Information security and privacy

The4thAustralasianConferenceonInformationSecurityandPrivacywasheld attheUniversityofWollongong,Australia. Theconferencewassponsoredby theCentreforComputerSecurityResearch,UniversityofWollongong,andthe AustralianComputerSociety. Theaimoftheconferencewastobringtogether peopleworkingindi erentareasofcomputer,communication,andinformation securityfromuniversities,industry,andgovernmentinstitutions. Theconference gavetheparticipantsanopportunitytodiscussthelatestdevelopmentsinthe quicklygrowingareaofinformationsecurityandprivacy. Theprogramcommitteeaccepted26papersfrom53submitted. Fromthose accepted, thirteen papers were from Australia, two each from Belgium and China,andoneeachfromAustria,Belarus,France,India,Japan,Korea,Sin- pore,theUSA,andYugoslavia. Conferencesessionscoveredthefollowingtopics: accesscontrolandsecuritymodels,networksecurity,Booleanfunctions,group communication,cryptanalysis,keymanagementsystems,electroniccommerce, signatureschemes,RSAcryptosystems,andoddsandends.^ We would like to thank the members of the program committee who - nerouslyspenttheirtimereadingandevaluatingthepapers. Wewouldalsolike tothankmembersoftheorganisingcommitteeand,inparticular,ChrisCh- nes,HosseinGhodosi,MarcGysin,Tiang-BingXia,Cheng-XinQu,SanYeow Lee,YejingWang,Hua-XiongWang,Chih-HungLi,WillySusilo,ChintanShah, Je reyHorton,andGhulamRasoolChaudhryfortheircontinuousandtireless e ortinorganisingtheconference. Finally,wewouldliketothanktheauthorsof allthesubmittedpapers,especiallytheacceptedones,andalltheparticipants whomadetheconferenceasuccessfulevent.^ February1999 JosefPieprzyk ReiSafavi-Naini JenniferSeberry FOURTHAUSTRALASIANCONFERENCE ONINFORMATIONSECURITY ANDPRIVACY ACISP’99 Sponsoredby CenterforComputerSecurityResearch UniversityofWollongong,Australia and AustralianComputerSociety GeneralChair: JenniferSeberry UniversityofWollongong ProgramCo-Chairs: JosefPieprzyk UniversityofWollongong ReiSafavi-Naini UniversityofWollongong ProgramCommittee: ColinBoyd QueenslandUniversityofTechnology,Australia LawrieBrown AustralianDefenceForceAcademy,Australia BillCaelli QueenslandUniversityofTechnology,Australia EdDawson QueenslandUniversityofTechnology,Australia CunshengDing NationalUniversityofSingapore,Singapore DieterGollmann MicrosoftResearch,UK YongfeiHan Gemplus,Singapore ThomasHardjono BayNetworks,US ErlandJonsson ChalmersUniversity,Sweden SveinKnapskog UniversityofTrondheim,Norway KeithMartin KatholiekeUniversiteitLeuven,Belgium CathyMeadows NavalResearchLaboratory,US KaisaNyberg NokiaResearchCenter,Finland Choon-SikPark^ ElectronicsandTelecommunicationResearchInstitute,Korea DingyiPei AcademiaSinica,China SteveRoberts WithamPtyLtd,Australia ConferenceOrganization VII GregRose Qualcomm,Australia RaviSandhu GeorgeMasonUniversity,US Sta ordTavares Queen’sUniversity,Canada VijayVaradharajan WesternSydneyUniversity,Australia YuliangZheng MonashUniversity,Australia Referees N. Asokan ZhangJiang DingyiPei YunBai ErlandJonsson JosefPieprzyk SimonBlackburn SveinKnapskog VincentRijmen ColinBoyd HuLei SteveRoberts LawrieBrown LeszekMaciaszek GregRose BillCaelli KeithMartin ReiSafavi-Naini EdDawson CathyMeadows RaviSandhu CunshengDing BillMillan RajanShankaran GaryGaskell QiMing Sta ordTavares JanuszGetta Sang-JaeMoon VijayVaradharajan DieterGollmann YiMu Kapaleeswaran MarcGysin KennyNguyen Viswanathan YongfeiHan KaisaNyberg ChuanWu ThomasHardjono Choon-SikPark YuliangZheng. TableofContents BooleanFunctions BooleanFunctionDesignUsingHillClimbingMethods WilliamMillan,AndrewClark,andEdDawson. . . . . . . . . . .^ . . . . . . . . . . . . . . . . . 1 EnumerationofCorrelationImmuneBooleanFunctions SubhamoyMaitraandPalashSarkar. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 OntheSymmetricPropertyofHomogeneousBooleanFunctions ChengxinQu,JenniferSeberry,andJosefPieprzyk. . . . . . . . . . . . . . . . . . . . . . . . 26 KeyManagement PubliclyVeri ableKeyEscrowwithLimitedTimeSpan KapaliViswanathan,ColinBoyd,andEdDawson. . . . . . . . . . . . . . . . . . . . . . . . . 36 AcceleratingKeyEstablishmentProtocolsforMobileCommunication SeungwonLee,Seong-MinHong,HyunsooYoon,andYookunCho. . . . . . . . . 51 ConferenceKeyAgreementfromSecretSharing Chih-HungLiandJosefPieprzyk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Cryptanalysis Onm-PermutationProtectionSchemeAgainstModi cationAttack W. W. FungandJ. W. Gray,III. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 InversionAttackandBranching JovanDj.^ Golic, AndrewClark,andEdDawson . . . . . . . . . . . . . . . . . . . . . . . . . . 88 Signatures Fail-StopThresholdSignatureSchemesBasedonEllipticCurves WillySusilo,ReiSafavi-Naini,andJosefPieprzyk. . . . . . . . . . . . . . . . . . . . . . . 103 DivertibleZero-KnowledgeProofofPolynomialRelationsand BlindGroupSignature KhanhQuocNguyen,YiMu,andVijayVaradharajan. . . . . . . . . . . . . . . . . . . . 117 RepudiationofCheatingandNon-repudiationof Zhang’sProxySignatureSchemes HosseinGhodosiandJosefPieprzyk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 X TableofContents RSACryptosystems OntheSecurityofanRSABasedEncryptionScheme SigunaMul ¨ler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135 GeneralisedCyclingAttacksonRSAandStrongRSAPrimes MarcGysinandJenniferSeberry. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .^ 149 RSAAccelerationwithFieldProgrammableGateArrays AlexanderTiountchikandElenaTrichina. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 GroupCryptography ChangingThresholdsintheAbsenceofSecureChannels KeithM. Martin,JosefPieprzyk,ReiSafavi-Naini,andHuaxiongWang . 177 ASelf-Certi edGroup-OrientedCryptosystemWithoutaCombiner ShahrokhSaeedniaandHosseinGhodosi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 NetworkSecurity CompanionVirusesandtheMacintosh:ThreatsandCountermeasures Je reyHortonandJenniferSeberry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 AnImplementationofaSecureVersionofNFSIncludingRBAC PaulAshley,BradleyBroom,andMarkVandenwauver. . . . . . . . . . . . . . . . . . .