This book constitutes the refereed proceedings of the 6th International Conference on Trust and Trustworthy Computing, TRUST 2013, held in London, UK, in June 2013. There is a technical and a socio-economic track. The full papers presented, 14 and 5 respectively, were carefully reviewed from 39 in the technical track and 14 in the socio-economic track. Also included are 5 abstracts describing ongoing research. On the technical track the papers deal with issues such as key management, hypervisor usage, information flow analysis, trust in network measurement, random number generators, case studies that evaluate trust-based methods in practice, simulation environments for trusted platform modules, trust in applications running on mobile devices, trust across platform. Papers on the socio-economic track investigated, how trust is managed and perceived in online environments, and how the disclosure of personal data is perceived; and some papers probed trust issues across generations of users and for groups with special needs.

This book constitutes the refereed proceedings of the 5th International Workshop on Post-Quantum Cryptography, PQCrypto 2013, held in Limoges, France, in June 2013. The 17 revised full papers presented were carefully reviewed and selected from 24 submissions. The papers cover all technical aspects of cryptographic research related to the future world with large quantum computers such as code-based cryptography, lattice-based cryptography, multivariate cryptography, cryptanalysis or implementations.

This book constitutes the proceedings of the 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2013, held in Athens, Greece, in May 2013. The 41 full papers included in this volume were carefully reviewed and selected from 201 submissions. They deal with cryptanalysis of hash functions, side-channel attacks, number theory, lattices, public key encryption, digital signatures, homomorphic cryptography, quantum cryptography, storage, tools, and secure computation.

The two-volume set, LNCS 8712 and LNCS 8713 constitutes the refereed proceedings of the 19th European Symposium on Research in Computer Security, ESORICS 2014, held in Wroclaw, Poland, in September 2014 The 58 revised full papers presented were carefully reviewed and selected from 234 submissions. The papers address issues such as cryptography, formal methods and theory of security, security services, intrusion/anomaly detection and malware mitigation, security in hardware, systems security, network security, database and storage security, software and application security, human and societal aspects of security and privacy.

Research Directions in Data and Applications Security describes original research results and innovative practical developments, all focused on maintaining security and privacy in database systems and applications that pervade cyberspace. The areas of coverage include: -Role-Based Access Control; -Database Security; -XML Security; -Data Mining and Inference; -Multimedia System Security; -Network Security; -Public Key Infrastructure; -Formal Methods and Protocols; -Security and Privacy.

This book constitutes the refereed proceedings of the 16th International Conference on Practice and Theory in Public-Key Cryptography, PKC 2013, held in Nara, Japan, in February/March 2013. The 28 papers presented together with 2 invited talks were carefully reviewed and selected from numerous submissions. The papers are organized in the following topical sections: homomorphic encryption, primitives, functional encryption/signatures, RSA, IBE and IPE, key exchange, signature schemes, encryption, and protocols.

This book constitutes the refereed proceedings of the 10th VLDB Workshop on Secure Data Management held in Trento, Italy, on August 30, 2013. The 15 revised full papers and one keynote paper presented were carefully reviewed and selected from various submissions. The papers are organized in technical papers and 10 vision papers which address key challenges in secure data management and indicate interesting research questions.

The two-volume set LNCS 8269 and 8270 constitutes the refereed proceedings of the 19th International Conference on the Theory and Application of Cryptology and Information, Asiacrypt 2013, held in Bengaluru, India, in December 2013. The 54 revised full papers presented were carefully selected from 269 submissions. They are organized in topical sections named: zero-knowledge, algebraic cryptography, theoretical cryptography, protocols, symmetric key cryptanalysis, symmetric key cryptology: schemes and analysis, side-channel cryptanalysis, message authentication codes, signatures, cryptography based upon physical assumptions, multi-party computation, cryptographic primitives, analysis, cryptanalysis and passwords, leakage-resilient cryptography, two-party computation, hash functions.

This book constitutes the thoroughly refereed post-conference proceedings of the workshop on Usable Security, USEC 2012, and the third Workshop on Ethics in Computer Security Research, WECSR 2012, held in conjunction with the 16th International Conference on Financial Cryptology and Data Security, FC 2012, in Kralendijk, Bonaire. The 13 revised full papers presented were carefully selected from numerous submissions and cover all aspects of data security. The goal of the USEC workshop was to engage on all aspects of human factors and usability in the context of security. The goal of the WECSR workshop was to continue searching for a new path in computer security that is Institutional review boards at academic institutions, as well as compatible with ethical guidelines for societies at government institutions.

Cryptographic access control (CAC) is an approach to securing data by encrypting it with a key, so that only the users in possession of the correct key are able to decrypt the data and/or perform further encryptions. Applications of cryptographic access control will benefit companies, governments and the military where structured access to information is essential. The purpose of this book is to highlight the need for adaptability in cryptographic access control schemes that are geared for dynamic environments, such as the Internet. Adaptive Cryptographic Access Control presents the challenges of designing hierarchical cryptographic key management algorithms to implement Adaptive Access Control in dynamic environments and suggest solutions that will overcome these challenges. Adaptive Cryptographic Access Control is a cutting-edge book focusing specifically on this topic in relation to security and cryptographic access control. Both the theoretical and practical aspects and approaches of cryptographic access control are introduced in this book. Case studies and examples are provided throughout this book.

This book constitutes the proceedings of the 9th Workshop on RFID Security and Privacy, RFIDsec 2013, held in Graz, Austria, in July 2013. The 11 papers presented in this volume were carefully reviewed and selected from 23 submissions. RFIDsec deals with topics of importance to improving the security and privacy of RFID, NFC, contactless technologies, and the Internet of Things. RFIDsec bridges the gap between cryptographic researchers and RFID developers.

Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats was developed by a group of leading researchers. It describes the fundamental challenges facing the research community and identifies new promising solution paths. Moving Target Defense which is motivated by the asymmetric costs borne by cyber defenders takes an advantage afforded to attackers and reverses it to advantage defenders. Moving Target Defense is enabled by technical trends in recent years, including virtualization and workload migration on commodity systems, widespread and redundant network connectivity, instruction set and address space layout randomization, just-in-time compilers, among other techniques. However, many challenging research problems remain to be solved, such as the security of virtualization infrastructures, secure and resilient techniques to move systems within a virtualized environment, automatic diversification techniques, automated ways to dynamically change and manage the configurations of systems and networks, quantification of security improvement, potential degradation and more. Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats is designed for advanced -level students and researchers focused on computer science, and as a secondary text book or reference. Professionals working in this field will also find this book valuable.

In System-on-Chip Architectures and Implementations for Private-Key Data Encryption, new generic silicon architectures for the DES and Rijndael symmetric key encryption algorithms are presented. The generic architectures can be utilised to rapidly and effortlessly generate system-on-chip cores, which support numerous application requirements, most importantly, different modes of operation and encryption and decryption capabilities. In addition, efficient silicon SHA-1, SHA-2 and HMAC hash algorithm architectures are described. A single-chip Internet Protocol Security (IPSec) architecture is also presented that comprises a generic Rijndael design and a highly efficient HMAC-SHA-1 implementation. In the opinion of the authors, highly efficient hardware implementations of cryptographic algorithms are provided in this book. However, these are not hard-fast solutions. The aim of the book is to provide an excellent guide to the design and development process involved in the translation from encryption algorithm to silicon chip implementation.

This book constitutes the refereed proceedings of the 6th International Conference on the Theory and Application of Cryptographic Techniques in Africa, AFRICACRYPT 2013, held in Cairo, Egypt, in June 2013. The 26 papers presented were carefully reviewed and selected from 77 submissions. They cover the following topics: secret-key and public-key cryptography and cryptanalysis, efficient implementation, cryptographic protocols, design of cryptographic schemes, security proofs, foundations and complexity theory, information theory, multi-party computation, elliptic curves, and lattices.

This book constitutes the refereed proceedings of the 32nd Annual International Cryptology Conference, CRYPTO 2012, held in Santa Barbara, CA, USA, in August 2012. The 48 revised full papers presented were carefully reviewed and selected from 225 submissions. The volume also contains the abstracts of two invited talks. The papers are organized in topical sections on symmetric cryptosystems, secure computation, attribute-based and functional encryption, proofs systems, protocols, hash functions, composable security, privacy, leakage and side-channels, signatures, implementation analysis, black-box separation, cryptanalysis, quantum cryptography, and key encapsulation and one-way functions.

This book constitutes the refereed proceedings of the 12 th International Symposium on Privacy Enhancing Technologies, PET 2012, held in Vigo, Spain, in July 2012. The 16 full papers presented were carefully selected from 72 submissions. Topics addressed include anonymization of statistics, content, and traffic, network traffic analysis, censorship-resistant systems, user profiling, training users in privacy risk management, and privacy of internet and cloud-bases services. A further highlight is the HotPETS session, designed as a venue to present existing but still preliminary and evolving ideas.

This book constitutes the thoroughly refereed conference proceedings of the 14th International Conference on Information Security and Cryptology, held in Seoul, Korea, in November/December 2011. The 32 revised full papers presented were carefully selected from 126 submissions during two rounds of reviewing. The conference provides a forum for the presentation of new results in research, development, and applications in the field of information security and cryptology. The papers are organized in topical sections on hash function, side channel analysis, public key cryptography, network and mobile security, digital signature, cryptanalysis, efficient implementation, cryptographic application, and cryptographic protocol.

This book constitutes the refereed proceedings of the 10th International Conference on Applied Cryptography and Network Security, ACNS 2012, held in Singapore, in June 2012. The 33 revised full papers included in this volume were carefully reviewed and selected from 192 submissions. They are organized in topical sessions on authentication, key management, block ciphers, identity-based cryptography, cryptographic primitives, cryptanalysis, side channel attacks, network security, Web security, security and privacy in social networks, security and privacy in RFID systems, security and privacy in cloud systems, and security and privacy in smart grids.

This volume presents the refereed proceedings of the 7th International ICST Conference on Security and Privacy in Communication Networks, SecureComm 2011, held in London, UK, in September 2011. The 35 revised papers included in the volume were carefully reviewed and selected from numerous submissions. Topics covered include network intrusion detection; anonymity and privacy; wireless security; system security; DNS and routing security; and key management.

This book contains the revised selected papers of the Second Workshop on Real-Life Cryptographic Protocols and Standardization, RLCPS 2011, and the Second Workshop on Ethics in Computer Security Research, WECSR 2011, held in conjunction with the 15th International Conference on Financial Cryptography and Data Security, FC 2010, in Rodney Bay, St. Lucia, in February/March 2011. The 16 revised papers presented were carefully reviewed and selected from numerous submissions. The papers cover topics ranging from anonymity and privacy, authentication and identification, biometrics, commercial cryptographic, digital cash and payment systems, infrastructure design, management and operations, to security economics and trust management.

This book constitutes the refereed proceedings of the 17th Australasian Conference on Information Security and Privacy, ACISP 2012, held in Wollongong, Australia, in July 2012. The 30 revised full papers presented together with 5 short papers were carefully reviewed and selected from 89 submissions. The papers are organized in topical sections on fundamentals; cryptanalysis; message authentication codes and hash functions; public key cryptography; digital signatures; identity-based and attribute-based cryptography; lattice-based cryptography; lightweight cryptography.

This book constitutes the thoroughly refereed post-conference proceedings of the 11th International Conference on Smart Card Research and Advanced Applications, CARDIS 2012, held in Graz, Austria, in November 2012. The 18 revised full papers presented together with an invited talk were carefully reviewed and selected from 48 submissions. The papers are organized in topical sections on Java card security, protocols, side-channel attacks, implementations, and implementations for resource-constrained devices.

Using the quantum properties of single photons to exchange binary keys between two partners for subsequent encryption of secret data is an absolutely novel technology. Only a few years ago quantum cryptography or better: quantum key distribution (QKD) was the domain of basic research laboratories at universities. But during the last few years things changed. QKD left the laboratories and was picked up by more practical oriented teams that worked hard to develop a practically applicable technology out of the astonishing results of basic research.

One major milestone towards a QKD technology was a large research and development project funded by the European Commission that aimed at combining quantum physics with complementary technologies that are necessary to create a technical solution: electronics, software, and network components were added within the project SECOQC (Development of a Global Network for Secure Communication based on Quantum Cryptography) that teamed up all expertise on European level to get a technology for future encryption.

The practical application of QKD in a standard optical fibre network was demonstrated October 2008 in Vienna, giving a glimpse of the future of secure communication. Although many steps have still to be done in order to achieve a real mature technology, the corner stone for future secure communication is already laid.

QKD will not be the Holy Grail of security, it will not be able to solve all problems for evermore. But QKD has the potential to replace one of the weakest parts of symmetric encryption: the exchange of the key. It can be proven that the key exchange process cannot be corrupted and that keys that are generated and exchanged quantum cryptographically will be secure for ever (as long as some additional conditions are kept).

This book will show the state of the art of Quantum Cryptography and it will sketch how it can be implemented in standard communication infrastructure. The growing vulnerability of sensitive data requires new concepts and QKD will be a possible solution to overcome some of today s limitations."

This book constitutes the refereed proceedings of three workshops colocated with NETWORKING 2012, held in Prague, Czech Republic, in May 2012: the Workshop on Economics and Technologies for Inter-Carrier Services (ETICS 2012), the Workshop on Future Heterogeneous Network (HetsNets 2012), and the Workshop on Computing in Networks (CompNets 2012). The 21 revised full papers presented were carefully reviewed and selected from numerous submissions. The papers cover a wide range of topics addressing the main research efforts in the fields of network management, quality of services, heterogeneous networks, and analysis or modeling of networks.

Cloud storage is an important service of cloud computing, which offers service for data owners to host their data in the cloud. This new paradigm of data hosting and data access services introduces two major security concerns. The first is the protection of data integrity. Data owners may not fully trust the cloud server and worry that data stored in the cloud could be corrupted or even removed. The second is data access control. Data owners may worry that some dishonest servers provide data access to users that are not permitted for profit gain and thus they can no longer rely on the servers for access control. To protect the data integrity in the cloud, an efficient and secure dynamic auditing protocol is introduced, which can support dynamic auditing and batch auditing. To ensure the data security in the cloud, two efficient and secure data access control schemes are introduced in this brief: ABAC for Single-authority Systems and DAC-MACS for Multi-authority Systems. While Ciphertext-Policy Attribute-based Encryption (CP-ABE) is a promising technique for access control of encrypted data, the existing schemes cannot be directly applied to data access control for cloud storage systems because of the attribute revocation problem. To solve the attribute revocation problem, new Revocable CP-ABE methods are proposed in both ABAC and DAC-MACS.