Slides + Deadlines + LSF + HotCRP

Written on 21.11.23 by Maximilian Golla

Thank you all for participating and contributing today! 😇

The slides of today's lecture are uploaded to the Materials page.

- Please remember to register via LSF; otherwise, your participation in the seminar does not count. This is your last chance!

Seminar Paper:
- The seminar… Read more

Thank you all for participating and contributing today! 😇

The slides of today's lecture are uploaded to the Materials page.

- Please remember to register via LSF; otherwise, your participation in the seminar does not count. This is your last chance!

Seminar Paper:
- The seminar submission deadline is December 22, 2023, at 11:59 pm via HotCRP (only upload the PDF file).
- I will contact you again in December to remind you about the upcoming deadline.
- After receiving your reviews, please incorporate the suggestions into your final submission (February 9, 11:59 pm again via HotCRP).


- I will contact you after the deadline about your assigned review (this is also done on HotCRP)
- The review submission deadline is January 19, 2023, at 11:59 pm via HotCRP (there is no file; just enter your text into the review form).


- I will contact you in January so you can vote on your preferred date for your talk (3x talk slots on January 30 and 3x talk slots on February 6).
- For your presentation, there is no PowerPoint template; just use what you prefer.
- If you need any hardware during your talk, please contact me at least one week in advance.


The seminar will give students a deep understanding of typical passwordless user authentication schemes enabling them to reason about their usability, deployability, and security properties.


# Name Keywords
0 Passwords Memorability, Management, Coping Strategies, Threats (Phishing, Reuse), Reinforcement (Password Manager, 2FA, RBA, Alerting)
1 Legacy Systems Magic Links, Apps, QR Codes, Single Sign-On Systems
2 FIDO & Security Keys Blinking Button, Handling, Uncertain Benefits, Time Required, Fear of Losing, Recovery
3 FIDO & Adoption Willingness, Concerns, Misconceptions, UX and Deployment Obstacles
4 FIDO & Phones caBLE, QR Codes, Availability, Recovery, Setup Difficulties, Account Delegation
5 FIDO & Passkeys Multi-Device Credentials, Cross-Device Authentication, Discoverable Credentials/Conditional UI, E2EE, Persistent Linking
6 FIDO & Attacks Malware, Browser Extension, Attestation, Real-time Phishing, Downgrade Attacks, Social Engineering, MFA Fatigue
7 FIDO & eIDs FIDELIO, elektronischer Personalausweis (nPA), AusweisApp2, FeIDo, FIDO-AC

📖 Some recommended related literature can be found on the Materials page.

Seminar Paper:

Based on the provided and additional literature, the student is expected to provide an overview of the topic in regards to its potential security and usability benefits and problems. The seminar paper should explain how the topic effectively integrates usability or human factors with security or privacy, and clearly indicate the innovative aspects or lessons learned and cite relevant related work.

Papers must use the formatting template and be submitted as a PDF via the web submission system. Submissions must be 5 pages (excluding bibliography, and appendices, double column, ~4000 words). All submissions must clearly relate to the human aspects of security or privacy. Your paper should be inclusive and respectful. A variety of guidance exists on this topic.

Papers with human subjects studies, are expected to discuss ethical considerations. Risks and benefits of the presented research should be weighed.


Students are expected to read and review (~500 words) one seminar paper. The reviewing details are provided during the in-person meeting. I like to emphasize the importance of kind and constructive reviews.

Here are 3 easy steps to improve your review:

  1. Start with thanking the authors and mentioning something positive. "Thank you for your work on improving ... . I appreciate the effort to ..."
  2. Be kind and constructive and describe a path forward. "I suggest clarifying the high-level idea of the approach by adding a paragraph at the beginning of Section 3."
  3. Do not refer to the authors directly in your review, but direct comments toward the seminar paper. We are reviewing the paper and not the authors. "The paper must be more consistent with its wording."

Reviewers are responsible for all text they submit as part of their review. As such, you should ensure your reviews are accurate and constructive. All seminar papers are considered confidential and should not be publicly discussed or shared.

Talk (Co-Presented):

As a hands-on experience, students are asked to demonstrate their authentication scheme and co-present their topic in front of the class (about 15 minutes incl. demo). The idea of this presentation is to provide an overview of the topic and reason about potential usability issues and benefits of the presented authentication scheme.

Here are two easy steps to improve your talk:

  1. Outline your talk without using PowerPoint. What is a good motivation? What is the most important result you like to share? What is the main takeaway at the end?
  2. Practice, practice, practice. Please rehearse your talk multiple times. There is nothing more distressing than a presenter who is surprised by their own slides.

Members of the audience are expected to actively contribute to a discussion by asking questions and engaging with the topic.

Talk Schedule:

# Date Talk Topic Student(s)
1 30.01.2024 Legacy Systems Ince & Kopański
2 30.01.2024 FIDO & Security Keys Berrens & Wasim
3 06.02.2024 FIDO & Phones Saini & Talwar
4 06.02.2024 FIDO & Adoption Gerhardt & Shah
5 06.02.2024 FIDO & eIDs Sujela
6 06.02.2024 FIDO & Passkeys Nawrath
7 06.02.2024 FIDO & Attacks Tran & Löffler

Seminar Schedule:

Week Date Time Room Meeting Your Task
43 - - - - Register in CMS
44 - - - - Vote on date and time
45 07.11.2023 10:15-11:45 C0 - 0.02 Introduction to FIDO & Topic Assignment Attend
46 14.11.2023 10:15-11:45 C0 - 0.07 Background: Passwords Attend & Discuss
47 21.11.2023 10:15-11:45 Online How to Read and Write Scientific Papers Attend
48 - - - - Read and write
49 - - - - Read and write
50 - - - - Read and write
51 - - - - Read and write
- 22.12.2023 23:59 - Seminar Paper Submit
52 - - - 🎅 (Winter Break)
01 - - - 🎆 (Winter Break)
02 - - - - Read and review
03 - - - - Read and review
- 19.01.2024 23:59 - Review Submit
04 - - - - Co-prepare talk
05 30.01.2024 10:15-11:45 C0 - 0.02 Presentations Co-present topic / Discuss
06 06.02.2024 10:00-12:00 C0 - 0.02 Presentations Co-present topic / Discuss
- 09.02.2024 23:59 - Seminar Paper with Feedback Incorporated Submit



Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.