This volume constitutes the strictly refereed post-workshop proceedings of the Fourth International Workshop on Fast Software Encryption, FSE'97, held in Haifa, Israel, in January 1997.
The 23 full papers presented were carefully selected from 44 submissions and revised for inclusion in the book. Also contained is a summary of a panel discussion. The papers are organized in sections on cryptanalysis, blockciphers, stream ciphers, message authentication codes, modes of operation, and fast software encryption. Particular emphasis is placed on applicability and implementation issues of fast cryptography.

This book constitutes the refereed proceedings of the 17th Annual International Cryptology Conference, CRYPTO'97, held in Santa Barbara, California, USA, in August 1997 under the sponsorship of the International Association for Cryptologic Research (IACR).
The volume presents 35 revised full papers selected from 160 submissions received. Also included are two invited presentations. The papers are organized in sections on complexity theory, cryptographic primitives, lattice-based cryptography, digital signatures, cryptanalysis of public-key cryptosystems, information theory, elliptic curve implementation, number-theoretic systems, distributed cryptography, hash functions, cryptanalysis of secret-key cryptosystems.

This book constitutes the refereed proceedings of the Second Australasian Conference on Information Security and Privacy, ACISP'97, held in Sydney, NSW, Australia, in July 1997.
The 20 revised full papers presented were carefully selected for inclusion in the proceedings. The book is divided into sections on security models and access control, network security, secure hardware and implementation issues, cryptographic functions and ciphers, authentication codes and secret sharing systems, cryptanalysis, key escrow, security protocols and key management, and applications.

EUROCRYEVr '97, the 15th annual EUROCRYPT conference on the theory and application of cryptographic techniques, was organized and sponsored by the International Association for Cryptologic Research (IACR). The IACR organizes two series of international conferences each year, the EUROCRYPT meeting in Europe and CRWTO in the United States. The history of EUROCRYFT started 15 years ago in Germany with the Burg Feuerstein Workshop (see Springer LNCS 149 for the proceedings). It was due to Thomas Beth's initiative and hard work that the 76 participants from 14 countries gathered in Burg Feuerstein for the first open meeting in Europe devoted to modem cryptography. I am proud to have been one of the participants and still fondly remember my first encounters with some of the celebrities in cryptography. Since those early days the conference has been held in a different location in Europe each year (Udine, Paris, Linz, Linkoping, Amsterdam, Davos, Houthalen, Aarhus, Brighton, Balantonfiired, Lofthus, Perugia, Saint-Malo, Saragossa) and it has enjoyed a steady growth, Since the second conference (Udine, 1983) the IACR has been involved, since the Paris meeting in 1984, the name EUROCRYPT has been used. For its 15th anniversary, EUROCRYPT finally returned to Germany. The scientific program for EUROCRYPT '97 was put together by a 18-member program committee whch considered 104 high-quality submissions. These proceedings contain the revised versions of the 34 papers that were accepted for presentation. In addition, there were two invited talks by Ernst Bovelander and by Gerhard Frey.

The Commission of the European Union, through its Fourth Framework R&D programme is committed to the development of the Information Society. There is no doubt that there will be many radical changes in all aspects of society caused by the far-reaching impact of continuing advances in information and communi cation technologies. Many of these changes cannot be predicted, but that uncer tainty must not stop us from moving forward. The challenge is to ensure that these technologies are put to use in the most beneficial manner, taking fully into account the rich cultural and linguistic backgrounds within the peoples of Europe. We have a duty to ensure that the ultimate end-users of the technology are involved in the development and application of that technology to help shape its use. Without this active involvement, designers will not understand the individual and organisational requirements of the users, and the users will not understand the impact and applicability of the new technology. Failure on either account will lead to a sense of resentment on the part of the users and a lost opportunity to improve the quality of human life. The work, sponsored by the Human Comfort & Security sub-domain of the ESPRIT programme, has a central part to play in the creation of the Information Society, lying as it does at the interface between the technology and the user."

This book constitutes the refereed proceedings of the International Workshop on Security Protocols held in Cambridge, UK, in April 1996, in the context of the special program on computer security, cryptology, and coding theory at the Isaac Newton Institute.
The 17 revised full papers and one abstract included in the book were carefully selected. Among the topics addressed are several types of public key cryptosystems, digital cash, electronic commerce, digital signatures, and visual cryptography. Besides original theoretical results, the collection of papers show a strong applications-oriented component.

The contributions to this book are the invited papers presented at the fifth annual Safety-critical Systems Symposium. They cover a broad spectrum of issues affecting safety, from a philosophical appraisal to technology transfer, from requirements analysis to assessment, from formal methods to artificial intelligence and psychological aspects. They touch on a number of industry sectors, but are restricted to none, for the essence of the event is the transfer of lessons and technologies between sectors. All address practical issues and of fer useful information and advice. Contributions from industrial authors provide evidence of both safety con sciousness and safety professionalism in industry. Smith's on safety analysis in air traffic control and Rivett's on assessment in the automotive industry are informative on current practice; Frith's thoughtful paper on artificial intelli gence in safety-critical systems reflects an understanding of questions which need to be resolved; Tomlinson's, Alvery's and Canning's papers report on collaborative projects, the first on results which emphasise the importance of human factors in system development, the second on the development and trial of a comprehensive tool set, and the third on experience in achieving tech nology transfer - something which is crucial to increasing safety."

This book constitutes the strictly refereed post-workshop proceedings of the First International Workshop on Information Hiding, held in Cambridge, UK, in May/June 1996, within the research programme in computer security, cryptology and coding theory organized by the volume editor at the Isaac Newton Institute in Cambridge.
Work on information hiding has been carried out over the last few years within different research communities, mostly unaware of each other's existence. The 26 papers presented define the state of the art and lay the foundation for a common terminology. This workshop is very likely to be seen at some point as one of those landmark events that mark the birth of a new scientific discipline.

This book constitutes the thoroughly refereed post-conference proceedings of the First Australiasian Conference on Information Security and Privacy, ACISP '96, held in Wollongong, NSW, Australia, in June 1996.
The volume includes revised full versions of the 26 refereed papers accepted for presentation at the conference; also included are three invited contributions. The papers are organized in topical sections on authentication, secret sharing, encryption and cryptographic functions, authentication protocols, stream ciphers, access control, security models and intrusion detection, threshold cryptography, and hashing.

Meet the world's top ethical hackers and explore the tools of the trade Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race. Twenty-six of the world's top white hat hackers, security researchers, writers, and leaders, describe what they do and why, with each profile preceded by a no-experience-necessary explanation of the relevant technology. Dorothy Denning discusses advanced persistent threats, Martin Hellman describes how he helped invent public key encryption, Bill Cheswick talks about firewalls, Dr. Charlie Miller talks about hacking cars, and other cybersecurity experts from around the world detail the threats, their defenses, and the tools and techniques they use to thwart the most advanced criminals history has ever seen. Light on jargon and heavy on intrigue, this book is designed to be an introduction to the field; final chapters include a guide for parents of young hackers, as well as the Code of Ethical Hacking to help you start your own journey to the top. Cybersecurity is becoming increasingly critical at all levels, from retail businesses all the way up to national security. This book drives to the heart of the field, introducing the people and practices that help keep our world secure. * Go deep into the world of white hat hacking to grasp just how critical cybersecurity is * Read the stories of some of the world's most renowned computer security experts * Learn how hackers do what they do no technical expertise necessary * Delve into social engineering, cryptography, penetration testing, network attacks, and more As a field, cybersecurity is large and multi-faceted yet not historically diverse. With a massive demand for qualified professional that is only going to grow, opportunities are endless. Hacking the Hacker shows you why you should give the field a closer look.

SAFECOMP '96 contains papers presented at the 15th International Conference on Computer Safety, Reliability and Security held in Vienna, Austria, 23-25 October 1996. The conference aimed to provide an opportunity for technical developers and users to discuss and review their experiences, to consider the best technologies currently available, and to identify the skills and technologies required for the future. SAFECOMP '96 focuses on critical computer applications and is intended as a platform for technology transfer between academia, industry and research institutions. SAFECOMP '96 will be of interest to all those in universities, research institutions, industry and business who want to be well-informed about the current international state of the art in computer safety, reliability and security.

This book constitutes the strictly refereed proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security, ASIACRYPT '96, held in Kyongju, Korea, in November 1996.
The 31 revised full papers presented together with three invited contributions were carefully selected from a total of 124 submissions. The papers are organized in topical sections on discrete log based systems, efficient algorithms, hash functions and block cyphers, cryptographic protocols, signature and identification, visual secret sharing, key distribution, Boolean functions, electronic cash, special signatures, stream ciphers, and hard problems.

This book constitutes the refereed proceedings of the Second Asian Conference on Computing Science, ASIAN'96, held in Singapore in December 1996.
The volume presents 31 revised full papers selected from a total of 169 submissions; also included are three invited papers and 14 posters. The papers are organized in topical sections on algorithms, constraints and logic programming, distributed systems, formal systems, networking and security, programming and systems, and specification and verification.

Safety and Reliability of Software Based Systems contains papers, presented at the twelfth annual workshop organised by the Centre for Software Reliability. Contributions come from different industries in many countries, and provide discussion and cross-fertilisation of ideas relevant to systems whose safety and/or reliability are of paramount concern.
This book discusses safety cases and their varying roles in different industries; using measurement to improve reliability and safety of software-based systems; latest developments in managing, developing and assessing software intensive systems where reliability and/or safety are important considerations; and practical experiences of others in industry.

This book constitutes the refereed proceedings of the 4th European Symposium on Research in Computer Security, ESORICS '96, held in Rome, Italy, in September 1996 in conjunction with the 1996 Italian National Computer Conference, AICA '96.
The 21 revised full papers presented in the book were carefully selected from 58 submissions. They are organized in sections on electronic commerce, advanced access control models for database systems, distributed systems, security issues for mobile computing, network security, theoretical foundations of security, and secure database architectures.

This book, based on the author's Ph.D. thesis, was selected during the 1995 GI Doctoral Dissertation Competition as the winning thesis in the foundations-of-informatics track.
Securing integrity for digital communications in the age of global electronic information exchange and electronic commerce is vital to democratic societies and a central technical challenge for cryptologists. As core contribution to advancing the state of the art, the author develops the new class of digital fail-stop signatures. This monograph is self-contained regarding the historical background and cryptographic primitives used. For the first time, a general and sophisticated framework is introduced in which innovative fail-stop signatures are systematically presented and evaluated, from theoretical foundations to engineering aspects.

Crypto '96, the Sixteenth Annual Crypto Conference, is sponsored by the International Association for Cryptologic Research (IACR), in cooperation with the IEEE Computer Society Technical Committee on Security and P- vacy and the Computer Science Department of the University of California at Santa Barbara (UCSB). It takes place at UCSB from August 18 to 22, 1996. The General Chair, Richard Graveman, is responsible for local organization and registration. The scientific program was organized by the 16-member Program C- mittee. We considered 115 papers. (An additional 15 submissions had to be summarily rejected because of lateness or major noncompliance with the c- ditions in the Call for Papers.) Of these, 30 were accepted for presentation. In addition, there will be five invited talks by Ernest Brickell. Andrew Clark, Whitfield Diffie, Ronald Rivest, and Cliff Stoll. A Rump Session will be chaired by Stuart Haber. These proceedings contain the revised versions of the 30 contributed talks. least three com- The submitted version of each paper was examined by at mittee members and/or outside experts, and their comments were taken into account in the revisions. However, the authors (and not the committee) bear full responsibility for the content of their papers.

There is now a serious discussion taking place about the moment at which human beings will be surpassed and replaced by the machine. On the one hand we are designing machines which embed more and more human intelligence, but at the same time we are in danger of becoming more and more like machines. In these circumstances, we all need to consider: * What can we do? * What should we do? * What are the alternatives of doing it? This book is about the human-centred alternative of designing systems and technologies. This alternative is rooted in the European tradition of human-centredness which emphasises the symbiosis of human capabilities and machine capacity. The human-centred tra dition celebrates the diversity of human skill and ingenuity and provides an alternative to the 'mechanistic' paradigm of 'one best way', the 'sameness of science' and the 'dream of the exact language'. This alternative vision has its origin in the founding European human-centred movements of the 1970s. These include the British movement of Socially Useful Technology, the Scandinavian move ment of Democratic Participation, and the German movement of Humanisation of Work and Technology. The present volume brings together various strands of human-centred systems philosophy which span the conceptual richness and cultural diversity of the human-centred movements. The core ideas of human-centredness include human-machine symbiosis, the tacit dimension of knowl edge, the system as a tool rather than a machine, dialogue, partici pation, social shaping and usability.

The EUROCRYPT '96 conference was sponsored by the International Asso- ation for Cryptologic Research (IACR)l, in cooperation with the University of Saragossa. It took place at the Palacio de Congresos in Saragossa, Spain, during May 12-16, 1996. This was the fifteenth annual EUROCRYPT conference (this name has been used since the third conference held in 1984), each of which has been held in a different city in Europe. For the second time, proceedings were available at the conference. JosC Pastor Franco, the General Chair, was resp- sible for local organization and registration. His contribution to the snccess of the conference is gratefully acknowledged. The Program Committee considered 126 submitted papers and selected 34 for presentation. Each paper was sent to all members of the Program Committee and was assigned to at least three of them for careful evaluation. There were also two invited talks. James L. Massey, this year's IACR Distinguished Ltcturer, gave a lecture entitled "The difficulty with difficulty". Massey is the third to receive this honor, the first two being Gustavus Simmons and Adi Shamir. Shafi Goldwasser gave an invited talk entitled "Multi party secure protocols: past and present". These proceedings contain revised versions of the 34 contributed talks. While the papers were carefully selected, they have not been refereed like submissions to a refereed journal. The authors bear full responsibility for the contents of their papers. Some authors may write final versions of their papers for publication in a refereed journal.

This book gives a thorough explanation of what computer viruses are, how they work, and how much computer users should worry about them. It is written to apply to all systems: micro, network, and mainframe and for both professional managers of computing systems and users of personal computers of all types, PCs, Macintoshes, and others. Robert Slade presents details of many of the most virulent of the known viruses and of the damage that they have done, as well as providing quidelines and recommendations to protect systems from infection. In addition, the book provides the widest possible range of reviews of the major anti-virus software packages available as well as many of the books on viruses. Contact addresses, telephone numbers, and electronic mail addresses are also given. In the event of a suspected virus infection, this book is the one that users will reach for! Included with the book is a diskette containing both four antiviral pieces of software for the PC and Macintosh and the complete virus catalog as produced by the Virus Test Centre at the University of Hamburg.

This book constitutes the refereed proceedings of the Third International Workshop on Fast Software Encryption; this workshop was held in conjunction with the program on computer security, cryptology, and coding theory at the Isaac Newton Institute in Cambridge, UK in February 1996.
The 18 revised papers presented were carefully selected for inclusion in the volume by the program committee. They report the state of the art in the field of fast encryption algorithms and are organized in sections on block cipher analysis, applications, hash functions, block cipher proposals, correlation analysis, and design criteria for block ciphers.

This book constitutes the refereed proceedings of the International Conference 'Cryptography: Policy and Algorithms', held in Brisbane, Queensland, Australia in July 1995.Over the past few years, issues relating to cryptography policy have made headline news, particularly those concerned with the rights to privacy of the individual, who may choose to use cryptographic systems to maintain confidentiality, against the needs of legal authorities to conduct wiretapping to help combat crime. The 27 revised full contributions in this volume are devoted to both crypto policy matters and the related theory and applications of cryptographic algorithms. The volume is of relevance to cryptology researchers and professionals in industry and administration.

This book constitutes the refereed proceedings of the 5th IMA Conference on Cryptography and Coding, held in Cirencester, UK in December 1995.
The volume presents 22 full revised papers selected from 48 submissions together with five invited full papers and three abstracts on the mathematical theory and practice of cryptography and coding; continuing advances in these strongly related areas are crucial for the security and reliability of data communication, processing, and storage. Among the topics addressed are linear codes, error-correcting codes, decoding, key distribution, authentication, hash functions, block ciphers, cryptanalysis, and electronic cash.

This book contains a set of revised refereed papers selected from the presentations at the Second International Workshop on Fast Software Encryption held in Leuven, Belgium, in December 1994.
The 28 papers presented significantly advance the state of the art of software algorithms for two cryptographic primitives requiring very high speeds, namely encryption algorithms and hash functions: this volume contains six proposals for new ciphers as well as new results on the security of the new proposals. In addition, there is an introductory overview by the volume editor. The papers are organized in several sections on stream ciphers and block ciphers; other papers deal with new algorithms and protocols or other recent results.

This manual documents the outcome of the EC sponsored project RACE Integrity Primitives Evaluation (R1040), RIPE. This project is a huge joint 350 man-month project conducted by 16 leading European security experts.
This book offers expert advice to professionals seeking to secure information systems by applying up-to-date cryptographic techniques. The core of this volume is a detailed integrity primitives portfolio recommendation. Among the issues addressed are security services, integrity mechanisms, data origin authentication, entity authentication, access control, data integrity, non-repudiation, signatures, and key exchange.