Conferences  >  Mathematics  >  Cryptography, Blockchain and Information Security

11th International Conference on Software Security (ICSS 2025) is traditionally, security in software has been thought to be something that can be easily added on as a patch, post-development, and sometimes even after the deployment of the software. According to the US-Computer Emergency Readiness Team (US-CERT), “most successful attacks result from targeting and exploiting known, non-patched software vulnerabilities and insecure software configurations, many of which are introduced during design and code.” Hence, it is imperative that secure design, coding and testing principles as well as deployment and maintenance are thoroughly embedded in the software development lifecycle. At the same time, software security is very inter-disciplinary, as software is being developed for a variety of applications – web, Internet, database, single and distributed computer systems, etc.

• Software Security Attacks and Solutions • Static and Dynamic Code Analysis for Software Security • Validation, Verification and Testing for Software Security • Virtualization and Cloud Computing for Software Security • Cryptography for Software Security • Firewalls and Intrusion Detection/Prevention Systems for Software Security • Software Penetration and Protection

Schloss Dagstuhl – Leibniz-Zentrum für Informatik GmbH

IT Security plays a vital role in our society. For example, when multiple parties communicate via a mobile phone or chat, or during online shopping, security takes a decisive part in protecting the users, the service operators, and in maintaining public confidence in the system. Cryptography is an essential concept to be implemented in the underlying system. Modern cryptography can be divided into two distinct subareas, symmetric cryptography (where all parties share the same secret key) and asymmetric cryptography (where all parties are in possession of a public key and a private key). We plan to discuss in detail timely topics related to the design and analysis of symmetric cryptographic schemes.

The International Centre for Mathematical Sciences (ICMS)

While lattice-based cryptography has been successful, a consensus is forming that we have reached a limit of what we can do from such well-established problems. Thus, researchers are introducing novel variants of these presumed-hard problems to develop quantum-safe privacy-enhancing technologies (PETs). Many PETs lack efficient lattice-based or other efficient post-quantum constructions. Examples include advanced encryption schemes with fine-grained access control, blind signatures, anonymous credentials, oblivious PRFs, and threshold constructions. Adopting novel hardness assumptions reflects a long-standing tension in cryptography: more structure enables advanced functionalities but may offer flexibility to solve presumed-hard problems, invalidating their hardness. As these assumptions proliferate, the risk grows that they remain understudied and may lack the robustness to serve as foundations for a privacy-respecting post-quantum digital society.