This book constitutes the refereed proceedings of the First NSF/NIJ Symposium on Intelligence and Security Informatics, ISI 2003, held in Tucson, AZ, USA in June 2003. The 24 revised full papers and 16 revised short papers presented were carefully reviewed and selected for inclusion in the book. The papers are organized in topical sections on data management and data mining, deception detection, analytical techniques, for crime detection, visualization, knowledge management and adoption, collaborative systems and methodologies, and monitoring and surveillance.

This book constitutes the thoroughly refereed post-proceedings of the First International Workshop on Digital Watermarking, IWDW 2002, held in Seoul, Korea in November 2002. The 19 revised full papers presented together with two invited papers were carefully selected during two rounds of reviewing and improvement from 64 submissions. The papers are organized in topical sections on fundamentals, new algorithms, watermarking unusual content, fragile watermarking, robust watermarking, and adaptive watermarking.

This book constitutes the thoroughly refereed post-proceedings of the 6th International Conference on Financial Cryptography, FC 2002, held in Southampton, Bermuda, in March 2002. The 19 revised full papers presented were carefully selected during two rounds of reviewing and improvement. The papers are organized in topical sections on voting and recommending, auctions, cryptography, digital signature schemes, thresholds and secret sharing, and anonymity and digital payment systems.

Preface Formal Aspects of Security (FASec) was held at Royal Holloway, University of London, 18-20 December 2002. The occasion celebrated a Jubilee, namely the 25thanniversaryoftheestablishmentofBCS-FACS, theFormalAspectsofC- puting Science specialist group of the British Computer Society. FASec is one of a series of events organized by BCS-FACS to highlight the use of formal me- ods, emphasize their relevance to modern computing, and promote their wider application. As the architecture model of information systems evolves from - connected PCs, throughintranet (LAN) and internet (WAN), to mobile internet and grids, security becomes increasingly critical to all walks of society: c- merce, ?nance, health, transport, defence and science. It is no surprise therefore that security is one of the fastest-growing research areas in computer science. Theaudience ofFASec includes thosein the formalmethods community who have(orwouldliketodevelop)adeeper interestinsecurity, andthoseinsecurity who would like to understand how formal methods can make important cont- butions to some aspects of security. The scope of FASec is deliberately broad andcoverstopics that rangefrommodelling securityrequirementsthroughsp- i?cation, analysis, and veri?cations of cryptographic protocols to certi?ed code. The discussions at FASec 2002 encompassed many aspects of security: from theoretical foundations through support tools and on to applications. Formal methods has made a substantial contribution to this exciting ?eld in the pa

This book constitutes the refereed proceedings of the Cryptographers' Track at the RSA Conference 2003, CT-RSA 2003, held in San Francisco, CA, USA, in April 2003. The 26 revised full papers presented together with abstracts of 2 invited talks were carefully reviewed and selected from 97 submissions. The papers are organized in topical sections on key self-protection, message authentication, digital signatures, pairing based cryptography, multivariate and lattice problems, cryptographic architectures, new RSA-based cryptosystems, chosen-ciphertext security, broadcast encryption and PRF sharing, authentication structures, elliptic curves and pairings, threshold cryptography, and implementation issues.

This book constitutes the thoroughly refereed post-proceedings of the 4th International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2002, held in Redwood Shores, California, USA in August 2002. The 41 revised full papers presented together with two invited contributions were carefully selected from 101 submissions during two rounds of reviewing and revision. The papers are organized in topical sections on attack strategies, finite field and modular arithmetic, elliptic curve cryptography, AES and AES candidates, tamper resistance, RSA implementation, random number generation, new primitives, hardware for cryptanalysis.

The ninth in the series of IMA Conferences on Cryptography and Coding was held (as ever) at the Royal Agricultural College, Cirencester, from 16-18 Dec- ber 2003. The conference's varied programme of 4 invited and 25 contributed papers is represented in this volume. The contributed papers were selected from the 49 submissions using a - reful refereeing process. The contributed and invited papers are grouped into 5 topics: coding and applications; applications of coding in cryptography; cryp- graphy; cryptanalysis; and network security and protocols. These topic headings represent the breadth of activity in the areas of coding, cryptography and c- munications, and the rich interplay between these areas. Assemblingtheconferenceprogrammeandthisproceedingsrequiredthehelp of many individuals. I would like to record my appreciation of them here. Firstly, I would like to thank the programme committee who aided me - mensely by evaluating the submissions, providing detailed written feedback for the authors of many of the papers, and advising me at many critical points - ring the process. Their help and cooperation was essential, especially in view of the short amount of time available to conduct the reviewing task. The c- mittee this year consisted of Mike Darnell, Mick Ganley, Bahram Honary, Chris Mitchell, Matthew Parker, Nigel Smart and Mike Walker.

Fast Software Encryption is now a 10-year-old workshop on symmetric crypt- raphy, including the design and cryptanalysis of block and stream ciphers, as well as hash functions. The ?rst FSE workshop was held in Cambridge in 1993, followed by Leuven in 1994, Cambridge in 1996, Haifa in 1997, Paris in 1998, Rome in 1999, New York in 2000, Yokohama in 2001, and Leuven in 2002. This Fast Software Encryption workshop, FSE 2003, was held February 24- 26, 2003 in Lund, Sweden. The workshop was sponsored by IACR (International Association for Cryptologic Research) and organized by the General Chair, Ben Smeets, in cooperation with the Department of Information Technology, Lund University. Thisyearatotalof71papersweresubmittedtoFSE2003.Afteratwo-month reviewing process, 27 papers were accepted for presentation at the workshop. In addition, we were fortunate to have in the program an invited talk by James L. Massey. The selection of papers was di?cult and challenging work. Each submission was refereed by at least three reviewers. I would like to thank the program c- mittee members, who all did an excellent job. In addition, I gratefully ackno- edge the help of a number of colleagues who provided reviews for the program committee. They are: Kazumaro Aoki, Alex Biryukov, Christophe De Canni' ere, Nicolas Courtois, Jean-Charles Faug' ere, Rob Johnson, Pascal Junod, Joseph Lano, Marine Minier, Elisabeth Oswald, H? avard Raddum, and Markku-Juhani O. Saarinen.

ESORICS, the European Symposium On Research In Computer Security, is the leading research-oriented conference on the theory and practice of computer - curity in Europe. The aim of ESORICS is to further the progress of research in computer security by establishing a European forum for bringing together - searchersinthisarea, bypromotingtheexchangeofideaswithsystemdevelopers and by encouraging links with researchers in related areas. ESORICS is coordinated by an independent steering committee. In the past it took place every two years at various locations throughout Europe. Starting this year, it will take place annually. ESORICS 2003 was organized by Gjovik University College, and took place in Gjovik, Norway, October 13-15, 2003. The program committee received 114 submissions, originating from 26 co- tries on all continents. Half the papers originated in Europe (57). The most dominant countries were: UK (16), USA (14), Germany (6), South Korea (6), Sweden (6), Italy (5), France (4) and Poland (4). Each submission was reviewed by at least three program committee members or other experts. The program committee chair and co-chair were not allowed to submit papers. The ?nal sel- tion of papers was made at a program committee meeting followed by a week of e-mail discussions. Out of the 114 papers received, only 19 got accepted (17%). In comparison, ESORICS 2000and 2002received 75and 83papersand accepted 19% and 16%, respectively. The program re?ected the full range of security research, including access control, cryptographic protocols, privacy enhancing technologies, security m- els, authentication, and intrusion detection."

This book constitutes the refereed proceedings of the 4th International Conference on Information and Communication Security, ICICS 2002, held in Singapore in December 2002. The 41 revised full papers presented were carefully reviewed and selected from a total of 161 submissions. The papers are organized in topical sections on system security, crypto systems, security protocols, fingerprinting and watermarking, efficient implementation of algorithms, access control, and cryptanalysis and cryptographic techniques.

This volume contains the papers presented at the International Workshop on Mathematical Methods, Models and Architectures for Computer Network Se- rity(MMM-ACNS2003)heldinSt.Petersburg, Russia, duringSeptember21 23, 2003.TheworkshopwasorganizedbytheSt.PetersburgInstituteforInformatics and Automation of the Russian Academy of Sciences (SPIIRAS) in cooperation with the Russian Foundation for Basic Research (RFBR), the US Air Force - search Laboratory/Information Directorate (AFRL/IF) and the Air Force O?ce of Scienti?c Research (AFOSR), the O?ce of Naval Research International Field O?ce (USA), and Binghamton University (SUNY, USA). The ?rst international workshop of this series, MMM-ACNS2001, May 21 23, 2001, St. Petersburg, Russia, hosted by the St. Petersburg Institute for - formatics and Automation, demonstrated the keen interest of the international researchcommunityinthetheoreticalaspectsofcomputernetworkandinfor- tion security and encouraged the establishment of an on-going series of brennial workshops. MMM-ACNS2003 provided an international forum for sharing original - search results and application experiences among specialists in fundamental and applied problems of computer network security. An important distinction of the workshop was its focus on mathematical aspects of information and computer networksecurityandtheroleofmathematicalissuesincontemporaryandfuture development of models of secure computing."

This book constitutes the refereed proceedings of the Third International Conference on Cryptology in India, INDOCRYPT 2002, held in Hyderabad, India in December 2002.The 31 revised full papers presented together with 2 invited papers were carefully reviewed and selected from 75 submissions. The papers are organized in topical sections on symmetric cyphers, new public-key schemes, foundations, public-key infrastructures, fingerprinting and watermarking, public-key protocols, Boolean functions, efficient and secure implementations, applications, anonymity, and secret sharing and oblivious transfer.  

This book constitutes the refereed proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2002, held in Singapore, in December 2002.The 34 revised full papers presented together with two invited contributions were carefully reviewed and selected from 173 submissions on the basis of 875 review reports. The papers are organized in topical sections on public key cryptography, authentication, theory, block ciphers, distributed cryptography, cryptanalysis, public key cryptanalysis, secret sharing, digital signatures, applications, Boolean functions, key management, and ID-based cryptography.

This book constitutes the refereed proceedings of the 7th European Symposium on Research in Computer Security, ESORICS 2002, held in Zurich, Switzerland, in October 2002.The 16 revised full papers presented were carefully reviewed and selected for inclusion in the proceedings. Among the topics addressed are confidentiality, probabilistic non-inference, auctions, inference control, authentication, attacks on cryptographic hardware, privacy protection, model checking protocols, mobile code, formal security analysis, access control, and fingerprints and intrusion detection.

The thoroughly refereed post-proceedings of the Second International Workshop on Digital Rights Management, DRM 2002, held in Washington, DC, USA, in November 2002, in conjunction with ACM CCS-9. The 13 revised full papers presented were carefully reviewed and selected for inclusion in the book. Among the topics addressed are DES implementation for DRM applications, cryptographic attacks, industrial challenges, public key broadcast encryption, fingerprinting, copy-prevention techniques, copyright limitations, content protection, watermarking systems, and theft-protected proprietary certificates.

This book constitutes the refereed proceedings of the 5th International Conference on Information Security ISC 2002, held in Sao Paulo, Brazil, in September/October 2002.The 38 revised full papers presented were carefully reviewed and selected from 81 submissions. The papers are organized in topical sections on intrusion detection and tamper resistance, cryptographic algorithms and attack implementation, access control and trust management, authentication and privacy, e-commerce protocols, signature schemes, cryptography, key management, and security analysis.

This book constitutes the refereed proceedings of the 22nd International Cryptology Conference, CRYPTO 2002, held in Santa Barbara, CA, in August 2002.The 39 revised full papers presented were carefully reviewed and selected from a total of 175 submissions. The papers are organized in topical sections on block ciphers, multi-user oriented cryptosystems, foundations and methodology, security and practical protocols, secure multiparty computation, public key encryption, information theory and secret sharing, cipher design and analysis, elliptic curves and Abelian varieties, authentication, distributed cryptosystems, pseudorandomness, stream ciphers and Boolean functions, commitment schemes, and signature schemes.

Aimed primarily at final year undergraduate courses and MSc courses on Information Systems, Management of Information Systems and Design of Information Systems, this textbook aims to provide answers to five questions;What is security? What are the security problems particular to an IT system? What can be done to reduce the security risks associated with such a system? In a given situation, what are the appropriate security countermeasures? How should one set about procuring an information system with security implications?It looks at the different goals organisations might have in employing security techniques (availability, integrity, confidentiality, exclusivity) and which technique is best suited to achieving each goal. With guidelines appropriate for the protection of both conventional commercial and military systems, An Information Security Handbook will be of interest to computer system managers and administrators in any commercial or government organisation.

This book constitutes the thoroughly refereed post-proceedings of the 8th International Workshop on Fast Software Encryption, FSE 2001, held in Yokohama, Japan in April 2001.The 27 revised full papers presented together with one invited paper were carefully reviewed and selected from 46 submissions. The papers are organized in topical sections on cryptanalysis of block ciphers, hash functions and Boolean functions, modes of operation, cryptanalysis of stream ciphers, pseudo-randomness, and design and evaluation.

This book constitutes the refereed proceedings of the 7th Australasian Conference on Information Security and Privacy, ACISP 2002, held in Melbourne, Australia, in July 2002.The 36 revised full papers presented together with one invited paper were carefully reviewed and selected from 94 submissions. The papers are organized in topical sections on key handling, trust and secret sharing, fast computation, cryptanalysis, elliptic curves, advanced encryption standard AES, security management, authentication, oblivious transfer, and dealing with adversaries.

 This book constitutes the thoroughly refereed post-proceedings of the 5th International Conference on Information Security and Cryptology, ICISC 2002, held in Seoul, Korea in November 2002. The 35 revised full papers presented together with an invited paper were carefully selected from 142 submissions during two rounds of reviewing and improvement. The papers are organized in topical sections on digital signatures, Internet security, block ciphers and stream ciphers, stream ciphers and other primitives, efficient implementations, side-channel attacks, cryptographic protocols and biometrics.

Inference control in statistical databases, also known as statistical disclosure limitation or statistical confidentiality, is about finding tradeoffs to the tension between the increasing societal need for accurate statistical data and the legal and ethical obligation to protect privacy of individuals and enterprises which are the source of data for producing statistics. Techniques used by intruders to make inferences compromising privacy increasingly draw on data mining, record linkage, knowledge discovery, and data analysis and thus statistical inference control becomes an integral part of computer science.This coherent state-of-the-art survey presents some of the most recent work in the field. The papers presented together with an introduction are organized in topical sections on tabular data protection, microdata protection, and software and user case studies.

This book constitutes the refereed proceedings of the International Conference on the Theory and Application of Cryptographic Techniques, EUROCRYPT 2002, held in Amsterdam, The Netherlands, in April/May 2002.The 33 revised full papers presented were carefully reviewed and selected from a total of 122 submissions. The papers are organized in topical sections on cryptanalysis, public-key encryption, information theory and new models, implementational analysis, stream ciphers, digital signatures, key exchange, modes of operation, traitor tracing and id-based encryption, multiparty and multicast, and symmetric cryptology.

This book constitutes the thoroughly refereed post-proceedings of the Second International Workshop on Privacy Enhancing Technologies, PET 2002, held in San Francisco, CA, USA, in April 2002. The 17 revised full papers presented were carefully selected during two rounds of reviewing and improvement. Among the topics addressed are Internet security, private authentication, information theoretic anonymity, anonymity measuring, enterprise privacy practices, service architectures for privacy, intersection attacks, online trust negotiation, random data perturbation, Website fingerprinting, Web user privacy, TCP timestamps, private information retrieval, and unobservable Web surfing.

For more than the last three decades, the security of software systems has been an important area of computer science, yet it is a rather recent general recognition that technologies for software security are highly needed. This book assesses the state of the art in software and systems security by presenting a carefully arranged selection of revised invited and reviewed papers. It covers basic aspects and recently developed topics such as security of pervasive computing, peer-to-peer systems and autonomous distributed agents, secure software circulation, compilers for fail-safe C language, construction of secure mail systems, type systems and multiset rewriting systems for security protocols, and privacy issues as well.