The 13th Australasian Conference on Information Security and Privacy (ACISP 2008) was held at Wollongong, Australia, during July 7¿9, 2008. The conference was sponsored by the Centre for Computer and Information Security of the University of Wollongong and the ResearchNetwork for a Secure Australia. The submission and review process was run using the iChair software, written by Thomas Baigneres and Matthieu Finiasz from EPFL, LASEC, Switzerland. We would like to thank them for letting us use their iChair software. The conferencereceived111submissions, out ofwhich the ProgramComm- tee selected 33 papers for presentation at the conference after a rigorous review process.Thesepapersareincludedintheproceedings.Theacceptedpaperscover a range of topics in information security, including authentication, key m- agement, public key cryptography, privacy, anonymity, secure communication, ciphers, network security, elliptic curves, hash functions, and database security. Theconferenceproceedingscontainrevisedversionsoftheselectedpapers.Since some of them were not checked again for correctness before publication, the - thors bear full responsibility for the contents of their papers. We would like to thank the authors of all papers for submitting their papers to the conference. In addition to the contributed papers, the program comprised three invited talks. The invited speakers were Xavier Boyen (Voltage, USA), Josef Pieprzyk (Macquarie University, Australia) and Nigel Phair (Australian High Tech Crime Centre). We would like to express our thanks to them.

New Paradigms for Password Security.- Enforcing User-Aware Browser-Based Mutual Authentication with Strong Locked Same Origin Policy.- Secure Biometric Authentication with Improved Accuracy.- A Critical Analysis and Improvement of AACS Drive-Host Authentication.- Comparing the Pre- and Post-specified Peer Models for Key Agreement.- Efficient One-Round Key Exchange in the Standard Model.- On the Improvement of the BDF Attack on LSBS-RSA.- Public-Key Cryptosystems with Primitive Power Roots of Unity.- Relationship between Two Approaches for Defining the Standard Model PA-ness.- Distributed Verification of Mixing - Local Forking Proofs Model.- Fully-Simulatable Oblivious Set Transfer.- Efficient Disjointness Tests for Private Datasets.- Efficient Perfectly Reliable and Secure Message Transmission Tolerating Mobile Adversary.- Methods for Linear and Differential Cryptanalysis of Elastic Block Ciphers.- Multidimensional Linear Cryptanalysis of Reduced Round Serpent.- Cryptanalysis of Reduced-Round SMS4 Block Cipher.- On the Unprovable Security of 2-Key XCBC.- Looking Back at a New Hash Function.- Non-linear Reduced Round Attacks against SHA-2 Hash Family.- Collisions for Round-Reduced LAKE.- Preimage Attacks on Step-Reduced MD5.- Linear Distinguishing Attack on Shannon.- Recovering RC4 Permutation from 2048 Keystream Bytes if j Is Stuck.- Related-Key Chosen IV Attacks on Grain-v1 and Grain-128.- Signature Generation and Detection of Malware Families.- Reducing Payload Scans for Attack Signature Matching Using Rule Classification.- Implicit Detection of Hidden Processes with a Feather-Weight Hardware-Assisted Virtual Machine Monitor.- FormatShield: A Binary Rewriting Defense against Format String Attacks.- Advanced Permission-Role Relationship in Role-Based Access Control.- Enhancing Micro-Aggregation Technique by Utilizing Dependence-Based Information in Secure Statistical Databases.- Montgomery Residue Representation Fault-Tolerant Computation in GF(2 k ).- A Tree-Based Approach for Computing Double-Base Chains.- Extractors for Jacobians of Binary Genus-2 Hyperelliptic Curves.- Efficient Modular Arithmetic in Adapted Modular Number System Using Lagrange Representation.