This book constitutes the refereed proceedings of the Cryptographer's Track at the RSA Conference 2016, CT-RSA 2016, held in San Francisco, CA, USA, in February/March 2016. The 26 papers presented in this volume were carefully reviewed and selected from 76 submissions. The focus of the track is on following subjects: secure key exchange schemes, authenticated encryption, searchable symmetric encryption, digital signatures with new functionality, secure multi party computation, how to verify procedures, side-channel attacks on elliptic curve cryptography, hardware attacks and security, structure-preserving signatures, lattice cryptography, cryptanalysis of symmetric key encryption, message authentication code and PRF-security, and security of public key encryption.

This book provides a comprehensive introduction to advanced topics in the computational and algorithmic aspects of number theory, focusing on applications in cryptography. Readers will learn to develop fast algorithms, including quantum algorithms, to solve various classic and modern number theoretic problems. Key problems include prime number generation, primality testing, integer factorization, discrete logarithms, elliptic curve arithmetic, conjecture and numerical verification. The author discusses quantum algorithms for solving the Integer Factorization Problem (IFP), the Discrete Logarithm Problem (DLP), and the Elliptic Curve Discrete Logarithm Problem (ECDLP) and for attacking IFP, DLP and ECDLP based cryptographic systems. Chapters also cover various other quantum algorithms for Pell's equation, principal ideal, unit group, class group, Gauss sums, prime counting function, Riemann's hypothesis and the BSD conjecture. Quantum Computational Number Theory is self-contained and intended to be used either as a graduate text in computing, communications and mathematics, or as a basic reference in the related fields. Number theorists, cryptographers and professionals working in quantum computing, cryptography and network security will find this book a valuable asset.

The two-volume set LNCS 9614 and 9615 constitutes the refereed proceedings of the 19th IACR International Conference on the Practice and Theory in Public-Key Cryptography, PKC 2016, held in Taipei, Taiwan, in March 2016. The 34 revised papers presented were carefully reviewed and selected from 143 submissions. They are organized in topical sections named: CCA security, functional encryption, identity-based encryption, signatures, cryptanalysis, leakage-resilient and circularly secure encryption, protocols, and primitives.

The two-volume set LNCS 9614 and 9615 constitutes the refereed proceedings of the 19th IACR International Conference on the Practice and Theory in Public-Key Cryptography, PKC 2016, held in Taipei, Taiwan, in March 2016. The 34 revised papers presented were carefully reviewed and selected from 143 submissions. They are organized in topical sections named: CCA security, functional encryption, identity-based encryption, signatures, cryptanalysis, leakage-resilient and circularly secure encryption, protocols, and primitives.

The two-volume set LNCS 9562 and LNCS 9563 constitutes the refereedproceedings of the 13th International Conference on Theory ofCryptography, TCC 2016, held in Tel Aviv, Israel, in January 2016. The 45 revised full papers presented were carefully reviewed andselected from 112 submissions. The papers are organized in topicalsections on obfuscation, differential privacy, LWR and LPN, public key encryption, signatures, and VRF, complexity of cryptographic primitives, multiparty computation, zero knowledge and PCP, oblivious RAM, ABE and IBE, and codes and interactive proofs. The volume also includes an invited talk on cryptographic assumptions.

Cryptography has experienced rapid development, with major advances recently in both secret and public key ciphers, cryptographic hash functions, cryptographic algorithms and multiparty protocols, including their software engineering correctness verification, and various methods of cryptanalysis. This textbook introduces the reader to these areas, offering an understanding of the essential, most important, and most interesting ideas, based on the authors' teaching and research experience. After introducing the basic mathematical and computational complexity concepts, and some historical context, including the story of Enigma, the authors explain symmetric and asymmetric cryptography, electronic signatures and hash functions, PGP systems, public key infrastructures, cryptographic protocols, and applications in network security. In each case the text presents the key technologies, algorithms, and protocols, along with methods of design and analysis, while the content is characterized by a visual style and all algorithms are presented in readable pseudocode or using simple graphics and diagrams. The book is suitable for undergraduate and graduate courses in computer science and engineering, particularly in the area of networking, and it is also a suitable reference text for self-study by practitioners and researchers. The authors assume only basic elementary mathematical experience, the text covers the foundational mathematics and computational complexity theory.

This SpringerBrief examines the technology of email privacy encryption from its origins to its theoretical and practical details. It explains the challenges in standardization, usability, and trust that interfere with the user experience for software protection. Chapters address the origins of email encryption and why email encryption is rarely used despite the myriad of its benefits -- benefits that cannot be obtained in any other way. The construction of a secure message and its entwining with public key technology are covered. Other chapters address both independent standards for secure email and how they work. The final chapters include a discussion of getting started with encrypted email and how to live with it. Written by an expert in software security and computer tools, Encrypted Email: The History and Technology of Message Privacy is designed for researchers and professionals working in email security and encryption. Advanced-level students interested in security and networks will also find the content valuable.

This book provides a template with step-by-step instructions on how to respond and recover when hackers get into your SCADA system and cause building equipment to act erratically or fail completely. When hackers shut off the water, turn off the building power, disable the sewage effluent pumps and activate the fire alarm, you have to do something quick. It is even more alarming that hackers can do all those things at the same time-even from the other side of the planet. Not every equipment failure or power outage is a cyber-physical attack. When your building is attacked, you probably won't suspect it was a hacker-until you see a pattern. The building control system (BCS) will act "squirrelly" and you will know-it really is a cyber-physical attack. Once a cyber-physical attack occurs, it can mean years of court cases, job losses, higher insurance rates, and maybe even criminal litigation. It also takes years to overcome the loss of safety credibility to your employees and the local community. Cyber-Physical Attack Recovery Procedures provides a detailed guide to taking the right steps ahead of time, and equipping your facility and employees with the training, knowledge, and tools they need and may save lives. The book contains: A one-of-a-kind action plan describing how hackers attack building equipment, the extent of damage possible, and how to respond when a cyber-physical attack occurs. Detailed descriptions of cyber-physical attacks directed against SCADA systems or building controls, as well as cyber booby traps Invaluable appendices, including: Emergency Procedures, Team Staffing and Tasking, Alternate Site Procedures, a Documentation List, Software and Hardware Inventories, Vendor Contact Lists, External Support Agreements, and much more. What you'll learn Possible ways hackers can cause building equipment to fail. How to quickly assess the threat to his facilities in real time, how to stop a cyber-physical attack. How to restore equipment operation without doing any more damage. Who This Book Is For Architects, Engineers, Building Managers, Students, Researchers and Consultants interested in cybersecurity-attacks against facilities in the real world. Also for IT professionals getting involved in cybersecurity responsibilities.

This book presents two practical physical attacks. It shows how attackers can reveal the secret key of symmetric as well as asymmetric cryptographic algorithms based on these attacks, and presents countermeasures on the software and the hardware level that can help to prevent them in the future. Though their theory has been known for several years now, since neither attack has yet been successfully implemented in practice, they have generally not been considered a serious threat. In short, their physical attack complexity has been overestimated and the implied security threat has been underestimated. First, the book introduces the photonic side channel, which offers not only temporal resolution, but also the highest possible spatial resolution. Due to the high cost of its initial implementation, it has not been taken seriously. The work shows both simple and differential photonic side channel analyses. Then, it presents a fault attack against pairing-based cryptography. Due to the need for at least two independent precise faults in a single pairing computation, it has not been taken seriously either. Based on these two attacks, the book demonstrates that the assessment of physical attack complexity is error-prone, and as such cryptography should not rely on it. Cryptographic technologies have to be protected against all physical attacks, whether they have already been successfully implemented or not. The development of countermeasures does not require the successful execution of an attack but can already be carried out as soon as the principle of a side channel or a fault attack is sufficiently understood.

This book constitutes the refereed proceedings of three workshops held at the 19th International Conference on Financial Cryptography and Data Security, FC 2015, in San Juan, Puerto Rico, in January 2015. The 22 full papers presented were carefully reviewed and selected from 39 submissions. They feature the outcome of the Second Workshop on Bitcoin Research, BITCOIN 2015, the Third Workshop on Encrypted Computing and Applied Homomorphic Cryptography, WAHC 2015, and the First Workshop on Wearable Security and Privacy, Wearable 2015.

Lattice-based cryptography is the use of conjectured hard problems on point lattices in Rn as the foundation for secure cryptographic systems. Attractive features of lattice cryptography include apparent resistance to quantum attacks (in contrast with most number-theoretic cryptography), high asymptotic efficiency and parallelism, security under worst-case intractability assumptions, and solutions to long-standing open problems in cryptography. This monograph surveys most of the major developments in lattice cryptography over the past ten years. The main focus is on the foundational short integer solution (SIS) and learning with errors (LWE) problems (and their more efficient ring-based variants), their provable hardness assuming the worst-case intractability of standard lattice problems, and their many cryptographic applications.

This book constitutes the thoroughly refereed post-conference proceedings of the 22nd International Workshop on Fast Software Encryption, held in Istanbul, Turkey, March 8-11, 2015. The 28 revised full papers presented were carefully reviewed and selected from 71 initial submissions. The papers are organized in topical sections on block cipher cryptanalysis; understanding attacks; implementation issues; more block cipher cryptanalysis; cryptanalysis of authenticated encryption schemes; proofs; design; lightweight; cryptanalysis of hash functions and stream ciphers; and mass surveillance.

This book investigates tradeoff between security and usability in designing leakage resilient password systems (LRP) and introduces two practical LRP systems named Cover Pad and ShadowKey. It demonstrates that existing LRP systems are subject to both brute force attacks and statistical attacks and that these attacks cannot be effectively mitigated without sacrificing the usability of LRP systems. Quantitative analysis proves that a secure LRP system in practical settings imposes a considerable amount of cognitive workload unless certain secure channels are involved. The book introduces a secure and practical LRP system, named Cover Pad, for password entry on touch-screen mobile devices. Cover Pad leverages a temporary secure channel between a user and a touch screen which can be easily realized by placing a hand shielding gesture on the touch screen. The temporary secure channel is used to deliver a hidden message to the user for transforming each password symbol before entering it on the touch screen. A user study shows the impact of these testing conditions on the users' performance in practice. Finally, this book introduces a new LRP system named ShadowKey. Shadow Key is designed to achieve better usability for leakage resilient password entry. It leverages either a permanent secure channel, which naturally exists between a user and the display unit of certain mobile devices, or a temporary secure channel, which can be easily realized between a user and a touch screen with a hand-shielding gesture. The secure channel protects the mappings between original password symbols and associated random symbols. Unlike previous LRP system users, Shadow Key users do not need to remember anything except their passwords. Leakage Resilient Password Systems is designed for professionals working in the security industry. Advanced-level students studying computer science and electrical engineering will find this brief full of useful material.