This book constitutes the refereed proceedings of the Cryptographers' Track at the RSA Conference 2009, CT-RSA 2009, held in San Francisco, CA, USA in April 2009.

The 31 revised full papers presented were carefully reviewed and selected from 93 submissions. The papers are organized in topical sections on identity-based encryption, protocol analysis, two-party protocols, more than signatures, collisions for hash functions, cryptanalysis, alternative encryption, privacy and anonymity, efficiency improvements, multi-party protocols, security of encryption schemes as well as countermeasures and faults.

This book constitutes the refereed proceedings of the 11th IMA International Conference on Cryptography and Coding, held in Cirencester, UK in December 2007.

The 22 revised full papers presented together with 2 invited contributions were carefully reviewed and selected from 48 submissions. The papers are organized in topical sections on signatures, boolean functions, block cipher cryptanalysis, side channels, linear complexity, public key encryption, curves, and RSA implementation.

Thesecondinternationalconferenceonprovablesecurity, ProvSec2008, washeld in Shanghai, China, during October 30th - November 1st, 2008. The conference wassponsoredbyShanghaiJiaoTongUniversity(SJTU)incooperationwiththe Chinese Association for Cryptologic Research (CACR) and the Natural Science Foundation of China (NSFC). The aim of ProvSec is to provide a platform for researchers, scholars, and practitionerstoexchangeideasandextendknowledgeonprovablesecurity, which is an important research area in cryptography. The ?rst ProvSec was held in Wollongong, Australia, in 2007. This year, the conference received 79 papers and the program committee selected 25 papers during eight weeks' thorough reviewing process. The authors ofthe selected papersarefrom12 di?erentcountries: Australia, Belgium, China, Estonia, France, Germany, India, Japan, Norway, Singapore, the UK, and the USA. We are grateful to the members of the program committee for their many hours of valuable time and hard work. In addition to the regular conference program, the conference hosted two invited talks: - Kenny Paterson (University of London, Royal Holloway): Non-interactive Key Distribution and Identity-Based Encryption: A Historical Perspective - PhillipRogaway(University ofCalifornia, Davis): BlockcipherModes of- eration: Culture and Counter-Culture in Modern Cryptography. The conference was also one of the special events for the 50th anniversary of the Department of Computer Science at SJTU. We extend our gratitude to all the people involved in organizing ProvSec from the Department of Computer Science and Engineering and the Lab for InformationSecurityofShanghaiJiaoTongUniversity, inparticulartoYuLong, Yanfei Zheng, Meiju Chen, Zhihua Su, and Bo Zhu for their great e?orts in making the conference run smoot

This book constitutes the refereed proceedings of the 13th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2007, held in Kuching, Malaysia, in December 2007. The papers are organized in topical sections on number theory and elliptic curve, protocol, hash function design, group/broadcast cryptography, mac and implementation, multiparty computation, block ciphers, foundation, public key encryption, and cryptanalysis.

On behalf of the IEEE Communications Society, Technical Committee on N- work Operations and Management (CNOM), Manweek 2008 Organizing C- mittee, and members of the IPOM Technical Program Committee, it is our pleasureto present the proceedings of the 8th IEEE Workshop on IP Operations and Management(IPOM 2008),heldaspartofManweek2008duringSeptember 22-26, 2008, on Samos, Greece. ThecurrentInternetisalarge-scaledistributedsystemwhosesub-components suchasaddressing,protocols,algorithms,services,need to scalein time withthe rapid growth of Internet tra?c volumes. Moreover, there is a high level of int- action between di?erent subcomponents of the Internet sometimes in undesired ways - for example, denial of service attacks can jeopardize the operation of a commercial network. With these challenges in place, operations and mana- ment of IP networks have become increasingly important. This necessitates a good understanding of the emerging technical and scienti?c problems in the current Internet, and lessons from such understanding will be particularly - portant for future Internet design and management. Building on the success of the previous events, we wanted IPOM 2008 to focus on network management challenges for the current Internet as well as on future Internet design.

ICITS 2008, the Third InternationalConference on Information Theoretic Se- rity, was held in Calgary, Alberta, Canada, during August 10-13, 2008, at the Universityof Calgary.This seriesof conferences wasstarted with the 2005IEEE InformationTheoryWorkshoponTheoryandPracticein Information-Theoretic Security (ITW 2005, Japan), held on Awaji Island, Japan, October 16-19,2005. The conference series aims at bringing focus to security research when there is no unproven computational assumption on the adversary. This is the fra- work proposed by Claude Shannon in his seminal paper formalizing modern unclassi?ed research on cryptography. Over the last few decades, Shannon's approach to formalizing security has been used in various other areas including authentication, secure communication, key exchange, multiparty computation and information hiding to name a few. Coding theory has also proven to be a powerful tool in the construction of security systems with information theoretic security. Therewere43submitted papers ofwhich14wereaccepted.Eachcontributed paper was reviewed by three members of the Program Committee. In the case of co-authorship by a Program Committee member the paper was reviewed by ?ve members of the committee (no committee member reviewed their own s- mission). In addition to the accepted papers, the conference also included nine invited speakers, whose contributions were not refereed. These proceedings c- tain the acceptedpapers with anyrevisionsrequiredbythe ProgramCommittee as well as the contributions by invited speakers.

The conference Mathematical Methods in Computer Science (MMICS) was held in the memory of Thomas Beth during December 17-19 in Karlsruhe. The c- ference was meant to re?ect the many interests of Thomas Beth. Even though these interests might seem diverse the mathematical methods employed and - pecially algebra as a language were the common denominator of all his scienti?c achievements. The 12 contributed talks reaching from t-designs to integrated circuits were selected from 30 submissions from 14 countries. The contributed talks were complemented by three invited talks. Teo Mora gave a talk on "Decoding Cyclic Codes: The Cooper Philosophy" embracing the areas of coding theory and symbolic computation. These areas were especially appreciated by Thomas Beth, because they combine algebra and algorithmics. Richard Jozsa lectured about "Embedding Classical into Quantum Compu- tion" in the area of quantum information. Quantum information was a focus of research of Tomas Beth since 1993 when he co-organized one of the e- liest workshops on quantum cryptography in Dagstuhl. Quantum information became his passion in 1994 when the connection between the Fourier transf- mation and breaking the RSA crypto system became apparent via Shor's al- rithm, which can factor integers in polynomial time on a quantum computer. The Fourier transform and cryptography were topics that played an important role in Thomas Beth's research and this connection, once again, justi?ed his broad view on computer science.

These are the proceedings of IPTComm 2008 - the Second Conference on Pr- ciples, Systems andApplications ofIP Telecommunications-heldinHeidelberg, Germany, July 1-2, 2008. The scope of the conference included recent advances in the domains of convergent networks, VoIP security and multimedia service environments for next generation networks. The conference attracted 56 s- missions, of which the Program Committee selected 16 papers for publication. The review process followed strict standards: each paper received at least three reviews. We would like to thank all Program Committee members and external reviewers for their contribution to the review process. The conference attracted attendees from academia and industry. Its excellence is re?ected in the quality of the contributed papers and invited talks. Additional industry talks and - plied demonstrations assured a synergy between academic and applied research. We would also like to acknowledge and thank our sponsors, many of whom s- portedtheconferencegenerously: NEC, AT&T, Codenomicon, IPTEGO, EADS, Cellcrypt, MuDynamics, SIP Forum and EURESCOM, Finally, we would like to thank all the researchers and authors from all over the world who submitted their work to the IPTComm 2008 conferenc

This book constitutes the thoroughly refereed post-proceedings of the Fourth International Workshop on Formal Aspects in Security and Trust, FAST 2006, held in Hamilton, Ontario, Canada, August 26-27, 2006.

The 18 revised papers presented were carefully reviewed and selected from 47 submissions. The papers focus of formal aspects in security and trust policy models, security protocol design and analysis, formal models of trust and reputation, logics for security and trust, distributed trust management systems, trust-based reasoning, digital assets protection, data protection, privacy and ID issues, information flow analysis, language-based security, security and trust aspects in ubiquitous computing, validation/analysis tools, web service security/trust/privacy, GRID security, security risk assessment, and case studies.

This book contains the proceedings of the 5th European Public Key Infrastr- ture Workshop: Theory and Practice, EuroPKI 2008, which was held on the NTNU campus Gloshaugen in Trondheim, Norway, in June 2008. The EuroPKI workshop series focuses on all research and practice aspects of public key infrastructures, services and applications, and welcomes original research papers and excellent survey contributions from academia, government, and industry. Simplyput, publickeysareeasiertodistributethansecretkeys.Nevertheless, constructing e?ective, practical, secure and low cost means for assuring auth- ticity and validity of public keys used in large-scale networked services remains both a technological and organizational challenge. In a nutshell, this is the PKI problem, and the papers presented herein propose new solutions and insight for these questions. This volume holds 16 refereedpapers including the presentationpaper by the invited speaker P. Landrock. In response to the EuroPKI 2008 call for papers, a total of 37 paper proposalswere received. All submissions underwenta thorough blind review by at least three PC members, resulting in a careful selection and revision of the accepted papers. The authors came from 10 countries: Belgium, Brazil, Canada, Finland, Germany, Japan, Malaysia, Norway, Spain, and the USA.Theacceptedpaperswereorganizedintothe topicalsessions: InvitedTalk, Certi?cates, Authentication, Practice, Signatures, Analysis, and Networks.

This book contains the best papers of the 4th International Conference on E-business and Telecommunications (ICETE), which was held during July 28-31, 2007 in Barcelona, Spain. The conference reflects a continuing effort to increase the dissemination of recent research results among professionals who work in the areas of e-business and telecommunications. ICETE is a joint international conf- ence integrating four major areas of knowledge that are divided into four cor- sponding conferences: ICE-B (International Conference on e-Business), SECRYPT (International Conference on Security and Cryptography), WINSYS (International Conference on Wireless Information Systems) and SIGMAP (International Conf- ence on Signal Processing and Multimedia). The program of this joint conference included several outstanding keynote lectures presented by internationally renowned distinguished researchers who are experts in the various ICETE areas. Their keynote speeches contributed to the ov- all quality of the program and heightened the significance of the theme of the conference. The conference topic areas define a broad spectrum in the key areas of- business and telecommunications. This wide view has made it appealing to a global audience of engineers, scientists, business practitioners and policy experts. The papers accepted and presented at the conference demonstrated a number of new and innovative solutions for e-business and telecommunication networks and systems, showing that the technical problems in these fields are challenging, related and significant.

This book represents the refereed proceedings of the First International Conference on Pairing-Based Cryptography, Pairing 2007, held in Tokyo, Japan in July 2007.

The 18 revised full papers presented together with 2 abstracts and 3 full papers of invited talks were carefully reviewed and selected from 86 submissions. The papers are organized in topcial sections on applications, certificateless public key encryption, hyperelliptic curves, implementation, cryptographic protocols, cryptanalysis, and cryptographic algorithms.

Many people do not realise that mathematics provides the foundation for the devices we use to handle information in the modern world. Most of those who do know probably think that the parts of mathematics involvedare quite 'cl- sical', such as Fourier analysis and di?erential equations. In fact, a great deal of the mathematical background is part of what used to be called 'pure' ma- ematics, indicating that it was created in order to deal with problems that originated within mathematics itself. It has taken many years for mathema- cians to come to terms with this situation, and some of them are still not entirely happy about it. Thisbookisanintegratedintroductionto Coding.Bythis Imeanreplacing symbolic information, such as a sequence of bits or a message written in a naturallanguage, byanother messageusing (possibly) di?erentsymbols.There are three main reasons for doing this: Economy (data compression), Reliability (correction of errors), and Security (cryptography). I have tried to cover each of these three areas in su?cient depth so that the reader can grasp the basic problems and go on to more advanced study. The mathematical theory is introduced in a way that enables the basic problems to bestatedcarefully, butwithoutunnecessaryabstraction.Theprerequisites(sets andfunctions, matrices, ?niteprobability)shouldbefamiliartoanyonewhohas taken a standard course in mathematical methods or discrete mathematics. A course in elementary abstract algebra and/or number theory would be helpful, but the book contains the essential facts, and readers without this background should be able to understand what is going on. vi Thereareafewplaceswherereferenceismadetocomputeralgebrasystems.

The Pairing 2008 Conference was held at Royal Holloway, University of London during September 1-3, 2008. This conference followed on from the Pairing in Cryptography workshop (held in Dublin, Ireland on June 12-15, 2005) and the Pairing 2007 conference (held in Tokyo, Japan on July 2-4, 2007, with proce- ings published in Springer's LNCS 4575). The aim of this series of conferences is to bring together leading researchers and practitioners from academia and industry, all concerned with problems related to pairing-based cryptography. The programme consisted of 3 invited talks and 20 contributed papers. The invitedspeakerswereXavierBoyen(VoltageSecurity, USA), FlorianHess(Te- nical University Berlin, Germany) and Nigel Smart (University of Bristol, UK). Special thanks are due to these speakers, all three of whom provided papers which are included in these proceedings. The contributed talks were selected from ?fty submissions. The accepted papers cover a range of topics in mathematics and computer science, including hardwareand softwareimplementation of pairings, cryptographicprotocols, and mathematical aspects and applications of pairings. We would like to thank all the people who helped with the conference p- gramme and organisation. First, we thank the Steering Committee for their guidance and suggestions. We also heartily thank the Programme Committee and the sub-reviewers listed on the following pages for their thoroughness d- ing the review process. Each paper was reviewed by at least three people and there was signi?cant online discussion about a number of papers.

FastSoftwareEncryption(FSE)isthe15thinaseriesofworkshopsonsymmetric cryptography. It is sponsored by the International Association for Cryptologic Research(IACR), andpreviousFSEworkshopshavebeenheldaroundtheworld: 1993 Cambridge, UK 1994 Leuven, Belgium 1996 Cambridge, UK 1997 Haifa, Israel 1998 Paris, France 1999 Rome, Italy 2000 New York, USA 2001 Yokohama, Japan 2002 Leuven, Belgium 2003 Lund, Sweden 2004 New Delhi, India 2005 Paris, France 2006 Graz, Austria 2007 Luxembourg, Luxembourg The FSE workshop is devoted to the foreground research on fast and secure primitivesforsymmetriccryptography, includingthedesignandanalysisofblock ciphers, stream ciphers, encryption schemes, analysis and evaluation tools, hash functions, and message authentication codes. This year 72 papers were submitted to FSE including a large number of hi- quality and focused submissions, from which 26 papers for regular presentation and 4 papers for short presentation were selected. I wish to thank the authors of all submissions for their scienti?c contribution to the workshop. The workshop also featured an invited talk by Lars R. Knudsen with the title "Hash functions and SHA-3." The traditional rump session with short informal presentations on current topics was organized and chaired by Daniel J. Bernstein. EachsubmissionwasreviewedbyatleastthreeProgramCommitteemembers. Each submission originating from the Program Committee received at least ?ve reviews.The?nalselectionwasmadeafterathoroughdiscussion.Iwishtothank all ProgramCommittee members and referees for their generouswork.I am also gratefulto ThomasBaign eresformaintainingandcustomizingthe iChair review management software, which o?ered an excellent support for the demanding reviewing task. I would also like to thank him for setting up a beautiful and informative website and for compiling the pre-proceedings.

These proceedings contain the papers selected for presentation at the 13th European Symposium on Research in Computer Security--ESORICS 2008--held October 6-8, 2008 in Torremolinos (Malaga), Spain, and hosted by the University of Malaga, C- puter Science Department. ESORICS has become the European research event in computer security. The symposium started in 1990 and has been organized on alternate years in different European countries. From 2002 it has taken place yearly. It attracts an international audience from both the academic and industrial communities. In response to the call for papers, 168 papers were submitted to the symposium. These papers were evaluated on the basis of their significance, novelty, and technical quality. Each paper was reviewed by at least three members of the Program Comm- tee. The Program Committee meeting was held electronically, holding intensive d- cussion over a period of two weeks. Finally, 37 papers were selected for presentation at the symposium, giving an acceptance rate of 22%.

The AFRICACRYPT 2008 conference was held during June 11-14, 2008 in Casablanca, Morocco. Upon the initiative of the organizers from the Ecole n- male sup erieure in Casablanca, this event was the ?rst international research conference in Africa dedicated to cryptography. The conference was honored by the presence of the invited speakers Bruce Schneier, Jacques Stern, and Alexander W. Dent who gave talks entitled "The Psychology of Security" "Modern Cryptography: A Historical Perspective" and "ABriefHistoryofProvably-SecurePublic-KeyEncryption,"respectively.These proceedings include papers by Bruce Schneier and by Alexander Dent. The conference received 82 submissions on November 24, 2007. They went through a careful doubly anonymous review process. This was run by the iChair software written by Thomas Baign eres and Matthieu Finiasz. Every paper - ceived at least three review reports. After this period, 25 papers were accepted on February 12, 2008. Authors then had the opportunity to update their papers until March 13, 2008. The present proceedings include all the revised papers. At the end of the review process, the paper entitled "An Authentication Protocol with Encrypted Biometric Data" written by Julien Bringer and Herv e Chabanne was elected to receive the Africacrypt 2008 Best Paper Award. I had the privilege to chair the Program Committee. I would like to thank all committee members for their tough work on the submissions, as well as all externalreviewersfortheirsupport.IalsothankmyassistantThomasBaign eres formaintainingtheserverandhelpingmetorunthesoftware.Ithanktheinvited speakers, the authors of the best paper, the authors of all submissions. They all contributed to the success of the conference."

This book constitutes the thoroughly refereed post-proceedings of the 10th International Conference on Financial Cryptography and Data Security, FC 2006, held in Anguilla, British West Indies in February/March 2006. The 19 revised full papers and six revised short papers presented were carefully reviewed and selected from 64 submissions. The papers are organized in topical sections.

This book constitutes the refereed proceedings of the 20th Annual Working Conference on Data and Applications Security held in Sophia Antipolis, France, in July/August 2006.

The 22 revised full papers presented were carefully reviewed and selected from 56 submissions. The papers present theory, technique, applications, and practical experience of data and application security covering a number of diverse research topics such as access control, privacy, and identity management.

This book constitutes the refereed proceedings of the Third International Information Security Practice and Experience Conference, ISPEC 2007, held in Hong Kong, China in May 2007.

The 24 revised full papers presented together with 2 invited papers were carefully reviewed and selected from 135 submissions. The papers are organized in topical sections on cryptanalysis, signatures, network security and security management, privacy and applications, cryptographic algorithms and implementations, authentication and key management, as well as cryptosystems.

This book constitutes the thoroughly refereed post-proceedings of the 13th International Workshop on Fast Software Encryption, FSE 2006, held in Graz, Austria in March 2006.

The 27 revised full papers presented were carefully reviewed and selected from more than 100 submissions. The papers address all current aspects of fast and secure primitives for symmetric cryptology and they are organized in topical sections on stream ciphers, block ciphers, hash functions, analysis, proposals, modes and models, as well as implementation and bounds.

This book constitutes the refereed proceedings of the Fourth VLDB 2007 International Workshop on Secure Data Management, SDM 2007, held in Vienna, Austria, September 23-24, 2007 in conjunction with VLDB 2007.

The 11 revised full papers presented were carefully reviewed and selected from 29 submissions. The papers are organized in topical sections on Access Control, Database Security, Privacy Protection and Positon Papers.

This book constitutes the thoroughly refereed post-proceedings of the Third International Workshop on Formal Aspects in Security and Trust, FAST 2005, held in Newcastle upon Tyne, UK in July 2005.

The 17 revised papers presented together with the extended abstract of 1 invited paper were carefully reviewed and selected from 37 submissions. The papers focus on formal aspects in security and trust policy models, security protocol design and analysis, formal models of trust and reputation, logics for security and trust, distributed trust management systems, trust-based reasoning, digital assets protection, data protection, privacy and ID issues, information flow analysis, language-based security, security and trust aspects in ubiquitous computing, validation/analysis tools, web service security/trust/privacy, GRID security, security risk assessment, and case studies.

Negli ultimi decenni il rapido sviluppo delle tecnologie IT ha influito in maniera determinante nella vita dell'uomo, trasformando, spesso inconsapevolmente il suo lavoro, le sue abitudini, il suo modo di interagire con il mondo che lo circonda. Il fenomeno della "globalizzazione" dei mercati e solo una delle trasformazioni che l'intero pianeta sta attraversando. Anche se i vantaggi derivanti dall'utilizzo delle moderne tecnologie di comunicazione ci facilitano nel lavoro e nella attivita ludiche e personali, molte sono le perplessita e i dubbi che attanagliano tutti coloro che le utilizzano. Se l'Information Technology rappresenta il "combustibile" indispensabile per la sopravvivenza delle aziende e delle attivita dell'uomo, nel contempo puo generare problematicita di grande rilievo. Il testo tratta alcune delle problematiche che destano preoccupazioni rilevanti nel mondo intero come il consumo energetico dei sistemi informatici (incontrollabili e inquinanti), il problema della garanzia della privacy e dell'integrita dei dati su Internet, l'utilizzo della rete Internet come strumento di controllo delle masse, la possibile sparizione degli attuali sistemi operativi che potranno essere sostituiti dal sistema operativo Web Operating System."

Since the mid 1990s, data hiding has been proposed as an enabling technology for securing multimedia communication, and is now used in various applications including broadcast monitoring, movie fingerprinting, steganography, video indexing and retrieval, and image authentication. Data hiding and cryptographic techniques are often combined to complement each other, thus triggering the development of a new research field of multimedia security. Besides, two related disciplines, steganalysis and data forensics, are increasingly attracting researchers and becoming another new research field of multimedia security. This journal, LNCS Transactions on Data Hiding and Multimedia Security, aims to be a forum for all researchers in these emerging fields, publishing both original and archival research results.

This second issue contains five papers dealing with a wide range of topics related to multimedia security. The first paper introduces Fingercasting, which allows joint fingerprinting and decryption of broadcast messages. The second paper presents an estimation attack on content-based video fingerprinting. The third proposes a statistics and spatiality-based feature distance measure for error resilient image authentication. The fourth paper reports on LTSB steganalysis. Finally, the fifth paper surveys various blind and robust watermarking schemes for 3D shapes.