (Dartmouth College)
Gang Tan (Lehigh University)
Julien Vanegue (Bloomberg)
Samuel M. Weber (Software Engineering Institute, CMU)
Stefano Zanero (Politecnico di Milano University)

Organizing Committee:

Sergey Bratus (Dartmouth College)
Daniel 'TQ' Hirsch (P3KI GmbH)
Felix 'FX' Lindner, (Recurity Labs / Phenoelit)
Michael E. Locasto (University of Calgary)
Meredith L. Patterson (Nuance Communications / Upstanding Hackers, Inc.)
Anna Shubina (Dartmouth College)
Julien Vanegue (Bloomberg)

More information about the cryptography mailing list