Bücher der Reihe Security and Cryptology

Duringthelastfewyearsweseenetworkandinformationsystemsecurityplaying an increasingly important role in our everyday lives. As our computers continue to get infested by all sorts of malware, and as our networks continue to choke with spam and malicious tra?c, we see more and more people losing their co- dence in information technologies as they get signi?cantly concernedabout their security as well as their privacy and that of their loved ones. In their e?ort to cope with the problem, scientists, managers, and politicians all over the world havedesignedandarecurrently implementing systematicapproachesto network and information security, most of which are underlined by the same principle: there is much more room for improvement and research. Along the lines of encouraging and catalyzing research in the area of c- munications and multimedia security, it is our great pleasure to present the proceedings of the 10th IFIP TC-6 TC-11 Conference on Communications and MultimediaSecurity(CMS2006),whichwasheldinHeraklion,CreteonOctober 19-21, 2006. Continuing the tradition of previous CMS conferences, we sought a balanced program containing presentations on various aspects of secure c- munication and multimedia systems. Special emphasis was laid on papers with direct practical relevance for the construction of secure communication systems. The selection of the program was a challenging task. In total, we received 76 submissions, from which 22 were selected for presentation as full papers.

This book constitutes the refereed proceedings of the 9th International Conference on Information Security and Cryptology, ICISC 2006, held in Busan, Korea in November/December 2006. The 26 revised full papers cover such topics as hash functions, block and stream ciphers, network security and access control, mobile communications security, forensics, copyright protection, biometrics, public key cryptosystems, and digital signatures.

This book constitutes the thoroughly refereed post-proceedings of the First International Conference on Cryptology in Vietnam, VIETCRYPT 2006, held in Hanoi, Vietnam, September 2006. The 25 papers cover signatures and lightweight cryptography, pairing-based cryptography, algorithmic number theory, ring signatures and group signatures, hash functions, cryptanalysis, key agreement and threshold cryptography, as well as public-key encryption.

The RSA Conference, with over 15,000 attendees and 300 exhibitors, is the largest computer security event of the year. The Cryptographers' Track (CT- RSA) is a research conference within the RSA Conference. Starting in 2001, CT-RSA continues to its seventh year and is now regarded as one of the major regularly staged event for presenting the results of cryptographic research to a wide variety of audiences. The proceedings of CT-RSA 2007 contain 25 papers selected from 73 s- missions which cover all the topics of cryptography. All the submissions were reviewed by at least three reviewers, which was possible by the hard work of 23 Program Committee members and many external reviewers listed in the foll- ing pages. The papers were selected as a result of conscientious discussion. The program includes two invited talks, by Michel Rabin and Andrew Odlyzko. I would like to express my gratitude to the Program Committee members, whowereenthusiasticfromtheverybeginningofthis completedproject.Thanks also to the external reviewers including those who completed urgent reviews during the discussion phase. Special thanks to Shai Halevi for providing and maintaining the Web review system. Finally, I would like to thank Burt Kaliski of RSA Laboratories and the Steering Committee for their suggestions and c- tinuous assistance.

This book constitutes the refereed proceedings of the 10th International Conference on Practice and Theory in Public-Key Cryptography, PKC 2007, held in Beijing, China in April 2007.The 29 revised full papers presented together with two invited lectures are organized in topical sections on signatures, cryptanalysis, protocols, multivariate cryptosystems, encryption, number theoretic techniques, and public-key infrastructure.

The third international conference on Information Security Practice and - perience (ISPEC 2007) was held in Hong Kong, China, May 7 - 9, 2007. The conference was organized and sponsored by City University of Hong Kong. As applications of information security technologies become pervasive, - sues pertaining to their deployment and operation are becoming increasingly important. ISPEC is an annual conference that brings together researchers and practitioners to provide a con?uence of new information security technologies, their applications and their integration with IT systems in various vertical s- tors. In 2005 and 2006,the ?rst and second conferences were held successfully in Singapore and Hangzhou, China, respectively. The conference proceedings were published by Springer in the Lecture Notes in Computer Science series. The Program Committee received 135 submissions, and accepted 24 papers for presentation. The ?nal versions of the accepted papers, which the authors ?nalized on the basis of comments from the reviewers, are included in the p- ceedings.The entire reviewing process tooknine weeks,eachpaper was carefully evaluated by at least three members from the ProgramCommittee. The indiv- ual reviewing phase was followed by a Web-based discussion. Papers over which the reviewers signi?cantly disagreed were further reviewed by external experts. Based on the comments and scores given by reviewers, the ?nal decisions on acceptance were made. We appreciate the hard work of the members of the P- gram Committee and external referees, who gave many hours of their valuable time.

This book constitutes the refereed proceedings of the 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2007, held in Barcelona, Spain in May 2007. The 33 revised full papers address all current foundational, theoretical and research aspects of cryptology, cryptography, and cryptanalysis as well as advanced applications.

These proceedings contain the papers accepted at the 2007 European PKI Workshop: Theory and Practice (EuroPKI 2007), held in Palma de Mallorca, Spain, during June 28-30, and hosted by the Computer Science Department of the University of Balearic Islands (UIB) with the support of the Balearic Islands Government and the Private Law Department at UIB. This year's event was the fourth event in the EuroPKI Workshops series. Previous events of the series were held in: Samos, Greece (2004); Kent, UK (2005); and Turin, Italy, (2006). In response to the call for papers, 77 papers were submitted to this year's workshop, setting a record of the highest number of papers submitted to an EuroPKI event so far and confirming an increased interest in PKI research and in the EuroPKI event. Each paper was reviewed by three members of the Program Committee, and evaluated on the basis of its significance, novelty, technical quality and relevance to the workshop. The paper selection process was very competitive: of the papers submitted, only 21 full papers and 8 short papers were selected for presentation at the workshop and inclusion in this volume.

Pairing-based cryptography is at the very leading edge of the current wave in computer cryptography. That makes this book all the more relevant, being as it is the refereed proceedings of the First International Conference on Pairing-Based Cryptography, Pairing 2007, held in Tokyo, Japan in 2007. The 18 revised full papers presented together were carefully reviewed and selected from 86 submissions. The papers are organized in topical sections including those on applications, and certificateless public key encryption.

This volume constitutes the refereed proceedings of the 27th Annual International Cryptology Conference held in Santa Barbara, California, in August 2007. Thirty-three full papers are presented along with one important invited lecture. The papers address current foundational, theoretical, and research aspects of cryptology, cryptography, and cryptanalysis. In addition, readers will discover many advanced and emerging applications.

This volume constitutes the refereed post-proceedings of the 8th International Workshop on Information Hiding held in Alexandria, Virginia, in July 2006. Twenty-five carefully reviewed full papers are organized into topical sections covering watermarking, information hiding and networking, data hiding in unusual content, fundamentals, software protection, steganalysis, steganography, and subliminal channels.

This book contains the thoroughly refereed post-proceedings of the 14th International Workshop on Fast Software Encryption, FSE 2007, held in Luxembourg, Luxembourg, March 2007. It addresses all current aspects of fast and secure primitives for symmetric cryptology, covering hash function cryptanalysis and design, stream ciphers cryptanalysis, theory, block cipher cryptanalysis, block cipher design, theory of stream ciphers, side channel attacks, and macs and small block ciphers.

This book constitutes the refereed proceedings of the 12th European Symposium on Research in Computer Security, ESORICS 2007, held in Dresden, Germany in September 2007. It features 39 revised full papers. ESORICS is confirmed as the European research event in computer security. It presents original research contributions, case studies and implementation experiences that address any aspect of computer security, in theory, mechanisms, applications, or practical experience.

This book constitutes the thoroughly refereed post-proceedings of the Third International Workshop on Formal Aspects in Security and Trust, FAST 2005, held in Newcastle upon Tyne, UK in July 2005.The 17 revised papers presented together with the extended abstract of 1 invited paper were carefully reviewed and selected from 37 submissions. The papers focus on formal aspects in security and trust policy models, security protocol design and analysis, formal models of trust and reputation, logics for security and trust, distributed trust management systems, trust-based reasoning, digital assets protection, data protection, privacy and ID issues, information flow analysis, language-based security, security and trust aspects in ubiquitous computing, validation/analysis tools, web service security/trust/privacy, GRID security, security risk assessment, and case studies.

This book constitutes the refereed proceedings of the 10th International Conference on Information Security and Cryptology, ICISC 2007, held in Seoul, Korea, November 29-30, 2007. The papers are organized in topical sections on cryptoanalysis, access control, system security, biometrics, cryptographic protocols, hash functions, block and stream ciphers, copyright protection, smart/java cards, elliptic curve cryptosystems as well as authentication and authorization.

ASIACRYPT 2007 was held in Kuching, Sarawak, Malaysia, during December 2-6, 2007. This was the 13th ASIACRYPT conference, and was sponsored by the International Association for Cryptologic Research (IACR), in cooperation with the Information Security Research (iSECURES) Lab of Swinburne University of Technology (Sarawak Campus) and the Sarawak Development Institute (SDI), and was ?nancially supported by the Sarawak Government. The General Chair was Raphael Phan and I had the privilege of serving as the Program Chair. The conference received 223 submissions (from which one submission was withdrawn). Each paper was reviewed by at least three members of the Program Committee, while submissions co-authored by a Program Committee member were reviewed by at least ?ve members. (Each PC member could submit at most one paper.) Many high-quality papers were submitted, but due to the relatively small number which could be accepted, many very good papers had to be rejected. After 11 weeks of reviewing, the Program Committee selected 33 papers for presentation (two papers were merged). The proceedings contain the revised versions of the accepted papers. These revised papers were not subject to editorial review and the authors bear full responsibility for their contents.

This book constitutes the refereed proceedings of the 8th International Conference on Cryptology in India, INDOCRYPT 2007, held in Chennai, India, in December 2007. The papers and three invited lectures were carefully reviewed and selected. The papers are organized in topical sections on hashing, elliptic curve, cryptoanalysis, information theoretic security, elliptic curve cryptography, signature, side channel attack, symmetric cryptosystem, asymmetric cryptosystem, and short papers.

This book constitutes the refereed proceedings of the Third International Conference on Information Systems Security, ICISS 2007, held in Delhi, India, in December 2007. The 18 revised full papers and five short papers presented together with four keynote papers were carefully reviewed and selected. The papers are organized in topical sections on network security, cryptography, architectures and systems, cryptanalysis, protocols, detection and recognition, as well as short papers.

This book constitutes the refereed proceedings of the 11th IMA International Conference on Cryptography and Coding, held in Cirencester, UK in December 2007. The 22 revised full papers presented together with two invited contributions were carefully reviewed and selected from 48 submissions. The papers are organized in topical sections on signatures, boolean functions, block cipher cryptanalysis, side channels, linear complexity, public key encryption, curves, and RSA implementation.

We are glad to present in this volume the proceedings of the ninth edition of Information Hiding (IH 2007). The conference was held in Saint Malo, the C- sairs town, France, during June 11-13, 2007. It was organized by a team of four Frenchpiratessupported by the valuablehelp of the conferenceorganizationcell of INRIA Rennes. Continuing the tradition of the previous editions, we tried to provide a b- anced program covering the di?erent aspects of information hiding. This being said, the selection of the program was a very challenging task. This year, 105 papers from 25 countries were submitted. This was the highest number of s- missions in IH history. We would like to take the opportunity to thank all the authors who submitted a paper to IH 2007 and thus contributed to consolidate the reputation of this conference. Each paper was refereed by at least three reviewers. Since this event was run with a single track, it implied that only 25 papers were accepted for presentation. This unusually low acceptance rate will further promote Information Hiding as the top forum of our community. Although watermarking and steganography still receive most of the interest, new topics emerged during the conference such as the use of Tardos codes for ?ngerprinting and digital forensics. We would like to thank all the members of the Program Committee and all the external reviewers for the enormous e?ort that they put into the reviewing process.

The 11th International Conference on Financial Cryptography and Data Security (FC 2007, http://fc07. ifca. ai), organized by the International Financial Crypt- raphy Association (IFCA, http://www. ifca. ai/), was held in Tobago, February 12-15, 2007. The conference is a well-established and premier international - rum for research, advanced development, education, exploration, and debate - garding security in the context of ?nance and commerce. We continue to cover all aspects of securing transactions and systems, which this year included a range of technical areas such as cryptography, payment systems, anonymity, privacy, - thentication, and commercial and ?nancial transactions. For the ?rst time, there was an adjacent workshop on Usable Security, held after FC 2007 in the same - cation. The papers are included in the last part of this volume. The conference goal was to bring together top cryptographers, data-security specialists, and c- puter scientists with economists, bankers, implementers, and policy makers. The goal was met this year: there were 85 submissions, out of which 17 research papers and 1 system presentation paper were accepted. In addition, the conference featured two distinguished speakers, Mike Bond and Dawn Jutla, and two panel sessions, one on RFID and one on virtual economies. As always, there was the rump session on Tuesday evening, colorful as usual.

These are the proceedings of the Workshop on Sequences, Subsequences, and Consequences that was held at the University of Southern California (USC), May 31 - June 2, 2007. There were three one-hour Keynote lectures, 16 invited talks of up to 45 minutes each, and 1 "e;contributed"e; paper. The theory of sequences from discrete symbol alphabets has found practical applications in many areas of coded communications and in cryptography, - cluding: signal patterns for use in radar and sonar; spectral spreading sequences for CDMA wireless telephony; key streams for direct sequence stream-cipher cryptography; and a variety of forward-error-correctingcodes. The workshopwasdesigned to bring leading researcherson "e;sequences"e;from aroundtheworldtopresenttheirlatestresults,interchangeinformationwithone another, and especially to inform the larger audience of interested participants, includingfaculty,researchers,scholars,andstudentsfromnumerousinstitutions, as well as the readers of these proceedings, about recent developments in this important ?eld. There were invited speakers from Canada, China, Germany, India, Israel, Norway, Puerto Rico, and South Korea, in addition to those from the USA. Support for the workshop was generously provided by the O?ce of the Dean of the Viterbi School of Engineering, by the Center for Communications Research (CCR-La Jolla), and by the United States National Science Foundation (NSF). This support is hereby gratefully acknowledged.

It is our great pleasure to welcome you to the Eighth International Conference on Information and Communications Security (ICICS 2006), held in Raleigh, North Carolina, USA, December 4-7, 2006. The ICICS conference series is an established forum that brings together researchersand scholars involved in m- tiple disciplines of Information and Communications Security in order to foster exchangeof ideas. The past sevenICICS conferences wereheld in Beijing, China (ICICS 1997); Sydney, Australia (ICICS 1999); Xi'an China (ICICS 2001); S- gapore (ICICS 2002); Hohhot City, China (ICICS 2003); Malaga, Spain (ICICS 2004); and Beijing, China (ICICS 2005). The conference proceedings of the past seven events have been published by Springer in the Lecture Notes in Computer Science series, in LNCS1334,LNCS1726,LNCS2229,LNCS 2513,LNCS 2836, LNCS 3269, and LNCS 3783, respectively. This year we received a total of 119 submissions on various aspects of - hoc and sensor network security. The Program Committee selected 22 regular papers and 17 short papers that cover a variety of topics, including security protocols, applied cryptography and cryptanalysis, access control in distributed systems, privacy, malicious code, network and systems security, and security implementations. Putting together ICICS 2006 was a team e?ort. First of all, we would like to thank the authors of every paper, whether accepted or not, for submitting their papers to ICICS 2006. We would like to express our gratitude to the Program Committee members and the external reviewers, who worked very hard in - viewing the papers and providing suggestions for their improvements.