Sebastian Pape discusses two different scenarios for authentication. On the one hand, users cannot trust their devices and nevertheless want to be able to do secure authentication. On the other hand, users may not want to be tracked while their service provider does not want them to share their credentials. Many users may not be able to determine whether their device is trustworthy, i.e. it might contain malware. One solution is to use visual cryptography for authentication. The author generalizes this concept to human decipherable encryption schemes and establishes a relationship to CAPTCHAS. He proposes a new security model and presents the first visual encryption scheme which makes use of noise to complicate the adversary's task. To prevent service providers from keeping their users under surveillance, anonymous credentials may be used. However, sometimes it is desirable to prevent the users from sharing their credentials. The author compares existing approaches based on non-transferable anonymous credentials and proposes an approach which combines biometrics and smartcards.

Recently, cryptology problems, such as designing good cryptographic systems and analyzing them, have been challenging researchers. Many algorithms that take advantage of approaches based on computational intelligence techniques, such as genetic algorithms, genetic programming, and so on, have been proposed to solve these issues. Implementing Computational Intelligence Techniques for Security Systems Design is an essential research book that explores the application of computational intelligence and other advanced techniques in information security, which will contribute to a better understanding of the factors that influence successful security systems design. Featuring a range of topics such as encryption, self-healing systems, and cyber fraud, this book is ideal for security analysts, IT specialists, computer engineers, software developers, technologists, academicians, researchers, practitioners, and students.

This book constitutes the refereed post-proceedings of the 10th Workshop on RFID Security and Privacy, RFIDSec 2014, held in Oxford, UK, in 2014. The 9 revised full papers and 4 short papers presented in this volume were carefully reviewed and selected from 27 submissions. The papers deal with topics such as RFID power-efficiency, privacy, authentication and side channels, and key exchange.

Neal Koblitz is a co-inventor of one of the two most popular forms of encryption and digital signature, and his autobiographical memoirs are collected in this volume. Besides his own personal career in mathematics and cryptography, Koblitz details his travels to the Soviet Union, Latin America, Vietnam and elsewhere; political activism; and academic controversies relating to math education, the C. P. Snow "two-culture" problem, and mistreatment of women in academia. These engaging stories fully capture the experiences of a student and later a scientist caught up in the tumultuous events of his generation.

This book constitutes the thoroughly refereed post- conference proceedings of the Ninth International Conference on Risks and Security of Internet Systems, CRiSIS 2014, held in Trento, Italy, in August 2014. The 13 full papers and 6 short papers presented were selected from 48 submissions. They explore risks and security issues in Internet applications, networks and systems covering topics such as trust, security risks and threats, intrusion detection and prevention, access control and security modeling.

This book constitutes the proceedings of the 19th Nordic Conference on Secure IT Systems, held in Tromso, Norway, in October 2014. The 15 full papers presented in this volume were carefully reviewed and selected from 42 submissions. They are organized in topical sections named: information management and data privacy; cloud, big data and virtualization security; network security and logging; attacks and defenses; and security in healthcare and biometrics. The volume also contains one full-paper invited talk.

The First A4Cloud Summer School has been one of the first events in the area of accountability and security in the cloud. It was organized by the EU-funded A4Cloud project, in collaboration with the European projects CIRRUS, Coco Cloud, CUMULUS, and SPECS. Cloud computing is a key technology that is being adopted progressively by companies and users across different application domains and industries. Yet, there are emerging issues such as security, privacy, and data protection. The 13 contributions included in this volume cover the state of the art and provide research insights into the following topics: accountability in the cloud; privacy and transparency in the cloud; empirical approaches for the cloud; socio-legal aspects of the cloud; cloud standards; and the accountability glossary of terms and definitions.

The two-volume set LNCS 9014 and LNCS 9015 constitutes the refereed proceedings of the 12th International Conference on Theory of Cryptography, TCC 2015, held in Warsaw, Poland in March 2015. The 52 revised full papers presented were carefully reviewed and selected from 137 submissions. The papers are organized in topical sections on foundations, symmetric key, multiparty computation, concurrent and resettable security, non-malleable codes and tampering, privacy amplification, encryption an key exchange, pseudorandom functions and applications, proofs and verifiable computation, differential privacy, functional encryption, obfuscation.

The two-volume set LNCS 9014 and LNCS 9015 constitutes the refereed proceedings of the 12th International Conference on Theory of Cryptography, TCC 2015, held in Warsaw, Poland in March 2015. The 52 revised full papers presented were carefully reviewed and selected from 137 submissions. The papers are organized in topical sections on foundations, symmetric key, multiparty computation, concurrent and resettable security, non-malleable codes and tampering, privacy amplification, encryption an key exchange, pseudorandom functions and applications, proofs and verifiable computation, differential privacy, functional encryption, obfuscation.

This book describes the fundamentals of cryptographic primitives based on quasi-cyclic low-density parity-check (QC-LDPC) codes, with a special focus on the use of these codes in public-key cryptosystems derived from the McEliece and Niederreiter schemes. In the first part of the book, the main characteristics of QC-LDPC codes are reviewed, and several techniques for their design are presented, while tools for assessing the error correction performance of these codes are also described. Some families of QC-LDPC codes that are best suited for use in cryptography are also presented. The second part of the book focuses on the McEliece and Niederreiter cryptosystems, both in their original forms and in some subsequent variants. The applicability of QC-LDPC codes in these frameworks is investigated by means of theoretical analyses and numerical tools, in order to assess their benefits and drawbacks in terms of system efficiency and security. Several examples of QC-LDPC code-based public key cryptosystems are presented, and their advantages over classical solutions are highlighted. The possibility of also using QC-LDPC codes in symmetric encryption schemes and digital signature algorithms is also briefly examined.

Hacker extraordinaire, Kevin Mitnick delivers the explosive encore to his bestselling "The Art of Deception". Kevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In his bestselling "The Art of Deception", Mitnick presented fictionalized case studies that illustrated how savvy computer crackers use "social engineering" to compromise even the most technically secure computer systems. Now, in his new book, Mitnick goes one step further, offering hair raising stories of real life computer break ins and showing how the victims could have prevented them. Mitnick's reputation within the hacker community gave him unique credibility with the perpetrators of these crimes, who freely shared their stories with him and whose exploits Mitnick now reveals in detail for the first time, including: a group of friends who won nearly a million dollars in Las Vegas by reverse engineering slot machines; two teenagers who were persuaded by terrorists to hack into the Lockheed Martin computer systems; two convicts who joined forces to become hackers inside a Texas prison; and, a "Robin Hood" hacker who penetrated the computer systems of many prominent companies and then told them how he gained access. With riveting "you are there" descriptions of real computer break ins, indispensable tips on countermeasures security professionals need to implement now, and Mitnick's own acerbic commentary on the crimes he describes, this book is sure to reach a wide audience and attract the attention of both law enforcement agencies and the media.

Describes Information Hiding in communication networks, and highlights their important issues, challenges, trends, and applications. * Highlights development trends and potential future directions of Information Hiding * Introduces a new classification and taxonomy for modern data hiding techniques * Presents different types of network steganography mechanisms * Introduces several example applications of information hiding in communication networks including some recent covert communication techniques in popular Internet services

This book gives a detailed overview of SIP specific security issues and how to solve them

While the standards and products for VoIP and SIP services have reached market maturity, security and regulatory aspects of such services are still being discussed. SIP itself specifies only a basic set of security mechanisms that cover a subset of possible security issues. In this book, the authors survey important aspects of securing SIP-based services. This encompasses a description of the problems themselves and the standards-based solutions for such problems. Where a standards-based solution has not been defined, the alternatives are discussed and the benefits and constraints of the different solutions are highlighted.

"Key Features" Will help the readers to understand the actual problems of using and developing VoIP services, and to distinguish between real problems and the general hype of VoIP securityDiscusses key aspects of SIP security including authentication, integrity, confidentiality, non-repudiation and signallingAssesses the real security issues facing users of SIP, and details the latest theoretical and practical solutions to SIP Security issuesCovers secure SIP access, inter-provider secure communication, media security, security of the IMS infrastructures as well as VoIP services vulnerabilities and countermeasures against Denial-of-Service attacks and VoIP spam

This book will be of interest to IT staff involved in deploying and developing VoIP, service users of SIP, network engineers, designers and managers. Advanced undergraduate and graduate students studying data/voice/multimedia communications as well as researchers in academia and industry will also find this book valuable.

Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code for Unix® (including Linux®) and Windows® environments. This essential code companion covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering.