Conferences
Most work in the cryptography, security, and privacy fields is published at conferences; journals are typically too slow to keep up with the rapid pace of the fields. Generally, our group tries to publish at top venues. However, it is sometimes worthwhile to publish at more focused venues if a paper is targeted at a particular niche. "Tiers" are often defined informally based on the feelings of the research community, although there are ways to attempt to quantify the ranking of conferences. For example, security and privacy conferences can be
ranked by "conference impact factor", which attempts to measure the impact of conference papers on future research.
The following is a list of the most relevant conferences for CrySP students:
Top Tier
- IEEE Security and Privacy Symposium (most commonly known as "Oakland")
- Often considered to be the most prestigious venue, with a relatively low acceptance rate.
- Generally covers many subfields, but has only one conference track (this contributes to the low acceptance rate).
- Types of papers include systems and hardware papers, attacks, defenses, networking protocols, and cryptographic protocols. Generally more abstract and theoretical than USENIX, but less so than CRYPTO.
- This is the only top-tier conference that accepts systematization of knowledge (SoK) papers.
- Always takes place in California, USA.
- USENIX Security Conference
- Focused on systems, with an emphasis on security rather than privacy or cryptography (though privacy papers with a systems orientation are fine).
- Types of papers include code verification, attacks on systems and protocols, operating system security, malware, reverse engineering, web security, etc.
- Large conference with multiple tracks and invited speakers.
- Hosted around Canada and the USA.
- Crypto
- Focused on cryptography.
- Types of papers include new cryptosystems, mathematical approaches potentially yielding cryptosystems, and protocols. Far more mathematically-oriented than the other top-tier conferences.
- Sister conferences include Eurocrypt and Asiacrypt.
- ACM Conference on Computer and Communications Security (CCS)
- Mixed focus on security/privacy and cryptography.
- Papers tend to be systems- or cryptography-oriented. Types of papers are similar to USENIX, but more theoretical and abstract.
- Large conference with multiple tracks, but less invited speakers than USENIX.
- Mostly hosted in the USA, but sometimes in Europe.
- Network and Distributed System Security Symposium (NDSS)
- A mix of security and privacy topics with a focus on networked protocols.
- Similar topics to the networked systems papers found at Oakland and CCS. Also includes papers measuring and evaluating real-world networking schemes.
- Always takes place in California, USA.
Lower Tiers
- Privacy Enhancing Technologies Symposium (PETS)
- Focused on privacy, censorship resistance, etc.
- Usually considered the top venue dedicated to research in privacy-enhancing technologies. So one could count it as top-tier within the PETs subfield, but it's not one of the top-tier venues in the wider computer security and privacy research community (Oakland, USENIX Security, CCS, NDSS, as above).
- New format is a journal/conference combination. Papers are submitted to the journal (PoPETS), with several deadlines throughout the year. Accepted papers are presented at the next available conference.
- Relatively small conference hosted by the PETs community.
- Papers include new privacy-enhancing and censorship-resisting schemes, usability studies, etc.
- Typicaly alternates between North American and European locations.
- Symposium on Usable Privacy and Security (SOUPS)
- Focused on usability aspects of systems.
- Papers typically involve user studies and interface designs.
- Very short and small conference, with a relatively heavy focus on workshops.
- Mostly hosted in the USA, but sometimes in other countries.
- Workshop on Privacy in the Electronic Society (WPES)
- Focused on privacy and censorship resistance.
- Papers that are submitted to this workshop are typically too narrow in scope to appear at the top-tier conferences.
- Cohosted with CCS.