aboutsummaryrefslogtreecommitdiff
path: root/archive/2021-10-19-paper-planning
blob: 14951aa14425ac444556d6a299aa26355a02bc10 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
What should be the scope of the paper?
	* Introduction of sigsum logging and its architecture (informal)
		* what rgdd et al. have now
	* Security proof of the sigsum logging architecture (formal)
		* rohonk takes the lead here
	* Discussion about how to use the basic building block that we modelled
		* rgdd takes the lead here

What is the required timeline for this paper?
	* rgdd
		* not rushed at all, quite busy the coming months
		* can provide feedback and be involved in security proof when needed
		* can do concrete paper work from March until end of June
	* rohonk:
		* available from November and onwards, can then work full time on paper

Should anyone else be involved?
	* rgdd and rohonk both have academic supervisors that can provide feedback
	* we are still open for additional contributors

Publication strategy
	* It looks like ESORICS, with fallback on ACSAC, could work given our timeline
		* ESORICS 2022
			* https://esorics2021.athene-center.de/index.php
			* Deadline: May 15 , 2022.
			* Notification: 21 June 2021. 
		* ACSAC
			* https://www.acsac.org/
			* Deadline usually in ~June, see http://www.wikicfp.com/cfp/program?id=45

Other conferences that rohonk mentioned
	* https://www.usenix.org/conference/usenixsecurity22/call-for-papers
	* https://asiaccs2022.conferenceservice.jp/ 
	* https://www.ndss-symposium.org/ndss2022/call-for-papers/
	* https://www.ieee-security.org/TC/SP2022/cfpapers.html
	* [rgdd] much harder to get in here, and deadlines are a bit too tight

How do we work together?
	* Voice meets on https://meet.sigsum.org/research
	* Pads on https://pad.sigsum.org
		* https://pad.sigsum.org/p/security-proof
		* (Not persisted in any archive, sort of a scratch pad for now.)
	* Source on https://git.sigsum.org/research
		* .tex files in sigsum/research repo 
		* Decision: pick esorics template and start with security proof section
			* rgdd will set this up in the near future

What needs to be done for a formal security analysis?
	* Define security goals, assumptions, interactions
	* Select a proof technique and apply it
	* Some related CT papers that can be helpful to take inspiration from
		* https://link.springer.com/book/10.1007%2F978-3-319-45741-3
		* https://dl.acm.org/doi/pdf/10.1145/2976749.2978404
		* https://people.cispa.io/cas.cremers/downloads/papers/ccsfp200s-cremersA.pdf
		* noise protocol?