The Program
MONDAY, December 8, Auditorium R2
08:30 -- Registration at entrance
09:00 - 09:10 Welcome Per Thorsheim & Stig F. Mjølsnes
09:10 - 10:00 Keynote
- Marc Heuse Online Password Attacks
10:00 - 10:30 BREAK
10:30 - 12:00 Session 1 ATTACKS (short tutorials)
Session Chair: Per Thorsheim
- Jens Steube Introducing the PRINCE attack-mode
- Peter Hansteen Distributed, Stealthy Brute Force Password Guessing Attempts - Slicing and Dicing Data from Recent Incidents
- Sebastien Raveau Crypto vs Physical Access
12:00 - 13:00 LUNCH
13:00 - 15:00 Session 2 USABILITY
Session Chair: Stig F. Mjølsnes
- Simon Josefsson Universal 2nd Factor Authentication
- Frank Stajano, Max Spencer, and Graeme Jenkinson Password-manager friendly (PMF): Semantic annotations to improve the effectiveness of password managers
- Kemal Bicakci and Tashtanbek Satiev charPattern: Rethinking Android Lock Pattern to Adapt to Remote Authentication
15:00 - 15:30 BREAK
15:30 - 17:00 Session 3 ALTERNATIVES
Session Chair: Peter Hansteen
- Christine Ziske and Ulf Ziske FabulaRosa and the Five New Protocols
- Elaine Wooton Behavioral Biometrics as a Mechanism for Delaying the Obsolescence of Traditional Passwords
18:00 - 20:00 Pizza and social chats & fun! (KJELHUSET)
TUESDAY, December 9, Auditorium R2
08:30 -- Registration at entrance
09:00 - 10:00 Keynote
- Benjamin Delpy mimikatz, or how to push Microsoft to change some little stuff
10:00 - 10:30 BREAK
10:30 - 12:00 Session 4 PATTERNS
Session Chair: Per Thorsheim
- Norbert Tihanyi, Attila Kovács, Gergely Vargha and Adam Lenart Unrevealed patterns in password databases: analyses of cleartext passwords
- David Jaeger, Hendrik Graupner, Andrey Sapegin, Feng Cheng and Christoph Meinel Gathering and Analyzing Identity Leaks for Security Awareness
- Harshal Tupsamudre, Vijayanand Banahatti and Sachin Lodha Passwords - Divided they Stand, United they Fall
12:00 - 13:00 LUNCH
13:00 - 15:00 Session 5 HASH FUNCTIONS
Session Chair: Stig F. Mjølsnes
- Alec Muffett Facebook: Password Hashing & Authentication
- Jakob Wenzel, Christian Forler, Eik List and Stefan Lucks Overview of the Candidates for the Password Hashing Competition - And their Resistance against Garbage-Collector Attacks
- Donghoon Chang, Arpan Jati, Sweta Mishra and Somitra Sanadhya Cryptographic module based approach for password hashing schemes
- Markus Dürmuth and Thorsten Kranz On Password Guessing with GPUs and FPGAs
15:00 - 15:30 BREAK
15:30 - 17:00 Session 6 NEW TECHNIQUES
Session Chair: Colin Boyd
- Huiping Sun, Shuaiying Guo, Ke Wang, Nan Qin and Zhong Chen SlidePIN: Slide-Based PIN Entry Mechanism on a Smartphone
- Amrit Kumar and Cedric Lauradoux Private Password Auditing (short paper)
- Jonathan Millican and Frank Stajano SAVVIcode: Preventing Mafia Attacks on Visual Code Authentication Schemes (short paper)
18:00 - 21:00 RUMP SESSION talks, pizza & fun! (KJELHUSET)
- Donghoon Chang, Arpan Jati, Sweta Mishra and Somitra Kumar Sanadhya Time Memory Tradeoff Analysis of Graphs in Password Hashing Constructions
- Alec Muffett Crack - A Sensible Password Checker for Unix
- Jeunese Payne Password psychology & an update on PICO
- Marte Løge Work in progress: Will who you are reveal your lock pattern?
- Sebastien Raveau Making of the WIKI wordlist - 2014 edition
- Per Thorsheim 3 suggestions for improving password security
- Stig Mjølsnes Acoustic Cryptanalysis
sign up...
Wednesday, December 10, Auditorium R2
09:00 - 10:00 Session 7 ANALYSES
Session Chair: Mark Spencer
- Dominique Bongard WPS Insecurity
- Mats Sandvoll, Colin Boyd and Bjørn Larsen PassCue: Evaluating the Shared Cues system
10:00 - 10:20 BREAK
10:20 - 11:20
Closing Keynote
- Sigbjørn Hervik The Big Perspective!
11:20 Closing Messsage
11:30 - 12:30 LUNCH