ACNS2009, the7thInternationalConferenceonAppliedCryptographyandN- work Security, was held in Paris-Rocquencourt, France, June 2-5, 2009. ACNS 2009 was organized by the Ecole Normale Sup erieure (ENS), the French - tional Center for Scienti?c Research (CNRS), and the French National Institute for Researchin Computer Science andControl(INRIA), in cooperationwith the InternationalAssociation for CryptologicResearch(IACR). The General Chairs of the conference were Pierre-Alain Fouque and Damien Vergnaud. Theconferencereceived150submissionsandeachsubmissionwasassignedto at least three committee members. Submissions co-authored by members of the Program Committee were assigned to at least four committee members. Due to thelargenumber ofhigh-qualitysubmissions, thereviewprocesswaschallenging andwearedeeplygratefulto the committeemembersandthe externalreviewers for their outstanding work. After meticulous deliberation, the Program C- mittee, which was chaired by Michel Abdalla and David Pointcheval, selected 32 submissions for presentation in the academic track and these are the articles that are included in this volume. Additionally, a few other submissions were selected for presentation in the non-archival industrial track. The best student paper was awarded to Ayman Jarrous for his paper "Secure Hamming Distance Based Computation and Its Applications," co-authoredwith Benny Pinkas. The review process was run using the iChair software, written by Thomas Baigneres and Matthieu Finiasz from EPFL, LASEC, Switzerland and we are indebted to them for letting us use their software. The programalso included four invited talks in addition to the academicand industrial tracks."

The biennial International Workshop on Coding and Cryptology (IWCC) aims to bring together many of the world's greatest minds in coding and crypt- ogy to share ideas and exchange knowledge related to advancements in c- ing and cryptology, amidst an informal setting conducive for interaction and collaboration. It is well known that fascinating connections exist between coding and cr- tology. Therefore this workshop series was organized to facilitate a fruitful - teraction and stimulating discourse among experts from these two areas. The inaugural IWCC was held at Wuyi Mountain, Fujian Province, China, during June 11-15, 2007 and attracted over 80 participants. Following this s- cess, the second IWCC was held June 1-5, 2009 at Zhangjiajie, Hunan Province, China. Zhangjiajie is one of the most scenic areas in China. The proceedings of this workshop consist of 21 technical papers, covering a wide range of topics in coding and cryptology, as well as related ?elds such as combinatorics. All papers, except one, are contributed by the invited speakers of the workshop and each paper has been carefully reviewed. We are grateful to the external reviewers for their help, which has greatly strengthened the quality of the proceedings. IWCC 2009 was co-organizedby the National University of Defense Techn- ogy (NUDT), China and Nanyang Technological University (NTU), Singapore. We acknowledge with gratitude the ?nancial support from NUDT. We wouldliketo expressourthanks to Springer formaking it possible forthe proceedings to be published in the Lecture Notes in Computer Science series.

This book constitutes the proceedings of the Second International Conference on Cryptology in Africa, AFRICACRYPT 2009, held in Gammarth, Tunisia, on June 21-25, 2009.

The 25 papers presented together with one invited talk were carefully reviewed and selected from 70 submissions. The topics covered are hash functions, block ciphers, asymmetric encryption, digital signatures, asymmetric encryption and anonymity, key agreement protocols, cryptographic protocols, efficient implementations, and implementation attacks.

This book constitutes the thoroughly refereed post-conference proceedings of the 4th International Conference on Information Security and Cryptology, Inscrypt 2008, held in Beijing, China, in December 2008.

The 28 revised full papers presented together with 3 invited talks were carefully reviewed and selected from 183 submissions. The papers are organized in topical sections on digital signature and signcryption schemes, privacy and anonymity, message authentication code and hash function, secure protocols, symmetric cryptography, certificateless cryptography, hardware implementation and side channel attack, wireless network security, public key and identity based cryptography, access control and network security, as well as trusted computing and applications.

This book constitutes the refereed proceedings of the Cryptographers' Track at the RSA Conference 2009, CT-RSA 2009, held in San Francisco, CA, USA in April 2009.

The 31 revised full papers presented were carefully reviewed and selected from 93 submissions. The papers are organized in topical sections on identity-based encryption, protocol analysis, two-party protocols, more than signatures, collisions for hash functions, cryptanalysis, alternative encryption, privacy and anonymity, efficiency improvements, multi-party protocols, security of encryption schemes as well as countermeasures and faults.

This book constitutes the refereed proceedings of the 11th International Conference on Information Security and Cryptology, ICISC 2008, held in Seoul, Korea, during December 3-5, 2008.

The 26 revised full papers presented have gone through two rounds of reviewing and improvement and were carefully selected from 131 submissions. The papers are organized in topical sections on public key encryption, key management and secret sharing, privacy and digital rights, digital signature and voting, side channel attack, hash and mac, primitives and foundations, as well as block and stream ciphers.

TCC 2009, the 6th Theory of Cryptography Conference, was held in San Fr- cisco, CA, USA, March 15-17, 2009. TCC 2009 was sponsored by the Inter- tional Association for Cryptologic Research (IACR) and was organized in - operation with the Applied Crypto Group at Stanford University. The General Chair of the conference was Dan Boneh. The conference received 109 submissions, of which the Program Comm- tee selected 33 for presentation at the conference. These proceedings consist of revised versions of those 33 papers. The revisions were not reviewed, and the authors bear full responsibility for the contents of their papers. The conference program also included two invited talks: "The Di?erential Privacy Frontier," given by Cynthia Dwork and "Some Recent Progress in Lattice-Based Crypt- raphy," given by Chris Peikert. I thank the Steering Committee of TCC for entrusting me with the resp- sibility for the TCC 2009 program. I thank the authors of submitted papers for their contributions. The general impression of the Program Committee is that the submissions were of very high quality, and there were many more papers we wanted to accept than we could. The review process was therefore very - warding but the selection was very delicate and challenging. I am grateful for the dedication, thoroughness, and expertise ofthe ProgramCommittee. Obse- ing the way the members of the committee operated makes me as con?dent as possible of the outcome of our selection process.

This book constitutes the refereed proceedings of the 9th International Conference on Cryptology in India, INDOCRYPT 2008, held in Kharagpur, India, in December 2008.

The 33 revised full papers were carefully reviewed and selected from 111 submissions. The papers are organized in topical sections on stream ciphers, cryptographic hash functions, public-key cryptography, security protocols, hardware attacks, block ciphers, cryptographic hardware, elliptic curve cryptography, and threshold cryptography.

This textbook is a concise introduction to the basic toolbox of structures that allow efficient organization and retrieval of data, key algorithms for problems on graphs, and generic techniques for modeling, understanding, and solving algorithmic problems. The authors aim for a balance between simplicity and efficiency, between theory and practice, and between classical results and the forefront of research. Individual chapters cover arrays and linked lists, hash tables and associative arrays, sorting and selection, priority queues, sorted sequences, graph representation, graph traversal, shortest paths, minimum spanning trees, optimization, collective communication and computation, and load balancing. The authors also discuss important issues such as algorithm engineering, memory hierarchies, algorithm libraries, and certifying algorithms. Moving beyond the sequential algorithms and data structures of the earlier related title, this book takes into account the paradigm shift towards the parallel processing required to solve modern performance-critical applications and how this impacts on the teaching of algorithms. The book is suitable for undergraduate and graduate students and professionals familiar with programming and basic mathematical language. Most chapters have the same basic structure: the authors discuss a problem as it occurs in a real-life situation, they illustrate the most important applications, and then they introduce simple solutions as informally as possible and as formally as necessary so the reader really understands the issues at hand. As they move to more advanced and optional issues, their approach gradually leads to a more mathematical treatment, including theorems and proofs. The book includes many examples, pictures, informal explanations, and exercises, and the implementation notes introduce clean, efficient implementations in languages such as C++ and Java.

Illustrating the power of algorithms, Algorithmic Cryptanalysis describes algorithmic methods with cryptographically relevant examples. Focusing on both private- and public-key cryptographic algorithms, it presents each algorithm either as a textual description, in pseudo-code, or in a C code program. Divided into three parts, the book begins with a short introduction to cryptography and a background chapter on elementary number theory and algebra. It then moves on to algorithms, with each chapter in this section dedicated to a single topic and often illustrated with simple cryptographic applications. The final part addresses more sophisticated cryptographic applications, including LFSR-based stream ciphers and index calculus methods. Accounting for the impact of current computer architectures, this book explores the algorithmic and implementation aspects of cryptanalysis methods. It can serve as a handbook of algorithmic methods for cryptographers as well as a textbook for undergraduate and graduate courses on cryptanalysis and cryptography.

Since the mid 1990s, data hiding has been proposed as an enabling technology for securing multimedia communication, and is now used in various applications including broadcast monitoring, movie fingerprinting, steganography, video indexing and retrieval, and image authentication. Data hiding and cryptographic techniques are often combined to complement each other, thus triggering the development of a new research field of multimedia security. Besides, two related disciplines, steganalysis and data forensics, are increasingly attracting researchers and becoming another new research field of multimedia security. This journal, LNCS Transactions on Data Hiding and Multimedia Security, aims to be a forum for all researchers in these emerging fields, publishing both original and archival research results.

This third issue contains five contributions in the areas of steganography and digital watermarking. The first two papers deal with the security of steganographic systems; the third paper presents a novel image steganographic scheme. Finally, this volume includes two papers that focus on digital watermarking and data hiding. The fourth paper introduces and analyzes a new covert channel and the fifth contribution analyzes the performance of additive attacks against quantization-based data hiding methods.

This book constitutes the refereed proceedings of the three international workshops PAISI 2008, PACCF 2008, and SOCO 2008, held as satellite events of the IEEE International Conference on Intelligence and Security Informatics, ISI 2008, in Taipei, Taiwan, in June 2008.

The 55 revised full papers presented were carefully reviewed and selected from the presentations at the workshops. The 21 papers of the Pacific Asia Workshop on Intelligence and Security Informatics (PAISI 2008) cover topics such as information retrieval and event detection, internet security and cybercrime, currency and data protection, cryptography, image and video analysis, privacy issues, social networks, modeling and visualization, and network intrusion detection. The Pacific Asia Workshop on Cybercrime and Computer Forensics (PACCF 2008) furnishes 10 papers about forensic information management, forensic technologies, and forensic principles and tools. The 24 papers of the Workshop on Social Computing (SOCO 2008) are organized in topical sections on social web and social information management, social networks and agent-based modeling, as well as social opinions, e-commerce, security and privacy considerations.

The AFRICACRYPT 2008 conference was held during June 11-14, 2008 in Casablanca, Morocco. Upon the initiative of the organizers from the Ecole n- male sup erieure in Casablanca, this event was the ?rst international research conference in Africa dedicated to cryptography. The conference was honored by the presence of the invited speakers Bruce Schneier, Jacques Stern, and Alexander W. Dent who gave talks entitled "The Psychology of Security" "Modern Cryptography: A Historical Perspective" and "ABriefHistoryofProvably-SecurePublic-KeyEncryption,"respectively.These proceedings include papers by Bruce Schneier and by Alexander Dent. The conference received 82 submissions on November 24, 2007. They went through a careful doubly anonymous review process. This was run by the iChair software written by Thomas Baign eres and Matthieu Finiasz. Every paper - ceived at least three review reports. After this period, 25 papers were accepted on February 12, 2008. Authors then had the opportunity to update their papers until March 13, 2008. The present proceedings include all the revised papers. At the end of the review process, the paper entitled "An Authentication Protocol with Encrypted Biometric Data" written by Julien Bringer and Herv e Chabanne was elected to receive the Africacrypt 2008 Best Paper Award. I had the privilege to chair the Program Committee. I would like to thank all committee members for their tough work on the submissions, as well as all externalreviewersfortheirsupport.IalsothankmyassistantThomasBaign eres formaintainingtheserverandhelpingmetorunthesoftware.Ithanktheinvited speakers, the authors of the best paper, the authors of all submissions. They all contributed to the success of the conference."

The RSA Conference is the largest regularly-staged computer security event, with over 350 vendors and many thousands of attendees. The Cryptographers' Track (CT-RSA) is a research conference within the RSA Conference. CT-RSA began in 2001, and has become one of the major established venues for presenting cryptographic research papers to a wide variety of audiences. CT-RSA 2008 was held in San Francisco, California from April 8 to April 11. The proceedings of CT-RSA 2008 contain 26 papers selected from 95 subm- sions pertaining to all aspects of cryptography. Each submission was reviewed by at least three reviewers, which was made possible by the hard work of 27 P- gram Committee members and many external reviewers listed on the following pages. The papers were selected following a detailed online discussion among the Program Committee members. The program included an invited talk by Sha? Goldwasser. The current proceedings include a short abstract of her talk. I would like to express my deep gratitude to the Program Committee m- bers, who volunteered their expertise and hard work over several months, as well as to the external reviewers. Special thanks to Shai Halevi for providing and maintaining the Web review system used for paper submission, reviewing, and ?nal-version preparation. Finally, I would like to thank Burt Kaliski and Ari Juels of RSA Laboratories, as well as the RSA conference team, especially Bree LaBollita, for their assistance throughout the process.

This book constitutes the refereed proceedings of the 11th International Workshop on Practice and Theory in Public-Key Cryptography, PKC 2008, held in Barcelona, Spain, in March 2008.

The 21 revised full papers presented together with 1 invited lecture were carefully reviewed and selected from 71 submissions. The papers are organized in topical sections on algebraic and number theoretical cryptoanalysis, theory of public key encryption, digital signatures, identification, broadcast and key agreement, implementation of fast arithmetic, and public key encryption.

TCC 2008, the 5th Theory of Cryptography Conference, was held in New York, New York, March 19-21, 2008, at New York University. TCC 2008 was sp- soredbytheInternationalAssociationforCryptologicResearch(IACR)andwas organizedincooperationwiththeDepartmentofComputerScienceatNewYork University and the Courant Institute for Mathematical Sciences. The General Chairs of the conference were Yevgeniy Dodis and Victor Shoup. The conference received 81 submissions, of which the Program Committee selected34forpresentationattheconference.Theauthorsoftwopapersthen- cidedto mergetheir papers, resulting in a totalof33 presentedpapers.The Best Student Paper Award was given to Paul Valiant for his paper "Incrementally Veri?able Computation or Knowledge Implies Time/Space E?ciency." These proceedings consist of revised versions of the presented papers. The revisions were not reviewed. The authors bear full responsibility for the contents of their papers. The conference programalso included four special events: an invited talk - titled "Randomness Extractors and Their Cryptographic Applications" by Salil Vadhan; a tutorial entitled "Bridging Cryptography and Game Theory: Recent Results and Future Directions," given by Jonathan Katz (with an accom- nying tutorial in the proceedings); a panel discussion on "Game Theory and Cryptography: Towards a Joint Point of View?" with Tal Rabin as moderator and Jonathan Katz, Silvio Micali, and Moni Naor as panelists; and a Rump Session chaired by Anna Lysyanskaya.

Contrary to popular belief, there has never been any shortage of Macintosh-related security issues. OS9 had issues that warranted attention. However, due to both ignorance and a lack of research, many of these issues never saw the light of day. No solid techniques were published for executing arbitrary code on OS9, and there are no notable legacy Macintosh exploits. Due to the combined lack of obvious vulnerabilities and accompanying exploits, Macintosh appeared to be a solid platform. Threats to Macintosh's OS X operating system are increasing in sophistication and number. Whether it is the exploitation of an increasing number of holes, use of rootkits for post-compromise concealment or disturbed denial of service, knowing why the system is vulnerable and understanding how to defend it is critical to computer security.
* Macintosh OS X Boot Process and Forensic Software All the power, all the tools, and all the geekery of Linux is present in Mac OS X. Shell scripts, X11 apps, processes, kernel extensions...it's a UNIX platform....Now, you can master the boot process, and Macintosh forensic software.
* Look Back Before the Flood and Forward Through the 21st Century Threatscape Back in the day, a misunderstanding of Macintosh security was more or less industry-wide. Neither the administrators nor the attackers knew much about the platform. Learn from Kevin Finisterre how and why that has all changed
* Malicious Macs: Malware and the Mac As OS X moves further from desktops, laptops, and servers into the world of consumer technology (iPhones, iPods, and so on), what are the implications for the further spread of malware and other security breaches? Find out from David Harley.
* Malware Detection and the Mac Understand why the continuing insistence of vociferous Mac zealots that it "can't happen here" is likely to aid OS X exploitationg
* Mac OS X for Pen Testers With its BSD roots, super-slick graphical interface, and near-bulletproof reliability, Apple's Mac OS X provides a great platform for pen testing.
* WarDriving and Wireless Penetration Testing with OS X Configure and utilize the KisMAC WLAN discovery tool to WarDrive. Next, use the information obtained during a WarDrive, to successfully penetrate a customer's wireless network.
* Leopard and Tiger Evasion Follow Larry Hernandez through exploitation techniques, tricks, and features of both OS X Tiger and Leopard, using real-world scenarios for explaining and demonstrating the concepts behind them.
* Encryption Technologies and OS X Apple has come a long way from the bleak days of OS9. THere is now a wide array of encryption choices within Mac OS X. Let Gareth Poreus show you what they are.
* Cuts through the hype with a serious discussion of the security
vulnerabilities of the Mac OS X operating system
* Reveals techniques by which OS X can be "owned"
* Details procedures to defeat these techniques
* Offers a sober look at emerging threats and trends

This book constitutes the refereed proceedings of the 8th International Workshop on Information Security Applications, WISA 2007, held in Jeju Island, Korea, August 27-29, 2007.

The 27 revised full papers presented were carefully selected during two rounds of reviewing and improvement from 95 submissions. The papers are organized in topical sections on Public Key Crypto Applications, Biometrics/Information Hiding, Secure Hardware, Secure Systems, Wireless and Mobile Security, Application Security/Secure Systems, Access Control/DB Security, Smart Cards/Secure Systems and Anonymity and P2P Security.

This book constitutes the refereed proceedings of the 11th IMA International Conference on Cryptography and Coding, held in Cirencester, UK in December 2007.

The 22 revised full papers presented together with 2 invited contributions were carefully reviewed and selected from 48 submissions. The papers are organized in topical sections on signatures, boolean functions, block cipher cryptanalysis, side channels, linear complexity, public key encryption, curves, and RSA implementation.

This book constitutes the thoroughly refereed post-proceedings of the 9th International Workshop on Information Hiding, IH 2007, held in Saint Malo, France, in June 2007.

The 25 revised full papers presented were carefully reviewed and selected from 105 submissions. The papers are organized in topical sections on new steganographic schemes, watermarking schemes, computer security, steganography and code theory, watermarking security, steganalysis, watermarking and re-synchronization, fingerprinting, forensics, and steganalysis.

This book constitutes the thoroughly refereed post-proceedings of the 13th International Workshop on Security Protocols, held in Cambridge, UK, in April 2005.

The 24 revised full papers presented together with edited transcriptions of some of the discussions following the presentations have passed through multiple rounds of reviewing, revision, and selection. Among the topics addressed are authentication, anonymity, cryptographics and biometrics, cryptographic protocols, network security, privacy, SPKI, user-friendliness, access control, API security, costs of security, and others.

This book constitutes the refereed proceedings of the Third International Conference on Information Systems Security, ICISS 2007, held in Delhi, India, in December 2007.

The 18 revised full papers and 5 short papers presented together with 4 keynote papers were carefully reviewed and selected from 78 submissions. The submitted topics in cryptography, intrusion detection, network security, information flow systems, Web security, and many others offer a detailed view of the state of the art in information security. The papers are organized in topical sections on network security, cryptography, architectures and systems, cryptanalysis, protocols, detection and recognition, as well as short papers.

This book constitutes the refereed proceedings of the 13th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2007, held in Kuching, Malaysia, in December 2007. The papers are organized in topical sections on number theory and elliptic curve, protocol, hash function design, group/broadcast cryptography, mac and implementation, multiparty computation, block ciphers, foundation, public key encryption, and cryptanalysis.

This book constitutes the thoroughly refereed post-proceedings of the 7th International Symposium on Privacy Enhancing Technologies, PET 2007, held in Ottawa, Canada, in June 2007 in conjunction with WOTE 2007, the IAVoSS Workshop on Trustworthy Elections.

The 16 revised full papers presented were carefully selected from 84 submissions during two rounds of reviewing and improvement. The papers - both from academia and industry - cover design and realization of privacy services for the internet and other communication networks and present novel research on all theoretical and practical aspects of privacy technologies, as well as experimental studies of fielded systems.

This book constitutes the thoroughly refereed post-proceedings of the 14th International Workshop on Selected Areas in Cryptography, SAC 2007, held in Ottawa, Canada, in August 2007.

The 25 revised full papers presented were carefully reviewed and selected from 73 submissions. The papers are organized in topical sections on stream cipher cryptanalysis, hash function attacks, side-channel attacks, efficient implementations, block cipher cryptanalysis, a new stream cipher, white box cryptanalysis, message authentication code attack, and modes of operation.