This book constitutes the refereed proceedings of the 7th International Workshop on Information Security Applications, WISA 2006, held in Jeju Island, Korea in August 2006.

The 30 revised full papers presented were carefully selected during two rounds of reviewing and improvement from 146 submissions. The papers are organized in topical sections on public key crypto applications and virus protection, cyber indication and intrusion detection, biometrics and security trust management, secure software and systems, smart cards and secure hardware, mobile security, DRM, information hiding, ubiquitous computing security, P2P security, pre-authentication for fast handoff in wireless mesh networks including mobile APs.

This volume constitutes the refereed proceedings of the First IFIP TC6 / WG 8.8 / WG 11.2 International Workshop on Information Security Theory and Practices: Smart Cards, Mobile and Ubiquitous Computing Systems, WISTP 2007, held in Heraklion, Crete, Greece in May 2007.

The 20 revised full papers are organized in topical sections on mobility, hardware and cryptography, privacy, cryptography schemes, smart cards, and small devices.

It was a pleasure to take part in the 2005 European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 2005), held on July 13-14 in Visegrad (Hungary) in conjunction with the First International Conference on Wireless Internet (WICON) . As Program Co-chairs, we are very happy with the outcome of this year's ESAS workshop. It clearly demonstrates the continued importance, popularity andtimeliness oftheworkshop'stopic: securityandprivacy inadhocandsensor networks.Atotalof51fullpapersweresubmitted.Eachsubmissionwasreviewed by at least three expert referees. After a short period of intense discussions and deliberations, the Program Committee selected 17 papers for presentation and subsequent publication in the workshop proceedings. This corresponds to an acceptance rate of 33% - a respectable rate by any measure. First and foremost, we thank the authors of ALL submitted papers. Your con?dence in this venue is much appreciated. We hope that you will continue patronizing ESAS as authors and attendees. We are also very grateful to our colleagues in the research community who served on the ESAS Program C- mittee. Your sel?ess dedication is what makes the workshop a success. Finally, we are very grateful to the ESAS Steering Group: Levente Buttyan, Claude Castelluccia, Dirk Westho? and Susanne Wetzel. They had the vision and the drive to create this workshopin the ?rst place; they also provided many insightsandlotsofhelpwiththisyear'sevent.Weespeciallyacknowledgeand- preciate the work of Levente Buttyan whose dedication (as Steering Committee member, PC member and Local Arrangements Chair) played a very important role in the success of the workshop.

The10thintheseriesofIMAConferencesonCryptographyandCodingwasheld at the RoyalAgricultural College, Cirencester, during 19 21 December 2005. As usual, the venue provided a relaxed and informal atmosphere for attendees to discuss work and listen to the collection of talks. The program consisted of four invited talks and 26 contributed talks. The invitedtalkswheregivenbyTuviEtzion, UeliMaurer, AlfredMenezesandAmin Shokrollahi, and three of these invited talks appear as papers in this volume. Special thanks must go to these four speakers as they helped to set the tone, by coveringall the areasthe meeting aimed to cover, from cryptographythrough to coding. In addition the best speakers are often the hardest to persuade to come to a meeting, as they are usually the most busy. We therefore feel privileged to have had a meeting with four such distinguished speakers. The contributed talks were selected from 94 submissions. This is nearly twice thenumberofsubmissionsforthepreviousmeetingin2003.Thisisanindication of the strength of the subject and the interest in the IMA series of meetings as a venue to present new work. The contributed talks ranged over a wide number of areas, including information theory, coding theory, number theory and as- metric and symmetric cryptography. Subtopics included a number of current hot topics, such as algebraic cryptanalysis and cryptographic systems based on bilinear pairings. Assembling the conference program and these proceedings required the help of a large number of individuals. I would like to thank them all here."

This book constitutes the refereed proceedings of the 4th Theory of Cryptography Conference, TCC 2007, held in Amsterdam, The Netherlands in February 2007. The 31 revised full papers cover encryption, universally composable security, arguments and zero knowledge, notions of security, obfuscation, secret sharing and multiparty computation, signatures and watermarking, private approximation and black-box reductions, and key establishment.

The ?rst SKLOIS Conference on Information Security and Cryptography(CISC 2005) was organized by the State Key Laboratory of Information Security of the Chinese Academy of Sciences. It was held in Beijing, China, December 15-17,2005andwassponsoredbytheInstituteofSoftware, theChineseAcademy of Sciences, the Graduate School of the Chinese Academy of Sciences and the National Science Foundation of China. The conference proceedings, represe- ing invited and contributed papers, are published in this volume of Springer s Lecture Notes in Computer Science (LNCS) series. The area of research covered by CISC has been gaining importance in recent years, and a lot of fundamental, experimental and applied work has been done, advancing the state of the art. The program of CISC 2005 covered numerous ?elds of research within the general scope of the conference. The International Program Committee of the conference received a total of 196 submissions (from 21 countries). Thirty-three submissions were selected for presentation as regular papers and are part of this volume. In addition to this track, the conference also hosted a short-paper track of 32 presentations that were carefully selected as well. All submissions were reviewed by experts in the relevant areas and based on their ranking and strict selection criteria the papers were selected for the various tracks. We note that stricter criteria were applied to papers co-authored by program committee members. We further note that, obviously, no member took part in in?uencing the ranking of his or her own submissions."

Mycrypt 2005 was the inaugural international conference on cryptology hosted in Malaysia. The conference was co-organized by the Information Security - search Lab at Swinburne University of Technology (Sarawak Campus), NISER (National ICT Security and Emergency Response Centre) and INSPEM (Ins- tute for MathematicalResearch)at UPM (UniversityPutra Malaysia).Mycrypt 2005 was held in Kuala Lumpur, Malaysia during September 28-30 2005, in conjunction with the e-Secure Malaysia 2005 convention. Therewere90paper submissionsfrom23 countriescoveringall areasof cr- tologic research, from which 19 were accepted. We would like to extend our thanks to all authors who submitted papers to Mycrypt 2005. Each paper was sentanonymouslytoatleast3membersoftheInternationalProgramCommittee for reviews and comments. The review comments were then followed by disc- sions among the Program Committee. A recipient of the Best Paper Award was also selected after voting among Program Committee members. The winning paper was "Distinguishing Attacks on T-functions" by Simon Kunzli ] (FH A- gau, Swizerland), Pascal Junod (Nagravision SA, Switzerland) and Willi Meier (FH Aargau, Swizerland). These proceedings contain revised versions of all the accepted papers. The conference program included three keynote papers: Hideki Imai (Tokyo University)presenteda paper entitled "TrendsandChallenges forSecurer Cr- tography in Practice." Moti Yung (Columbia University) presented a paper entitled "E?cient Secure Group Signatures with Dynamic Joins and Keeping Anonymity Against Group Managers." Colin Boyd (QUT) presented a paper entitled "Security of Two-Party Identity-Based Key Agreement." We are extremely grateful for the time and e?ort of all the members of the Program Committee in the review process. Their names may be found overleaf."

This volume contains the proceedings of the 8th International Information - curity Conference (ISC 2005), which took place in Singapore, from 20th to 23rd September 2005. ISC 2005 brought together individuals from academia and - dustry involvedin manyresearchdisciplines of information security to foster the exchange of ideas. During recent years this conference has tried to place special emphasis on the practical aspects of information security, and since it passed from being an international workshop to being an international conference in 2001, it has become one of the most relevant forums at which researchers meet and discuss emerging security challenges and solutions. Advised by the ISC Steering Committee, and in order to provide students with more opportunities for publication, ISC 2005 accepted extra student papers - sides the regular papers. The initiative was very well accepted by the young sector of the scienti?c community, and we hope that the success of this idea will remainfornextISCevents. AnotherimportantfactorforthesuccessofISC2005 was that selected papers in the proceedings will be invited for submission to a special issue of the InternationalJournalof InformationSecurity. The result was an incredible response to the call for papers; we received 271 submissions, the highest since ISC events started. It goes without saying that the paper selection process was more competitive and di?cult than ever before - only 33 regular papers were accepted, plus 5 student papers for a special student session.

This book constitutes the thoroughly refereed post-proceedings of the First International Conference on Cryptology in Vietnam, VIETCRYPT 2006, held in Hanoi, Vietnam, in September 2006.

The 24 revised full papers presented together with 1 invited paper were carefully reviewed and selected from 78 submissions. The papers are organized in topical sections on signatures and lightweight cryptography, pairing-based cryptography, algorithmic number theory, ring signatures and group signatures, hash functions, cryptanalysis, key agreement and threshold cryptography, as well as public-key encryption.

This book constitutes the thoroughly refereed postproceedings of the 5th International Workshop on Privacy Enhancing Technologies, PET 2006, held in Cavtat, Croatia, in May and June 2005. The 17 revised full papers presented were carefully selected from 74 submissions during two rounds of reviewing and improvement. The papers address most current privacy enhancing technologies in various application contexts.

This book constitutes the refereed proceedings of the First International Workshop on Security, IWSEC 2006, held in Kyoto, Japan in October 2006. The 30 revised full papers presented were carefully reviewed and selected from 147 submissions.

The increasing relevance of security to real-life applications, such as electronic commerce and Internet banking, is attested by the fast-growing number of - search groups, events, conferences, and summer schools that address the study of foundations for the analysis and the design of security aspects. The Int- national School on Foundations of Security Analysis and Design (FOSAD, see http: //www.sti.uniurb.it/events/fosad/)has been one of the foremost events - tablishedwiththegoalofdisseminatingknowledgeinthiscriticalarea, especially for young researchers approaching the ?eld and graduate students coming from less-favoured and non-leading countries. The FOSAD school is held annually at the Residential Centre of Bertinoro (http: //www.ceub.it/), in the fascinating setting of a former convent and ep- copal fortress that has been transformed into a modern conference facility with computing services and Internet access. Since the ?rst school, in 2000, FOSAD hasattractedmorethan250participantsand50lecturersfromallovertheworld. A collection of tutorial lectures from FOSAD 2000 was published in Springer s LNCS volume 2171. Some of the tutorials given at the two successive schools (FOSAD 2001 and 2002) are gathered in a second volume, LNCS 2946. To c- tinue this tradition, the present volume collects a set of tutorials fromthe fourth FOSAD, held in 2004, and from FOSAD 2005."

This book constitutes the refereed proceedings of the 8th International Conference on Information and Communications Security, ICICS 2006, held in Raleigh, NC, USA, December 2006. The 22 revised full papers and 17 revised short papers cover security protocols, applied cryptography, access control, privacy and malicious code, network security, systems security, cryptanalysis, applied cryptography and network security, and security implementations.

This book constitutes the refereed proceedings of the 12th International Conference on the Theory and Application of Cryptology and Information Security, held in Shanghai, China, December 2006. The 30 revised full papers cover attacks on hash functions, stream ciphers, biometrics and ECC computation, id-based schemes, public-key schemes, RSA and factorization, construction of hash function, protocols, block ciphers, and signatures.

This book constitutes the refereed proceedings of the 25th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2006. 33 revised full papers are presented together with 2 invited talks. The papers are organized in topical sections on cryptanalysis, cryptography meets humans, stream ciphers, hash functions, oblivious transfer, numbers and lattices, foundations, block ciphers, cryptography without random oracles, multiparty computation, and cryptography for groups.

Althoughcryptographyandsecuritytechniqueshavebeenaroundfor quitesome time, emerging technologies such as ubiquitous computing and ambient intel- gence that exploit increasingly interconnected networks, mobility and pers- alization put new requirements on security with respect to data management. As data is accessible anytime anywhere, according to these new concepts, it - comes much easier to get unauthorized data access. Furthermore, it becomes simpler to collect, store, and search personal information and endanger people's privacy. Therefore, researchin the area of secure data management is of growing importance, attracting the attention of both the data management and security researchcommunities.Theinterestingproblemsrangefromtraditionalones, such as access control (with all variations, like dynamic, context-aware, role-based), database security (e.g., e?cient database encryption schemes, search over - crypted data, etc.), and privacy-preserving data mining to controlled sharing of data. In addition to the aforementioned subject, this year we also called for - pers devoted to secure data management in healthcare as a domain where data security and privacy issues are traditionally important. The call for papers - tracted 38 papers both from universities and industry. The ProgramCommittee selected 16 research papers for presentation at the workshop. These papers are also collected in this volume which we hope will serve you as a useful research and reference material.

This book constitutes the refereed proceedings of the Second SKLOIS Conference on Information Security and Cryptology, Inscrypt 2006, held in Beijing, China in November/December 2006. The 23 revised full papers cover digital signature schemes, sequences and stream ciphers, symmetric-key cryptography, cryptographic schemes, network security, access control, computer and applications security, as well as Web and media security.

This book constitutes the refereed proceedings of the 9th International Conference on Information Security and Cryptology, ICISC 2006, held in Busan, Korea in November/December 2006.

The 26 revised full papers presented together with two invited talks have gone through two rounds of reviewing and improvement and were selected from 129 submissions. The papers are organized in topical sections on hash functions, block and stream ciphers, efficient implementation and hardware, network security and access control, mobile communications security, forensics, copyright protection, biometrics, public key cryptosystems, and digital signatures.

This book constitutes the refereed proceedings of the 9th International Conference on Information Security, ISC 2006, held on Samos Island, Greece in August/September 2006.

The 38 revised full papers presented were carefully reviewed and selected from 188 submissions. The papers are organized in topical sections on software security, privacy and anonymity, block ciphers and hash functions, digital signatures, stream ciphers, encryption, pervasive computing, network security, watermarking and digital rights management, intrusion detection and worms, key exchange, security protocols and formal methods, and information systems security.

The 7th International Conference on Information Security and Cryptology was organized by the Korea Institute of Information Security and Cryptology (KIISC) and was sponsored by the Ministry of Information and Communi- tion of Korea. The conference received 194 submissions, and the Program Committee - lected 34 of these for presentation. The conference program included two invited lectures.MikeReiterspokeon"Securityby, andfor, ConvergedMobileDevices." And Frank Stajano spoke on "Security for Ubiquitous Computing." We would like to ?rst thank the many researchers from all over the world who subm- ted their work to this conference. An electronic submission process was ava- able. The submission review process had two phases. In the ?rst phase, Program Committeememberscompiledreports(assistedattheirdiscretionbysubreferees of their choice, but without interaction with other Program Committee m- bers) and entered them, via a Web interface, into the Web Review software. We would like to thank the developers, Bart Preneel, Wim Moreau, and Joris Claessens. Without the Web Review system, the whole review process would not have been possible. In the second phase, Program Committee members used the software to browse each other's reports, and discuss and update their own reports.WeareextremelygratefultotheProgramCommittee membersfortheir enormous investment of time, e?ort, and adrenaline in the di?cult and delicate process of review and selection.

The ?rst workshop in this series was held at the International Computer S- ence Institute in Berkeley and was published as LNCS 2009 under the name "Workshop on Design Issues in Anonymity and Unobservability." Subsequent Privacy Enhancing Technologies (PET) workshops met in San Francisco in 2002 (LNCS2482)andDresdenin2003(LNCS2760).Thisvolume, LNCS3424, holds the proceedings from PET 2004 in Toronto. Our 2005 meeting is scheduled for Dubrovnik, and we hope to keep ?nding new and interesting places to visit on both sides of the Atlantic - or beyond. An event like PET 2004 would be impossible without the work and dedi- tion of many people. First and foremost we thank the authors, who wrote and submitted 68 full papers or panel proposals, 21 of which appear herein. The Program Committee produced 163 reviews in total. Along the way, they were assisted in reviewing by Steven Bishop, Rainer Bohme, Sebastian Clauss, Claudia D ?az, Richard E. Newman, Ulrich Flegel, Elke Franz, Stefan Kopsell, Thomas Kriegelstein, Markus Kuhn, Stephen Lewis, Luc Longpre, Steven M- doch, Shishir Nagaraja, Thomas Nowey, Peter Palfrader, Lexi Pimenidis, Klaus Ploessl, Sivaramakrishnan Rajagopalan, Marc Rennhard, Leo Reyzin, Pankaj Rohatgi, Naouel Ben Salem, Sandra Steinbrecher, Mike Szydlo, Shabsi Wal?sh, Jie Wang, Brandon Wiley, and Shouhuai Xu."

This book constitutes the refereed proceedings of the International Workshop on Intelligence and Security Informatics, WISI 2006, held in Singapore in conjunction with the 10th Pacific-Asia Conference on Knowledge Discovery and Data Mining. The 32 papers presented together with the abstract of the keynote talk were carefully reviewed. The papers are organized in sections on Web and text mining for terrorism informatics, cybercrime analysis, network security, and crime data mining.

The 5th International Workshop on Information Security Applications (WISA 2004) was held in Jeju Island, Korea during August 23-25, 2004. The workshop was sponsored by the Korea Institute of Information Security and Cryptology (KIISC), the Electronics and Telecommunications Research Institute (ETRI) and the Ministry of Information and Communication (MIC). The aim of the workshop is to serve as a forum for new conceptual and - perimental research results in the area of information security applications from the academic community as well as from the industry. The workshop program covers a wide range of security aspects including cryptography, cryptanalysis, network/system security and implementation aspects. The programcommittee received169 papersfrom 22 countries, andaccepted 37 papers for a full presentation track and 30 papers for a short presentation track. Each paper was carefully evaluated through peer-review by at least three members of the programcommittee. This volume contains revised versions of 36 papers accepted and presented in the full presentation track. Short papers were only published in the WISA 2004 pre-proceedings as preliminary versions and are allowed to be published elsewhere as extended versions. In addition to the contributed papers, Professors Gene Tsudik and Ross Andersongaveinvitedtalks, entitledSecurityinOutsourcedDatabasesandWhat does 'Security' mean for Ubiquitous Applications?, respectively.

This volume contains a selection of refereed papers from participants of the workshop "Construction and Analysis of Safe, Secure and Interoperable Smart Devices" (CASSIS), held from the 10th to the 13th March 2004 in Marseille, France: http: //www-sop.inria.fr/everest/events/cassis04/ The workshop was organized by INRIA (Institut National de Recherche en InformatiqueetenAutomatique), Franceandthe UniversitydelaM editerran ee, Marseille, France. The workshop was attended by nearly 100 participants, who were invited for their contributions to relevant areas of computer science. Theaimoftheworkshopwastobringtogetherexpertsfromthesmartdevices industry and academic researchers, with a view to stimulate research on formal methods and security, and to encourage the smart device industry to adopt innovative solutions drawn from academic research. The next generation of smart devices holds the promise of providing the required infrastructure for the secure provision of multiple and personalized services. In order to deliver their promise, the smart device technology must however pursue the radical evolution that was initiated with the adoption of multi-application smartcards. Typical needs include: - The possibility for smart devices to feature extensible computational infr- tructures that may be enhanced to support increasingly complex appli- tions that may be installed post-issuance, and may require operating system functionalities that were not pre-installed. Such additional ?exibility must however not compromise security. - The possibility for smart devices to achieve a better integration with larger computersystems, throughimprovedconnectivity, genericity, aswellasint- operability."

Ad hoc and sensor networks are making their way from research to real-world deployments. Body and personal-area networks, intelligent homes, environmental monitoring or inter-vehicle communications: there is almost nothing left that is not going to be smart and networked. While a great amount of research has been devoted to the pure networking aspects, ad hoc and sensor networks will not be successfully deployed if security, dependability, and privacy issues are not addressed adequately.

As the first book devoted to the topic, this volume constitutes the thoroughly refereed post-proceedings of the First European Workshop on Security in Ad-hoc and Sensor Networks, ESAS, 2004, held in Heidelberg, Germany in August 2004. The 17 revised full papers were carefully reviewed and selected from 55 submissions. Among the key topics addressed are key distribution and management, authentication, energy-aware cryptographic primitives, anonymity and pseudonymity, secure diffusion, secure peer-to-peer overlays, and RFIDs.