IACR Newsletter The newsletter of the International Association for Cryptologic Research. Vol. 26, No. 2, Autumn 2011, (Publication date: 25 November 2011). To avoid problems with spam filters, most links were omitted in this sending. You find a version with all links at http://www.iacr.org/newsletter/v26n2/ Contents * New News Service available * Upcoming Events * Message from the President * IACR Elections 2011 / Result * Distinguished Lectures 2012 & 2013 * Service to members and the cryptographic community * Conference Announcements * Reports on past events * Book Reviews * List of books for review * Cryptology ePrint Archive: Top 20 Downloads New News Service available Stay tuned with latest news from the IACR! This includes new events, jobs, IACR elections, books & book reviews, and further news. They are all bundled at one web-site. In addition, you can get them sent to you as eMail or access them via Twitter and RSS. Central overview page: http://www.iacr.org/news/. Upcoming Events IACR Conferences * Asiacrypt 2011, December 4-8, 2011, Seoul, Korea. * Eurocrypt 2012, April 15-19, 2012, Cambridge, UK. * Crypto 2012, August 19-23, 2012, Santa Barbara, USA. * Asiacrypt 2012, December 2-06, 2012, Beijing, China. * Crypto 2013, August 19-23, 2013, Santa Barbara, CA, USA. IACR Workshops * Ninth Theory of Cryptography Conference (TCC 2012), March 18-March 21, 2012, Taormina, Italy. * 19th International Workshop on fast software encryption (FSE 2012), March 19-March 21, 2012, Washington, USA. * 15th Conference on Practice and Theory in Public Key Cryptography (PKC 2012), May 21-May 23, 2012, Darmstadt, Germany. * 14th International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2012), September 9-September 12, 2012, Leuven, Belgium. Events in cooperation with IACR * The 10th International Conference on Cryptology and Network Security (CANS 2011),December 10-12, 2011, Sanya, China. * Fifth international conference on Cryptology, Africacrypt 2012 (Africacrypt 2012), July 10-12, 2012, Marrakech, Morocco. Further events can be found here. You can also add your events or calls for special issues of journals there. Message from the President The 2011 elections have just been completed. I would like to use this occasion to congratulate the three elected Directors (Josh Benaloh, Shai Halevi, and Nigel Smart) and to thank all the candidates, the election committee (Serge Vaudenay, Greg Rose, and Martijn Stam) as well as Ben Adida and the Helios team. I am very pleased with the record participation rate and I would like to encourage the cryptographic community to continue the research on improving our election systems. The IACR board has appointed Abi Shelat (University of Virginia) for a three-year team as Membership Secretary starting in January 2012. I would like to thank Abi for accepting his nomination and Shai for his outstanding service as Membership Secretary during the past six years. The IACR Board is taking further steps to move away from paper publications. Today you can opt out for the paper copies of the Journal of Cryptology and in 2012 the conferences and workshops will transition to an opt-in approach for paper copies of the proceedings. It has also been decided that in the next years we will switch to open access for our proceedings with as goal to make our scientific work available to a broader audience. I would like to conclude by thanking all the volunteers of the IACR community: it is a real pleasure to work with all you. I would also like to encourage all of you to share your views, concerns and ideas with the Board Members and to contribute to the cryptologic community. Here goes something IACR Elections 2011 / Result The 2011 election was held to fill three of nine IACR Director positions. The term of the following three directors expires by the end of 2011: Josh Benaloh, Stuart Haber, and Antoine Joux. This year, we had six candidates: Josh Benaloh, Alexandra Boldyreva, Shai Halevi, Phong Nguyen, Tom Shrimpton, and Nigel Smart (see below). Voting IACR members were invited to cast their votes between October 1 and November 15, 2011. The vote was run electronically by the heliosvoting.org service. This year, IACR switched to "approval voting", meaning that each voter could vote for as many candidates as they desire (but only once for each candidate). We had 1484 eligible voters. We collected 621 ballots, giving a record participation rate of 41.8%. The tallies are * 339: Shai Halevi * 328: Nigel Smart * 291: Josh Benaloh * 266: Phong Nguyen * 234: Alexandra Boldyreva * 188: Tom Shrimpton The three elected directors are Shai Halevi, Nigel Smart, and Josh Benaloh. They are marked in bold above. Their term will run until 2014. The election committee would like to thank all candidates for their participation, to congratulate the three elected directors, and to warmly thank Ben Adida for his help in running the helios system. The election committee: Serge Vaudenay (Chair), Greg Rose, and Martijn Stam. Distinguished Lectures 2012 & 2013 Dan Boneh will hold the IACR Distinguished Lecture 2012 at Asiacrypt in Beijing, China. We are looking forward to his talk! Eli Biham will hold the IACR Distinguished Lecture 2013 at Eurocrypt in Athens, Greece. We are looking forward to his talk! Title and abstract of both talks will be posted on the IACR web site close in time to the corresponding talk. Service to members and the cryptographic community Among others, IACR offers the following benefits: a. IACR Reading Room b. Open Positions c. ePrint d. IACR Archive e. News Service a. Springer operates the so-called "IACR reading room". You can have online access to the online proceedings of IACR workshops and the Journal of Cryptology. If you don't have access yet, follow the following link b. IACR provides a listing of open positions with a focus on cryptology. The listing is available on the Web here and kept up to date on a weekly basis. c. The Cryptology ePrint Archive provides rapid access to recent research in cryptology. Papers have been placed here by the authors and did not undergo any refereeing process other than verifying that the work seems to be within the scope of cryptology and meets some minimal acceptance criteria and publishing conditions. d. The proceedings of some conferences past are made available by the IACR in an archive. The copyright for these papers is held by the IACR. e. News from the cryptographic community such as events, jobs, books & their reviews are available at the News Service. It is also posted through RSS, eMail and Twitter. Conference Announcements Africacrypt 2012, Ifrane, Morocco, 10-12 July 2012 After four successful Africacrypt conferences (Dakar Senegal 2011; Stellenbosch, South Africa 2010 ; Gammarth, Tunis, Tunisia, 2009; and Casablanca, Morocco 2008), the fifth edition of Africacrypt (http://www.aui.ma/africacrypt2012) will take place at Al Akhawayn University in Ifrane, Morocco, 10-12 July 2012, whereby establishing a tradition in the science of cryptology and related disciplines in the African continent. Beyond providing an international forum for practitioners and researchers from industry, academia, and government from all over the world, the conference aims at the promotion of cryptography research in Africa, especially among your African researchers. Located in the middle of the Atlas mountains, and at the cross road of major imperial cities, the venue for this edition, that is Ifrane, Morocco, is synonymous of a social program as rich as the scientific program. Papers must be submitted electronically. More instructions are available in the call for papers. Important dates: * Submission: Jan. 5, 2012, 1pm UTC * Notification: Apr. 2, 2012 Reports on Past Events Crypto 2011, August 14-18, 2011 in Santa Barbara, USA Crypto 2011 was held on the campus of the University of California, Santa Barbara, from August 14-18. The Program Chair was Phillip Rogaway, and the General Chair was Thomas Shrimpton. A total of 230 papers were submitted. Of these, 43 were accepted (two were merged in the program), with the paper "Computer-Aided Security Proofs for the Working Cryptographer", by Gilles Barthe, Benjamin Gregoire, Sylvain Heraud, and Santiago Zanella Beguelin, selected to receive the Best Paper award by the program committee. The IACR Distinguished Lecture, entitled "Illegitimi Non Carborundum", was delivered by Ron Rivest. Roger Dingledine also give an invited talk, "Tor and Circumvention: Lessons Learned". Shai Halevi provided a tutorial lecture on fully homomorphic encryption. Almost all of the talks --regular, tutorial, invited and distinguished-- were video recorded. These videos, along with the authors' slides, will soon be available from the conference program webpage. (Some videos are already available on YouTube.) Dan Bernstein and Tanja Lange organized and co-chaired yet another entertaining Rump Session . Attendance at Crypto 2011 was quite high, with 412 registered attendees, up from 335 at Crypto 2009, and not far off from the 451 that attended the collocated Crypto/CHES2010. The Program Committee's excellent, broader than usual program was likely the cause for the jump in attendance. Generous donations from Qualcomm, Microsoft Research and Voltage Security, as well as continuing support from the Marconi Fund for Student Authors, were used to provide registration waivers and travel support for 42 students. The Chairs of Crypto 2011 are very grateful for the terrific work of Sally Vito and the UCSB conference services staff. Public Key Cryptography 2011 (PKC), March 6-9, 2011, Taormina, Italy The 14th IACR International Conference on Practice and Theory of Public Key Cryptography (PKC'11) was held at the Hotel "Villa Diodoro" in Taormina, Italy, on March 6--9, 2011. The organizing committee included Rosario Gennaro (Program Chair), Nelly Fazio and Antonio Nicolosi (General co-Chairs), and Dario Catalano (Local Arrangements Chair). The technical program featured 28 papers selected from 103 submissions, along with an invited lecture on "New Developments in Leakage-Resilient Cryptography" by Vinod Vaikuntanathan of Microsoft Research. The conference attracted 87 delegates (including 21 students) from 21 countries, mainly from Europe (50), Asia (17), North America (16). The social program included an optional excursion to attend the closing day of the local carnival celebrations (allegorical floats, costumed groups, fireworks and the burning of King Carnival). The generous support of the conference sponsors was also an important factor for the success of the event, and is gratefully acknowledged. Theory of Cryptography Conference 2011 (TCC), March 28-30, 2011, Providence, RI, USA TCC 2011 took place from March 28 to March 30, 2011, at Brown University, Providence, RI, USA. The general chair was Anna Lysyanskaya and the program chair was Yuval Ishai. This was the eighth edition of TCC. There were 110 registered participants; 50 of them were students. Most of the participants stayed in hotels in downtown Providence; a block of rooms was arranged for TCC at the Hampton Inn and at the Biltmore. Although the conference venue was only a 20-minute walk from the hotels, the conference provided a shuttle to and from the venue that made several roundtrips in the morning and then several more after the talks ended. The full registration amount was $272, while the student rate was $136. The IACR membership fee was an additional $70 full and $35 student, but it only applied to those participants who had not attended another IACR meeting this year. Each participant received a copy of the proceedings. The program consisted of 35 papers, selected from 108 submissions; two invited talks, by Luca Trevisan and Rafael Pass; and the rump session, chaired by Tal Malkin. Cryptographic Hardware and Embedded Systems (CHES) 2011, Nara, Japan, Sept 28-Oct 1 CHES 2011 was held at Todai-ji Cultural Center, Nara, Japan, from September 28 to October 1, 2011. The program co-chairs were Bart Preneel and Tsuyoshi Takagi, and the general chair was Akashi Satoh. CHES 2011 received 119 submissions from 26 different countries, and 32 papers were selected for publication in the proceedings. Two invited talks were given by Tetsuya Tominaga (NTT) and Ernie Brickell (Intel) on the topics "Standardization Works for Security of Electromagnetic Environment" and "Technologies to Improve Platform Security", respectively. The conference banquet and the rump session were held at Hotel Nikko Nara on Friday evening. The best paper award was also presented during the banquet to Michael Hutter and Erich Wenger for their work "Fast Multi-Precision Multiplication for Public-Key Cryptography on Embedded Microprocessors". All presentation slides for the technical sessions including the invited talks and the rump session can be found on the workshop website at http://www.iacr.org/workshops/ches/ches2011/program.html and http://www.iacr.org/workshops/ches/ches2011/rump.html, respectively. The workshop ended successfully on October 1, having attracted 315 participants (60 being students), from 27 countries, mainly from Asia (162), Europe (98) and North America (47). We thank the sponsors for their generous support and contributions to the success of CHES 2011. Africacrypt 2011, July 5-7, 2011 in Dakar, Senegal. The 4th International Conference on the Theory and Application of Cryptographic Techniques in Africa, AFRICACRYPT 2011, held July 5-7, 2011 in Dakar, Senegal. The Program Committee, aided by reports from 52 external reviewers, produced a total of 240 reviews in all. The 23 papers presented were carefully reviewed and selected from 76 submissions. They are organized in 10 topical sections on protocols, cryptanalysis, secret-key cryptography, efficient implementations, cryptographic schemes, algorithmic problems, elliptic curves, fault analysis, and security proofs. The program was completed with 3 invited talks by: * Jens Groth on "Efficient Zero-Knowledge Proofs" * Tatsuaki Okamoto on "Some Key Techniques on Pairing Vector Spaces" and * Bart Preneel on "The NIST SHA-3 Competition: A Perspective on the Final Year" The general chair was Mamadou Sanghare and the general co-chair was Djiby Sow. The program chair was David Pointcheval and the program co-chair was Abderrahmane Nitaj. The African paper entitled "On randomness extraction in elliptic curves" written by Abdoul Aziz Ciss and Djiby Sow was accepted as one of the best papers. The venue was at the AUF conference center next of Dakar University. There was about 90 attendees most of which stayed in hotels near the conference center (Djollof Hotel, Terroubi Hotel and University Hotel). The rump session was organized during the gala diner on the Wednesday at Terroubi Hotel. It was chaired by Peter Schwabe. The registration fee for normal attendees was 350 Euros (and 300 euros for PhDs students). General chair was Mamadou Sanghare, general co-chair was Djiby Sow. SECRYPT 2011 - The International Conference on Security and Cryptography July 18-21, 2011, University of Seville, Spain. SECRYPT 2011 was integrated in ICETE (International Conference on e-Business and Telecommunications) a joint conference combining six complementary conferences, namely DCNET, ICE-B, OPTICS, SECRYPT, SIGMAP and WINSYS, covering a broad range of related fields, including data communication networking, e-business, optical communication systems, security processing and multimedia applications, and wireless networks. This year SECRYPT received 160 submissions. After a strict selection process, the SECRYPT program included 22 papers as full papers (13.75% of submissions) and 16 as short papers (10% of submissions). Additionally, 20 papers were accepted for poster presentation. With these acceptance ratios, SECRYPT 2011 continues the tradition of previous conferences, a quality conference with high caliber. The best papers of SECRYPT will be invited to appear in a post-conference book that will be published by Springer-Verlag composed by a selection of papers from ICETE. In addition to the presentation sessions, SECRYPT 2011 included four outstanding keynote lectures, which are relevant to today’s lines of research and technical innovation. These talks were presented by internationally distinguished researchers, namely: Han-Chieh Chao, National Ilan University, Taiwanâ€� WiMAX?- A Case Study on Minimizing Construction Cost for IEEE 802.16j Multi-hop Relay Networks “, by Vincenzo Piuri, Università degli Studi di Milano, Italy “Biometrics Privacy: Technologies and Applicationsâ€�, by Enrique Cabello, University Rey Juan Carlos, Spain “Face Biometrics without Intrusion in Airportâ€� and by Winfried Lamersdorf, University of Hamburg, Germany “Paradigms of Distributed Software Systems: Services, Processes, and Self-Organizationâ€� who helped enhancing the overall quality of this conference with their contributions. The papers were organized in 15 sessions ranging the hot topics of nowadays such as statistics and stochastic processes to coding, from detection and estimation to Shannon theory, from data compression to data networks and systems security, cryptography, as well as many other topics. The organizing committee included the ICETE conference co-Chairs Prof. Mohammad S. Obaidat, Monmouth University, USA and Professor José Sevillano, University of Seville, Spain and the SECRYPT program chairs Prof. Pierangela Samarati, Università degli Studi di Milano, Italy and Prof. Javier Lopez, University of Malaga, Spain. SECRYPT 2011 was sponsored by INSTICC (The Institute for Systems and Technologies of Information, Control and Communication) and technically co-sponsored by IEEE- Institute of Electrical and Electronics Engineers and IEEE Systems Council. The conference was held in cooperation with IACR (International Association for Cryptologic Research), IEICE (The Institute of Electronics, Information and Communication Engineers), SWIM (IEICE Special Interest Group on Software Interprise Modelling), ATI (Associación de Técnicos de Informática), CEPIS( Council of European Professional Informatics Societies), FIDETIA (Fundación para la Investigación y el Desarollo de las TecnologÃas de la Información en AndalucÃa), INES (Iniciativa Española de Software y Servicios), ACM SIGMIS (Special Interest Group on Management Information Systems), ACM SIGSAC (Special Interest Group on Security, Audit and Control), ACM SIGMM (Special Interest Group on Multimedia). Regarding the best paper award, SECRYPT has recognized the paper, "BYTE SLICING GRØSTL - Optimized Intel AES-NI and 8-bit Implementations of the SHA-3 Finalist Grøstl" from Kazumaro Aoki, Günther Roland, Yu Sasaki and Martin Schläffer as the best paper of the conference. As the best Student Paper Award, SECRYPT acknowledged the paper untitled “A Method for Flexible Reduction over Binary Fields Using a Field Multiplierâ€� by Saptarsi Das, Keshavan Varadarajan, Ganesh Garga, Rajdeep Mondal, Ranjani Narayan and S. K. Nandy as the best student paper presented at the conference. The 18th International Conference on Selected Areas in Cryptography, August 11-12, 2011, Ryerson University Toronto, Ontario, Canada SAC 2011 was held August 11?12, 2011 in the Department of Computer Science, Ryerson University, Toronto, Canada. There were 72 participants from 18 countries. Moreover, the conference had received 92 submissions out of which 23 were accepted. The reception took place the night before the conference started and the banquet dinner, which was held on the first night of the conference, was located in The Trillium Ballroom of the Atlantis Pavilions, a spectacular site on the waterfront of Lake Ontario. A digital version of the pre-proceedings was provided to the attendees and was also available online on the website of the conference. Revised versions of the accepted papers, along with two invited papers, are going to appear in the proceedings of the conference published by Springer. Kristin Lauter from Microsoft Research and Alfred Menezes from University of Waterloo delivered two invited talks on the topics of `Cryptographic Techniques for Securing the Cloud' and `Another Look at Tightness', respectively. The co-chairs were Ali Miri and Serge Vaudenay, and the publicity and publication chair was Atefeh Mashatan who wish to gratefully acknowledge the sponsors of SAC 2011, including the Faculty of Engineering, Architecture, and Science and the Department of Computer Science Ryerson University, Fields Institute, and Certicom, for their enthusiastic and generous support. Fault Diagnosis and Tolerance in Cryptography Workshop (FDTC 2011), September 28, 2011, Nara, Japan (ICW) FDTC 2011 was held in Nara, on the 28-th of September 2011. The workshop attracted 117 participants from 10 countries, in descending order, from Asia, Europe and North America. The technical program included 12 papers: two invited presentations, and 10 regular papers, categorized into four sessions, that were selected from 18 submissions. Each paper was reviewed by at least 3 reviewers and detailed discussions were later conducted to reach final decisions. Most of the presentation slides for the technical sessions are now available on the workshop website. The workshop proceedings were published by IEEE CS Press and will soon be available on the IEEE Digital Library. Ingrid Verbauwhede from Leuven University (Belgium) and Rob Bekkers from Brightsight (The Netherlands), delivered the two invited lectures on the topics "The Fault Attack Jungle – A Classification Model to Guide You" and "Fault Injection – A Fast Moving Target in Evaluations," respectively. Junko Takahashi from NTT (Japan) and Sylvain Guilley from Telecom ParisTech (France), were the program co-chairs. David Naccache from Ecole Normale Supérieure (France) was the invited presentations chair. We thank the sponsors for their generous support and contributions to the success of the conference, as well as Akashi Satoh for his continuous support of FDTC, and Tetsuya Izu and Yumi Sakemi for their tremendous help with the local arrangements. International Conference on Security Aspects in Information Technology, High-Performance Computing and Networking (InfoSecHiComNet 2011), October 19-22, 2011, Haldia, India InfoSecHiComNet 2011 took place between October 19 to October 22, 2011, in India. The program was organised by Marc Joye, Debdeep Mukhopadhyay and Michael Tunstall, while the local organisation was done by Debasis Giri. The general chairs of the conference were P.K. Saxena and P.D. Srivastava. The proceedings were published as part of the Lecture notes in Computer Science by Springer. A large amount of submissions were recieved. In total there were, 112 submission. Of these, 14 were accepted to be included in the conference. There were six invited talks, given by Jorn-Marc Schmidt, Ingrid Verbauwhede, Benedikt Gierlich, Saibal Pal, Palash Sarkar, and Sanjay Burman. In addition three tutorials were presented, by Abhijit Das, C. Pandurangan and Michael Tunstall, each of duration of three hours. We expect that this conference will be repeated under the less general theme of "Cryptography and Cryptographic Engineering", which we hope will help encourage cryptography research in India. This conference is expected to complement CHES, since the number of submissions generally received by CHES demonstrates the popularity of research into topics related to cryptographic engineering. The intention is also to hold conferences that will not be in direct conflict with Indocrypt. Book Reviews The following reviews are intended to help the IACR members and also the wider community to buy books in the area of cryptology and related areas. If you have any questions regarding the IACR book reviewing system, or would like to volunteer a review, please contact Axel Poschmann (Nanyang Technological University, Singapore) via books at iacr.org. In the latter case, first check the list of reviewable books if your favourite book is still available. At the moment, this list contains books of Cambridge University Press, Taylor & Francis and Springer whose support we hereby gratefully acknowledge. Since July 2011, we have many new titles available! In general, new books will be added around January and July to these lists. An updated list of book reviews can be found on the IACR-website. Below are the abstracts of all reviews added since the last newsletter was sent out. You can access the full list via the following link. Below you find the 22 new reviews available since the last edition of the newsletter. * Ali A. Ghorbani, Wei Lu and Mahbod Tavallaee: "Network Intrusion Detection and Prevention", 2010: The book provides an academic overview of numerous topics related to the theory of network intrusion detection systems. Researchers in the field may find it useful as an annotated guide through the research literature. Others are likely to find it to be less valuable. Publisher: Springer. ISBN: 978-0-387-88770-8 Review written by Mark Daniel (Envieta LLC, USA). (Date: 2011-11-16) * Alexander W. Dent and Yuliang Zheng: "Practical Signcryption", 2010: This book starts from the root of signcryption and covers the latest developments including details of security analyses. It is comprised of chapters written by world-renowned cryptographers and might well serve as a handbook on signcryption. I would certainly recommend this book, for it is not only a valuable source for researchers, but also for practitioners who can benefit from this book as a reference. Publisher: Springer. ISBN: 978-3-540-89409-4 Review written by Amit K Awasthi (Gautam Buddha University, Gr Noida, India). (Date: 2011-11-16) * R. J. Lipton: "The P=NP Question and Gödel’s Lost Letter", 2010: If you are a computer scientist working in another field, looking for a concise account covering the current status of one of the most important questions in the field of computational complexity, this book will almost certainly disappoint you, because apart from a glibly prose, little attempt has been made to reach out to the non-expert. Domain experts on the other hand will probably find this book too superficial to be of much use. Publisher: Springer. ISBN: 978-1-4419-7154-8 Review written by Gregory Kohring (Inversik Laboratories, Germany). (Date: 2011-09-05) * Al Sakib Khan Pathan: "Security of Self-Organizing Networks", 2011: This book offers a good introduction to the security aspects of self-organizing networks, s.a. MANETs, VANETs, WMNs, and WSNs. Though it is written as a collection of self-contained articles, including contributions of over fifty researchers from several countries, this book maintains a uniform style of presentation. I strongly recommend this book as a useful reference work on the security of self-organizing networks for students, professionals, and researchers. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-4398-1919-7 Review written by S.V. Nagaraj (RMK Engineering College, Kavaraipettai, Tamil Nadu, India). (Date: 2011-08-16) * Mark S. Merkow and Lakshmikanth Raghavan: "Secure and Resilient Software Development", 2010: This book is a "must read" resource for security experts focusing on application security and for application designers and developers who need to integrate security into their systems. The authors have practical experience in application security and wrote a practice-oriented book. The chapters are well-structured and arranged in a good logical order. I would strongly recommend this book to security architects, security trainers, application designers and developers. But I would not recommend the book for students who might have less security and development knowledge due to missing real-life project experience. The broad content of the book could be quite complicated for students to follow. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-4398-2696-6 Review written by Emin Islam Tatli (Daimler TSS, Germany). (Date: 2011-08-02) * Syed A. Ahson and Mohammad Ilyas: "Cloud Computing and Software Services - Theory and Techniques", 2011: This book tries to bring clarity into the emerging field of cloud computing by presenting accurate, up-to-date information in a comprehensive manner - unfortunately it does not achieve this goal completely. Not written for beginners, this book discusses general architecture issues coming up with the development of cloud systems and provides technical background knowledge, but security is merely touched. Hence, this book is recommended to readers interested in the deep technical basics of cloud infrastructures and systems. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-4398-0315-8 Review written by Dominik Birk (Horst Görtz Institute, Ruhr University Bochum, Germany). (Date: 2011-07-06) * Rowan Garnier and John Taylor: "Discrete Mathematics", 2010: In its third edition, Discrete Mathematics, is a mature textbook providing an introduction to those aspects of university level mathematics needed by computer science majors. For the most part, it provides an excellent pedagogical treatment of its subject matter, along with numerous worked exercises. The newly introduced chapter on public key cryptography is exemplary in this respect. Discrete Mathematics is also suitable as a reference book; however, the treatment of most topics is probably too basic to be of immediate use to the practicing professional. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-4398-1280-8 Review written by Gregory Kohring (Inversik Laboratories, Germany). (Date: 2011-07-01) * Nguyen and Vallee: "The LLL Algorithm", 2010: There has long been a need for a comprehensive and advanced text on lattices, the LLL algorithm, and applications. This book, comprising independent chapters written by a number of different people, authoritatively fills the gap in the literature. It is strongly recommended for students and researchers in lattices or lattice-cryptography. The book is not written for novices, and most chapters assume a solid background in mathematics. But I believe that, with a small amount of additional background reading, it will be valuable even for Masters or beginning PhD students. Publisher: Springer. ISBN: 978-3-642-02294-4 Review written by Steven Galbraith (University of Auckland, New Zealand). (Date: 2011-07-01) * Peter Stavroulakis and Mark Stamp: "Handbook of Information and Communication Security", 2010: Having researchers, graduate students and university instructors as audience in mind, this book aims at providing a structured guide to access the huge field of information and communication security and its topics. However, it achieves this goal only partly, as its strength remains in the individual strength of each chapter. A reader interested in purchasing a copy is therefore recommended to inspect the most targeted chapters in order to evaluate whether this handbook provides the desired content. Publisher: Springer. ISBN: 978-3-642-04116-7 Review written by Kilian David (IT Auditor, Germany) and Luigi Lo Iacono (Cologne University of Applied Sciences, Germany). (Date: 2011-06-24) * Silvia Heubach and Toufik Mansour: "Combinatorics of Compositions and Words", 2010: The book is written in an accessible style, and it is quite easy to use for the non-specialist in the area, given a basic computer science and/or mathematical background. It will be a useful reference for the researcher, as well as a very good textbook for a graduate level course in the area. I recommend the book heartily to both the specialists and the beginning researchers in the area. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-4200-7267-9 Review written by Sedar Boztas (Royal Melbourne Institute of Technology, Melbourne, Australia). (Date: 2011-06-21) * Borko Furht and Darko Kirovski: "Multimedia Watermarking Techniques and Applications", 2006: An excellent collection of 14 articles from the experts of multimedia watermarking! It includes survey articles that speak to any reader interested in the subject as well as articles that introduce new techniques and applications of digital watermarking appealing to researchers and practitioners in the field. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-0-84937-213-1 Review written by Yesem Kurt Peker (Randolph College, Lynchburg, Virginia, USA). (Date: 2011-06-20) * David Salomon: "Elements of Computer Security", 2010: An excellent book on the essential topic of computer security and privacy for anyone who uses computers and the Internet for computation, communication, or leisurely purposes. It provides the reader with a very good understanding of what the vulnerabilities are, how threats and attacks work as well as tools to prevent and defend against them. Publisher: Springer. ISBN: 978-0-85729-005-2 Review written by Yesem Kurt Peker (Randolph College, Lynchburg, Virginia, USA). (Date: 2011-06-20) * Henri Cohen and Gerhard Frey: "Handbook of Elliptic and Hyperelliptic Curve Cryptography", 2006: This book could have been titled "Mathematics and Mathematical Algorithms for Elliptic and Hyperelliptic Curves, with a Focus on Cryptography." With this clarification, it offers a very comprehensive coverage of this vast subject area, by a total of 16 authors and contributors. Overall a useful and essential treaty for anyone involved in elliptic curve algorithms, except if someone looks for definitive technical guidance as in a cookbook. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-58488-518-4 Review written by Thierry Moreau (CONNOTECH Experts-conseils Inc., Montreal, Canada). (Date: 2011-06-15) * Albert Lozano-Nieto: "RFID Design Fundamentals and Applications", 2011: This book is aimed at professionals with a background in eletronics, such as electrical engineers and (under)graduate students in related fields interested in the design, deployment and maintenance of RFID systems. There is a plentora of technical details, schematic diagrams of circuits, listings of several electrical parameters such as impedance, voltage, inductance, and so on. This book may be of interest to people working on side-channel analysis dedicated to RFID tags, although such attacks are not mentioned in the book. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-4200-9125-0 Review written by Jorge Nakahara Jr. (Independent Researcher, Brazil). (Date: 2011-06-07) * Giampaolo Bella: "Formal Correctness of Security Protocols", 2007: This book gives a good introduction into proofs of formal correctness for security protocols. You'll learn the approaches and implications of such proofs. Especially the modeling of the use of smartcards is nicely done and explained. However, this book is neither a general introduction into security protocols, nor one into the main-tool, the formal theorem prover Isabelle. All in all, it is a nice book to read, and the ideas, models and proofs will be of great use for anybody, who speciï¬�cally looks for formal proofs of security protocols. Publisher: Springer. ISBN: 978-3-540-68134-2 Review written by Jannik Pewny (Horst Görtz Institute, Ruhr University Bochum, Germany). (Date: 2011-06-07) * Yan Zhang, Jun Zheng and Honglin Hu: "Security in Wireless Mesh Networks", 2008: The book provides a comprehensive guide to security-related issues in wireless mesh networks with focus on system architectures. It is a good reference text for practitioners and researchers in identify deployment scenarios and future directions in network security. I strongly recommend this book as a handbook of security technologies for wireless networks. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-0-8493-8250-5 Review written by Gloria Tuquerres (Freelance Analyst, The Netherlands). (Date: 2011-06-02) * Richard A. Mollin: "Advanced Number Theory with Applications", 2010: "Advanced Number Theory with Applications" is a wonderful book which covers a huge variety of contemporary number theory topics pitched at an advanced undergraduate or beginning graduate level. Indeed, the book starts off with algebraic number theory and quadratic forms, builds up to Dirichlet's theorems on primes in arithmetic progressions and Diophantine equations, and has for a climatic ending elliptic curves and modular forms. Furthermore, this book is clearly written, and has many exercises (half of them with solutions) for the enthusiast to obtain further understanding of the material presented. I would strongly recommend this book to the keen student interested in advanced number theory! Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-4200-8328-6 Review written by Bertrand Junjie Fan (Center for Strategic Infocomm Technologies, Singapore). (Date: 2011-06-01) * Fred Roberts and Barry Tesman: "Applied Combinatorics (Second Edition)", 2009: This book is the second edition of a well known textbook, and the new edition (200 pages more) covers all the major topics in combinatorics in a single accessible volume. Many new examples are given. Hence it is useful to undergraduates and graduate students in computer science, math and engineering. The presentation flows very smoothly and the proofs are carefully written. There is a large number of exercises to test one's understanding. There is also an extensive index of authors and subjects and a long list of references. This book is a gem. Get it! Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-4200-9982-9 Review written by Kian Tay (Center for Strategic Infocomm Technologies, Singapore). (Date: 2011-05-27) * Martin Erickson and Anthony Vazzana: "Introduction to Number Theory", 2008: Introduction to Number Theory is a well-written book on this important branch of mathematics, and the clear, almost story-like structure makes it easy to follow. As a plus, every chapter is correlated with interesting anecdotes about famous mathematicians from the past that gave important contributions to number theory, such as Euler, Gauss, or Euclid. The book is suitable for a wide range of readers, and I strongly recommend it to anyone interested in number theory. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-58488-937-3 Review written by Edoardo Persichetti (University of Auckland, New Zealand). (Date: 2011-05-24) * Alexander Stanoyevetich: "Introduction to Cryptography", 2011: This book is a very comprehensible introduction to cryptography. It will be very suitable for undergraduate students. The author has provided numerous mathematically oriented as well as computer-based exercises. I strongly recommend this book as an introductory book on cryptography for undergraduates. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-4398-1763-6 Review written by S.V. Nagaraj (RMK Engineering College, Kavaraipettai, Tamil Nadu, India). (Date: 2011-05-12) * Christiane Rousseau and Yvan Saint Aubin: "Mathematics and Technology", 2008: This book explains how technologies make use of different mathematical fields. It explores technologies such as robotic arms, cryptography, Google's PageRank or DNA computing. Each chapter introduces some dedicated field. I would recommend this book to mathematics teachers who want to shed some lights on practical use of mathematics. Students may find a source of new exercises (but without proposed solutions). Publisher: Springer. ISBN: 978-0-387-69215-9 Review written by Eric Diehl (Security & Content Protection Labs, Technicolor, Rennes, France). (Date: 2011-05-12) * Asoke K. Talukder and Manish Chaitanya: "Architecting Secure Software Systems", 2009: This book focuses on both theoretical and practical aspects of designing secure software systems. While its theory part is quite well-written, its practical part is not well-structured. I would strongly recommend it to people who need to get only an overview of secure software design, but not for security experts who want to study a specific topic in detail. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-1-4200-8784-0 Review written by Emin Islam Tatli (IBM Germany). (Date: 2011-04-13) * Jack Koolen, Jin Ho Kwak and Ming-Yao Xu (Eds.): "Applications of Group Theory to Combinatorics", 2008: A book written for an advanced audience, in the style of a "handbook", it is a good reference text for an expert in graph or design theory, who is looking for tools from group theory, particularly combinatorial group theory. Publisher: CRC Press/Taylor & Francis Group. ISBN: 978-0-415-47184-8 Review written by Asha Rao (Royal Melbourne Institute of Technology, Melbourne, Australia). (Date: 2011-04-13) * Wenke Lee, Cliff Wand and David Dagon: "Botnet Detection", 2008: ''Botnet Detection - Countering the largest Security Threat'' is a collection of eight excellent research papers. It is not a textbook on botnet detection where the reader is led from the basics to advanced topics. So the book can be only recommended to a reader with some background on botnets and their behavior. Publisher: Springer. ISBN: 978-1-387-68766-7 Review written by Joerg Gerschuetz (International School of IT Security, Bochum, Germany). (Date: 2011-03-07) List of books for review The books below are available for review. If you are interested or have any other question regarding the IACR book reviewing system, please contact Axel Poschmann (Nanyang Technological University, Singapore) via books at iacr.org. New book reviews are posted continiously. Available Books Please note that every book is only reviewed once and books currently under review are marked in the list below as follows: [Date Name]. Go to titles from: * Cambridge University Press * CRC Press/Taylor & Francis Group * Springer Cambridge University Press Further titles are available via Cambridge University Press' website. Cambridge University Press books available for review: New arrivals (Sep 2011): 1. Alpcan: Network Security - A Decision and Game-Theoretic Approach 2. Buchberger: Gröbner Bases and Applications 3. Buttyán: Security and Cooperation in Wireless Networks 4. Churchhouse: Codes and Ciphers 5. Csiszár: Information Theory - Coding Theorems for Discrete Memoryless Systems, 2nd Edition 6. Fridrich: Steganography in Digital Media - Principles, Algorithms, and Applications 7. Goldreich: Foundations of Cryptography Volume: 1 8. Goldreich: Foundations of Cryptography Volume 2 9. Golomb: Signal Design for Good Correlation 10. Hendry: Multi-application Smart Cards - Technology and Applications 11. Huth: Secure Communicating Systems - Design, Analysis, and Implementation 12. Kempf: Wireless Internet Security - Architecture and Protocols 13. Lidl: Finite Fields - 2nd Edition 14. Loepp: Protecting Information - From Classical Error Correction to Quantum Cryptography 15. McEliece: The Theory of Information and Coding, 2nd Edition 16. Obaidat: Security of e-Systems and Computer Networks 17. Sinkov: Elementary Cryptanalysis, 2nd Edition 18. van der Lubbe: Basic Methods of Cryptography 19. Yanofsky: Quantum Computing for Computer Scientists CRC Press/Taylor & Francis Group Further titles are available via CRC Press/Taylor & Francis Group's website. CRC Press/Taylor & Francis Group books available for review: New arrivals (Mai 2011): 1. McAndrew: Introduction to Cryptography with Open-Source Software 2. Dua: Data Mining and Machine Learning in Cybersecurity 3. Buchanan: Introduction to Security and Network Forensics 4. Landoll: The Security Risk Assessment Handbook: A Complete Guide for Performing Security Risk Assessments, Second Edition 5. Graham: Cyber Security Essentials Available previously: 1. Blanchet-Sadri: Algorithmic Combinatorics on Partial Words 2. Brualdi: A Combinatorial Approach to Matrix Theory and Its Applications 3. Gross: Combinatorial Methods with Computer Applications 4. Gould: Mathematics in Games, Sports, and Gambling 5. Johnson: Handbook of Finite Translation Planes 6. Lindner: Design Theory, Second Edition 7. Liu: Security and Policy Driven Computing 8. Moldovyan: Data-driven Block Ciphers for Fast Telecommunication Systems 9. Paulsen: Abstract Algebra. An interactive Approach 10. Peeva: Syzygies and Hilbert Functions 11. Stanoyevitch: Discrete Structures with Contemporary Applications 12. Szabo: Factoring Groups into Subsets 13. Thuraisingham: Secure Semantic Service-Oriented Systems 14. Wallis: Introduction to Combinatorial Designs, Second Edition 15. Xiao: Security in Distributed, Grid, Mobile, and Pervasive Computing Springer Below you find a selection of books from Springer. Further titles are available via Springer's website. New arrivals (Mar 2011): 1. Aycock: Spyware and Adware 2. Bard: Algebraic Cryptanalysis 3. Bauer: Origins and Foundations of Computing 4. Böhme: Advanced Statistical Steganalysis 5. Sadeghi: Towards Hardware-Intrinsic Security Available previously: 1. Adjeroh: The Burrows-Wheeler Transform 2. Buchmann: Binary Quadratic Forms 3. Camp: Economics of Identity Theft 4. Dietzfelbinger: Primality Testing in Polynomial Time 5. Di Pietro: Intrusion Detection Systems 6. Fine: Number Theory 7. Gomes: Implicit Curves and Surfaces: Mathematics, Data Structures, and Algorithms 8. Hromkovic: Algorithmic Adventures 9. Kuo: Precoding Techniques for Digital Communication Systems 10. Li: An Introduction to Kolmogorov Complexity and Its Applications 11. Mehlhorn: Algorithms and Data Structures 12. Onieva: Secure Multi-Party Non-Repudiation Protocols and Applications 13. Robshaw: New Stream Cipher Designs 14. Salomon: A Concise Introduction to Data Compression 15. Sammes: Forensic Computing 16. Schellekens: A Modular Calculus for the Average Cost of Data Structuring 17. Shi: Transactions on Data Hiding and Multimedia Security III 18. Traynor: Security for Telecommunications Networks 19. Vöcking: Taschenbuch der Algorithmen [German] 20. Yeung: Information Theory and Network Coding Cryptology ePrint Archive: Top 20 Downloads in the last 6 month This report includes the top 20 downloads from the ePrint archive between 1 May 2011 and 31 October 2011. 1. 2004/314 ( PDF ) with 22474 downloads. A Technical Comparison of IPSec and SSL AbdelNasir Alshamsi and Takamichi Saito 2. 2007/120 ( PDF ) with 17528 downloads. Breaking 104 bit WEP in less than 60 seconds Erik Tews and Ralf-Philipp Weinmann and Andrei Pyshkin 3. 2011/232 ( PDF ) with 16255 downloads. Remote Timing Attacks are Still Practical Billy Bob Brumley and Nicola Tuveri 4. 2011/390 ( PDF ) with 12397 downloads. On the Vulnerability of FPGA Bitstream Encryption against Power Analysis Attacks - Extracting Keys from Xilinx Virtex-II FPGAs Amir Moradi and Alessandro Barenghi and Timo Kasper and Christof Paar 5. 2010/006 ( PDF ) with 10793 downloads. Factorization of a 768-bit RSA modulus Thorsten Kleinjung and Kazumaro Aoki and Jens Franke and Arjen Lenstra and Emmanuel Thomé and Joppe Bos and Pierrick Gaudry and Alexander Kruppa and Peter Montgomery and Dag Arne Osvik and Herman te Riele and Andrey Timofeev and Paul Zimmermann 6. 2011/391 ( PDF ) with 9523 downloads. On the Portability of Side-Channel Attacks - An Analysis of the Xilinx Virtex 4, Virtex 5, and Spartan 6 Bitstream Encryption Mechanism Amir Moradi and Markus Kasper and Christof Paar 7. 2010/332 ( PDF ) with 7732 downloads. Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Aurelien Francillon and Boris Danev and Srdjan Capkun 8. 2004/199 ( PDF ) with 6926 downloads. Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD Xiaoyun Wang and Dengguo Feng and Xuejia Lai and Hongbo Yu 9. 2008/469 ( PS PS.GZ PDF ) with 5943 downloads. Classification and Generation of Disturbance Vectors for Collision Attacks against SHA-1 Stephane Manuel 10. 2009/281 ( PDF ) with 5178 downloads. Enabling Public Verifiability and Data Dynamics for Storage Security Qian Wang and Cong Wang and Jin Li and Kui Ren and Wenjing Lou 11. 2009/223 ( PDF ) with 4987 downloads. How To Find Weak Input Differences For MD5 Collision Attacks Tao Xie and Dengguo Feng 12. 2006/136 ( PDF ) with 4676 downloads. A Challenging but Feasible Blockwise-Adaptive Chosen-Plaintext Attack on SSL Gregory V. Bard 13. 2010/439 ( PDF ) with 4128 downloads. Embedded Extended Visual Cryptography Schemes Feng Liu and Chuankun Wu 14. 2007/471 ( PDF ) with 3870 downloads. Attacks on the WEP protocol Erik Tews 15. 2011/277 ( PDF ) with 3819 downloads. Fully Homomorphic Encryption without Bootstrapping Zvika Brakerski and Craig Gentry and Vinod Vaikuntanathan 16. 2009/616 ( PS PS.GZ PDF ) with 3695 downloads. Fully Homomorphic Encryption over the Integers Marten van Dijk and Craig Gentry and Shai Halevi and Vinod Vaikuntanathan 17. 2006/086 ( PDF ) with 3506 downloads. Analysis of the Linux Random Number Generator Zvi Gutterman and Benny Pinkas and Tzachy Reinman 18. 2011/211 ( PDF ) with 3469 downloads. Security Evaluation of GOST 28147-89 In View Of International Standardisation Nicolas T. Courtois 19. 2011/405 ( PDF ) with 3393 downloads. Can Homomorphic Encryption be Practical? Kristin Lauter and Michael Naehrig and Vinod Vaikuntanathan 20. 2006/262 ( PDF ) with 3233 downloads. Logical Concepts in Cryptography Simon Kramer __________________________________________________________ You may opt out of the newsletter either by editing your contact information and preferences at https://s1.iacr.org/iacrmem/update.html Contributions are most welcome! Please include a URL and/or e-mail addresses for any item submitted (if possible). For things that are not on the Web, please submit a one-page ASCII version. Send your contributions to newsletter (at) iacr.org. IACR contact information. Current newsletter editor is Christopher Wolf.