Dear Readers,

Thanks to Christoph Schuba and Mary Ellen Zurko for responding to my last minute appeal for reporters for the Security and Privacy Symposium; the report in this issue is their gift to you. Thanks and congratulations also to Dale Johnson, Steve Kent, John McHugh, George Dinolt, the Program Committee, and most of all the authors and attendees who continue to make the Symposium worth the trip. For the first time, the TC is assembling a hypertext version of the proceedings; at this writing we have installed URL's to well over half the papers presented, and more should be available in a few weeks. See URL

Also this month brought an official report from the US General Accounting Office confirming that there are lots of hackers beating on the doors of Department of Defense unclassified systems (and the door is too-frequently left ajar) and the National Research Council's report on cryptographic policy. With several bills addressing this policy currently before Congress, the debate seems unlikely to cool down for a while.

Cipher's research registry is off the ground, but I know there are many more projects out there; send in those URL's.

Finally, amidst the new journal announcements I ran across this one:

                        Call for Papers

     An International Journal on Failures and Lessons Learned in
Information Technology Management has been founded. The journal will be
published four times a year, starting from January 1997. The publisher is
Cognizant Communication Corp., New York. 
Contact Dr. R Sadananda at with your tales of woe!

Carl Landwehr
Editor, Cipher