This book constitutes the refereed proceedings of the International Workshop on Intelligence and Security Informatics, WISI 2006, held in Singapore in conjunction with the 10th Pacific-Asia Conference on Knowledge Discovery and Data Mining. The 32 papers presented together with the abstract of the keynote talk were carefully reviewed. The papers are organized in sections on Web and text mining for terrorism informatics, cybercrime analysis, network security, and crime data mining.

This book constitutes the refereed proceedings of the Third International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2006, held in Berlin, Germany in July 2006.

The 11 revised full papers presented were carefully reviewed and selected from 41 submissions. The papers are organized in topical sections on code analysis, intrusion detection, threat protection and response, malware and forensics, and deployment scenarios.

This book constitutes the thoroughly refereed postproceedings of the 5th International Workshop on Privacy Enhancing Technologies, PET 2006, held in Cavtat, Croatia, in May and June 2005. The 17 revised full papers presented were carefully selected from 74 submissions during two rounds of reviewing and improvement. The papers address most current privacy enhancing technologies in various application contexts.

It was a pleasure to take part in the 2005 European Workshop on Security and Privacy in Ad Hoc and Sensor Networks (ESAS 2005), held on July 13-14 in Visegrad (Hungary) in conjunction with the First International Conference on Wireless Internet (WICON) . As Program Co-chairs, we are very happy with the outcome of this year's ESAS workshop. It clearly demonstrates the continued importance, popularity andtimeliness oftheworkshop'stopic: securityandprivacy inadhocandsensor networks.Atotalof51fullpapersweresubmitted.Eachsubmissionwasreviewed by at least three expert referees. After a short period of intense discussions and deliberations, the Program Committee selected 17 papers for presentation and subsequent publication in the workshop proceedings. This corresponds to an acceptance rate of 33% - a respectable rate by any measure. First and foremost, we thank the authors of ALL submitted papers. Your con?dence in this venue is much appreciated. We hope that you will continue patronizing ESAS as authors and attendees. We are also very grateful to our colleagues in the research community who served on the ESAS Program C- mittee. Your sel?ess dedication is what makes the workshop a success. Finally, we are very grateful to the ESAS Steering Group: Levente Buttyan, Claude Castelluccia, Dirk Westho? and Susanne Wetzel. They had the vision and the drive to create this workshopin the ?rst place; they also provided many insightsandlotsofhelpwiththisyear'sevent.Weespeciallyacknowledgeand- preciate the work of Levente Buttyan whose dedication (as Steering Committee member, PC member and Local Arrangements Chair) played a very important role in the success of the workshop.

Here are the refereed proceedings of the 9th International Conference on Theory and Practice in Public-Key Cryptography, PKC 2006, held in New York City in April 2006. The 34 revised full papers presented are organized in topical sections on cryptanalysis and protocol weaknesses, distributed crypto-computing, encryption methods, cryptographic hash and applications, number theory algorithms, pairing-based cryptography, cryptosystems design and analysis, signature and identification, authentication and key establishment, multi-party computation, and PKI techniques.

SAC 2004 was the eleventh in a series of annual workshops on Selected Areas in Cryptography. This was the second time that the workshop was hosted by the University of Waterloo, Ontario, with previous workshops being held at Queen'sUniversityinKingston(1994,1996,1998and1999), CarletonUniversity in Ottawa (1995, 1997 and 2003), the Fields Institute in Toronto (2001) and Memorial University of Newfoundland in St. John's (2002). The primary intent of the workshop was to provide a relaxed atmosphere in which researchers in cryptography could present and discuss new work on selected areas of current interest. This year's themes for SAC were: - Design and analysis of symmetric key cryptosystems. - Primitives for symmetric key cryptography, including block and stream - phers, hash functions, and MAC algorithms. - E?cient implementation of cryptographic systems in public and symmetric key cryptography. - Cryptographic solutions for mobile (web) services. A record of 117 papers were submitted for consideration by the program committee. After an extensive review process, 25 papers were accepted for p- sentation at the workshop (two of these papers were merged). Unfortunately, many good papers could not be accommodated this year. These proceedings contain the revised versions of the 24 accepted papers. The revised versions were not subsequently checked for correctness. Also, we were very fortunate to have two invited speakers at SAC 2004. Eli Biham arranged for some breaking news in his talk on "New Results on SHA-0 and SHA-1." This talk was designated as the Sta?ord Tavares L- ture."

TCC 2005, the 2nd Annual Theory of Cryptography Conference, was held in Cambridge, Massachusetts, onFebruary10-12,2005.Theconferencereceived84 submissions, ofwhichtheprogramcommitteeselected32forpresentation.These proceedings contain the revised versions of the submissions that were presented at the conference. These revisions have not been checked for correctness, and the authors bear full responsibility for the contents of their papers. The conference program also included a panel discussion on the future of theoretical cryptography and its relationship to the real world (whatever that is). It also included the traditional "rump session," featuring short, informal talks on late-breaking research news. Much as hatters of old faced mercury-induced neurological damage as an occupational hazard, computer scientists will on rare occasion be a?icted with egocentrism, probably due to prolonged CRT exposure. Thus, you must view withpityandnotcontemptmyunalloyedelationathavingmynameonthefront cover of this LNCS volume, and my deep-seated conviction that I fully deserve the fame and riches that will surely come of it. However, having in recent years switched over to an LCD monitor, I would like to acknowledge some of the many who contributed to this conference. First thanks are due to the many researchers from all over the world who submitted their work to this conference. Lacking shrimp and chocolate-covered strawberries, TCC has to work hard to be a good conference. As a community, I think we have.

Ad hoc and sensor networks are making their way from research to real-world deployments. Body and personal-area networks, intelligent homes, environmental monitoring or inter-vehicle communications: there is almost nothing left that is not going to be smart and networked. While a great amount of research has been devoted to the pure networking aspects, ad hoc and sensor networks will not be successfully deployed if security, dependability, and privacy issues are not addressed adequately.

As the first book devoted to the topic, this volume constitutes the thoroughly refereed post-proceedings of the First European Workshop on Security in Ad-hoc and Sensor Networks, ESAS, 2004, held in Heidelberg, Germany in August 2004. The 17 revised full papers were carefully reviewed and selected from 55 submissions. Among the key topics addressed are key distribution and management, authentication, energy-aware cryptographic primitives, anonymity and pseudonymity, secure diffusion, secure peer-to-peer overlays, and RFIDs.

The Seventh International Conference on Information and Communications - curity, ICICS2005, washeldinBeijing, China,10-13December2005. TheICICS conference series is an established forum for exchanging new research ideas and development results in the areas of information security and applied crypt- raphy. The ?rst event began here in Beijing in 1997. Since then the conference series has been interleaving its venues in China and the rest of the world: ICICS 1997 in Beijing, China; ICICS 1999 in Sydney, Australia; ICICS 2001 in Xi'an, China; ICICS 2002 in Singapore; ICICS 2003 in Hohhot City, China; and ICICS 2004 in Malaga, Spain. The conference proceedings of the past events have - ways been published by Springer in the Lecture Notes in Computer Science series, with volume numbers, respectively: LNCS 1334, LNCS 1726, LNCS 2229, LNCS 2513, LNCS 2836, and LNCS 3269. ICICS 2005 was sponsored by the Chinese Academy of Sciences (CAS); the Beijing Natural Science Foundation of China under Grant No. 4052016; the National Natural Science Foundation of China under Grants No. 60083007 and No. 60573042;the NationalGrandFundamentalResearch973ProgramofChina under Grant No. G1999035802, and Hewlett-Packard Laboratories, China. The conference was organized and hosted by the Engineering Research Center for Information Security Technology of the Chinese Academy of Sciences (ERCIST, CAS) in co-operation with the International Communications and Information Security Association (ICISA). The aim of the ICICS conference series has been to o?er the attendees the opportunity to discuss the latest developments in theoretical and practical - pects of information and communications security.

The 5th International Workshop on Information Security Applications (WISA 2004) was held in Jeju Island, Korea during August 23-25, 2004. The workshop was sponsored by the Korea Institute of Information Security and Cryptology (KIISC), the Electronics and Telecommunications Research Institute (ETRI) and the Ministry of Information and Communication (MIC). The aim of the workshop is to serve as a forum for new conceptual and - perimental research results in the area of information security applications from the academic community as well as from the industry. The workshop program covers a wide range of security aspects including cryptography, cryptanalysis, network/system security and implementation aspects. The programcommittee received169 papersfrom 22 countries, andaccepted 37 papers for a full presentation track and 30 papers for a short presentation track. Each paper was carefully evaluated through peer-review by at least three members of the programcommittee. This volume contains revised versions of 36 papers accepted and presented in the full presentation track. Short papers were only published in the WISA 2004 pre-proceedings as preliminary versions and are allowed to be published elsewhere as extended versions. In addition to the contributed papers, Professors Gene Tsudik and Ross Andersongaveinvitedtalks, entitledSecurityinOutsourcedDatabasesandWhat does 'Security' mean for Ubiquitous Applications?, respectively.

This book constitutes the refereed proceedings of the Third International Conference on Security in Pervasive Computing, SPC 2006, held in York, UK, in April 2006. The 16 revised papers presented together with the extended abstract of 1 invited talk were carefully reviewed and selected from 56 submissions. The papers are organized in topical sections on protocols, mechanisms, integrity, privacy and security, information flow and access control, and authentication.

The RSA Conferenceis attended by over10,000securityprofessionalseach year. The Cryptographers' Track (CT-RSA), one of several parallel tracks at the c- ference, provides an excellent opportunity for cryptographers to showcase their research to a wide audience. CT-RSA 2005 was the ?fth year of the Cryptog- phers' Track. The selection process for the CT-RSA program is the same as for other cryptography research conferences. This year, the program committee selected 23 papers from 74submissions (two of whichwerelater withdrawn) that covered all aspects of cryptography. The program also included two invited talks by Cynthia Dwork and Moti Yung. These proceedings contain the revised versions of the selected papers. The revisions were not checked, and so the authors (and not the committee) bear full responsibility for the contents of their papers. I am very grateful to the program committee for their very conscientious e?orts to review each paper fairly and thoroughly. The initial review stage was followed by a tremendous amount of discussion which contributed to our high con?denceinour judgements.Thanks alsoto the manyexternalreviewerswhose names arelisted in the followingpages.My apologiesto thosewhose nameswere inadvertently omitted from this list. Thanks to Eddie Ng for maintaining the submission server and the Web reviewsystem.ThesubmissionsoftwarewaswrittenbyChanathipNamprempre, and the Web review software by Wim Moreau and Joris Claessens. Thanks to AlfredHofmannandhiscolleaguesatSpringerforthetimelyproductionofthese proceedings.Finally, it is my pleasureto acknowledgeAri Juels and MikeSzydlo of RSA Laboratories for their assistance and cooperation during the past seven months.

This volume contains a selection of refereed papers from participants of the workshop "Construction and Analysis of Safe, Secure and Interoperable Smart Devices" (CASSIS), held from the 10th to the 13th March 2004 in Marseille, France: http: //www-sop.inria.fr/everest/events/cassis04/ The workshop was organized by INRIA (Institut National de Recherche en InformatiqueetenAutomatique), Franceandthe UniversitydelaM editerran ee, Marseille, France. The workshop was attended by nearly 100 participants, who were invited for their contributions to relevant areas of computer science. Theaimoftheworkshopwastobringtogetherexpertsfromthesmartdevices industry and academic researchers, with a view to stimulate research on formal methods and security, and to encourage the smart device industry to adopt innovative solutions drawn from academic research. The next generation of smart devices holds the promise of providing the required infrastructure for the secure provision of multiple and personalized services. In order to deliver their promise, the smart device technology must however pursue the radical evolution that was initiated with the adoption of multi-application smartcards. Typical needs include: - The possibility for smart devices to feature extensible computational infr- tructures that may be enhanced to support increasingly complex appli- tions that may be installed post-issuance, and may require operating system functionalities that were not pre-installed. Such additional ?exibility must however not compromise security. - The possibility for smart devices to achieve a better integration with larger computersystems, throughimprovedconnectivity, genericity, aswellasint- operability."

Security is one of the most significant issues facing the owners and users of computer systems in the Internet age, and recent years have convincingly illustrated that the problem is increasing in both scale and cost.

Computer Insecurity: Risking the System approaches its topic from the perspective of vulnerability a" how can your system be attacked? Covering technical issues and human factors, the comprehensively researched text makes reference to numerous real-life security incidents, which help to provide persuasive practical evidence of the problems and the impacts that result.

Key issues covered include:

• the problem of computer insecurity
• the need to raise security awareness
• common failings that compromise protection
• the attack and exploitation of systems
• considerations in responding to the threats

Presented in clear and lucid terms, the discussion is invaluable reading for all business and computing professionals who wish for an overview of the issues rather than a shopping list of the security measures available.

a ~In todaya (TM)s connected world no-one can afford to ignore computer security, this book tells you why, and what you should do about it, in simple non-technical language.a (TM)

Dr Jeremy Ward, Director of Service Development, Symantec (UK) Ltd

a ~Computer Insecurity contains loads of practical advice supported by an abundance of real world examples and research. If you dona (TM)t understand what all the fuss concerning computer security is about then this book was written for you.a (TM)Jeff Crume, CISSP

Executive IT Security Architect, IBM and author of a ~Inside InternetSecurity a" What hackers dona (TM)t want you to knowa (TM)

a ~I have long been looking for a book that would give answers to why rather than how we cater for Information and Communication Systems Security ... I recommend it wholeheartedly to anyone that wishes to extend their knowledgea (TM)

Professor Sokratis K. Katsikas, University of the Aegean, Greece

This book constitutes the thoroughly refereed post-proceedings of the 12th International Workshop on Selected Areas in Cryptography, SAC 2005, held in Canada in August 2005. The 25 revised full papers presented were carefully reviewed and selected from 96 submissions for inclusion in the book. The papers are organized in topical sections.

This volume contains the proceedings of the 6th International Conference on Infor- tionandCommunicationsSecurity(ICICS2004),Torremolinos(Malaga), ' Spain,27-29 October 2004. The ?ve previous conferences were held in Beijing, Sydney, Xian, S- gapore and Huhehaote City, where we had an enthusiastic and well-attended event. The proceedings were released as volumes 1334, 1726, 2229, 2513 and 2836 of the LNCS series of Springer, respectively. During these last years the conference has placed equal emphasis on the theoretical and practical aspects of information and communications security and has established itself as a forum at which academic and industrial people meet and discuss emerging security challenges and solutions. We hope to uphold this tradition by offering you yet another successful meeting with a rich and interesting program. The responseto the Call for Paperswas overwhelming,245 papersubmissionswere received. Therefore, the paper selection process was very competitive and dif?cult - only 42 papers were accepted. The success of the conference depends on the quality of the program. Thus, we are indebted to our Program Committee members and the ext- nal refereesfor the great job they did. These proceedingscontainrevised versionsof the accepted papers.Revisions were not checked and the authorsbear full responsibilityfor the content of their papers.

The 2004 Information Security Conference was the seventh in a series that started with the Information Security Workshop in 1997. A distinct feature of this series is the wide coverage of topics with the aim of encouraging interaction between researchers in di?erent aspects of information security. This trend c- tinuedintheprogramofthisyear sconference.Theprogramcommitteereceived 106 submissions, from which 36 were selected for presentation. Each submission was reviewed by at least three experts in the relevant research area. We would liketothankalltheauthorsfortakingtheirtimetopreparethesubmissions, and wehopethatthosewhosepapersweredeclinedwillbeableto?ndanalternative forum for their work. We were fortunate to have an energetic team of experts who took on the task of the program committee. Their names may be found overleaf, and we thank them warmly for their time and e?orts. This team was helped by an even larger number of external reviewers who reviewed papers in their particular areas of expertise. A list of these names is also provided, which we hope is complete. We would also like to thank the advisory committee for their advice and s- port.TheexcellentlocalarrangementswerehandledbyDirkBalfanzandJessica Staddon. We made use of the electronic submission and reviewing software s- plied by COSIC at the Katholieke Universiteit Leuven. Both the software and the ISC 2004 website were run on a server at UNC Charlotte, and were perfectly maintained by Seung-Hyun Im. We also appreciate assistance from Lawrence Teo in editing the proceedings."

In this new reference, Greene addresses the long-neglected security needs of users in the home, company workstation and SOHO (Small Office/Home Office) categories, emphasizing client-side security, user privacy, Internet privacy and data hygiene.

On behalf of the Program Committee, it is our pleasure to present to you the proceedings of the 7th Symposium on Recent Advances in Intrusion Detection (RAID 2004), which took place in Sophia-Antipolis, French Riviera, France, September 15-17, 2004. The symposium brought together leading researchers and practitioners from academia, government and industry to discuss intrusion detection from research as well as commercial perspectives. We also encouraged discussions that - dressed issues that arise when studying intrusion detection, including infor- tion gathering and monitoring, from a wider perspective. Thus, we had sessions on detection of worms and viruses, attack analysis, and practical experience reports. The RAID 2004 Program Committee received 118 paper submissions from all over the world. All submissions were carefully reviewed by several members of the Program Committee and selection was made on the basis of scienti?c novelty, importance to the ?eld, and technical quality. Final selection took place at a meeting held May 24 in Paris, France. Fourteen papers and two practical experience reports were selected for presentation and publication in the conf- ence proceedings. In addition, a number of papers describing work in progress were selected for presentation at the symposium. The keynote addresswas given by Bruce Schneier of Counterpane Systems. H? akan Kvarnstrom ] of TeliaSonera gave an invited talk on the topic "Fighting Fraud in Telecom Environments. " A successful symposium is the result of the joint e?ort of many people."

ForewordfromtheProgramChairs These proceedings contain the papers selected for presentation at the 9th - ropean Symposium on Research in Computer Security (ESORICS), held during September 13 15, 2004 in Sophia Antipolis, France. In response to the call for papers 159 papers were submitted to the conference. These papers were evaluated on the basis of their signi?cance, novelty, and te- nicalquality. Eachpaper wasreviewedby at leastthree members of the program committee. The program committee meeting was held electronically; there was an intensive discussion over a period of two weeks. Of the papers submitted, 27 were selected for presentation at the conference, giving an acceptance rate lower than 17%. The conference program also included an invited talk. A workshop like this does not just happen; it depends on the volunteer e?orts of ahostofindividuals. Thereisalonglistofpeoplewhovolunteeredtheirtimeand energy to put together the workshopand who deserve special thanks. Thanks to all the members of the program committee, and the external reviewers, for all their hardwork in the paper evaluation. Due to the large number of submissions the program committee members were really required to work hard in a short time frame, and we are very thankful to them for the commitment they showed with their active participation in the electronic discussion."

Crypto 2004, the 24th Annual Crypto Conference, was sponsored by the Int- national Association for Cryptologic Research (IACR) in cooperation with the IEEE Computer Society Technical Committee on Security and Privacy and the Computer Science Department of the University of California at Santa Barbara. The program committee accepted 33 papers for presentation at the conf- ence. These were selected from a total of 211 submissions. Each paper received at least three independent reviews. The selection process included a Web-based discussion phase, and a one-day program committee meeting at New York U- versity. These proceedings include updated versions of the 33 accepted papers. The authors had a few weeks to revise them, aided by comments from the reviewers. However, the revisions were not subjected to any editorial review. Theconferenceprogramincludedtwoinvitedlectures.VictorShoup'sinvited talk was a survey on chosen ciphertext security in public-key encryption. Susan Landau's invited talk was entitled "Security, Liberty, and Electronic Commu- cations." Her extended abstract is included in these proceedings. We continued the tradition of a Rump Session, chaired by Stuart Haber. Those presentations (always short, often serious) are not included here.

Indocrypt began in the year 2000 under the leadership of Bimal Roy and - docrypt 2005 was the sixth conference in this series. This series has been well accepted by the international research community as a forum for presenting high-quality cryptography research. This year a total of 148 papers were s- mitted for consideration to the Program Committee and after a careful review process, 31 were accepted for presentation. We would like to thank the authors of all submitted papers, including those that were accepted and those which, unfortunately, could not be accommodated. ThereviewingprocessforIndocryptwasverystringentandtheschedulewas- tremelytight.TheProgramCommitteemembersdidanexcellentjobinreviewing andselectingthepapersforpresentation.Duringthereviewprocess, theProgram Committee members were communicating using a review software developed by BartPreneel, WimMoreauandJorisClaessens.Weacknowledgethemforprov- ingthesoftware.ThesoftwarewashostedatI2R, Singaporeandwearegratefulto Feng BaoandJianyingZhouforallowingthat.Thisyear'sconferencewasdeeply indebtedto QiuYingofI2R, Singapore, who tookthe responsibilityofmainta- ing the review softwareand the server.Without his great cooperationIndocrypt 2005could nothavebeen possible.Inthis regardI wouldliketo acknowledgethe supportofTanmoyKantiDas, DibyenduChakrabarti, MridulNandi, Deepak- mar Dalai, Sumanta Sarkar and Sourav Mukhopadhyay for handling important administrativeissuesinthesubmissionandreviewprocessesaswellasforputting togethertheseproceedingsintheir?nalform.WearealsogratefultoPalashSarkar forhiscooperationandguidanceinIndocrypt2005. The proceedings include the revised versions of the 31 selected papers. Re- sions were not checked by the ProgramCommittee and the authors bear the full responsibility for the contents of the respective papers. Our thanks go to all the Program members and the external reviewers (a list of them is included in the proceedings) who put in their valuable time and e?ort in providing important feedbackto the authors.We thank V. KumarMurty ofthe UniversityofToronto for kindly agreeing to present the invited talk. The talk has been included in the proceedin

The increasing relevance of security to real-life applications, such as electronic commerce and Internet banking, is attested by the fast-growing number of - search groups, events, conferences, and summer schools that address the study of foundations for the analysis and the design of security aspects. The Int- national School on Foundations of Security Analysis and Design (FOSAD, see http: //www.sti.uniurb.it/events/fosad/)has been one of the foremost events - tablishedwiththegoalofdisseminatingknowledgeinthiscriticalarea, especially for young researchers approaching the ?eld and graduate students coming from less-favoured and non-leading countries. The FOSAD school is held annually at the Residential Centre of Bertinoro (http: //www.ceub.it/), in the fascinating setting of a former convent and ep- copal fortress that has been transformed into a modern conference facility with computing services and Internet access. Since the ?rst school, in 2000, FOSAD hasattractedmorethan250participantsand50lecturersfromallovertheworld. A collection of tutorial lectures from FOSAD 2000 was published in Springer s LNCS volume 2171. Some of the tutorials given at the two successive schools (FOSAD 2001 and 2002) are gathered in a second volume, LNCS 2946. To c- tinue this tradition, the present volume collects a set of tutorials fromthe fourth FOSAD, held in 2004, and from FOSAD 2005."

The 9th Australasian Conference on Information Security and Privacy (ACISP 2004) was held in Sydney, 13-15 July, 2004. The conference was sponsored by the Centre for Advanced Computing - Algorithms and Cryptography (ACAC), Information and Networked Security Systems Research (INSS), Macquarie U- versity and the Australian Computer Society. Theaimsoftheconferencearetobringtogetherresearchersandpractitioners working in areas of information security and privacy from universities, industry and government sectors. The conference program covered a range of aspects including cryptography, cryptanalysis, systems and network security. The program committee accepted 41 papers from 195 submissions. The - viewing process took six weeks and each paper was carefully evaluated by at least three members of the program committee. We appreciate the hard work of the members of the program committee and external referees who gave many hours of their valuable time. Of the accepted papers, there were nine from Korea, six from Australia, ?ve each from Japan and the USA, three each from China and Singapore, two each from Canada and Switzerland, and one each from Belgium, France, Germany, Taiwan, The Netherlands and the UK. All the authors, whether or not their papers were accepted, made valued contributions to the conference. In addition to the contributed papers, Dr Arjen Lenstra gave an invited talk, entitled Likely and Unlikely Progress in Factoring. ThisyeartheprogramcommitteeintroducedtheBestStudentPaperAward. The winner of the prize for the Best Student Paper was Yan-Cheng Chang from Harvard University for his paper Single Database Private Information Retrieval with Logarithmic Communication.

These are the proceedings of CHES 2004, the 6th Workshop on Cryptographic Hardware and Embedded Systems. For the ?rst time, the CHES Workshop was sponsored by the International Association for Cryptologic Research (IACR). This year, the number of submissions reached a new record. One hundred and twenty-?ve papers were submitted, of which 32 were selected for presen- tion. Each submitted paper was reviewed by at least 3 members of the program committee. We are very grateful to the program committee for their hard and e?cientworkinassemblingtheprogram.Wearealsogratefultothe108external referees who helped in the review process in their area of expertise. In addition to the submitted contributions, the program included three - vited talks, by Neil Gershenfeld (Center for Bits and Atoms, MIT) about "Ph- ical Information Security," by Isaac Chuang (Medialab, MIT) about "Quantum Cryptography," and by Paul Kocher (Cryptography Research) about "Phy- cal Attacks." It also included a rump session, chaired by Christof Paar, which featured informal talks on recent results. Asinthepreviousyears, theworkshopfocusedonallaspectsofcryptographic hardware and embedded system security. We sincerely hope that the CHES Workshop series will remain a premium forum for intellectual exchange in this area.