Information Security Theory and Practice. Smart Devices, Pervasive Systems, and Ubiquitous Networks Third IFIP WG 11.2 International Workshop, WISTP 2009 Brussels, Belgium, September 1-4, 2009 Proceedings Proceedings

This volume contains the 12 papers presented at the WISTP 2009 conference, held in Brussels, Belgium in September 2009. WISTP 2009 was the third int- national workshop devoted to information security theory and practice. WISTP 2009 built on the successful WISTP 2007 and 2008 conferences, held in Heraklion, Crete, Greece and Seville, Spain in May 2007 and May 2008, - spectively. The proceedings of WISTP 2007 and WISTP 2008 were published as volumes 4462 and 5019 of the Lecture Notes in Computer Science series. This workshop received the following support: – Co-sponsored by IFIP WG 11. 2 Small System Security – Co-sponsored by VDE ITG – Technical sponsorship of the IEEE Systems, Man & Cybernetics Society – Supported by the Technical Committee on Systems Safety and Security – Organized in cooperation with the ACM SIGSAC – Supported by ENISA – Supported by the Institute for Systems and Technologies of Information, Control and Communication (INSTICC) These proceedings contain 12 original papers covering a range of theoretical and practical topics in information security. For the purposes of the organi- tion of the WISTP program, the papers were divided into four main categories, namely: – Mobility – Attacks and Secure Implementations – Performance and Security – Cryptography The12papersincludedherewereselectedfromatotalof27submissions. The refereeing process was rigorous,involving at least three (and mostly four or ?ve) independent reports being prepared for each submission.

Mobility.- On the Unobservability of a Trust Relation in Mobile Ad Hoc Networks.- A Mechanism to Avoid Collusion Attacks Based on Code Passing in Mobile Agent Systems.- Privacy-Aware Location Database Service for Granular Queries.- Attacks and Secure Implementations.- Algebraic Attacks on RFID Protocols.- Anti-counterfeiting Using Memory Spots.- On Second-Order Fault Analysis Resistance for CRT-RSA Implementations.- Performance and Security.- Measurement Analysis When Benchmarking Java Card Platforms.- Performance Issues of Selective Disclosure and Blinded Issuing Protocols on Java Card.- Energy-Efficient Implementation of ECDH Key Exchange for Wireless Sensor Networks.- Cryptography.- Key Management Schemes for Peer-to-Peer Multimedia Streaming Overlay Networks.- Ultra-Lightweight Key Predistribution in Wireless Sensor Networks for Monitoring Linear Infrastructure.- PKIX Certificate Status in Hybrid MANETs.