When designing a crypto protocol, or building a large security architecture, no competent designer ignores considering the bad guy, and anticipating his plans. But often we designers find ourselves striving to build totally secure systems and protocols—in effect writing the bad guys entirely out of the equation. In a large system, when you exclude the bad guys, they soon muscle their way in elsewhere, and maybe in a new and worse way over which you may have much less control. A crypto protocol with no known weaknesses may be a strong tool, but when it does break, it will break in an unpredictable way.

This talk explores the hypothesis that it is safer and better for designers to give the bad guys their cut, but to keep it small, and keep in control. It may not just be our systems but also our protocol building blocks that should be designed to make room for the bad guy to take his cut. The talk is illustrated with examples of very successful systems with known weaknesses, drawn primarily from the European EMV payment system, and banking security in general. We also discuss a few "too secure" systems that end up failing in worse ways as a result.

Vulnerabilities in First-Generation RFID-enabled Credit Cards, Thomas S. Heydt-Benjamin (University of Massachusetts Amherst, USA), Daniel V. Bailey (RSA Laboratories, USA), Kevin Fu (University of Massachusetts Amherst, USA), Ari Juels (RSA Laboratories, USA), and Tom O'Hare (Innealta, Inc.)

Conditional E-Cash, Larry Shi and Bogdan Carbunar (Motorola Labs) and Radu Sion (Stony Brook University, USA)

A Privacy-Protecting Multi-Coupon Scheme with Stronger Protection against Splitting, Liqun Chen (HP Laboratories), Alberto Escalante, Hans Löhr, Mark Manulis, and Ahmad-Reza Sadeghi (Horst Görtz Institute Bochum, Germany)

A Model of Onion Routing with Provable Anonymity, Joan Feigenbaum (Yale University), Aaron Johnson (Yale University, USA), and Paul Syverson (Naval Research Laboratory, USA)

K-Anonymous Multi-party Secret Handshakes, Shouhuai Xu (UTSA) and Moti Yung (RSA Laboratories and Columbia University, USA)

Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer, Mohammad Mannan and Paul C. van Oorschot (Carleton University, Canada)

Scalable Authenticated Tree Based Group Key Exchange for Ad-Hoc Groups, Yvo Desmedt (University College London, UK), Tanja Lange (Eindhoven University of Technology, Netherlands) and Mike Burmester (Florida State University, USA)

On Authentication with HMAC and Non-Random Properties, Christian Rechberger and Vincent Rijmen (Graz University of Technology, Austria)

Hidden Identity-Based Signatures, Aggelos Kiayias and Hong-Sheng Zhou (University of Connecticut, USA)

Space-Efficient Private Search, George Danezis and Claudia Diaz (K.U. Leuven, Belgium)

Cryptographic Securities Exchanges, Christopher Thorpe and David C. Parkes (Harvard University, USA)

Improved multi-party contract signing, Aybek Mukhamedov and Mark Ryan (University of Birmingham, UK)

Informant: Detecting Sybils Using Incentives, N. Boris Margolin and Brian Neil Levine (University of Massachusetts Amherst, USA)

Dynamic Virtual Credit Card Numbers, Ian Molloy (Purdue University, USA), Jiangtao Li (Intel Corporation) and Ninghui Li (Purdue University, USA)

The unbearable lightness of PIN cracking, Omer Berkman (The Academic College of Tel Aviv Yaffo, Israel) and Odelia Moshe Ostrovsky (Algorithmic Research Ltd. and Tel Aviv University, Israel)

Users breach the security of data within many financial applications daily as human and/or business expediency to access and use information wins over corporate security policy guidelines. Recognizing that changing user context often requires different security mechanisms, we discuss end-to-end solutions combining several security and context mechanisms for relevant security control and information presentation in various mobile user situations. We illustrate key concepts using Dimitri Kanevsky's (IBM Research) early 2000s patented inventions for voice security and classification.

Personal Digital Rights Management for Mobile Cellular Devices, Siddharth Bhatt (Stony Brook University, USA), Bogdan Carbunar (Motorola Labs), Radu Sion (Stony Brook University, USA), and Venu Vasudevan (Motorola Labs)

Certificate Revocation using Fine Grained Certificate Space Partitioning, Vipul Goyal (UCLA, USA)

An Efficient Aggregate Shuffle Argument Scheme, Jun Furukawa (NEC Corporation, Japan) and Hideki Imai (National Institute of Advanced Industrial Science and Technology, Japan)