The three volume-set, LNCS 10991, LNCS 10992, and LNCS 10993, constitutes the refereed proceedings of the 38th Annual International Cryptology Conference, CRYPTO 2018, held in Santa Barbara, CA, USA, in August 2018. The 79 revised full papers presented were carefully reviewed and selected from 351 submissions. The papers are organized in the following topical sections: secure messaging; implementations and physical attacks prevention; authenticated and format-preserving encryption; cryptoanalysis; searchable encryption and differential privacy; secret sharing; encryption; symmetric cryptography; proofs of work and proofs of stake; proof tools; key exchange; symmetric cryptoanalysis; hashes and random oracles; trapdoor functions; round optimal MPC; foundations; lattices; lattice-based ZK; efficient MPC; quantum cryptography; MPC; garbling; information-theoretic MPC; oblivious transfer; non-malleable codes; zero knowledge; and obfuscation.

This book constitutes the refereed proceedings of the 14th International Conference on Information Security Practice and Experience, ISPEC 2018, held in Tokyo, Japan, in September 2018. The 39 papers presented in this volume were carefully reviewed and selected from 73 submissions. They were organized in topical sections named: system security; public key cryptography; searchable and functional encryption; post-quantum signature schemas; security protocols; network security; authentication; side-channel attacks; security for cyber-physical systems; security in mobile environment; secure computation and data privacy; and cryptographic protocols.

This book examines different aspects of network security metrics and their application to enterprise networks. One of the most pertinent issues in securing mission-critical computing networks is the lack of effective security metrics which this book discusses in detail. Since "you cannot improve what you cannot measure", a network security metric is essential to evaluating the relative effectiveness of potential network security solutions. The authors start by examining the limitations of existing solutions and standards on security metrics, such as CVSS and attack surface, which typically focus on known vulnerabilities in individual software products or systems. The first few chapters of this book describe different approaches to fusing individual metric values obtained from CVSS scores into an overall measure of network security using attack graphs. Since CVSS scores are only available for previously known vulnerabilities, such approaches do not consider the threat of unknown attacks exploiting the so-called zero day vulnerabilities. Therefore, several chapters of this book are dedicated to develop network security metrics especially designed for dealing with zero day attacks where the challenge is that little or no prior knowledge is available about the exploited vulnerabilities, and thus most existing methodologies for designing security metrics are no longer effective. Finally, the authors examine several issues on the application of network security metrics at the enterprise level. Specifically, a chapter presents a suite of security metrics organized along several dimensions for measuring and visualizing different aspects of the enterprise cyber security risk, and the last chapter presents a novel metric for measuring the operational effectiveness of the cyber security operations center (CSOC). Security researchers who work on network security or security analytics related areas seeking new research topics, as well as security practitioners including network administrators and security architects who are looking for state of the art approaches to hardening their networks, will find this book helpful as a reference. Advanced-level students studying computer science and engineering will find this book useful as a secondary text.

The two-volume set, LNCS 11098 and LNCS 11099 constitutes the refereed proceedings of the 23nd European Symposium on Research in Computer Security, ESORICS 2018, held in Barcelona, Spain, in September 2018. The 56 revised full papers presented were carefully reviewed and selected from 283 submissions. The papers address issues such as software security, blockchain and machine learning, hardware security, attacks, malware and vulnerabilities, protocol security, privacy, CPS and IoT security, mobile security, database and web security, cloud security, applied crypto, multi-party computation, SDN security.

Computers and computer networks are one of the most incredible inventions of the 20th century, having an ever-expanding role in our daily lives by enabling complex human activities in areas such as entertainment, education, and commerce. One of the most challenging problems in computer science for the 21st century is to improve the design of distributed systems where computing devices have to work together as a team to achieve common goals. In this book, I have tried to gently introduce the general reader to some of the most fundamental issues and classical results of computer science underlying the design of algorithms for distributed systems, so that the reader can get a feel of the nature of this exciting and fascinating field called distributed computing. The book will appeal to the educated layperson and requires no computer-related background. I strongly suspect that also most computer-knowledgeable readers will be able to learn something new.

This book focuses on techniques that can be applied at the physical and data-link layers of communication systems in order to secure transmissions against eavesdroppers. It discusses topics ranging from information theory-based security to coding for security and cryptography, and presents cutting-edge research and innovative findings from leading researchers. The characteristic feature of all the contributions in this book is their relevance for the practical application of security principles to a variety of widely used communication techniques, including: multiantenna systems, ultra-wide-band communication systems, power line communications, and quantum key distribution techniques. A further distinctive aspect is the attention paid to both unconditional and computational security techniques, building a bridge between two usually distinct worlds. The book gathers extended versions of contributions delivered at the Second Workshop on Communication Security, held in Paris, France, in April 2017 and affiliated with the conference EUROCRYPT 2017.

This book constitutes the proceedings of the 11th International Conference on Security and Cryptography for Networks, SCN 2018, held in Amalfi, Italy, in September 2018.The 30 papers presented in this volume were carefully reviewed and selected from 66 submissions. They are organized in topical sections on signatures and watermarking; composability; encryption; multiparty computation; anonymity and zero knowledge; secret sharing and oblivious transfer; lattices and post quantum cryptography; obfuscation; two-party computation; and protocols.

This book constitutes the refereed proceedings of the 13th International Workshop on Security, IWSEC 2018, held in Sendai, Japan, in September 2018. The 18 regular papers and 2 short papers presented in this volume were carefully reviewed and selected from 64 submissions. They were organized in topical sections named: Cryptanalysis, Implementation Security, Public-Key Primitives, Security in Practice, Secret Sharing, Symmetric-Key Primitives, and Provable Security.

This book offers a comprehensive overview of fading and shadowing in wireless channels. A number of statistical models including simple, hybrid, compound and cascaded ones are presented along with a detailed discussion of diversity techniques employed to mitigate the effects of fading and shadowing. The effects of co-channel interference before and after the implementation of diversity are also analyzed. To facilitate easy understanding of the models and the analysis, the background on probability and random variables is presented with relevant derivations of densities of the sums, products, ratios as well as order statistics of random variables. The book also provides material on digital modems of interest in wireless systems. The updated edition expands the background materials on probability by offering sections on Laplace and Mellin transforms, parameter estimation, statistical testing and receiver operating characteristics. Newer models for fading, shadowing and shadowed fading are included along with the analysis of diversity combining algorithms. In addition, this edition contains a new chapter on Cognitive Radio. Based on the response from readers of the First Edition, detailed Matlab scripts used in the preparation of this edition are provided. Wherever necessary, Maple scripts used are also provided.

This open access book constitutes the thoroughly refereed proceedings of the First International ISCIS Security Workshop 2018, Euro-CYBERSEC 2018, held in London, UK, in February 2018. The 12 full papers presented together with an overview paper were carefully reviewed and selected from 31 submissions. Security of distributed interconnected systems, software systems, and the Internet of Things has become a crucial aspect of the performance of computer systems. The papers deal with these issues, with a specific focus on societally critical systems such as health informatics systems, the Internet of Things, energy systems, digital cities, digital economy, mobile networks, and the underlying physical and network infrastructures.

This book constitutes the refereed proceedings of the 32nd Annual IFIP WG 11.3 International Working Conference on Data and Applications Security and Privacy, DBSec 2018, held in Bergamo, Italy, in July 2018. The 16 full papers and 5 short papers presented were carefully reviewed and selected from 50 submissions. The papers present high-quality original research from academia, industry, and government on theoretical and practical aspects of information security. They are organized in topical sections on administration, access control policies, privacy-preserving access and computation, integrity and user interaction, security analysis and private evaluation, fixing vulnerabilities, and networked systems.

This book provides a survey on different kinds of Feistel ciphers, with their definitions and mathematical/computational properties. Feistel ciphers are widely used in cryptography in order to obtain pseudorandom permutations and secret-key block ciphers. In Part 1, we describe Feistel ciphers and their variants. We also give a brief story of these ciphers and basic security results. In Part 2, we describe generic attacks on Feistel ciphers. In Part 3, we give results on DES and specific Feistel ciphers. Part 4 is devoted to improved security results. We also give results on indifferentiability and indistinguishability.

This book is offers a comprehensive overview of information theory and error control coding, using a different approach then in existed literature. The chapters are organized according to the Shannon system model, where one block affects the others. A relatively brief theoretical introduction is provided at the beginning of every chapter, including a few additional examples and explanations, but without any proofs. And a short overview of some aspects of abstract algebra is given at the end of the corresponding chapters. The characteristic complex examples with a lot of illustrations and tables are chosen to provide detailed insights into the nature of the problem. Some limiting cases are presented to illustrate the connections with the theoretical bounds. The numerical values are carefully selected to provide in-depth explanations of the described algorithms. Although the examples in the different chapters can be considered separately, they are mutually connected and the conclusions for one considered problem relate to the others in the book.

This book focuses on the application and development of information geometric methods in the analysis, classification and retrieval of images and signals. It provides introductory chapters to help those new to information geometry and applies the theory to several applications. This area has developed rapidly over recent years, propelled by the major theoretical developments in information geometry, efficient data and image acquisition and the desire to process and interpret large databases of digital information. The book addresses both the transfer of methodology to practitioners involved in database analysis and in its efficient computational implementation.

This book provides an overview of current Intellectual Property (IP) based System-on-Chip (SoC) design methodology and highlights how security of IP can be compromised at various stages in the overall SoC design-fabrication-deployment cycle. Readers will gain a comprehensive understanding of the security vulnerabilities of different types of IPs. This book would enable readers to overcome these vulnerabilities through an efficient combination of proactive countermeasures and design-for-security solutions, as well as a wide variety of IP security and trust assessment and validation techniques. This book serves as a single-source of reference for system designers and practitioners for designing secure, reliable and trustworthy SoCs.

This book constitutes the refereed proceedings of the Second International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2018, held in Beer-Sheva, Israel, in June 2018. The 16 full and 6 short papers presented in this volume were carefully reviewed and selected from 44 submissions. They deal with the theory, design, analysis, implementation, or application of cyber security, cryptography and machine learning systems and networks, and conceptually innovative topics in the scope.

This book constitutes the revised selected papers of the scientific satellite events that were held in conjunction with the 15th International Conference on Service-Oriented Computing, ICSOC 2017, held in Malaga, Spain, in November 2017. The ICSOC 2017 workshop track consisted of three workshops on a wide range of topics that fall into the general area of service computing: ASOCA 2017: The Second Workshop on Adaptive Service-Oriented and Cloud Applications ISyCC 2016: The Second Workshop on IoT Systems Provisioning and Management in Cloud Computing WESOACS 2017: The 13th International Workshop on Engineering Service-Oriented Applications and Cloud Services

This is the first book on digital fingerprinting that comprehensively covers the major areas of study in a range of information security areas including authentication schemes, intrusion detection, forensic analysis and more. Available techniques for assurance are limited and authentication schemes are potentially vulnerable to the theft of digital tokens or secrets. Intrusion detection can be thwarted by spoofing or impersonating devices, and forensic analysis is incapable of demonstrably tying a particular device to specific digital evidence. This book presents an innovative and effective approach that addresses these concerns. This book introduces the origins and scientific underpinnings of digital fingerprinting. It also proposes a unified framework for digital fingerprinting, evaluates methodologies and includes examples and case studies. The last chapter of this book covers the future directions of digital fingerprinting. This book is designed for practitioners and researchers working in the security field and military. Advanced-level students focused on computer science and engineering will find this book beneficial as secondary textbook or reference.

This book aims at presenting the field of Quantum Information Theory in an intuitive, didactic and self-contained way, taking into account several multidisciplinary aspects. Therefore, this books is particularly suited to students and researchers willing to grasp fundamental concepts in Quantum Computation and Quantum Information areas. The field of Quantum Information Theory has increased significantly over the last three decades. Many results from classical information theory were translated and extended to a scenario where quantum effects become important. Most of the results in this area allows for an asymptotically small probability of error to represent and transmit information efficiently. Claude E.Shannon was the first scientist to realize that error-free classical information transmission can be accomplished under certain conditions. More recently, the concept of error-free classical communication was translated to the quantum context. The so-called Quantum Zero-Error Information Theory completes and extends the Shannon Zero-Error Information Theory.

A quorum system is a collection of subsets of nodes, called quorums, with the property that each pair of quorums have a non-empty intersection. Quorum systems are the key mathematical abstraction for ensuring consistency in fault-tolerant and highly available distributed computing. Critical for many applications since the early days of distributed computing, quorum systems have evolved from simple majorities of a set of processes to complex hierarchical collections of sets, tailored for general adversarial structures. The initial non-empty intersection property has been refined many times to account for, e.g., stronger (Byzantine) adversarial model, latency considerations or better availability. This monograph is an overview of the evolution and refinement of quorum systems, with emphasis on their role in two fundamental applications: distributed read/write storage and consensus. Table of Contents: Introduction / Preliminaries / Classical Quorum Systems / Classical Quorum-Based Emulations / Byzantine Quorum Systems / Latency-efficient Quorum Systems / Probabilistic Quorum Systems

This book constitutes the refereed proceedings of the Cryptographer's Track at the RSA Conference 2018, CT-RSA 2018, held in San Francisco, CA, USA, in March 2018.The 26 papers presented in this volume were carefully reviewed and selected from 79 submissions. CT-RSA is the track devoted to scientific papers on cryptography, public-key to symmetric-key cryptography and from crypto- graphic protocols to primitives and their implementation security.

This book presents methods to improve information security for protected communication. It combines and applies interdisciplinary scientific engineering concepts, including cryptography, chaos theory, nonlinear and singular optics, radio-electronics and self-changing artificial systems. It also introduces additional ways to improve information security using optical vortices as information carriers and self-controlled nonlinearity, with nonlinearity playing a key "evolving" role. The proposed solutions allow the universal phenomenon of deterministic chaos to be discussed in the context of information security problems on the basis of examples of both electronic and optical systems. Further, the book presents the vortex detector and communication systems and describes mathematical models of the chaos oscillator as a coder in the synchronous chaotic communication and appropriate decoders, demonstrating their efficiency both analytically and experimentally. Lastly it discusses the cryptologic features of analyzed systems and suggests a series of new structures for confident communication.

This book describes trends in email scams and offers tools and techniques to identify such trends. It also describes automated countermeasures based on an understanding of the type of persuasive methods used by scammers. It reviews both consumer-facing scams and enterprise scams, describing in-depth case studies relating to Craigslist scams and Business Email Compromise Scams. This book provides a good starting point for practitioners, decision makers and researchers in that it includes alternatives and complementary tools to the currently deployed email security tools, with a focus on understanding the metrics of scams. Both professionals working in security and advanced-level students interested in privacy or applications of computer science will find this book a useful reference.

The two-volume set LNCS 10769 and 10770 constitutes the refereed proceedings of the 21st IACR International Conference on the Practice and Theory of Public-Key Cryptography, PKC 2018, held in Rio de Janeiro, Brazil, in March 2018. The 49 revised papers presented were carefully reviewed and selected from 186 submissions. They are organized in topical sections such as Key-Dependent-Message and Selective-Opening Security; Searchable and Fully Homomorphic Encryption; Public-Key Encryption; Encryption with Bad Randomness; Subversion Resistance; Cryptanalysis; Composable Security; Oblivious Transfer; Multiparty Computation; Signatures; Structure-Preserving Signatures; Functional Encryption; Foundations; Obfuscation-Based Cryptographic Constructions; Protocols; Blockchain; Zero-Knowledge; Lattices.

The two-volume set LNCS 10769 and 10770 constitutes the refereed proceedings of the 21st IACR International Conference on the Practice and Theory of Public-Key Cryptography, PKC 2018, held in Rio de Janeiro, Brazil, in March 2018. The 49 revised papers presented were carefully reviewed and selected from 186 submissions. They are organized in topical sections such as Key-Dependent-Message and Selective-Opening Security; Searchable and Fully Homomorphic Encryption; Public-Key Encryption; Encryption with Bad Randomness; Subversion Resistance; Cryptanalysis; Composable Security; Oblivious Transfer; Multiparty Computation; Signatures; Structure-Preserving Signatures; Functional Encryption; Foundations; Obfuscation-Based Cryptographic Constructions; Protocols; Blockchain; Zero-Knowledge; Lattices.