Real World Cryptography Conference 2016
6-8 January 2016
Stanford, CA, USA
co-hosted by the Stanford Cyber Initiative

Past conferences:
The Levchin Prize:
Social media:
  • Twitter: #realworldcrypto
Mailing List:
To subscribe to our mailing list send a message containing the body
"SUBSCRIBE coms-rwc" to

Conference events will be held at the Arrillaga Alumni Center located at 326 Galvez Street, Stanford, CA 94305. Parking is available across the street at the Galvez field.

Wednesday, Jan. 6, 2016

8:00am Arrival and Registration
9:15am Welcome
Session 1:  Cryptographic privacy  (session chair: Nigel Smart)
9:30am The Blackphone
Jon Callas, Silent Circle
10:00am Cryptographic directions in Tor: past and future
Nick Mathewson, The Tor Project
10:20am Anonize: An anonymous survey system
Rafael Pass and Abhi Shelat
10:40am Break
Session 2:  Cryptographic implementations  (session chair: Tom Ristenpart)
11:10am Cryptography in AllJoyn, an Open Source Framework for IoT
Greg Zaverucha, Microsoft
11:40am High-assurance Cryptography
Joe Kiniry, Galois Inc.
Session 3:  Award ceremony  (session chair: Dan Boneh)
12:00pm The first Levchin prize for contributions to real-word cryptography
12:20pm Lunch
Session 4:  Mixing and voting  (session chair: Aggelos Kiayias)
2:00pm PrivaTegrity: online communication with strong privacy 
David Chaum
2:30pm Software vulnerabilities in the Brazilian voting machine
Diego Aranha
2:50pm The State of the Law: 2016
Nate Cardozo,  EFF
3:20pm Break
Session 5:  TLS and QUIC  (session chair: Kenny Paterson)
3:50pm QUIC Crypto
Adam Langley, Google Inc.
4:20pm On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption
Tibor Jager, Juraj Somorovsky and Jörg Schwenk
4:40am The State of Transport Security in the E-Mail Ecosystem
Aaron Zauner
4:50pm Where the Wild Warnings Are: The TLS Story
Adrienne Porter Felt, Google Inc.
5:20pm End of day 1
5:45pm Reception

Thursday, Jan. 7, 2016

9:30am TLS 1.3: Real-World Design Constraints
Eric Rescorla
Session 6:  Crypto currencies  (session chair: Dan Boneh)
10:00am Hawk: Privacy-Preserving Blockchain and Smart Contracts
Andrew Miller
10:20am Provisions: Proofs of solvency for cryptocurrencies
Gaby Dagher, Benedikt Bünz, Joseph Bonneau, Jeremy Clark, and Dan Boneh
10:40am Securing Bitcoin Wallets: A new DSA threshold signature scheme that is usable in the real world
Steven Goldfeder, Rosario Gennaro and Arvind Narayanan
11:00am Break
Session 7:  Policy  (session chair: Nigel Smart)
11:30am The Speech, Privacy, and Technology Project
Daniel Kahn Gillmor, ACLU
12:00pm Lightning talks (1-3 mins)
12:30pm Lunch
Session 8:  Backdoors and Passwords  (session chair: Tom Shrimpton)
2:00pm An Update on the Backdoor in Juniper's ScreenOS
Stephen Checkoway, Shaanan Cohney, Matthew Green, Nadia Heninger, H. D. Moore, Willem Pinckaers, Eric Rescorla, Hovav Shacham, and Ralf-Philipp Weinmann
2:20pm Pass: Strengthening and Democratizing Enterprise Password Hardening
Ari Juels, Cornell Tech
2:50pm Argon2 and Egalitarian Computing
Dmitry Khovratovich and Alex Biryukov
3:10pm Cryptographic pitfalls
Nicko von Someren
3:30pm Break
Session 9:  TLS  (session chair: Aggelos Kiayias)
4:00pm TLS at the scale of Facebook
Scott Renfro, Facebook
4:30pm No More Downgrades: Protecting TLS from Legacy Crypto
Karthikeyan Bhargavan, INRIA Paris
4:50pm The OPTLS Protocol and TLS 1.3
Hugo Krawczyk and Hoeteck Wee
5:10pm Automated Verification of TLS 1.3: 0-RTT, Resumption and Delayed Authentication
Cas Cremers, Marko Horvat, Sam Scott and Thyla van der Merwe
5:30pm End of day 2

Friday, Jan. 8, 2016

Session 10:  Hardware  (session chair: Tom Ristenpart)
9:30am Sealing and Attestation in Intel's Software Guard Extensions (SGX)
Rebekeh Leslie Hurd, Intel Corporation
9:50am Intel's SGX Memory Encryption Engine
Shay Gueron, Intel Corporation and The University of Haifa, Israel
10:20pm Practical Attacks on Real World Cryptographic Implementations
Juraj Somorovsky
10:40am Break
Session 11:  Property-Preserving Encryption  (session chair: Brian LaMacchia)
11:10am On Deploying Property-Preserving Encryption
Paul Grubbs
11:30am Inference Attacks on Property-Preserving Encrypted Databases
Charles Wright, Portland State University
12:00pm Lunch
Session 12:  Crypto in the clouds  (session chair: Kenny Paterson)
2:00pm Cache Attacks on the Cloud
Thomas Eisenbarth, WPI
2:30am Practicing Oblivious Access on Cloud Storage: the Gap, the Fallacy, and the New Way Forward
Vincent Bindschaedler, Muhammad Naveed, Xiaorui Pan, Xiaofeng Wang and Yan Huang
2:50pm Replacing Weary Crypto: Upgrading the I2P network with stronger primitives
Antonio Stradivari
3:10pm Break
Session 13:  Analysis and attacks  (session chair: Dan Boneh)
3:40pm Securing Communication in Google Production Systems
Phil MacKenzie
4:10pm An analysis of DSA and ECDSA without generic groups
Manuel Fersch, Eike Kiltz and Bertram Poettering
4:20pm New developments in BREACH
Dimitris Karakostas and Dionysis Zindros
4:40pm Lucky Microseconds: A Timing Attack on Amazon's s2n Implementation of TLS
Kenneth Paterson and Martin Albrecht
5:00pm Conference end