This book presents the refereed proceedings of the International Workshop on Mathematical Methods, Models, and Architectures for Network Security Systems, MMM-ACNS 2001, held in St. Petersburg in May 2001.The 24 revised full papers presented together with five invited contributions were carefully reviewed and selected from 36 submissions. The papers are organized in topical sections on network security systems: foundations, models and architectures; intrusion detection: foundations and models; access control, authentication, and authorization; and cryptography and steganography: mathematical basis, protocols, and applied methods.

Leading researchers in the field of coding theory and cryptography present their newest findings, published here for the first time following a presentation at the International Conference on Coding Theory, Cryptography and Related Areas. The authors include Tom Hoeholdt, Henning Stichtenoth, and Horacio Tapia-Recillas.

Since 1998, RAID has established its reputation as the main event in research on intrusion detection, both in Europe and the United States. Every year, RAID gathers researchers, security vendors and security practitioners to listen to the most recent research results in the area as well as experiments and deployment issues. This year, RAID has grown one step further to establish itself as a well-known event in the security community, with the publication of hardcopy proceedings. RAID 2000 received 26 paper submissions from 10 countries and 3 continents. The program committee selected 14 papers for publication and examined 6 of them for presentation. In addition RAID 2000 received 30 extended abstracts proposals; 15 of these extended abstracts were accepted for presentation. - tended abstracts are available on the website of the RAID symposium series, http: //www.raid-symposium.org/. We would like to thank the technical p- gram committee for the help we received in reviewing the papers, as well as all the authors for their participation and submissions, even for those rejected. As in previous RAID symposiums, the program alternates between fun- mental research issues, such as newtechnologies for intrusion detection, and more practical issues linked to the deployment and operation of intrusion det- tion systems in a real environment. Five sessions have been devoted to intrusion detection technology, including modeling, data mining and advanced techniques

This book constitutes the refereed proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems, CHES'99, held in Worcester, MA, USA in August 1999. The 27 revised papers presented together with three invited contributions were carefully reviewed and selected from 42 submissions. The papers are organized in sections on cryptographic hardware, hardware architectures, smartcards and embedded systems, arithmetic algorithms, power attacks, true random numbers, cryptographic algorithms on FPGAs, elliptic curve implementations, new cryptographic schemes and modes of operation.

This book constitutes the refereed proceedings of the International Conference on the Theory and Application of Cryptographic Techniques, EUROCRYPT 2000, held in Bruges, Belgium, in May 2000. The 39 revised full papers presented were carefully selected from a total of 150 submissions during a highly competitive reviewing process. The book is divided in topical sections of factoring and discrete logarithm, digital signatures, private information retrieval, key management protocols, threshold cryptography, public-key encryption, quantum cryptography, multi-party computation and information theory, zero-knowledge, symmetric cryptography, Boolean functions and hardware, voting schemes, and stream ciphers and block ciphers.

ICICS 99, the Second International Conference on Information and C- munication Security, was held in Sydney, Australia, 9-11 November 1999. The conference was sponsored by the Distributed System and Network Security - search Unit, University of Western Sydney, Nepean, the Australian Computer Society, IEEE Computer Chapter (NSW), and Harvey World Travel. I am g- teful to all these organizations for their support of the conference. The conference brought together researchers, designers, implementors and users of information security systems and technologies. A range of aspects was addressed from security theory and modeling to system and protocol designs and implementations to applications and management. The conference con- sted of a series of refereed technical papers and invited technical presentations. The program committee invited two distinguished key note speakers. The ?rst keynote speech by Doug McGowan, a Senior Manager from Hewlett-Packard, USA, discussed cryptography in an international setting. Doug described the current status of international cryptography and explored possible future trends and new technologies. The second keynote speech was delivered by Sushil Ja- dia of George Mason University, USA. Sushil s talk addressed the protection of critical information systems. He discussed issues and methods for survivability of systems under malicious attacks and proposed a fault-tolerance based - proach. The conference also hosted a panel on the currently much debated topic of Internet censorship. The panel addressed the issue of censorship from various viewpoints namely legal, industrial, governmental and technical."

This book constitutes the refereed proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography, PKC 2001, held in Cheju Island, Korea in February 2001.The 30 revised full papers presented were carefully reviewed and selected from 67 submissions. The papers address all current issues in public key cryptography, ranging from mathematical foundations to implementation issues.

This book constitutes the refereed proceedings of the 4th International Algorithmic Number Theory Symposium, ANTS-IV, held in Leiden, The Netherlands, in July 2000.The book presents 36 contributed papers which have gone through a thorough round of reviewing, selection and revision. Also included are 4 invited survey papers. Among the topics addressed are gcd algorithms, primality, factoring, sieve methods, cryptography, linear algebra, lattices, algebraic number fields, class groups and fields, elliptic curves, polynomials, function fields, and power sums.

The third Financial Cryptography conference was held in February 1999, once again at Anguilla in the British West Indies. The number of attendees continues to increase from year to year, as do the number and quality of the technical submissions. The Program Committee did a great job selecting the technical program. I thank them for all of their eo rt's. We were helped by a number of outside reviewers, including Mart n Abadi, Gerrit Bleumer, Drew Dean, Anand Desai, Mariusz Jakubowski, Andrew Odlyzko, David Pointcheval, Guillaume Poupard, Zul kar Ramzan, Aleta Ricciardi, Dan Simon, Jessica Staddon, Venkie Venka- san, Avishai Wool, and Francis Zane. I apologize for any omissions. Adi Shamir gave an excellent invited talk that forecast the future of crypt- raphy and electronic commerce. On-line certic ate revocation was the subject of a panel led by Michael Myers, following up on the success of his panel on the same topic at last year's conference. Joan Feigenbaum moderated a lively panel on fair use, intellectual property, and the information economy, and I thank her for pulling together from that discussion a paper for these proceedings. A s- cessful Rump Session allowed participants to present new results in an informal setting, superbly chaired by Avi Rubin.

This book constitutes the refereed proceedings of the First International Conference on Cryptology in India, INDOCRYPT 2000, held in Calcutta, India in December 2000. The 25 revised full papers presented were carefully reviewed and selected from a total of 54 submissions. The book offers topical sections on stream ciphers and Boolean functions, cryptoanalysis: stream ciphers, cryptanalysis: block ciphers, electronic cash and multiparty computation, digital signatures, elliptic curves, fast arithmetic, cryptographic protocols, and block cipher and public key cryptography.

Large-scale open distributed systems provide an infrastructure for assembling global applications on the basis of software and hardware components originating from multiple sources. Open systems rely on publicly available standards to permit heterogeneous components to interact. The Internet is the archetype of a large-scale open distributed system; standards such as HTTP, HTML, and XML, together with the widespread adoption of the Java language, are the cornerstones of many distributed systems. This book surveys security in large-scale open distributed systems by presenting several classic papers and a variety of carefully reviewed contributions giving the results of new research and development. Part I provides background requirements and deals with fundamental issues in trust, programming, and mobile computations in large-scale open distributed systems. Part II contains descriptions of general concepts, and Part III presents papers detailing implementations of security concepts.

This book contains selected papers presented at the First NASA International Conference on Quantum Computing and Quantum Communications, QCQC'98, held in Palm Springs, California, USA in February 1998.As the record of the first large-scale meeting entirely devoted to quantum computing and communications, this book is a unique survey of the state-of-the-art in the area. The 43 carefully reviewed papers are organized in topical sections on entanglement and quantum algorithms, quantum cryptography, quantum copying and quantum information theory, quantum error correction and fault-tolerant quantum computing, and embodiments of quantum computers.

This volume constitutes the thoroughly refereed post-proceedings of the Third International Conference on Smart Card Research and Advanced Applications, CARDIS'98, held in Louvain-la-Neuve, Belgium in September 1998. The 35 revised full papers presented were carefully reviewed and updated for inclusion in this book. All current aspects of smart card research and applications development are addressed, in particular: Java cards, electronic commerce, efficiency, security (including cryptographic algorithms, cryptographic protocols, and authentication), and architecture.

This book constitutes the thoroughly refereed post-workshop proceedings of the 6th International Workshop on Security Protocols held in Cambridge, UK in April 1998.
The 15 revised papers presented as position statements are followed by transcripts of the discussions between the authors and the audience. Also included is a report on the final panel discussion on future directions in security protocols research and developments. Thus the volume reflects the lively interaction at the workshop. The papers are devoted to the interrelations between trust and delegation, exploring the implications and effects of these upon such issues as authorization, security policy, and cryptosystems and component design.

EUROCRYPT '99, the seventeenth annual Eurocrypt Conference, was sp- soredbytheInternationalAssociationforCryptologicResearch(IACR), inco- erationwiththeGroupofCryptologywithintheUnionofCzechMathematicians and Physicists. The GeneralChair, JaroslavHruby, wasresponsiblefor the ov- allorganizationoftheconferenceinthebeautiful cityofPrague. Letmemention that it was a pleasure to work together: although we were in di erent locations, we managed to stay in close contact and maintain a smooth organization of the conference. The Program Committee, consisting of 21 members, considered 120 papers and selected 32 for presentation. In addition, Ross Anderson kindly agreed to chairthetraditionalrumpsessionforinformalshortpresentationsofnewresults. These proceedings include the revised versions of the 32 papers accepted by the Program Committee. These papers were selected on the basis of originality, quality, and relevance to cryptography. As a result, they should give a proper picture of how the eld is evolving. Revisions were not checked and the authors bear full responsibility for the contents of their papers. The selection of papers was a di cult and challenging task. Eachsubmission was refereed by at least three reviewers and most had four reports or more. I wish to thank the program committee members, who did an excellent job. In addition, I gratefully acknowledge the help of a large number of colleagues who reviewed submissions in their areas of expertise.

ACISP 2000, the Fifth Australasian Conference on Information Security and Privacy, was held in Brisbane, Australia, 10-12 July, 2000. The conference was sponsored by the Information Security Research Centre at Queensland Univ- sity of Technology, the Australian Computer Society, Telstra, Boeing Australia Limited, SecureGate Limited, and RSA Security Pty Ltd. We are grateful to all these organizations for their support of the conference. The conference brought together researchers, designers, implementors, and users of information security systems. The aim of the conference is to have a series of technical refereed and invited papers to discuss all di?erent aspects of information security. The program committee invited seven distinguished sp- kers: Mike Burmester, G. R. Blakley, Bob Blakley, Brian Denehy, Roger Lyle, John Snare, and Alan Underwood. Mike Burmester from Royal Holloway C- lege, UniversityofLondonpresentedapaperentitled"ASurveyofKeyDistri- tion"; G. R. Blakley from Texas A&M University and Bob Blakley from the IBM Tivoli Security Business Unit presented a paper entitled "All Sail, No Anchor, I: Cryptography, Risk, and e-Commerce"; Brian Denehy from SecureGate Limited presented a paper entitled "Secure Networks or Network Security - Approaches toBoth";RogerLylefromStandardsAustraliaandJohnSnarefromTelstrap- sented a paper entitled "Perspectives on Australia's New Information Security Management Standard"; and Alan Underwood from the Australian Computer Societypresentedapaperentitled"ProfessionalEthicsinaSecurityandPrivacy Context - The Perspective of a National Computing Society." There were 81 technical papers submitted to the conference from an int- national authorship. These papers were refereed by the program committee and 37 papers were accepted for the conference.

This book constitutes the refereed proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography, PKC'99, held in Kamakura, Japan in March 1999. The 25 revised full papers presented were carefully reviewed and selected from a total of 61 submissions. The volume reports most recent research results on all relevant aspects in public key cryptography. Among the topics covered are digital signatures, anonymous finger printing, message authentication, digital payment, key escrow, RSA systems, hash functions, decision oracles, random numbers, finite field computations, pay-per-view-systems, and electronic commerce.

The 2nd International Conference on Information Security and Cryptology (ICISC)wassponsored bythe KoreaInstituteofInformationSecurityandCr- tology(KIISC). It took place at Korea University, Seoul, Korea, December 9-10, 1999. Jong In Lee of Korea University was responsible for the organization. The call for papers brought 61 papers from 10 countries on four continents. As in the last year the review process was totally blind. The informationabout - thors or their a?liationwas not given to Technical Program Committee (TPC) members. Each TPC member was random-coded and did not even know who wasreviewing which paper. The 23 TPC members ?nallyselected 20 top-quality papers for presentation at ICISC 1999 together with one invited talk. Serge Vaudenay gave an invited talk on "Provable Security for Conventional Crypt- raphy." Many people contributed to ICISC'99. First of all I would like to thank all the authorswho submitted papers. I amgrateful to the TPC members fortheirhard workreviewing the papers andthe OrganizationCommittee members for all the supporting activities which made ICISC'99 a success. I would like to thank the Ministry of Information and Communication of Korea (MIC) which ?nancially sponsored ICISC'99. Special thanks go to Pil Joong Lee and Heung Youl Youm who helped me during the wholeprocess of preparation for the conference. Last, but notleast, I thank my students, KyuMan Ko, SungkyuChie, andChan Yoon Jung.

The Department of Electrical Engineering-ESAT at the Katholieke Universiteit Leuven regularly runs a course on the state of the art and evolution of computer security and industrial cryptography. The rst course took place in 1983, the second in 1989, and since then the course has been a biennial event. The course is intended for both researchers and practitioners from industry and government. It covers the basic principles as well as the most recent - velopments. Our own interests mean that the course emphasizes cryptography, but we also ensure that the most important topics in computer security are covered. We try to strike a good balance between basic theory and real-life - plications, between mathematical background and judicial aspects, and between recent technical developments and standardization issues. Perhaps the greatest strength of the course is the creation of an environment that enables dialogue between people from diverse professions and backgrounds. In 1993, we published the formal proceedings of the course in the Lecture Notes in Computer Science series (Volume 741). Since the el d of cryptography has advanced considerably during the interim period, there is a clear need to publish a new edition. Since 1993, several excellent textbooks and handbooks on cryptology have been published and the need for introductory-level papers has decreased. The growth of the main conferences in cryptology (Eurocrypt, Crypto, and Asiacrypt) shows that interest in the eld is increasing

The mid-1990ssaw an exciting convergenceof a number of dieren t information protection technologies, whose theme was the hiding (as opposed to encryption) of information. Copyright marking schemes are about hiding either copyright notices or individual serial numbers imperceptibly in digital audio and video, as a component in intellectual property protection systems; anonymous c- munication is another area of rapid growth, with people designing systems for electronic cash, digital elections, and privacy in mobile communications; se- rity researchers are also interested in 'stray' communication channels, such as those which arise via shared resourcesin operating systems or the physical le- age of information through radio frequency emissions; and n ally, many workers in these elds drew inspiration from 'classical' hidden communication methods such as steganography and spread-spectrum radio. The rst international workshop on this new emergent discipline of inf- mation hiding was organised by Ross Anderson and held at the Isaac Newton Institute, Cambridge, from the 30th May to the 1st June 1996, and was judged by attendees to be a successful and signi cant event. In addition to a number of research papers, we had invited talks from David Kahn on the history of steganography and from Gus Simmons on the history of subliminal channels. We also had a number of discussion sessions, culminating in a series of votes on common terms and de nitions. These papers and talks, together with minutes of the discussion, can be found in the proceedings, which are published in this series as Volume 1174.

Computers and their interactions are becoming the characteristic features of our time: Many people believe that the industrial age is going over into the information age. In the same way as life of the beginning of this century was dominated by machines, factories, streets and railways, the starting century will be characterised by computers and their networks. This change naturally affects also the institutions and the installations our lives depend upon: power plants, including nuclear ones, chemical plants, mechanically working factories, cars, railways and medical equipment; they all depend on computers and their connections. In some cases it is not human life that may be endangered by computer failure, but large investments; e. g. if a whole plant interrupts its production for a long time. In addition to loss of life and property one must not neglect public opinion, which is very critical in many countries against major technical defects. The related computer technology, its hardware, software and production process differ between standard applications and safety related ones: In the safety case it is normally not only the manufacturers and the customers that are involved, but a third party, usually an assessor, who is taking care of the public interest on behalf of a state authority. Usually safety engineers are in a better position than their colleagues from the conventional side, as they may spend more time and money on a particular task and use better equipment.

The IMA conferences onCryptographyandCoding arenotonly a blend of these two aspects of information theory, but a blend of mathematics and engineering and of theoretical results and applications. The papers in this book show that the1999conferencewasnoexception. Indeed, weagainsawthemathematics- derlyingcryptographyanderrorcorrectingcodingbeing appliedto otheraspects ofcommunications, andwe alsosawclassicalmathematicalconcepts nding new applications in communications theory. As usual the conference was held at the Royal Agricultural College, Cirencester, shortly before Christmas - this time 20-22 December 1999. The papers appear in this book in the order in which they were presented, grouped into sessions, eachsessionbeginning with an invited paper. Theseinvited papers were intended to re?ect the invitees' views on the future of their subject - or more accurately where they intended to take it. Indeed the focus of the conf- encewas thefutureofcryptographyandcoding as seenthroughtheeyes ofyoung researchers. The r st group of papers is concerned with mathematical bounds, concepts, and constructions that form a common thread running through error corre- ing coding theory, cryptography, and codes for multiple access schemes. This is followed by a group of papers from a conference session concerned with app- cations. The papers range over various topics from arithmetic coding for data compression and encryption, through image coding, biometrics for authenti- tion, and access to broadcast channels, to photographic signatures for secure identi cation. The third set of papers deals with theoretical aspects of error c- recting coding, including graph and trellis decoding, turbo codes, convolution codes and low complexity soft decision decoding of Reed Solomon codes.

This book constitutes the refereed proceedings of the 5th European Symposium on Research in Computer Security, ESORICS 98, held in Louvain-la-Neuve, Belgium, in September 1998.
The 24 revised full papers presented were carefully reviewed and selected from a total of 57 submissions. The papers provide current results from research and development in design and specification of security policies, access control modelling and protocol analysis, mobile systems and anonymity, Java and mobile code, watermarking, intrusion detection and prevention, and specific threads.

The CQRE [Secure] conference provides a new international forum giving a close-up view on information security in the context of rapidly evolving economic processes. The unprecedented reliance on computer technology has transformed the previous technical side-issue "information security" to a management problem requiring decisions of strategic importance. Thus one of the main goals of the conference is to provide a platform for both technical specialists as well as decision makers from government, industry, commercial, and academic communities. The target of CQRE is to promote and stimulate dialogue between managers and experts, which seems to be necessary for providing secure information systems in the next millennium. Therefore CQRE consists of two parts: Part I mainly focuses on strategic issues of information security, while the focus of Part II is more technical in nature. This volume of the conference proceedings consists of the reviewed and invited contributions of the second part. The program committee considered 46 papers and selected only 15 for full presentation. For the participants' convenience we have also included the notes of the invited lectures and short workshop talks in this volume.

This book constitutes the refereed proceedings of the Third Australasian Conference on Information Security and Privacy, ACISP'98, held in Brisbane, Australia, in Kuly 1998.
The volume presents 35 revised full papers selected from a total of 66 submissions; also included are two invited contributions. The book is divided in sections on network security, block ciphers, stream ciphers, authorization codes and Boolean functions, software security and electronic commerce, public key cryptography, hardware, access control, protocols, secret sharing, and digital signatures.