Trustworthy Interfaces for Passwords and Personal Information 

The following message is being forwarded at the request
of Burt Kaliski, RSA Security and Dan Boneh, Stanford University.

1st TIPPI Workshop
Trustworthy Interfaces for Passwords and Personal Information 
Sponsored by the PORTIA project

Date: June 13th, 2005 

Location: Stanford University, 
Gates Computer Science Building, 
Room B12  


 Burt Kaliski, RSA Security  
 Dan Boneh, Stanford University  

Workshop Purpose 

Despite tremendous advances in computer technology in general and
information security in particular, users still typically provide
personal information and credentials such as passwords the same way
they did 30 years ago: through a text interface that they assume they
can trust.  Today, that trust assumption clearly can no longer be
relied on.

Many security protocols have been proposed to protect credentials and
personal information, but few are used in practice. A major reason is
that the protocols have not been implemented in a way that ensures
that they are actually used. For instance, a rogue Web site can still
just ask the user for her password, regardless of how sophisticated a
protocol the correct site employs.

The purpose of the workshop is to facilitate an effective solution to
these problems by bringing together the designers of the cryptographic
protocols with the implementers of the user interfaces. Ideally, a
user should have confidence that when she provides a password or other
personal information, she can trust the interface she interacts with
to protect her data from misuse - even if an attacker happens to be
the one that asked her to provide it.

In short, our hope is that the workshop will motivate a trend where
trustworthy interfaces for passwords and personal information - TIPPI
- are the typical ones in our industry.

Current confirmed speakers include: 

Todd Inskeep, Bank of America. 
Roots of Trusted Interfaces and the User Experience. 
Dave Jevans, Anti-Phishing Working Group 
Ramesh Kesanupalli, Phoenix Technologies.
Solutions for Secure and Trustworthy Authentication. 
Steve Myers, Indiana University
Delayed Password Disclosure. 


We welcome additional presentations, both long (30 minutes) and short
(10 minutes). If you would like to give a presentation, please send us
a proposed title and abstract by May 15. There will be no proceedings,
but presentations and research papers (if available) will be posted on
the Web.  

More Information: 
For more information, please contact 

Burt Kaliski


Dan Boneh

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to