1st TIPPI Workshop

Trustworthy Interfaces for Passwords and Personal Information

Sponsored by the PORTIA project

Date:    June 13th, 2005

Speakers and workshop program

    Stanford University,
Gates Computer Science Building,
Room B12

    Burt Kaliski, RSA Security
Dan Boneh, Stanford University

Workshop Purpose

Despite tremendous advances in computer technology in general and information security in particular, users still typically provide personal information and credentials such as passwords the same way they did 30 years ago: through a text interface that they assume they can trust.

Today, that trust assumption clearly can no longer be relied on.

Many security protocols have been proposed to protect credentials and personal information, but few are used in practice. A major reason is that the protocols have not been implemented in a way that ensures that they are actually used. For instance, a rogue Web site can still just ask the user for her password, regardless of how sophisticated a protocol the correct site employs.

The purpose of the workshop is to facilitate an effective solution to these problems by bringing together the designers of the cryptographic protocols with the implementers of the user interfaces. Ideally, a user should have confidence that when she provides a password or other personal information, she can trust the interface she interacts with to protect her data from misuse - even if an attacker happens to be the one that asked her to provide it.

In short, our hope is that the workshop will motivate a trend where trustworthy interfaces for passwords and personal information - TIPPI - are the typical ones in our industry.

More Information: For more information, please contact Burt Kaliski or Dan Boneh.

TIPPI homepage