Financial Cryptography and Data Security 2008
  Twelfth International Conference
  28-31 January 2008
  El Cozumeleno Beach Resort, Cozumel, Mexico

Important Dates 
Submission: 10 October 
Posters: 20 November 
Panels: 13 November 
Notification: 28 November 
Conference: 28 January 

Silver Sponsors 



Bronze Sponsors 





Sponsors in Kind 




Radu Sion

Preliminary Program

Sunday (1/27)
16:00 - 18:00 Registration / Welcome (and during all breaks)

Monday (1/28)
09:00 - 09:15 Registration (and during all breaks)
09:15 - 09:30 Welcome and Opening Remarks
09:30 - 10:30 Invited Talk: Paul C. Van Oorschot (Carleton University)
Security and Usability for Ordinary Internet Citizens
Is the Internet ready for prime time, in the sense of being suitable for people using applications requiring security and/or protection of privacy? We review progress over the past few years in selected areas of usable security, with a particular focus on "everyday" people. Applications and tools on our tour include online banking, anonymous browsing, CAPTCHAs, password managers and graphical passwords.


Paul Van Oorschot (Ph.D., Waterloo, 1988) is a Professor in the School of Computer Science at Carleton University (Ottawa), Canada Research Chair in Network and Software Security, and founding director of Carleton.s Digital Security Group. He has worked in research and development in applied cryptography and network security at Bell-Northern Research (Ottawa), at Entrust Inc. (Ottawa) as VP and Chief Scientist, and as Chief Scientist at Cloakware Corp. (Ottawa). He serves regularly on international conference program committees in security and cryptography, and is co-author of the standard reference Handbook of Applied Cryptography. His current research interests include authentication, application security, software protection, network security, and security infrastructures.
10:30 - 11:00 Coffee Break
11:00 - 12:30 Research Session 1: Attacks and Counter Measures I
"Quantifying Resistance to the Sybil Attack", N. Boris Margolin, Brian Levine (UMass Amherst)

"Evaluating the Wisdom of Crowds in Assessing Phishing Websites", Tyler Moore, Richard Clayton (University of Cambridge)

"Don't clog the queue! Circuit clogging and mitigation in P2P anonymity schemes", Jon McLachlan, Nicholas Hopper (University of Minnesota)
12:30 - 14:00 Lunch
14:00 - 15:15 Research Session 2: Protocols
"SHORT PAPER: An Efficient Fully Deniable Key Exchange Protocol", Shaoquan Jiang, Rei Safavi-Naini (University of Calgary) (slides)

"Revisiting pairing based group key exchange", Yvo Desmedt (University College London), Tanja Lange (Technische Universiteit Eindhoven) (slides:ps)

"Constant-Round Password-Based Authenticated Key Exchange Protocol for Dynamic Groups", Shuhua Wu, Yuefei Zhu (Zhengzhou Information Science Technology Institute)
15:15 - 15:30 Coffee Break
15:30 - 17:00 Panel: Real Electronic Cash vs Academic Electronic Cash vs Paper Cash (slides: 1,2,3,4,5)
Moderator: Yvo Desmedt (University College London, UK)
Panelists: Jon Callas (PGP Corporation, USA), Daniel Nagy (ELTECRYPT, Eotvos University, Hungary), Akira Otsuka (National Institute of Advanced Industrial Science and Technology, Japan), Jean-Jacques Quisquater (Universite Catholique de Louvain, Belgium), Moti Yung (Google Research, USA)
19:00 - 21:00 Conference Reception

Tuesday (1/29)
09:15 - 10:45 Research Session 3: Theory
"A Practical Universal Circuit Construction and Secure Evaluation of Private Functions", Vladimir Kolesnikov (Bell laboratories), Thomas Schneider (University of Erlangen-Nuremberg) (slides)

"Generalized Non-interactive Oblivious Transfer using Count-Limited Objects with Applications to Secure Mobile Agents", Stephen Tate (UNC Greensboro), Vandana Gunupudi (University of North Texas) (slides)

"PBS: Private Bartering Systems", Keith Frikken, Lukasz Opyrchal (Miami University)
10:45 - 11:15 Coffee Break
11:15 - 13:00 Research Session 4: Hardware, Chips and Tags
"Breaking Legacy Banking Standards with Special-Purpose Hardware", Tim Gueneysu, Christof Paar (Ruhr University Bochum)

"ePassport: Securing International Contacts with Contactless Chips", Gildas Avoine, Kassem Kalach, Jean-Jacques Quisquater (UCL, Louvain-la-Neuve) (slides)

"Good Variants of HB+ are Hard to Find", Yannick Seurin, Henri Gilbert, Matthew Robshaw (France Telecom R&D) (slides)

"SHORT PAPER: Augmenting Internet-based Card Not Present Transactions with Trusted Computing" Shane Balfe, Kenneth Paterson (Royal Holloway) (slides)
13:00 - 15:00 Lunch
15:00 - 18:30 Sailing/Submarine Trip
19:00 - 20:00 Poster Presentations (Session Chair: Bogdan Carbunar)
Ken Huang and Paul Douthit, CGI - Payment Card Industry (PCI) Data Security Standard and ST&E

N. Asokan and Jan-Erik Ekberg, Nokia Research Center - A Platform for OnBoard Credentials

Peter Williams, Stony Brook University - Privacy Threats in Online Stock Quotes

William Yurcik, Clay Woolam, Greg Hellings, Latifur Khan, Bhavani Thuraisingham, University of Texas at Dallas - Making Quantitative Measurements of Privacy/Analysis Tradeoffs Inherent to Packet Trace Anonymization

Antonio San Martino and Xavier Perramon, Universitat Pompeu Fabra - Securing Web Banking Applications
20:00 - 21:00 IFCA General Meeting
21:00 - 04:00 Rump Session (Session Chair: Jon Callas)

Wednesday (1/30)
09:15 - 10:15 Invited Talk: Moti Yung (Google Research)
Title: TBD
Abstract: TBD


10:15 - 10:45 Coffee Break
10:45 - 12:30 Research Session 5: Attacks and Counter-measures II
"SHORT PAPER: Weighing Down The Unbearable Lightness of PIN Cracking", Mohammad Mannan, Paul Van Oorschot (Carleton University) (slides)

"SHORT PAPER: Phishwish: A Stateless Phishing Filter Using Minimal Rules", Vijay Gurbani (Bell Labs/Alcatel-Lucent), Debra Cook, Michael Daniluk

"SHORT PAPER: Competition and Fraud in Online Advertising Markets" Bob Mungamuru (Stanford University), Stephen Weis (Google)

"SHORT PAPER: Identity Theft: Much too Easy? A Study of Online Systems in Norway", Andre Klingsheim, Kjell Jgen Hole (University of Bergen)

"SHORT PAPER: On the Security of Next Generation E-Commerce in Norway-a Red Team Approach", Yngve Espelid, Lars-Helge Netland, Andre Klingsheim, Kjell Jgen Hole (University of Bergen)

"Improvement of Efficiency in (Unconditional) Anonymous Transferable E-Cash", Sebastien Canard (Orange Labs), Aline Gouget (Gemalto), Jacques Traore (Orange Labs)
12:30 - 14:00 Lunch
14:00 - 15:30 Research Session 6: Signatures and Encryption
"Proactive RSA Signatures with Non-Interactive Signing" Stanislaw Jarecki, Josh Olsen (UC Irvine) (slides)

"Fair Traceable Multi-Group Signatures", Vicente Benjumea (Univ. of Malaga), Seung Geol Choi (Columbia University), Javier Lopez (Univ. of Malaga), Moti Yung (Google) (slides)

"Identity-Based Online/Offline Encryption", Fuchun Guo (Fujian Normal University,China), Yi Mu (University of Wollongong), Zhide Chen (slides)
19:00 - 21:00 BBQ and Dinner

Thursday (1/31)
09:15 - 10:45 Panel: Usable Cryptography - Manifest Destiny or Oxymoron?
Moderator: Mary Ellen Zurko (IBM)
Panelists: Gene Tsudik (UC Irvine), Phil Hallam-Baker (Verisign), Andrew Patrick (NRC)
10:45 - 11:15 Coffee Break
11:15 - 12:45 Research Session 7: Anonymity and E-Cash
"SHORT PAPER: Countermeasures against Government-Scale Monetary Forgery", Alessandro Acquisti, Nicolas Christin, Bryan Parno, Adrian Perrig (Carnegie Mellon University) (slides)

"SHORT PAPER: OpenPGP-based Financial Instruments and Dispute Arbitration", Daniel Nagy (ELTECRYPT), Nadzeya Shakel (Belarusian State University) (slides)

"An Efficient Anonymous Credential System", Norio Akagi (Kyoto University, Japan), Yoshifumi Manabe (NTT), Tatsuaki Okamoto (NTT) (slides)

"Practical Anonymous Divisible E-Cash From Bounded Accumulators", Man Ho Au, Willy Susilo, Yi Mu (University of Wollongong) (slides)
12:45 Concluding Remarks
This conference is organized annually by the International Financial Cryptography Association.