This book constitutes the refereed proceedings of the 8th International IMA Conference on Cryptography and Coding held in Cirencester, UK in December 2001. The 33 revised full papers presented together with four invited papers were carefully reviewed and selected from numerous submissions. Among the topics covered are mathematical bounds, statistical decoding schemes for error-correcting codes, multifunctional and multiple access communication systems, low density parity check codes, iterative coding, authentication, key recovery attacks, stream cipher design, analysis of ECIES algorithms, and lattice bases attacks on IP based protocols.

This book constitutes the refereed proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2001, held in Gold Coast, Australia in December 2001.The 33 revised full papers presented together with an invited paper were carefully reviewed and selected from 153 submissions. The papers are organized in topical sections on lattice based cryptography, human identification, practical public key cryptography, cryptography based on coding theory, block ciphers, provable security, threshold cryptography, two-party protocols, zero knowledge, cryptographic building blocks, elliptic curve cryptography, and anonymity.

This book constitutes the thoroughly refereed post-proceedings of the 4th International Information Hiding Workshop, IHW 2001, held in Pittsburgh, PA, USA, in April 2001.The 29 revised full papers presented were carefully selected during two rounds of reviewing and revision. All current issues in information hiding are addressed including watermarking and fingerprinting of digitial audio, still image and video; anonymous communications; steganography and subliminal channels; covert channels; and database inference channels.

Security is a rapidly growing area of computer science, with direct and increasing relevance to real life applications such as Internet transactions, electronic commerce, information protection, network and systems integrity, etc. This volume presents thoroughly revised versions of lectures given by leading security researchers during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design, FOSAD 2000, held in Bertinoro, Italy in September. Mathematical Models of Computer Security (Peter Y.A. Ryan); The Logic of Authentication Protocols (Paul Syversen and Iliano Cervesato); Access Control: Policies, Models, and Mechanisms (Pierangela Samarati and Sabrina de Capitani di Vimercati); Security Goals: Packet Trajectories and Strand Spaces (Joshua D. Guttman); Notes on Nominal Calculi for Security and Mobility (Andrew D. Gordon); Classification of Security Properties (Riccardo Focardi and Roberto Gorrieri).

This book constitutes the refereed proceedings of the Second International Conference in Cryptology in India, INDOCRYPT 2001, held in Chennai, India in December 2001. The 31 revised full papers presented together with an invited survey were carefully reviewed and selected from 77 submissions. The papers are organized in topical sections on hashing, algebraic schemes, elliptic curves, coding theory, applications, cryptanalysis, distributed cryptography, Boolean functions, digitial signatures, and shift registers.

This book constitutes the refereed proceedings of the 20th International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2001, held in Budapest, Hungary, in September 2001.The 20 revised full papers presented together with three invited papers were carefully reviewed and selected. The book offers topical sections on reliability assessment and security, safety case and safety analysis, medical systems, human-machine interface, COTS - components off the shelf, testing, formal methods, and control systems.

The Information Security Conference 2001 brought together individuals involved in multiple disciplines of information security to foster the exchange of ideas. The conference, an outgrowth of the Information Security Workshop (ISW) series, was held in Malaga, Spain, on October 1 3, 2001. Previous workshops were ISW '97 at Ishikawa, Japan; ISW '99 at Kuala Lumpur, Malaysia; and ISW 2000 at Wollongong, Australia. The General Co chairs, Javier Lopez and Eiji Okamoto, oversaw the local organization, registration, and performed many other tasks. Many individuals deserve thanks for their contribution to the success of the conference. Jose M. Troya was the Conference Chair. The General Co chairs were assisted with local arrangements by Antonio Mana, Carlos Maraval, Juan J. Ortega, Jose M. Sierra, and Miguel Soriano. This was the first year that the conference accepted electronic submissions. Many thanks to Dawn Gibson for assisting in developing and maintaining the electronic submission servers. The conference received 98 submissions of which 37 papers were accepted for presentation. These proceedings contain revised versions of the accepted papers. Revisions were not checked and the authors bear full responsibility for the contents of their papers. The Program Committee consisted of Elisa Bertino, Universita di Milano; G. R."

This book constitutes the refereed proceedings of the Third International Conference on Information and Communications Security, ICICS 2001, held in Xian, China in November 2001.The 56 revised full papers presented were carefully reviewed and selected from a total of 134 submissions. The complete spectrum of information and communications security is covered including theoretical foundations, secret sharing, network security, authentication and identification, Boolean functions and stream ciphers, security evaluation, digital signatures, block ciphers and public-key systems, information hiding, security protocols, and cryptanalysis.

The Cambridge International Workshop on Security Protocols has now run for eight years. Each year we set a theme, focusing upon a speci?c aspect of security protocols, and invite position papers. Anybody is welcome to send us a position paper (yes, you are invited) and we don t insist they relate to the current theme in an obvious way. In our experience, the emergence of the theme as a unifying threadtakesplaceduringthediscussionsattheworkshopitself.Theonlyground rule is that position papers should formulate an approach to some unresolved issues, rather than being a description of a ?nished piece of work. Whentheparticipantsmeet, wetrytofocusthediscussionsupontheconc- tual issues which emerge. Security protocols link naturally to many other areas of Computer Science, and deep water can be reached very quickly. Afterwards, we invite participants to re-draft their position papers in a way which exposes the emergent issues but leaves open the way to their further development. We also prepare written transcripts of the recorded discussions. These are edited (in some cases very heavily) to illustrate the way in which the di?erent arguments and perspectives have interacted. We publish these proceedings as an invitation to the research community. Although many interesting results ?rst see the light of day in a volume of our proceedings, laying claim to these is not our primary purpose of publication. Rather, we bring our discussions and insights to a wider audience in order to suggest new lines of investigation which the community may fruitfully pursue."

This book constitutes the thoroughly refereed post-proceedings of the 4th International Conference on Financial Cryptography, FC 2000, held in Anguilla, British West Indies, in February 2000.The 21 revised full papers presented together with two invited papers and two tool summaries were carefully reviewed and selected from 68 submissions. The papers are organized in topical sections on digitial rights management, payment systems, finanical cryptography tools, electronic postcards, abusers of systems, financial cryptopolicies and issues, anonymity, and systems architecture.

This book constitutes the thoroughly refereed post-proceedings of the International Conference on Cryptography and Lattices, CaLC 2001, held in Providence, RI, USA in March 2001. The 14 revised full papers presented together with an overview paper were carefully reviewed and selected for inclusion in the book. All current aspects of lattices and lattice reduction in cryptography, both for cryptographic construction and cryptographic analysis, are addressed.

This book constitutes the refereed proceedings of the Fourth International Workshop on Recent Advances in Intrusion Detection, RAID 2001, held in Davis, CA, USA, in October 2001.The 12 revised full papers presented were carefully reviewed and selected from a total of 55 submissions. The papers are organized in sections on logging, cooperation, anomaly detection, intrusion tolerance, legal aspects and specification-based IDS.

This book constitutes the refereed proceedings of the 21st Annual International Cryptology Conference, CRYPTO 2001, held in Santa Barbara, CA, USA in August 2001. The 33 revised full papers presented were carefully reviewed and selected from a total of 156 submissions. The papers are organized in topical sections on foundations, traitor tracing, multi-party computation, two-party computation, elliptic curves, OAEP, encryption and authentication, signature schemes, protocols, cryptanalysis, applications of group theory and coding theory, broadcast and secret sharing, and soundness and zero-knowledge.

This book constitutes the refereed proceedings of the Second International Conference on Research in Smart Cards, E-smart 2001, held in Cannes, France, in September 2001. The 20 revised full papers presented were carefully reviewed and selected from 38 submissions. Among the topics addressed are biometrics, cryptography and electronic signatures on smart card security, formal methods for smart card evaluation and certification, architectures for multi-applications and secure open platforms, and middleware for smart cards and novel applications of smart cards.

This book constitutes the thoroughly refereed post-proceedings of the Third International Workshop on Cryptoanalysis Hardware and Embedded Systems, CHES 2001, held in Paris, France in Mai 2001. The 31 revised full papers presented were carefully reviewed and selected from 66 submissions. The papers are organized in topical sections on side channel attacks, Rijndael hardware implementation, random number generators, elliptic curve algorithms, arithmetic architectures, cryptanalysis, embedded implementations of ciphers, and side channel attacks on elliptic curve cryptosystems.

ACISP2001,theSixthAustralasianConferenceonInformationSecurityandP- vacy,washeldinSydney,Australia. TheconferencewassponsoredbyInfor- tionandNetworkedSystemSecurityResearch(INSSR),MacquarieUniversity, theAustralianComputerSociety,andtheUniversityofWesternSydney. Iam gratefultoalltheseorganizationsfortheirsupportoftheconference. Theaimofthisconferencewastodrawtogetherresearchers,designers,and usersofinformationsecuritysystemsandtechnologies. Theconferenceprogram addressedarangeofaspectsfromsystemandnetworksecuritytosecureInternet applicationstocryptographyandcryptanalysis. Thisyeartheprogramcomm- teeinvitedtwointernationalkeynotespeakersDr. YacovYacobifromMicrosoft Research (USA) and Dr. Cli?ord Neumann from the University of Southern California(USA). Dr. Yacobi'stalkaddressedtheissuesoftrust,privacy,and anti-piracyinelectroniccommerce. Dr. Neumann'ACISP2001,theSixthAustralasianConferenceonInformationSecurityandP- vacy,washeldinSydney,Australia. TheconferencewassponsoredbyInfor- tionandNetworkedSystemSecurityResearch(INSSR),MacquarieUniversity, theAustralianComputerSociety,andtheUniversityofWesternSydney. Iam gratefultoalltheseorganizationsfortheirsupportoftheconference. Theaimofthisconferencewastodrawtogetherresearchers,designers,and usersofinformationsecuritysystemsandtechnologies. Theconferenceprogram addressedarangeofaspectsfromsystemandnetworksecuritytosecureInternet applicationstocryptographyandcryptanalysis. Thisyeartheprogramcomm- teeinvitedtwointernationalkeynotespeakersDr. YacovYacobifromMicrosoft Research (USA) and Dr. Cli?ord Neumann from the University of Southern California(USA). Dr. Yacobi'stalkaddressedtheissuesoftrust,privacy,and anti-piracyinelectroniccommerce. Dr. Neumann'saddresswasconcernedwith authorizationpolicyissuesandtheirenforcementinapplications. Theconferencereceived91papersfromAmerica,Asia,Australia,and- rope. The program committee accepted 38 papers and these were presented insome9sessionscoveringsystemsecurity,networksecurity,trustandaccess control,Authentication,cryptography,cryptanalysis,DigitalSignatures,Elliptic CurveBasedTechniques,andSecretSharingandThresholdSchemes. Thisyear theacceptedpaperscamefromarangeofcountries,including7fromAustralia, 8fromKorea,7fromJapan,3fromUK,3fromGermany,3fromUSA,2from Singapore,2fromCanadaand1fromBelgium,Estonia,andTaiwan. Organizingaconferencesuchasthisoneisatime-consumingtaskandIwould liketothankallthepeoplewhoworkedhardtomakethisconferenceasuccess. Inparticular,IwouldliketothankProgramCo-chairYiMuforhistirelesswork andthemembersoftheprogramcommitteeforputtingtogetheranexcellent program,andallthesessionchairsandspeakersfortheirtimeande?ort. Special thanks to Yi Mu, Laura Olsen, Rajan Shankaran, and Michael Hitchens for theirhelpwithlocalorganizationdetails. Finally,Iwouldliketothankallthe authorswhosubmittedpapersandalltheparticipantsofACISP2001. Ihope thattheprofessionalcontactsmadeatthisconference,thepresentations,and theproceedingshaveo?eredyouinsightsandideasthatyoucanapplytoyour owne?ortsinsecurityandprivacy. July2001 VijayVaradharajan AUSTRALASIANCONFERENCEON INFORMATIONSECURITYANDPRIVACY ACISP2001 Sponsoredby MacquarieUniversity AustralianComputerSociety General Chair: VijayVaradharajan MacquarieUniversity,Australia Program Chairs: VijayVaradharajan MacquarieUniversity,Australia YiMu MacquarieUniversity,Australia Program Committee: RossAnderson CambridgeUniversity,UK ColinBoyd QueenslandUniversityofTechnology,Australia EdDawson QueenslandUniversityofTechnology,Australia YvoDesmedt FloridaStateUniversity,USA PaulEngland Microsoft YairFrankel ColumbiaUniversity,USA AjoyGhosh UNISYS,Australia DieterGollman Microsoft JohnGordon ConceptLabs,UK KwangjoKim ICU,Korea ChuchangLiu DSTO,Australia MasahiroMambo TohokuUniversity,Japan WenboMao Hewlett-PackardLab. ,UK ChrisMitchell LondonUniversity,UK EijiOkamoto UniversityofWisconsin,USA JoePato Hewlett-PackardLab. ,USA JosefPieprzyk MacquarieUniversity,Australia BartPreneel KatholiekeUniversity,Belgium SteveRoberts WithamPtyLtd,Australia QingSihan AcademyofScience,China ReiSafavi-Naini UniversityofWollongong,Australia JenniferSeberry UniversityofWollongong,Australia YuliangZheng MonashUniversity,Australia TableofContents AFewThoughtsonE-Commerce...1 YacovYacobi NewCBC-MACForgeryAttacks...3 KarlBrincat,ChrisJ. Mitchell CryptanalysisofaPublicKeyCryptosystemProposedatACISP2000...15 AmrYoussef,GuangGong ImprovedCryptanalysisoftheSelf-ShrinkingGenerator ...21 ErikZenner,MatthiasKrause,StefanLucks AttacksBasedonSmallFactorsinVariousGroupStructures ...36 ChrisPavlovski,ColinBoyd OnClassifyingConferenceKeyDistributionProtocols...51 ShahrokhSaeednia,ReiSafavi-Naini,WillySusilo PseudorandomnessofMISTY-TypeTransformationsandtheBlockCipher KASUMI ...60 Ju-SungKang,OkyeonYi,DowonHong,HyunsookCho NewPublic-KeyCryptosystemUsingDivisorClassGroups...74 HwankooKim,SangJaeMoon FirstImplementationofCryptographicProtocolsBasedonAlgebraic NumberFields...84 AndreasMeyer,StefanNeis,ThomasPfahler PracticalKeyRecoverySchemes...104 Sung-MingYen Non-deterministicProcessors...115 DavidMay,HenkL. Muller,NigelP. Smart PersonalSecureBooting...130 NaomaruItoi,WilliamA. Arbaugh,SamuelaJ. Pollack, DanielM. Reeves EvaluationofTamper-ResistantSoftwareDeviatingfromStructured ProgrammingRules...145 HideakiGoto,MasahiroMambo,HirokiShizuya,YasuyoshiWatanabe AStrategyforMLSWork?ow...1 59 VladIngarWietrzyk,MakotoTakizawa,VijayVaradharajan X TableofContents Condition-DrivenIntegrationofSecurityServices ...176 Cli?ordNeumann SKETHIC:SecureKernelExtensionagainstTrojanHorseswith Information-CarryingCodes...177 Eun-SunCho,SunhoHong,SechangOh,Hong-JinYeh,ManpyoHong, Cheol-WonLee,HyundongPark,Chun-SikPark SecureandPrivateDistributionofOnlineVideoandSomeRelated CryptographicIssues...190 FengBao,RobertDeng,PeirongFeng,YanGuo,HongjunWu PrivateInformationRetrievalBasedontheSubgroupMembership Problem...206 AkihiroYamamura,TaiichiSaito APracticalEnglishAuctionwithOne-TimeRegistration ...221 KazumasaOmote,AtsukoMiyaji AUserAuthenticationSchemewithIdentityandLocationPrivacy...235 ShouichiHirose,SusumuYoshida AnEnd-to-EndAuthenticationProtocolinWirelessApplicationProtocol. 247 Jong-PhilYang,WeonShin,Kyung-HyuneRhee ErrorDetectionandAuthenticationinQuantumKeyDistribution ...260 AkihiroYamamura,HirokazuIshizuka AnAxiomaticBasisforReasoningaboutTrustinPKIs...274 ChuchangLiu,MarisOzols,TonyCant AKnowledge-BasedApproachtoInternetAuthorizations...292 AlongLin ApplicationsofTrustedReviewtoInformationSecurity...3 05 JohnYesberg,MarieHenderson NetworkSecurityModelingandCyberAttackSimulationMethodology...320 Sung-DoChi,JongSouPark,Ki-ChanJung,Jang-SeLee CryptographicSalt:ACountermeasureagainstDenial-of-ServiceAttacks. . 334 DongGookPark,JungJoonKim,ColinBoyd,EdDawson EnhancedModesofOperationfortheEncryptioninHigh-SpeedNetworks andTheirImpactonQoS...

Invasion of privacy and misuse of personal data are among the most obvious negative effects of today's information and communication technologies. Besides technical issues from a variety of fields, privacy legislation, depending on national activities and often lacking behind technical progress, plays an important role in designing, implementing, and using privacy-enhancing systems.Taking into account technical aspects from IT security, this book presents in detail a formal task-based privacy model which can be used to technically enforce legal privacy requirements. Furthermore, the author specifies how the privacy model policy has been implemented together with other security policies in accordance with the Generalized Framework for Access Control (GFAC).This book will appeal equally to R&D professionals and practitioners active in IT security and privacy, advanced students, and IT managers.

EUROCRYPT 2001, the 20th annual Eurocrypt conference, was sponsored by the IACR, the International Association for Cryptologic Research, see http://www. iacr. org/, this year in cooperation with the Austrian Computer - ciety (OCG). The General Chair, Reinhard Posch, was responsible for local or- nization, and registration was handled by the IACR Secretariat at the University of California, Santa Barbara. In addition to the papers contained in these proceedings, we were pleased that the conference program also included a presentation by the 2001 IACR d- tinguished lecturer, Andrew Odlyzko, on "Economics and Cryptography" and an invited talk by Silvio Micali, "Zero Knowledge Has Come of Age. " Furthermore, there was the rump session for presentations of recent results and other (p- sibly satirical) topics of interest to the crypto community, which Jean-Jacques Quisquater kindly agreed to run. The Program Committee received 155 submissions and selected 33 papers for presentation; one of them was withdrawn by the authors. The review process was therefore a delicate and challenging task for the committee members, and I wish to thank them for all the e?ort they spent on it. Each committee member was responsible for the review of at least 20 submissions, so each paper was carefully evaluated by at least three reviewers, and submissions with a program committee member as a (co-)author by at least six.

This book constitutes the thoroughly refereed post-proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography, SAC 2000, held in Waterloo, Ontario, Canada, in August 2000.The 24 revised full papers presented were selected from 41 submissions and have gone through two rounds of reviewing and revision. The papers are organized in topical sections on cryptanalysis, block ciphers: new designs, elliptic curves and efficient implementations, security protocols and applications, block ciphers and hash functions, Boolean functions and stream ciphers, and public key systems.

Although a vast literature exists on the subject of RSA and public-key cryptography, until now there has been no single source that reveals recent developments in the area at an accessible level. Acclaimed author Richard A. Mollin brings together all of the relevant information available on public-key cryptography (PKC), from RSA to the latest applications of PKC, including electronic cash, secret broadcasting, secret balloting systems, various banking and payment protocols, high security logins, smart cards, and biometrics. Moreover, he covers public-key infrastructure (PKI) and its various security applications.

Throughout the book, Mollin gives a human face to cryptography by including nearly 40 biographies of the individuals who helped develop cryptographic concepts. He includes a number of illustrative and motivating examples, as well as optional topics that go beyond the basics, such as Lenstra's elliptic curve method and the number field sieve. From history and basic concepts to future trends and emerging applications, this book provides a rigorous and detailed treatment of public-key cryptography. Accessible to anyone from the senior undergraduate to the research scientist, RSA and Public-Key Cryptography offers challenging and inspirational material for all readers.

This book presents the refereed proceedings of the International Workshop on Mathematical Methods, Models, and Architectures for Network Security Systems, MMM-ACNS 2001, held in St. Petersburg in May 2001.The 24 revised full papers presented together with five invited contributions were carefully reviewed and selected from 36 submissions. The papers are organized in topical sections on network security systems: foundations, models and architectures; intrusion detection: foundations and models; access control, authentication, and authorization; and cryptography and steganography: mathematical basis, protocols, and applied methods.

Anonymity and unobservability have become key issues in the context of securing privacy on the Internet and in other communication networks. Services that provide anonymous and unobservable access to the Internet are important for electronic commerce applications as well as for services where users want to remain anonymous.This book is devoted to the design and realization of anonymity services for the Internet and other communcation networks. The book offers topical sections on: attacks on systems, anonymous publishing, mix systems, identity management, pseudonyms and remailers. Besides nine technical papers, an introduction clarifying the terminology for this emerging area is presented as well as a survey article introducing the topic to a broader audience interested in security issues.

This book constitutes the refereed proceedings of the Cryptographers' Track at RSA Conference 2001, CT-RSA 2001, in San Francisco, CA, USA in April 2001.The 33 revised full papers presented were carefully reviewed and selected from 65 submissions. The papers are organized in topical sections on new cryptosystems; RSA; symmetric cryptography; gambling and lotteries; reductions, constructions, and security proofs; flaws and attacks; implementation; multivariate cryptography; number theoretic problems; passwords and credentials; and protocols.

This book constitutes the thoroughly refereed post-proceedings of the 7th International Workshop on Fast Software Encryption, FSE 2000, held in New York City, USA in April 2000.The 21 revised full papers presented were carefully reviewed and selected from a total of 53 submissions. The volume presents topical sections on stream-cipher cryptanalysis, new ciphers, AES cryptanalysis, block-cipher cryptanalysis, and theoretical work.

I would like to welcome all the participants to the 3rd International Conference on Information Security and Cryptology (ICISC 2000). It is sponsored by the Korea Institute of Information Security and Cryptology (KIISC) and is being held at Dongguk University in Seoul, Korea from December 8 to 9, 2000. This conference aims at providing a forum for the presentation of new results in research, development, and application in information security and cryptology. This is also intended to be a place where research information can be exchanged. The Call for Papers brought 56 papers from 15 countries and 20 papers will be presented in ve sessions. As was the case last year the review process was totally blind and the anonymity of each submission was maintained. The 22 TPC members nally selected 20 top-quality papers for presentation at ICISC 2000. I am very grateful to the TPC members who devoted much e ort and time to reading and selecting the papers. We also thank the experts who assisted the TPC in evaluating various papers and apologize for not including their names here. Moreover, I would like to thank all the authors who submitted papers to ICISC 2000 and the authors of accepted papers for their preparation of came- ready manuscripts. Last but not least, I thank my student, Joonsuk Yu, who helped me during the whole process of preparation for the conference. I look forward to your participation and hope you will nd ICISC 2000 a truly rewarding experience.