ETAPS Daily The Newsletter of the European Joint Conferences on Theory and Practice of Software, ETAPS 2011

Thursday, March 31, 2011 Saarbrücken, Germany

Invited talk: Ross Anderson Ross Anderson is Professor widely-deployed systems, from ing a central planner, we have to of Security Engineering at peer-to-peer systems through arrange things so that the desired Cambridge University Computer prepayment utility meters to the behaviour emerges as a result Laboratory since 2003. He has HomePlug standard for power- of the self-interested action of been employed at Cambridge line communications. He chairs many uncoordinated principals. University since1992. From 1984 the Foundation for Information Mechanism design and game the- to 1991 he was self employed Policy Research, the UK’s pre- ory are becoming as important to consultant working mostly in mier information thinktank. the system engineer as more con- projects related to computer Ross is a Fellow of the Royal ventional knowledge such as data security. Between 1981 and Society, the Royal Academy of structures and algorithms. This 1983 he has worked on multi- Engineering, the Institution of holds not just for systems no- lingual typesetting. From 1974 Engineering and Technology, the one really controls, such as the to 1975 he worked for Ferranti Institute of Mathematics and its Internet; it extends through sys- as a development engineer on Applications, and the Institute of tems controlled by small groups avionics. Ross received his PhD Physics. of firms, such as the future smart from Cambridge University in grid, to systems controlled by a 1995, a BA from Trinity College, The title of Ross’ talk: The single firm, such as Facebook. Cambridge, in 1978. Dependability of Complex Once you have hundreds of mil- Ross Anderson The focus of his work in aca- Socio-technical Systems lions of users, you have to set demia has been building security rules rather than micromanage implications for academics: for engineering into a discipline. Abstract: The story of software outcomes. Other social sciences how we educate our students, Over the last fifteen years his engineering has been one of have a role to play too, especially and for choosing research topics research ranged from hard- learning to cope with ever greater the behavioural sciences; HCI that are most likely to have some ware security to the uses of scale and complexity. We’re now testing has to be supplemented impact. signal processing. He has writ- building systems with hundreds by a more principled understand- ten a reference book, ‘Security of millions of users, who belong ing of psychology. And as soft- Today Engineering – A Guide to to millions of firms and dozens of ware comes to pervade just about Building Dependable Distributed countries; the firms can be com- every aspect of society, software at 09:00 Systems’. He has contributed petitors and the countries might engineers cannot avoid engaging to the design of a number of even be at war. Rather than hav- with policy. This has significant

Invited talk: Michael Backes Michael Backes holds the chair mation security and and the TR35 award in 2009. of and cryp- in a broad sense. Major research tography at , topics have been the design and The title of Michael’s talk: he is a fellow of the Max-Planck verification of security protocols Automated Design and Institute for Software Systems and implementations, linking Verification of Security (MPI-SWS), and he is the desig- and cryptogra- Protocols based on Zero- nated director of the IT-security phy, privacy, and investigating Knowledge Proofs center CISPA. Before joining novel side-channel attacks. For Saarland University in 2006, his work, he has been granted the Abstract: he was a permanent research Microsoft Award for Outstanding A central challenge in the analy- staff member at the IBM Zurich Research in Privacy Enhancing sis of large-scale security pro- Research Lab. His research con- Technologies in 2003, the IBM tocols is the expressiveness of centrates on theoretical founda- Outstanding Achievement the formalism used in the for- tions and applied aspects of infor- Awards for seminal contributions mal analysis and its capability to privacy technologies in 2005, a to model complex cryptographic Today Max Planck Fellowship in 2007, operations. While such proto- an IBM Faculty Award in 2008, cols traditionally relied Michael Backes at 14:00 as well as an ERC Starting grant only on the basic cryp- tographic operations such as a message or a sequence of mes- ty features, combined with the prises a symbolic representation encryption and digital signatures, sages that combines two seem- recent advent of efficient cryp- of the cryptographic semantics modern cryptography has invent- ingly contradictory properties: tographic implementations of of zero-knowledge proofs that ed more sophisticated primitives First, it constitutes a proof of a zero-knowledge proofs for spe- is suitable to automated veri- with unique security features statement that cannot be forged, cial classes of problems, have fication, a type system for the that go far beyond the traditional i.e., it is impossible, or at least paved the way for its deploymen- static enforcement of authoriza- understanding of cryptography to computationally infeasible, to tin modern applications, such as tion policies, a corresponding solely offer secrecy and authen- prod-uce a zero-knowledge proof e-voting systems and anonymity cryptographic soundness result ticity of a communication. Zero- of a wrong statement. Second, a protocols.In this talk, I will pres- against arbitrary active attacks, knowledge proofs constitute the zero-knowledge proof does not ent a framework for the verifica- and a general methodology for most prominent and arguably reveal any information besides tion and design of security pro- designing security protocols that most amazing such primitive. A the bare validity of the statement. tocols based on zero-knowledge are resistant to principal com- zero-knowledge proof consists of This primitive’s unique securi- proofs. The framework com- promise.

Lunch options on Thursday Theory of Security and Menu A: Menu B: Meatball with a creamy sauce, Green pasta with sauce of soya Applications side dish, seasonal salad, des- and tomatoes, grated cheese, TOSCA (Theory of Security and information security research- sert seasonal salad, dessert Applications) is the 2011 edition ers in closer contact with the Free Flow: of an annual series of events for- ETAPS community, and to give - Potato wedges with a chili dip and garlic mayonaise merly known as ARSPA-WITS, ETAPS attendees an opportunity - Turkey breast with vegetables which itself combined a work- to respond to core problems of - Rigatoni with sauce of prawns, vegetables and cream shop on issues in the theory of security. On the other hand, we security and one on using auto- hope to contribute to bridging the mated reasoning for security pro- gap between logical foundations What’s in this building? tocols. Information security has and security methods. Besides in recent years been an important the regular presentations of the The Saarland University and the “Saarbrücken Graduate consumer of theoretical computer accepted papers, the program of Department of School of Computer Science”. science. System designers need TOSCA 2011 features invited has celebrated its 40th anniver- Saarbrücken is the only German clean models to predict behav- talks by Michael Backes (ETAPS sary in fall 2009. It emerged out site with Excellence funding for ior in different environments, plenary speaker), on analysis and of the Department of Applied both a Cluster of Excellence and and to appraise the effects of design of protocols using zero- Mathematics and owes its ori- a Graduate School in computer broad types of adversary actions. knowledge proofs; Veronique gin to Günter Hotz, one of the science. Consequently, security has moti- Cortier, on secure protocol pioneers of computer science in Currently more than 320 PhD vated new work in many areas of composition; Ueli Maurer, on Germany. Today 19 chairs cover students are enrolled in the theory, including type systems new methods for defining and a broad range of research fields Saarbrücken Graduate School of and program analysis; on process proving cryptographic proper- and form the core of the computer Computer Science. They profit algebras and models of distribut- ties; Sjouke Mauw, on extracting science activities that have grown from the optimal environment ed systems; on information flow, security information from audits on the university premises during for pursuing their doctoral stud- both qualitative and quantitative; and other large repositories of the last two decades. In October ies in computer science at an and on connections between log- data; and David Sands, on pro- 2007, Saarbrücken Computer internationally competitive level. ical models and computational gramming with expressive infor- Science was awarded two major Student obtain research-oriented (often cryptographic) models. mation flow policies. grants in the framework of the training and experience a stim- Initiative for Excellence of the ulating and scientifically chal- We hope that TOSCA 2011 will TOSCA runs on Thursday German government: the Cluster lenging atmosphere. Advised by help to set the stage for an annual afternoon and Friday. It is held of Excellence on “Multimodal internationally renowned scien- ETAPS event on security. The in E1.4/024. It is open to all Computing and Interaction” tists, they participate in one of the aim is, on the one hand, to bring participants of ETAPS. (already introduced to you in many research groups and find the ETAPS Daily on Monday) their way into first-class research.

What ETAPS can do to your Faculty Organising ETAPS is an easy was the key reason for rais- task. We guarantee. Here is the ing the priority level of this main reason why you should renovation. Indeed the renova- put in a bid for 201X. tion finished only last Friday evening. Feel free to visit the The restrooms in one of the CS result. buildings (E1.1) had been in a If you proceed along the cor- mediocre state for long, to say ridor a little further, you can it mildly. The urgently needed also enjoy a fabulous indoor state changes were blocked by shower that the renovation lacking financial resources for activities brought to us for several years. ETAPS 2011 free! The Saarbrücken Graduate School of Computer Science