DIAC 2014: Directions in Authenticated Ciphers

23–24 August 2014, Santa Barbara, USA

How to participate:
How to contribute:
Accepted talks

Talk submission

DIAC 2014 calls for submissions of talks on the topics listed below.

Submissions are expected to be on the very latest results and ideas, including work in progress. Submissions are therefore not expected to be full papers; they are expected to be explanations of what talks will contain. However, detailed explanations will help in selecting and organizing talks, and there is no prohibition on submission of papers in cases where papers are available.

There will be a special effort to provide time in the program for CAESAR candidates. Talk submissions of this type should identify themselves as such; for fairness there should be only one submission per candidate. A talk of this type is expected to highlight the latest comparisons, explaining the unusual features of a candidate that make the candidate preferable to other candidates.

DIAC 2014 will not publish formal conference proceedings. There is no prohibition on talk submissions for papers that have been submitted to conferences with proceedings.

To submit, send a PDF by email to diac2014 at box.cr.yp.to with subject line either

  • "DIAC 2014 submission: CAESAR candidate GCM" (replacing GCM with the candidate name)
  • "DIAC 2014 submission: regular"

by 20 June 2014 23:59 GMT. Submissions are not expected to be anonymous.


  • Components and combinations
    • block ciphers
    • dedicated stream ciphers
    • stream ciphers based on block ciphers
    • dedicated hash functions, sponges, etc.
    • hash functions based on block ciphers
    • dedicated MACs
    • MACs based on hash functions
    • MACs based on block ciphers
    • authenticated encryption based on any of the above
    • dedicated ciphers with built-in authentication
  • Attacks
    • cryptanalysis of symmetric systems
    • side-channel attacks on symmetric systems
    • real-world costs of attacks
  • Implementations
    • APIs
    • software
    • FPGAs
    • ASICs
    • comparisons
  • Requirements
    • quantitative security: e.g., is 80 bits enough?
    • qualitative security: e.g., MAC vs. PRF, INT-PTXT vs. INT-CTXT
    • robustness: e.g., security under nonce reuse, security against idiots
    • side-channel resistance
    • handling of limited randomness
    • safety of using a key for many messages: 2^32? 2^64?
    • key agility
    • throughput in software, FPGA, ASIC
    • parallelizability, incrementality, etc.
    • ASIC area budgets, FPGA slice budgets, etc.
    • power limits, energy limits, etc.
    • bandwidth: short plaintexts, ciphertexts, authenticators
    • flexibility: e.g., variable authenticator lengths
    • convenience: e.g., one-pass, intermediate tags
    • use cases


The list of topics above is copied from the DIAC 2013 workshop, which in turn is copied from the first DIAC workshop, which in turn draws on discussions at the January 2012 Dagstuhl workshop on Symmetric Cryptography, including suggestions from Jean-Philippe Aumasson, Eli Biham, Joan Daemen, Orr Dunkelman, Lars Knudsen, Bart Preneel, and Greg Rose.

Version: This is version 2014.06.04 of the submission.html web page.