ICICS 99, the Second International Conference on Information and C- munication Security, was held in Sydney, Australia, 9-11 November 1999. The conference was sponsored by the Distributed System and Network Security - search Unit, University of Western Sydney, Nepean, the Australian Computer Society, IEEE Computer Chapter (NSW), and Harvey World Travel. I am g- teful to all these organizations for their support of the conference. The conference brought together researchers, designers, implementors and users of information security systems and technologies. A range of aspects was addressed from security theory and modeling to system and protocol designs and implementations to applications and management. The conference con- sted of a series of refereed technical papers and invited technical presentations. The program committee invited two distinguished key note speakers. The ?rst keynote speech by Doug McGowan, a Senior Manager from Hewlett-Packard, USA, discussed cryptography in an international setting. Doug described the current status of international cryptography and explored possible future trends and new technologies. The second keynote speech was delivered by Sushil Ja- dia of George Mason University, USA. Sushil s talk addressed the protection of critical information systems. He discussed issues and methods for survivability of systems under malicious attacks and proposed a fault-tolerance based - proach. The conference also hosted a panel on the currently much debated topic of Internet censorship. The panel addressed the issue of censorship from various viewpoints namely legal, industrial, governmental and technical."

The4thAustralasianConferenceonInformationSecurityandPrivacywasheld attheUniversityofWollongong, Australia. Theconferencewassponsoredby theCentreforComputerSecurityResearch, UniversityofWollongong, andthe AustralianComputerSociety. Theaimoftheconferencewastobringtogether peopleworkingindi erentareasofcomputer, communication, andinformation securityfromuniversities, industry, andgovernmentinstitutions. Theconference gavetheparticipantsanopportunitytodiscussthelatestdevelopmentsinthe quicklygrowingareaofinformationsecurityandprivacy. Theprogramcommitteeaccepted26papersfrom53submitted. Fromthose accepted, thirteen papers were from Australia, two each from Belgium and China, andoneeachfromAustria, Belarus, France, India, Japan, Korea, Sin- pore, theUSA, andYugoslavia. Conferencesessionscoveredthefollowingtopics: accesscontrolandsecuritymodels, networksecurity, Booleanfunctions, group communication, cryptanalysis, keymanagementsystems, electroniccommerce, signatureschemes, RSAcryptosystems, andoddsandends. We would like to thank the members of the program committee who - nerouslyspenttheirtimereadingandevaluatingthepapers. Wewouldalsolike tothankmembersoftheorganisingcommitteeand, inparticular, ChrisCh- nes, HosseinGhodosi, MarcGysin, Tiang-BingXia, Cheng-XinQu, SanYeow Lee, YejingWang, Hua-XiongWang, Chih-HungLi, WillySusilo, ChintanShah, Je reyHorton, andGhulamRasoolChaudhryfortheircontinuousandtireless e ortinorganisingtheconference. Finally, wewouldliketothanktheauthorsof allthesubmittedpapers, especiallytheacceptedones, andalltheparticipants whomadetheconferenceasuccessfulevent. February1999 JosefPieprzyk ReiSafavi-Naini JenniferSeberry FOURTHAUSTRALASIANCONFERENCE ONINFORMATIONSECURITY ANDPRIVACY ACISP 99 Sponsoredby CenterforComputerSecurityResearch UniversityofWollongong, Australia and AustralianComputerSociety GeneralChair: JenniferSeberry UniversityofWollongong ProgramCo-Chairs: JosefPieprzyk UniversityofWollongong ReiSafavi-Naini UniversityofWollongong ProgramCommittee: ColinBoyd QueenslandUniversityofTechnology, Australia LawrieBrown AustralianDefenceForceAcademy, Australia BillCaelli QueenslandUniversityofTechnology, Australia EdDawson QueenslandUniversityofTechnology, Australia CunshengDing NationalUniversityofSingapore, Singapore DieterGollmann MicrosoftResearch, UK YongfeiHan Gemplus, Singapore ThomasHardjono BayNetworks, US ErlandJonsson ChalmersUniversity, Sweden SveinKnapskog UniversityofTrondheim, Norway KeithMartin KatholiekeUniversiteitLeuven, Belgium CathyMeadows NavalResearchLaboratory, US KaisaNyberg NokiaResearchCenter, Finland Choon-SikPark ElectronicsandTelecommunicationResearchInstitute, Korea DingyiPei AcademiaSinica, China SteveRoberts WithamPtyLtd, Australia ConferenceOrganization VII GregRose Qualcomm, Australia RaviSandhu GeorgeMasonUniversity, US Sta ordTavares Queen sUniversity, Canada VijayVaradharajan WesternSydneyUniversity, Australia YuliangZheng MonashUniversity, Australia Referees N. Asokan ZhangJiang DingyiPei YunBai ErlandJonsson JosefPieprzyk SimonBlackburn SveinKnapskog VincentRijmen ColinBoyd HuLei SteveRoberts LawrieBrown LeszekMaciaszek GregRose BillCaelli KeithMartin ReiSafavi-Naini EdDawson CathyMeadows RaviSandhu CunshengDing BillMillan RajanShankaran GaryGaskell QiMing Sta ordTavares JanuszGetta Sang-JaeMoon VijayVaradharajan DieterGollmann YiMu Kapaleeswaran MarcGysin KennyNguyen Viswanathan YongfeiHan KaisaNyberg ChuanWu ThomasHardjono Choon-SikPark YuliangZheng. TableofContents BooleanFunctions BooleanFunctionDesignUsingHillClimbingMethods WilliamMillan, AndrewClark, andEdDawson. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 EnumerationofCorrelationImmuneBooleanFunctions SubhamoyMaitraandPalashSarkar. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 OntheSymmetricPropertyofHomogeneousBooleanFunctions ChengxinQu, JenniferSeberry, andJosefPieprzyk. . . . . . . . . . . . . . . . . . . . . . . . 26 KeyManagement PubliclyVeri ableKeyEscrowwithLimitedTimeSpan KapaliViswanathan, ColinBoyd, andEdDawson. . . . . . . . . . . . . . . . . . . . . . . . . 36 AcceleratingKeyEstablishmentProtocolsforMobileCommunication SeungwonLee, Seong-MinHong, HyunsooYoon, andYookunCho. . . . . . . . . 51 ConferenceKeyAgreementfromSecretSharing Chih-HungLiandJosefPieprzyk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Cryptanalysis Onm-PermutationProtectionSchemeAgainstModi cationAttack W. W. FungandJ. W. Gray, III. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 InversionAttackandBranching JovanDj. Golic, AndrewClark, andEdDawson . . . . . . . . . . . . . . . . . . . . . . . . . . 88 Signatures Fail-StopThresholdSignatureSchemesBasedonEllipticCurves WillySusilo, ReiSafavi-Naini, andJosefPieprzyk. . . . . . . . . . . . . . . . . . . . . . . 103 DivertibleZero-KnowledgeProofofPolynomialRelationsand BlindGroupSignature KhanhQuocNguyen, YiMu, andVijayVaradharajan. . . . . . . . . . . . . . . . . . . . 117 RepudiationofCheatingandNon-repudiationof Zhang sProxySignatureSchemes HosseinGhodosiandJosefPieprzyk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 X TableofContents RSACryptosystems OntheSecurityofanRSABasedEncryptionScheme SigunaMul ]ler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135 GeneralisedCyclingAttacksonRSAandStrongRSAPrimes MarcGysinandJenniferSeberry. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 RSAAccelerationwithFieldProgrammableGateArrays AlexanderTiountchikandElenaTrichina. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 GroupCryptography ChangingThresholdsintheAbsenceofSecureChannels KeithM. Martin, JosefPieprzyk, ReiSafavi-Naini, andHuaxiongWang . 177 ASelf-Certi edGroup-OrientedCryptosystemWithoutaCombiner ShahrokhSaeedniaandHosseinGhodosi . . . . . . . . . . . . . . . . . . . .

The Department of Electrical Engineering-ESAT at the Katholieke Universiteit Leuven regularly runs a course on the state of the art and evolution of computer security and industrial cryptography. The rst course took place in 1983, the second in 1989, and since then the course has been a biennial event. The course is intended for both researchers and practitioners from industry and government. It covers the basic principles as well as the most recent - velopments. Our own interests mean that the course emphasizes cryptography, but we also ensure that the most important topics in computer security are covered. We try to strike a good balance between basic theory and real-life - plications, between mathematical background and judicial aspects, and between recent technical developments and standardization issues. Perhaps the greatest strength of the course is the creation of an environment that enables dialogue between people from diverse professions and backgrounds. In 1993, we published the formal proceedings of the course in the Lecture Notes in Computer Science series (Volume 741). Since the el d of cryptography has advanced considerably during the interim period, there is a clear need to publish a new edition. Since 1993, several excellent textbooks and handbooks on cryptology have been published and the need for introductory-level papers has decreased. The growth of the main conferences in cryptology (Eurocrypt, Crypto, and Asiacrypt) shows that interest in the eld is increasing

This book constitutes the thoroughly revised post-conference proceedings of the Second International Conference on Financial Cryptography, FC '98, held in Anguilla, British West Indies, in February 1998.
The 28 revised papers presented were carefully selected and improved beyond the versions presented at the meeting. The book presents the state of the art in research and development in financial cryptography and addresses all current topics such as electronic payment systems, digital cash, electronic commerce, digital signatures, payment transactions, revocation and validation, WWW commerce, trust management systems, and watermarking.

ASIACRYPT'98, the international conference covering all aspects of theory and application of cryptology and information security, is being held at Beijing Friendship Hotel from October 18 to 22. This is the fourth of the Asiacrypt conferences. ASIACRYPT'98 is sponsored by the State Key Laboratory of Information Security (SKLOIS), University of Science and Technology of China (USTC), and the Asiacrypt Steering Committee (ASC), in cooperation with the International Association for Cryptology Research (IACR). The 16-member Program Committee organized the scientific program and considered 118 submissions. Of these, 32 were accepted for presentation. The authors' affiliations of the 118 submissions and the 32 accepted papers range over 18 and 13 countries or regions, respectively. The submitted version of each paper was sent to all members of the Program Committee and was extensively examined by at least three committee members and/or outside experts. The review process was rigorously blinded and the anonymity of each submission are maintained until the selection was completed. We followed the traditional policy that each member of the Program Committee could be an author of at most one accepted paper. These proceedings contain the revised versions of the 32 contributed talks as well as a short note written by one invited speaker. Comments from the Program Committee were taken into account in the revisions. However, the authors (not the committee) bear full responsibility for the contents of their papers.

This book constitutes the refereed proceedings of the 18th Annual International Cryptology Conference, CRYPTO'98, held in Santa Barbara, California, USA, in August 1998. The book presents 33 revised full papers selected from a total of 144 submissions received. Also included are two invited presentations. The papers are organized in topical sections on chosen ciphertext security, cryptanalysis of hash functions and block ciphers, distributed cryptography, zero knowledge, and implementation.

This book constitutes the refereed proceedings of the Third Australasian Conference on Information Security and Privacy, ACISP'98, held in Brisbane, Australia, in Kuly 1998.
The volume presents 35 revised full papers selected from a total of 66 submissions; also included are two invited contributions. The book is divided in sections on network security, block ciphers, stream ciphers, authorization codes and Boolean functions, software security and electronic commerce, public key cryptography, hardware, access control, protocols, secret sharing, and digital signatures.

This book constitutes the strictly refereed post-workshop proceedings of the First International Workshop on Information Security, ISW'98, held in Tatsunokuchi, Ishikawa, Japan, in September 1997. The volume presents six invited surveys together with 25 thoroughly revised full papers selected from 39 submissions. Among the topics covered are public-key cryptosystems, cryptoanalysis, digital signatures, hardware/software implementation, key management, key sharing, security management, electronic commerce, and quantum cryptology.

This book constitutes the strictly refereed post-proceedings of the First International Conference on Financial Cryptography, FC '97, held in Anguilla, BWI, in February 1997.
The 31 revised contributions presented were carefully reviewed and revised for inclusion in the book. The book provides a unique synopsis on financial cryptography, taking into account the views and ideas of cryptographers, security experts, computer hackers, lawyers, bankers, journalists and administrative professionals. The papers cover the whole spectrum of the security of financial transactions or digital commerce in general, ranging from pure cryptosystems to the technology of electronic money to legal and regulatory policy issues.

This book constitutes the refereed proceedings of the 1998 International Conference on the Theory and Application of Cryptographic Techniques, EUROCRYPT '98, held in Espoo, Finland, in May/June 1998.
The book presents 44 revised full papers selected from a total of 161 submissions. The papers are organized in sections on distributed cryptography, complexity, cryptanalysis of block ciphers, computational algorithms, paradigms for symmetric systems, public key cryptosystems, multi-party computation, digital signatures, Boolean functions, combinatorial design and analysis, elliptic curve systems, and electronic commerce and payment.

This volume constitutes the strictly refereed post-workshop proceedings of the Fourth International Workshop on Fast Software Encryption, FSE'97, held in Haifa, Israel, in January 1997.
The 23 full papers presented were carefully selected from 44 submissions and revised for inclusion in the book. Also contained is a summary of a panel discussion. The papers are organized in sections on cryptanalysis, blockciphers, stream ciphers, message authentication codes, modes of operation, and fast software encryption. Particular emphasis is placed on applicability and implementation issues of fast cryptography.

Matters of privacy have profoundly changed since electronic storage of information has become the norm. Consequently, policy-makers and legislators are trying to keep up with privacy challenges in the workplace, in healthcare, in surveillance, and on social networking sites. With Privacy: Defending an Illusion, Martin Dowding fills a very important gap in policy analysis and the teaching of privacy issues at the senior undergraduate and early graduate student level. In the first section of this book, Dowding recounts historical interpretations of privacy in a wide variety of socio-cultural circumstances. In the second section, the author addresses how information and communication technologies have changed our conceptions about privacy and redirected our focus from keeping information private to sharing it with many more people than we would have even a few years ago. Dowding also examines a variety of possible options for the future of privacy. The appendixes include seminal readings on relevant topics that should encourage debates about the nature of privacy and its problems. Overall, this book provides a solid background for defining and understanding privacy in a wide variety of contexts.

Fast Software Encryption (FSE) is an annual research workshop devoted to the promotion of research on classical encryption algorithms and related cryp- graphic primitives such as hash functions. When public key cryptography started to receive wide attention in the 1980s, the much older and more basic art of secret key cryptography was sidelined at many research conferences. This motivated Ross Anderson to organise the rst FSE in Cambridge, England in December 1993; subsequent workshops followed at Leuven, Belgium (December 1994), Cambridge again (February 1996), and Haifa, Israel (January 1997). These proceedings contain the papers due to be presented at the fth FSE workshop in March 1998 at the Hotel du Louvre in Paris. This event is organized by the Ecole Normale Superieure and the Centre National pour la Recherche S- enti que (CNRS) in cooperation with the International Association for Cryp- logic Research (IACR), and has attracted the kind support of Gemplus and Microsoft, the world leaders in smart cards and software { two domains very closely connected to our research concerns.

This book constitutes the strictly refereed post-workshop proceedings of the 5th International Workshop on Security Protocols, held in Paris, France, in April 1997. The 17 revised full papers presented address all current aspects of security protocols. Among the topics covered are secure distribution of knowledge, electronic voting systems, secure Internet transactions, digital signatures, key exchange, cryprographic protocols, authentication, threshold systems, secret sharing, ect.

EUROCRYEVr '97, the 15th annual EUROCRYPT conference on the theory and application of cryptographic techniques, was organized and sponsored by the International Association for Cryptologic Research (IACR). The IACR organizes two series of international conferences each year, the EUROCRYPT meeting in Europe and CRWTO in the United States. The history of EUROCRYFT started 15 years ago in Germany with the Burg Feuerstein Workshop (see Springer LNCS 149 for the proceedings). It was due to Thomas Beth's initiative and hard work that the 76 participants from 14 countries gathered in Burg Feuerstein for the first open meeting in Europe devoted to modem cryptography. I am proud to have been one of the participants and still fondly remember my first encounters with some of the celebrities in cryptography. Since those early days the conference has been held in a different location in Europe each year (Udine, Paris, Linz, Linkoping, Amsterdam, Davos, Houthalen, Aarhus, Brighton, Balantonfiired, Lofthus, Perugia, Saint-Malo, Saragossa) and it has enjoyed a steady growth, Since the second conference (Udine, 1983) the IACR has been involved, since the Paris meeting in 1984, the name EUROCRYPT has been used. For its 15th anniversary, EUROCRYPT finally returned to Germany. The scientific program for EUROCRYPT '97 was put together by a 18-member program committee whch considered 104 high-quality submissions. These proceedings contain the revised versions of the 34 papers that were accepted for presentation. In addition, there were two invited talks by Ernst Bovelander and by Gerhard Frey.

This book constitutes the refereed proceedings of the 6th International Conference on Cryptography and Coding held at the Institute of Mathematics and its Applications (IMA) in Cirencester, UK, in December 1997. The 35 revised full papers presented emphasize the links and commonality between the underlying mathematical bases and algorithmic foundations of cryptography, error control coding and digital signal processing devices available today. Besides classical crypto topics, other issues concerning information transmission and processing are addressed, such as multiple-access coding, image processing, synchronization and sequence design.

This book constitutes the refereed proceedings of the International Workshop on Security Protocols held in Cambridge, UK, in April 1996, in the context of the special program on computer security, cryptology, and coding theory at the Isaac Newton Institute.
The 17 revised full papers and one abstract included in the book were carefully selected. Among the topics addressed are several types of public key cryptosystems, digital cash, electronic commerce, digital signatures, and visual cryptography. Besides original theoretical results, the collection of papers show a strong applications-oriented component.

This book constitutes the refereed proceedings of the First International Conference on Information and Communication Security, ICICS '97, held in Beijing, China in November 1997.
The 37 revised full papers presented were selected from a total of 87 submissions. Also included are 11 short papers. The book is divided in sections on theoretical foundations of security, secret sharing, network security, authentication and identification, Boolean functions and stream ciphers, security evaluation, signatures, public key systems, cryptanalysis of public key systems, subliminal channels, key recovery, intellectual property protection, protocols, and electronic commerce.

This book constitutes the strictly refereed post-workshop proceedings of the First International Workshop on Information Hiding, held in Cambridge, UK, in May/June 1996, within the research programme in computer security, cryptology and coding theory organized by the volume editor at the Isaac Newton Institute in Cambridge.
Work on information hiding has been carried out over the last few years within different research communities, mostly unaware of each other's existence. The 26 papers presented define the state of the art and lay the foundation for a common terminology. This workshop is very likely to be seen at some point as one of those landmark events that mark the birth of a new scientific discipline.

This book constitutes the thoroughly refereed post-conference proceedings of the First Australiasian Conference on Information Security and Privacy, ACISP '96, held in Wollongong, NSW, Australia, in June 1996.
The volume includes revised full versions of the 26 refereed papers accepted for presentation at the conference; also included are three invited contributions. The papers are organized in topical sections on authentication, secret sharing, encryption and cryptographic functions, authentication protocols, stream ciphers, access control, security models and intrusion detection, threshold cryptography, and hashing.

The safe and secure operation ofcomputer systems continues to be the major issue in many applications where there is a threat to people, the environment, investment or goodwill. Such applications include medical devices, railway signalling, energy distribution, vehicle control and monitoring, air traffic control, industrial process control, telecommunications systemsand manyothers. This book represents the proceedings of the 16th International Conference on Computer Safety, Reliability and Security, held in York, UK, 7-10 September 1997. The conference reviews the state ofthe art, experience and new trends in the areas of computer safety, reliability and security. It forms a platform for technology transfer between academia, industry and research institutions. In an expanding world-wide market for safe, secure and reliable computer systems SAFECOMP 97 provides an opportunity for technical developers, users and legislators to exchange and review the experience, to consider the best technologies now available and to identify the skills and technologies required for the future. The papers were carefully selected by the Conference International Programme Committee. The authors of the papers come from twelve different countries. The subjects covered include safe software, safety cases, management & development, security, human factors, guidelines standards & certification, applications & industrial experience, formal methods & models andvalidation, verification and testing. SAFECOMP '97 continues the successful series of SAFECOMP conferences first held in 1979 in Stuttgart. SAFECOMP is organised by the European Workshop on Industrial Computer Systems, Technical Committee 7 on Safety, Security and Reliability (EWICS TC7).

This book constitutes the strictly refereed proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security, ASIACRYPT '96, held in Kyongju, Korea, in November 1996.
The 31 revised full papers presented together with three invited contributions were carefully selected from a total of 124 submissions. The papers are organized in topical sections on discrete log based systems, efficient algorithms, hash functions and block cyphers, cryptographic protocols, signature and identification, visual secret sharing, key distribution, Boolean functions, electronic cash, special signatures, stream ciphers, and hard problems.

This book constitutes the refereed proceedings of the 4th European Symposium on Research in Computer Security, ESORICS '96, held in Rome, Italy, in September 1996 in conjunction with the 1996 Italian National Computer Conference, AICA '96.
The 21 revised full papers presented in the book were carefully selected from 58 submissions. They are organized in sections on electronic commerce, advanced access control models for database systems, distributed systems, security issues for mobile computing, network security, theoretical foundations of security, and secure database architectures.

Privacy-Preserving Machine Learning is a practical guide to keeping ML data anonymous and secure. You'll learn the core principles behind different privacy preservation technologies, and how to put theory into practice for your own machine learning. Complex privacy-enhancing technologies are demystified through real world use cases forfacial recognition, cloud data storage, and more. Alongside skills for technical implementation, you'll learn about current and future machine learning privacy challenges and how to adapt technologies to your specific needs. By the time you're done, you'll be able to create machine learning systems that preserve user privacy without sacrificing data quality and model performance. Large-scale scandals such as the Facebook Cambridge Analytic a data breach have made many users wary of sharing sensitive and personal information. Demand has surged among machine learning engineers for privacy-preserving techniques that can keep users private details secure without adversely affecting the performance of models.

This book constitutes the refereed proceedings of the Second Asian Conference on Computing Science, ASIAN'96, held in Singapore in December 1996.
The volume presents 31 revised full papers selected from a total of 169 submissions; also included are three invited papers and 14 posters. The papers are organized in topical sections on algorithms, constraints and logic programming, distributed systems, formal systems, networking and security, programming and systems, and specification and verification.