This book constitutes the refereed proceedings of the Second International Information Security Practice and Experience Conference, ISPEC 2006, held in Hangzhou, China, in April 2006. The 35 revised full papers presented were carefully reviewed and selected from 307 submissions. The papers are organized in topical sections.

Inhalt

Cryptoanalysis.- DPA-Resistant Finite Field Multipliers and Secure AES Design.- Signed MSB-Set Comb Method for Elliptic Curve Point Multiplication.- Diophantine Approximation Attack on a Fast Public Key Cryptosystem.- Further Security Analysis of XTR.- Network Security I.- A Counting-Based Method for Massive Spam Mail Classification.- Model and Estimation of Worm Propagation Under Network Partition.- Tackling Worm Detection Speed and False Alarm in Virus Throttling.- Network Security II.- Using Data Field to Analyze Network Intrusions.- Adversarial Organization Modeling for Network Attack/Defense.- A Novel Dynamic Immunization Strategy for Computer Network Epidemics.- Preventing Web-Spoofing with Automatic Detecting Security Indicator.- Security Protocol.- Security Protocol Analysis with Improved Authentication Tests.- A Protocol of Member-Join in a Secret Sharing Scheme.- More on Shared-Scalar-Product Protocols.- Communication Security.- Efficient Public Key Broadcast Encryption Using Identifier of Receivers.- A Practical Clumped-Tree Multicast Encryption Scheme.- Trojan Horse Attack Strategy on Quantum Private Communication.- Signature and Key Agreement.- Linkable Democratic Group Signatures.- Identity-Based Key Agreement with Unilateral Identity Privacy Using Pairings.- Short (Identity-Based) Strong Designated Verifier Signature Schemes.- Identity Based Key Insulated Signature.- Application I.- Design and Implementation of an Extended Reference Monitor for Trusted Operating Systems.- A Design and Implementation of Profile Based Web Application Securing Proxy.- An Efficient and Practical Fingerprint-Based Remote User Authentication Scheme with Smart Cards.- Application II.- Domain-Based Mobile Agent Fault-Tolerance Scheme for Home Network Environments.- Using ?-Calculus to Formalize Domain Administration of RBAC.- An Efficient Way to Build Secure Disk.- Practical Forensic Analysis in Advanced Access Content System.- Cryptographic Techniques.- Security Analysis of a Server-Aided RSA Key Generation Protocol.- Integrating Grid with Cryptographic Computing.- Three-Round Secret Handshakes Based on ElGamal and DSA.- System Security.- Securing C Programs by Dynamic Type Checking.- A Chaos-Based Robust Software Watermarking.- Privately Retrieve Data from Large Databases.- An Empirical Study of Quality and Cost Based Security Engineering.