Crypto 2004, the 24th Annual Crypto Conference, was sponsored by the Int- national Association for Cryptologic Research (IACR) in cooperation with the IEEE Computer Society Technical Committee on Security and Privacy and the Computer Science Department of the University of California at Santa Barbara. The program committee accepted 33 papers for presentation at the conf- ence. These were selected from a total of 211 submissions. Each paper received at least three independent reviews. The selection process included a Web-based discussion phase, and a one-day program committee meeting at New York U- versity. These proceedings include updated versions of the 33 accepted papers. The authors had a few weeks to revise them, aided by comments from the reviewers. However, the revisions were not subjected to any editorial review. Theconferenceprogramincludedtwoinvitedlectures.VictorShoup'sinvited talk was a survey on chosen ciphertext security in public-key encryption. Susan Landau's invited talk was entitled "Security, Liberty, and Electronic Commu- cations." Her extended abstract is included in these proceedings. We continued the tradition of a Rump Session, chaired by Stuart Haber. Those presentations (always short, often serious) are not included here.

Indocrypt began in the year 2000 under the leadership of Bimal Roy and - docrypt 2005 was the sixth conference in this series. This series has been well accepted by the international research community as a forum for presenting high-quality cryptography research. This year a total of 148 papers were s- mitted for consideration to the Program Committee and after a careful review process, 31 were accepted for presentation. We would like to thank the authors of all submitted papers, including those that were accepted and those which, unfortunately, could not be accommodated. ThereviewingprocessforIndocryptwasverystringentandtheschedulewas- tremelytight.TheProgramCommitteemembersdidanexcellentjobinreviewing andselectingthepapersforpresentation.Duringthereviewprocess, theProgram Committee members were communicating using a review software developed by BartPreneel, WimMoreauandJorisClaessens.Weacknowledgethemforprov- ingthesoftware.ThesoftwarewashostedatI2R, Singaporeandwearegratefulto Feng BaoandJianyingZhouforallowingthat.Thisyear'sconferencewasdeeply indebtedto QiuYingofI2R, Singapore, who tookthe responsibilityofmainta- ing the review softwareand the server.Without his great cooperationIndocrypt 2005could nothavebeen possible.Inthis regardI wouldliketo acknowledgethe supportofTanmoyKantiDas, DibyenduChakrabarti, MridulNandi, Deepak- mar Dalai, Sumanta Sarkar and Sourav Mukhopadhyay for handling important administrativeissuesinthesubmissionandreviewprocessesaswellasforputting togethertheseproceedingsintheir?nalform.WearealsogratefultoPalashSarkar forhiscooperationandguidanceinIndocrypt2005. The proceedings include the revised versions of the 31 selected papers. Re- sions were not checked by the ProgramCommittee and the authors bear the full responsibility for the contents of the respective papers. Our thanks go to all the Program members and the external reviewers (a list of them is included in the proceedings) who put in their valuable time and e?ort in providing important feedbackto the authors.We thank V. KumarMurty ofthe UniversityofToronto for kindly agreeing to present the invited talk. The talk has been included in the proceedin

The increasing relevance of security to real-life applications, such as electronic commerce and Internet banking, is attested by the fast-growing number of - search groups, events, conferences, and summer schools that address the study of foundations for the analysis and the design of security aspects. The Int- national School on Foundations of Security Analysis and Design (FOSAD, see http: //www.sti.uniurb.it/events/fosad/)has been one of the foremost events - tablishedwiththegoalofdisseminatingknowledgeinthiscriticalarea, especially for young researchers approaching the ?eld and graduate students coming from less-favoured and non-leading countries. The FOSAD school is held annually at the Residential Centre of Bertinoro (http: //www.ceub.it/), in the fascinating setting of a former convent and ep- copal fortress that has been transformed into a modern conference facility with computing services and Internet access. Since the ?rst school, in 2000, FOSAD hasattractedmorethan250participantsand50lecturersfromallovertheworld. A collection of tutorial lectures from FOSAD 2000 was published in Springer s LNCS volume 2171. Some of the tutorials given at the two successive schools (FOSAD 2001 and 2002) are gathered in a second volume, LNCS 2946. To c- tinue this tradition, the present volume collects a set of tutorials fromthe fourth FOSAD, held in 2004, and from FOSAD 2005."

The 9th Australasian Conference on Information Security and Privacy (ACISP 2004) was held in Sydney, 13-15 July, 2004. The conference was sponsored by the Centre for Advanced Computing - Algorithms and Cryptography (ACAC), Information and Networked Security Systems Research (INSS), Macquarie U- versity and the Australian Computer Society. Theaimsoftheconferencearetobringtogetherresearchersandpractitioners working in areas of information security and privacy from universities, industry and government sectors. The conference program covered a range of aspects including cryptography, cryptanalysis, systems and network security. The program committee accepted 41 papers from 195 submissions. The - viewing process took six weeks and each paper was carefully evaluated by at least three members of the program committee. We appreciate the hard work of the members of the program committee and external referees who gave many hours of their valuable time. Of the accepted papers, there were nine from Korea, six from Australia, ?ve each from Japan and the USA, three each from China and Singapore, two each from Canada and Switzerland, and one each from Belgium, France, Germany, Taiwan, The Netherlands and the UK. All the authors, whether or not their papers were accepted, made valued contributions to the conference. In addition to the contributed papers, Dr Arjen Lenstra gave an invited talk, entitled Likely and Unlikely Progress in Factoring. ThisyeartheprogramcommitteeintroducedtheBestStudentPaperAward. The winner of the prize for the Best Student Paper was Yan-Cheng Chang from Harvard University for his paper Single Database Private Information Retrieval with Logarithmic Communication.

These are the proceedings of CHES 2004, the 6th Workshop on Cryptographic Hardware and Embedded Systems. For the ?rst time, the CHES Workshop was sponsored by the International Association for Cryptologic Research (IACR). This year, the number of submissions reached a new record. One hundred and twenty-?ve papers were submitted, of which 32 were selected for presen- tion. Each submitted paper was reviewed by at least 3 members of the program committee. We are very grateful to the program committee for their hard and e?cientworkinassemblingtheprogram.Wearealsogratefultothe108external referees who helped in the review process in their area of expertise. In addition to the submitted contributions, the program included three - vited talks, by Neil Gershenfeld (Center for Bits and Atoms, MIT) about "Ph- ical Information Security," by Isaac Chuang (Medialab, MIT) about "Quantum Cryptography," and by Paul Kocher (Cryptography Research) about "Phy- cal Attacks." It also included a rump session, chaired by Christof Paar, which featured informal talks on recent results. Asinthepreviousyears, theworkshopfocusedonallaspectsofcryptographic hardware and embedded system security. We sincerely hope that the CHES Workshop series will remain a premium forum for intellectual exchange in this area.

2.1 Di?erential Power Analysis Di?erential Power Analysis (DPA) was introduced by Kocher, Ja?e and Jun in 1998 [13] and published in 1999 [14]. The basic idea is to make use of potential correlations between the data handled by the micro-controller and the electric consumption measured values. Since these correlations are often very low, s- tistical methods must be applied to deduce su?cient information from them. Theprinciple ofDPAattacksconsistsincomparingconsumptionvalues m- suredonthe real physical device (for instance a GSM chip or a smart card)with values computed in an hypothetical model of this device (the hypotheses being made among others on the nature of the implementation, and chie?y on a part of the secret key). By comparing these two sets of values, the attacker tries to recover all or part of the secret key. The initial target of DPA attacks was limited to symmetric algorithms. V- nerability of DES - ?rst shown by Kocher, Ja?e and Jun [13, 14]-wasfurther studied by Goubin and Patarin [11, 12], Messerges, Dabbish, Sloan [16]and Akkar, B' evan, Dischamp, Moyart [2]. Applications of these attacks were also largely taken into account during the AES selection process, notably by Biham, Shamir [4], Chari, Jutla, Rao, Rohatgi [5] and Daemen, Rijmen [8].

This book constitutes the refereed proceedings of the First European Public Key Infrastructure Workshop: Research and Applications, EuroPKI 2004, held on Samos Island, Greece in June 2004.

The 25 revised full papers and 5 revised short papers presented were carefully reviewed and selected from 73 submissions. The papers address all current issues in PKI, ranging from theoretical and foundational topics to applications and regulatory issues in various contexts.

Thesearetheproceedingsofthe7thWorkshoponCryptographic Hardwareand EmbeddedSystems(CHES2005)heldinEdinburgh, ScotlandfromAugust29to September1,2005.TheCHESworkshophasbeensponsoredbytheInternational Association for Cryptologic Research (IACR) for the last two years. We received a total of 108 paper submissions for CHES 2005. The doub- blindreviewprocessinvolveda27-memberprogramcommittee anda largen- ber of external sub-referees. The review process concluded with a two week d- cussion process which resulted in 32 papers being selected for presentation. We are grateful to the program committee members and the external sub-referees for carrying out such an enormous task. Unfortunately, there were many strong papers that could not be included in the program due to a lack of space. We would like to thank all our colleagues who submitted papers to CHES 2005. In addition to regular presentations, there were three excellent invited talks given by Ross Anderson (University of Cambridge) on "What Identity Systems Can and Cannot Do," by Thomas Wille (Philips Semiconductors Inc) on "- curity of Identi?cation Products: How to Manage," and by Jim Ward (Trusted Computing Groupand IBM)on"TrustedComputing inEmbedded Systems."It also included a rump session, chaired by Christof Paar, featuring informal talks on recent results.

Privacy in statistical databases is about ?nding tradeo?s to the tension between the increasing societal and economical demand for accurate information and the legal and ethical obligation to protect the privacy of individuals and enterprises, which are the source of the statistical data. Statistical agencies cannot expect to collect accurate information from individual or corporate respondents unless these feel the privacy of their responses is guaranteed; also, recent surveys of Web users show that a majority of these are unwilling to provide data to a Web site unless they know that privacy protection measures are in place. "Privacy in Statistical Databases2004" (PSD2004) was the ?nal conference of the CASC project ("Computational Aspects of Statistical Con?dentiality", IST-2000-25069). PSD2004 is in the style of the following conferences: "Stat- tical Data Protection", held in Lisbon in 1998 and with proceedings published by the O?ce of O?cial Publications of the EC, and also the AMRADS project SDC Workshop, held in Luxemburg in 2001 and with proceedings published by Springer-Verlag, as LNCS Vol. 2316. The Program Committee accepted 29 papers out of 44 submissions from 15 di?erentcountriesonfourcontinents.Eachsubmittedpaperreceivedatleasttwo reviews. These proceedings contain the revised versions of the accepted papers. These papers cover the foundations and methods of tabular data protection, masking methods for the protection of individual data (microdata), synthetic data generation, disclosure risk analysis, and software/case studies.

The 4th International Conference on Security in Communication Networks 2004 (SCN2004)washeldatthe DioceseHall oftheArchdioceseofAmal?-Cavade Tirreni and the Armorial Bearings Hall of the Archbishop Palace in Amal?, Italy, on September 8 10, 2004. Previous conferences also took place in Amal? in 1996, 1999 and 2002. The conference aimed at bringing together researchers in the ?elds of cr- tography and security in communication networks to foster cooperation and the exchange of ideas. The main topics included all technical aspects of data security, including: anonymity, authentication, blockciphers, complexity-basedcryptography, cry- analysis, digital signatures, distributed cryptography, hash functions, identi?- tion, implementations, keydistribution, privacy, publickeyencryption, threshold cryptography, and zero knowledge. The Program Committee, consisting of 21 members, considered 79 papers and selected 26 for presentation; one of them was withdrawn by the authors. These papers were selected on the basis of originality, quality and relevance to cryptography and security in communication networks. Due to the high number of submissions, paper selection was a di?cult and challenging task, and many good submissions had to be rejected. Each subm- sion was refereed by at least three reviewers and some had four reports or more. We are very grateful to all the program committee members, who devoted much e?ort and valuable time to read and select the papers. In addition, we gratefully acknowledge the help of colleagues who reviewed submissions in their areas of expertise. They are all listed on page VII and we apologize for any inadvertent omissions. These proceedings include the revised versions of the 26 accepted papers andtheabstractoftheinvitedtalkbyBartPreneel(ECRYPT: theCryptographic Research Challenges for the Next Decade)."

We are happy to present to you the proceedings of the 2nd International Workshop on Digital Watermarking, IWDW 2003. Since its modern re-appearance in the academic community in the early 1990s, great progress has been made in understanding both the capabilities and the weaknesses of digital watermarking. On the theoretical side, we all are now well aware of the fact that digital waterma- ing is best viewed as a form of communication using side information. In the case of digital watermarking the side information in question is the document to be wat- marked. This insight has led to a better understanding of the limits of the capacity and robustness of digital watermarking algorithms. It has also led to new and improved watermarking algorithms, both in terms of capacity and imperceptibility. Similarly, the role of human perception, and models thereof, has been greatly enhanced in the study and design of digital watermarking algorithms and systems. On the practical side, applications of watermarking are not yet abundant. The original euphoria on the role of digital watermarking in copy protection and copyright prot- tion has not resulted in widespread usage in practical systems. With hindsight, a n- ber of reasons can be given for this lack of practical applications.

This book constitutes the thoroughly refereed post-proceedings of the 6th International Conference on Information Security and Cryptology, ICISC 2003, held in Seoul, Korea, in November 2003.

The 32 revised full papers presented together with an invited paper were carefully selected from 163 submissions during two rounds of reviewing and improvement. The papers are organized in topical sections on digital signatures, primitives, fast implementations, computer security and mobile security, voting and auction protocols, watermarking, authentication and threshold protocols, and block ciphers and stream ciphers.

The INDOCRYPT series of conferences started in 2000. INDOCRYPT 2004 was the ?fth one in this series. The popularity of this series is increasing every year. The number of papers submitted to INDOCRYPT 2004 was 181, out of which 147 papers conformed to the speci?cations in the call for papers and, therefore, were accepted to the review process. Those 147 submissions were spread over 22 countries. Only 30 papers were accepted to this proceedings. We should note that many of the papers that were not accepted were of good quality but only the top 30 papers were accepted. Each submission received at least three independent - views. The selection process also included a Web-based discussion phase. We made e?orts to compare the submissions with other ongoing conferences around the world in order to ensure detection of double-submissions, which were not - lowed by the call for papers. We wish to acknowledge the use of the Web-based review software developed by Bart Preneel, Wim Moreau, and Joris Claessens in conducting the review process electronically. The software greatly facilitated the Program Committee in completing the review process on time. We would like to thank C edric Lauradoux and the team at INRIA for their total support in c- ?guring and managing the Web-based submission and review softwares. We are unable to imagine the outcome of the review process without their participation. This year the invited talks were presented by Prof. Colin Boyd and Prof."

The4thWorkshoponInformationSecurityApplications(WISA2003)wassp- sored by the following Korean organizations and government bodies: the Korea Institute of Information Security and Cryptology (KIISC), the Electronics and TelecommunicationsResearchInstitute(ETRI), andtheMinistryofInformation and Communication (MIC). The workshop was held in Jeju Island, Korea - ring August 25-27, 2003. This international workshop provided ample technical sessions covering a large spectrum of information security applications. Subjects covered included network/mobile security, electronic commerce security, digital rights management, intrusion detection, secure systems and applications, bio- trics and human interfaces, public key cryptography, and applied cryptography. The program committee received 200 papers from 23 countries (representing most geographic areas where security and applied cryptography research is c- ductedthroughouttheworld).Eachsubmittedpaperwaspeer-reviewedbythree program committee members. This year, we had two tracks: long and short p- sentation tracks. We selected 36 papers for the long presentation track and 34 papers for the short presentation tracks. This volume contains revised versions of papers accepted for the long presentation track. We would like to note that getting accepted to both tracks was an achievement to be proud of, given the competitive nature of WISA this year. Papers in the short presentation track were only published in the WISA preproceedings as preliminary notes; ext- dedversionsofthesenotesmaybepublishedbyfutureconferencesorworkshops

PKC2004wasthe7thInternationalWorkshoponPracticeandTheoryinPublic Key Cryptography and was sponsored by IACR, the International Association for Cryptologic Research (www. iacr. org). This year the workshop was organized 2 in cooperation with the Institute for Infocomm Research (I R), Singapore. There were 106 paper submissions from 19 countries to PKC 2004. That is the highest submission number in PKC history. Due to the large number of submissionsandthehighqualityofthe submittedpapers, notallthepapersthat contained new ideas were accepted. Of the 106 submissions, 32 were selected for the proceedings. Each paper was sent to at least 3 members of the Program Committee for comments. The revised versions of the accepted papers were not checked for correctness of their scienti?c aspects and the authors bear the full responsibility for the contents of their papers. Some authors will write ?nal versions of their papers for publication in refereed journals. I am very grateful to the members of the Program Committee for their hard work in the di?cult task of selecting fewer than 1 in 3 of the submitted papers, as well as the following external referees who helped the Program Committee: Nuttapong Attrapadung, RobertoMariaAvanzi, GildasAvoine, JoonsangBaek, Qingjun Cai, Jae Choon Cha, Chien-Ning Chen, Liqun Chen, Xiaofeng Chen, Koji Chida, Nicolas T. Courtois, Yang Cui, Jean-Franco, is Dhem, Louis Goubin, Louis Granboulan, Rob Granger, Jens Groth, Yumiko Hanaoka, Darrel Hank- son, Chao-ChihHsu, TetsutaroKobayashi, YuichiKomano, HidenoriKuwakado, TanjaLange, PeterLeadbitter, ByoungcheonLee, Chun-KoLee, HenryC. J. Lee, JohnMaloneLee, YongLi, Beno tLibert, Hsi-ChungLin, YiLu, JeanMonnerat, Anderson C. A. Nas

The Cryptographers' Track (CT-RSA) is a research conference within the RSA conference, the largest, regularly staged computer security event. CT-RSA 2004 was the fourth year of the Cryptographers' Track, and it is now an established venue for presenting practical research results related to cryptography and data security. The conference received 77 submissions, and the program committee sel- ted 28 of these for presentation. The program committee worked very hard to evaluate the papers with respect to quality, originality, and relevance to cryp- graphy. Each paper was reviewed by at least three program committee members. Extended abstracts of the revised versions of these papers are in these proc- dings. The program also included two invited lectures by Dan Boneh and Silvio Micali. I am extremely grateful to the program committee members for their en- mous investment of time and e?ort in the di?cult and delicate process of review and selection. Many of them attended the program committee meeting during the Crypto 2003 conference at the University of California, Santa Barbara.

Security is a rapidly growing area of computer science, with direct and increasing relevance to real-life applications, such as Internet transactions, e-commerce, information protection, network and systems security, etc. Foundations for the analysis and design of security features of such applications are badly needed in order to validate and prove their correctness.

This book presents thoroughly revised versions of six tutorial lectures given by leading researchers during two International Schools on Foundations of Security Analysis and Design, FOSAD 2001/2002, held in Bertinoro, Italy, in September 2001 and September 2002. The lectures are devoted to:

- Formal Approaches to Approximating Noninterference Properties

- The Key Establishment Problem

- Name-Passing Calculi and Cryptoprimitives

- Classification of Security Properties; Network Security

- Cryptographic Algorithms for Multimedia Traffic

- Security for Mobility

Once again we bring you the proceedings of the International Workshop on Security Protocols. It seems hard to believe that we have reached the tenth event in this annual series. This year our theme was "Discerning the Protocol Participants." Security protocols are usually described in terms of the active participants - Alice c- putes foo and sends it to Bob. However most security protocols also include o?-line participants, which are not synchronously involved in the exchange of messages: a bank may participate on behalf of a customer, and an arbiter may subsequently be asked to interpret the meaning of a run. These silent partners to the protocol have their own security policies, and assumptionsaboutidentity, authorizationandcapabilityneedtobere-examined when the agenda of a hidden participant may change. We hope that the position papers published here, which have been rewritten and rethought in the light of the discussions at the workshop, will be of interest, not just for the speci?c contributions they make but also for the deeper issues which they expose. In order to identify these issues more clearly, we include transcripts for some of the discussions which took place in Cambridge during the workshop. What would you have liked to add? Do let us know.

PET 2003 was the 3rd Workshop on Privacy Enhancing Technologies. It all startedin2000withHannesFederrathorganizing"DesigningPrivacyEnhancing Technologies: Workshop on Design Issues in Anonymity and Unobservability," July 25-26, 2000, held at the Computer Science Institute (ICSI), Berkeley, CA (LNCS 2009). Roger Dingledine, Adam Shostack, and Paul Syverson continued in April 2002 in San Francisco (PET 2002, LNCS 2482). This year was Dresden, and as long as the new PET ?eld prospers, we intend to hold this workshop annually. The workshop focused on the design and realization of anonymity and an- censorship services for the Internet and other communication networks. Besides the excellent technical papers, we had four panels, led by Richard Clayton, - drei Serjantov, Marit Hansen, and Allan Friedman. This year we also extended our work-in-progress talk schedule, allowing 24 people from the audience to - troduce a variety of new technologies and perspectives. An event like PET 2003 cannot happen without the work and dedication of many individuals. First we thank the authors, who wrote and submitted 52 full papers. Next the program committee, who wrote 163 reviews and - lected14papersforpresentationandpublication, withadditionalreviewinghelp from Peter Berlich, Oliver Berthold, Steve Bishop, Jan Camenisch, Sebastian Clauss, Allison Clayton, George Danezis, Christian Friberg, Philippe Golle, Mike Gurski, Guenter Karjoth, Dogan Kesdogan, Stefan Kopsell, ] Thomas Kriegelstein, Heinrich Langos, Nick Mathewson, Richard E. Newman, Richard Owens, David Parkes, Peter Pietzuch, Sandra Steinbrecher, Nathalie Weiler, Matthew Wright, and Sheng Zhong."

Intended for database administrators, this book shows how to protect an Access database by making changes in the startup options, database options and attributes, menus and toolbars, workgroup security, and the Windows operating system itself. The Australian author discusses the AutoExec macro, data

Digital Rights Management (DRM) is a topic of interest to a wide range of people from various backgrounds: engineers and technicians, legal academics and lawyers, economists and business practitioners. The two conferences on the issue held in 2000 and 2002 in Berlin, Germany, brought these people together for fruitful discussions. This book continues this process by providing insights into the three main areas that DRM in?uences and that DRM is influenced by: technology, economics, and law and politics. Looking at the first results of the two conferences we would like to emphasize three aspects. Firstly, DRM is a fairly young topic with many issues still - resolved. Secondly, there is still an acute lack of objective information about DRM and the consequences of using (or not using) DRM in our Information Society. And, finally, only open discussions amongst all the interested parties and people from different scientific and practical backgrounds can help to create a foundation on which DRM can actually become useful.

TheINDOCRYPTconferenceseriesstartedin2000, andINDOCRYPT2003was the fourth one in this series. This series has been accepted by the international research community as a forum for presenting high-quality crypto research, as is evident from the 101 submissions this year, spread over 21 countries and all ?ve continents. The accepted papers were written by authors from 16 countries, covering four continents. A total of 101 papers were submitted for consideration to the program c- mittee, and after a careful reviewing process 30 were accepted for presentation. One of the conditionally accepted papers was withdrawn by the authors as they found an errorin the paper that could not be repairedin the short time between the noti?cation of the reviewand the ?nalversionsubmission.Thus the ?nal list contains29acceptedpapers.Wewouldliketo thanktheauthorsofallsubmitted papers, including both those that wereaccepted and those which, unfortunately, could not be accommodated. The reviewing process for INDOCRYPT was very stringent and the schedule was extremely tight. The program committee members did an excellent job in reviewing and selecting the papers for presentation. During the review process, theprogramcommitteememberscommunicatedusingareviewsoftwarepackage developed by Bart Preneel, Wim Moreau and Joris Claessens. We acknowledge them for providing this software. These proceedings include the revised versions of the 29 selected papers. Revisions were not checkedby the programcommittee and the authors bear the full responsibility for the contents of the respective papers. Our thanks go to all the program committee members and the external reviewers(alistofthem isincludedintheproceedings)whoputintheirvaluable time and e?ort in providing important feedback to the authors

ASIACRYPT 2003 was held in Taipei, Taiwan, from Nov. 30 to Dec. 4, 2003. The 9th Annual ASIACRYPT conference was sponsored by the International Association for Cryptologic Research (IACR), this year in cooperation with the ChineseCryptologyandInformationSecurityAssociation(CCISA)andNational Cheng Kung University (NCKU) in Taiwan. One hundred and eighty-eight papers from 26 countries were submitted to ASIACRYPT 2003 and 33 (of which one paper was withdrawn by the authors afternoti?cation)ofthesewereselectedforpresentation.Theseproceedingsc- tainrevisedversionsoftheacceptedpapers.WehadanIACR2003Distinguished Lecture, by Dr. Don Coppersmith, entitled "Solving Low Degree Polynomials." In addition, two invited talks were given at the conference. One was given by Dr. Adi Shamir. The other one was given by Dr. Hong-Sen Yan, entitled "The Secret and Beauty of Ancient Chinese Locks." The conference program also included a rump session, chaired by Tzong Chen Wu, which featured short informal talks on recent results. It was a pleasure for me to work with the program committee, which was composed of 27 members from 17 countries; I thank them for working very hard overseveralmonths.Asamatteroffact,thereviewprocesswasachallengingand time-consuming task, and it lasted about 8 weeks, followed by more than half a month for discussions among the program committee members. All submissions were anonymously reviewed by at least 3 members in the relevant areas of the program committee; in some cases, particularly for those papers submitted by a member of the program committee, they were reviewed by at least six members. We are grateful to all the program committee members who put in a lot of e?ort andprecioustimegivingtheirexpertanalysisandcommentsonthesubmissions.

ICICS 2003, the Fifth International Conference on Information and C- munication Security, was held in Huhehaote city, Inner Mongolia, China, 10 13 October 2003. Among the preceding conferences, ICICS 97 was held in B- jing, China, ICICS 99 in Sydney, Australia, ICICS 2001 in Xi an, China, and ICICS 2002, in Singapore.TheproceedingswerereleasedasVolumes1334,1726, 2229, and 2513 of the LNCS series of Springer-Verlag, respectively. ICICS 2003 was sponsored by the Chinese Academy of Sciences (CAS), the National Natural Science Foundation of China, and the China Computer F- eration. The conference was organized by the Engineering Research Center for Information Security Technology of the Chinese Academy of Sciences (ERCIST, CAS) in co-operation with the International Communications and Information Security Association (ICISA). The aim of the ICICS conferences has been to o?er the attendees the - portunity to discuss the state-of-the-art technology in theoretical and practical aspects of information and communications security. The response to the Call forPaperswassurprising.WhenwewerepreparingtheconferencebetweenApril and May, China, including the conference venue, Huhehaote City, was ?ghting against SARS. Despite this 176 papers were submitted to the conference from 22 countries and regions, and after a competitive selection process, 37 papers from 14 countries and regions were accepted to appear in the proceedings and be presented at ICICS 2003. We would like to take this opportunity to thank all those who submitted papers to ICICS 2003 for their valued contribution to the conference."

The Communications and Multimedia Security conference (CMS 2003) was - ganized in Torino, Italy, on October 2-3, 2003. CMS 2003 was the seventh IFIP working conference on communications and multimedia security since 1995. - search issues and practical experiences were the topics of interest, with a special focus on the security of advanced technologies, such as wireless and multimedia communications. The book "Advanced Communications and Multimedia Security" contains the 21 articles that were selected by the conference program committee for p- sentation at CMS 2003. The articles address new ideas and experimental eval- tion in several ?elds related to communications and multimedia security, such as cryptography, network security, multimedia data protection, application se- rity, trust management and user privacy. We think that they will be of interest not only to the conference attendees but also to the general public of researchers in the security ?eld. We wish to thank all the participants, organizers, and contributors of the CMS 2003 conference for having made it a success. October 2003 Antonio Lioy GeneralChairofCMS2003 Daniele Mazzocchi ProgramChairofCMS2003 VI Organization CMS 2003 was organized by the TORSEC Computer and Network Security Group of the Dipartimento di Automatica ed Informatica at the Politecnico di Torino, in cooperation with the Istituto Superiore Mario Boella.