This book constitutes the refereed proceedings of the 8th International Conference on Information and Communications Security, ICICS 2006, held in Raleigh, NC, USA, December 2006. The 22 revised full papers and 17 revised short papers cover security protocols, applied cryptography, access control, privacy and malicious code, network security, systems security, cryptanalysis, applied cryptography and network security, and security implementations.

It is our pleasure to present in this volume the proceedings of the 7th Inter- tional Workshopon InformationHiding (IH 2005), held in Barcelona, Catalonia, Spain, during June 6-8, 2005. The workshop was organized by the Department of Computer Science and Multimedia, Universitat Oberta de Catalunya (UOC). Continuing the tradition of previous workshops, we sought a balanced p- gram, containing talks on various aspects of data hiding, anonymous commu- cation, steganalysis, and watermarking.Although the protection of digital int- lectual property has up to now motivated most of our research, there are many other upcoming ?elds of application. We were delighted to see that this year's workshop presented numerous new and unconventional approaches to infor- tion hiding. The selection of the program was a very challenging task. In total, we - ceived 90 submissions from 21 countries. At this point we want to thank all authors who submitted their latest work to IH 2005-and thus assured that the Information Hiding Workshop continues to be the top forum of our community.

The10thintheseriesofIMAConferencesonCryptographyandCodingwasheld at the RoyalAgricultural College, Cirencester, during 19 21 December 2005. As usual, the venue provided a relaxed and informal atmosphere for attendees to discuss work and listen to the collection of talks. The program consisted of four invited talks and 26 contributed talks. The invitedtalkswheregivenbyTuviEtzion, UeliMaurer, AlfredMenezesandAmin Shokrollahi, and three of these invited talks appear as papers in this volume. Special thanks must go to these four speakers as they helped to set the tone, by coveringall the areasthe meeting aimed to cover, from cryptographythrough to coding. In addition the best speakers are often the hardest to persuade to come to a meeting, as they are usually the most busy. We therefore feel privileged to have had a meeting with four such distinguished speakers. The contributed talks were selected from 94 submissions. This is nearly twice thenumberofsubmissionsforthepreviousmeetingin2003.Thisisanindication of the strength of the subject and the interest in the IMA series of meetings as a venue to present new work. The contributed talks ranged over a wide number of areas, including information theory, coding theory, number theory and as- metric and symmetric cryptography. Subtopics included a number of current hot topics, such as algebraic cryptanalysis and cryptographic systems based on bilinear pairings. Assembling the conference program and these proceedings required the help of a large number of individuals. I would like to thank them all here."

Will your organization be protected the day a quantum computer breaks encryption on the internet? Computer encryption is vital for protecting users, data, and infrastructure in the digital age. Using traditional computing, even common desktop encryption could take decades for specialized 'crackers' to break and government and infrastructure-grade encryption would take billions of times longer. In light of these facts, it may seem that today's computer cryptography is a rock-solid way to safeguard everything from online passwords to the backbone of the entire internet. Unfortunately, many current cryptographic methods will soon be obsolete. In 2016, the National Institute of Standards and Technology (NIST) predicted that quantum computers will soon be able to break the most popular forms of public key cryptography. The encryption technologies we rely on every day--HTTPS, TLS, WiFi protection, VPNs, cryptocurrencies, PKI, digital certificates, smartcards, and most two-factor authentication--will be virtually useless. . . unless you prepare. Cryptography Apocalypse is a crucial resource for every IT and InfoSec professional for preparing for the coming quantum-computing revolution. Post-quantum crypto algorithms are already a reality, but implementation will take significant time and computing power. This practical guide helps IT leaders and implementers make the appropriate decisions today to meet the challenges of tomorrow. This important book: Gives a simple quantum mechanics primer Explains how quantum computing will break current cryptography Offers practical advice for preparing for a post-quantum world Presents the latest information on new cryptographic methods Describes the appropriate steps leaders must take to implement existing solutions to guard against quantum-computer security threats Cryptography Apocalypse: Preparing for the Day When Quantum Computing Breaks Today's Crypto is a must-have guide for anyone in the InfoSec world who needs to know if their security is ready for the day crypto break and how to fix it.

The International Conference on Computational Intelligence and Security (CIS) is an annualinternationalconference that bringstogether researchers, engineers, developers and practitioners from both academia and industry to share expe- ence and exchange and cross-fertilize ideas on all areas of computational - telligence and information security. The conference serves as a forum for the dissemination of state-of-the-art research and the development, and implem- tationsof systems, technologiesandapplicationsinthese two broad, interrelated ?elds. This year CIS 2005 was co-organized by the IEEE (Hong Kong) Com- tational Intelligence Chapter and Xidian University, and co-sponsored by Hong Kong Baptist University, National Natural Science Foundation of China, Key Laboratory of Computer Networks and Information Security of the Ministry of EducationofChina, andGuangdongUniversityofTechnology. CIS2005received in total 1802 submissions from 41 countries and regions all over the world. All of them were strictly peer reviewed by the Program Committee and experts in the ?eld. Finally, 337 high-quality papers were accepted yielding an acc- tance rate of 18. 7%. Among them, 84 papers are the extended papers and 253 are the regular papers. The conference was greatly enriched by a wide range of topics covering all areas of computational intelligence and information security. Furthermore, tutorials and workshops were held for discussions of the proposed ideas. Such practice is extremely important for the e?ective development of the two ?elds and computer science in general. Wewouldliketothanktheorganizers: theIEEE(HongKong)Computational Intelligence Chapter and Xidian University for their great contributions and - forts in this big e

The ?rst SKLOIS Conference on Information Security and Cryptography(CISC 2005) was organized by the State Key Laboratory of Information Security of the Chinese Academy of Sciences. It was held in Beijing, China, December 15-17,2005andwassponsoredbytheInstituteofSoftware, theChineseAcademy of Sciences, the Graduate School of the Chinese Academy of Sciences and the National Science Foundation of China. The conference proceedings, represe- ing invited and contributed papers, are published in this volume of Springer s Lecture Notes in Computer Science (LNCS) series. The area of research covered by CISC has been gaining importance in recent years, and a lot of fundamental, experimental and applied work has been done, advancing the state of the art. The program of CISC 2005 covered numerous ?elds of research within the general scope of the conference. The International Program Committee of the conference received a total of 196 submissions (from 21 countries). Thirty-three submissions were selected for presentation as regular papers and are part of this volume. In addition to this track, the conference also hosted a short-paper track of 32 presentations that were carefully selected as well. All submissions were reviewed by experts in the relevant areas and based on their ranking and strict selection criteria the papers were selected for the various tracks. We note that stricter criteria were applied to papers co-authored by program committee members. We further note that, obviously, no member took part in in?uencing the ranking of his or her own submissions."

This book constitutes the thoroughly refereed post-proceedings of the 12th International Workshop on Security Protocols, April 2004. The book presents 21 revised full papers presented together with edited transcriptions of some of the discussions following the presentations. Among the topics addressed are authentication, anonymity, verification of cryptographic protocols, mobile ad-hoc network security, denial of service, SPKI, access control, timing attacks, API security, biometrics for security, and others.

Indocrypt began in the year 2000 under the leadership of Bimal Roy and - docrypt 2005 was the sixth conference in this series. This series has been well accepted by the international research community as a forum for presenting high-quality cryptography research. This year a total of 148 papers were s- mitted for consideration to the Program Committee and after a careful review process, 31 were accepted for presentation. We would like to thank the authors of all submitted papers, including those that were accepted and those which, unfortunately, could not be accommodated. ThereviewingprocessforIndocryptwasverystringentandtheschedulewas- tremelytight.TheProgramCommitteemembersdidanexcellentjobinreviewing andselectingthepapersforpresentation.Duringthereviewprocess, theProgram Committee members were communicating using a review software developed by BartPreneel, WimMoreauandJorisClaessens.Weacknowledgethemforprov- ingthesoftware.ThesoftwarewashostedatI2R, Singaporeandwearegratefulto Feng BaoandJianyingZhouforallowingthat.Thisyear'sconferencewasdeeply indebtedto QiuYingofI2R, Singapore, who tookthe responsibilityofmainta- ing the review softwareand the server.Without his great cooperationIndocrypt 2005could nothavebeen possible.Inthis regardI wouldliketo acknowledgethe supportofTanmoyKantiDas, DibyenduChakrabarti, MridulNandi, Deepak- mar Dalai, Sumanta Sarkar and Sourav Mukhopadhyay for handling important administrativeissuesinthesubmissionandreviewprocessesaswellasforputting togethertheseproceedingsintheir?nalform.WearealsogratefultoPalashSarkar forhiscooperationandguidanceinIndocrypt2005. The proceedings include the revised versions of the 31 selected papers. Re- sions were not checked by the ProgramCommittee and the authors bear the full responsibility for the contents of the respective papers. Our thanks go to all the Program members and the external reviewers (a list of them is included in the proceedings) who put in their valuable time and e?ort in providing important feedbackto the authors.We thank V. KumarMurty ofthe UniversityofToronto for kindly agreeing to present the invited talk. The talk has been included in the proceedin

Mycrypt 2005 was the inaugural international conference on cryptology hosted in Malaysia. The conference was co-organized by the Information Security - search Lab at Swinburne University of Technology (Sarawak Campus), NISER (National ICT Security and Emergency Response Centre) and INSPEM (Ins- tute for MathematicalResearch)at UPM (UniversityPutra Malaysia).Mycrypt 2005 was held in Kuala Lumpur, Malaysia during September 28-30 2005, in conjunction with the e-Secure Malaysia 2005 convention. Therewere90paper submissionsfrom23 countriescoveringall areasof cr- tologic research, from which 19 were accepted. We would like to extend our thanks to all authors who submitted papers to Mycrypt 2005. Each paper was sentanonymouslytoatleast3membersoftheInternationalProgramCommittee for reviews and comments. The review comments were then followed by disc- sions among the Program Committee. A recipient of the Best Paper Award was also selected after voting among Program Committee members. The winning paper was "Distinguishing Attacks on T-functions" by Simon Kunzli ] (FH A- gau, Swizerland), Pascal Junod (Nagravision SA, Switzerland) and Willi Meier (FH Aargau, Swizerland). These proceedings contain revised versions of all the accepted papers. The conference program included three keynote papers: Hideki Imai (Tokyo University)presenteda paper entitled "TrendsandChallenges forSecurer Cr- tography in Practice." Moti Yung (Columbia University) presented a paper entitled "E?cient Secure Group Signatures with Dynamic Joins and Keeping Anonymity Against Group Managers." Colin Boyd (QUT) presented a paper entitled "Security of Two-Party Identity-Based Key Agreement." We are extremely grateful for the time and e?ort of all the members of the Program Committee in the review process. Their names may be found overleaf."

This volume contains the proceedings of the 8th International Information - curity Conference (ISC 2005), which took place in Singapore, from 20th to 23rd September 2005. ISC 2005 brought together individuals from academia and - dustry involvedin manyresearchdisciplines of information security to foster the exchange of ideas. During recent years this conference has tried to place special emphasis on the practical aspects of information security, and since it passed from being an international workshop to being an international conference in 2001, it has become one of the most relevant forums at which researchers meet and discuss emerging security challenges and solutions. Advised by the ISC Steering Committee, and in order to provide students with more opportunities for publication, ISC 2005 accepted extra student papers - sides the regular papers. The initiative was very well accepted by the young sector of the scienti?c community, and we hope that the success of this idea will remainfornextISCevents. AnotherimportantfactorforthesuccessofISC2005 was that selected papers in the proceedings will be invited for submission to a special issue of the InternationalJournalof InformationSecurity. The result was an incredible response to the call for papers; we received 271 submissions, the highest since ISC events started. It goes without saying that the paper selection process was more competitive and di?cult than ever before - only 33 regular papers were accepted, plus 5 student papers for a special student session.

It is our great pleasure to present the proceedings of the 9th IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS 2005), which washeld in Salzburg on September 19-21,2005.Continuing the tradition of p- vious CMS conferences, we sought a balanced program containing presentations on various aspects of secure communication and multimedia systems. Special emphasis was laid on papers with direct practical relevance for the construction of secure communication systems. The selection of the program was a challenging task. In total, we received 143 submissions, from which 28 were selected for presentation as full papers. In addition to these regular presentations, the CMS conference featured for the ?rst time a "work in progress track" that enabled authors to report preliminary results and ongoing work. These papers were presented in the form of a poster sessionduringtheconference;anextendedabstractofthepostersappearsinthis proceedings volume. From all papers submitted to the CMS conference, the p- gramcommitteechose13 submissionsfor inclusionin theworkinprogresstrack. In addition to regular presentations, CMS 2005 featured a special session on XMLsecurity, containingbothcontributedandinvitedtalks.Thisspecialsession was jointly organized by Rudig ] er Grimm (TU Ilmenau, Germany) and J] org Schwenk (Ruhr-Universit] at Bochum, Germany). Their assistance in organizing CMS 2005 was greatly appreciated."

This book constitutes the refereed proceedings of the Third International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2006, held in Berlin, Germany in July 2006.

The 11 revised full papers presented were carefully reviewed and selected from 41 submissions. The papers are organized in topical sections on code analysis, intrusion detection, threat protection and response, malware and forensics, and deployment scenarios.

We are delighted to welcome the attendees of the Fourth International Wo- shop on Digital Watermarking (IWDW). Watermarking continues to generate strong academic interest. Commercialization of the technology is proceeding at a steadypace. We haveseen watermarkingadoptedfor DVD audio.Fingerpri- ing technology was successfully used to determine the source of pirated video material. Furthermore, a number of companies are using watermarking as an enabling technology for broadcast monitoring services. Watermarking of digital cinema contentis anticipated. Future applications may also come from areas- related to digital rights management. For example, the use of watermarking to enhance legacy broadcast and communication systems is now being considered. IWDW 2005 o?ers an opportunity to re?ect upon the state of the art in digital watermarking as well as discuss directions for future research and applications. This year we accepted 31 papers from 74 submissions. This 42% acceptance rate indicates our commitment to ensuring a very high quality conference. We thankthemembersoftheTechnicalProgramCommitteeformakingthispossible by their timely and insightful reviews. Thanks to their hard work this is the ?rst IWDW at which the ?nal proceedings are available to the participants at the time of the workshop as a Springer LNCS publication.

This book constitutes the refereed proceedings of the 11th Australasian Conference on Information Security and Privacy, ACISP 2006, held in Melbourne, Australia, July 2006. The book presents 35 revised full papers and 1 invited paper, organized in topical sections on stream ciphers, symmetric key ciphers, network security, cryptographic applications, secure implementation, signatures, theory, security applications, provable security, protocols, as well as hashing and message authentication.

Althoughcryptographyandsecuritytechniqueshavebeenaroundfor quitesome time, emerging technologies such as ubiquitous computing and ambient intel- gence that exploit increasingly interconnected networks, mobility and pers- alization put new requirements on security with respect to data management. As data is accessible anytime anywhere, according to these new concepts, it - comes much easier to get unauthorized data access. Furthermore, it becomes simpler to collect, store, and search personal information and endanger people's privacy. Therefore, researchin the area of secure data management is of growing importance, attracting the attention of both the data management and security researchcommunities.Theinterestingproblemsrangefromtraditionalones, such as access control (with all variations, like dynamic, context-aware, role-based), database security (e.g., e?cient database encryption schemes, search over - crypted data, etc.), and privacy-preserving data mining to controlled sharing of data. In addition to the aforementioned subject, this year we also called for - pers devoted to secure data management in healthcare as a domain where data security and privacy issues are traditionally important. The call for papers - tracted 38 papers both from universities and industry. The ProgramCommittee selected 16 research papers for presentation at the workshop. These papers are also collected in this volume which we hope will serve you as a useful research and reference material.

This book constitutes the thoroughly refereed postproceedings of the 5th International Workshop on Privacy Enhancing Technologies, PET 2006, held in Cavtat, Croatia, in May and June 2005. The 17 revised full papers presented were carefully selected from 74 submissions during two rounds of reviewing and improvement. The papers address most current privacy enhancing technologies in various application contexts.

The increasing relevance of security to real-life applications, such as electronic commerce and Internet banking, is attested by the fast-growing number of - search groups, events, conferences, and summer schools that address the study of foundations for the analysis and the design of security aspects. The Int- national School on Foundations of Security Analysis and Design (FOSAD, see http: //www.sti.uniurb.it/events/fosad/)has been one of the foremost events - tablishedwiththegoalofdisseminatingknowledgeinthiscriticalarea, especially for young researchers approaching the ?eld and graduate students coming from less-favoured and non-leading countries. The FOSAD school is held annually at the Residential Centre of Bertinoro (http: //www.ceub.it/), in the fascinating setting of a former convent and ep- copal fortress that has been transformed into a modern conference facility with computing services and Internet access. Since the ?rst school, in 2000, FOSAD hasattractedmorethan250participantsand50lecturersfromallovertheworld. A collection of tutorial lectures from FOSAD 2000 was published in Springer s LNCS volume 2171. Some of the tutorials given at the two successive schools (FOSAD 2001 and 2002) are gathered in a second volume, LNCS 2946. To c- tinue this tradition, the present volume collects a set of tutorials fromthe fourth FOSAD, held in 2004, and from FOSAD 2005."

Foreword from the Program Chairs These proceedings contain the papers selected for presentation at the 10th - ropean Symposium on Research in Computer Security (ESORICS), held S- tember 12 14, 2005 in Milan, Italy. In response to the call for papers 159 papers were submitted to the conf- ence. These paperswere evaluated on the basis of their signi?cance, novelty, and technical quality. Each paper was reviewed by at least three members of the program committee. The program committee meeting was held electronically, holding intensive discussion over a period of two weeks. Of the papers subm- ted, 27 were selected for presentation at the conference, giving an acceptance rate of about 16%. The conference program also includes an invited talk by Barbara Simons. There is a long list of people who volunteered their time and energy to put together the symposiom and who deserve acknowledgment. Thanks to all the members of the program committee, and the external reviewers, for all their hard work in evaluating and discussing papers. We are also very grateful to all those people whose work ensured a smooth organizational process: Pierangela Samarati, who served as General Chair, Claudio Ardagna, who served as P- licity Chair, Dieter Gollmann who served as Publication Chair and collated this volume, and Emilia Rosti and Olga Scotti for helping with local arrangements. Last, but certainly not least, our thanks go to all the authors who submitted papers and all the attendees. We hope you ?nd the program stimulating."

Thesearetheproceedingsofthe7thWorkshoponCryptographic Hardwareand EmbeddedSystems(CHES2005)heldinEdinburgh, ScotlandfromAugust29to September1,2005.TheCHESworkshophasbeensponsoredbytheInternational Association for Cryptologic Research (IACR) for the last two years. We received a total of 108 paper submissions for CHES 2005. The doub- blindreviewprocessinvolveda27-memberprogramcommittee anda largen- ber of external sub-referees. The review process concluded with a two week d- cussion process which resulted in 32 papers being selected for presentation. We are grateful to the program committee members and the external sub-referees for carrying out such an enormous task. Unfortunately, there were many strong papers that could not be included in the program due to a lack of space. We would like to thank all our colleagues who submitted papers to CHES 2005. In addition to regular presentations, there were three excellent invited talks given by Ross Anderson (University of Cambridge) on "What Identity Systems Can and Cannot Do," by Thomas Wille (Philips Semiconductors Inc) on "- curity of Identi?cation Products: How to Manage," and by Jim Ward (Trusted Computing Groupand IBM)on"TrustedComputing inEmbedded Systems."It also included a rump session, chaired by Christof Paar, featuring informal talks on recent results.

This book constitutes the refereed proceedings of the 25th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2006. 33 revised full papers are presented together with 2 invited talks. The papers are organized in topical sections on cryptanalysis, cryptography meets humans, stream ciphers, hash functions, oblivious transfer, numbers and lattices, foundations, block ciphers, cryptography without random oracles, multiparty computation, and cryptography for groups.

Here are the refereed proceedings of the 9th International Conference on Theory and Practice in Public-Key Cryptography, PKC 2006, held in New York City in April 2006. The 34 revised full papers presented are organized in topical sections on cryptanalysis and protocol weaknesses, distributed crypto-computing, encryption methods, cryptographic hash and applications, number theory algorithms, pairing-based cryptography, cryptosystems design and analysis, signature and identification, authentication and key establishment, multi-party computation, and PKI techniques.

This updated edition will help IT managers and assets protection professionals to assure the protection and availability of vital digital information and related information systems assets. It contains major updates and three new chapters. The book uniquely bridges the gap between information security, information systems security and information warfare. It re-examines why organizations need to take information assurance seriously.

The ?rst workshop in this series was held at the International Computer S- ence Institute in Berkeley and was published as LNCS 2009 under the name "Workshop on Design Issues in Anonymity and Unobservability." Subsequent Privacy Enhancing Technologies (PET) workshops met in San Francisco in 2002 (LNCS2482)andDresdenin2003(LNCS2760).Thisvolume, LNCS3424, holds the proceedings from PET 2004 in Toronto. Our 2005 meeting is scheduled for Dubrovnik, and we hope to keep ?nding new and interesting places to visit on both sides of the Atlantic - or beyond. An event like PET 2004 would be impossible without the work and dedi- tion of many people. First and foremost we thank the authors, who wrote and submitted 68 full papers or panel proposals, 21 of which appear herein. The Program Committee produced 163 reviews in total. Along the way, they were assisted in reviewing by Steven Bishop, Rainer Bohme, Sebastian Clauss, Claudia D ?az, Richard E. Newman, Ulrich Flegel, Elke Franz, Stefan Kopsell, Thomas Kriegelstein, Markus Kuhn, Stephen Lewis, Luc Longpre, Steven M- doch, Shishir Nagaraja, Thomas Nowey, Peter Palfrader, Lexi Pimenidis, Klaus Ploessl, Sivaramakrishnan Rajagopalan, Marc Rennhard, Leo Reyzin, Pankaj Rohatgi, Naouel Ben Salem, Sandra Steinbrecher, Mike Szydlo, Shabsi Wal?sh, Jie Wang, Brandon Wiley, and Shouhuai Xu."

The 7th International Conference on Information Security and Cryptology was organized by the Korea Institute of Information Security and Cryptology (KIISC) and was sponsored by the Ministry of Information and Communi- tion of Korea. The conference received 194 submissions, and the Program Committee - lected 34 of these for presentation. The conference program included two invited lectures.MikeReiterspokeon"Securityby, andfor, ConvergedMobileDevices." And Frank Stajano spoke on "Security for Ubiquitous Computing." We would like to ?rst thank the many researchers from all over the world who subm- ted their work to this conference. An electronic submission process was ava- able. The submission review process had two phases. In the ?rst phase, Program Committeememberscompiledreports(assistedattheirdiscretionbysubreferees of their choice, but without interaction with other Program Committee m- bers) and entered them, via a Web interface, into the Web Review software. We would like to thank the developers, Bart Preneel, Wim Moreau, and Joris Claessens. Without the Web Review system, the whole review process would not have been possible. In the second phase, Program Committee members used the software to browse each other's reports, and discuss and update their own reports.WeareextremelygratefultotheProgramCommittee membersfortheir enormous investment of time, e?ort, and adrenaline in the di?cult and delicate process of review and selection.

This book constitutes the refereed proceedings of the International Workshop on Intelligence and Security Informatics, WISI 2006, held in Singapore in conjunction with the 10th Pacific-Asia Conference on Knowledge Discovery and Data Mining. The 32 papers presented together with the abstract of the keynote talk were carefully reviewed. The papers are organized in sections on Web and text mining for terrorism informatics, cybercrime analysis, network security, and crime data mining.