In my experience, a lot of the non-academics in the security research community aren’t nearly as familiar with which academic conferences are notable, so here they are. These conferences are not structured like many “industry” conferences. Instead, these conferences consist of presentations of peer-reviewed academic papers that were submitted to and peer-reviewed by the conference’s publication committee (PC).
This is a rundown of the “big four” top-tier academic conferences in computer security. While cryptography research does occasionally appear in these conferences, these are distinct from the conferences for cryptography research.
The Network and Distributed System Security Symposium (NDSS): Everyone just calls this NDSS. It’s held by the Internet Society. I’ve never interacted with the Internet Society in any way, aside from attending this event. Until something changes, it’s always at the Catamaran Resort in San Diego, sometime near mid-February.
IEEE Symposium on Security and Privacy (Oakland): Also shortened to S&P. This is not the same as Euro S&P, but IEEE does run both conferences. For a long time, this conference was held in Oakland, which is why everyone calls it Oakland. Then for many years, the conference was in San Jose, and everyone still called it Oakland. Then in 2018, the conference was held in San Francisco proper. While use of the name “S&P” is rising, many people still refer to this conference as Oakland. It takes place in early May. This conference is distinct from the IEEE Security & Privacy magazine.
Usenix Security (USENIX): This is my personal favorite. Unsurprisingly, it’s hosted by the Usenix Assocation. It takes place during August, and moves around. It usually hops between east and west coast. Recent locations include San Diego, Washington D.C., Austin, Vancouver, and Baltimore.
ACM Communications on Computer Security (CCS): Everyone just calls this CCS. It’s probably the largest of the top-tier conferences. It takes place in October, and moves around. Recent locations include Scottsdale, Denver, Vienna, Dallas, and Toronto.
These conferences are specific to cryptography, rather than all of computer security. There’s a lot more math happening here than in the security conferences.
There are other related measurement, networks, and systems conferences that are relevant to security. This isn’t an exhaustive list, but here’s the ones I pay the most attention to: