The EUROCRYPT '96 conference was sponsored by the International Asso- ation for Cryptologic Research (IACR)l, in cooperation with the University of Saragossa. It took place at the Palacio de Congresos in Saragossa, Spain, during May 12-16, 1996. This was the fifteenth annual EUROCRYPT conference (this name has been used since the third conference held in 1984), each of which has been held in a different city in Europe. For the second time, proceedings were available at the conference. JosC Pastor Franco, the General Chair, was resp- sible for local organization and registration. His contribution to the snccess of the conference is gratefully acknowledged. The Program Committee considered 126 submitted papers and selected 34 for presentation. Each paper was sent to all members of the Program Committee and was assigned to at least three of them for careful evaluation. There were also two invited talks. James L. Massey, this year's IACR Distinguished Ltcturer, gave a lecture entitled "The difficulty with difficulty". Massey is the third to receive this honor, the first two being Gustavus Simmons and Adi Shamir. Shafi Goldwasser gave an invited talk entitled "Multi party secure protocols: past and present". These proceedings contain revised versions of the 34 contributed talks. While the papers were carefully selected, they have not been refereed like submissions to a refereed journal. The authors bear full responsibility for the contents of their papers. Some authors may write final versions of their papers for publication in a refereed journal.

SAFECOMP '96 contains papers presented at the 15th International Conference on Computer Safety, Reliability and Security held in Vienna, Austria, 23-25 October 1996. The conference aimed to provide an opportunity for technical developers and users to discuss and review their experiences, to consider the best technologies currently available, and to identify the skills and technologies required for the future. SAFECOMP '96 focuses on critical computer applications and is intended as a platform for technology transfer between academia, industry and research institutions. SAFECOMP '96 will be of interest to all those in universities, research institutions, industry and business who want to be well-informed about the current international state of the art in computer safety, reliability and security.

This book presents the best readings on cryptographic policy and current cryptography trends. Topics include a survey of cryptography, the new "key escrow" systems, the Government solution, the debate between law enforcement views and civil liberties, and export control analysis. Detailed technological descriptions of promising new software schemes are included as well as analysis of the constitutional issues by legal scholars. Important government cost analyses appear here for the first time in any book. Other highlights include the text of the new US digital telephony law and the pending encryption regulation bill and a list of hundreds of cryptographic products available around the world. There is even a paper on how to commit the perfect crime electronically, using public key encryption.

This manual documents the outcome of the EC sponsored project RACE Integrity Primitives Evaluation (R1040), RIPE. This project is a huge joint 350 man-month project conducted by 16 leading European security experts.
This book offers expert advice to professionals seeking to secure information systems by applying up-to-date cryptographic techniques. The core of this volume is a detailed integrity primitives portfolio recommendation. Among the issues addressed are security services, integrity mechanisms, data origin authentication, entity authentication, access control, data integrity, non-repudiation, signatures, and key exchange.

This monograph describes a programming methodology based upon programming paradigms and generic programs and demonstates how distributed application programs can be developed by simple substitution of data structures and sequential procedures. The author introduces generic programs for two paradigms and shows how to derive new distributed programs for several applications related to the RSA cryptosystem, including RSA enciphering and deciphering, prime number generation, and factoring.
The book is well-written and easily accessible to the non-expert. The work is an appealing combination of the theory and practice of parallel computing and provides a clear introduction to the theory and practice of RSA cryptography.

This book constitutes the refereed proceedings of the Third International Workshop on Fast Software Encryption; this workshop was held in conjunction with the program on computer security, cryptology, and coding theory at the Isaac Newton Institute in Cambridge, UK in February 1996.
The 18 revised papers presented were carefully selected for inclusion in the volume by the program committee. They report the state of the art in the field of fast encryption algorithms and are organized in sections on block cipher analysis, applications, hash functions, block cipher proposals, correlation analysis, and design criteria for block ciphers.

This book constitutes the refereed proceedings of the International Conference 'Cryptography: Policy and Algorithms', held in Brisbane, Queensland, Australia in July 1995.Over the past few years, issues relating to cryptography policy have made headline news, particularly those concerned with the rights to privacy of the individual, who may choose to use cryptographic systems to maintain confidentiality, against the needs of legal authorities to conduct wiretapping to help combat crime. The 27 revised full contributions in this volume are devoted to both crypto policy matters and the related theory and applications of cryptographic algorithms. The volume is of relevance to cryptology researchers and professionals in industry and administration.

This volume constitutes the proceedings of the Third European Symposium on Research in Computer Security, held in Brighton, UK in November 1994.
The 26 papers presented in the book in revised versions were carefully selected from a total of 79 submissions; they cover many current aspects of computer security research and advanced applications. The papers are grouped in sections on high security assurance software, key management, authentication, digital payment, distributed systems, access control, databases, and measures.

The CRYPTO '94 conference is sponsored by the International Association for Cryptologic Research (IACR), in co-operation with the IEEE Computer Society Technical Committee on Security and Privacy. It has taken place at the Univ- sity of California, Santa Barbara, from August 21-25,1994. This is the fourteenth annual CRYPTO conference, all of which have been held at UCSB. This is the first time that proceedings are available at the conference. The General Chair, Jimmy R. Upton has been responsible for local organization, registration, etc. There were 114 submitted papers which were considered by the Program Committee. Of these, 1 was withdrawn and 38 were selected for the proce- ings. There are also 3 invited talks. Two of these are on aspects of cryptog- phy in the commercial world. The one on hardware aspects will be presented by David Maher (AT&T), the one on software aspects by Joseph Pato (Hewlett- Packard). There will also be a panel discussion on "Securing an Electronic World: Are We Ready?" The panel members will be: Ross Anderson, Bob Blakley, Matt Blaze, George Davida, Yvo Desmedt (moderator), Whitfield Diffie, Joan Feig- baum, Blake Greenlee, Martin Hellman, David Maher, Miles Smid. The topic of the panel will be introduced by the invited talk of Whitfield Diffie on "Securing the Information Highway. " These proceedings contain revised versions of the 38 contributed talks. Each i paper was sent to at least 3 members of the program committee for comments.

This volume contains the refereed papers presented at the International Workshop on Software Encryption Algorithms, held at Cambridge University, U.K. in December 1993.
The collection of papers by representatives of all relevant research centers gives a thorough state-of-the-art report on all theoretical aspects of encryption algorithms and takes into account the new demands from new applications, as for example from the data-intensive multimedia applications. The 26 papers are organized in sections on block ciphers, stream ciphers, software performance, cryptanalysis, hash functions and hybrid ciphers, and randomness and nonlinearity.

This book contains a set of revised refereed papers selected from the presentations at the Second International Workshop on Fast Software Encryption held in Leuven, Belgium, in December 1994.
The 28 papers presented significantly advance the state of the art of software algorithms for two cryptographic primitives requiring very high speeds, namely encryption algorithms and hash functions: this volume contains six proposals for new ciphers as well as new results on the security of the new proposals. In addition, there is an introductory overview by the volume editor. The papers are organized in several sections on stream ciphers and block ciphers; other papers deal with new algorithms and protocols or other recent results.

This volume contains papers from the OOPSLA-93 Conference Workshop on Security for Object-Oriented Systems, held in Washington DC, USA, on 26 September 1993. The workshop addressed the issue of how to introduce an acceptable level of security into object-oriented systems, as the use of such systems becomes increasingly widespread. The topic is approached from two different, but complementary, viewpoints: the incorporation of security into object-oriented systems, and the use of object-oriented design and modelling techniques for designing secure applications. The papers cover a variety of issues, relating to both mandatory and discretionary security, including security facilities of PCTE, information flow control, the design of multilevel secure data models, and secure database interoperation via role translation. The resulting volume provides a comprehensive overview of current work in this important area of research.

Safety-related computer systems are those which may lead to loss of life, injury or plant and environmental damage. Such systems therefore have to be developed and implemented so that they meet strict require and security because their applications cover ments on safety, reliability nearly all areas of daily life and range from controlling and monitoring industrial processes, through robotics and power generation, to transport systems. Highly reliable electronic systems for safety-related applications represent an area in which industry has been involved for many years and which is now gaining increasing importance in academia. Their relevance also results from an increased perception of safety by society. Therefore, not only are technicians involved in this area, but psycho logical and sociological aspects also play a major role. Dealing with safety-related systems we have to consider the whole lifecycle of these systems, starting from specification up to implementation, assessment and operation. All those issues mentioned above are covered in this book, which represents the proceedings of the 14th International Conference on Computer Safety, Reliability and Security, SAFECOMP '95, held in Belgirate, Italy, 11-13 October 1995. The conference continues the series of SAFECOMP conferences which was originated by the European Workshop on Industrial Computer Systems, Technical Committee 7 on Safety, Security and Reliability (EWICS TC7) and reflects the state of the art, experience and new trends in the area of safety-related computer systems."

The CRYPTO '93 conference was sponsored by the International Association for Cryptologic Research (IACR) and Bell-Northern Research (a subsidiary of Northern Telecom), in co-operation with the IEEE Computer Society Technical Committee. It took place at the University of California, Santa Barbara, from August 22-26, 1993. This was the thirteenth annual CRYPTO conference, all of which have been held at UCSB. The conference was very enjoyable and ran very of the General Chair, Paul Van Oorschot. smoothly, largely due to the efforts It was a pleasure working with Paul throughout the months leading up to the conference. There were 136 submitted papers which were considered by the Program Committee. Of these, 38 were selected for presentation at the conference. There was also one invited talk at the conference, presented by Miles Smid, the title of which was "A Status Report On the Federal Government Key Escrow System." The conference also included the customary Rump Session, which was presided over by Whit Diffie in his usual inimitable fashion. Thanks again to Whit for organizing and running the Rump session. This year, the Rump Session included an interesting and lively panel discussion on issues pertaining to key escrowing. Those taking part were W. Diffie, J. Gilmore, S. Goldwasser, M. Hellman, A. Herzberg, S. Micali, R. Rueppel, G. Simmons and D. Weitzner.

The programme for the Second Safety-critical Systems Symposium was planned to examine the various aspects of technology currently employed in the design of safety-critical systems, as well as to emphasise the importance of safety and risk management in their design and operation. assessment There is an even balance of contributions from academia and industry. Thus, industry is given the opportunity to express its views of the safety-critical domain and at the same time offered a glimpse of the technologies which are currently under development and which, if successful, will be available in the medium-term future. In the field of technology, a subject whose importance is increasingly being recognised is human factors, and there are papers on this from the University of Hertfordshire and Rolls-Royce. Increasingly, PLCs are being employed in safety-critical applications, and this domain is represented by contributions from Nuclear Electric and August Computers. Then there are papers on maintainability, Ada, reverse engineering, social issues, formal methods, and medical systems, all in the context of safety. And, of course, it is not possible to keep the 'new' technologies out of the safety-critical domain: there are papers on neural networks from the University of Exeter and knowledge-based systems from ERA Technology.

EUROCRYPT '95. Sponsored by the International Association for Cryp- logic Research (IACR), in cooperation with the Centre Commun d'Etudes de T616vision et T61Qcommunications (CCETT), a workshop on the theory and - plications of cryptographic techniques takes place at the Palais du Grand Large, Saint Malo, France, May 21-25, 1995. The General Chair of EUROCRYPT '95 is Franqoise Scarabin. The Or- nization Committee was helped by Maryvonne Lahaie and her communication team. Moreover, the CCETT has generously provided the help of a young - glish lady, Miss Virginia Cooper, for the secretariat of both the Organization arid Program Committees. They all did an excellent job in preparing the conference. It is our pleasure to thank them for their essential work. IACR and EUROCRYPT. According to a very good suggestion expressed during CRYPTO '82, the Association was established at CRYPTO '83. Today, the Association has approximately 600 members and the mailing file managed by its Secretariat consists of more than 2 000 names. The main goal of the Association is the sponsoring of two annual conferences: CRYPTO, every summer at the University of California, Santa Barbara (UCSB), and EUROCRYPT, every spring in a different European country. Moreover, the Association edits quarterly the Journal of Cryptology (JoC).

The safe operation of computer systems continues to be a key issue in many applications where people, environment, investment, or goodwill can be at risk. Such applications include medical, railways, power generation and distribution, road transportation, aerospace, process industries, mining, military and many others. This book represents the proceedings of the 12th International Conference on Computer Safety, Reliability and Security, held in Poznan, Poland, 27-29 October 1993. The conference reviews the state of the art, experiences and new trends in the areas of computer safety, reliability and security. It forms a platform for technology transfer between academia, industry and research institutions. In an expanding world-wide market for safe, secure and reliable computer systems SAFECOMP'93 provides an opportunity for technical developers, users, and legislators to exchange and review the experience, to consider the best technologies now available and to identify the skills and technologies required for the future. The papers were carefully selected by the International Program Com mittee of the Conference. The authors of the papers come from 16 different countries. The subjects covered include formal methods and models, safety assessment and analysis, verification and validation, testing, reliability issues and dependable software tech nology, computer languages for safety related systems, reactive systems technology, security and safety related applications. As to its wide international coverage, unique way of combining partici pants from academia, research and industry and topical coverage, SAFECOMP is outstanding among the other related events in the field."

This volume comprises a collection of papers presented at the Workshop on Information Protection, held in Moscow, Russia in December 1993. The 16 thoroughly refereed papers by internationally known scientists selected for this volume offer an exciting perspective on error control coding, cryptology, and speech compression. In the former Soviet Union, research related to information protection was often shielded from the international scientific community. Therefore, the results presented by Russian researchers and engineers at this first international workshop on this topic are of particular interest; their work defines the cutting edge of research in many areas of error control, cryptology, and speech recognition.

A series of workshops devoted to modern cryptography began in Santa Barbara,California in 1981 and was followed in 1982 by a European counterpart in Burg Feuerstein, Germany. The series has been maintained with summer meetings in Santa Barbara and spring meetings somewhere in Europe. At the 1983 meeting in Santa Barbara the International Association for Cryptologic Research was launched and it now sponsors all the meetings of the series. This volume presents the proceedings of Eurocrypt '92, held in Hungary. The papers are organized into the following parts: Secret sharing, Hash functions, Block ciphers, Stream ciphers, Public key I, Factoring, Trapdoor primes and moduli (panel report), Public key II, Pseudo-random permutation generators, Complexity theory and cryptography I, Zero-knowledge, Digital knowledge and electronic cash, Complexity theory andcryptography II, Applications, and selected papers from the rump session. Following the tradition of the series, the authors produced full papers after the meeting, in some cases with revisions.

0 e This is the proceedings of the first annual symposium of the Safety-critical Systems Club (The Watershed Media Centre, Bristol, 9-11 February 1993), which provided a forum for exploring and discussing ways of achieving safety in computer systems to be used in safety-critical industrial applications. The book is divided into three parts, which correspond with the themes of the three days of the symposium. The first - "Experience from Around Europe" - brings together information on developments in safety-critical systems outside the UK. The second - "Current" "Research" - consists of papers on large projects within the UK, which involve collaboration between academia and industry, providing techniques and methods to enhance safety. The final part - "Achieving and Evaluating Safety" - explores how methods already in use in other domains may be applied to safety, and examines the relationships between safety and other attributes such as quality and security. The papers identify the current problems and issues of interest in the field of safety-critical software-based systems, and provide valuable up-to-date material for those in both academia and industry. The academic will benefit from information about current research complimentary to his own, and the industrialist will learn of the technologies which will soon be available and where to find them.

This volume contains the proceedings of ASIACRYPT '91, the first international conference on the theory and application of cryptology to be held in the Asian area. It was held at Fujiyoshida, near Mount Fuji in Japan, in November 1991. The conference was modeled after the very successful CRYTO and EUROCRYPT series of conferences sponsored by the International Association for Cryptologic Research (IACR). The IACR and the Institute of Electronics, Information and Communication Engineers were sponsors for ASIACRYPT '91. The papers from the conference were improved and corrected for inclusion in this volume. The papers are grouped into parts on: differential cryptanalysis and DES-like cryptosystems; hashing and signature schemes; secret sharing, threshold, and authenticationcodes; block ciphers - foundations and analysis; cryptanalysis and new ciphers; proof systems and interactive protocols; public key ciphers - foundations and analysis. Also included are four invited lectures and impromptu talks from the rump session.

This volume contains a selection of refereed papers from the 1993 Canadian Workshop on Information Theory, held in Rockland, Ontario, May 30 - June 2.
The workshop provided a forum for Canadian and international researchers to gather and discuss new results in the areas of information theory, algebraic coding, digital communications, and networks.
A number of novel approaches to research problems are presented, and seminal works by several renowned experts are included in the volume.
The papers have been loosely grouped into four parts: coding and cryptography, coding and modulation of fading channels, decoding techniques, and networks and information theory.

This volume is based on a course held several times, and again in 1993, at the ESAT Laboratorium of the Department of Electrical Engineering at the Katholieke Universiteit Leuven in Belgium. These courses are intended for both researchers in computer security and cryptography and for practitioners in industry and government. The contributors of the 1991 course were invited to submit revised and updated versions of their papers for inclusion in a book. This volume is the final result; it is well- balanced between basic theory and real life applications, between mathematical background and juridical aspects, and between technical developments and standardization issues. Some of the topics are public key cryptography, hash functions, secure protocols, digital signatures, security architectures, network security, and data encryption standards (DES).

Eurocrypt is a series of open workshops on the theory and application of cryptographic techniques. These meetings have taken place in Europe every year since 1982 and are sponsored by the International Association for Cryptologic Research. Eurocrypt '93 was held in the village of Lofthus in Norway in May 1993. The call for papers resulted in 117 submissions with authors representing 27 different countries. The 36 accepted papers were selected by the program committee after a blind refereeing process. The papers are grouped into parts on authentication, public key, block ciphers, secret sharing, stream ciphers, digital signatures, protocols, hash functions, payment systems, and cryptanalysis. The volume includes 6 further rump session papers.

This volume presents the proceedings of the second European Symposium on Research in Computer Security (ESORICS 92), held in Toulouse in November 1992. The aim of this symposium is to further the progress of research in computer security by bringing together researchers in this area, by promoting the exchange of ideas with system developers, and by encouraging links with researchers in areas related to computer science, informationtheory, and artificial intelligence. The volume contains 24 papers organizedinto sections on access control, formal methods, authentication, distributed systems, database security, system architectures, and applications. ESORICS 92 was organized by AFCET (Association francaise des sciences et technologies de l'information et des syst mes) in cooperation with a large number of national and international societies and institutes.