CALL FOR PAPERS - SECURITY STANDARDISATION RESEARCH CONFERENCE
in Passau, Germany, 4.–5. Dec. ’25
————————————————————————————————

We are going to publish post-proceedings with Springer as LNCS
and we are looking forward for submissions till 5 October 2025:
https://www.uni-passau.de/ssr2025/cfp

Important Dates (AoE = UTC-12h):
————————————————————————————————
Submission deadline: 5 October 2025 (Sunday)
Author notification: 27 October 2025 (Monday)
Conference on-site: 4–5 December 2025 (Thursday + Friday)

Security Standards Research:
————————————————————————————————
The Security Standardisation Research (SSR) Conference 2025 marks the 10th anniversary
of the SSR conference series, launched in 2014. SSR 2025 will be hosted in the beautiful
location of Passau, Germany, and will take place December 4–5, 2025.

In the past two decades, cybersecurity standards have advanced significantly
and many of them have become very widely used. Despite their widespread use,
it is essential to continually revise existing standards and develop new standards to
cover emerging domains, such as post-quantum cryptography, fully homomorphic encryption,
6G and artificial intelligence. The purpose of the 2025 SSR conference is to discuss
the numerous research challenges arising from studies of existing standards,
the development of revisions to these standards, and the exploration of entirely new areas
of standardization. Many security standards bodies are only beginning to address the issue
of transparency, ensuring that the process of selecting security techniques for standardization
is as scientific and unbiased as possible. This conference aims to cover the entire range of
security standardisation research. Topics include, but are not limited to, developments
in cryptographic techniques, security management, security evaluation criteria, security policy,
network security, privacy and identity management, as well as technologies such as smart cards
and RFID tags, biometrics, and security modules. It also covers industry-specific security
standards, including those created by the payments, telecommunications, and computing sectors
for systems like payment protocols, mobile telephony, and trusted computing. Through in-depth
research presentations and open discussions, the conference aims to advance the field of
security standardization, fostering a collaborative environment for both revising existing
standards and developing new ones to address the evolving challenges in cybersecurity.

Submission:
————————————————————————————————
Papers offering research contributions to the area of security standardisation are
solicited for submission to the SSR 2024 conference.
SSR also invites Systematisation of Knowledge (SoK) papers relating to security standardisation,
which integrate experience and previous research, drawing new comprehensive conclusions.
SoK papers should evaluate, systematise, and contextualise existing knowledge. They should
provide a new viewpoint, offer a comprehensive taxonomy, or cast doubt on long-held beliefs,
based on compelling evidence. We also welcome SoK papers that document existing standardisation
practices and analyse their weaknesses and strengths. We also encourage submission of
vision papers relating to security standardisation. The vision track is intended to report on
work in progress or concrete ideas for work that has yet to begin. The focus in the vision track
is to spark discussion with the goal of providing the authors helpful feedback, pointers to
potentially related investigations, and new ideas to explore. Suitable submissions to the
vision track include traditional work-in-progress pieces such as preliminary results of
pre-studies, but also research proposals and position papers outlining future research.

Submitted papers must be original, unpublished, anonymous and not submitted to journals or
other conferences/workshops that have proceedings. Submissions must be written in English
and should be at most 20 pages in the Springer LCNS format including references but not
counting appendices. Authors should consult Springer’s authors’ guidelines and use their
proceedings templates, either for LaTeX or for Word, for the preparation of their papers.
Papers not meeting these guidelines risk rejection without consideration. All submitted
papers will be reviewed by at least three members of the program committee in a
blinded review process.

Authors submitting a systematisation of knowledge paper should adjust the title
to start with “SoK: ”. This is to ensure that the committee is made aware that the paper
is an SoK paper, and so will be reviewed with different criteria. In the same way,
vision papers should be marked by having the title start with “Vision: ” upon submission.

Accepted papers will be published as post-proceedings as a Lecture Notes in Computer Science (LNCS)
proceedings volume by Springer. Authors of accepted papers must complete and sign a
Consent-to-Publish form. At least one author of each accepted paper must register for the conference.

Submission Server:
https://easychair.org/conferences/?conf=ssr2025

Topics:
——————————————————————————————
Papers may present theory, applications or practical experience in the field of
security standardisation, including, but not limited to:
- Access control
- Artificial Intelligence - Biometrics
- Blockchain
- Cloud computing security/privacy
- Critical national infrastructure protection
- Standards consistency and comparison critiques of standards
- Cryptanalysis
- Cryptographic protocols
- Cryptographic techniques
- Data protection and law/regulation
- Digital trust
- Evaluation criteria
- Formal analysis of standards
- History of standardization
- Identity management
- Industrial control systems security
- Internet of things security/privacy
- Internet security
- Interoperability of standards
- Intrusion detection
- Key management and PKIs
- Standardisation process management
- Mobile security
- Network security
- Open standards and open source
- Payment system security
- Post-quantum security
- Privacy regional and international standards
- RFID tag security
- Risk analysis
- Secure messaging
- Security controls
- Security management
- Security protocols
- Security services
- Security tokens
- Smart cards
- Telecommunications security
- Trusted computing
- Usability

Program Committee:
————————————————————————————————
- Aysajan Abidin (KU Leuven, Belgium)
- Joppe Bos (NXP Semiconductors, Belgium)
- Sofía Celi (Brave, Portugal)
- Lily Chen (NIST, US)
- Jihoon Cho (Samsung, South Korea)
- Benjamin Curtis (ZAMA, France)
- Orr Dunkelman (University of Haifa, Israel)
- Scott Fluhrer (Cisco Systems, US)
- Matt Henricksen (Huawei International Pte Ltd, Singapore)
- Stephan Krenn (AIT Austrian Institute of Technology GmbH, Austria)
- Thalia Laing (HP Security Lab, Bristol, UK)
- Shinichiro Matsuo (Georgetown University, US)
- Elisabeth Oswald (University of Klagenfurt, Austria)
- Yanbin Pan (Academy of Mathematics and Systems Science, CAS, China)
- Kenneth Paterson (ETH Zurich, Switzerland)
- Bertram Poettering (IBM Research - Zurich, Switzerland)
- Gaetan Pradel (Incert, Luxembourg)
- Kazue Sako (Waseda University, Japan)
- Christoph Striecks (AIT Austrian Institute of Technology GmbH, Austria)
- Jacques Traore (Orange Labs, France)
- Mathy Vanhoef (KU Leuven, Belgium)
- Gaven J. Watson (Meta, US)
- Christian Weinert (Royal Holloway, UK)
- Kazuki Yoneyama (Ibaraki University, Japan)
to be extended ...

Program Chairs
————————————————————————————————
- Henrich C. Pöhls (University of Passau, Germany)
to be extended...