2025/03/18 更新

お知らせ

 

写真a

サクライ コウイチ
櫻井 幸一
SAKURAI KOUICHI
所属
システム情報科学研究院 情報学部門 教授
サイバーセキュリティセンター (併任)
工学部 電気情報工学科(併任)
システム情報科学府 情報理工学専攻(併任)
マス・フォア・イノベーション連係学府 (併任)
職名
教授
プロフィール
1986年〜1988年 九州大学工学研究科修士課程において数学 (位相幾何学,代数幾何学,微分方程式論)を専攻. 1988年4月 三菱電機株式会社入社後, 情報電子研究所(現、情報総合研究所)にて暗号と情報セキュリティ の研究開発に従事.とくにゼロ知識対話型証明の理論研究と そのネットワークセキュリティーへの 応用にたずさわる. また,同時に公開鍵暗号に適用される 楕円曲線に基づいた離散対数問題を 計算量的立場から研究. 1993年6月『ゼロ知識証明技術に基づく暗号 プロトコルの効率と安全性に関する研究』 により,博士(工学)の学位授与(九州大学). 1994年3月 九州大学 工学部 情報工学科 助教授 就任. 以来,情報と様々な分野(計算機,数学,物理,生物,経済) の接点に現れる複雑性に興味ももち,その構造解析を行なっている. これまで 暗号技術国際標準化委員会(ISO/SC27/WG2) 主査 兼 WG2日本代表長(情報処理学会 情報規格調査会)として として、暗号アルゴリズムの国際標準化に関わる国内政策の舵とりと、 その活動範囲は、研究だけでなく、標準化や暗号政策にまでも およんでいる。) 1992年 マッシー教授の招待でスイス工科大学(ETH)において 招待講演''On the gap between the serial and the parallel in zero-knowledge protocols''を行なう。 1995年5月 マルセイユ(フランス)離散数学研究所 (ATI/LMD)で, 楕円曲線に基づいた離散対数問題の複雑性に関する 招待講演を行なう. 1997年9月から一年間、米国コロンビア大学計算機科学科 客員研究員。 この間に、AT \& T研究所にて、''超楕円暗号の設計と解析'' に関する招待講演を行なう。 1988年 3月  九州大学大学院 工学研究科修士課程修了 1988年 4月  三菱電機(株)情報電子研究所勤務 暗号理論の研究に従事 1993年 6月  博士(工学)の学位取得(九州大学) 1995年 九州大学工学部情報工学科助教授就任  1997年 9月 (一年間)米国コロンビア大学計算機科学科 訪問研究員 2002年 4月  九州大学大学院システム情報科学研究院情報工学部門教授 (現在にいたる) 所属学会: 電子情報通信学会、情報処理学会、日本数学会、人工知能学会, ACM, IEEE, IACR 授賞  2000年 情報処理学会 論文賞授賞・坂井特別記念賞 2003年 情報処理学会 情報規格調査会 標準化功労賞 2004年 情報処理学会 論文賞授賞  2005年 第一回IPA(情報処理推進機構)賞 2004年4月より、(財)九州システム情報技術研究所 第2研究室室長を兼務し、「社会システムにおける情報セキュリティ」の確保をテーマに、産学官の研究交流を促進。  2005-2006年度・情報通信研究機構より採択された日韓国際共同研究プロジェクトのリーダーとしてセキュリティ技術に関する日中韓の産学官連携を推進。  2006年5月インド暗号学会(The Cryptology Research Society of India, (CRSI) 事務局長ビマル クマール ロイ(Bimal Kumar Roy)教授)との間で、 情報セキュリティ分野での研究協定覚書(MOU)の締結を日本の研究機関としてはじめて実現。 2019年4月よりATR(国際通信研究所)セキュリティ部客員兼務。2020年2月、IEEEメンバープレスにおいて、「インターネットなどのネットワークや人工知能(AI)への不正を仕掛ける攻撃は年々高度化しており、暗号技術が重要さを増していることや、セキュリティーとプライバシーとの関係性に注意すべきだ」と提言した。 2022年4月より人工知能学会AIせキュリティ研究会主査(初代)。 研究論文(2024年5月現在)ジャーナル114件 国際会議357件  https://dblp.org/pid/16/3865.html

研究分野

  • 情報通信 / 情報セキュリティ

学位

  • 博士(工学)

経歴

  • 三菱電機・情報電子研究所(1988Apr~1993Feb)   

    三菱電機・情報電子研究所(1988Apr~1993Feb)

研究テーマ・研究キーワード

  • 研究テーマ: 人工知能

    研究キーワード: 人工知能

    研究期間: 2024年

  • 研究テーマ: プライバシー

    研究キーワード: プライバシー

    研究期間: 2024年

  • 研究テーマ: ブロックチェーン

    研究キーワード: ブロックチェーン

    研究期間: 2024年

  • 研究テーマ: サイバーセキュリティ

    研究キーワード: サイバーセキュリティ

    研究期間: 2024年

  • 研究テーマ: 人工知能暗号

    研究キーワード: 人工知能暗号

    研究期間: 2024年

  • 研究テーマ: 量子暗号

    研究キーワード: 量子暗号

    研究期間: 2024年

  • 研究テーマ: 暗号

    研究キーワード: 暗号

    研究期間: 2024年

  • 研究テーマ: 信頼性

    研究キーワード: 信頼性

    研究期間: 2024年

  • 研究テーマ: 仮想通貨

    研究キーワード: 仮想通貨

    研究期間: 2024年

  • 研究テーマ: NFT(非代替性トークン)

    研究キーワード: NFT(非代替性トークン)

    研究期間: 2022年4月 - 2024年5月

  • 研究テーマ: Ai暗号

    研究キーワード: 深層学習、暗号

    研究期間: 2021年4月 - 2022年7月

  • 研究テーマ: ブロックチェーン社会基盤

    研究キーワード: スマートコントラクト  電子投票

    研究期間: 2020年1月 - 2020年6月

  • 研究テーマ: 仮想通貨とブロックチェーン

    研究キーワード: ビットコイン

    研究期間: 2018年4月 - 2021年8月

  • 研究テーマ: 人工知能セキュリティ

    研究キーワード: 人工知能、敵対的機械学習

    研究期間: 2017年4月 - 2018年6月

  • 研究テーマ: サイバーセキュリティ

    研究キーワード: ネットワーク、人工知能

    研究期間: 2015年4月 - 2016年5月

  • 研究テーマ: ネットワークセキュリティ経済

    研究キーワード: ゲーム理論

    研究期間: 2010年8月 - 2011年8月

  • 研究テーマ: 暗号アルゴリズムの設計と解析

    研究キーワード: 共通鍵暗号、 強度評価

    研究期間: 2005年4月 - 2012年10月

  • 研究テーマ: 暗号と情報セキュリティ

    研究キーワード: 情報セキュリティ,暗号理論,インターネットプロトコル,モバイル技術,Web 応用技術,オペレーティングシステム

    研究期間: 1994年3月

受賞

  • SCAT 会長賞

    2019年1月   (一財)テレコム先端技術研究支援センター   「超高速暗号 KCipher-2 の研究開発と実用化」

     詳細を見る

    SCAT表彰は、ICT(情報通信技術)の研究開発により国民生活の安全安心に寄与するなど多大な貢献のあった研究者に授与する趣旨で、
    2019年度から公募・他薦によって実施している。
    本年度の表彰は、会長大賞 2件、 会長賞 2件、 優秀賞 1件の合計5件であった。
    下名の受賞は、KDDI総合研究所3名との共同研究開発・国際標準化に対して贈られた。

    清本 晋作1、田中 俊昭1、仲野 有登1、櫻井 幸一2 (1: KDDI 総合研究所、2: 九州大学)

  • 平成27年度電子情報通信学会業績賞

    2016年5月   電子情報通信学会   超高速暗号 KCipher-2 の開発と標準化 田中 俊昭(KDDI研) 清本 晋作(KDDI研) 櫻井 幸一(九州大学)

  • 貢献賞(国際会議)

    2015年9月   電子情報通信学会・基礎境界ソサイエティ   国際会議IWSEC2015(The 9th International Workshop on Security)の運営に関する貢献

  • DICOMO2015優秀論文賞

    2015年9月   情報処理学会・マルチメディア、分散、協調とモバイルシンポジウム・プログラム委員会   「ネットワーク攻撃に対する端末非依存型検知方式のOpenFlowコントローラ上への実装と評価」 宮﨑亮輔†,川本淳平†,松本晋一*,櫻井幸一† (†九州大学,*九州先端科学技術研究所)に対する論文賞

     詳細を見る

    ネットワーク仮想化技術であるSoftware-Dened Network (SDN) において,マルチエー
    ジェントを用いてサイバー攻撃を検知する手法を提案する.我々がこれまでに提案してきた手法では,SDN
    内に単一のエージェントを配置し攻撃検知を行っていた.しかし,単一エージェントでは検知結果にノイ
    ズが含まれることが問題であった.本稿では,監視するネットワークデータに関する多様性,異常と判断
    する閾値に関する多様性並びにエージェントの寿命に関する多様性を導入し,単一エージェントによる過
    度な検出を抑え複数の異常傾向を考慮した検知を提案する.また,比較評価実験により,多様性の導入に
    よって検知結果ノイズが削減できたことを確認した.

  • The Second International Symposium on Computing and Networking – Across Practical Development and Theoretical Research- (CANDAR’14)

    2014年12月   IEICE Technical Committee on Computer Systems   “Parallelization of QUAD Stream Cipher using Linear Recurring Sequences on Graphics Processing Units” Satoshi Tanaka, Chen-Mou Cheng, Takanori Yasuda and Kouichi Sakurai

     詳細を見る

    “Parallelization of QUAD Stream Cipher using Linear Recurring Sequences on Graphics Processing Units”

  • 第26回 独創性を拓く 先端技術大賞 経済産業大臣賞

    2012年7月   日本工業新聞社主催 審査委員会は文部科学省、経済産業省、フジサンケイ ビジネスアイ、フジサンケイグループ関係者から構成   2005年からKDDI研究所と共同で設計開発した 高速ストリーム暗号 アルゴリズム「KCipher-2」の標準化が、2011年に成功しISO国際標準規格として採用された。 「KCipher-2」は、KDDI研と下名が共同で設計し、KDDI研によって商用化された高速ストリーム暗号アルゴリズムである。 「KCipher-2」は、携帯電話機等の小型で処理能力が限られた機器や大容量データの高速処理向けに設計し、暗号化と復号に同じ鍵を使用する共通鍵暗号方式である。 共通鍵暗号方式で米国標準のAES と比べて、最大10倍の速さで暗号化と復元を実現している。 KDDIとKDDI研は現在、「KCipher-2」の高速・軽量という特徴を生かし、マルチメディアコンテンツ配信やデータセンターなど大容量のデータを扱う分野や、 携帯電話やICカードなどリソースが限られた中で高速な処理を求められる分野に積極的に展開している。 この業績により 2012年に第26回 独創性を拓く 先端技術大賞経済大臣賞をKDDI研究所ともに櫻井は受賞した。

  • JWIS論文賞

    2010年9月   IEICE ICSS研究会   2010年 9月 The 5th Joint Workshop on Information Security (JWIS 2010) Examination about the application to the color image of the digital watermark based on Benford’s Law (論文賞受賞) Jointwork with K.Noda and Y.Ueshige

  • 第4回コンピュータセキュリティシンポジウム優秀論文賞

    2001年11月   情報処理学会  

  • 坂井特別記念賞授賞

    2000年5月   情報処理学会  

  • 情報処理学会論文賞授賞

    2000年5月   情報処理学会  

▼全件表示

論文

  • Hyperledger Fabric-Based Multi-Channel Structure for Data Exchange in Internet of Vehicles 査読

    Yiluo Liu, Yaokai Feng, Kouichi Sakurai

    Electronics   14 ( 3 )   1 - 25   2025年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.3390/electronics14030572

    リポジトリ公開URL: https://hdl.handle.net/2324/7337636

  • An Approach to Multi-Class Intrusion Detection Based on Feature Subspaces and Weighted Fusion 査読

    Rui Liu, Yaokai Feng, Kouichi Sakurai

    The 7th IEEE Conference on Dependable and Secure Computing (IEEE DSC2024), 2024   2024年11月

     詳細を見る

    担当区分:責任著者   記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A statistical verification method of random permutations for hiding countermeasure against side-channel attacks, 査読 国際共著

    Jong-Yeon Park, Jang-Won Ju, Wonil Lee, Bo Gyeong Kang, Yasuyuki Kachi, Kouichi Sakurai

    Journal of Information Security and Applications,   84   2024年8月   ISSN:2214-2126

     詳細を見る

    担当区分:最終著者   記述言語:英語   掲載種別:研究論文(学術雑誌)   出版者・発行元:Elsevier  

    Hiding countermeasure is among the best-known secure implementation techniques designed to counteract side-channel attacks. It uses a permutation algorithm to shuffle data. In today’s Post-Quantum Cryptography (PQC), hiding countermeasure has earned the limelight for its “shufflability” in lattice-based, and code-based, cryptographic algorithms. In this narrative, most importantly, as a rule, fast generation of permutations is paramount to both efficacy and security of an algorithm. The Fisher–Yates (FY) shuffling method has long been a popular choice for this purpose: the FY method generates randomly shuffled (finite) indices. However, despite its theoretical verity, with the FY method we anticipate the following risks of misuse, which can lead to biased shuffling sequences: (i) incorrect implementation, (ii) poor random source, and (iii) the chosen random number being too small. In this paper, we introduce a new statistical test called “approximate permutation criterion” (“APC”). We use it to examine some known cases of misused FY shuffling (i–iii). APC takes into consideration the fact that the super-exponential rate of growth of the factorial function N!, which represents the number of permutations of N indices, defies any meaningful form of statistical tests. With APC one can verify whether the output permutations are biased or not with much lower testing cost. Mathematically, in this paper we introduce the so-called “kth order permutation verification”, the underpinning notion upon which APC is based. We also compare APC with full sample space to demonstrate how well it encapsulates the statistical randomness of random permutations. We thereby provide a new method that identifies a bias that exists in the output permutations when implementing FY Shuffling through a visual ratio test and the chi-square (χ2) distribution test.
    Keywords: Side channel attack; Countermeasure; Shuffling; Hiding method; Random permutation; Post-quantum cryptography

    DOI: https://doi.org/10.1016/j.jisa.2024.103797

    オープンデータURL: https://www.sciencedirect.com/science/article/pii/S2214212624001005

  • Learning asymmetric encryption using adversarial neural networks. 査読 国際誌

    Ishak Meraouche, Sabyasachi Dutta, Haowen Tan, Kouichi Sakurai

    Eng. Appl. Artif. Intell. 123(Part B): 106220 (2023)   2023年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: https://doi.org/10.1016/j.engappai.2023.106220

    その他リンク: https://www.sciencedirect.com/science/article/abs/pii/S0952197623004049?via%3Dihub

  • Almost fully anonymous attribute-based group signatures with verifier-local revocation and member registration from lattice assumptions 査読

    Maharage Nisansala Sevwandi Perera, Toru Nakamura, Masayuki Hashimoto, Hiroyuki Yokoyama, Kouichi Sakurai

    Theoretical Computer Science   891   131 - 148   2021年11月

     詳細を見る

    担当区分:最終著者   記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: https://doi.org/10.1016/j.tcs.2021.08.033

    オープンデータURL: https://www.sciencedirect.com/science/article/pii/S0304397521005107?via%3Dihub

  • Conditional Generative Adversarial Network-Based Image Denoising for Defending Against Adversarial Attack. 招待 査読 国際誌

    #Haibo ZHANG, @Kouichi SAKURAI

    IEEE Access 9: 48157-48173 (2021)   2021年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 0.1109/ACCESS.2021.3065872.

    その他リンク: https://ieeexplore.ieee.org/document/9378511

  • A Survey of Software Clone Detection From Security Perspective 査読 国際誌

    #Haibo Zhang @Kouichi Sakurai

    IEEE Access 9: 48157-48173 (2021)   2021年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1109/ACCESS.2021.3065872

    その他リンク: https://ieeexplore.ieee.org/document/9378511

  • Neural Networks-Based Cryptography: A Survey. 査読 国際誌

    #Ishak Meraouche, @Sabyasachi Dutta, @Haowen Tan, @Kouichi Sakurai:

    IEEE Access 9: 124727-124740 (2021)   2021年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1109/ACCESS.2021.3109635

  • A Secure Ticket-Based Authentication Mechanism for Proxy Mobile IPv6 Networks in Volunteer Computing 査読 国際共著

    Mojtaba Alizadeh, Mohammad Hesam Tadayon, Kouichi Sakurai, Hiroaki Anada, Alireza Jolfaei

    ACM Transactions on Internet Technology   21 ( 4 )   1 - 16   2021年7月

     詳細を見る

    担当区分:責任著者   記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: https://doi.org/10.1145/340718

    オープンデータURL: https://dl.acm.org/doi/10.1145/3407189

  • One Pixel Attack for Fooling Deep Neural Networks 査読 国際誌

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    IEEE Transactions on Evolutionary Computation   23 ( 5 )   828 - 841   2019年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Recent research has revealed that the output of deep neural networks (DNNs) can be easily altered by adding relatively small perturbations to the input vector. In this paper, we analyze an attack in an extremely limited scenario where only one pixel can be modified. For that we propose a novel method for generating one-pixel adversarial perturbations based on differential evolution (DE). It requires less adversarial information (a black-box attack) and can fool more types of networks due to the inherent features of DE. The results show that 67.97% of the natural images in Kaggle CIFAR-10 test dataset and 16.04% of the ImageNet (ILSVRC 2012) test images can be perturbed to at least one target class by modifying just one pixel with 74.03% and 22.91% confidence on average. We also show the same vulnerability on the original CIFAR-10 dataset. Thus, the proposed attack explores a different take on adversarial machine learning in an extreme limited scenario, showing that current DNNs are also vulnerable to such low dimension attacks. Besides, we also illustrate an important application of DE (or broadly speaking, evolutionary computation) in the domain of adversarial machine learning: creating tools that can effectively generate low-cost adversarial attacks against neural networks for evaluating robustness.

    DOI: 10.1109/TEVC.2019.2890858

  • Light Weight Write Mechanism for Cloud Data 査読 国際誌

    Mosarrat Jahan, Mohsen Rezvani, Qianrui Zhao, Partha Sarathi Roy, Kouichi Sakurai, Aruna Seneviratne, Sanjay Jha

    IEEE Transactions on Parallel and Distributed Systems   29 ( 5 )   1131 - 1146   2018年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Outsourcing data to the cloud for computation and storage has been on the rise in recent years. In this paper we investigate the problem of supporting write operation on the outsourced data for clients using mobile devices. We consider the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it is well suited to support access control in outsourced cloud environments. One shortcoming of CP-ABE is that users can modify the access policy specified by the data owner if write operations are incorporated in the scheme. We propose a protocol for collaborative processing of outsourced data that enables the authorized users to perform write operation without being able to alter the access policy specified by the data owner. Our scheme is accompanied with a light weight signature scheme and simple, inexpensive user revocation mechanism to make it suitable for processing on resource-constrained mobile devices. The implementation and detailed performance analysis of the scheme indicate the suitability of the proposed scheme for real mobile applications. Moreover, the security analysis demonstrates that the security properties of the system are not compromised.

    DOI: 10.1109/TPDS.2017.2782253

  • One pixel attack for fooling deep neural networks 査読

    Jiawei Su, Danilo Vasconcellos Vargas, Sakurai Kouichi

    IEEE Trans. Evol. Comput.   23 ( 5 )   828 - 841   2017年10月

     詳細を見る

    担当区分:最終著者   記述言語:その他   掲載種別:研究論文(学術雑誌)  

    Recent research has revealed that the output of Deep Neural Networks (DNN)
    can be easily altered by adding relatively small perturbations to the input
    vector. In this paper, we analyze an attack in an extremely limited scenario
    where only one pixel can be modified. For that we propose a novel method for
    generating one-pixel adversarial perturbations based on differential evolution
    (DE). It requires less adversarial information (a black-box attack) and can
    fool more types of networks due to the inherent features of DE. The results
    show that 67.97% of the natural images in Kaggle CIFAR-10 test dataset and
    16.04% of the ImageNet (ILSVRC 2012) test images can be perturbed to at least
    one target class by modifying just one pixel with 74.03% and 22.91% confidence
    on average. We also show the same vulnerability on the original CIFAR-10
    dataset. Thus, the proposed attack explores a different take on adversarial
    machine learning in an extreme limited scenario, showing that current DNNs are
    also vulnerable to such low dimension attacks. Besides, we also illustrate an
    important application of DE (or broadly speaking, evolutionary computation) in
    the domain of adversarial machine learning: creating tools that can effectively
    generate low-cost adversarial attacks against neural networks for evaluating
    robustness.

    DOI: 10.1109/TEVC.2019.2890858

  • A proposal of event study methodology with Twitter sentimental analysis for risk management. 査読 国際誌

    Tomohisa ISHIKAWA, Kouichi Sakurai

    Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication, IMCOM 2017, Beppu, Japan, January 5-7, 2017. ACM 2017,   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

    その他リンク: http://dl.acm.org/citation.cfm?id=3022240

  • Character-based symmetric searchable encryption and its implementation and experiment on mobile devices. 査読 国際誌

    Takanori SSUGA, Takashi NISHIDE, Kouichi Sakurai

    Security and Communication Networks   9 ( (12) )   1717 - 1725   2016年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: DOI: 10.1002/sec.876

    その他リンク: http://onlinelibrary.wiley.com/doi/10.1002/sec.876/abstract

  • A Hybrid Encryption Scheme with Key-cloning Protection: User / Terminal Double Authentication via Attributes and Fingerprints 招待 査読 国際誌

    Chunlu Chen, Hiroaki ANADA, Junpei Kawamoto, Kouichi Sakurai

    Journal of Internet Services and Information Security, Volume 6   2016年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Internet service has enabled digital contents to be shared faster and easier, but on the other side it raised an issue of illegal copy of the digital contents. Public key encryption schemes solve this issue partially. However, there is still a weak point that the secret key is not completely protected; that is, public key encryption schemes suffer from illegal copy of secret keys (the key-cloning problem). In this paper, first, we discuss the usability of terminal fingerprints for key-cloning protection. Next, we propose a hybrid encryption scheme using terminal fingerprints to protect the secret keys from the key-cloning. Based on an assumption that the terminal fingerprint is unchangeable and unextractable even by the user of the terminal, our hybrid encryption scheme can be effectively used as a method of the key-cloning protection. Then, we instantiate our hybrid encryption scheme as a combination of the attribute-based encryption scheme and the RSA encryption scheme; the attribute-based encryp- tion scheme functions as a mechanism for authentication of user’s attributes, and the RSA encryption scheme functions as a mechanism for authentication of a terminal device. Terminal fingerprint that is a feature of the device is used to generate a secret key of the RSA encryption.

  • PLAINTEXT CHECKABLE ENCRYPTION WITH DESIGNATED CHECKER 査読 国際誌

    Angsuman Das, Avisheck Adhikari, Kouichi Sakurai

    ADVANCES IN MATHEMATICS OF COMMUNICATIONS   9 ( 1 )   2015年2月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.3934/amc.2015.9.37

  • Fast Implementation of KCipher-2 for Software and Hardware 査読

    Yuto Nakano, Kazuhide Fukushima, Shinsaku Kiyomoto, Tsukasa Ishiguro, Yutaka Miyake,, Toshiaki Tanaka, Kouichi Sakurai

    IEICE Trans.   97 ( D(1) )   43 - 52   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Secure and Privacy Preserving Hierarchical Wireless Sensor Networks using Hybrid Key Management Technique

    Sushimita Ruj, Kouichi Sakurai

    2013 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM)   2013年12月

     詳細を見る

    記述言語:英語  

    DOI: 10.1109/GLOCOM.2013.6831104

  • K2: A Stream Cipher Algorithm using Dynamic Feedback Control. 査読 国際誌

    Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai:

    SECRYPT 2007   2007年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

    2005年からKDDI研究所と共同で設計開発した
    動的フィードバックレジスタを採用した
    高速ストリーム暗号 アルゴリズムであり、KDDI研と下名が共同で設計し、KDDI研によって商用化された高速ストリーム暗号アルゴリズムである。

  • FOREWORD

    SAKURAI Kouichi

    IEICE Transactions on Information and Systems   E107.D ( 9 )   1110 - 1111   2024年9月   ISSN:09168532 eISSN:17451361

     詳細を見る

    記述言語:英語   出版者・発行元:一般社団法人 電子情報通信学会  

    DOI: 10.1587/transinf.2023bcf0001

    CiNii Research

  • Special Section on Security and Privacy in Blockchain

    Sakurai, K

    IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS   E107D ( 9 )   1110 - 1111   2024年9月   ISSN:0916-8532 eISSN:1745-1361

     詳細を見る

  • Secured tracing for group signatures from attribute-based encryption

    Maharage Nisansala Sevwandi Perera,Takashi Matsunaka, Hiroyuki Yokoyama, Kouichi Sakurai

    Concurrency and Computation: Practice and Experience   36 ( 15 )   2024年7月

     詳細を見る

    担当区分:最終著者   記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: https://doi.org/10.1002/cpe.7986

    オープンデータURL: https://onlinelibrary.wiley.com/doi/10.1002/cpe.7986

  • A Design of Internet of Vehicles System Incorporating Lightweight Roadside Units and Blockchain Strategy 査読

    Yiluo Liu, Yaokai Feng, Kouichi Sakurai

    The 18th International Conference on Ubiquitous Information Management and Communication, IEEE   1 - 8   2024年1月   ISBN:9798350331011

     詳細を見る

    掲載種別:研究論文(国際会議プロシーディングス)   出版者・発行元:Proceedings of the 2024 18th International Conference on Ubiquitous Information Management and Communication, IMCOM 2024  

    The accelerated advancement and ubiquitous adoption of smart vehicles, coupled with the Internet of Things (IoT), has propelled the Internet of Vehicles (IoV) to prominence as a pivotal and expansive area of research within the IoT sphere. An important challenge in IoV design lies in the efficient execution of data storage and sharing mechanisms. The successful implementation of blockchain technology across various disciplines has sparked intrigue amongst researchers to unearth its potential applicability within the IoV context. In the related works, Blockchain-based IoV systems are usually composed of three layers: the vehicle layer, the roadside units (RSUs) layer, and the blockchain or cloud layer. The RSUs layer is often required to perform numerous tasks throughout the system. Stability during rush hours is worth considering. RSUs need to receive a lot of data during rush hours and may also undertake data computing tasks. Based on the characteristics of distributed ledges, the issue of substantial storage overhead looms as a complex problem with the escalating size of the block list. Although some solutions are being proposed, such as fragmented ledger, there are still security concerns. Data security cannot be guaranteed while reducing storage overhead. To combat the stability and cost concerns associated with Roadside Units (RSUs), we delegate the majority of RSU functionalities to other layers of the system. Further, we incorporate a secure blockchain strategy - deploying an outer and inner blockchain to fortify the security and resilience of the overall blockchain network. Based on the autonomous execution characteristics of smart contracts, we try to use smart contracts for data transmission. We use Solidity to write the smart contract and test it on the Remix IDE with the aim of testing the smart contract's operability in terms of data transmission. We scrutinise the data transmission process via smart contracts, and the empirical results corroborate the effectiveness of our uniquely designed process.

    DOI: 10.1109/IMCOM60618.2024.10418375

    Scopus

    researchmap

  • SoK: Directions and Issues in Formal Verification of Payment Protocols

    Sakurada, H; Sakurai, K

    ADVANCED INFORMATION NETWORKING AND APPLICATIONS, VOL 4, AINA 2024   202   111 - 119   2024年   ISSN:2367-4512 ISBN:978-3-031-57915-8

     詳細を見る

    出版者・発行元:Lecture Notes on Data Engineering and Communications Technologies  

    Consumers use various payment methods to purchase goods and services from retailers, such as cash, credit cards, debit cards, prepaid cards, and barcodes/two-dimensional codes. In the past, in the case of in-store payments using credit cards, the in-store terminal read the card number from the magnetic strip on the card and sent it with other purchase information to the credit card network. Recently, to prevent counterfeiting, the IC chip on the credit card and the in-store terminal communicates to authenticate each other and process the payment transaction. The medium of communication is not only contact but also contactless (“touch" payment), Moreover, the in-store terminal may process the payment either online or offline and optionally may require the customer to input their PIN. Various protocols and protocol flows are used depending on the medium and how the payment is processed. Credit cards are also used for remotely purchasing goods or services; in this case, other protocols and protocol flows are used. In some such protocols, researchers found serious security flaws that allow a malicious party to fraudulently purchase goods in such a way that is not allowed for legitimate customers. Such flaws must be fixed, but it is hard to fix and deploy protocols after they are widely used. Formal verification is a method to analyze and verify the security of such protocols and to detect flaws before they are widely deployed. In this paper, we will discuss the research trends in formal verification of the security of various cashless payment protocols, as well as future issues.

    DOI: 10.1007/978-3-031-57916-5_10

    Web of Science

    Scopus

  • Research Directions in Formal Verification of Network Configurations Toward Verification of Mobile Networks

    Sakurada H., Sakurai K.

    Communications in Computer and Information Science   2095 CCIS   248 - 259   2024年   ISSN:18650929 ISBN:9789819744640

     詳細を見る

    出版者・発行元:Communications in Computer and Information Science  

    This paper reviews current research trends in the formal verification of computer network configurations, specifically focusing on formal verification for software-defined networking (SDN). We explore the challenges encountered when applying formal verification, comparing its application to pre-SDN network verification efforts. Additionally, we discuss the potential application of formal verification in mobile networks. We first provide an overview of research on the formal verification of virtual LAN (VLAN) configurations, which predates the emergence of SDN. We next illustrate SDN and existing research applying formal verification to SDN. Finally, we briefly examine potential scenarios for applying formal verification to mobile networks.

    DOI: 10.1007/978-981-97-4465-7_18

    Scopus

  • Extension of Resource Authorization Method with SSI in Edge Computing

    Watanabe, R; Kubota, A; Kurihara, J; Sakurai, K

    ADVANCED INFORMATION NETWORKING AND APPLICATIONS, VOL 6, AINA 2024   204   385 - 394   2024年   ISSN:2367-4512 ISBN:978-3-031-57941-7

  • Experimental Exploration of the Power of Conditional GAN in Image Reconstruction-Based Adversarial Attack Defense Strategies

    Zhang, HB; Sakurai, K

    ADVANCED INFORMATION NETWORKING AND APPLICATIONS, VOL 3, AINA 2024   201   151 - 162   2024年   ISSN:2367-4512 ISBN:978-3-031-57869-4

  • Enhancing Security and Efficiency: A Lightweight Federated Learning Approach

    Chen, CL; Wang, KIK; Li, P; Sakurai, K

    ADVANCED INFORMATION NETWORKING AND APPLICATIONS, VOL 4, AINA 2024   202   349 - 359   2024年   ISSN:2367-4512 ISBN:978-3-031-57915-8

     詳細を見る

    出版者・発行元:Lecture Notes on Data Engineering and Communications Technologies  

    Recently, as big data and AI technology advance, data privacy and security are increasingly critical. Federated Learning (FL) has become a key solution in machine learning to address these concerns. In this paper, we present a secure and lightweight FL scheme. It employs masking and Secret Sharing (SS) to securely aggregate data from distributed clients, thereby reducing the demands of model training on system resources. The scheme also computes data similarity among clients to evaluate each client’s contribution, defending against challenges posed by malicious clients. This approach safeguards privacy, facilitates accurate model updates, and addresses the challenges of limited resources in edge computing environments. We subjected our framework to rigorous validation using MNIST datasets. Experimental outcomes unequivocally substantiate the efficacy of our proposed methodology.

    DOI: 10.1007/978-3-031-57916-5_30

    Web of Science

    Scopus

  • Design and Performance Evaluation of a Two-Stage Detection of DDoS Attacks Using a Trigger with a Feature on Riemannian Manifolds

    Lyu, Y; Feng, YK; Sakurai, K

    ADVANCED INFORMATION NETWORKING AND APPLICATIONS, VOL 4, AINA 2024   202   133 - 144   2024年   ISSN:2367-4512 ISBN:978-3-031-57915-8

     詳細を見る

    出版者・発行元:Lecture Notes on Data Engineering and Communications Technologies  

    The DDoS attack remains one of the leading attacks today. To reduce the number of resource-consuming detection algorithm calls, the trigger-based two-stage detection approach has been proposed. In such systems, trigger mechanisms, including trigger features and threshold update algorithms, play an important role in detection performance. It is also important what features are used in the second stage of detection. In this study, 1) we introduce a Riemannian manifold metric (work) as a trigger feature for the first time since it was proven that traffic data is a Riemannian manifold; 2) we propose a new mechanism to update the trigger threshold based on historical flow data and the feedback of the second-stage detection results; 3) the feature selection algorithm ECOFS is used for the second stage detection. Experimental results using public datasets show that our proposal calls much less of the second-stage detection than the latest trigger-based two-step detection systems.

    DOI: 10.1007/978-3-031-57916-5_12

    Web of Science

    Scopus

  • A Multi-Head Federated Continual Learning Approach for Improved Flexibility and Robustness in Edge Environments 査読 国際共著

    Chunlu Chen, Kevin I-Kai Wang, Peng Li, Kouichi Sakurai

    International Journal of Networking and Computing   14 ( 2 )   2024年

     詳細を見る

    担当区分:最終著者   記述言語:英語   掲載種別:研究論文(学術雑誌)  

    オープンデータURL: http://www.ijnc.org/index.php/ijnc/article/view/318

  • Secured tracing for group signatures from attribute-based encryption

    Perera, MNS; Matsunaka, T; Yokoyama, H; Sakurai, K

    CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE   36 ( 15 )   2023年12月   ISSN:1532-0626 eISSN:1532-0634

     詳細を見る

    出版者・発行元:Concurrency and Computation: Practice and Experience  

    This article presents a tracing mechanism for group signatures answering the security threats of malicious authorities and users' forgeries. The proposal weakens the high trust placed on the centralized tracing party in previous group signatures by decentralizing tracing power using a multiple tracer setting and limiting the tracers' access using attribute-based encryption and the requirement of the group manager's agreement. We allow the group manager to control tracers identifying his group users. Instead of a centralized tracer, our setting has multiple tracers possessing attribute sets. Thus, after getting the group manager's permission, a tracer should satisfy the access policy in a given signature to identify the signer. On the other hand, our group signature scheme decentralizes the tracing key generation and removes the group manager's tracing ability. Thus, it ensures that only the attribute-satisfying and permitted tracers can identify the signer. Moreover, this article delivers security against malicious users. It presents a verification process of access policy of the signatures to prevent users from utilizing invalid attributes for signing. In addition, the article delivers a collaborative tracing mechanism to satisfy attribute sets that a tracer fails to fulfill alone for identifying a signer. Thus, our tracing mechanism ensures security against malicious authorities and group users in group signatures. The article gives the general construction of the scheme and discusses the security.

    DOI: 10.1002/cpe.7986

    Web of Science

    Scopus

  • An Efficient Vehicle-Assisted Aggregate Authentication Scheme for Infrastructure-Less Vehicular Networks

    Tan, HW; Zheng, WY; Vijayakumar, P; Sakurai, K; Kumar, N

    IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS   24 ( 12 )   15590 - 15600   2023年12月   ISSN:1524-9050 eISSN:1558-0016

     詳細を見る

    出版者・発行元:IEEE Transactions on Intelligent Transportation Systems  

    In recent years, growing research interest from both industry and academia has been aroused to the vehicular networks, which is regarded as the fundamental component of the modern intelligent transportation system (ITS). Lots of remarkable research outputs with respect to secure vehicular data interactions and user privacy preservation has been witnessed. However, the existing schemes all focus on the common vehicular communication scenarios where facilities are deployed, whereas the secure data exchange in the abnormal infrastructure-less vehicular environment has not been properly investigated. To deal with unpredictable abnormal situations caused by artificial or natural disasters such as earthquakes and floods, a distinctive vehicle-assisted aggregate authentication mechanism for infrastructure-less vehicular networks is presented in this paper. With assistance from the neighboring vehicles, the homomorphic signature involving all requesting vehicles is generated and forwarded to the remaining functional RSUs. Meanwhile, vehicular group communication among the validated entities is enabled. Additionally, the fault-tolerant verification method is adopted such that the ineffective entities can be easily distinguished and removed without interfering with other requesting vehicles. The security proofs and discussions regarding vital security properties are presented, while the performance analysis follows. Compared with the state-of-the-art, advantages in terms of security and performance properties can be proved.

    DOI: 10.1109/TITS.2022.3176406

    Web of Science

    Scopus

  • Application and Limitations of Digital Signature Schemes for Implementing Non-Fungible Token (NFT): Exploring Designated Confirmer Signatures and Blockchain Technology for Non-Fungible Token (NFT) Implementation

    Ikebe K., Hata Y., Nakamura T., Isohara T., Sakurai K.

    ACM International Conference Proceeding Series   119 - 125   2023年10月   ISBN:9798400708534

     詳細を見る

    出版者・発行元:ACM International Conference Proceeding Series  

    The ERC721 standard defines a Non-Fungible Token (NFT) as an identifier that uniquely identifies digital data recorded on a blockchain. The NFT currently in use claim to ensure the uniqueness of the contents associated with the NFT by taking advantage of the tamper-resistant characteristics of the blockchain data. Besides, digital signatures based on public-key encryption is a representative technique to prevent digital data from being falsified, and its application to NFT is also discussed. In this study, we first consider an NFT implementation by applying a designated confirmer signature using an interactive verification method without using blockchain technology. We design an NFT issuance protocol that guarantees the uniqueness of data with a designated confirmer signature, and evaluate the security of the protocol. Moreover, we compare it with existing blockchain implementations. By analyzing the both methods, we aim to provide insights into the potential applications and performance in using designated confirmer signatures for NFT. Our findings contribute to the ongoing research on secure and efficient mechanisms for ensuring the integrity and uniqueness of digital assets in decentralized systems.

    DOI: 10.1145/3634814.3634831

    Scopus

  • Phoenix: A Live Upgradable Blockchain Client

    Wang, CM; Li, P; Fan, XP; Tang, ZY; Zeng, YL; Sakurai, K

    IEEE TRANSACTIONS ON SUSTAINABLE COMPUTING   8 ( 4 )   703 - 714   2023年10月   ISSN:2377-3782

     詳細を見る

    出版者・発行元:IEEE Transactions on Sustainable Computing  

    Blockchain is an important supporting technology for various sustainable systems. It relies on a number of distributed nodes running blockchain client software, which is responsible for some critical tasks, such as communicating with other nodes and generating new blocks. However, the quick evolution of blockchain technology brings crucial challenges to blockchain client design. After carefully examining existing blockchain client software, we have identified a critical weakness: Blockchain clients are weak in supporting live upgrades, resulting in a blockchain fork that incurs security concerns and risks. In this article, we propose Phoenix, a novel blockchain client design that is live upgradable. Phoenix uses blockchain service encapsulation to decouple blockchain services. Based on service encapsulation, we propose a live upgrade scheme that packs upgrade codes into blockchain transactions and uses a Just-In-Time engine to avoid service interruption. A parallel execution engine is developed to increase service efficiency. We evaluated Phoenix on a 51-node blockchain, and experimental results show that Phoenix outperforms existing solutions in overhead and upgrade latency.

    DOI: 10.1109/TSUSC.2023.3282586

    Web of Science

    Scopus

  • Learning asymmetric encryption using adversarial neural networks

    Meraouche, I; Dutta, S; Tan, HW; Sakurai, K

    ENGINEERING APPLICATIONS OF ARTIFICIAL INTELLIGENCE   123   2023年8月   ISSN:0952-1976 eISSN:1873-6769

     詳細を見る

    出版者・発行元:Engineering Applications of Artificial Intelligence  

    We propose a multi-agent adversarial neural networks model where a sender (Alice) and a receiver (Bob) are able to learn to use a pair of public/private keys in order to protect their communication from one or more attackers/eavesdroppers. Existing work in the field required shared symmetric information between Alice and Bob before initiating the training process. To the best of our knowledge, this is the first work in which Alice and Bob with asymmetric information can train themselves to protect their communication. Our initial model setup contains five agents: sender Alice, receiver Bob, eavesdropper Eve and two neural networks (we call them public keys generator and private keys generator) that, based on a (secret) random noise from Bob, will generate a pair of public/private keys that allows Alice to encrypt a message with the public key and Bob to decrypt the message with the private key while preventing Eve from decrypting the secret message using the public key. We show that the neural networks are able to establish a communication and secure it from Eve. Finally, we consider adversaries stronger than Eve to model leakage attacks, chosen plaintext attacks (CPA) and test the distinguishability between ciphertexts. The last three experiments show that neural networks (with asymmetric information) can secure the communication providing stronger security guarantees and resilience to leakage attacks which may include leakage from the private key.

    DOI: 10.1016/j.engappai.2023.106220

    Web of Science

    Scopus

  • Electroencephalography signals-based sparse networks integration using a fuzzy ensemble technique for depression detection

    Soni, S; Seal, A; Mohanty, SK; Sakurai, K

    BIOMEDICAL SIGNAL PROCESSING AND CONTROL   85   2023年8月   ISSN:1746-8094 eISSN:1746-8108

     詳細を見る

    出版者・発行元:Biomedical Signal Processing and Control  

    Today, depression is a psychological condition that affects many individuals globally and, if untreated, can negatively impact one's emotions and lifestyle quality. Machine learning (ML) techniques have lately been used to identify mental illnesses using Electroencephalography (EEG) data. These signals are difficult and time-consuming to interpret visually because they are intricate, non-static, and irregular. As a result, computer-assisted early depression detection systems are highly desirable. The study proposes a feature extraction method for each EEG signal channel by building a sparse graph from the complete complex network using a k-round minimum spanning tree. The subjects in the dataset depict the graph's nodes, and their relationship represents the edge weights, which are determined using the Euclidean distance. Then, features from the sparse graph are extracted using the Node2vec approach and fed into classifiers to get a probability score. Finally, a fuzzy ensemble strategy is exploited at the decision level for integrating probability scores to distinguish depressed subjects from healthy people. Several experiments comparing the proposed method to seven other approaches on four publicly available datasets demonstrate the importance and superiority of the proposed strategy. The K-Nearest Neighbor classifier used in the suggested method produces the highest classification accuracy across the four datasets, with scores of 0.916, 0,960, and 0.940 respectively.

    DOI: 10.1016/j.bspc.2023.104873

    Web of Science

    Scopus

  • Ameliorative effects of Fingolimod (FTY720) on microglial activation and psychosis-related behavior in short term cuprizone exposed mice

    Li, SY; Sakurai, K; Ohgidani, M; Kato, TA; Hikida, T

    MOLECULAR BRAIN   16 ( 1 )   59   2023年7月   eISSN:1756-6606

     詳細を見る

  • Current Perspectives on Securing Critical Infrastructures' Supply Chains

    Roman, R; Alcaraz, C; Lopez, J; Sakurai, K

    IEEE SECURITY & PRIVACY   21 ( 4 )   29 - 38   2023年7月   ISSN:1540-7993 eISSN:1558-4046

     詳細を見る

    出版者・発行元:IEEE Security and Privacy  

    Digitalization and industrial paradigms are transforming the landscape of critical infrastructures and supply chains. With emerging technologies, it is possible to deploy services to enhance trust and transparency, but they are susceptible to threats, as discussed in this article.

    DOI: 10.1109/MSEC.2023.3247946

    Web of Science

    Scopus

  • A Review on Machine Unlearning

    Zhang H., Nakamura T., Isohara T., Sakurai K.

    SN Computer Science   4 ( 4 )   2023年7月   ISSN:2662995X

     詳細を見る

    出版者・発行元:SN Computer Science  

    Recently, an increasing number of laws have governed the useability of users’ privacy. For example, Article 17 of the General Data Protection Regulation (GDPR), the right to be forgotten, requires machine learning applications to remove a portion of data from a dataset and retrain it if the user makes such a request. Furthermore, from the security perspective, training data for machine learning models, i.e., data that may contain user privacy, should be effectively protected, including appropriate erasure. Therefore, researchers propose various privacy-preserving methods to deal with such issues as machine unlearning. This paper provides an in-depth review of the security and privacy concerns in machine learning models. First, we present how machine learning can use users’ private data in daily life and the role that the GDPR plays in this problem. Then, we introduce the concept of machine unlearning by describing the security threats in machine learning models and how to protect users’ privacy from being violated using machine learning platforms. As the core content of the paper, we introduce and analyze current machine unlearning approaches and several representative results and discuss them in the context of the data lineage. Furthermore, we also discuss the future research challenges in this field.

    DOI: 10.1007/s42979-023-01767-4

    Scopus

  • A Survey on Feature Selection Techniques Based on Filtering Methods for Cyber Attack Detection

    馮 尭鍇, 櫻井 幸一

    Information   14 ( 3 )   191   2023年3月   eISSN:20782489

     詳細を見る

    記述言語:英語   出版者・発行元:Multidisciplinary Digital Publishing Institute(MDPI)  

    Cyber attack detection technology plays a vital role today, since cyber attacks have been causing great harm and loss to organizations and individuals. Feature selection is a necessary step for many cyber-attack detection systems, because it can reduce training costs, improve detection performance, and make the detection system lightweight. Many techniques related to feature selection for cyber attack detection have been proposed, and each technique has advantages and disadvantages. Determining which technology should be selected is a challenging problem for many researchers and system developers, and although there have been several survey papers on feature selection techniques in the field of cyber security, most of them try to be all-encompassing and are too general, making it difficult for readers to grasp the concrete and comprehensive image of the methods. In this paper, we survey the filter-based feature selection technique in detail and comprehensively for the first time. The filter-based technique is one popular kind of feature selection technique and is widely used in both research and application. In addition to general descriptions of this kind of method, we also explain in detail search algorithms and relevance measures, which are two necessary technical elements commonly used in the filter-based technique.

    CiNii Research

  • 機械アンラーニングの研究に関する現状と課題

    張 海波, 櫻井 幸一

    人工知能   38 ( 2 )   197 - 205   2023年3月   ISSN:21882266 eISSN:24358614

     詳細を見る

    記述言語:日本語   出版者・発行元:一般社団法人 人工知能学会  

    DOI: 10.11517/jjsai.38.2_197

    CiNii Research

  • 特集:「AI セキュリティの研究動向」特集「AI セキュリティの研究動向」にあたって

    大塚 玲, 櫻井 幸一

    人工知能   38 ( 2 )   178 - 179   2023年3月   ISSN:21882266 eISSN:24358614

     詳細を見る

    記述言語:日本語   出版者・発行元:一般社団法人 人工知能学会  

    DOI: 10.11517/jjsai.38.2_178

    CiNii Research

  • A Survey on Feature Selection Techniques Based on Filtering Methods for Cyber Attack Detection 査読

    Lyu, Y; Feng, YK; Sakurai, K

    INFORMATION   14 ( 3 )   2023年3月   eISSN:2078-2489

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)   出版者・発行元:Information (Switzerland)  

    Cyber attack detection technology plays a vital role today, since cyber attacks have been causing great harm and loss to organizations and individuals. Feature selection is a necessary step for many cyber-attack detection systems, because it can reduce training costs, improve detection performance, and make the detection system lightweight. Many techniques related to feature selection for cyber attack detection have been proposed, and each technique has advantages and disadvantages. Determining which technology should be selected is a challenging problem for many researchers and system developers, and although there have been several survey papers on feature selection techniques in the field of cyber security, most of them try to be all-encompassing and are too general, making it difficult for readers to grasp the concrete and comprehensive image of the methods. In this paper, we survey the filter-based feature selection technique in detail and comprehensively for the first time. The filter-based technique is one popular kind of feature selection technique and is widely used in both research and application. In addition to general descriptions of this kind of method, we also explain in detail search algorithms and relevance measures, which are two necessary technical elements commonly used in the filter-based technique.

    DOI: 10.3390/info14030191

    Web of Science

    Scopus

    researchmap

  • A two-stage detection system of DDoS attacks in SDN using a trigger with multiple features and self-adaptive thresholds 査読

    Muyuan Niu, Yaokai Feng, Kouichi Sakurai

    17th International Conference on Ubiquitous Information Management and Communication, IEEE   1 - 7   2023年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

    DOI: 10.1109/IMCOM56909.2023

    researchmap

  • 自動車の機能としてAI/MLを利用する場合のセキュリティ論証について

    溝口 誠一郎, 櫻井 幸一

    人工知能学会全国大会論文集   JSAI2023 ( 0 )   4D2GS1105 - 4D2GS1105   2023年   eISSN:27587347

     詳細を見る

    記述言語:日本語   出版者・発行元:一般社団法人 人工知能学会  

    <p>国連法規(UN-R155)により,自動車メーカーは自動車がサイバーセキュリティを満たすことを説明しなければならない.自動運転車ではAI/ML技術を用いるため,AL/ML技術に対するセキュリティについて検討する必要がある.本稿では,AI/ML技術を利用する自動車機能のサイバーセキュリティ論証について,その説明戦略について述べる.</p>

    DOI: 10.11517/pjsai.jsai2023.0_4d2gs1105

    CiNii Research

  • マシン・アンラーニングの研究と応用に関する現状と課題

    櫻井 幸一

    人工知能学会全国大会論文集   JSAI2023 ( 0 )   2L1GS1105 - 2L1GS1105   2023年   eISSN:27587347

     詳細を見る

    記述言語:日本語   出版者・発行元:一般社団法人 人工知能学会  

    <p>機械アンラーニング(Machine Unlearning)とは、システムに、記憶しているデータの一部を忘れさせた上で、次の学習訓練を行うことであり、その効率的処理法の研究が注文されている。背景には2016年4月に欧州が制定したGDPR(General Data Protection Regulation, 一般データ保護規則)の尊重する個人データ削除権や、情報漏洩だけではなく、人工知能の訓練データに利用されている個人情報や、芸術作品などのオプトアウトや著作権問題とも深く関係している。本講演では、この研究の現状と課題を紹介する。</p>

    DOI: 10.11517/pjsai.jsai2023.0_2l1gs1105

    CiNii Research

  • Towards Evaluating the Security of Human Computable Passwords Using Neural Networks

    Murata I., He P., Gu Y., Sakurai K.

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   13720 LNCS   303 - 312   2023年   ISSN:03029743 ISBN:9783031256585

     詳細を見る

    出版者・発行元:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    Passwords are playing a major role for authentication in our daily life. However contemporary passwords are typically either difficult to remember or vulnerable to various attacks. In 2017, Blocki, Blum, Datta and Vempala introduced the concept of human computable passwords as a promising authentication method. The fundamental concerns for designing human computable passwords are their usability and security. So far, the security evaluation on human computable passwords authentication schemes is mainly based on complexity-theoretic analysis. In this paper, we initially investigate the security of human computable passwords against neural network-based adversarial attacks. Specifically, we employ the typical multilayer perceptron (MLP) model to attempt to attack the human computable passwords authentication scheme proposed by Blocki-Blum-Datta-Vempala. We present implementation results and the corresponding analysis as well. Our results imply that it is possible for an MLP to learn a simple function, but is difficult for an MLP to learn piecewise functions well.

    DOI: 10.1007/978-3-031-25659-2_22

    Scopus

  • POSTER: Advancing Federated Edge Computing with Continual Learning for Secure and Efficient Performance

    Chen, CL; Wang, KIK; Li, P; Sakurai, K

    APPLIED CRYPTOGRAPHY AND NETWORK SECURITY WORKSHOPS, ACNS 2023 SATELLITE WORKSHOPS, ADSC 2023, AIBLOCK 2023, AIHWS 2023, AIOTS 2023, CIMSS 2023, CLOUD S&P 2023, SCI 2023, SECMT 2023, SIMLA 2023   13907   685 - 689   2023年   ISSN:0302-9743 ISBN:978-3-031-41180-9 eISSN:1611-3349

     詳細を見る

    出版者・発行元:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    Federated Learning (FL) and the Internet of Things (IoT) have transformed data processing and analysis, overcoming traditional cloud computing limitations. However, challenges such as catastrophic forgetting in continuous training scenarios arise. To address these, we propose an FL framework that supports continual learning while enhancing system security. We preserve critical knowledge through the incorporation of Knowledge Distillation (KD), addressing the issue of catastrophic forgetting. In addition, we have integrated encryption techniques to secure the updated parameters of clients from potential threats posed by attackers.

    DOI: 10.1007/978-3-031-41181-6_40

    Web of Science

    Scopus

  • POSTER: A Fine-Grained Metric for Evaluating the Performance of Adversarial Attacks and Defenses

    Zhang, HB; Yao, ZH; Sakurai, K

    APPLIED CRYPTOGRAPHY AND NETWORK SECURITY WORKSHOPS, ACNS 2023 SATELLITE WORKSHOPS, ADSC 2023, AIBLOCK 2023, AIHWS 2023, AIOTS 2023, CIMSS 2023, CLOUD S&P 2023, SCI 2023, SECMT 2023, SIMLA 2023   13907   690 - 694   2023年   ISSN:0302-9743 ISBN:978-3-031-41180-9 eISSN:1611-3349

     詳細を見る

    掲載種別:論文集(書籍)内論文   出版者・発行元:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    Over the past decade, the development of both adversarial attack methods and defense strategies has accelerated rapidly. Classification accuracy has been predominantly used as the sole metric for assessing model performance. However, when the reported accuracy rates of two models are identical or very similar, it becomes challenging to determine which model is superior. To address this issue and offer more insights into model performance, this study introduces a novel classification performance metric: the confidence gap. This metric is defined as the difference in confidence level between the true label and either the top 1 prediction or the second-best prediction, depending on the accuracy of the image classification. The confidence level, as indicated by its sign, reflects the correctness of the classification and provides more detailed information on the robustness of the classification result. Recognizing that evaluation results may be inconsistent when employing different criteria, we recommend that future research in this field should report the confidence gap alongside accuracy rates.

    DOI: 10.1007/978-3-031-41181-6_41

    Web of Science

    Scopus

    researchmap

  • Group Oriented Attribute-Based Encryption Scheme from Lattices with the Employment of Shamir’s Secret Sharing Scheme

    Perera M.N.S., Nakamura T., Matsunaka T., Yokoyama H., Sakurai K.

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   13983 LNCS   155 - 176   2023年   ISSN:03029743 ISBN:9783031398278

     詳細を見る

    掲載種別:研究論文(国際会議プロシーディングス)   出版者・発行元:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    This paper delivers a post-quantum construction for group-oriented attribute-based encryption (GO-ABE) using lattice-based cryptography. The GO-ABE scheme enables users from the same group to combine their attributes to satisfy a decryption policy without revealing their secret keys. GO-ABE is particularly useful when no single user can fulfill the decryption policy alone, but a group of users can satisfy it together. Li et al. introduced the idea of GO-ABE at NSS 2015, discussing its importance in accessing patient data during emergencies. However, since Li et al.’s scheme uses bilinear mappings, it is not secure against quantum attacks. To ensure security against quantum attacks, we construct the GO-ABE scheme using the post-quantum cryptographic primitive lattices, and employ Shamir’s secret sharing scheme to meet the GO-ABE requirements.

    DOI: 10.1007/978-3-031-39828-5_9

    Scopus

    researchmap

    その他リンク: https://dblp.uni-trier.de/db/conf/nss/nss2023.html#PereraNMYS23

  • Flexibility and Privacy: A Multi-Head Federated Continual Learning Framework for Dynamic Edge Environments

    Chen C., Wang K.I.K., Li P., Sakurai K.

    Proceedings - 2023 11th International Symposium on Computing and Networking, CANDAR 2023   1 - 10   2023年   ISBN:9798350306705

     詳細を見る

    出版者・発行元:Proceedings - 2023 11th International Symposium on Computing and Networking, CANDAR 2023  

    Federated Learning (FL) and the Internet of Things (IoT) have revolutionized data processing and analysis, overcoming the traditional limitations of cloud computing. However, traditional machine learning strategies lead to increased costs and catastrophic forgetting due to model retraining with new datasets. Continual learning has been proposed to counter this, enabling models to adapt to new data while preserving previous knowledge, which is beneficial for dynamic edge environments. Despite these advantages, the retention of previous knowledge during the continual learning process may lead to the information leakage. To address the inherent challenges of multitask scenarios, we present a Federated Continual Learning (FCL) framework that integrates the privacy-preserving benefits of Federated Learning (FL) into a continual learning system, ensuring both continual learning and privacy preservation in edge computing data processing and analysis. Specifically, our architecture introduces dedicated fully-connected layers for each task. This architecture ensures that distinctive features pertinent to each task are not only captured but also preserved throughout the model's lifespan. Within our framework, data is processed via task-specific layers. Subsequently, the final label is determined by associating it with the paramount prediction value, thus capitalizing on the model's comprehensive knowledge reservoir to bolster prediction accuracy. We subjected our FCL framework to rigorous validation using two benchmark datasets: MNIST and CFAR-10. Experimental outcomes unequivocally substantiate the efficacy of our proposed methodology.

    DOI: 10.1109/CANDAR60563.2023.00009

    Scopus

  • Factors associated with postpartum smoking relapse at early postpartum period of Japanese women in the Japan Environmental and Children's Study

    Anai, A; Asato, K; Tatsuta, N; Sakurai, K; Ota, C; Kuriyama, S; Sugawara, J; Arima, T; Yaegashi, N; Nakai, K

    ENVIRONMENTAL HEALTH AND PREVENTIVE MEDICINE   28   56   2023年   ISSN:1342-078X eISSN:1347-4715

     詳細を見る

  • Explicit Non-malleable Codes from Bipartite Graphs

    Satake, S; Gu, Y; Sakurai, K

    ARITHMETIC OF FINITE FIELDS, WAIFI 2022   13638   221 - 236   2023年   ISSN:0302-9743 ISBN:978-3-031-22943-5 eISSN:1611-3349

     詳細を見る

    掲載種別:論文集(書籍)内論文   出版者・発行元:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    Non-malleable codes are introduced to protect the communication against adversarial tampering of data, as a relaxation of the error-correcting codes and error-detecting codes. To explicitly construct non-malleable codes is a central and challenging problem which has drawn considerable attention and been extensively studied in the past few years. Recently, Rasmussen and Sahai built an interesting connection between non-malleable codes and (non-bipartite) expander graphs, which is the first explicit construction of non-malleable codes based on graph theory other than the typically exploited extractors. So far, there is no other graph-based construction for non-malleable codes yet. In this paper, we aim to explore more connections between non-malleable codes and graph theory. Specifically, we first extend the Rasmussen-Sahai construction to bipartite expander graphs. Accordingly, we establish several explicit constructions for non-malleable codes based on Lubotzky-Phillips-Sarnak Ramanujan graphs and generalized quadrangles, respectively. It is shown that the resulting codes can either work for a more flexible split-state model or have better code rate in comparison with the existing results.

    DOI: 10.1007/978-3-031-22944-2_14

    Web of Science

    Scopus

    researchmap

  • Eliminating Adversarial Perturbations Using Image-to-Image Translation Method

    Zhang, HB; Yao, ZH; Sakurai, K

    APPLIED CRYPTOGRAPHY AND NETWORK SECURITY WORKSHOPS, ACNS 2023 SATELLITE WORKSHOPS, ADSC 2023, AIBLOCK 2023, AIHWS 2023, AIOTS 2023, CIMSS 2023, CLOUD S&P 2023, SCI 2023, SECMT 2023, SIMLA 2023   13907   601 - 620   2023年   ISSN:0302-9743 ISBN:978-3-031-41180-9 eISSN:1611-3349

     詳細を見る

    掲載種別:論文集(書籍)内論文   出版者・発行元:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    Convolutional neural networks are widely used for image recognition tasks, but they are vulnerable to adversarial attacks that can cause the model to misclassify an image. Such attacks pose a significant security risk in safety-critical applications like facial recognition and autonomous driving. Researchers have made progress in defending against adversarial attacks through two approaches: enhancing the neural networks themselves to be more robust and removing the perturbation added to the image through pre-processing. This paper is based upon a recent defense model that belongs to the latter approach, which utilizes image-to-image translation to regenerate images perturbed by adversarial attacks. We optimized the training process of their model and tested the model performance against more recent and strong attacks. The results show that the model is able to regenerate images attacked by the state-of-the-art attack, the AutoAttack, and restores the classification accuracy to a level over 83% to that of the original images.

    DOI: 10.1007/978-3-031-41181-6_32

    Web of Science

    Scopus

    researchmap

  • A two-stage detection system of DDoS attacks in SDN using a trigger with multiple features and self-adaptive thresholds

    Niu M., Feng Y., Sakurai K.

    Proceedings of the 2023 17th International Conference on Ubiquitous Information Management and Communication, IMCOM 2023   2023年   ISBN:9781665453486

     詳細を見る

    出版者・発行元:Proceedings of the 2023 17th International Conference on Ubiquitous Information Management and Communication, IMCOM 2023  

    Software-defined networking (SDN) has received a lot of attention in academia and industry in recent years, and DDoS attacks are still one of the most dangerous threats. As cyberattacks become more sophisticated, detection systems also become more complex and computationally intensive, for example, Deep Learning-based detection. Against this background, two-stage detection is proposed, in which a trigger is introduced before the complex detection being invoked. That is, the heavy detection module is called only when the requirements in the trigger are satisfied. Clearly, the triggering mechanism plays an important role in such detection systems as it determines when the second stage is invoked. Most of the existing relevant studies utilize one feature and a fixed threshold. However, it is not easy to predefine suitable thresholds in practice, and one feature is often not sufficient for effective trigger conditions that have a significant impact on detection performance of the whole detection system. The latest related work uses dynamic thresholding, but still only one feature, and the threshold adaptation mechanism is too simplistic, which make it too difficult to be used in real applications. Moreover, the performance of the approach in the most of related works are verified only using simulated data. In this study, we increase the number of features and optimized the threshold adjustment method in the trigger. In addition, in the detection module of the second stage, six features carefully determined from traffic bytes, packets, and IP addresses are used. The performance of the proposal is demonstrated in a simulated SDN environment using a public dataset. The experimental results indicate that the times of calling the computationally intensive detection module is significantly reduced, while at the same time the detection performance of the overall system is not degraded.

    DOI: 10.1109/IMCOM56909.2023.10035661

    Scopus

  • A Design of Network Attack Detection Using Causal and Non-causal Temporal Convolutional Network

    He, PJ; Zhang, HB; Feng, YK; Sakurai, K

    SCIENCE OF CYBER SECURITY, SCISEC 2023   14299   513 - 523   2023年   ISSN:0302-9743 ISBN:978-3-031-45932-0 eISSN:1611-3349

     詳細を見る

    掲載種別:研究論文(国際会議プロシーディングス)   出版者・発行元:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    Temporal Convolution Network(TCN) has recently been introduced in the cybersecurity field, where two types of TCNs that consider causal relationships are used: causal TCN and non-causal TCN. Previous researchers have utilized causal and non-causal TCNs separately. Causal TCN can predict real-time outcomes, but it ignores traffic data from the time when the detection is activated. Non-causal TCNs can forecast results more globally, but they are less real-time. Employing either causal TCN or non-causal TCN individually has its drawbacks, and overcoming these shortcomings has become an important topic. In this research, we propose a method that combines causal and non-causal TCN in a contingent form to improve detection accuracy, maintain real-time performance, and prevent long detection time. Additionally, we use two datasets to evaluate the performance of the proposed method: NSL-KDD, a well-known dataset for evaluating network intrusion detection systems, and MQTT-IoT-2020, which simulates the MQTT protocol, a standard protocol for IoT machine-to-machine communication. The proposed method in this research increased the detection time by about 0.1ms compared to non-causal TCN when using NSL-KDD, but the accuracy improved by about 1.5%, and the recall improved by about 4%. For MQTT-IoT-2020, the accuracy improved by about 3%, and the recall improved by about 7% compared to causal TCN, but the accuracy decreased by about 1% compared to non-causal TCN. The required time was shortened by 30ms (around 30%), and the recall was improved by about 7%.

    DOI: 10.1007/978-3-031-45933-7_30

    Web of Science

    Scopus

    researchmap

  • On the Information-Theoretic Security of Combinatorial All-or-Nothing Transforms

    Gu, YJ; Akao, S; Esfahani, NN; Miao, Y; Sakurai, K

    IEEE TRANSACTIONS ON INFORMATION THEORY   68 ( 10 )   6904 - 6914   2022年10月   ISSN:0018-9448 eISSN:1557-9654

     詳細を見る

    出版者・発行元:IEEE Transactions on Information Theory  

    All-or-nothing transforms (AONTs) were proposed by Rivest as a message preprocessing technique for encrypting data to protect against brute-force attacks, and have numerous applications in cryptography and information security. Later the unconditionally secure AONTs and their combinatorial characterization were introduced by Stinson. Informally, a combinatorial AONT is an array with the unbiased requirements and its security properties in general depend on the prior probability distribution on the inputs s-tuples. Recently, it was shown by Esfahani and Stinson that a combinatorial AONT has perfect security provided that all the inputs s-tuples are equiprobable, and has weak security provided that all the inputs s-tuples are with non-zero probability. This paper aims to explore on the gap between perfect security and weak security for combinatorial (t,s,v)-AONTs. Concretely, we consider the typical scenario that all the s inputs take values independently (but not necessarily identically) and quantify the amount of information H(X|Y) about any t inputs X that is not revealed by any s-t outputs Y. In particular, we establish the general lower and upper bounds on H(X|Y) for combinatorial AONTs using information-theoretic techniques, and also show that the derived bounds can be attained in certain cases. Furthermore, the discussions are extended for the security properties of combinatorial asymmetric AONTs.

    DOI: 10.1109/TIT.2022.3174008

    Web of Science

    Scopus

  • On the Security Properties of Combinatorial All-or-nothing Transforms

    Gu Y., Akao S., Esfahani N.N., Miao Y., Sakurai K.

    IEEE International Symposium on Information Theory - Proceedings   2022-June   1447 - 1452   2022年6月   ISSN:21578095 ISBN:9781665421591

     詳細を見る

    掲載種別:研究論文(国際会議プロシーディングス)   出版者・発行元:IEEE International Symposium on Information Theory - Proceedings  

    All-or-nothing transforms (AONT) were proposed by Rivest as a message preprocessing technique for encrypting data to protect against brute-force attacks, and have many applications in cryptography and information security. Later the unconditionally secure AONT and their combinatorial characterization were introduced by Stinson. Informally, a combinatorial AONT is an array with the unbiased requirements and its security properties in general depend on the prior probability distribution on the inputs s-tuples. Recently, it was shown by Esfahani and Stinson that a combinatorial AONT has perfect security provided that all the inputs s-tuples are equiprobable, and has weak security provided that all the inputs s-tuples are with non-zero probability. This paper aims to explore on the gap between perfect security and weak security for combinatorial (t, s, v)-AONTs. Concretely, we consider the typical scenario that all the s inputs take values independently (but not necessarily identically) and quantify the amount of information H(X|Y) about any t inputs X that is not revealed by any s-t outputs Y. In particular, we establish the general lower and upper bounds on H(X|Y) for combinatorial AONTs using information-theoretic techniques, and also show that the derived bounds can be attained in certain cases.

    DOI: 10.1109/isit50566.2022.9834366

    Scopus

    researchmap

  • On the security properties of combinatorial all-or-nothing transforms 招待 査読 国際誌

    Yujie Gu, Sonata Akao, Navid Nasr Esfahani, Ying Miao, and Kouichi Sakurai

    Proceedings of 2022 IEEE International Symposium on Information Theory   2022年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Certificate Management Scheme for VANETs Using Blockchain Structure

    Perera, MNS; Nakamura, T; Hashimoto, M; Yokoyama, H; Cheng, CM; Sakurai, K

    CRYPTOGRAPHY   6 ( 2 )   20 - 20   2022年6月   eISSN:2410-387X

     詳細を見る

    掲載種別:研究論文(学術雑誌)   出版者・発行元:Cryptography  

    Vehicular Ad-hoc NETworks (VANETs), a special kind of Mobile Ad-hoc NETworks (MANETs), play an important role in Intelligent Transportation Systems (ITS). Via wireless technology, vehicles exchange information related to road conditions and their status, and, thereby, VANETs enhance transportation safety and efficiency. A critical aspect of VANETs is providing privacy for the vehicles. The employment of pseudonym certificates is a well-known solution to the privacy problems in VANETs. However, certificate management faces challenges in renewing certificates and revoking vehicles. The centralized certificate management, especially resulting in the delay of the revocation process, harms the nodes of VANETs. This paper proposes a blockchain structure-based certificate management for VANETs and voting-based revocation to halt misbehaving vehicles’ actions. Moreover, this paper presents extended privacy for the participants of the voting process using ring signatures.

    DOI: 10.3390/cryptography6020020

    Web of Science

    Scopus

    researchmap

  • Quantum secure privacy preserving technique to obtain the intersection of two datasets for contact tracing

    Debnath, SK; Srivastava, V; Mohanty, T; Kundu, N; Sakurai, K

    JOURNAL OF INFORMATION SECURITY AND APPLICATIONS   66   103127 - 103127   2022年5月   ISSN:2214-2126 eISSN:2214-2134

     詳細を見る

    掲載種別:研究論文(学術雑誌)   出版者・発行元:Journal of Information Security and Applications  

    Contact tracing has emerged as a powerful and effective measure to curb the spread of contagious diseases. It is a robust tool, but on the downside, it possesses a risk of privacy violations as contact tracing requires gathering a lot of personal information. So there is a need for a cryptographic primitive that obfuscate the personal data of the user. Taking everything into account, private set intersection seems to be the natural choice to address the problem. Nearly all of the existing PSI protocols are relying on the number theoretic assumption based hard problems. However, these problems are not secure in quantum domain. As a consequence, it becomes essential to designing PSI that can resist quantum attack and provide long-term security. One may apply quantum cryptography to develop such PSI protocol. This paper deals with the design of PSI using quantum cryptography (QC), where the security depends on the principles of basic quantum mechanics. Our scheme achieves long-term security and remains secure against quantum attacks due to the use of QC. As opposed to the existing quantum PSI protocols, the communication and computation costs of our scheme are independent of the size of universal set. Particularly, our proposed protocol attains optimal communication cost in the context of quantum PSI. In addition, our designed protocol needs smaller amount of measurements. Moreover, we require only single photon quantum resources and simple single-particle projective measurements, unlike most of the existing quantum PSI protocols.

    DOI: 10.1016/j.jisa.2022.103127

    Web of Science

    Scopus

    researchmap

  • A Survey on Group Signatures and Ring Signatures: Traceability vs. Anonymity

    Perera, MNS; Nakamura, T; Hashimoto, M; Yokoyama, H; Cheng, CM; Sakurai, K

    CRYPTOGRAPHY   6 ( 1 )   3 - 3   2022年3月   eISSN:2410-387X

     詳細を見る

    掲載種別:研究論文(学術雑誌)   出版者・発行元:Cryptography  

    This survey reviews the two most prominent group-oriented anonymous signature schemes and analyzes the existing approaches for their problem: balancing anonymity against traceability. Group signatures and ring signatures are the two leading competitive signature schemes with a rich body of research. Both group and ring signatures enable user anonymity with group settings. Any group user can produce a signature while hiding his identity in a group. Although group signatures have predefined group settings, ring signatures allow users to form ad-hoc groups. Preserving user identities provided an advantage for group and ring signatures. Thus, presently many applications utilize them. However, standard group signatures enable an authority to freely revoke signers’ anonymity. Thus, the authority might weaken the anonymity of innocent users. On the other hand, traditional ring signatures maintain permanent user anonymity, allowing space for malicious user activities; thus achieving the requirements of privacy-preserved traceability in group signatures and controlled anonymity in ring signatures has become desirable. This paper reviews group and ring signatures and explores the existing approaches that address the identification of malicious user activities. We selected many papers that discuss balancing user tracing and anonymity in group and ring signatures. Since this paper scrutinizes both signatures from their basic idea to obstacles including tracing users, it provides readers a broad synthesis of information about two signature schemes with the knowledge of current approaches to balance excessive traceability in group signatures and extreme anonymity in ring signatures. This paper will also shape the future research directions of two critical signature schemes that require more awareness.

    DOI: 10.3390/cryptography6010003

    Web of Science

    Scopus

    researchmap

  • A Privacy-Preserving Data Feed Scheme for Smart Contracts

    Wang, H; Liu, Z; Ge, CP; Sakurai, K; Su, CH

    IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS   E105.D ( 2 )   195 - 204   2022年2月   ISSN:09168532 eISSN:17451361

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)   出版者・発行元:一般社団法人 電子情報通信学会  

    SUMMARY Smart contracts are becoming more and more popular in financial scenarios like medical insurance. Rather than traditional schemes, using smart contracts as a medium is a better choice for both participants, as it is fairer, more reliable, more efficient, and enables real-time payment. However, medical insurance contracts need to input the patient’s condition information as the judgment logic to trigger subsequent execution. Since the blockchain is a closed network, it lacks a secure network environment for data interaction with the outside world. The Data feed aims to provide the service of the on-chain and off-chain data interaction. Existing researches on the data feed has solved the security problems on it effectively, such as Town Crier, TLS-N and they have also taken into account the privacy-preserving problems. However, these schemes cannot actually protect privacy because when the ciphertext data is executed by the contract, privacy information can still be inferred by analyzing the transaction results, since states of the contract are publicly visible. In this paper, based on zero-knowledge proof and Hawk technology, a on-and-off-chain complete smart contract data feed privacy-preserving scheme is proposed. In order to present our scheme more intuitively, we combined the medical insurance compensation case to implement it, which is called MIPDF. In our MIPDF, the patient and the insurance company are parties involved in the contract, and the hospital is the data provider of data feed. The patient’s medical data is sent to the smart contract under the umbrella of the zero-knowledge proof signature scheme. The smart contract verifies the proof and calculates the insurance premium based on the judgment logic. Meanwhile, we use Hawk technology to ensure the privacy of on-chain contract execution, so that no information will be disclosed due to the result of contract execution. We give a general description of our scheme within the Universal Composability (UC) framework. We experiment and evaluate MIPDF on Ethereum for in-depth analysis. The results show that our scheme can securely and efficiently support the functions of medical insurance and achieve complete privacy-preserving.

    DOI: 10.1587/transinf.2021bci0001

    Web of Science

    Scopus

    CiNii Research

    researchmap

  • Tree Parity Machine-Based Symmetric Encryption: A Hybrid Approach

    Meraouche, I; Dutta, S; Tan, H; Sakurai, K

    MATHEMATICS AND COMPUTING, ICMC 2022   415   61 - 73   2022年   ISSN:2194-1009 ISBN:978-981-19-9309-1

     詳細を見る

    出版者・発行元:Springer Proceedings in Mathematics and Statistics  

    In a symmetric key encryption the sender and the receiver must possess the same pre-distributed key in order to encrypt or decrypt the exchanged messages. Exchanging symmetric keys is a challenging issue in cryptography. In this paper, we put forward a symmetric key encryption technique that does not require any common pre-shared “knowledge” between the parties. More specifically, we use a type of neural network called Tree Parity Machines (TPMs) which, when synchronized, enable two parties to reach a common state. The common state can be used to establish a common secret key. Our method makes use of the Tree Parity Machines to reach a common state between the parties communicating and encrypt the communications with an ElGamal-type encryption methodology. The advantage of our implementation is that the initial key exchange method is fast, lightweight and believed to become a post-quantum candidate. We have analyzed the randomness of the produced ciphertexts from our system using NIST randomness tests and the results are included in the paper. We also demonstrate security against chosen plaintext attacks.

    DOI: 10.1007/978-981-19-9307-7_6

    Web of Science

    Scopus

  • Towards the Design of Locally Differential Private Hardware System for Edge Computing

    Taguchi, K; Sakurai, K; Iida, M

    2022 TENTH INTERNATIONAL SYMPOSIUM ON COMPUTING AND NETWORKING, CANDAR   186 - 191   2022年   ISSN:2379-1888 ISBN:978-1-6654-7530-3

     詳細を見る

    出版者・発行元:Proceedings - 2022 10th International Symposium on Computing and Networking, CANDAR 2022  

    A challenging issue for edge computing is how to correct meaningful information from sensor data while keeping the privacy of the data and individuals. One approach is given by the recent work [Choi et al. 'Guaranteeing Local Differential Privacy on Ultra-Low-Power Systems' 2018 ACM/IEEE 45th Annual International Symposium on Computer Architecture (ISCA)]. They point out that low resolution and fixed point characteristics of Ultra-Low-Power implementations may break privacy guarantees due to the low quality of noising. For overcoming this weakness, they introduce the techniques of resampling and thresholding. They also implemented in hardware to show the proposed method achieves both low overhead and high utility while keeping local differential privacy, with sensor/IoT benchmarks. Whereas, this research show some flaw in the existing work above and improve the method. We give the case in which infinite privacy loss still occurs because of low resolution even though the width of the output distribution is restricted, which was not investigated yet by the original paper of ISCA2018. Our major contribution is to propose an improvement to avoid privacy loss from low resolution and to enhance privacy protection in this circuit. Furthermore, we report the experimental results with software simulations, which guarantees the utility of our improving method. Finally, we discuss the power and limitation of our improved method with future challenging issues.

    DOI: 10.1109/CANDAR57322.2022.00033

    Web of Science

    Scopus

  • POSTER: Decentralized and Collaborative Tracing for Group Signatures

    Perera, MNS; Nakamura, T; Hashimoto, M; Yokoyama, H; Cheng, CM; Sakurai, K

    ASIA CCS'22: PROCEEDINGS OF THE 2022 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY   1258 - 1260   2022年   ISBN:978-1-4503-9140-5

     詳細を見る

    掲載種別:研究論文(国際会議プロシーディングス)   出版者・発行元:ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security  

    We propose a decentralized but collaborative attribute-based tracing mechanism (a signer-identifying mechanism) for group signatures. Instead of a central tracing party in our scheme, a set of tracers satisfying the attribute set used for generating the group signature can identify the signer. Thus our proposal limits the parties who can identify the signer. On the other hand, it decentralized the tracing authority.

    DOI: 10.1145/3488932.3527295

    Web of Science

    Scopus

    researchmap

    その他リンク: https://dblp.uni-trier.de/db/conf/asiaccs/asiaccs2022.html#PereraNHYCS22

  • POSTER: A Systematic Study of Bulletin Board and Its Application

    Suwito, MH; Tama, BA; Santoso, B; Dutta, S; Tan, HW; Yoshifumi, U; Sakurai, K

    ASIA CCS'22: PROCEEDINGS OF THE 2022 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY   1213 - 1215   2022年   ISBN:978-1-4503-9140-5

     詳細を見る

    掲載種別:研究論文(国際会議プロシーディングス)   出版者・発行元:ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security  

    Any person can post arbitrary strings on the bulletin board. Following publication on bulletin board, a party receives a "evidence"that the intended data were posted. The bulletin board is open to the public, which means that anyone can view its contents. The fundamental security criteria for a BB are that its contents cannot be deleted, and that no evidence of publication can be falsified. BB was commonly perceived as a trusted and publicly verifiable channel. It formed the backbone of many important protocols such as e-voting, secure multi-party computation etc. and quite often it was assumed to exist to support the execution of the main protocol. After the advent of blockchain technology, BB systems has found a strong footing regarding its implementation in a distributed manner. In this paper, we aim to provide a concise summary of the evolution of bulletin board, its implementation issues and security analysis with an emphasis on its impact to e-voting systems.

    DOI: 10.1145/3488932.3527280

    Web of Science

    Scopus

    researchmap

    その他リンク: https://dblp.uni-trier.de/db/conf/asiaccs/asiaccs2022.html#SuwitoTSDTUS22

  • Learning Multi-Party Adversarial Encryption and Its Application to Secret Sharing

    Meraouche, I; Dutta, S; Mohanty, SK; Agudo, I; Sakurai, K

    IEEE ACCESS   10   121329 - 121339   2022年   ISSN:2169-3536

     詳細を見る

    出版者・発行元:IEEE Access  

    Neural networks based cryptography has seen a significant growth since the introduction of adversarial cryptography which makes use of Generative Adversarial Networks (GANs) to build neural networks that can learn encryption. The encryption has been proven weak at first but many follow up works have shown that the neural networks can be made to learn the One Time Pad (OTP) and produce perfectly secure ciphertexts. To the best of our knowledge, existing works only considered communications between two or three parties. In this paper, we show how multiple neural networks in an adversarial setup can remotely synchronize and establish a perfectly secure communication in the presence of different attackers eavesdropping their communication. As an application, we show how to build Secret Sharing Scheme based on this perfectly secure multi-party communication. The results show that it takes around 45,000 training steps for 4 neural networks to synchronize and reach equilibria. When reaching equilibria, all the neural networks are able to communicate between each other and the attackers are not able to break the ciphertexts exchanged between them.

    DOI: 10.1109/ACCESS.2022.3223430

    Web of Science

    Scopus

  • Handling class Imbalance problem in Intrusion Detection System based on deep learning.

    Mariama Mbow, Hiroshi Koide, Kouichi Sakurai

    Int. J. Netw. Comput.   12 ( 2 )   467 - 492   2022年

     詳細を見る

    掲載種別:研究論文(学術雑誌)  

    researchmap

    その他リンク: https://dblp.uni-trier.de/db/journals/ijnc/ijnc12.html#MbowKS22

  • Handling class Imbalance problem in Intrusion Detection System based on deep learning

    Mbow Mariama, Koide Hiroshi, Sakurai Kouichi

    International Journal of Networking and Computing   12 ( 2 )   467 - 492   2022年   ISSN:21852839 eISSN:21852847

     詳細を見る

    記述言語:英語   出版者・発行元:IJNC編集委員会  

    Network intrusion detection system(NIDS) is the most used tool to detect malicious network activities. The NIDS has achieved in the recent years promising results for detecting known and novel attacks, with the adoption of deep learning. However, these NIDSs still have shortcomings. Most of the datasets used for NIDS are highly imbalanced, where the number of samples that belong to normal traffic is much larger than the attack traffic. The problem of imbalanced class skews the results. It limits the deep learning classifier’s performance for minority classes by misleading the classifier to be biased in favor of the majority class. To improve the detection rate for minority classes while ensuring efficiency, this study proposes a hybrid approach to handle the imbalance problem. This hybrid approach is a combination of oversampling with Synthetic Minority Over-Sampling (SMOTE) and Tomek link, an under-sampling method to reduce noise. Additionally, this study uses two deep learning models such as Long Short-Term Memory Network (LSTM) and Convolutional Neural Network (CNN) to provide a better intrusion detection system. The advantage of our proposed model is tested in NSL-KDD, CICIDS2017 datasets. In addition, we evaluate the method in the most recent intrusion detection dataset, CICIDS2018 dataset. We use 10-fold cross validation in this work to train the learning models and an independent test set for evaluation. The experimental results show that in the multi-class classification with NSLKDD dataset, the proposed model reached an overall accuracy and Fscore of 99% and 99.0.2% respectively on LSTM, an overall accuracy and Fscore of 99.70% and 99.27% respectively for CNN. And with CICIDS2017 an overall ac- curacy and Fscore of 99.65% and 98 % respectively on LSTM, an overall accuracy and Fscore of 99.85% and 98.98% respectively for CNN. In CICIDS2018 the proposed method achieved an overall detection rate and Fscore of 95% and 94% respectively.

    DOI: 10.15803/ijnc.12.2_467

    CiNii Research

  • Federated Learning with Clustering-Based Participant Selection for IoT Applications

    Wang K.I.K., Ye X., Sakurai K.

    Proceedings - 2022 IEEE International Conference on Big Data, Big Data 2022   6830 - 6831   2022年   ISBN:9781665480451

     詳細を見る

    出版者・発行元:Proceedings - 2022 IEEE International Conference on Big Data, Big Data 2022  

    Modern Internet of Things (IoT) systems are highly complex due to its mobile, ad-hoc and geographically distributed nature. Very often, an edge-cloud infrastructure is established to offer intelligent services in modern IoT systems. However, IoT edge devices are typically resource-constrained and can not perform sophisticated machine learning algorithm on board. Data sharing with a central server is a common approach of crowdsourcing, but also brings privacy and security concerns. The emerging federated learning offers a promising pathway to achieve an accurate model through distributed machine learning while ensuring data privacy. The existing federated learning process is not tailored to the mobile and adhoc nature of IoT systems where devices are of varying data and system qualities and may not be able to participate the entire training process. Therefore, in this paper, a new federated learning framework is proposed to support asynchronous model fusion with clustering-based participant selection. The proposed framework aims to accommodate the ad-hoc nature of IoT devices, and at the same time avoiding low quality or even malicious data from its participants to ensure model convergence and performance.

    DOI: 10.1109/BigData55660.2022.10020575

    Scopus

  • Computational experimental evaluation of the time variance of cryptocurrency mining using cryptographic hash functions

    Ikebe, K; Sakurai, K

    PROCEEDINGS OF 2022 4TH BLOCKCHAIN AND INTERNET OF THINGS CONFERENCE, BIOTC 2022   54 - 61   2022年   ISBN:978-1-4503-9662-2

     詳細を見る

    出版者・発行元:ACM International Conference Proceeding Series  

    When trading cryptocurrencies, mining is the process of searching for a solution to a computationally difficult problem. Due to the nature of the search, the time required for mining is subject to fluctuations. This is undesirable from the standpoint of security. In order to reduce the variance of mining time, we implemented the multiple concatenation mining method proposed in existing research and evaluated its performance. Although the results differ from theoretical values, the effect of small variance was confirmed.

    DOI: 10.1145/3559795.3559803

    Web of Science

    Scopus

  • Attribute Based Tracing for Securing Group Signatures Against Centralized Authorities

    Perera, MNS; Nakamura, T; Matsunaka, T; Yokoyama, H; Sakurai, K

    INFORMATION SECURITY PRACTICE AND EXPERIENCE, ISPEC 2022   13620   554 - 572   2022年   ISSN:0302-9743 ISBN:978-3-031-21279-6 eISSN:1611-3349

     詳細を見る

    掲載種別:研究論文(国際会議プロシーディングス)   出版者・発行元:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    This paper proposes a group signature scheme with a tracing mechanism that limits the tracing ability of tracers based on their attributes and decentralizes the tracing key generation method. Thus, no other party than the attributes satisfying tracer can identify the signer. The proposing scheme answers the single point of failure of the tracing mechanism in the existing group signature schemes. On the other hand, the multiple tracers setting of the proposing scheme reduces the tracing workload that the single tracer had, and provides selection flexibility for users to choose a tracer for their signatures based on tracers’ attributes. This paper discussed the related security definitions against outsiders and honest but curious authorities.

    DOI: 10.1007/978-3-031-21280-2_31

    Web of Science

    Scopus

    researchmap

    その他リンク: https://dblp.uni-trier.de/db/conf/ispec/ispec2022.html#PereraNMYS22

  • ASIA CCS '22: ACM Asia Conference on Computer and Communications Security, Nagasaki, Japan, 30 May 2022 - 3 June 2022

    AsiaCCS   2022年   ISBN:9781450391405

     詳細を見る

    掲載種別:研究論文(国際会議プロシーディングス)   出版者・発行元:ACM  

    DOI: 10.1145/3488932

    researchmap

  • Analysis of Variance of Searching Time for Serial Concatenation of Graph-Clique based Cryptocurrency Mining

    Kei, I; Sakurai, K

    2022 TENTH INTERNATIONAL SYMPOSIUM ON COMPUTING AND NETWORKING WORKSHOPS, CANDARW   380 - 383   2022年   ISBN:978-1-6654-7532-7

     詳細を見る

    出版者・発行元:Proceedings - 2022 10th International Symposium on Computing and Networking Workshops, CANDARW 2022  

    Cryptocurrency involves the search for a solution to a computationally difficult problem when conducting transactions. This is called mining, and by its nature, the time required for mining can vary significantly. This is undesirable from a security perspective. Existing research has proposed mining using graph cliques and methods for linking multiple mines with the aim of reducing the variance in mining time. In this study, we evaluated and implemented the possibility of further reducing the variance of mining time by combining the existing studies. The results showed that the combination of the two methods was more effective than conventional mining and existing research to achieve small variance.

    DOI: 10.1109/CANDARW57323.2022.00089

    Web of Science

    Scopus

  • Advances in Adversarial Attacks and Defenses in Intrusion Detection System: A Survey 査読

    Mbow, M; Sakurai, K; Koide, H

    SCIENCE OF CYBER SECURITY, SCISEC 2022 WORKSHOPS   1680   196 - 212   2022年   ISSN:1865-0929 ISBN:978-981-19-7768-8 eISSN:1865-0937

     詳細を見る

    記述言語:英語   掲載種別:論文集(書籍)内論文   出版者・発行元:Communications in Computer and Information Science  

    Machine learning is one of the predominant methods used in computer science and has been widely and successfully applied in many areas such as computer vision, pattern recognition, natural language processing, cyber security etc. In cyber security, the application of machine learning algorithms for network intrusion detection system (NIDS) has seen promising results for anomaly detection mostly with the adoption of deep learning and is still growing. However, machine learning algorithms are vulnerable to adversarial attacks resulting in significant performance degradation. Adversarial attacks are security threats that aim to deceive the learning algorithm by manipulating its predictions, and Adversarial machine learning is a research area that studies both the generation and defense of such attacks. Researchers have extensively worked on the adversarial machine learning in computer vision but not many works in Intrusion detection system. However, failure in this critical Intrusion detection area could compromise the security of an entire system, and need much attention. This paper provides a review of the advancement in adversarial machine learning based intrusion detection and explores the various defense techniques applied against. Finally discuss their limitations for future research direction in this emerging area.

    DOI: 10.1007/978-981-19-7769-5_15

    Web of Science

    Scopus

    researchmap

  • A Survey on Privacy Preserving Synthetic Data Generation and a Discussion on a Privacy-Utility Trade-off Problem

    Ghatak, D; Sakurai, K

    SCIENCE OF CYBER SECURITY, SCISEC 2022 WORKSHOPS   1680   167 - 180   2022年   ISSN:1865-0929 ISBN:978-981-19-7768-8 eISSN:1865-0937

     詳細を見る

    出版者・発行元:Communications in Computer and Information Science  

    Sharing microdata is a very important part of the present day world, but when they contain sensitive information, privacy to individuals needs to be guaranteed before release of data. One idea is to study the distributional properties of a data-set and generate synthetic data which has similar properties but unlike the original data comes with a privacy guarantee. In this review paper, we describe in detail, some advanced privacy guarantees that needs to be checked before release of such information. Also, we discuss some utility metrics to measure the remaining utility of released data. Very few mechanisms have been developed to ensure utility to synthetic data, provided a very strong privacy guarantee is maintained. We discuss some existing methodologies on privacy preserving synthetic data generation and discuss a privacy utility tradeoff problem.

    DOI: 10.1007/978-981-19-7769-5_13

    Web of Science

    Scopus

  • A Survey of Polynomial Multiplication With RSA-ECC Coprocessors and Implementations of NIST PQC Round3 KEM Algorithms in Exynos2100

    Park, JY; Moon, YH; Lee, WI; Kim, SH; Sakurai, K

    IEEE ACCESS   10   2546 - 2563   2022年   ISSN:2169-3536

     詳細を見る

    掲載種別:研究論文(学術雑誌)   出版者・発行元:IEEE Access  

    Polynomial multiplication is one of the heaviest operations for a lattice-based public key algorithm in Post-Quantum Cryptography (PQC). Many studies have been done to accelerate polynomial multiplication with newly developed hardware accelerators or special CPU instructions. However, another method utilizes previously implemented and commercial hardware accelerators for RSA/elliptic curve cryptography (ECC). Reusing an existing hardware accelerator is advantageous, not only for the cost benefit but also for the improvement in performance. In this case, the developer should adopt the most efficient implementation method for the functions provided by a given legacy hardware accelerator. It is difficult to find an optimized implementation for a given hardware accelerator because there are a variety of methods, and each method depends on the functions provided by the given accelerator. In order to solve the problem, we survey methods for polynomial multiplication using RSA/ECC coprocessors and their application for Learning With Error (LWE)-based KEM algorithms of National Institute of Standards and Technology (NIST) PQC round 3 candidates. We implement all known methods for polynomial multiplication with RSA/ECC coprocessors in a platform, commercial mobile system-on-chip (SoC), the Exynos2100 Smart Secure Platform (SSP). We present and analyze the simulation results for various legacy hardware accelerators and give guidance for optimized implementation.

    DOI: 10.1109/ACCESS.2021.3138807

    Web of Science

    Scopus

    researchmap

  • Deniable Secret Handshake Protocol - Revisited

    Somnath Panja, Sabyasachi Dutta, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019 Advanced Information Networking and Applications - Proceedings of the 33rd International Conference on Advanced Information Networking and Applications AINA-2019   1266 - 1278   2020年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The notion of deniability ensures that the transcript generated in an interactive protocol does not yield any evidence of the interaction. In the context of key-exchange protocols for secure message transmission, the notion of deniability is well-explored. On the other hand, a secret handshake protocol enables a group of authorized users to establish a shared secret key and authenticate each other. Recently, a framework for deniable secret handshake is proposed by Tian et al. in ISPEC 2018. We analyze the protocol, show three flaws and give solutions to prevent them.

    DOI: 10.1007/978-3-030-15032-7_106

  • Towards a lightweight detection system for cyber attacks in the IoT environment using corresponding features 査読

    Yan Naung Soe, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, Kouichi Sakurai

    Electronics (Switzerland)   9 ( 1 )   2020年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The application of a large number of Internet of Things (IoT) devices makes our life more convenient and industries more efficient. However, it also makes cyber-attacks much easier to occur because so many IoT devices are deployed and most of them do not have enough resources (i.e., computation and storage capacity) to carry out ordinary intrusion detection systems (IDSs). In this study, a lightweight machine learning-based IDS using a new feature selection algorithm is designed and implemented on Raspberry Pi, and its performance is verified using a public dataset collected from an IoT environment. To make the system lightweight, we propose a new algorithm for feature selection, called the correlated-set thresholding on gain-ratio (CST-GR) algorithm, to select really necessary features. Because the feature selection is conducted on three specific kinds of cyber-attacks, the number of selected features can be significantly reduced, which makes the classifiers very small and fast. Thus, our detection system is lightweight enough to be implemented and carried out in a Raspberry Pi system. More importantly, as the really necessary features corresponding to each kind of attack are exploited, good detection performance can be expected. The performance of our proposal is examined in detail with different machine learning algorithms, in order to learn which of them is the best option for our system. The experiment results indicate that the new feature selection algorithm can select only very few features for each kind of attack. Thus, the detection system is lightweight enough to be implemented in the Raspberry Pi environment with almost no sacrifice on detection performance.

    DOI: 10.3390/electronics9010144

  • Classification of Malicious Domains by Their LIFETIME

    Daiji Hara, Kouichi Sakurai, Yasuo Musashi

    Lecture Notes on Data Engineering and Communications Technologies   334 - 341   2020年1月

     詳細を見る

    記述言語:英語  

    In this study, we look for malicious domains in the logs of the primary DNS server of Kumamoto University using a malicious domain check tool (Virus Total), We then classify them according to their LIFETIME (LT) and investigate their main attack applications. The following results were obtained from the experiment: (1) Ransomware, phishing, and DDoS attacks were the 3 most frequent attacks. (2) We obtained two sets of LIFETIME by plotting the number of malicious domains according to their frequency (3) The frequency distribution obtained on ransomware, phishing, and DDoS attacks show that the LT distribution of ransomware and phishing is similar, however, the frequency of DDoS attacks is shorter. (4) From these results, we learn that the attack method can be determined by measuring the LT. The LT shows to be a good parameter to be used with machine learning to detect malicious domain names.

    DOI: 10.1007/978-3-030-39746-3_35

  • Blockchain for IoT-Based Digital Supply Chain A Survey

    Haibo Zhang, Kouichi Sakurai

    Lecture Notes on Data Engineering and Communications Technologies   564 - 573   2020年1月

     詳細を見る

    記述言語:英語  

    This exploratory investigation aims to discuss current network environment of digital supply chain system and security issues, especially from the Internet world, of digital supply chain management system with applying some advanced information technologies, such as Internet of Things and blockchain, for improving various system performance and properties. This paper introduces the general histories and backgrounds, in terms of information science, of the supply chain and relevant technologies which have been applied or are potential to be applied on supply chain with purpose of lowering cost, facilitating its security and convenience. It provides a comprehensive review of current relative research work and industrial cases from several famous companies. It also illustrates the IoT enablement and security issues of current digital supply chain system, and existing blockchain’s role in this kind of digital system. Finally, this paper concludes several potential or existing security issues and challenges which supply chain management is facing.

    DOI: 10.1007/978-3-030-39746-3_57

  • 3-Party Adversarial Cryptography

    Ishak Meraouche, Sabyasachi Dutta, Kouichi Sakurai

    Lecture Notes on Data Engineering and Communications Technologies   247 - 258   2020年1月

     詳細を見る

    記述言語:英語  

    The domain of Artificial Intelligence (AI) has seen an outstanding growth during the last two decades. It has proven its efficiency in handling complex domains including speech recognition, image recognition and many more. One interesting and evolving branch that was put forward years ago but have seen a good growth only during the past few years is encryption using AI. After Google announced that it has succeeded teaching neural networks encryption in the presence of Eavesdroppers, research in this particular area has seen a rapid spread of interest among different researchers all over the world to develop new Neural Networks capable of operating different cryptographic tasks. In this paper, we take initial steps to achieve secure communication among more than two parties using neural network based encryption. We forward the idea of two party symmetric encryption scheme of Google to a multi party Encryption scheme. In this paper we will focus on a 3-Party case.

    DOI: 10.1007/978-3-030-39746-3_27

  • Simulation of Secure Volunteer Computing by Using Blockchain

    Johjima Shota, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019 Advanced Information Networking and Applications - Proceedings of the 33rd International Conference on Advanced Information Networking and Applications AINA-2019   883 - 894   2020年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Volunteer Computing (VC) is one of methods of distributed computing. In VC process, several volunteers provide their computing resources for some computational purposes. Because most VC is supposed to be executed based on a situation that each volunteer is an honest one, in a case that some malicious volunteers are inside the VC network, the VC contains potential risk of causing to output an unreliable computational result. To improve the reliability of the computational result, several existing VCs adopt a method of majority voting using reliability parameters. However, this method contains potential vulnerability against to “Sybil Attack”. Therefore, in this paper, we propose our VC system using blockchain technology named “Hierarchy-System” to solve these problems and also show the evaluation result executed on a VC system simulated our proposed method.

    DOI: 10.1007/978-3-030-15032-7_74

  • Implementing Lightweight IoT-IDS on Raspberry Pi Using Correlation-Based Feature Selection and Its Performance Evaluation

    Yan Naung Soe, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019 Advanced Information Networking and Applications - Proceedings of the 33rd International Conference on Advanced Information Networking and Applications AINA-2019   458 - 469   2020年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The application of many IoT devices is making our world more convenient and efficient. However, it also makes a large number of cyber-attacks possible because most IoT devices have very limited resources and cannot perform ordinary intrusion detection systems. How to implement efficient and lightweight IDS in IoT environments is a critically important and challenging task. Several detection systems have been implemented on Raspberry Pi, but most of them are signature-based and only allow limited rules. In this study, a lightweight IDS based on machine learning is implemented on a Raspberry Pi. To make the system lightweight, a correlation-based feature selection algorithm is applied to significantly reduce the number of features and a lightweight classifier is utilized. The performance of our system is examined in detail and the experimental result indicates that our system is lightweight and has a much higher detection speed with almost no sacrifice of detection accuracy.

    DOI: 10.1007/978-3-030-15032-7_39

  • BCC'19 chairs' welcome 査読

    Satya Lokam, Sushmita Ruj, Kouichi Sakurai

    3rd ACM Workshop on Blockchains, Cryptocurrencies, and Contracts, BCC 2019, held in conjunction with the 14th ACM Asia Conference on Computer and Communications Security, AsiaCCS 2019 BCC 2019 - Proceedings of the 3rd ACM Workshop on Blockchains, Cryptocurrencies and Contracts, co-located with AsiaCCS 2019   III   2019年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • RSA public keys with inside structure Proofs of key generation and identities for web-of-trust 査読

    Hiroaki Anada, Takanori Yasuda, Junpei Kawamoto, Jian Weng, Kouichi Sakurai

    Journal of Information Security and Applications   45   10 - 19   2019年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We propose a construction of the modulus of the RSA public keys for decentralized public-key trust generation like Web-of-Trust, where the modulus has inside structure. The first function of the structure is that it enables a peer to verify that the owner of the public key certainly generated the corresponding secret key. The second function is to tie up the public key with the owner's identity as well as her guarantors identities. Our construction is based on the modified version of the Lenstra's algorithm, by which a related second public key and the identity strings are embedded into the RSA modulus. The second public key is of the elliptic-curve cryptosystem (ECC) which has almost equivalent security level to the RSA cryptosystem. Our construction is applicable to a peer-to-peer network equipped with the blockchain of “consortium” and “trusted” type to yield a flat network that does not depends on PKI of the X.509 type.

    DOI: 10.1016/j.jisa.2018.12.006

  • RSA public keys with inside structure Proofs of key generation and identities for web-of-trust 査読

    Hiroaki Anada, Takanori Yasuda, Junpei Kawamoto, Jian Weng, Kouichi Sakurai

    Journal of Information Security and Applications   45   10 - 19   2019年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We propose a construction of the modulus of the RSA public keys for decentralized public-key trust generation like Web-of-Trust, where the modulus has inside structure. The first function of the structure is that it enables a peer to verify that the owner of the public key certainly generated the corresponding secret key. The second function is to tie up the public key with the owner's identity as well as her guarantors identities. Our construction is based on the modified version of the Lenstra's algorithm, by which a related second public key and the identity strings are embedded into the RSA modulus. The second public key is of the elliptic-curve cryptosystem (ECC) which has almost equivalent security level to the RSA cryptosystem. Our construction is applicable to a peer-to-peer network equipped with the blockchain of “consortium” and “trusted” type to yield a flat network that does not depends on PKI of the X.509 type.

    DOI: 10.1016/j.jisa.2018.12.006

  • Attacking convolutional neural network using differential evolution 査読

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    IPSJ Transactions on Computer Vision and Applications   11 ( 1 )   2019年2月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The output of convolutional neural networks (CNNs) has been shown to be discontinuous which can make the CNN image classifier vulnerable to small well-tuned artificial perturbation. That is, images modified by conducting such alteration (i.e., adversarial perturbation) that make little difference to the human eyes can completely change the CNN classification results. In this paper, we propose a practical attack using differential evolution (DE) for generating effective adversarial perturbations. We comprehensively evaluate the effectiveness of different types of DEs for conducting the attack on different network structures. The proposed method only modifies five pixels (i.e., few-pixel attack), and it is a black-box attack which only requires the miracle feedback of the target CNN systems. The results show that under strict constraints which simultaneously control the number of pixels changed and overall perturbation strength, attacking can achieve 72.29%, 72.30%, and 61.28% non-targeted attack success rates, with 88.68%, 83.63%, and 73.07% confidence on average, on three common types of CNNs. The attack only requires modifying five pixels with 20.44, 14.28, and 22.98 pixel value distortion. Thus, we show that current deep neural networks are also vulnerable to such simpler black-box attacks even under very limited attack conditions.

    DOI: 10.1186/s41074-019-0053-3

  • Analysis of variance of graph-clique mining for scalable proof of work

    Hiroaki Anada, Tomohiro Matsushima, Chunhua Su, Weizhi Meng, Junpei Kawamoto, Samiran Bag, Kouichi Sakurai

    14th International Conference on Information Security and Cryptology, Inscrypt 2018 Information Security and Cryptology - 14th International Conference, Inscrypt 2018, Revised Selected Papers   101 - 114   2019年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Recently, Bitcoin is becoming one of the most popular decentralized cryptographic currency technologies, and Bitcoin mining is a process of adding transaction records to Bitcoin’s public ledger of past transactions or blockchain. To obtain a bitcoin, the mining process involves compiling recent transactions into blocks and trying to solve a computationally difficult puzzle, e.g., proof of work puzzle. A proof of work allows miners the ability to quantify how much work a given proof contains. Basically, the required time for mining is decided in advance, but problems will occur if the value is large for dispersion. In this paper, we first accept that the required time between consecutive blocks follows the exponential distribution. That is, the variance is stable as long as the expected time is fixed. Then, we focus on the graph clique mining technique proposed by the literature, like Tromp (BITCOIN 2015) and Bag-Ruj-Sakurai (Inscrypt 2015), which is based on a computational difficulty problem of searching cliques of undirected graphs, where a clique is a subset of vertices. In particular, when the clique size is two, graph clique mining can be used to gain Bitcoins. The previous work also claimed that if the clique size is parameterized and increased, even if the expected time is fixed, the variance would not be stable. However, no qualitative or quantitative results were given to support their claim. Motivated by this issue, in this work, we propose a simple search algorithm for graph cliques mining, and perform a small scale evaluation on Bitcoin and Graph cliques’s solo mining to investigate the variance issue.

    DOI: 10.1007/978-3-030-14234-6_6

  • Universal Rules for Fooling Deep Neural Networks based Text Classification 査読

    Di Li, Danilo Vasconcellos Vargas, Sakurai Kouichi

    IEEE Congress on Evolutionary Computation(CEC)   2221 - 2228   2019年1月

     詳細を見る

    記述言語:その他   掲載種別:研究論文(その他学術会議資料等)  

    Recently, deep learning based natural language processing techniques are
    being extensively used to deal with spam mail, censorship evaluation in social
    networks, among others. However, there is only a couple of works evaluating the
    vulnerabilities of such deep neural networks. Here, we go beyond attacks to
    investigate, for the first time, universal rules, i.e., rules that are sample
    agnostic and therefore could turn any text sample in an adversarial one. In
    fact, the universal rules do not use any information from the method itself (no
    information from the method, gradient information or training dataset
    information is used), making them black-box universal attacks. In other words,
    the universal rules are sample and method agnostic. By proposing a
    coevolutionary optimization algorithm we show that it is possible to create
    universal rules that can automatically craft imperceptible adversarial samples
    (only less than five perturbations which are close to misspelling are inserted
    in the text sample). A comparison with a random search algorithm further
    justifies the strength of the method. Thus, universal rules for fooling
    networks are here shown to exist. Hopefully, the results from this work will
    impact the development of yet more sample and model agnostic attacks as well as
    their defenses, culminating in perhaps a new age for artificial intelligence.

    DOI: 10.1109/CEC.2019.8790213

  • Attacking convolutional neural network using differential evolution 査読

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    IPSJ Transactions on Computer Vision and Applications   11 ( 1 )   1   2019年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(学術雑誌)  

  • A new design for evaluating moving target defense system

    Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   561 - 563   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment.

    DOI: 10.1109/CANDARW.2018.00111

  • Tracing MIRAI malware in networked system

    Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   534 - 538   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In 2021, it is anticipated that there will be approximately 30 billion Internet of Things (IoT) devices. The tremendous aggregate value of the IoT makes it a tempting and lucrative target for cyber criminals. The breakout of Mirai malware, which compromises poorly secured IoT devices with factory-default username and passphrase to launch Distributed Denial of Service (DDoS) attacks, has raised broad awareness towards the need for increased IoT security. To better defend against Mirai infection and spread, it is critical to know how the malware operates as the first step. In this paper, we give a combined static and dynamic analysis of Mirai, basing on the results of which, we introduce the application of Threat Tracer. Threat tracer is an information system simulator initially developed to help design a system robust against Advanced Persistent Attacks(APT). It offers an intuitive track on how a cyber threat behaves in a complicated networked system. The feedback simultaneously contributes to revealing vulnerabilities of a system. Our work focuses on the replication of Mirai Malware's operating processes in Threat Tracer simulation. By achieving doing so, we believe it could offer a comprehensible description of how Mirai acts. Also, considering the continuous emergence of Mirai variants, the simulation serves as a predictor on upcoming threats' behavior patterns.

    DOI: 10.1109/CANDARW.2018.00104

  • Suppressing chain size of blockchain-based information sharing for swarm robotic systems

    Yuki Nishida, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   524 - 528   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Swarm robotics is a research field in which a group of autonomous robots execute tasks through cooperative works. Sharing information among robots is a central function for an optimal performance of the system. Given that the swarm network structure constantly changes when robots move, it becomes difficult to guarantee on information sharing by all swarm members. We, in this work, propose an approach for information sharing on swarm robotic systems by using Blockchain technology. A function of distributed ledger in Blockchain technology has possibility to solve the information sharing problem and to easily synchronize their state. However, because Blockchain persistently keeps past transactions, the increase of its chain size is one of the serious issues to manage Blockchain technology. In this paper, we introduce a methodology to share information among autonomous robots and demonstrate through experiments that how the differences in data size recorded in the blockchain affect the chain size. As a result, compared with our previous approach, we succeeded in suppressing increase in chain size by using the proposal approach; it was reduced the amount of increase in chain size about 73.0% when each node repeatedly shared about 2.8KB image data by 100 times.

    DOI: 10.1109/CANDARW.2018.00102

  • Proof of disease A blockchain consensus protocol for accurate medical decisions and reducing the disease burden

    Asoke K. Talukder, Manish Chaitanya, David Arnold, Kouichi Sakurai

    4th IEEE SmartWorld, 15th IEEE International Conference on Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People and Smart City Innovations, SmartWorld/UIC/ATC/ScalCom/CBDCom/IoP/SCI 2018 Proceedings - 2018 IEEE SmartWorld, Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People and Smart City Innovations, SmartWorld/UIC/ATC/ScalCom/CBDCom/IoP/SCI 2018   257 - 262   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Studies suggest that a significant proportion of the diagnosis in non-communicable diseases (NCD) is erroneous, unwanted, or unnecessary. To reduce the disease burden and improve public health, algorithmic support is essential. To realize this, health data must be computer understandable, secured, ubiquitous, and interoperable. Medical and disease data entered into computers are unstructured natural language texts with medical jargons which a computer normally cannot understand. EMR (Electronic Medical Records) are data silos in the hospital and do not interoperate. In this paper we present Ethereum based future ready Proof of Disease (PoD) consensus protocol with a computer understandable single instance of truth. It will solve many challenges that electronic health records (EHR) or health information exchange (HIE) have failed to address. This medical system will help achieve all the complex needs of P6 (Participatory, Personalized, Proactive, Preventive, Predictive and Precision) medicine and finally reduce the disease burden.

    DOI: 10.1109/SmartWorld.2018.00079

  • Neural cryptography based on the topology evolving neural networks

    Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   472 - 478   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Modern cryptographic schemes is developed based on the mathematical theory. Recently works show a new direction about cryptography based on the neural networks. Instead of learning a specific algorithm, a cryptographic scheme is generated automatically. While one kind of neural network is used to achieve the scheme, the idea of the neural cryptography can be realized by other neural network architecture is unknown. In this paper, we make use of this property to create neural cryptography scheme on a new topology evolving neural network architecture called Spectrum-diverse unified neuroevolution architecture. First, experiments are conducted to verify that Spectrum-diverse unified neuroevolution architecture is able to achieve automatic encryption and decryption. Subsequently, we do experiments to achieve the neural symmetric cryptosystem by using adversarial training.

    DOI: 10.1109/CANDARW.2018.00091

  • Empirical evaluation on robustness of deep convolutional neural networks activation functions against adversarial perturbation

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   223 - 227   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Recent research has shown that deep convolutional neural networks (DCNN) are vulnerable to several different types of attacks while the reasons of such vulnerability are still under investigation. For instance, the adversarial perturbations can conduct a slight change on a natural image to make the target DCNN make the wrong recognition, while the reasons that DCNN is sensitive to such small modification are divergent from one research to another. In this paper, we evaluate the robustness of two commonly used activation functions of DCNN, namely the sigmoid and ReLu, against the recently proposed low-dimensional one-pixel attack. We show that the choosing of activation functions can be an important factor that influences the robustness of DCNN. The results show that comparing with sigmoid, the ReLu non-linearity is more vulnerable which allows the low dimensional one-pixel attack exploit much higher success rate and confidence of launching the attack. The results give insights on designing new activation functions to enhance the security of DCNN.

    DOI: 10.1109/CANDARW.2018.00049

  • Detecting distributed cyber attacks in SDN based on automatic thresholding

    Ryousuke Komiya, Yaokai Feng, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   417 - 423   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Distributed Cyber Attack launched from many hosts simultaneously has become one of the most sophisticated and the most dangerous attacks in the cyber world including the traditional Internet and the SDN (Software Defined Networking) environments. As a kind of centralized network environment, the SDN has been greatly developed and popularized in recent years, especially in cloud systems. Thus, how to efficiently detect distributed attacks in SDN environments has attracted great attentions in academia and industry and various researches have been done to counter such attacks. The latest related researches made attempts to exploit the information of the PacketIn packets collected in the SDN controller and those methods proved efficient for detecting distributed cyber attacks in SDN environments. However, such methods adopted a threshold for distinguishing between attacks and normal situations. The threshold must be properly determined manually in advance, which is not easy in many applications even for experts. In this study, we try to automatically extract a proper threshold from the historical data of the monitored SDN environment so that the difficult parameter-tuning (determination of the threshold) process can be removed. In addition, because the extracted threshold can well reflect the actual situations of the monitored environment, a better detection performance than the existing approaches can be expected. The detection performance of our proposal is also tested using real traffic data.

    DOI: 10.1109/CANDARW.2018.00083

  • A new design for evaluating moving target defense system

    Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   561 - 563   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment.

    DOI: 10.1109/CANDARW.2018.00111

  • Tracing MIRAI malware in networked system

    Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   534 - 538   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In 2021, it is anticipated that there will be approximately 30 billion Internet of Things (IoT) devices. The tremendous aggregate value of the IoT makes it a tempting and lucrative target for cyber criminals. The breakout of Mirai malware, which compromises poorly secured IoT devices with factory-default username and passphrase to launch Distributed Denial of Service (DDoS) attacks, has raised broad awareness towards the need for increased IoT security. To better defend against Mirai infection and spread, it is critical to know how the malware operates as the first step. In this paper, we give a combined static and dynamic analysis of Mirai, basing on the results of which, we introduce the application of Threat Tracer. Threat tracer is an information system simulator initially developed to help design a system robust against Advanced Persistent Attacks(APT). It offers an intuitive track on how a cyber threat behaves in a complicated networked system. The feedback simultaneously contributes to revealing vulnerabilities of a system. Our work focuses on the replication of Mirai Malware's operating processes in Threat Tracer simulation. By achieving doing so, we believe it could offer a comprehensible description of how Mirai acts. Also, considering the continuous emergence of Mirai variants, the simulation serves as a predictor on upcoming threats' behavior patterns.

    DOI: 10.1109/CANDARW.2018.00104

  • Suppressing chain size of blockchain-based information sharing for swarm robotic systems

    Yuki Nishida, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   524 - 528   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Swarm robotics is a research field in which a group of autonomous robots execute tasks through cooperative works. Sharing information among robots is a central function for an optimal performance of the system. Given that the swarm network structure constantly changes when robots move, it becomes difficult to guarantee on information sharing by all swarm members. We, in this work, propose an approach for information sharing on swarm robotic systems by using Blockchain technology. A function of distributed ledger in Blockchain technology has possibility to solve the information sharing problem and to easily synchronize their state. However, because Blockchain persistently keeps past transactions, the increase of its chain size is one of the serious issues to manage Blockchain technology. In this paper, we introduce a methodology to share information among autonomous robots and demonstrate through experiments that how the differences in data size recorded in the blockchain affect the chain size. As a result, compared with our previous approach, we succeeded in suppressing increase in chain size by using the proposal approach; it was reduced the amount of increase in chain size about 73.0% when each node repeatedly shared about 2.8KB image data by 100 times.

    DOI: 10.1109/CANDARW.2018.00102

  • Proof of disease A blockchain consensus protocol for accurate medical decisions and reducing the disease burden

    Asoke K. Talukder, Manish Chaitanya, David Arnold, Kouichi Sakurai

    4th IEEE SmartWorld, 15th IEEE International Conference on Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People and Smart City Innovations, SmartWorld/UIC/ATC/ScalCom/CBDCom/IoP/SCI 2018 Proceedings - 2018 IEEE SmartWorld, Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People and Smart City Innovations, SmartWorld/UIC/ATC/ScalCom/CBDCom/IoP/SCI 2018   257 - 262   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Studies suggest that a significant proportion of the diagnosis in non-communicable diseases (NCD) is erroneous, unwanted, or unnecessary. To reduce the disease burden and improve public health, algorithmic support is essential. To realize this, health data must be computer understandable, secured, ubiquitous, and interoperable. Medical and disease data entered into computers are unstructured natural language texts with medical jargons which a computer normally cannot understand. EMR (Electronic Medical Records) are data silos in the hospital and do not interoperate. In this paper we present Ethereum based future ready Proof of Disease (PoD) consensus protocol with a computer understandable single instance of truth. It will solve many challenges that electronic health records (EHR) or health information exchange (HIE) have failed to address. This medical system will help achieve all the complex needs of P6 (Participatory, Personalized, Proactive, Preventive, Predictive and Precision) medicine and finally reduce the disease burden.

    DOI: 10.1109/SmartWorld.2018.00079

  • Neural cryptography based on the topology evolving neural networks

    Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   472 - 478   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Modern cryptographic schemes is developed based on the mathematical theory. Recently works show a new direction about cryptography based on the neural networks. Instead of learning a specific algorithm, a cryptographic scheme is generated automatically. While one kind of neural network is used to achieve the scheme, the idea of the neural cryptography can be realized by other neural network architecture is unknown. In this paper, we make use of this property to create neural cryptography scheme on a new topology evolving neural network architecture called Spectrum-diverse unified neuroevolution architecture. First, experiments are conducted to verify that Spectrum-diverse unified neuroevolution architecture is able to achieve automatic encryption and decryption. Subsequently, we do experiments to achieve the neural symmetric cryptosystem by using adversarial training.

    DOI: 10.1109/CANDARW.2018.00091

  • Empirical evaluation on robustness of deep convolutional neural networks activation functions against adversarial perturbation

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   223 - 227   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Recent research has shown that deep convolutional neural networks (DCNN) are vulnerable to several different types of attacks while the reasons of such vulnerability are still under investigation. For instance, the adversarial perturbations can conduct a slight change on a natural image to make the target DCNN make the wrong recognition, while the reasons that DCNN is sensitive to such small modification are divergent from one research to another. In this paper, we evaluate the robustness of two commonly used activation functions of DCNN, namely the sigmoid and ReLu, against the recently proposed low-dimensional one-pixel attack. We show that the choosing of activation functions can be an important factor that influences the robustness of DCNN. The results show that comparing with sigmoid, the ReLu non-linearity is more vulnerable which allows the low dimensional one-pixel attack exploit much higher success rate and confidence of launching the attack. The results give insights on designing new activation functions to enhance the security of DCNN.

    DOI: 10.1109/CANDARW.2018.00049

  • Detecting distributed cyber attacks in SDN based on automatic thresholding

    Ryousuke Komiya, Yaokai Feng, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018 Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   417 - 423   2018年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Distributed Cyber Attack launched from many hosts simultaneously has become one of the most sophisticated and the most dangerous attacks in the cyber world including the traditional Internet and the SDN (Software Defined Networking) environments. As a kind of centralized network environment, the SDN has been greatly developed and popularized in recent years, especially in cloud systems. Thus, how to efficiently detect distributed attacks in SDN environments has attracted great attentions in academia and industry and various researches have been done to counter such attacks. The latest related researches made attempts to exploit the information of the PacketIn packets collected in the SDN controller and those methods proved efficient for detecting distributed cyber attacks in SDN environments. However, such methods adopted a threshold for distinguishing between attacks and normal situations. The threshold must be properly determined manually in advance, which is not easy in many applications even for experts. In this study, we try to automatically extract a proper threshold from the historical data of the monitored SDN environment so that the difficult parameter-tuning (determination of the threshold) process can be removed. In addition, because the extracted threshold can well reflect the actual situations of the monitored environment, a better detection performance than the existing approaches can be expected. The detection performance of our proposal is also tested using real traffic data.

    DOI: 10.1109/CANDARW.2018.00083

  • Feature selection for machine learning-based early detection of distributed cyber attacks

    Yaokai Feng, Hitoshi Akiyama, Liang Lu, Kouichi Sakurai

    16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018 Proceedings - IEEE 16th International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018   181 - 186   2018年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    It is well known that distributed cyber attacks simultaneously launched from many hosts have caused the most serious problems in recent years including problems of privacy leakage and denial of services. Thus, how to detect those attacks at early stage has become an important and urgent topic in the cyber security community. For this purpose, recognizing C&C (Command & Control) communication between compromised bots and the C&C server becomes a crucially important issue, because C&C communication is in the preparation phase of distributed attacks. Although attack detection based on signature has been practically applied since long ago, it is well-known that it cannot efficiently deal with new kinds of attacks. In recent years, ML(Machine learning)-based detection methods have been studied widely. In those methods, feature selection is obviously very important to the detection performance. We once utilized up to 55 features to pick out C&C traffic in order to accomplish early detection of DDoS attacks. In this work, we try to answer the question that 'Are all of those features really necessary?' We mainly investigate how the detection performance moves as the features are removed from those having lowest importance and we try to make it clear that what features should be payed attention for early detection of distributed attacks. We use honeypot data collected during the period from 2008 to 2013. SVM(Support Vector Machine) and PCA(Principal Component Analysis) are utilized for feature selection and SVM and RF(Random Forest) are for building the classifier. We find that the detection performance is generally getting better if more features are utilized. However, after the number of features has reached around 40, the detection performance will not change much even more features are used. It is also verified that, in some specific cases, more features do not always means a better detection performance. We also discuss 10 important features which have the biggest influence on classification.

    DOI: 10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00040

  • Feature selection for machine learning-based early detection of distributed cyber attacks

    Yaokai Feng, Hitoshi Akiyama, Liang Lu, Kouichi Sakurai

    16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018 Proceedings - IEEE 16th International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018   181 - 186   2018年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    It is well known that distributed cyber attacks simultaneously launched from many hosts have caused the most serious problems in recent years including problems of privacy leakage and denial of services. Thus, how to detect those attacks at early stage has become an important and urgent topic in the cyber security community. For this purpose, recognizing C&C (Command & Control) communication between compromised bots and the C&C server becomes a crucially important issue, because C&C communication is in the preparation phase of distributed attacks. Although attack detection based on signature has been practically applied since long ago, it is well-known that it cannot efficiently deal with new kinds of attacks. In recent years, ML(Machine learning)-based detection methods have been studied widely. In those methods, feature selection is obviously very important to the detection performance. We once utilized up to 55 features to pick out C&C traffic in order to accomplish early detection of DDoS attacks. In this work, we try to answer the question that 'Are all of those features really necessary?' We mainly investigate how the detection performance moves as the features are removed from those having lowest importance and we try to make it clear that what features should be payed attention for early detection of distributed attacks. We use honeypot data collected during the period from 2008 to 2013. SVM(Support Vector Machine) and PCA(Principal Component Analysis) are utilized for feature selection and SVM and RF(Random Forest) are for building the classifier. We find that the detection performance is generally getting better if more features are utilized. However, after the number of features has reached around 40, the detection performance will not change much even more features are used. It is also verified that, in some specific cases, more features do not always means a better detection performance. We also discuss 10 important features which have the biggest influence on classification.

    DOI: 10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00040

  • Active attack against oblivious RAM

    Yuto Nakano, Seira Hidano, Shinsaku Kiyomoto, Kouichi Sakurai

    32nd IEEE International Conference on Advanced Information Networking and Applications, AINA 2018 Proceedings - 32nd IEEE International Conference on Advanced Information Networking and Applications, AINA 2018   744 - 751   2018年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    When a user consumes an encrypted digital content (for example video and music files), the player application accesses the secret key to decrypt the content. If the user is malicious, he can analyse the access pattern of the player application to extract the secret key efficiently. Oblivious RAMs (ORAMs) are effective solution for such threats. However, ORAMs are only effective for 'passive' attackers who can observe the RAM access done by the application, but cannot alter data stored on RAM. The attacker with ability to alter data on RAM can be called 'active' attackers. In this paper, we evaluate the security of ORAM schemes against active adversaries where they alter data on RAM and try to efficiently extract the secret information. We also propose countermeasures against active adversaries.

    DOI: 10.1109/AINA.2018.00112

  • Lightweight Classification of IoT Malware Based on Image Recognition

    Jiawei Su, Danilo Vasconcellos Vargas, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai

    42nd IEEE Computer Software and Applications Conference, COMPSAC 2018 Proceedings - 2018 IEEE 42nd Annual Computer Software and Applications Conference, COMPSAC 2018   664 - 669   2018年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware, and 81:8% accuracy for the classification of goodware and two main malware families.

    DOI: 10.1109/COMPSAC.2018.10315

  • Light Weight Write Mechanism for Cloud Data 査読

    Mosarrat Jahan, Mohsen Rezvani, Qianrui Zhao, Partha Sarathi Roy, Kouichi Sakurai, Aruna Seneviratne, Sanjay Jha

    IEEE Transactions on Parallel and Distributed Systems   29 ( 5 )   1131 - 1146   2018年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Outsourcing data to the cloud for computation and storage has been on the rise in recent years. In this paper we investigate the problem of supporting write operation on the outsourced data for clients using mobile devices. We consider the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it is well suited to support access control in outsourced cloud environments. One shortcoming of CP-ABE is that users can modify the access policy specified by the data owner if write operations are incorporated in the scheme. We propose a protocol for collaborative processing of outsourced data that enables the authorized users to perform write operation without being able to alter the access policy specified by the data owner. Our scheme is accompanied with a light weight signature scheme and simple, inexpensive user revocation mechanism to make it suitable for processing on resource-constrained mobile devices. The implementation and detailed performance analysis of the scheme indicate the suitability of the proposed scheme for real mobile applications. Moreover, the security analysis demonstrates that the security properties of the system are not compromised.

    DOI: 10.1109/TPDS.2017.2782253

  • Light Weight Write Mechanism for Cloud Data 査読

    Mosarrat Jahan, Mohsen Rezvani, Qianrui Zhao, Partha Sarathi Roy, Kouichi Sakurai, Aruna Seneviratne, Sanjay Jha

    IEEE Transactions on Parallel and Distributed Systems   29 ( 5 )   1131 - 1146   2018年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Outsourcing data to the cloud for computation and storage has been on the rise in recent years. In this paper we investigate the problem of supporting write operation on the outsourced data for clients using mobile devices. We consider the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it is well suited to support access control in outsourced cloud environments. One shortcoming of CP-ABE is that users can modify the access policy specified by the data owner if write operations are incorporated in the scheme. We propose a protocol for collaborative processing of outsourced data that enables the authorized users to perform write operation without being able to alter the access policy specified by the data owner. Our scheme is accompanied with a light weight signature scheme and simple, inexpensive user revocation mechanism to make it suitable for processing on resource-constrained mobile devices. The implementation and detailed performance analysis of the scheme indicate the suitability of the proposed scheme for real mobile applications. Moreover, the security analysis demonstrates that the security properties of the system are not compromised.

    DOI: 10.1109/TPDS.2017.2782253

  • BCC'18 chairs' welcome 査読

    Satya Lokam, Sushmita Ruj, Kouichi Sakurai

    2nd ACM Workshop on Blockchains, Cryptocurrencies, and Contracts, BCC 2018 BCC 2018 - Proceedings of the 2nd ACM Workshop on Blockchains, Cryptocurrencies, and Contracts, Co-located with ASIA CCS 2018   iii   2018年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Light Weight Write Mechanism for Cloud Data 査読

    Mosarrat Jahan, Mohsen Rezvani, Qianrui Zhao, Partha Sarathi Roy, Kouichi Sakurai, Aruna Seneviratne, Sanjay Jha

    IEEE Transactions on Parallel and Distributed Systems   29 ( 5 )   1131 - 1146   2018年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Outsourcing data to the cloud for computation and storage has been on the rise in recent years. In this paper we investigate the problem of supporting write operation on the outsourced data for clients using mobile devices. We consider the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it is well suited to support access control in outsourced cloud environments. One shortcoming of CP-ABE is that users can modify the access policy specified by the data owner if write operations are incorporated in the scheme. We propose a protocol for collaborative processing of outsourced data that enables the authorized users to perform write operation without being able to alter the access policy specified by the data owner. Our scheme is accompanied with a light weight signature scheme and simple, inexpensive user revocation mechanism to make it suitable for processing on resource-constrained mobile devices. The implementation and detailed performance analysis of the scheme indicate the suitability of the proposed scheme for real mobile applications. Moreover, the security analysis demonstrates that the security properties of the system are not compromised.

    DOI: 10.1109/TPDS.2017.2782253

  • BCC'18 chairs' welcome 査読

    Satya Lokam, Sushmita Ruj, Kouichi Sakurai

    2nd ACM Workshop on Blockchains, Cryptocurrencies, and Contracts, BCC 2018 BCC 2018 - Proceedings of the 2nd ACM Workshop on Blockchains, Cryptocurrencies, and Contracts, Co-located with ASIA CCS 2018   iii   2018年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Effectively Protect Your Privacy Enabling Flexible Privacy Control on Web Tracking

    Shiqian Yu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    5th International Symposium on Computing and Networking, CANDAR 2017 Proceedings - 2017 5th International Symposium on Computing and Networking, CANDAR 2017   533 - 536   2018年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Third-party tracking, which can collect the users' privacy when users are surfing the Internet, has garnered much attention. Nowadays tracker-blocking tools often use a ruleset based on the domains and elements that need to be blocked. This results in blocking all access tracking, even though the website shows no sign about tracking users' privacy. And what's more, although the tracker-blocking tools try their best to block all the third-party tracking, not all the users dislike the advertisement. Some of them think if their privacy is fine, it's all right to accept advertisements. In this paper, we present a novel framework by using Word2Vec to block third-party tracking. Our goal is to create more flexible and well-developed ruleset that can help users to protect their privacy according to their needs. Instead of blocking all access tracking, we decide to pay more attention to the websites that have a strong probability to collect the users' privacy. We use Word2Vec to classify the websites, and our results show that after using our framework, the error rate drops from 71% to 24%. We believe it brings the new blood into the field of web privacy by providing not only the new third-party tracking tool but also a novel way of thinking about how to block the third-party tracking.

    DOI: 10.1109/CANDAR.2017.26

  • Attacking Convolutional Neural Network using Differential Evolution 査読

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    CoRR   abs/1804.07062   2018年4月

     詳細を見る

    記述言語:その他  

    The output of Convolutional Neural Networks (CNN) has been shown to be
    discontinuous which can make the CNN image classifier vulnerable to small
    well-tuned artificial perturbations. That is, images modified by adding such
    perturbations(i.e. adversarial perturbations) that make little difference to
    human eyes, can completely alter the CNN classification results. In this paper,
    we propose a practical attack using differential evolution(DE) for generating
    effective adversarial perturbations. We comprehensively evaluate the
    effectiveness of different types of DEs for conducting the attack on different
    network structures. The proposed method is a black-box attack which only
    requires the miracle feedback of the target CNN systems. The results show that
    under strict constraints which simultaneously control the number of pixels
    changed and overall perturbation strength, attacking can achieve 72.29&#37;, 78.24&#37;
    and 61.28&#37; non-targeted attack success rates, with 88.68&#37;, 99.85&#37; and 73.07&#37;
    confidence on average, on three common types of CNNs. The attack only requires
    modifying 5 pixels with 20.44, 14.76 and 22.98 pixel values distortion. Thus,
    the result shows that the current DNNs are also vulnerable to such simpler
    black-box attacks even under very limited attack conditions.

  • Packet in Message Based DDoS Attack Detection in SDN Network Using OpenFlow

    Xiang You, Yaokai Feng, Kouichi Sakurai

    5th International Symposium on Computing and Networking, CANDAR 2017 Proceedings - 2017 5th International Symposium on Computing and Networking, CANDAR 2017   2018-January   522 - 528   2018年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Using the OpenFlow protocol, the virtual network technology SDN (Software Defined Network) is now widely used. In recent years, the number of DDoS attacks has been increasing year by year. To detect DDoS attacks in SDN, data recorded in the flow table in OpenFlow switch is analyzed and various detection methods are submitted. However, SDN centrally manages communication within the network, when detecting DDoS (Distributed Denial of Service) attacks. This creates a heavy processing load, and the processing load of the OpenFlow controller must be considered. In this paper, in order to reduce the processing load of the controller, we do not collect data of the flow table, extract three features from the Packet In message for communication between the controller and the switch, and perform real-time attack detection. Furthermore, to avoid stringent detection time intervals, triggers will be added before detection to realize light and dynamic DDoS attacks detection.

    DOI: 10.1109/CANDAR.2017.93

  • Effectively Protect Your Privacy Enabling Flexible Privacy Control on Web Tracking

    Shiqian Yu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    5th International Symposium on Computing and Networking, CANDAR 2017 Proceedings - 2017 5th International Symposium on Computing and Networking, CANDAR 2017   533 - 536   2018年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Third-party tracking, which can collect the users' privacy when users are surfing the Internet, has garnered much attention. Nowadays tracker-blocking tools often use a ruleset based on the domains and elements that need to be blocked. This results in blocking all access tracking, even though the website shows no sign about tracking users' privacy. And what's more, although the tracker-blocking tools try their best to block all the third-party tracking, not all the users dislike the advertisement. Some of them think if their privacy is fine, it's all right to accept advertisements. In this paper, we present a novel framework by using Word2Vec to block third-party tracking. Our goal is to create more flexible and well-developed ruleset that can help users to protect their privacy according to their needs. Instead of blocking all access tracking, we decide to pay more attention to the websites that have a strong probability to collect the users' privacy. We use Word2Vec to classify the websites, and our results show that after using our framework, the error rate drops from 71% to 24%. We believe it brings the new blood into the field of web privacy by providing not only the new third-party tracking tool but also a novel way of thinking about how to block the third-party tracking.

    DOI: 10.1109/CANDAR.2017.26

  • Packet in Message Based DDoS Attack Detection in SDN Network Using OpenFlow

    Xiang You, Yaokai Feng, Kouichi Sakurai

    5th International Symposium on Computing and Networking, CANDAR 2017 Proceedings - 2017 5th International Symposium on Computing and Networking, CANDAR 2017   2018-January   522 - 528   2018年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Using the OpenFlow protocol, the virtual network technology SDN (Software Defined Network) is now widely used. In recent years, the number of DDoS attacks has been increasing year by year. To detect DDoS attacks in SDN, data recorded in the flow table in OpenFlow switch is analyzed and various detection methods are submitted. However, SDN centrally manages communication within the network, when detecting DDoS (Distributed Denial of Service) attacks. This creates a heavy processing load, and the processing load of the OpenFlow controller must be considered. In this paper, in order to reduce the processing load of the controller, we do not collect data of the flow table, extract three features from the Packet In message for communication between the controller and the switch, and perform real-time attack detection. Furthermore, to avoid stringent detection time intervals, triggers will be added before detection to realize light and dynamic DDoS attacks detection.

    DOI: 10.1109/CANDAR.2017.93

  • Lightweight Classification of IoT Malware based on Image Recognition 査読

    Jiawei Su, Danilo Vasconcellos Vargas, Sanjiva Prasad, Daniele Sgandurra, Yaokai Feng, Kouichi Sakurai

    Proceedings - International Computer Software and Applications Conference   2   664 - 669   2018年2月

     詳細を見る

    記述言語:その他  

    The Internet of Things (IoT) is an extension of the traditional Internet,
    which allows a very large number of smart devices, such as home appliances,
    network cameras, sensors and controllers to connect to one another to share
    information and improve user experiences. Current IoT devices are typically
    micro-computers for domain-specific computations rather than traditional
    functionspecific embedded devices. Therefore, many existing attacks, targeted
    at traditional computers connected to the Internet, may also be directed at IoT
    devices. For example, DDoS attacks have become very common in IoT environments,
    as these environments currently lack basic security monitoring and protection
    mechanisms, as shown by the recent Mirai and Brickerbot IoT botnets. In this
    paper, we propose a novel light-weight approach for detecting DDos malware in
    IoT environments.We firstly extract one-channel gray-scale images converted
    from binaries, and then utilize a lightweight convolutional neural network for
    classifying IoT malware families. The experimental results show that the
    proposed system can achieve 94.0&#37; accuracy for the classification of goodware
    and DDoS malware, and 81.8&#37; accuracy for the classification of goodware and two
    main malware families.

    DOI: 10.1109/COMPSAC.2018.10315

  • Preface 査読

    Debdas Ghosh, Debasis Giri, R. N. Mohapatra, Ekrem Savas, Kouichi Sakurai, L. P. Singh

    4th International Conference on Mathematics and Computing, ICMC 2018 Communications in Computer and Information Science   834   IX - X   2018年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Light weight and fine-grained access mechanism for secure access to outsourced data* 査読

    Mosarrat Jahan, Suranga Seneviratne, Partha Sarathi Roy, Kouichi Sakurai, Aruna Seneviratne, Sanjay Jha

    Concurrency Computation   2018年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In this paper, we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on encrypted outsourced data. One limitation of CP-ABE is that the users can modify the access policy specified by the data owner if write operations are introduced in the scheme. We propose a protocol for providing different levels of access to outsourced data that permits the authorized users to perform write operation without altering the access policy specified by the data owner. Our scheme provides fine-grained read/write access to the users, accompanied with a light weight signature scheme and computationally inexpensive user revocation mechanism suitable for resource-constrained mobile devices. We provide a theoretical analysis of the security of the proposed protocol and the experimental results measured from a real-world testbed.

    DOI: 10.1002/cpe.4736

  • A New Design for Evaluating Moving Target Defense System

    Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)   561 - 563   2018年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(その他学術会議資料等)  

  • Tracing MIRAI Malware in Networked System

    Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)   534 - 538   2018年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(その他学術会議資料等)  

  • Neural Cryptography Based on the Topology Evolving Neural Networks

    Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)   472 - 478   2018年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(その他学術会議資料等)  

  • Lightweight classification of IoT malware based on image recognition

    Jiawei Su, Vargas Danilo Vasconcellos, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai

    2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC)   2   664 - 669   2018年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(その他学術会議資料等)  

  • Empirical Evaluation on Robustness of Deep Convolutional Neural Networks Activation Functions Against Adversarial Perturbation

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)   223 - 227   2018年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(その他学術会議資料等)  

  • A New Design for Evaluating Moving Target Defense System

    Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)   561 - 563   2018年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(その他学術会議資料等)  

  • Tracing MIRAI Malware in Networked System

    Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)   534 - 538   2018年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(その他学術会議資料等)  

  • Neural Cryptography Based on the Topology Evolving Neural Networks

    Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)   472 - 478   2018年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(その他学術会議資料等)  

  • Lightweight classification of IoT malware based on image recognition

    Jiawei Su, Vargas Danilo Vasconcellos, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai

    2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC)   2   664 - 669   2018年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(その他学術会議資料等)  

  • Empirical Evaluation on Robustness of Deep Convolutional Neural Networks Activation Functions Against Adversarial Perturbation

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018 Sixth International Symposium on Computing and Networking Workshops (CANDARW)   223 - 227   2018年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(その他学術会議資料等)  

  • Secure combinatorial key predistribution scheme for sensor networks by regulating frequencies magneto optic sensors 査読

    Pinaki Sarkar, Morshed Uddin Chowdhury, Kouichi Sakurai

    Concurrency Computation Practice and Experience   29 ( 23 )   2017年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Low cost, decentralized architecture and ad hoc nature are a few desirable properties of wireless sensor networks that make them well suited for gathering sensitive information in hazardous deployment grounds. Existing security protocols exploit various cryptographic tools to strengthen their security. Not many works focus on constraints faced by an adversary. One such constraint being practical difficulties to trace a particular frequency band from a large range of unknown frequencies, specially in unharmonious geographical locations. Our research capitalizes on this weakness encountered by an adversary and preassigns nodes with multiple frequency bands from a wide range of frequencies allocated to the network. Deployed nodes can discover these bands during set network setup phase by a simple trick. Nodes are to internally switch their frequency bands depending on parametric variation that are caused by an (external) impulse. Experiments conducted using magneto optic sensors confirm that any variation of their parameter affects frequencies of emergent waves. Similar behavior is expected from application specific sensors. Frequency regulation (FR) concept is applied to combinatorial key predistribution schemes (KPS) having (regular) degree r. Depending on r and each node's capability to switch internal frequencies, nodes are preallocated with n frequency bands. This naturally partitions the (distributed) network and results in improved resilience. Combining our FR concept to a KPS where the number of shared key between a pair of nodes is at most one (γ ≤ 1) may yield best case scenario of an ideally resilient key predistribution. Our analysis of systems that combines FR idea with KPS where γ > 1 leads to an optimized key-band distribution argument and drastic resilience improvements. Results of simulations conducted assuming real-life scenario ascertain our analysis and establishes superior performance of our protocols as compared to prominent ones.

    DOI: 10.1002/cpe.4017

  • Secure combinatorial key predistribution scheme for sensor networks by regulating frequencies: magneto optic sensors 査読

    Pinaki Sarkar, Morshed Uddin Chowdhury, Kouichi Sakurai

    CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE   29 ( 23 )   2017年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Low cost, decentralized architecture and ad hoc nature are a few desirable properties of wireless sensor networks that make them well suited for gathering sensitive information in hazardous deployment grounds. Existing security protocols exploit various cryptographic tools to strengthen their security. Not many works focus on constraints faced by an adversary. One such constraint being practical difficulties to trace a particular frequency band from a large range of unknown frequencies, specially in unharmonious geographical locations. Our research capitalizes on this weakness encountered by an adversary and preassigns nodes with multiple frequency bands from a wide range of frequencies allocated to the network. Deployed nodes can discover these bands during set network setup phase by a simple trick. Nodes are to internally switch their frequency bands depending on parametric variation that are caused by an (external) impulse. Experiments conducted using magneto optic sensors confirm that any variation of their parameter affects frequencies of emergent waves. Similar behavior is expected from application specific sensors. Frequency regulation (FR) concept is applied to combinatorial key predistribution schemes (KPS) having (regular) degree r. Depending on r and each node's capability to switch internal frequencies, nodes are preallocated with n frequency bands. This naturally partitions the (distributed) network and results in improved resilience. Combining our FR concept to a KPS where the number of shared key between a pair of nodes is at most one ( 1) may yield best case scenario of an ideally resilient key predistribution. Our analysis of systems that combines FR idea with KPS where >1 leads to an optimized key-band distribution argument and drastic resilience improvements. Results of simulations conducted assuming real-life scenario ascertain our analysis and establishes superior performance of our protocols as compared to prominent ones.

    DOI: 10.1002/cpe.4017

  • Cross-group secret sharing scheme for secure usage of cloud storage over different providers and regions 査読

    Hiroaki Anada, Junpei Kawamoto, Chenyutao Ke, Kirill Morozov, Kouichi Sakurai

    Journal of Supercomputing   73 ( 10 )   4275 - 4301   2017年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    With the spread of the Internet, more and more data are being stored in the cloud. Here the technique of secret sharing can be naturally applied in order to provide both security and availability of the stored data, hereby reducing the risks of data leakage and data loss. The privacy property of secret sharing ensures protection against unauthorized access, while protection against data loss may be attained by distributing shares to the servers located in different regions. However, there is still a problem: If we naively employ the secret sharing technique without regarding to whom the cloud servers belong, a dishonest provider can obtain the secret data by collecting enough shares from its servers. In this scenario, there is a need to distribute shares over cloud services operated by different providers. In this paper, we propose a simple secret sharing technique, a cross-group secret sharing (CGSS), which is suitable for storing the data on cloud storage distributed over different groups—that is, different providers and regions. By combining an ℓ-out-of-m threshold secret sharing scheme with a k-out-of-n threshold secret sharing scheme using a symmetric-key encryption scheme, we construct the CGSS scheme that forces k shares to be collected from ℓ groups. Compared with the previous works, our scheme attains the functionality with reasonable computation. We also formalize the problem of allocating shares over different providers and regions as an optimization problem and show the design principles, which one must follow, when applying our proposal in practical settings. An experiment on real IaaS systems shows effectiveness of our proposed scheme, CGSS.

    DOI: 10.1007/s11227-017-2009-7

  • Cross-group secret sharing scheme for secure usage of cloud storage over different providers and regions 査読

    Hiroaki Anada, Junpei Kawamoto, Chenyutao Ke, Kirill Morozov, Kouichi Sakurai

    JOURNAL OF SUPERCOMPUTING   73 ( 10 )   4275 - 4301   2017年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    With the spread of the Internet, more and more data are being stored in the cloud. Here the technique of secret sharing can be naturally applied in order to provide both security and availability of the stored data, hereby reducing the risks of data leakage and data loss. The privacy property of secret sharing ensures protection against unauthorized access, while protection against data loss may be attained by distributing shares to the servers located in different regions. However, there is still a problem: If we naively employ the secret sharing technique without regarding to whom the cloud servers belong, a dishonest provider can obtain the secret data by collecting enough shares from its servers. In this scenario, there is a need to distribute shares over cloud services operated by different providers. In this paper, we propose a simple secret sharing technique, a cross-group secret sharing (CGSS), which is suitable for storing the data on cloud storage distributed over different groups-that is, different providers and regions. By combining an -out-of-m threshold secret sharing scheme with a k-out-of-n threshold secret sharing scheme using a symmetric-key encryption scheme, we construct the CGSS scheme that forces k shares to be collected from groups. Compared with the previous works, our scheme attains the functionality with reasonable computation. We also formalize the problem of allocating shares over different providers and regions as an optimization problem and show the design principles, which one must follow, when applying our proposal in practical settings. An experiment on real IaaS systems shows effectiveness of our proposed scheme, CGSS.

    DOI: 10.1007/s11227-017-2009-7

  • A new security middleware architecture based on fog computing and cloud to support IoT constrained devices 査読

    Wissam Razouk, Daniele Sgandurra, Kouichi Sakurai

    ACM International Conference Proceeding Series   2017年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The increase of sensitive data in the current Internet of Things (IoT) raises demands of computation, communication and storage capabilities. Indeed, thanks to RFID tags and wireless sensor networks, anything can be part of IoT. As a result, a large amount of data is generated, which is hard for many IoT devices to handle, as many IoT devices are resource-constrained and cannot use the existing standard security protocols. Cloud computing might seem like a convenient solution, since it offers on-demand access to a shared pool of resources such as processors, storage, applications and services. However this comes as a cost, as unnecessary communications not only burden the core network, but also the data center in the cloud. Therefore, considering suitable approaches such as fog computing and security middleware solutions is crucial. In this paper, we propose a novel middleware architecture to solve the above issues, and discuss the generic concept of using fog computing along with cloud in order to achieve a higher security level. Our security middleware acts as a smart gateway as it is meant to pre-process data at the edge of the network. Depending on the received information, data might either be processed and stored locally on fog or sent to the cloud for further processing. Moreover, in our scheme, IoT constrained devices communicate through the proposed middleware, which provide access to more computing power and enhanced capability to perform secure communications. We discuss these concepts in detail, and explain how our proposal is effective to cope with some of the most relevant IoT security challenges.

    DOI: 10.1145/3109761.3158413

  • Secure and light weight fine-grained access mechanism for outsourced data

    Mosarrat Jahan, Partha Sarathi Roy, Kouichi Sakurai, Aruna Seneviratne, Sanjay Jha

    16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 11th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Conference on Embedded Software and Systems, Trustcom/BigDataSE/ICESS 2017 Proceedings - 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 11th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Conference on Embedded Software and Systems, Trustcom/BigDataSE/ICESS 2017   201 - 209   2017年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this paper we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on the encrypted outsourced data. One limitation of CP-ABE is that users can modify the access policy specified by the data owner if write operations are introduced in the scheme. We propose a protocol for providing different levels of access to outsourced data that permits the authorized users to perform write operation without altering the access policy specified by the data owner. Our scheme provides fine-grained read/write access to the users, accompanied with a light weight signature scheme and computationally inexpensive user revocation mechanism suitable for resource-constrained mobile devices. The security analysis demonstrates the robustness of the proposed scheme.

    DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.238

  • Bitcoin Block Withholding Attack Analysis and Mitigation 査読

    Samiran Bag, Sushmita Ruj, Kouichi Sakurai

    IEEE Transactions on Information Forensics and Security   12 ( 8 )   1967 - 1978   2017年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We address two problems: First, we study a variant of block withholding (BWH) attack in Bitcoins and second, we propose solutions to prevent all existing types of BWH attacks in Bitcoins. We analyze the strategies of a selfish Bitcoin miner who in connivance with one pool attacks another pool and receives reward from the former mining pool for attacking the latter. We name this attack as 'sponsored block withholding attack.' We present detailed quantitative analysis of the monetary incentive that a selfish miner can earn by adopting this strategy under different scenarios. We prove that under certain conditions, the attacker can maximize her revenue by adopting some strategies and by utilizing her computing power wisely. We also show that an attacker may use this strategy for attacking both the pools for earning higher amount of incentives. More importantly, we present a strategy that can effectively counter block withholding attack in any mining pool. First, we propose a generic scheme that uses cryptographic commitment schemes to counter BWH attack. Then, we suggest an alternative implementation of the same scheme using hash function. Our scheme protects a pool from rogue miners as well as rogue pool administrators. The scheme and its variant defend against BWH attack by making it impossible for the miners to distinguish between a partial proof of work and a complete proof of work. The scheme is so designed that the administrator cannot cheat on the entire pool. The scheme can be implemented by making minor changes to existing Bitcoin protocol. We also analyze the security of the scheme.

    DOI: 10.1109/TIFS.2016.2623588

  • Bitcoin Block Withholding Attack: Analysis and Mitigation 査読

    Samiran Bag, Sushmita Ruj, Kouichi Sakurai

    IEEE Transactions on Information Forensics and Security   12 ( 8 )   1967 - 1978   2017年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We address two problems: First, we study a variant of block withholding (BWH) attack in Bitcoins and second, we propose solutions to prevent all existing types of BWH attacks in Bitcoins. We analyze the strategies of a selfish Bitcoin miner who in connivance with one pool attacks another pool and receives reward from the former mining pool for attacking the latter. We name this attack as 'sponsored block withholding attack.' We present detailed quantitative analysis of the monetary incentive that a selfish miner can earn by adopting this strategy under different scenarios. We prove that under certain conditions, the attacker can maximize her revenue by adopting some strategies and by utilizing her computing power wisely. We also show that an attacker may use this strategy for attacking both the pools for earning higher amount of incentives. More importantly, we present a strategy that can effectively counter block withholding attack in any mining pool. First, we propose a generic scheme that uses cryptographic commitment schemes to counter BWH attack. Then, we suggest an alternative implementation of the same scheme using hash function. Our scheme protects a pool from rogue miners as well as rogue pool administrators. The scheme and its variant defend against BWH attack by making it impossible for the miners to distinguish between a partial proof of work and a complete proof of work. The scheme is so designed that the administrator cannot cheat on the entire pool. The scheme can be implemented by making minor changes to existing Bitcoin protocol. We also analyze the security of the scheme.

    DOI: 10.1109/TIFS.2016.2623588

  • Host independent and distributed detection system of the network attack by using OpenFlow. ICOIN 2017: 236-241 査読 国際誌

    Ryosuke MIYAZAKI, Junpei Kawamoto, Shinichi MATSUMOTO, Kouichi Sakurai

    2017 International Conference on Information Networking (ICOIN)   2017年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

    DOI: DOI: 10.1109/ICOIN.2017.7899511

    その他リンク: http://ieeexplore.ieee.org/document/7899511/authors

  • BCC'17 chairs' Welcome 査読

    Satya Lokam, Sushmita Ruj, Kouichi Sakurai

    BCC 2017 - Proceedings of the ACM Workshop on Blockchain, Cryptocurrencies and Contracts, co-located with ASIA CCS 2017   iii   2017年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Host independent and distributed detection system of the network attack by using OpenFlow

    Ryosuke Miyazaki, Junpei Kawamoto, Shinichi Matsumoto, Kouichi Sakurai

    31st International Conference on Information Networking, ICOIN 2017 31st International Conference on Information Networking, ICOIN 2017   236 - 241   2017年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Recently, there are many types of cyber attacks and we should detect as many types as possible. In order to detect a wide variety of attacks, a complete distributed multi-Agent system is proposed. However, it requires the software installation in all hosts. The lack of resources also makes it hard to introduce the system to the devices. In this paper, we design a distributed defense algorithm employing a multi-Agent system. However, it is hard to detect the wide and shallow attacks such as horizontal portscan and if the systems is completely distributed. Therefore, we need to watch for the whole network in order to detect such attacks. Here, it is proposed to combine the system with OpenFlow which is suitable for having an overall network view. In general, however, OpenFlow has a central control system which is not scalable. Thus, we also propose to use several OpenFlow controllers and share information among them. By sharing information, we show that it is possible to detect a horizontal portscan.

    DOI: 10.1109/ICOIN.2017.7899511

  • Comments and improvements of 'HOTA Handover optimized ticket-based authentication in network-based mobility management'

    Mojtaba Alizadeh, Mohammad Hessam Tadayon, Kouichi Sakurai, Sabariah Baharun, Hiroaki Anada, Mazdak Zamani, Akram Zeki, Shehzad Ashraf Chaudhry, Muhammad Khurram Khan

    20th Conference on Innovations in Clouds, Internet and Networks, ICIN 2017 Proceedings of the 2017 20th Conference on Innovations in Clouds, Internet and Networks, ICIN 2017   112 - 116   2017年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Nowadays, various mobile devices are being an inseparable part of our normal life. Mobile users tend to be connected to the Internet seamlessly, which is provided by mobility management protocols. One of the latest mobility management protocol is Proxy Mobile IPv6 (PMIPv6), which is a network-based protocol. Authentication mechanism as a critical security procedure is not specified in PMIPv6, hence various authentication methods have been proposed. Lee and Bonin proposed a ticket-based authentication scheme for PMIPv6, which is called HOTA in 2013. Even though, HOTA offers some security protection mechanisms, but is vulnerable to DoS attack. Furthermore, we show other existing drawbacks to the scheme such as vulnerability against de-synchronization attack and Session Hijacking attack. In this paper, we propose an enhancement method to mitigate these security drawbacks. Finally, security and performance of the proposed method are analyzed and compared to HOTA method.

    DOI: 10.1109/ICIN.2017.7899399

  • A traceable signcryption scheme for secure sharing of data in cloud storage

    Rohit Ahuja, Sraban Kumar Mohanty, Kouichi Sakurai

    16th IEEE International Conference on Computer and Information Technology, CIT 2016 Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016   524 - 531   2017年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Nowadays cloud servers become the primary choice to store and share data with multiple recipients. The storage of personal information on cloud servers may result in the exposure of confidential information to unauthorized individuals or organizations. Several solutions employing attribute-based encryption schemes have been proposed for secure sharing of data using cloud servers. However, most of the solutions fail to trace the traitors, who intentionally leaked their data access privileges for personal gain. This paper introduces a traceable ciphertext policy attribute-based signcryption (sign-then-encrypt) scheme to simultaneously realize the notion of traitor-tracing, fine-grained access control, sender anonymity, message integrity, authenticity and sensitivity by extending traceable attribute based encryption scheme using attribute-based signature. Single authority may compromise user's key. Hence to reduce the trust on authority, our proposed scheme employs different authorities for key generation and traitor-tracing. In addition, our proposed scheme preserves message sensitivity by allowing the data-owner to define message category label. We analyze the performance of our scheme with respect to secret key size, ciphertext size, computation cost involves in signcryption and designcryption and compare it with existing schemes to show its efficacy.

    DOI: 10.1109/CIT.2016.52

  • A Brief Review on Anomaly Detection and its Applications to Cybersecurity (情報通信システムセキュリティ)

    Danilo Vasconcellos Vargas, Kouichi Sakurai

    IEICE technical report   116 ( 522 )   37 - 42   2017年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • A behavior-based online engine for detecting distributed cyber-attacks

    Yaokai Feng, Yoshiaki Hori, Kouichi Sakurai

    17th International Workshop on Information Security Applications, WISA 2016 Information Security Applications - 17th International Workshop, WISA 2016, Revised Selected Papers   10144 LNCS   79 - 89   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Distributed attacks have reportedly caused the most serious losses in recent years. Here, distributed attacks means those attacks conducted collaboratively by multiple hosts. How to detect distributed attacks has become one of the most important topics in the cyber security community. Many detection methods have been proposed, each of which, however, has its own weak points. For example, detection performance of information theory based methods strongly depends on the information theoretic measures and signature-based methods suffer from the fact that they can deal with neither new kinds of attacks nor new variants of existing attacks. Recently, behavior-based method has been attracting great attentions from many researchers and developers and it is thought as the most promising one. In behavior-based approaches, normal behavior modes are learned/extracted from past traffic data of the monitored network and are used to recognize anomalies in the future detection. In this paper, we explain how to implement an online behavior-based engine for detecting distributed cyber-attacks. Detection cases of our engine are also introduced and some actual attacks/incidents have been captured by our detection engine.

    DOI: 10.1007/978-3-319-56549-1_7

  • A scalable attribute-set-based access control with both sharing and full-fledged delegation of access privileges in cloud computing 査読

    Rohit Ahuja, Sraban Kumar Mohanty, Kouichi Sakurai

    COMPUTERS & ELECTRICAL ENGINEERING   57   241 - 256   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The benefits of cloud computing motivate enterprises to migrate their IT infrastructure on cloud servers. Enterprise needs to entrust untrusted cloud service provider, which gives rise to various security and privacy concerns. To address these concerns, numerous schemes in cloud computing employed attribute-based encryption schemes. However, existing schemes are neither flexible enough to provide users complete liberty on delegation of their access privileges nor grant shared access privileges among users of a group to jointly address a responsibility. This paper introduces hierarchical attribute-set-based access control scheme by employing ciphertext-policy attribute-set-based encryption with a hierarchical structure of users to achieve scalability. The proposed scheme simultaneously achieves the notion of fine-grained cum flexible access control, privacy preserving, efficient data utilization and imperatively provides users full-fledged liberty on delegation of their access privileges. Furthermore, we formally prove that proposed scheme is secure under decisional bilinear Diffie-Hellman assumption. (C) 2016 Elsevier Ltd. All rights reserved.

    DOI: 10.1016/j.compeleceng.2016.11.028

  • SQL injection attack detection method using expectation criterion

    Linghuan Xiao, Shinichi Matsumoto, Tomohisa Ishikawa, Kouichi Sakurai

    4th International Symposium on Computing and Networking, CANDAR 2016 Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016   649 - 654   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    SQL Injection attack is a kind of attack to a web application that accesses the database of the web application illegitimate. Along with the increasing use of web applications, the database where stores much sensitive information became more and more valuable and vulnerable. Eventually, SQL Injection attack has become rank one in top ten vulnerabilities as specified by Open Web Application Security Project (OWASP). In the other hand, although there was proposed a lot of methods to address the SQL injection attack, the current approaches almost have the limitation to detect full scope of the attack. What is more, the approaches have high precision in detecting pre-existing attacks though, but cannot detect unknown attacks. In this paper, we present an expectation-based solution to address SQL injection attack. Our proposal mainly has two phases. In the first phase, we calculate the occurrence probability of the SQL injection attack special characters in attack dataset and typical dataset respectively, and in the second phase we detect SQL injection attack base on expectation calculating take advantage of the computed occurrence probability.

    DOI: 10.1109/CANDAR.2016.74

  • Parameter manipulation attack prevention and detection by using web application deception proxy

    Tomohisa Ishikawa, Kouichi Sakurai

    11th International Conference on Ubiquitous Information Management and Communication, IMCOM 2017 Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication, IMCOM 2017   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The attack abusing web application vulnerabilities are currently classified into traditional attack threats. However, security breaches by web application attacks are still reported via mass media. Although the vulnerabilities in popular products such as Microsoft IIS or Apache are quickly discovered by security researchers around the world, it is hard to identify the vulnerabilities in customized web applications developed by each organization. On top of that, in the case of large corporations, it is hard to manage all web applications since their business domains are diversified, and each division has various web applications. In this paper, we propose web application deception proxy as a defense approach, and we show that it is very helpful to prevent and detect web application attacks.

    DOI: 10.1145/3022227.3022300

  • On unconditionally binding code-based commitment schemes

    Kirill Morozov, Partha Sarathi Roy, Kouichi Sakurai

    11th International Conference on Ubiquitous Information Management and Communication, IMCOM 2017 Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication, IMCOM 2017   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this work, we construct a dual version of statistically binding commitment scheme by Jain et al. (Asiacrypt 2012) with shorter commitment size under hardness of syndrome decoding. Then, we point out that perfectly binding variants of the above schemes follow directly from the Randomized McEliece and Niederreiter public key encryption schemes, assuming indistinguishability of permuted Goppa codes, as well as hardness of the exact learning parity with noise (xLPN) problem (for the McEliece scheme) and hardness of syndrome decoding (for the Niederreiter scheme). Our key observation here is that perfect binding (as opposed to statistical binding) requires exact knowledge of minimal distance of the underlying code. Finally, we provide security evaluation of our proposals, and compare their performance with that of existing schemes.

    DOI: 10.1145/3022227.3022327

  • Improving the accuracy of signature authentication using the eight principles of yong

    Taku Nishigori, Junpei Kawamoto, Kouichi Sakurai

    11th International Conference on Ubiquitous Information Management and Communication, IMCOM 2017 Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication, IMCOM 2017   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The signature authentication on smartphones has been studied as a method to protect personal information. Its authentication accuracy is a challenge due to restrictions such as size of the terminal. In this paper, a signature authentication method that incorporates the calligraphy concept called Eight Principles of Yong is proposed for users of Chinese characters. The Eight Principles of Yong means that the character Yong has the eight techniques needed to describe any Chinese character. In the method, the certifier makes clusters from Yong in advance. Strokes of the template are allocated in clusters. At the time of authentication, strokes of the character are allocated in these clusters. If the cluster is the same as the stroke, the distance between the data decreases.

    DOI: 10.1145/3022227.3022258

  • Evasion attacks against statistical code obfuscation detectors

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    12th International Workshop on Security, IWSEC 2017 Advances in Information and Computer Security - 12th International Workshop on Security, IWSEC 2017, Proceedings   10418 LNCS   121 - 137   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In the domain of information security, code obfuscation is a feature often employed for malicious purposes. For example there have been quite a few papers reporting that obfuscated JavaScript frequently comes with malicious functionality such as redirecting to external malicious websites. In order to capture such obfuscation, a class of detectors based on statistical features of code, mostly n-grams have been proposed and been claimed to achieve high detection accuracy. In this paper, we formalize a common scenario between defenders who maintain the statistical obfuscation detectors and adversaries who want to evade the detection. Accordingly, we create two kinds of evasion attack methods and evaluate the robustness of statistical detectors under such attacks. Experimental results show that statistical obfuscation detectors can be easily fooled by a sophisticated adversary even in worst case scenarios.

    DOI: 10.1007/978-3-319-64200-0_8

  • C&C session detection using random forest

    Liang Lu, Yaokai Feng, Kouichi Sakurai

    11th International Conference on Ubiquitous Information Management and Communication, IMCOM 2017 Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication, IMCOM 2017   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    DDoS (Distributed Denial of Service) attack is one of the most used DoS (Denial of Service) attack. It is a distributed attack in which an attacker uses a multitude of compromised computers to attack a single target. Those compromised computers that actually execute the attack are called botnet. To hide their identity, the attacker usually uses a third-party server to control and send attack command to bots, this kind of server is called C&C (command & control) server. The detection of C&C sessions is a strong proof of botnet detection and early detection of DDoS attacks as C&C connections occur before a DDoS attack. Network traffic analysis is an effective method to detect C&C sessions as it is hard to avoid encrypting the payload or change command code. We consider a new feature vector with 55 features, and use a random forest algorithm to build the classifier. Random forest is an ensemble of classifiers that can deal with high-dimension problems. In fact, it can also calculate the importance of features that will help us find the key features responsible for the detection of C&C sessions. Experimental results show that our approach has better performance on C&C session detection.

    DOI: 10.1145/3022227.3022260

  • A scalable attribute-set-based access control with both sharing and full-fledged delegation of access privileges in cloud computing 査読

    Rohit Ahuja, Sraban Kumar Mohanty, Kouichi Sakurai

    Computers and Electrical Engineering   57   241 - 256   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The benefits of cloud computing motivate enterprises to migrate their IT infrastructure on cloud servers. Enterprise needs to entrust untrusted cloud service provider, which gives rise to various security and privacy concerns. To address these concerns, numerous schemes in cloud computing employed attribute-based encryption schemes. However, existing schemes are neither flexible enough to provide users complete liberty on delegation of their access privileges nor grant shared access privileges among users of a group to jointly address a responsibility. This paper introduces hierarchical attribute-set-based access control scheme by employing ciphertext-policy attribute-set-based encryption with a hierarchical structure of users to achieve scalability. The proposed scheme simultaneously achieves the notion of fine-grained cum flexible access control, privacy preserving, efficient data utilization and imperatively provides users full-fledged liberty on delegation of their access privileges. Furthermore, we formally prove that proposed scheme is secure under decisional bilinear Diffie–Hellman assumption.

    DOI: 10.1016/j.compeleceng.2016.11.028

  • A proposal of Event Study Methodology with Twitter Sentimental Analysis for risk management

    Tomohisa Ishikawa, Kouichi Sakurai

    11th International Conference on Ubiquitous Information Management and Communication, IMCOM 2017 Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication, IMCOM 2017   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Once organizations have the security incident and breaches, they have to pay tremendous costs. Although visible cost, such as the incident response cost, customer follow-up care, and legal cost are predictable and calculable, it is tough to evaluate and estimate the invisible damage, such as losing customer loyalty, reputation impact, and the damage of branding. This paper proposes a new method, called "Event Study Methodology with Twitter Sentimental Analysis" to evaluate the invisible cost. This method helps to assess the impact of the security breach and the impact on corporate valuation.

    DOI: 10.1145/3022227.3022240

  • A detection system for distributed DoS attacks based on automatic extraction of normal mode and its performance evaluation

    Yaokai Feng, Yoshiaki Hori, Kouichi Sakurai

    10th International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage, SpaCCS 2017 Security, Privacy, and Anonymity in Computation, Communication, and Storage - 10th International Conference, SpaCCS 2017, Proceedings   461 - 473   2017年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Distributed DoS (Denial-of-Service) attacks, or say DDoS attacks, have reportedly caused the most serious losses in recent years and such attacks are getting worse. How to efficiently detect DDoS attacks has naturally become one of the hottest topics in the cyber security community and many approaches have been proposed. The existing detection technologies, however, have their own weak points. For example, methods based on information theory must choose an information theoretic measures carefully which play an essential role on the detection performance and such methods are efficient only when there are a significantly large number of anomalies present in the data; signature-based methods can not deal with new kinds of attacks and new variants of existing attacks, and so on. The behavior-based ones have been thought to be promising. However, they often need some parameters to define the normal nodes and such parameters cannot be determined easily in advance in many actual situations. In our previous work, an algorithm without parameters was proposed for extracting normal nodes from the historic traffic data. In this paper, we will explain a practical off-line detection system for DDoS attacks that we developed based on that algorithm in a project called PRACTICE (Proactive Response Against Cyber-attacks Through International Collaborative Exchange). The general flow of our detection system and the main specific technologies are explained in details and its detection performance is also verified by several actual examples.

    DOI: 10.1007/978-3-319-72389-1_37

  • On the robustness of visual cryptographic schemes

    Sabyasachi Dutta, Partha Sarathi Roy, Avishek Adhikari, Kouichi Sakurai

    15th International Workshop on Digital-Forensics and Watermarking, IWDW 2016 Digital Forensics and Watermarking - 15th International Workshop, IWDW 2016, Revised Selected Papers   10082 LNCS   251 - 262   2017年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this paper, we consider the robustness of a special type of secret sharing scheme known as visual cryptographic scheme in which the secret reconstruction is done visually without any mathematical computation unlike other secret sharing schemes. Initially, secret sharing schemes were considered with the presumption that the corrupted participants involved in a protocol behave in a passive manner and submit correct shares during the reconstruction of secret. However, that may not be the case in practical situations. A minimal robust requirement, when a fraction of participants behave maliciously and submit incorrect shares, is that, the set of all shares, some possibly corrupted, can recover the correct secret. Though the concept of robustness is well studied for secret sharing schemes, it is not at all common in the field of visual cryptography. We, for the first time in the literature of visual cryptography, formally define the concept of robustness and put forward (2, n)-threshold visual cryptographic schemes that are robust against deterministic cheating. In the robust secret sharing schemes it is assumed that the number of cheaters is always less than the threshold value so that the original secret is not recovered by the coalition of cheaters only. In the current paper, We consider three different scenarios with respect to the number of cheaters controlled by a centralized adversary. We first consider the existence of only one cheater in a (2, n)-threshold VCS so that the secret image is not recovered by the cheater. Next we consider two different cases, with number of cheaters being greater than 2, with honest majority and without honest majority.

    DOI: 10.1007/978-3-319-53465_719

  • A Brief Review on Anomaly Detection and its Applications to Cybersecurity (\情\報\通\信\シ\ス\テ\ム\セ\キ\ュ\リ\テ\

    Danilo Vasconcellos Vargas, Kouichi Sakurai

    \電\子\情\報\通\信\学\会\技\術\研\究\報\ IEICE technical report: \信\学\技\報   116 ( 522 )   37 - 42   2017年

     詳細を見る

    記述言語:その他   掲載種別:研究論文(学術雑誌)  

  • A Machine Learning Based Approach for Detecting DRDoS Attacks and Its Performance Evaluation

    Yuxuan Gao, Yaokai Feng, Junpei Kawamoto, Kouichi Sakurai

    11th Asia Joint Conference on Information Security, AsiaJCIS 2016 Proceedings - 11th Asia Joint Conference on Information Security, AsiaJCIS 2016   80 - 86   2016年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    DRDoS (Distributed Reflection Denial of Service) attack is a kind of DoS (Denial of Service) attack, in which third-party servers are tricked into sending large amounts of data to the victims. That is, attackers use source address IP spoofing to hide their identity and cause third-parties to send data to the victims as identified by the source address field of the IP packet. This is called reflection because the servers of benign services are tricked into "reflecting" attack traffic to the victims. The most typical existing detection methods of such attacks are designed based on known attacks by protocol and are difficult to detect the unknown ones. According to our investigations, one protocol-independent detection method has been existing, which is based on the assumption that a strong linear relationship exists among the abnormal flows from the reflector to the victim. Moreover, the method is assumed that the all packets from reflectors are attack packets when attacked, which is clearly not reasonable. In this study, we found five features are effective for detecting DRDoS attacks, and we proposed a method to detect DRDoS attacks using these features and machine learning algorithms. Its detection performance is experimentally examined and the experimental result indicates that our proposal is of clearly better detection performance.

    DOI: 10.1109/AsiaJCIS.2016.24

  • An Identity Preserving Access Control Scheme with Flexible System Privilege Revocation in Cloud Computing

    Rohit Ahuja, Sraban Kumar Mohanty, Kouichi Sakurai

    11th Asia Joint Conference on Information Security, AsiaJCIS 2016 Proceedings - 11th Asia Joint Conference on Information Security, AsiaJCIS 2016   39 - 47   2016年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The advent of cloud computing motivates business organizations to migrate their complex data management systems from local servers to cloud servers for scalable and durable resources on pay per use basis. Considering enormous users and large amount of documents at cloud servers, there is a requirement of an access control scheme, which supports fine-grained cum flexible access control along with 'Query-Response' mechanism to enable users to efficiently retrieve desired data from cloud servers. In addition, the scheme should support considerable flexibility to revoke system privileges from user, such as to restrict user from sharing or retrieving data or both, i.e., flexible system privilege revocation and most imperatively to preserve the identity of data owner and consumer, while sharing and retrieving data. Most of the access control schemes in cloud computing till date focus on restricting user from accessing data only. In this paper, we propose an identity preserving access control scheme to simultaneously realize the notion of scalability, fine-grained cum flexible access control, efficient data utilization, identity preserving and flexible system privilege revocation. We extend Ciphertext-Policy Attribute-Set-Based Encryption (CPASBE) in a hierarchical structure of users to achieve scalability. In addition, a hybridization of proxy re-encryption and CP-ASBE is introduced to materialize the concept of flexible system privilege revocation. Furthermore, we formally prove the security of our proposed scheme based on decisional bilinear Diffie-Hellman assumption. Efficacy of our scheme is depicted by performing comprehensive experiments.

    DOI: 10.1109/AsiaJCIS.2016.23

  • A proposal for cyber-attack trace-back using packet marking and logging

    Pengfei Li, Yaokai Feng, Junpei Kawamoto, Kouichi Sakurai

    10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2016 Proceedings - 2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2016   603 - 607   2016年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Cyber-attack incidents have become more and more frequent and serious. As a countermeasure against cyber-attacks, the technology of (IP address etc.) trace-back to the attackers is essential. Although many methods have been proposed for this purpose, the existing techniques suffer from the following problems. Only the specific attacks can be traced back. The tracing back is too time-consuming and correct traffic-path reconfiguration cannot be guaranteed. In this study, we propose a new method to discover attackers quickly and correctly. By using simulation data, its performance is demonstrated.

    DOI: 10.1109/IMIS.2016.89

  • A behavior-based method for detecting DNS amplification attacks

    Longzhu Cai, Yaokai Feng, Junpei Kawamoto, Kouichi Sakurai

    10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2016 Proceedings - 2016 10th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2016   608 - 613   2016年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    DNS (Domain Name System) amplification attack has become a popular form of the attacks of the Distributed Denial of Service (DDoS) in recent years. In DNS amplification attacks, the attackers utilize spoofed source IP addresses and open recursive DNS servers to perform the bandwidth consumption attacks. A lot of responses are generated and they are sent to the targets after the attackers send only a little of DNS requests. Various methods have been proposed for detecting the DNS amplification attacks. However, almost of them have to determine parameters in advance, which is not easy for many cases. In this study, we utilized the detection pattern and combination of three features to distinguish normal and attack. It can solve the problem that limitation of detection in the case of high-frequency and low-amplification attack.

    DOI: 10.1109/IMIS.2016.88

  • Cyberbullying detection using parent-child relationship between comments

    Ziyi Li, Junpei Kawamoto, Yaokai Feng, Kouichi Sakurai

    18th International Conference on Information Integration and Web-Based Applications and Services, iiWAS 2016 18th International Conference on Information Integration and Web-Based Applications and Services, iiWAS 2016 - Proceedings   Part F126325   325 - 334   2016年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Cyberbullying is a underlying problem in social networking service, threatening users' mental and physical health. Previous research on automated cyberbullying detection is mostly textual or social based methods. Cyberbullying content is identified through a set of textual features within the content in the former method and through social information surrounding the content in the latter method. Those methods can not cater difierent cyberbullying standard for individual SNS user since each content is evaluated using same features. Therefore, in this article we propose a automated cyberbullying detection method that utilises the parent-child relationship between comments to capture the reaction from a third party to detect cyberbullying comments. We were able to improve the effectiveness of cyberbullyingdetection using only publicly available data.

    DOI: 10.1145/3011141.3011182

  • Cyberbullying detection using parent-child relationship between comments 査読

    Ziyi Li, Junpei Kawamoto, Yaokai Feng, Kouichi Sakurai

    ACM International Conference Proceeding Series   325 - 334   2016年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Cyberbullying is a underlying problem in social networking service, threatening users' mental and physical health. Previous research on automated cyberbullying detection is mostly textual or social based methods. Cyberbullying content is identified through a set of textual features within the content in the former method and through social information surrounding the content in the latter method. Those methods can not cater difierent cyberbullying standard for individual SNS user since each content is evaluated using same features. Therefore, in this article we propose a automated cyberbullying detection method that utilises the parent-child relationship between comments to capture the reaction from a third party to detect cyberbullying comments. We were able to improve the effectiveness of cyberbullyingdetection using only publicly available data.

    DOI: 10.1145/3011141.3011182

  • Character-based symmetric searchable encryption and its implementation and experiment on mobile devices 査読

    Takanori Suga, Takashi Nishide, Kouichi Sakurai

    Security and Communication Networks   9 ( 12 )   1717 - 1725   2016年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Searchable encryption allows us to perform a keyword search over encrypted data. However, we cannot efficiently perform some complex search (e.g., a wildcard search) with traditional searchable encryption schemes because they can deal with only equality matches. Our symmetric searchable encryption can deal with partial matches. This allows us to efficiently perform a wildcard search, partial match search, and so on. We also examine the feasibility of our scheme by experiments on a smartphone and tablet, and confirm our scheme can be used in these environments. Availability on portable devices will offer high convenience.

    DOI: 10.1002/sec.876

  • Character-based symmetric searchable encryption and its implementation and experiment on mobile devices 査読

    Takanori Suga, Takashi Nishide, Kouichi Sakurai

    Security and Communication Networks   9 ( 12 )   1717 - 1725   2016年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Searchable encryption allows us to perform a keyword search over encrypted data. However, we cannot efficiently perform some complex search (e.g., a wildcard search) with traditional searchable encryption schemes because they can deal with only equality matches. Our symmetric searchable encryption can deal with partial matches. This allows us to efficiently perform a wildcard search, partial match search, and so on. We also examine the feasibility of our scheme by experiments on a smartphone and tablet, and confirm our scheme can be used in these environments. Availability on portable devices will offer high convenience. Copyright © 2013 John Wiley &amp
    Sons, Ltd.

    DOI: 10.1002/sec.876

  • Analysis of "receipt-freeness" and "coercion-resistance" in biometric authentication protocols

    Yoshifumi Ueshige, Kouichi Sakurai

    30th IEEE International Conference on Advanced Information Networking and Applications, AINA 2016 Proceedings - IEEE 30th International Conference on Advanced Information Networking and Applications, IEEE AINA 2016   2016-May   769 - 775   2016年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Recently, biometric authentication protocols are developed. Security of these protocols originates in compromising no privacy information by wiretapping, malicious access and etc. in the authentication processes. With regard to this, the authors pointed out the risk of excessive collection of privacy information caused by remaining data related to biometric authentication data such as logs and intermediate processing data on the authentication servers. As a requirement against this risk, the authors introduced receipt-freeness of biometric authentication protocols. In this research, the authors develop the above research by investigating so-called coercion-resistance which means resistance against coercing user into executing biometric authentication. This paper describes definition of coercion-resistance against wiretapping coercer, relevance to receipt-freeness, and analysis of coercion-resistance in two IC card based protocols. The results show one of the protocols satisfies receipt-freeness and coercion-resistance, although another one does not satisfy.

    DOI: 10.1109/AINA.2016.97

  • Message from the STPA 2016 Workshop Organizers 査読

    Kouichi Sakurai, Amiya Nayak, Sushmita Ruj, Haojin Zhu, Arindam Pal

    Proceedings - IEEE 30th International Conference on Advanced Information Networking and Applications Workshops, WAINA 2016   lxviii   2016年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1109/WAINA.2016.215

  • A multivariate encryption scheme with Rainbow 査読

    Takanori Yasuda, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   9543   236 - 251   2016年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Multivariate Public Key Cryptosystems (MPKC) are a candidate of post-quantum cryptography. The MPKC signature scheme Rainbow is endowed of efficient signature generation and verification, while no major attack has been reported so far. In this paper, we propose a MPKC encryption scheme based on Rainbow. The public key of Rainbow is a surjective polynomial map, whereas the encryption scheme requires an injective polynomial map. We explain how to change the public key of Rainbow to an injective map.

    DOI: 10.1007/978-3-319-29814-6_19

  • Evaluation of Matching Accuracy of Template Matching Using a Steganography Algorithm

    Hirokazu Ishizuka, Kouichi Sakurai, Isao Echizen, Keiichi Iwamura

    3rd International Symposium on Computing and Networking, CANDAR 2015 Proceedings - 2015 3rd International Symposium on Computing and Networking, CANDAR 2015   457 - 462   2016年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The steganography that we suggested uses the data that ties strongly to the characteristics of the original image as watermark information without changing the original image. Although similarity with zero-watermarking is pointed out, the major difference is that our method does not need pre-processing for a feature extraction at decoding. Since the decoding can do at high speed, besides using as the original steganography, it is possible to apply it to similar image retrieving, similar image order sorting or template matching. For example, when applying it to medical images, a doctor is possible to pick some similar images from a medical image database and refers the treatments through the images with concealing the information of the patient. This time, we have investigated the identification accuracy of our method with respect to the template matching of similar image searching.

    DOI: 10.1109/CANDAR.2015.68

  • Constructing Pairing-Friendly Elliptic Curves Using Global Number Fields

    Takanori Yasuda, Tsuyoshi Takagi, Kouichi Sakurai

    3rd International Symposium on Computing and Networking, CANDAR 2015 Proceedings - 2015 3rd International Symposium on Computing and Networking, CANDAR 2015   477 - 483   2016年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Efficient implementation of pairing-based cryptography requires construction of a pairing-friendly curve and its corresponding twisted curve. In this paper, we give a formula which determines the twisted curve. The formula are obtained by using technique in the algebraic number theory such as the complex multiplication theory. Applying the formula, we present an easy method for constructing pairing-friendly curves for BN-family. In fact, our method does not require the process of elliptic curve construction and finite field construction, but only requires searching an integer satisfying some conditions. Using our construction method, we implemented an optimal ate pairing for BN-family which is usable at various security levels, and investigated the time efficiency of the pairing computation for various security levels.

    DOI: 10.1109/CANDAR.2015.28

  • A multivariate encryption scheme with Rainbow 査読

    Takanori Yasuda, Kouichi Sakurai

    Lecture Notes in Computer Science   9543   236 - 251   2016年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Multivariate Public Key Cryptosystems (MPKC) are a candidate of post-quantum cryptography. The MPKC signature scheme Rainbow is endowed of efficient signature generation and verification, while no major attack has been reported so far. In this paper, we propose a MPKC encryption scheme based on Rainbow. The public key of Rainbow is a surjective polynomial map, whereas the encryption scheme requires an injective polynomial map. We explain how to change the public key of Rainbow to an injective map.

    DOI: 10.1007/978-3-319-29814-6_19

  • Authentication in mobile cloud computing A survey 査読

    Mojtaba Alizadeh, Saeid Abolfazli, Mazdak Zamani, Sabariah Baaaharun, Kouichi Sakurai

    Journal of Network and Computer Applications   61   59 - 80   2016年2月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Mobile cloud computing (MCC) is the state-of-the-art mobile distributed computing model that incorporates multitude of heterogeneous cloud-based resources to augment computational capabilities of the plethora of resource-constraint mobile devices. In MCC, execution time and energy consumption are significantly improved by transferring execution of resource-intensive tasks such as image processing, 3D rendering, and voice recognition from the hosting mobile to the cloud-based resources. However, accessing and exploiting remote cloud-based resources is associated with numerous security and privacy implications, including user authentication and authorization. User authentication in MCC is a critical requirement in securing cloud-based computations and communications. Despite its critical role, there is a gap for a comprehensive study of the authentication approaches in MCC which can provide a deep insight into the state-of-the-art research. This paper presents a comprehensive study of authentication methods in MCC to describe MCC authentication and compare it with that of cloud computing. The taxonomy of the state-of-the-art authentication methods is devised and the most credible efforts are critically reviewed. Moreover, we present a comparison of the state-of-the-art MCC authentication methods considering five evaluation metrics. The results suggest the need for futuristic authentication methods that are designed based on capabilities and limitations of MCC environment. Finally, the design factors deemed could lead to effective authentication mechanisms are presented, and open challenges are highlighted based on the weaknesses and strengths of existing authentication methods.

    DOI: 10.1016/j.jnca.2015.10.005

  • Authentication in mobile cloud computing: A survey. 59-80 査読 国際誌

    Mojtaba Alizadeh, Saeid Abolfazli, Mazdak Zamani, Sabariah Baharun, Kouichi Sakurai

    Journal of Network and Computer Applications   59 - 80   2016年2月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: https://doi.org/10.1016/j.jnca.2015.10.005

    その他リンク: http://www.sciencedirect.com/science/article/pii/S1084804515002258

  • Retricoin: Bitcoin based on compact proofs of retrievability 査読

    Binanda Sengupta, Samiran Bag, Kouichi Sakurai, Sushmita Ruj

    ACM International Conference Proceeding Series   04-07-   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Bitcoin [24] is a fully decentralized electronic cash system. The generation of the proof-of-work in Bitcoin requires large amount of computing resources. However, this huge amount of energy is wasted as one cannot make something useful out of it. In this paper, we propose a scheme called Retricoin which replaces the heavy computational proof-of-work of Bitcoin by proofs of retrievability that have practical benefits. To guarantee the availability of an important but large file, we distribute the segments of the file among the users in the Bitcoin network. Every user who wants to mine Bitcoins must store a considerable portion of this file and prove her storage to other peers in the network using proofs of retrievability. The file can be constructed at any point of time from the users storing their respective segments untampered. Retricoin is more efficient than the existing Permacoin scheme [23] in terms of storage overhead and network bandwidth required to broadcast the proof to the Bitcoin network. The verification time in our scheme is comparable to that of Permacoin and reasonable for all practical purposes. We also design an algorithm to let the miners in a group (or pool) mine collectively.

    DOI: 10.1145/2833312.2833317

  • Cross-group secret sharing for secure cloud storage service 査読

    Chenyutao Ke, Hiroaki Anada, Junpei Kawamoto, Kirill Morozov, Kouichi Sakurai

    ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    With the spread of the Internet, many mobile devices are used in our daily lives, such as tablets and mobile phones. Then, personal data are often saved on data servers of the storage providers such as Amazon, Google, Yahoo, Baidu and others. In this context, the secret sharing can be used to store personal data onto several providers, simultaneously reducing the risk of data loss, the data leakage to unauthorized parties, and data falsification. Secret sharing is one of the solutions to combine security and availability in the distributed storage. However, few works considered servers' affiliations, and specifically, the problem that a malicious provider may recover secret data illegally through manipulation on servers that hold enough shares to recover the secret. In this paper, to resolve the problem, we propose a two-threshold secret sharing scheme in order to enforce a new type of cross-group policy. By combining t-out-of-m providers' secret sharing scheme and a k-out-of-n servers' secret sharing scheme via an one-way function or an one-time pad, we construct a scheme that forces k shares to be collected from m groups. Compared with previous work, our scheme can attain the functionalities of proactively updating shares and adding new shares with simple computation.

    DOI: 10.1145/2857546.2857610

  • A study of security management with cyber insurance 査読

    Tomohisa Ishikawa, Kouichi Sakurai

    ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Since the recent security breach requires the intensification of security management, the documents, describing the best practice of security management, are published by experts. However, the implementations of all best practice are tough because of the cost and the difficulty of cost-effective security investment. This paper discusses the security management theory with cyber risk insurance, especially the effectiveness of cyber risk insurance by Monte Carlo simulation approach.

    DOI: 10.1145/2857546.2857615

  • Yet another note on block withholding attack on bitcoin mining pools

    Samiran Bag, Kouichi Sakurai

    19th Annual International Conference on Information Security, ISC 2016 Information Security - 19th International Conference, ISC 2016, Proceedings   9866 LNCS   167 - 180   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this paper we provide a short quantitative analysis of Bit- coin Block Withholding (BWH) Attack. In this study, we investigate the incentive earned by a miner who either independently or at the diktat of a separate mining pool launches Block Withholding attack on a target mining pool. The victim pool shares its earned revenue with the rogue attacker. We investigate the property revenue function of the attacker and find parameters that could maximize the gain of the attacker. We then propose a new concept that we call “special reward”. This spe- cial rewarding scheme is aimed at discouraging the attackers by grant- ing additional incentive to a miner who actually finds a block. A BWH attacker who never submits a valid block to the pool will be deprived from this special reward and her gain will be less than her expectation. Depending upon the actual monetary value of the special reward a pool can significantly reduce the revenue of a BWH attacker and thus can even ward off the threat of an attack.

    DOI: 10.1007/978-3-319-45871-7_11

  • Retricoin Bitcoin based on compact proofs of retrievability

    Binanda Sengupta, Samiran Bag, Kouichi Sakurai, Sushmita Ruj

    17th International Conference on Distributed Computing and Networking, ICDCN 2016 Proceedings of the 17th International Conference on Distributed Computing and Networking, ICDCN 2016   04-07-January-2016   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Bitcoin [24] is a fully decentralized electronic cash system. The generation of the proof-of-work in Bitcoin requires large amount of computing resources. However, this huge amount of energy is wasted as one cannot make something useful out of it. In this paper, we propose a scheme called Retricoin which replaces the heavy computational proof-of-work of Bitcoin by proofs of retrievability that have practical benefits. To guarantee the availability of an important but large file, we distribute the segments of the file among the users in the Bitcoin network. Every user who wants to mine Bitcoins must store a considerable portion of this file and prove her storage to other peers in the network using proofs of retrievability. The file can be constructed at any point of time from the users storing their respective segments untampered. Retricoin is more efficient than the existing Permacoin scheme [23] in terms of storage overhead and network bandwidth required to broadcast the proof to the Bitcoin network. The verification time in our scheme is comparable to that of Permacoin and reasonable for all practical purposes. We also design an algorithm to let the miners in a group (or pool) mine collectively.

    DOI: 10.1145/2833312.2833317

  • On the application of clique problem for proof-of-work in cryptocurrencies

    Samiran Bag, Sushmita Ruj, Kouichi Sakurai

    11th International Conference on Information Security and Cryptology, Inscrypt 2015 Information Security and Cryptology - 11th International Conference, Inscrypt 2015, Revised Selected Papers   260 - 279   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this work we propose a scheme that could be used as an alternative to the existing proof of work(PoW) scheme for mining in Bitcoin P2P network. Our scheme ensures that the miner must do at least a non-trivial amount of computation for solving the computational problem put forth in the paper and thus solving a PoW puzzle. Here, we have proposed to use the problem of finding the largest clique in a big graph as a replacement for the existing Bitcoin PoW scheme. In this paper, we have dealt with a graph having O(230) vertices and O(248) edges which is constructed deterministically using the set of transactions executed within a certain time slot. We have discussed some algorithms that can be used by any Bitcoin miner to solve the PoW puzzle. Then we discuss an algorithm that could perform this task by doing O(280) hash calculations. We have also proposed an improvement to this algorithm by which the PoW puzzle can be solved by calculating O(270.5) hashes and using O(248) space. This scheme is better than the existing proof of work schemes that use Hashcash, where a lucky miner could manage to find a solution to the proof of work puzzle by doing smaller amount of computation though it happens with very low probability. Bitcoin incentivizes the computing power of miners and hence, it is desirable that miners with more computing power always wins. Also, the Bitcoin PoW scheme only incentivizes computing power of miners but our PoW scheme incentivizes both computing power and memory of a miner. In our proposed scheme only the miner cannot randomly find a largest clique without knowing the clique number of the graph.

    DOI: 10.1007/978-3-319-38898-4_16

  • Expressive rating scheme by signatures with predications on ratees

    Hiroaki Anada, Sushmita Ruj, Kouichi Sakurai

    10th International Conference on Network and System Security, NSS 2016 Network and System Security - 10th International Conference, NSS 2016, Proceedings   9955 LNCS   363 - 379   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Reputation boards are popular tools because of their useful information of products for consumers. In this paper, we propose a rating scheme for the reputation boards. The feature of our rating scheme is that it enables users to rate not only products but also their providers expressively by using digital signatures with predications on ratees. First, we define a syntax of such an expressive rating scheme. Then, we provide a generic conversion of a cryptographic primitive called an attributebased signature scheme (ABS) into an expressive rating scheme. Using a boolean formula on attributes of ratees, signatures with predications on ratees are generated, which we call expressive ratings. Public linkability of ABS is effectively used to prohibit double ratings. Also, employing an ABS scheme of the Fiat-Shamir type, we construct a concrete efficient expressive rating scheme.

    DOI: 10.1007/978-3-319-46298-1_24

  • Evaluation of gamma ray durability of RF tag and application to the radiation environment

    Nobuyuki Teraura, Kunio Ito, Daisuke Kobayashi, Kouichi Sakurai

    IEEE International Conference on RFID Technology and Applications, RFID-TA 2015 2015 IEEE International Conference on RFID Technology and Applications, RFID-TA 2015   147 - 152   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    As for common RF tag, the circuitry operator part is formed with the semiconductor. Then, when radiation, such as a gamma ray, is irradiated, a recoverable soft error and unrecoverable hard error will occur. Therefore, it cannot be used depending on the exposure dose of radiation. However, a radiation-proof ability can be raised by incorporating a shielding and an error correction. Then, RF tag which covered was irradiated with the gamma ray originating in Cesium 137 or Cobalt 60 grade, and the durability was evaluated. The application which uses this radiation-proof RF tag under radiation environment is proposed. They are management of the radioactive component generated from radioactive waste or a decommissioning process to improve the traceability, etc. Moreover, the evaluation result of RF tag used for management of the medical relationship instrument which performs gamma sterilization is described.

    DOI: 10.1109/RFID-TA.2015.7379809

  • Efficient threshold secret sharing schemes secure against rushing cheaters

    Avishek Adhikari, Kirill Morozov, Satoshi Obana, Partha Sarathi Roy, Kouichi Sakurai, Rui Xu

    9th International Conference on Information-Theoretic Security, ICITS 2016 Information Theoretic Security - 9th International Conference, ICITS 2016, Revised Selected Papers   10015 LNCS   3 - 23   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this paper, we consider two very important issues namely detection and identification of k-out-of-n secret sharing schemes against rushing cheaters who are allowed to submit (possibly forged) shares after observing shares of the honest users in the reconstruction phase. Towards this, we present four different schemes. Among these, first we present two k-out-of-n secret sharing schemes, the first one being capable of detecting (k − 1)/3 cheaters such that |Vi| = |S|/∊3 and the second one being capable of detecting n − 1 cheaters such that |Vi| = |S|/∊k+1, where S denotes the set of all possible secrets, ∊ denotes the successful cheating probability of cheaters and Vi denotes set all possible shares. Next we present two k-out-of-n secret sharing schemes, the first one being capable of identifying (k−1)/3 rushing cheaters with share size |Vi| that satisfies |Vi| = |S|/∊k. This is the first scheme, whose size of shares does not grow linearly with n but only with k, where n is the number of participants. For the second one, in the setting of public cheater identification, we present an efficient optimal cheater resilient k-out-of-n secret sharing scheme against rushing cheaters having the share size |Vi| = (n−t)n+2t|S|/∊n+2t. The proposed scheme achieves flexibility in the sense that the security level (i.e., the cheater(s) success probability) is independent of the secret size. Each of the four proposed schemes has the smallest share size among the existing schemes having the mentioned properties in the respective models.

    DOI: 10.1007/978-3-319-49175-2_1

  • Cross-group secret sharing for secure cloud storage service

    Chenyutao Ke, Hiroaki Anada, Junpei Kawamoto, Kirill Morozov, Kouichi Sakurai

    10th International Conference on Ubiquitous Information Management and Communication, IMCOM 2016 ACM IMCOM 2016 Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    With the spread of the Internet, many mobile devices are used in our daily lives, such as tablets and mobile phones. Then, personal data are often saved on data servers of the storage providers such as Amazon, Google, Yahoo, Baidu and others. In this context, the secret sharing can be used to store personal data onto several providers, simultaneously reducing the risk of data loss, the data leakage to unauthorized parties, and data falsification. Secret sharing is one of the solutions to combine security and availability in the distributed storage. However, few works considered servers' affiliations, and specifically, the problem that a malicious provider may recover secret data illegally through manipulation on servers that hold enough shares to recover the secret. In this paper, to resolve the problem, we propose a two-threshold secret sharing scheme in order to enforce a new type of cross-group policy. By combining t-out-of-m providers' secret sharing scheme and a k-out-of-n servers' secret sharing scheme via an one-way function or an one-time pad, we construct a scheme that forces k shares to be collected from m groups. Compared with previous work, our scheme can attain the functionalities of proactively updating shares and adding new shares with simple computation.

    DOI: 10.1145/2857546.2857610

  • Computational soundness of uniformity properties for multi-party computation based on LSSS

    Hui Zhao, Kouichi Sakurai

    7th International Conference on the Theory, Technologies and Applications of Trusted Systems, INTRUST 2015 Trusted Systems - 7th International Conference, INTRUST 2015, Revised Selected Papers   99 - 113   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    We provide a symbolic model for multi-party computation based on linear secret-sharing scheme, and prove that this model is computationally sound: if there is an attack in the computational world, then there is an attack in the symbolic (abstract) model. Our original contribution is that we deal with the uniformity properties, which cannot be described using a single execution trace, while considering an unbounded number of sessions of the protocols in the presence of active and adaptive adversaries.

    DOI: 10.1007/978-3-319-31550-8_7

  • CCA-secure keyed-fully homomorphic encryption

    Junzuo Lai, Robert H. Deng, Changshe Ma, Kouichi Sakurai, Jian Weng

    19th IACR International Conference on Practice and Theory in Public-Key Cryptography, PKC 2016 Public-Key Cryptography - PKC 2016 - 19th IACR International Conference on Practice and Theory in Public-Key Cryptography, Proceedings   70 - 98   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    To simultaneously achieve CCA security and homomorphic property for encryption, Emura et al. introduced a new cryptographic primitive named keyed-homomorphic encryption, in which homomorphic ciphertext manipulations can only be performed by someone holding a devoted evaluation key which, by itself, does not enable decryption. A keyed-homomorphic encryption scheme should provide CCA2 security when the evaluation key is unavailable to the adversary and remain CCA1-secure when the evaluation key is exposed. While existing keyedhomomorphic encryption schemes only allow simple computations on encrypted data, our goal is to construct CCA-secure keyed-fully homomorphic encryption (keyed-FHE) capable of evaluating any functions on encrypted data with an evaluation key. In this paper, we first introduce a new primitive called convertible identity-based fully homomorphic encryption (IBFHE), which is an IBFHE with an additional transformation functionality, and define its security notions. Then, we present a generic construction of CCA-secure keyed-FHE from IND-sID-CPA-secure convertible IBFHE and strongly EUF-CMA-secure signature. Finally, we propose a concrete construction of IND-sID-CPA-secure convertible IBFHE, resulting in the first CCAsecure keyed-FHE scheme in the standard model.

    DOI: 10.1007/978-3-662-49384-7_4

  • Attribute-based two-tier signatures Definition and construction

    Hiroaki Anada, Seiko Arita, Kouichi Sakurai

    18th International Conference on Information Security and Cryptology, ICISC 2015 Information Security and Cryptology - ICISC 2015 - 18th International Conference, Revised Selected Papers   9558   36 - 49   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Attribute-based signature scheme (ABS) is a functional variant of digital signature scheme proposed in 2008 by Maji et al. The two basic requirements of ABS (and a hard task to achieve) is collusion resistance and attribute privacy. In this paper, we employ the two-tier signature (TTS) technique to achieve the collusion resistance. Here TTS was proposed in 2007 by Bellare et al., where a signer receives two tier secret keys sequentially. The secondary secret key is served as a onetime key at the timing of signing. First, we propose a definition of an attribute-based two-tier signature scheme (ABTTS). Then we provide ABTTS concretely that enjoys existential unforgeability against chosenmessage attacks, collusion resistance and attribute privacy, in the standard model. For the construction, enhancing the Camenisch-Lysyanskaya signature, we construct signature bundle schemes that are secure under the Strong RSA assumption and the Strong Diffie-Hellman assumption, respectively. These signature bundle schemes enable ABTTS to achieve attribute privacy. Then, using the signature bundle as a witness in the Σ-protocol of the boolean proof, we obtain attribute-based identification schemes (ABIDs). Finally, by applying the TTS technique to ABIDs, we achieve ABTTSs. A feature of our construction is that ABTTS in the RSA setting is pairing-free.

    DOI: 10.1007/978-3-319-30840-1_3

  • Application of NTRU using group rings to partial decryption technique

    Takanori Yasuda, Hiroaki Anada, Kouichi Sakurai

    7th International Conference on the Theory, Technologies and Applications of Trusted Systems, INTRUST 2015 Trusted Systems - 7th International Conference, INTRUST 2015, Revised Selected Papers   9565   203 - 213   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Partial decryption enables a ciphertext to be decrypted partially according to provided secret keys. In this paper, we propose a public key encryption scheme with the functionality of partial decryption. Our strategy is to use the NTRU cryptosystem. Under a design principle of the mathematical structure “group ring”, we extend the original NTRU into group ring NTRU (GR-NTRU). First, we propose a generic framework of our GR-NTRU. Our GR-NTRU allows partial decryption with a single encryption process using a single public key. Besides, when we execute partial decryption under a secret key of GR-NTRU, we need no information to identify each part in a whole ciphertext. Consequently, management of a public key and a corresponding set of secret keys is rather easier than the naive method. Next, we propose a concrete instantiation of our generic GR-NTRU. A multivariate polynomial ring NTRU scheme is obtained by employing a product of different cyclic groups as the basis of the group ring structure.We will show examples of those new variants of NTRU schemes with concrete parameter values, and explain how we can employ them to use the functionality of partial decryption.

    DOI: 10.1007/978-3-319-31550-8_13

  • An analysis of IT assessment security maturity in higher education institution

    Misni Harjo Suwito, Shinchi Matsumoto, Junpei Kawamoto, Dieter Gollmann, Kouichi Sakurai

    International Conference on Information Science and Applications, ICISA 2016 Information Science and Applications, ICISA 2016   376   701 - 713   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The information technology (IT) has been applied widely in Indonesia Higher Education Institution for various services. Many organizations responsible for managing the IT infrastructure, however, rarely have a framework for assessing the security maturity level of their information management. The implementation of a framework is one of solutions, but has not been yet maximized. Therefore we suggest to combine several frameworks in hope that they can be complementary. The combination of different frameworks will be more effective to monitoring the security maturity level by using an assessment security maturity management. This assessment security maturity management is a combination of framework control objective from IT Governance COBIT® 4.1 (Control Objectives for Information and related Technology) with Management Service in ITIL v3 (Information Technology Infrastructure Library) and ISO/IEC 27001. Since assessment of security maturity management is measured using COBIT® 4.1 assessment framework, and before it was adjusted with the ISO 27001 framework applied maximal. This paper present the results of assessment maturity security management, mapping of combination framework providing an indicator of security maturity level at one of university in Jakarta. A case study conducted shows that combination of some frameworks to support assessment of security maturity management level becomes more effective and efficient.

    DOI: 10.1007/978-981-10-0557-2_69

  • A study of security management with cyber insurance

    Tomohisa Ishikawa, Kouichi Sakurai

    10th International Conference on Ubiquitous Information Management and Communication, IMCOM 2016 ACM IMCOM 2016: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Since the recent security breach requires the intensification of security management, the documents, describing the best practice of security management, are published by experts. However, the implementations of all best practice are tough because of the cost and the difficulty of cost-effective security investment. This paper discusses the security management theory with cyber risk insurance, especially the effectiveness of cyber risk insurance by Monte Carlo simulation approach.

    DOI: 10.1145/2857546.2857615

  • Cross-group Secret Sharing for Secure Cloud Storage Service 査読 国際誌

    Chenyutao Ke, Hiroaki Anada, Junpei Kawamoto, Kirill MOROZOV, Kouichi Sakurai

    ACM IMCOM '16, January 04-06, 2016, Danang, Viet Nam   2016年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

    DOI: DOI: http://dx.doi.org/10.1145/2857546.2857610

  • Erratum Cryptanalysis and improvement of "A secure password authentication mechanism for seamless handover in proxy mobile IPv6 networks" (PLoS ONE (2015) 10:11 (e0142716) DOI:10.1371/journal.pone.0142716) 査読

    Mojtaba Alizadeh, Mazdak Zamani, Sabariah Baharun, Azizah Abdul Manaf, Kouichi Sakurai, Hiroaki Anada, Hassan Keshavarz, Shehzad Ashraf Chaudhry, Muhammad Khurram Khan

    PLoS One   10 ( 12 )   2015年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1371/journal.pone.0145975

  • Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks" 査読

    Mojtaba Alizadeh, Mazdak Zamani, Sabariah Baharun, Azizah Abdul Manaf, Kouichi Sakurai, Hiroki Anada, Hassan Keshavarz, Shehzad Ashraf Chaudhry, Muhammad Khurram Khan

    PLOS ONE   10 ( 11 )   2015年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

    DOI: 10.1371/journal.pone.0142716

  • Cryptanalysis and improvement of "a secure password authentication mechanism for seamless handover in proxy mobile IPv6 networks" 査読

    Mojtaba Alizadeh, Mazdak Zamani, Sabariah Baharun, Azizah Abdul Manaf, Kouichi Sakurai, Hiroki Anada, Hassan Keshavarz, Shehzad Ashraf Chaudhry, Muhammad Khurram Khan

    PLoS One   10 ( 11 )   2015年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

    DOI: 10.1371/journal.pone.0142716

  • A note on the security of KHL scheme 査読

    Jian Weng, Yunlei Zhao, Robert H. Deng, Shengli Liu, Yanjiang Yang, Kouichi Sakurai

    Theoretical Computer Science   602   1 - 6   2015年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    A public key trace and revoke scheme combines the functionality of broadcast encryption with the capability of traitor tracing. In Asiacrypt 2003, Kim, Hwang and Lee proposed a public key trace and revoke scheme (referred to as KHL scheme), and gave the security proof to support that their scheme is z-resilient against adaptive chosen-ciphertext attacks, in which the adversary is allowed to adaptively issue decryption queries as well as adaptively corrupt up to z users. In the passed ten years, KHL scheme has been believed as one of the most efficient public key trace and revoke schemes with z-resilience against adaptive chosen-ciphertext attacks under the well-studied DDH assumption. However, in this paper, by giving a concrete attack, we indicate that KHL scheme is actually not secure against adaptive chosen-ciphertexts, even without corruption of any user. We then identify the flaws in the security proof for KHL-scheme, and discuss the consequences of the attack.

    DOI: 10.1016/j.tcs.2015.07.051

  • A multivariate quadratic challenge toward post-quantum generation cryptography 査読

    Takanori Yasuda, Xavier Dahan, Yun Ju Huang, Tsuyoshi Takagi, Kouichi Sakurai

    ACM Communications in Computer Algebra   49 ( 3 )   105 - 107   2015年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Multivariate polynomials over finite fields have found applications in Public Key Cryptography (PKC) where the hardness to find solutions provides the "one-way function" indispensable to such cryptosystems. Several schemes for both encryption and signature have been proposed, many of which are using quadratic (degree 2) polynomials. Finding a solution to such systems in general is called MQ problem, which easiest "generic" instances are NP-hard. An important feature of this Multivariate Pubic Key Cryptography (MPKC) is the resistance to quantum computers: no faster quantum algorithm than classical ones to solve MQ problem is known. Besides being thereby a candidate for Post-Quantum Cryptography, signatures are much shorter than to other candidates. We have established an open public "MQ Challenge" (https://www.mqchallenge.org) to stimulate progress in the design of efficient algorithms to solve MQ problem, and thus test limit parameters guaranteeing security of MPKC.

    DOI: 10.1145/2850449.2850462

  • Proposal of multi-value cell structure for high-density two-dimensional codes and evaluation of readability using smartphones 査読

    Nobuyuki Teraura, Kouichi Sakurai

    2015 7th International Conference on New Technologies, Mobility and Security - Proceedings of NTMS 2015 Conference and Workshops   2015年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In the now-popular two-dimensional code, bits are expressed using white and two black colors in the cell, which forms the element. However, such codes do not have confidentiality. Since confidentiality may be needed according to the use, a large-capacity and high-density two-dimensional code with compatibility and confidentiality can be realized by adding a secrecy part in addition to the existing part. To enlarge capacity, it is necessary to form a cell using many bits, which requires a multicolor method. The read verification of the compatible area and the additional area was carried out using a smartphone, and the code was verified to confirm its practicality.

    DOI: 10.1109/NTMS.2015.7266514

  • A multivariate quadratic challenge toward post-quantum generation cryptography 査読

    Takanori Yasuda, Xavier Dahan, Yun-Ju Huang, Tsuyoshi Takagi, Kouichi Sakurai

    ACM Communications in Computer Algebra   49 ( 3 )   105 - 107   2015年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Multivariate polynomials over finite fields have found applications in Public Key Cryptography (PKC) where the hardness to find solutions provides the "one-way function" indispensable to such cryptosystems. Several schemes for both encryption and signature have been proposed, many of which are using quadratic (degree 2) polynomials. Finding a solution to such systems in general is called MQ problem, which easiest "generic" instances are NP-hard. An important feature of this Multivariate Pubic Key Cryptography (MPKC) is the resistance to quantum computers: no faster quantum algorithm than classical ones to solve MQ problem is known. Besides being thereby a candidate for Post-Quantum Cryptography, signatures are much shorter than to other candidates. We have established an open public "MQ Challenge" (https://www.mqchallenge.org) to stimulate progress in the design of efficient algorithms to solve MQ problem, and thus test limit parameters guaranteeing security of MPKC.

    DOI: 10.1145/2850449.2850462

  • Proposal of multi-value cell structure for high-density two-dimensional codes and evaluation of readability using smartphones

    Nobuyuki Teraura, Kouichi Sakurai

    7th International Conference on New Technologies, Mobility and Security, NTMS 2015 2015 7th International Conference on New Technologies, Mobility and Security - Proceedings of NTMS 2015 Conference and Workshops   2015年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In the now-popular two-dimensional code, bits are expressed using white and two black colors in the cell, which forms the element. However, such codes do not have confidentiality. Since confidentiality may be needed according to the use, a large-capacity and high-density two-dimensional code with compatibility and confidentiality can be realized by adding a secrecy part in addition to the existing part. To enlarge capacity, it is necessary to form a cell using many bits, which requires a multicolor method. The read verification of the compatible area and the additional area was carried out using a smartphone, and the code was verified to confirm its practicality.

    DOI: 10.1109/NTMS.2015.7266514

  • Detection of illegal players in massively multiplayer online role playing game by classification algorithms

    Zhongqqiang Zhang, Hiroaki Anada, Junpei Kawamoto, Kouichi Sakurai

    29th IEEE International Conference on Advanced Information Networking and Applications, AINA 2015 Proceedings - IEEE 29th International Conference on Advanced Information Networking and Applications, AINA 2015   2015-April   406 - 413   2015年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Online games have become one of the most popular games in recent years. However, fraud such as real money trading and the use of game bot, has also increased accordingly. In order to maintain a balance in the virtual world, the operators of online games have taken a stern response to the players who conduct fraud. In this study, we have sorted out players' behaviors based on players' game playing time in order to support and find potentially illegal players in the MMORPG. In this paper, we added a topic model to the experiment and used k-means as a major tool to classify the players in the World of War craft Avatar History Dataset and find potentially illegal players.

    DOI: 10.1109/AINA.2015.214

  • Detection of Android ad library focusing on HTTP connections and view object redraw behaviors

    Naoya Kajiwara, Junpei Kawamoto, Shinichi Matsumoto, Yoshiaki Hori, Kouichi Sakurai

    2015 International Conference on Information Networking, ICOIN 2015 2015 International Conference on Information Networking, ICOIN 2015   2015-January   104 - 109   2015年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In recent years, the smart phone application market has expanded rapidly. One of reasons is the popularity of free applications. A developer acquires his revenues by including advertising libraries in his own application. However, some problems about these advertising libraries become clear from recent researches. Especially in the leakage of privacy information is known as a typical problem which advertising libraries cause. In order to solve this problem, the technology which detects advertisement libraries is important. In this paper, we propose a method for detection of Android ad library. We focus on the acquisition and redraw of advertising image operation which are the basic operations of mobile advertisement. Firstly, we tried running some applications with advertisements. Then, It turned out that mobile advertisements acquire advertising images from server and set that image on the screen at a fixed interval. By modifying AndroidOS, logging HTTP connections and View object redraw behaviors, we confirmed the ad image acquisition behavior. Moreover, to take advantage of the periodicity of this behavior, we carried out Fourier-transform the invocation time data of HTTP connections and redraw of View objects. Then, we extracted the periodicity by calculating correlation coefficient for these two data. From the value of correlation coefficient, it is possible to judge whether advertisement library is incorporated into an application or not. As a result, our proposal method results in a output of about 76 % detection rate.

    DOI: 10.1109/ICOIN.2015.7057865

  • Detection of Illegal Players in Massively Multiplayer Online Role Playing Game by Classification Algorithms. 査読 国際誌

    Zhongqqiang Zhang, Hiroaki Aanada, Junpei Kawamoto, Kouichi Sakurai

    AINA, IEEE Computer Society   2015年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Provably Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks 査読 国際誌

    Kuo-Yang Wu, Kuo-Yu Tsai, Tzong-Chen Wu, Kouichi Sakurai

    J. Inf. Sci. Eng.   31 ( 2 )   727 - 742   2015年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Parallelization of QUAD stream cipher using linear recurring sequences on graphics processing units 査読

    Satoshi Tanaka, Chen-Mou Cheng, Takanori Yasuda, Kouichi Sakurai

    Proceedings - 2014 2nd International Symposium on Computing and Networking, CANDAR 2014   543 - 548   2015年2月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Proposed by Berbain, Gilbert, and Patarin in Euro crypt 2006, QUAD is a provably secure stream cipher. The speed of QUAD depends on the computational cost of evaluating quadratic polynomials over finite fields. For QUAD with m quadratic polynomials in n unknowns over GF (q), this requires O (mn2) GF (q) additions and multiplications. Petzoldt is able to reduce the evaluation cost to O (mn) GF (q) additions and multiplications by using linear recurring sequences to generate the coefficients. In this work, we parallelize and optimize his algorithm for running on Graphics Processing Unit (GPU). The result shows that our GPU implementation of the parallelized algorithm has achieved the best performance in the literature.

    DOI: 10.1109/CANDAR.2014.85

  • Parallelization of QUAD stream cipher using linear recurring sequences on graphics processing units

    Satoshi Tanaka, Chen Mou Cheng, Takanori Yasuda, Kouichi Sakurai

    2nd International Symposium on Computing and Networking, CANDAR 2014 Proceedings - 2014 2nd International Symposium on Computing and Networking, CANDAR 2014   543 - 548   2015年2月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Proposed by Berbain, Gilbert, and Patarin in Euro crypt 2006, QUAD is a provably secure stream cipher. The speed of QUAD depends on the computational cost of evaluating quadratic polynomials over finite fields. For QUAD with m quadratic polynomials in n unknowns over GF (q), this requires O (mn2) GF (q) additions and multiplications. Petzoldt is able to reduce the evaluation cost to O (mn) GF (q) additions and multiplications by using linear recurring sequences to generate the coefficients. In this work, we parallelize and optimize his algorithm for running on Graphics Processing Unit (GPU). The result shows that our GPU implementation of the parallelized algorithm has achieved the best performance in the literature.

    DOI: 10.1109/CANDAR.2014.85

  • Special section on cryptography and information security 査読

    Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E98A ( 1 )   1 - 2   2015年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Securing sensor networks by moderating frequencies

    Pinaki Sarkar, Priyatosh Mahish, Morshed Uddin Chowdhury, Kouichi Sakurai

    10th International Conference on Security and Privacy in Communication Networks, SecureComm 2014 International Conference on Security and Privacy in Communication Networks - 10th International ICST Conference, SecureComm 2014, Revised Selected Papers   153   173 - 185   2015年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Security of Wireless Sensor Network (WSN) is a key issue in information security. Most existing security protocols exploit various Mathematical tools to strengthen their security. Some protocols use the details of the geographical location of the nodes. However, to the best authors’ knowledge, none of the existing works exploit the constraints faced by the adversary, specifically, tracing a particular frequency from a large range of unknown frequency channels. The current work uses positional details of the individual nodes. Then the aim is to exploit this weakness of tracing frequencies by assigning a wide range of frequency channels to each node. Experiments using Magneto Optic Sensors reveal that any change of the parametric Faraday’s rotational angle affects the frequency of the Optical waves. This idea can perhaps be generalized for practically deployable sensors (having respective parameters) along with a suitable key management scheme.

    DOI: 10.1007/978-3-319-23802-9_15

  • Provably secure anonymous authentication scheme for roaming service in global mobility networks 査読

    Kuo Yan Wu, Kuo Y. Tsai, Tzong Che Wu, Kouichi Sakurai

    Journal of Information Science and Engineering   31 ( 2 )   727 - 742   2015年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    This paper presents an anonymous authentication scheme for roaming service in global mobility networks, in which the foreign agent cannot obtain the identity information of the mobile user who is sending the roaming request. In addition, the home agent does not have to maintain any verification table for authenticating the mobile user. We give formal analyses to show that our proposed scheme satisfies the security requirements of user anonymity, mutual authentication, session-key security, and perfect forward secrecy. Besides, some possible attacks on the proposed scheme are discussed, such as the replay attack, the man-in-middle attack, the impersonation attack, and the insider attack.

  • Privacy-aware cloud-based input method editor

    Junpei Kawamoto, Kouichi Sakurai

    2014 IEEE/CIC International Conference on Communications in China, ICCC 2014 2014 IEEE/CIC International Conference on Communications in China, ICCC 2014   209 - 213   2015年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Cloud services are useful but privacy concerns are the most important problems of them. In this paper, we focus cloud-based input method editors and introduce a privacy-aware framework of them. Input method editor (IME) is a kind of software to help us to input Japanese, Chinese, Korean, etc. It receives input words consists of alphabets and returns transformed words consists of Kanji in Japanese, etc. We assume to deploy this IME on a cloud server. In this case, input words received IME may include people's sensitive information e.g. credit card number. We employ a seachable encryption scheme and introduce a framework that people send encrypted inputs and IME computes transformed words without decrypting them.

    DOI: 10.1109/ICCChina.2014.7008273

  • Message from the workshop/symposium chairs TrustCom 2014 査読

    Yang Xiang, Kouichi Sakurai

    Quaternary International   xx   2015年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1109/TrustCom.2014.141

  • Identity-embedding method for decentralized public-key infrastructure

    Hiroaki Anada, Junpei Kawamoto, Jian Weng, Kouichi Sakurai

    6th International Conference on Trusted Systems, INTRUST 2014 Trusted Systems - 6th International Conference, INTRUST 2014, Revised Selected Papers   9473   1 - 14   2015年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    A public key infrastructure (PKI) is for facilitating the authentication and distribution of public keys. Currently, the most commonly employed approach to PKI is to rely on certificate authorities (CAs), but recently there has been arising more need for decentralized peer-to-peer certification like Webs of Trust. In this paper, we propose an identity-embedding method suitable for decentralized PKI. By embed- ding not only ID of the candidate public-key owner itself but also IDs of his guarantors into PK, we can construct Web of guarantors on public keys. Here guarantors can be chosen arbitrarily by the candidate public- key owner. Our embedding method uses a combination of two public-key cryptosystems; the first cryptosystem is for PKI directly. Here we employ a technique to embed a string into a public key of the first cryptosystem. As such a string, we choose a concatenation of ID of a candidate public-key owner, IDs of his guarantors, and a public key of the second cryptosystem. This embedded public key of the second cryptosystem is used by the candidate public-key owner that he certainly knows the secret key that corresponds to the public key of the first cryptosystem. Then, with an aid of a broadcast mechanism of an updated public-key list on a peer-to-peer network, we can attain the decentralized PKI. Such an embedding method is concretely realized by the RSA encryption with the Lenstra’s algorithm, which can be used as the first cryptosystem. As the second cryptosystem, we employ an elliptic curve encryption whose security is equivalent to the security of the RSA encryption, where the former achieves shorter key size than the latter. We write down concrete values of parameters for a realization of the embedding.

    DOI: 10.1007/978-3-319-27998-5_1

  • Hybrid encryption scheme using terminal fingerprint and its application to attribute-based encryption without key misuse

    Chunlu Chen, Hiroaki Anada, Junpei Kawamoto, Kouichi Sakurai

    3rd IFIP TC 5/8 International Conference on Information and Communication Technology, ICT-EurAsia 2015 and 9th IFIP WG 8.9 Working Conference on Research and Practical Issues of Enterprise Information Systems, CONFENIS 2015 Information and Communication Technology - 3rd IFIP TC 5/8 International Conference, ICT-EurAsia 2015 and 9th IFIP WG 8.9 Working Conference, CONFENIS 2015 Held as Part of WCC 2015, Proceedings   9357   255 - 264   2015年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Internet services make sharing digital contents faster and easier but raise an issue of illegal copying and distribution of those digital contents at the same time. A lot of public key encryption schemes solve this issue. However, the secret key is not completely protected i.e. these kinds of encryption methods do not prevent illegal copying and distribution of secret keys. In this paper, we propose a hybrid encryption scheme that employ terminal fingerprints. This scheme is a template to avoid such misuse of secret keys, and can be applied to, for example, attribute-based encryption schemes. There terminal fingerprint information is used to create a second encryption key and secret key. Since the terminal fingerprint is assumed to be unchangeable and unknowable, we ensure that our secret keys are valid in the terminal where such secret keys were created.

    DOI: 10.1007/978-3-319-24315-3_26

  • Evaluation of solving time for multivariate quadratic equation system using XL algorithm over small finite fields on GPU

    Satoshi Tanaka, Chen Mou Cheng, Kouichi Sakurai

    2nd International Conference on Mathematics and Computing, ICMC 2015 Mathematics and Computing - ICMC 2015   139   349 - 361   2015年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The security of multivariate public-key cryptography is largely determined by the complexity of solving multivariate quadratic equations over finite fields, a.k.a. the MQ problem. XL (eXtended Linearization) is an efficient algorithm for solving the MQ problem, so its running time is an important indicator for the complexity of solving the MQ problem. In this work, we implement XL on graphics processing unit (GPU) and evaluate its solving time for theMQ problem over several small finite fields, namely, GF(2), GF(3), GF(5), and GF(7). Our implementations can solve MQ instances of 74 equations in 37 unknowns over GF(2) in 36,972 s, 48 equations in 24 unknowns over GF(3) in 933 s, 42 equations in 21 unknowns over GF(5) in 347 s, as well as 42 equations in 21 unknowns over GF(7) in 387 s. Moreover, we can also solve the MQ instance of 48 equations in 24 unknowns over GF(7) in 34,882 s, whose complexity is about O(267) with exhaustive search.

    DOI: 10.1007/978-81-322-2452-5_24

  • A note on the security of KHL scheme 査読

    Jian Weng, Yunlei Zhao, Robert H. Deng, Shengli Liu, Yanjiang Yang, Kouichi Sakurai

    Theoretical Computer Science   602   1 - 6   2015年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    A public key trace and revoke scheme combines the functionality of broadcast encryption with the capability of traitor tracing. In Asiacrypt 2003, Kim, Hwang and Lee proposed a public key trace and revoke scheme (referred to as KHL scheme), and gave the security proof to support that their scheme is z-resilient against adaptive chosen-ciphertext attacks, in which the adversary is allowed to adaptively issue decryption queries as well as adaptively corrupt up to z users. In the passed ten years, KHL scheme has been believed as one of the most efficient public key trace and revoke schemes with z-resilience against adaptive chosen-ciphertext attacks under the well-studied DDH assumption. However, in this paper, by giving a concrete attack, we indicate that KHL scheme is actually not secure against adaptive chosen-ciphertexts, even without corruption of any user. We then identify the flaws in the security proof for KHL-scheme, and discuss the consequences of the attack.

    DOI: 10.1016/j.tcs.2015.07.051

  • A proposal for detecting distributed cyber-attacks using automatic thresholding

    Yaokai Feng, Yoshiaki Hori, Kouichi Sakurai

    10th Asia Joint Conference on Information Security, AsiaJCIS 2015 Proceedings - 2015 10th Asia Joint Conference on Information Security, AsiaJCIS 2015   152 - 159   2015年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Distributed attacks have reportedly caused the most serious losses in the modern cyber environment. Thus, how to avoid and detect distributed attacks has become one of the most important topics in the cyber security community. Of many approaches for avoiding and detecting cyber-attacks, behavior based method has been attracting great attentions from many researchers and developers. It is well known that, for behavior based cyber-attack detections, the algorithm for extracting normal modes from historic traffic is critically important. In this paper, after the newest algorithms for extracting normal behavior mode from historic traffics are discussed, a novel algorithm is proposed. Its efficiency is examined by experiments using darknet traffic data.

    DOI: 10.1109/AsiaJCIS.2015.22

  • Reconstructing and visualizing evidence of artifact from firefox sessionstorage

    Shinichi Matsumoto, Yuya Onitsuka, Junpei Kawamoto, Kouichi Sakurai

    15th International Workshop on Information Security Applications, WISA 2014 Information Security Applications - 15th International Workshop, WISA 2014, Revised Selected Papers   8909   83 - 94   2015年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Importance of digital forensics is expected to increase in the future. Many of researches on digital forensics are targeted to persistent memory. These researches concerns about the extraction of evidence directly or via filesystem. On the other hand, there is a movement to employ the Web browser supports HTML5 as software platform. In this situation, it is considered that the forensics techniques for extracting evidences from HTML5 browser is important. In this paper, we experimented to retrieve the artifacts left by Web- Storage feature for the Web browser for personal computer from the file system. In addition, we implemented a tool that constructs and visualizes the evidence from the artifacts.

    DOI: 10.1007/978-3-319-15087-1_7

  • Plaintext checkable encryption with designated checker 査読

    Angsuman Das, Avishek Adhikari, Kouichi Sakurai

    Advances in Mathematics of Communications   9 ( 1 )   37 - 53   2015年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    This paper introduces a new public-key primitive called designated plaintext checkable encryption (DPCE) in which given a ciphertext, a delegated checker can determine whether the ciphertext decrypts under the same public key to a plaintext chosen by himself. Motivated by various applications, two types of DPCE (of Type-I and II) are defined, depending upon whether the user delegates the plaintext checking right at his will to a delegated checker (Type-I) or the user is required to provide this plaintext checking right to a designated checker (Type-II). We propose several generic random-oracle and standard model constructions for DPCE of both the types based on arbitrary probabilistic or deterministic encryption schemes.

    DOI: 10.3934/amc.2015.9.37

  • Evaluation of gamma ray durability and its application of shielded RF tags

    Nobuyuki Teraura, Kunio Ito, Daisuke Kobayashi, Kouichi Sakurai

    23rd International Conference on Nuclear Engineering: Nuclear Power - Reliable Global Energy, ICONE 2015 ICONE 2015 - 23rd International Conference on Nuclear Engineering: Nuclear Power - Reliable Global Energy   2015-January   2015年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this study, the RF (Radio Frequency) tag with radiation shield is developed and its gamma ray durability is evaluated. RFID (RF Identification) is a radio-wave-based identification technology that can be used for various items. RF tags find use in many applications, including item tracing, access control, etc. RF tags can be classified as active RF tags, which have inbuilt voltaic cells, and passive RF tags without these cells. Passive RF tags, known for their low price and durability, are used in various fields. For instance, they are used for equipment maintenance in factories and thermal power plants. Several frequencies are used for RF tags. Further, RF tagging on the UHF (Ultra High Frequency) frequencies allows a communication range of approximately 10 m, and thus, remote reading is possible. When used in radiation environments such as in nuclear power plants, remote reading can contribute to the reduction of radiation exposure. However, because semiconductors are the primary elements used in the manufacture of RF tags, they can be damaged by radiation, and operational errors can occur. Therefore, this technology has not been used in environments affected by relatively high radiation levels. Therefore, in nuclear power plants, the use of RF tags is limited in areas of low radiation levels. In our study, we develop and manufacture a new RF tag with a radiation shield cover that provides error correction functionality. It is expected that radiation shielded RF tags will improve the radiation-proof feature, and its application range will be expanded. Using the radiation-proof RF tag, we have conducted radiation durability tests. These tests are of two types: one using low energy gamma ray, and the other using high-energy gamma ray. Experimental results are then analyzed. The number of applications for radiation shielded RF tags is considerably increasing, because it can be used in various radiation environments other than nuclear power plants as well, such as spent nuclear fuel storage facilities, decommissioning sites of nuclear power plants, and for decontamination operations management around Fukushima area.

  • Evaluation of a zero-watermarking-type steganography 査読

    Hirokazu Ishizuka, Isao Echizen, Keiichi Iwamura, Kouichi Sakurai

    Lecture Notes in Computer Science   9023   613 - 624   2015年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We evaluated the resistance of image compression for the zero-watermarking-type steganography which proposed by us in 2005. As a result, even if we compressed to 1/100 of an original image, it still can extract its watermark information with an accuracy of 99% or more. We also proposed a new type of sparse filtering for low-frequency spatial extraction, and confirmed its performance by computational experiments. Finally, we mentioned a study on the relevance of the proposed filter and biological visual systems.

    DOI: 10.1007/978-3-319-19321-2_47

  • Parallelization of QUAD Stream Cipher Using Linear Recurring Sequences on Graphics Processing Units. 査読 国際誌

    Satoshi TANAKA, Chen-Mou CHENG, Takanori YASUDA, Kouichi Sakurai

    CANDAR 2014: 543-548   2014年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Towards "receipt-freeness" in remote biometric authentication

    Yoshifumi Ueshige, Kouichi Sakurai

    5th International Conference on Emerging Security Technologies, EST 2014 Proceedings - 2014 International Conference on Emerging Security Technologies, EST 2014   8 - 12   2014年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Recently, cancelable biometrics, zero-bio, PKI with biometrics, and some related methods have been proposed as remote biometrics. These proposals are discussed in the viewpoint of not forensics but privacy protection. When forensic techniques are abused on the remote biometric authentication systems by third person, he/she can collect information of authentication process, such as stored templates, intermediate calculated data and etc. This situation causes novel privacy issues about excessive collection of information. Therefore, we define "receipt-freeness" of biometric authentication protocol, from the viewpoint of anti-forensics. As a first step for considering requirements for "receipt-freeness" remote biometric protocols, some related works are analyzed about characteristic of "receipt-freeness." As a result, we show the all protocols do not satisfy "receipt-freeness" except a few situations since the servers of these protocols remain some evidence such as transformed biometric data.

    DOI: 10.1109/EST.2014.22

  • Evaluation of the identity and compatibility of multi-valued cells in two-dimensional codes using smartphones

    Nobuyuki Teraura, Kouichi Sakurai

    7th IEEE International Conference on Service-Oriented Computing and Applications, SOCA 2014 Proceedings - IEEE 7th International Conference on Service-Oriented Computing and Applications, SOCA 2014   252 - 259   2014年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Data is connected to the internet with a sensor for understanding the property of the thing for which a two-dimensional code was used. Two-dimensional codes can play the role of connecting cyberspace to physical space, and can play a significant role in the so-called Internet of Things. Moreover, the advancement of machine vision is progressing with machine-to-machine communication. On the other hand, there is also private information, such as personal information, that should not be known by others. Current two-dimensional codes have become ubiquitous and express the cell using two colors: white and black. The cell expresses white or black in one bit, and there is no confidentiality available. In response to this, we propose an addition to the existing part that can be read with conventional equipment. We propose a 'secrecy part' that cannot be read without a decryption key. Further, we propose a method for rendering these two-dimensional codes compatible with black-and-white codes. In order to generate the secrecy part, it is necessary to transform a cell into several bits. A multicolor method and a multiple-region method are used to transform the code into several bits. An evaluation of the multi-valued cells in the two-dimensional codes here proposed, with a read verification and compatibility along with the added secrecy part, was carried out using a smartphone with successful results.

    DOI: 10.1109/SOCA.2014.17

  • A zero-watermarking-like steganography and potential applications

    Hirokazu Ishizuka, Isao Echizen, Keiichi Iwamura, Kouichi Sakurai

    10th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIH-MSP 2014 Proceedings - 2014 10th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIH-MSP 2014   459 - 462   2014年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    We propose a new steganographic method which is similar to zero-watermarking. In general, digital steganography and digital watermarking, which both embed secret information in host data, have different intended uses. Digital steganography carries embedded secret information through public networks, and the host data serves only as camouflage. Digital watermarking is used to protect host data by embedding secret information. However, the concept of zero-watermarking was proposed in 2001. It does not embed secret information in host data and a result obtained by the interaction of secret information and host data is registered into a certificate authority for protecting the of host data. Our method is also intended to be included in the concept of zero-watermarking broadly. In this paper, we will clarify the difference of zerowatermarking and our method, evaluate the noise immunity of our method, and discuss with various application possibilities.

    DOI: 10.1109/IIH-MSP.2014.121

  • Evaluation of the identity and compatibility of multi-valued cells in two-dimensional codes using smartphones 査読

    Nobuyuki Teraura, Kouichi Sakurai

    Proceedings - IEEE 7th International Conference on Service-Oriented Computing and Applications, SOCA 2014   252 - 259   2014年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Data is connected to the internet with a sensor for understanding the property of the thing for which a two-dimensional code was used. Two-dimensional codes can play the role of connecting cyberspace to physical space, and can play a significant role in the so-called Internet of Things. Moreover, the advancement of machine vision is progressing with machine-to-machine communication. On the other hand, there is also private information, such as personal information, that should not be known by others. Current two-dimensional codes have become ubiquitous and express the cell using two colors: white and black. The cell expresses white or black in one bit, and there is no confidentiality available. In response to this, we propose an addition to the existing part that can be read with conventional equipment. We propose a 'secrecy part' that cannot be read without a decryption key. Further, we propose a method for rendering these two-dimensional codes compatible with black-and-white codes. In order to generate the secrecy part, it is necessary to transform a cell into several bits. A multicolor method and a multiple-region method are used to transform the code into several bits. An evaluation of the multi-valued cells in the two-dimensional codes here proposed, with a read verification and compatibility along with the added secrecy part, was carried out using a smartphone with successful results.

    DOI: 10.1109/SOCA.2014.17

  • Comparison of access pattern protection schemes and proposals for efficient implementation 査読

    Yuto Nakano, Shinsaku Kiyomoto, Yutaka Miyake, Kouichi Sakurai

    IEICE Transactions on Information and Systems   E97D ( 10 )   2576 - 2585   2014年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Oblivious RAM (ORAM) schemes, the concept introduced by Goldreich and Ostrovsky, are very useful technique for protecting users' privacy when storing data in remote untrusted servers and running software on untrusted systems. However they are usually considered impractical due to their huge overhead. In order to reduce overhead, many improvements have been presented. Thanks to these improvements, ORAM schemes can be considered practical on cloud environment where users can expect huge storage and high computational power. Especially for private information retrieval (PIR), some literatures demonstrated they are usable. Also dedicated PIRs have been proposed and shown that they are usable in practice. Yet, they are still impractical for protecting software running on untrusted systems. We first survey recent researches on ORAM and PIR. Then, we present a practical software-based memory protection scheme applicable to several environments. The main feature of our scheme is that it records the history of accesses and uses the history to hide the access pattern. We also address implementing issues of ORAM and propose practical solutions for these issues.

    DOI: 10.1587/transinf.2013THP0007

  • Comparison of Access Pattern Protection Schemes and Proposals for Efficient Implementation 査読

    Yuto Nakano, Shinsaku Kiyomoto, Yutaka Miyake, Kouichi Sakurai

    IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS   E97D ( 10 )   2576 - 2585   2014年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Oblivious RAM (ORAM) schemes, the concept introduced by Goldreich and Ostrovsky, are very useful technique for protecting users' privacy when storing data in remote untrusted servers and running software on untrusted systems. However they are usually considered impractical due to their huge overhead. In order to reduce overhead, many improvements have been presented. Thanks to these improvements, ORAM schemes can be considered practical on cloud environment where users can expect huge storage and high computational power. Especially for private information retrieval (PIR), some literatures demonstrated they are usable. Also dedicated PIRs have been proposed and shown that they are usable in practice. Yet, they are still impractical for protecting software running on untrusted systems. We first survey recent researches on ORAM and PIR. Then, we present a practical software-based memory protection scheme applicable to several environments. The main feature of our scheme is that it records the history of accesses and uses the history to hide the access pattern. We also address implementing issues of ORAM and propose practical solutions for these issues.

    DOI: 10.1587/transinf.2013THP0007

  • Efficient variant of Rainbow using sparse secret keys 査読

    Takanori Yasuda, Tsuyoshi Takagi, Kouichi Sakurai

    Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications   5 ( 3 )   3 - 13   2014年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Multivariate Public Key Cryptosystems (MPKC) is one of candidates for post-quantum cryptography. Rainbow is an MPKC digital signature scheme, with relatively efficient encryption and decryption processes. However, the size of the secret key of Rainbow is substantially larger than that of an RSA cryptosystem for the same security level. By using sparse secret keys, the size of the secret key of Rainbow can be reduced. In addition, a method using sparse secret keys can accelerate the signature generation of Rainbow. Matrix-based Rainbow and NT-Rainbow, which we previously proposed, are variants of Rainbow using sparse secret keys. These two variants of Rainbow reduce the size of the secret key of Rainbow, and improve the efficiency of the signature generation of Rainbow. In this paper, we combine these two variants of Rainbow. As a consequence, the combined scheme realizes even smaller size of the secret key and even more efficient signature generation than those of the two variants of Rainbow. In particular, in comparison with the original Rainbow, the secret key is reduced in size by about 76% and the signature generation is sped up by about 55% at the security level of 100 bits.

  • Collaborative agglomerative document clustering with limited information disclosure 査読 国際誌

    Chunhua Su, Jianying Zho, Feng Bao, Tsuyoshi Takagi, Kouichi Sakurai

    Security and Communication Networks   7 ( 6 )   964 - 978   2014年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Collaborative agglomerative document clustering with limited information disclosure 査読

    Chunhua Su, Jianying Zhou, Feng Bao, Tsuyoshi Takagi, Kouichi Sakurai

    SECURITY AND COMMUNICATION NETWORKS   7 ( 6 )   964 - 978   2014年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Document clustering is a practical and powerful data mining technique to analyze large amount of documents and large sets of text or hypertext documents. However, it also brings the problem of sensitive information leaking in disregard of privacy, especially when it is executed in distributed environment. In this paper, we propose a cryptography-based framework to realize privacy-preserving document clustering among the users under the distributed environment; there are two parties, each having his private document database, want to collaboratively execute agglomerative document clustering without disclosing their private contents. We provide two implementations of such a framework, one is with more precision and stronger security but requires more computational resources. The other is a simplified version with less computational complexity and achieves higher processing speed. Additionally, we provide the security proofs and experimental analysis of precision and scalability of our proposal. Copyright (c) 2013 John Wiley & Sons, Ltd.

    DOI: 10.1002/sec.811

  • Welcome to ASIACCS 2014! 査読

    Trent Jaeger, Kouichi Sakurai, Shiho Moriai

    Quaternary International   iii   2014年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • An enhanced audio ownership protection scheme based on visual cryptography. 査読 国際誌

    Rimba Whidiana Ciptasari, Kyung Hyune Rhee, Kouichi Sakurai

    EURASIP J. Information Security   2014年2月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • A parameterless learning algorithm for behavior-based detection

    Can Wang, Yaokai Feng, Junpei Kawamoto, Yoshiaki Hori, Kouichi Sakurai

    2014 9th Asia Joint Conference on Information Security, AsiaJCIS 2014 Proceedings - 2014 9th Asia Joint Conference on Information Security, AsiaJCIS 2014   11 - 18   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The frequency and the extent of damages caused by network attacks have been actually increasing greatly in recent years, although many approaches to avoiding and detecting attacks have been proposed in the community of network security. Thus, how to fast detect actual or potential attacks has become an urgent issue. Among the detection strategies, behavior-based ones, which use normal access patterns learned from reference data (e.g., History traffic) to detect new attacks, have attracted attention from many researchers. In each of all such strategies, a learning algorithm is necessary and plays a key role. Obviously, whether the learning algorithm can extract the normal behavior modes properly or not directly influence the detection result. However, some parameters have to determine in advance in the existing learning algorithms, which is not easy, even not feasible, in many actual applications. For example, even in the newest learning algorithm, which called FHST learning algorithm in this study, two parameters are used and they are difficult to be determined in advance. In this study, we propose a parameter less learning algorithm for the first time, in which no parameters are used. The efficiency of our proposal is verified by experiment. Although the proposed learning algorithm in this study is designed for detecting port scans, it is obviously able to be used to other behavior-based detections.

    DOI: 10.1109/AsiaJCIS.2014.29

  • Security of Multivariate Signature Scheme Using Non-commutative Rings 査読

    Takanori Yasuda, Tsuyoshi Takagi, Kouichi Sakurai

    IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E97A ( 1 )   245 - 252   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Multivariate Public Key Cryptosystems (MPKC) are candidates for post-quantum cryptography. Rainbow is a digital signature scheme in MPKC, whose signature generation and verification are relatively efficient. However, the security of MPKC depends on the difficulty in solving a system of multivariate polynomials, and the key length of MPKC becomes substantially large compared with that of RSA cryptosystems for the same level of security. The size of the secret and public keys in MPKC has been reduced in previous research. The NC-Rainbow is a signature scheme in MPKC, which was proposed in order to reduce the size of secret key of Rainbow. So far, several attacks against NC-Rainbow have been proposed. In this paper, we summarize attacks against NC-Rainbow, containing attacks against the original Rainbow, and analyze the total security of NC-Rainbow. Based on the cryptanalysis, we estimate the security parameter of NC-Rainbow at the several security level.

    DOI: 10.1587/transfun.E97.A.245

  • Fast Implementation of KCipher-2 for Software and Hardware 査読

    Yuto Nakano, Kazuhide Fukushima, Shinsaku Kiyomoto, Tsukasa Ishiguro, Yutaka Miyake, Toshiaki Tanaka, Kouichi Sakurai

    IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS   E97D ( 1 )   43 - 52   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    KCipher-2 is a word-oriented stream cipher and an ISOJEC 18033 standard. It is listed as a CRYPTREC cryptographic algorithm for Japanese governmental use. It consists of two feedback shift registers and a non-linear function. The size of each register in KCipher-2 is 32 bits and the non-linear function mainly applies 32-bit operations. Therefore, it can be efficiently implemented as software. SNOW-family stream ciphers are also word-oriented stream ciphers, and their high performance has already been demonstrated. We propose optimised implementations of KCipher-2 and compare their performance to that of the SNOW-family and other eSTREAM portfolios. The fastest algorithm is SNOW 2.0 and KCipher-2 is the second fastest despite the complicated irregular clocking mechanism. However, KCipher-2 is the fastest of the feasible algorithms, as SNOW 2.0 has been shown to have a security flaw. We also optimise the hardware implementation for the Virtex-5 field-programmable gate array (FPGA) and show two implementations. The first implementation is a rather straightforward optimisation and achieves 16,153 Mbps with 732 slices. In the second implementation, we duplicate the non-linear function using the structural advantage of KCipher-2 and we achieve 17,354 Mbps with 813 slices. Our implementation of KCipher-2 is around three times faster than those of the SNOW-family and efficiency, which is evaluated by "Throughput/Area (Mbps/slice)", is 3.6-times better than that of SNOW 2.0 and 8.5-times better than that of SNOW 3G. These syntheses are performed using Xilinx ISE version 12.4.

    DOI: 10.1587/transinf.E97.D.43

  • Survey and new idea for attribute-based identification scheme secure against reset attacks

    Ji Jian Chin, Hiroaki Anada, Seiko Arita, Kouichi Sakurai, Swee Huay Heng, Raphael Phan

    4th International Cryptology and Information Security Conference 2014, Cryptology 2014 Conference Proceedings - Cryptology 2014 Proceedings of the 4th International Cryptology and Information Security Conference 2014   39 - 47   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Identification schemes are a common one-way authentication technique for a user to prove himself securely to a verifier. However, it is known that identification schemes based on the sigma-protocol are basically insecure against reset attacks. On the other-hand, attribute-based cryptography is a technique which allows for the secure implementation of access policies within a cryptosystem. In this paper, we report on the developments in the area of reset attacks for identification schemes as well as for attribute-based identification schemes. Then we put together a new idea to construct attribute-based identification schemes secure against reset attacks.

  • Security of multivariate signature scheme using non-commutative rings? 査読

    Takanori Yasuda, Tsuyoshi Takagi, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E97-A ( 1 )   245 - 252   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Multivariate Public Key Cryptosystems (MPKC) are candidates for post-quantum cryptography. Rainbow is a digital signature scheme in MPKC, whose signature generation and verification are relatively efficient. However, the security of MPKC depends on the difficulty in solving a system of multivariate polynomials, and the key length of MPKC becomes substantially large compared with that of RSA cryptosystems for the same level of security. The size of the secret and public keys in MPKC has been reduced in previous research. The NC-Rainbow is a signature scheme in MPKC, which was proposed in order to reduce the size of secret key of Rainbow. So far, several attacks against NC-Rainbow have been proposed. In this paper, we summarize attacks against NC-Rainbow, containing attacks against the original Rainbow, and analyze the total security of NC-Rainbow. Based on the cryptanalysis, we estimate the security parameter of NC-Rainbow at the several security level. Copyright c

    DOI: 10.1587/transfun.E97.A.245

  • Security model and analysis of fhmqv, Revisited

    Shengli Liu, Kouichi Sakurai, Jian Weng, Fangguo Zhang, Yunlei Zhao, Yunlei Zhao

    9th China International Conference on Information Security and Cryptology, Inscrypt 2013 Information Security and Cryptology - 9th International Conference, Inscrypt 2013, Revised Selected Papers   255 - 269   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    HMQV is one of the most efficient (provably secure) authenticated key-exchange protocols based on public-key cryptography, and is widely standardized. In spite of its seemingly conceptual simplicity, the HMQV protocol was actually very delicately designed. The provable security of HMQV is conducted in the Canetti-Krawczyk framework (CK-framework, in short), which is quite complicated and lengthy with many subtleties actually buried there. However, lacking a full recognition of the precise yet subtle interplay between HMQV protocol structure and provable security can cause misunderstanding of the HMQV design, and can cause potential flawed design and analysis of HMQV protocol variants. In this work, we explicitly make clear the interplay between HMQV protocol structure and provable security, showing the delicate design of HMQV. We then re-examine the security model and analysis of a recently proposed HMQV protocol variant, specifically, the FHMQV protocol proposed by Sarr et al. in [25]. We clarify the relationship between the traditional CK-framework and the CK-FHMQV security model proposed for FHMQV, and show that CK-HMQV and CK-FHMQV are incomparable. Finally, we make a careful investigation of the CDH-based analysis of FHMQV in the CK-FHMQV model, which was considered to be one of the salient advantages of FHMQV. We identify that the CDH-based security analysis of FHMQV is actually flawed. The flaws identified in the security proof of FHMQV just stem from lacking a full realization of the precise yet subtle interplay, as clarified in this work, between HMQV protocol structure and provable security.

    DOI: 10.1007/978-3-319-12087-4_16

  • Fast implementation of Kcipher-2 for software and hardware 査読

    Yuto Nakano, Kazuhide Fukushima, Shinsaku Kiyomoto, Tsukasa Ishiguro, Yutaka Miyake, Toshiaki Tanaka, Kouichi Sakurai

    IEICE Transactions on Information and Systems   E97-D ( 1 )   43 - 52   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    KCipher-2 is a word-oriented stream cipher and an ISO/IEC 18033 standard. It is listed as a CRYPTREC cryptographic algorithm for Japanese governmental use. It consists of two feedback shift registers and a non-linear function. The size of each register in KCipher-2 is 32 bits and the non-linear function mainly applies 32-bit operations. Therefore, it can be efficiently implemented as software. SNOW-family stream ciphers are also word-oriented stream ciphers, and their high performance has already been demonstrated. We propose optimised implementations of KCipher-2 and compare their performance to that of the SNOW-family and other eSTREAM portfolios. The fastest algorithm is SNOW 2.0 and KCipher-2 is the second fastest despite the complicated irregular clocking mechanism. However, KCipher-2 is the fastest of the feasible algorithms, as SNOW 2.0 has been shown to have a security flaw. We also optimise the hardware implementation for the Virtex-5 field-programmable gate array (FPGA) and show two implementations. The first implementation is a rather straightforward optimisation and achieves 16,153 Mbps with 732 slices. In the second implementation, we duplicate the non-linear function using the structural advantage of KCipher-2 and we achieve 17,354 Mbps with 813 slices. Our implementation of KCipher-2 is around three times faster than those of the SNOW-family and efficiency, which is evaluated by "Throughput/Area (Mbps/slice)", is 3.6-times better than that of SNOW2.0 and 8.5-times better than that of SNOW3G. These syntheses are performed using Xilinx ISE version 12.4.

    DOI: 10.1587/transinf.E97.D.43

  • Efficient variant of rainbow without triangular matrix representation

    Takanori Yasuda, Tsuyoshi Takagi, Kouichi Sakurai

    2nd IFIP TC5/8 International Conference on Information and Communication Technology, ICT-EurAsia 2014 Information and Communication Technology - Second IFIP TC5/8 International Conference, ICT-EurAsia 2014, Proceedings   8407 LNCS   532 - 541   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Multivariate Public Key Cryptosystems (MPKC) is one of candidates for post-quantum cryptography. Rainbow is an MPKC digital signature scheme, with relatively efficient encryption and decryption processes. However, the size of MPKC key is substantially larger than that of an RSA cryptosystem for the same security level. In this paper, we propose a variant of Rainbow that has a smaller secret key. The smaller secret key is to the result of a different description of the quadratic polynomials appearing in the secret key from that of the original Rainbow. In addition, our scheme improves the efficiency of the Rainbow's signature generation. In particular, the secret key is reduced in size by about 40% and the signature generation is sped up by about 30% at the security level of 100 bits.

    DOI: 10.1007/978-3-642-55032-4_55

  • Attribute-based signatures without pairings via the Fiat-Shamir paradigm

    Hiroaki Anada, Seiko Arita, Kouichi Sakurai

    2nd ACM Asia Public-Key Cryptography Workshop, AsiaPKC 2014 ASIAPKC 2014 - Proceedings of the 2nd ACM Workshop on ASIA Public-Key Cryptography   49 - 58   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    We propose the first practical attribute-based signature (ABS) scheme with attribute privacy without pairings in the random oracle model. Our strategy is in the Fiat-Shamir paradigm; we first provide a generic construction of a boolean proof system of Σ-protocol type. Our boolean proof system is a generalization of the well-known OR-proof system; that is, it can treat any boolean formula instead of a single OR-gate. Then, by combining our boolean proof system with a credential bundle scheme of the Fiat-Shamir signature, we obtain a generic attribute-based identification (ABID) scheme of proof of knowledge. Finally, we apply the Fiat-Shamir transform to our ABID scheme to obtain a generic ABS scheme which possesses attribute privacy and can be proved to be secure in the random oracle model. Our ABS scheme can be constructed without pairings.

    DOI: 10.1145/2600694.2600696

  • An enhanced audio ownership protection scheme based on visual cryptography 査読

    Rimba Whidiana Ciptasari, Kyung Hyune Rhee, Kouichi Sakurai

    Eurasip Journal on Information Security   2014   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Recently, several ownership protection schemes which combine encryption and secret sharing technology have been proposed. To reveal the original message, however, they exploited XOR operation which is similar to a one-time pad. It is fairly losing the reconstruction simplicity due to the human visual system (HVS). It should be noted that it is completely different from the original concept of visual cryptography proposed by Naor and Shamir. To decrypt the secret message, Naor and Shamir's concept stacked k transparencies together. The operation solely does a visual OR of the shares rather than XOR, the way HVS does. In this paper, we, consequently, adopt Naor and Shamir's concept to apply correct theory of visual cryptography. Furthermore, audio copyright protection schemes which exploit chaotic modulation or watermark integration into frequency components have been widely proposed. Nevertheless, security issue against intentional distortions has not been addressed yet. In this paper, we aim to construct a resilient audio ownership protection scheme to enhance the security by integrating the discrete wavelet transform and discrete cosine transform, visual cryptography, and digital timestamps. In the proposed scheme, the watermark does not require to be embedded within the original audio but is used to generate a secret image and a public image. The watermark is then acquired by performing OR between the secret and public image. We can alleviate the trade-off expenses between the capacity of data payload and two other important properties such as imperceptibility and robustness without modifying the original audio signals. The experiments against a variety of audio signals processing provided by StirMark confirm superior robustness of the proposed scheme. We also demonstrate the intentional distortion by modifying the original content via experiments, it reveals comparable reliability. The proposed scheme can be widely applied to the area of audio ownership protection.

    DOI: 10.1186/1687-417X-2014-2

  • Acquisition of evidence of web storage in HTML5 web browsers from memory image

    Shinichi Matsumoto, Kouichi Sakurai

    2014 9th Asia Joint Conference on Information Security, AsiaJCIS 2014 Proceedings - 2014 9th Asia Joint Conference on Information Security, AsiaJCIS 2014   148 - 155   2014年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Web browser is a growing platform for the execution of various applications. There are large fractions of smartphone platforms that support the execution of web technology based application, especially one such as HTML 5. However there are also some emerging smartphone platforms that only support web technology based applications. Taking into the considerations of these situations may lead to a higher importance of forensic investigations on artifacts within the web browser bringing about the usefulness of the HTML5 specific attributes as evidences in mobile forensics. Through this paper, we explore the results of experiments that acquire the main memory image within terminal and extract the webStorage data as an evidence of the browsing activity. The memory forensics of web browsing activity is highly concerned. The evidences gathered from the HTML5 web Storage contents acquired from the main memory image are examined and the results of the observations indicate the ability to retrieve web Storage from the memory image is certain. Therefore, we proclaimed formats of evidences that are retrievable from the main memory. The formats were different depending on the type of web browser accessed. Three most utilized web browsers are experimented in this paper namely, Google Chrome, Mozilla Firefox and Microsoft Internet Explorer. The results showed that the acquisition of web Storage content on the browsers were possible and elucidated its formats. Values of web Storage is contained in the residuals that left by all of three web browsers. Therefore, if the investigator has the knowledge of values, he will be able to find the location of the evidence to hint values. If the investigator does not have the knowledge about the value, then he can explore the evidence based on the knowledge of the origin or key. Because the format of the evidence depends on Web browser, investigator must use different search techniques according to the Web browser.

    DOI: 10.1109/AsiaJCIS.2014.30

  • A Method of Digital Rights Management based on Bitcoin Protocol

    Motoki Kitahara, Junpei Kawamoto, Kouichi Sakurai

    8th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2014 Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2014   2014年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In the digital world, so many copyrighted works are made in an illegal way because it is easy to keep and copy. Digital Rights Management has proposed to prevent this theft. Contents providers often bring in one server who has charge of managing the normal user, but there are some problems that it flocks to the server. Against this problem, P2P based DRM system has considered. All users can transfer the encrypted content to other users, so the content server does not have to load so much traffic from users. As a problem with this method, it is hard to figure out usage situation of contents because P2P based system is divided into many pieces of users. In this paper, we propose a new P2P based DRM system using Bitcoin protocol, which is one of the electric commerce. Bitcoin protocol, timestamp server saves all transactions to prevent double spending. We can bring out all usage situations to apply this system.

    DOI: 10.1145/2557977.2558034

  • Implementation of efficient operations over GF(232) using graphics processing units

    Satoshi Tanaka, Takanori Yasuda, Kouichi Sakurai

    2nd IFIP TC5/8 International Conference on Information and Communication Technology, ICT-EurAsia 2014 Information and Communication Technology - Second IFIP TC5/8 International Conference, ICT-EurAsia 2014, Proceedings   8407 LNCS   602 - 611   2014年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Evaluating non-linear multivariate polynomial systems over finite fields is an important subroutine, e.g., for encryption and signature verification in multivariate public-key cryptography. The security of multivariate cryptography definitely becomes lower if a larger field is used instead of GF(2) given the same number of bits in the key. However, we still would like to use larger fields because multivariate cryptography tends to run faster at the same level of security if a larger field is used. In this paper, we compare the efficiency of several techniques for evaluating multivariate polynomial systems over GF(232) via their implementations on graphics processing units.

    DOI: 10.1007/978-3-642-55032-4_62

  • Fine-grained conditional proxy re-encryption and application

    Yanjiang Yang, Haibing Lu, Jian Weng, Youcheng Zhang, Kouichi Sakurai

    21st International Conference on Neural Information Processing, ICONIP 2014 Provable Security - 8th International Conference, ProvSec 2014, Proceedings   8782   206 - 222   2014年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Conditional proxy re-encryption (CPRE) enables delegation of decryption rights, and is useful in many applications. In this paper, we present a ciphertext-policy attribute based CPRE scheme, together with a formalization of the primitive and its security proof. We further propose applying the scheme for fine-grained encryption of cloud data. This application well implements the idea of cloud-enabled user revocation, offering an alternative yet more feasible solution to the user revocation issue when using attribute based encryption over cloud data. Features of the application include little cost in case of user revocation, and high user-side efficiency when users access cloud data.

  • Fine-grained access control aware multi-user data sharing with secure keyword search 査読

    Fangming Zhao, Takashi Nishide, Kouichi Sakurai

    IEICE Transactions on Information and Systems   E97-D ( 7 )   1790 - 1803   2014年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We consider the problems of access control and encrypted keyword search for cryptographic cloud storage in such a way that they can be implemented for a multiple users setting. Our fine-grained access control aware multi-user secure keyword search approach interdependently harmonizes these two security notions, access control and encrypted keyword search. Owing to the shrinkage of the cloud server's search space to the user's decryptable subset, the proposed scheme both decreases information leakage and is shown to be efficient by the results of our contrastive performance simulation.

    DOI: 10.1587/transinf.E97.D.1790

  • Collaborative agglomerative document clustering with limited information disclosure 査読

    Chunhua Su, Jianying Zhou, Feng Bao, Tsuyoshi Takagi, Kouichi Sakurai

    Security and Communication Networks   7 ( 6 )   964 - 978   2014年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Document clustering is a practical and powerful data mining technique to analyze large amount of documents and large sets of text or hypertext documents. However, it also brings the problem of sensitive information leaking in disregard of privacy, especially when it is executed in distributed environment. In this paper, we propose a cryptography-based framework to realize privacy-preserving document clustering among the users under the distributed environment; there are two parties, each having his private document database, want to collaboratively execute agglomerative document clustering without disclosing their private contents. We provide two implementations of such a framework, one is with more precision and stronger security but requires more computational resources. The other is a simplified version with less computational complexity and achieves higher processing speed. Additionally, we provide the security proofs and experimental analysis of precision and scalability of our proposal.

    DOI: 10.1002/sec.811

  • An efficient robust secret sharing scheme with optimal cheater resiliency

    Partha Sarathi Roy, Avishek Adhikari, Rui Xu, Kirill Morozov, Kouichi Sakurai

    4th International Conference on Security, Privacy, and Applied Cryptography Engineering, SPACE 2014 Security, Privacy, and Applied Cryptography Engineering - 4th International Conference, SPACE 2014, Proceedings   8804   47 - 58   2014年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this paper, we consider the problem of (t, δ) robust secret sharing secure against rushing adversary. We design a simple t-out-ofn secret sharing scheme, which can reconstruct the secret in presence of t cheating participants except with probability at most δ, provided t < n/2. The later condition on cheater resilience is optimal for the case of public reconstruction of the secret, on which we focus in this work. Our construction improves the share size of Cevallos et al. (EUROCRYPT-2012) robust secret sharing scheme by applying the “authentication tag compression” technique devised by Carpentieri in 1995. Our improvement is by a constant factor that does not contradict the asymptotic near-optimality of the former scheme. To the best of our knowledge, the proposed scheme has the smallest share size, among other efficient rushing (t, δ) robust secret sharing schemes with optimal cheater resilience.

  • A competitive three-level pruning technique for information security 査読

    Morshed Chowdhury, Jemal Abawajy, Andrei Kelarev, Kouichi Sakurai

    Communications in Computer and Information Science   490   25 - 32   2014年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The reduction of size of ensemble classifiers is important for various security applications. The majority of known pruning algorithms belong to the following three categories: ranking based, clustering based, and optimization based methods. The present paper introduces and investigates a new pruning technique. It is called a Three-Level Pruning Technique, TLPT, because it simultaneously combines all three approaches in three levels of the process. This paper investigates the TLPT method combining the state-of-the-art ranking of the Ensemble Pruning via Individual Contribution ordering, EPIC, the clustering of the K-Means Pruning, KMP, and the optimisation method of Directed Hill Climbing Ensemble Pruning, DHCEP, for a phishing dataset. Our new experiments presented in this paper show that the TLPT is competitive in comparison to EPIC, KMP and DHCEP, and can achieve better outcomes. These experimental results demonstrate the effectiveness of the TLPT technique in this example of information security application.

    DOI: 10.1007/978-3-662-45670-5

  • Performance evaluation of information theoretic secure multi-channel transmission on multihop wireless network

    Wataru Tsuda, Yoshiaki Hori, Kouichi Sakurai

    2013 IEEE 8th International Conference on Broadband, Wireless Computing, Communication and Applications, BWCCA 2013 Proceedings - 2013 8th International Conference on Broadband, Wireless Computing, Communication and Applications, BWCCA 2013   570 - 574   2013年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Current mainstream encryption based on computational security is sufficiently safe. However, if the computing power of an adversary increases, current encryption methods may no longer be safe. In this study, we focus on PSMT (Perfectly Secure Message Transmission) which is based on information theoretic security which could establish a security level stronger than computational security. We evaluated the performance of information theoretic secure Multi-channel Transmission on wireless sensor networks.

    DOI: 10.1109/BWCCA.2013.99

  • Exploiting reference images for image splicing verification

    Rimba Whidiana Ciptasari, Kyung Hyune Rhee, Kouichi Sakurai

    Digital Investigation, Volume 10   2013年10月

     詳細を見る

    記述言語:英語  

  • Reliable workflow scheduling with less resource redundancy

    Laiping Zhao, Yizhi Ren, Kouichi Sakurai

    Parallel Computing, Volume 39(10)   2013年10月

     詳細を見る

    記述言語:英語  

  • Multivariate signature scheme using quadratic forms

    Takanori Yasuda, Tsuyoshi Takagi, Kouichi Sakurai

    5th International Workshop on Post-Quantum Cryptography, PQCrypto 2013 Post-Quantum Cryptography - 5th International Workshop, PQCrypto 2013, Proceedings   7932 LNCS   243 - 258   2013年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Multivariate Public Key Cryptosystems (MPKC) are candidates for post-quantum cryptography. MPKC has an advantage in that its encryption and decryption are relatively efficient. In this paper, we propose a multivariate signature scheme using quadratic forms. For a finite dimensional vector space V, it is known that there are exactly two equivalence classes of non-degenerate quadratic forms over V. We utilize the method to transform any non-degenerate quadratic form into the normal form of either of the two equivalence classes in order to construct a new signature scheme in MPKC. The signature generation of our scheme is between eight and nine times more efficient more than the multivariate signature scheme Rainbow at the level of 88-bit security. We show that the public keys of our scheme can not be represented by the public keys of other MPKC signature schemes and this means our scheme is immune to many attacks that depend on the form of the central map used by these schemes.

    DOI: 10.1007/978-3-642-38616-9_17

  • A Behavior-based Method for Detecting Distributed Scan Attacks in Darknets

    Yaokai Feng, Yoshiaki Hori, Jun'ichi Takeuchi, Kouichi Sakurai

    Journal of Information Processing, Volume 21   2013年7月

     詳細を見る

    記述言語:英語  

  • Reliable workflow scheduling with less resource redundancy 査読

    Laiping Zhao, Yizhi Ren, Kouichi Sakurai

    Parallel Computing   39 ( 10 )   567 - 585   2013年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We examine the problem of reliable workflow scheduling with less resource redundancy. As scheduling workflow applications in heterogeneous systems, either for optimizing the reliability or for minimizing the makespan, are NP-Complete problems, we alternatively find schedules for meeting specific reliability and deadline requirements. First, we analyze the reliability of a given schedule using two important definitions: Accumulated Processor Reliability (APR) and Accumulated Communication Reliability (ACR). Second, inspired by the reliability analysis, we present three scheduling algorithms: RR algorithm schedules least Resources to meet the Reliability requirement; DRR algorithm extends RR by further considering the Deadline requirement; and dynamic algorithm schedules tasks dynamically: It avoids the "Chain effect" caused by uncertainties on the task execution time estimates, and relieves the impact from the inaccuracy on failure estimation. Finally, the empirical evaluation shows that our algorithms can save a significant amount of computation and communication resources when performing a similar reliability compared to Fault-Tolerant-Scheduling-Algorithm (FTSA) algorithm.

    DOI: 10.1016/j.parco.2013.06.003

  • A variant of rainbow with shorter secret key and faster signature generation

    Takanori Yasuda, Jintai Ding, Tsuyoshi Takagi, Kouichi Sakurai

    1st ACM Workshop on Asia Public-Key Cryptography, AsiaPKC 2013 AsiaPKC 2013 - Proceedings of the 1st ACM Workshop on Asia Public-Key Cryptography   57 - 62   2013年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Multivariate public key cryptosystems are being focused on as candidates for post-quantum cryptography. Rainbow is one of the most efficient signature schemes in multivariate public key cryptosystems. The main drawback of Rainbow is that their key size is much larger than that of RSA and ECC. In this paper, we propose an efficient variant of Rainbow that has a shorter secret key (and thus generates signatures faster) than the corresponding original Rainbow. In our scheme, we divide each layer of Rainbow into smaller blocks by using diagonal matrix representations. The size of the smaller blocks can be flexibly selected, and this enables us to carefully choose secure parameters so that our proposed scheme is secure against known attacks such as rank attacks, direct attacks, and UOV attack. We estimate that the secret key size of our proposed scheme with 100-bit security is smaller by about 40% than that of the original Rainbow. In addition, an implementation of our scheme in the C language is seen to generate signature faster by 40%.

    DOI: 10.1145/2484389.2484401

  • Upper bound of the length of information embedd in RSA public key efficiently

    Motoki Kitahara, Takanori Yasuda, Takashi Nishide, Kouichi Sakurai

    1st ACM Workshop on Asia Public-Key Cryptography, AsiaPKC 2013 AsiaPKC 2013 - Proceedings of the 1st ACM Workshop on Asia Public-Key Cryptography   33 - 38   2013年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Lenstra proposed a method by which information can be efficiently in a public key N in RSA encryption. Since then, many methods such as the additional key escrow function and a visible public key have been proposed. Lenstra made an assertion that the size of embeddable information is up to half the length of a public key, but he did not mention the strict upper bound of the size. In this paper, we analytially examine the Lenstra algorithm both in theory and implementation, and calcuate the upper bound of the size of information that can be efficiently embedded in an RSA public key.

    DOI: 10.1145/2484389.2484396

  • Efficient implementation for QUAD stream cipher with GPUs 査読

    Satoshi Tanaka, Takashi Nishide, Kouichi Sakurai

    Computer Science and Information Systems   10 ( 2 SPL )   897 - 911   2013年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    QUAD stream cipher uses multivariate polynomial systems. It has provable security based on the computational hardness assumption. More specifically, the security of QUAD depends on hardness of solving non-linear multivariate systems over a finite field, and it is known as an NP-complete problem. However, QUAD is slower than other stream ciphers, and an efficient implementation, which has a reduced computational cost, is required. In this paper, we propose an efficient implementation of computing multivariate polynomial systems for multivariate cryptography on GPU and evaluate efficiency of the proposal. GPU is considered to be a commodity parallel arithmetic unit. Moreover, we give an evaluation of our proposal. Our proposal parallelizes an algorithm of multivariate cryptography, and makes it efficient by optimizing the algorithm with GPU.

    DOI: 10.2298/CSIS121102040T

  • Efficient implementation for QUAD stream cipher with GPUs 査読

    Satoshi Tanaka, Takashi Nishide, Kouichi Sakurai

    Computer Science and Information Systems   10 ( 2 )   897 - 911   2013年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    QUAD stream cipher uses multivariate polynomial systems. It has provable security based on the computational hardness assumption. More specifically, the security of QUAD depends on hardness of solving non-linear multivariate systems over a finite field, and it is known as an NP-complete problem. However, QUAD is slower than other stream ciphers, and an efficient implementation, which has a reduced computational cost, is required. In this paper, we propose an efficient implementation of computing multivariate polynomial systems for multivariate cryptography on GPU and evaluate efficiency of the proposal. GPU is considered to be a commodity parallel arithmetic unit. Moreover, we give an evaluation of our proposal. Our proposal parallelizes an algorithm of multivariate cryptography, and makes it efficient by optimizing the algorithm with GPU.

    DOI: 10.2298/CSIS121102040T

  • Supporting Secure Provenance Update by Keeping "Provenance" of the Provenance 国際誌

    Amril Syalim, Takashi Nishide, Kouichi Sakurai

    ICT-EurAsia 2013   2013年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Confidentiality of 2D Code using Infrared with Cell-level Error Correction

    Nobuyuki Teraura, Kouichi Sakurai

    International Journal of Interactive Multimedia and Artificial Intelligence, Volume 2   2013年3月

     詳細を見る

    記述言語:英語  

  • Efficient implementation for QUAD stream cipher with GPUs

    Satoshi Tanaka, Takashi Nishide, Kouichi Sakurai

    Computer Science and Information Systems, Volume 10   2013年2月

     詳細を見る

    記述言語:英語  

  • Botnet command and control based on Short Message Service and human mobility 査読

    Jingyu Hua, Kouichi Sakurai

    Computer Networks   57 ( 2 )   579 - 597   2013年2月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Many serious threats for PCs are spreading to the mobile environment. A mobile botnet, which is a collection of hijacked smartphones under the control of hackers, is one of them. With the quick development of the computing and communication abilities of smartphones, many command and control (C&amp
    C) techniques in PC botnets can be easily reused in mobile botnets. However, some particular functions and characteristics of smartphones may provide botmasters with additional means to control their mobile botnets. This paper presents two special C&amp
    C mechanisms that leverage Short Message Service and human mobility, respectively. The first one designs a SMS-based flooding algorithm to propagate commands. We theoretically prove that the uniform random graph is the optimal topology for this botnet, and demonstrate its high efficiency and stealth with various simulations. The second one utilizes Bluetooth to transmit botnet commands when hijacked smartphones encounter each other while in motion. We study its performance in a 100 m × 100 m square area with NS-2 simulations, and show that human-mobility characteristics facilitate the command propagation. Even if the infection rate is low, the command can still be effectively propagated provided that the mobility of devices is high. In the end, we propose effective defense strategies against these two special C&amp
    C mechanisms. © 2012 Elsevier B.V. All rights reserved.

    DOI: 10.1016/j.comnet.2012.06.007

  • Botnet command and control based on Short Message Service and human mobility 査読

    Jingyu Hua, Kouichi Sakurai

    Computer Networks   57 ( 2 )   579 - 597   2013年2月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Many serious threats for PCs are spreading to the mobile environment. A mobile botnet, which is a collection of hijacked smartphones under the control of hackers, is one of them. With the quick development of the computing and communication abilities of smartphones, many command and control (C&C) techniques in PC botnets can be easily reused in mobile botnets. However, some particular functions and characteristics of smartphones may provide botmasters with additional means to control their mobile botnets. This paper presents two special C&C mechanisms that leverage Short Message Service and human mobility, respectively. The first one designs a SMS-based flooding algorithm to propagate commands. We theoretically prove that the uniform random graph is the optimal topology for this botnet, and demonstrate its high efficiency and stealth with various simulations. The second one utilizes Bluetooth to transmit botnet commands when hijacked smartphones encounter each other while in motion. We study its performance in a 100 m × 100 m square area with NS-2 simulations, and show that human-mobility characteristics facilitate the command propagation. Even if the infection rate is low, the command can still be effectively propagated provided that the mobility of devices is high. In the end, we propose effective defense strategies against these two special C&C mechanisms.

    DOI: 10.1016/j.comnet.2012.06.007

  • Analysis of methods for detecting compromised nodes and its countermeasures

    Fangming Zhao, Takashi Nishide, Yoshiaki Hori, Kouichi Sakurai

    International Conference on IT Convergence and Security, ICITCS 2012 IT Convergence and Security 2012   215 LNEE   53 - 60   2013年2月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The increased application of sensor network introduces new security challenges. In this paper, we analyze the detection methods of compromised nodes and its countermeasure in the sensor network. We first review common attacks in the sensor network application which can compromise a valid, resource-constrained node (or called device). Then, we introduce several standard detection approaches to show their characteristics in different applications of the sensor network. Finally, we summarize and discuss existing countermeasures to the compromised nodes.

    DOI: 10.1007/978-94-007-5860-5_7

  • Botnet command and control based on Short Message Service and human mobility

    Jingyu Hua, Kouichi Sakurai

    Computer Networks [and ISDN Systems], Volume 57   2013年2月

     詳細を見る

    記述言語:英語  

  • Evolution of cooperation in reputation system by group-based scheme

    Yizhi Ren, Mingchu Li, Yang Xiang, Yongrui Cui, Kouichi Sakurai

    The Journal of Supercomputing, Volume 63   2013年1月

     詳細を見る

    記述言語:英語  

  • Evolution of cooperation in reputation system by group-based scheme 査読

    Yizhi Ren, Mingchu Li, Yang Xiang, Yongrui Cui, Kouichi Sakurai

    Journal of Supercomputing   63 ( 1 )   171 - 190   2013年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Reputation systems are very useful in large online communities in which users may frequently have the opportunity to interact with users with whom they have no prior experience. Recently, how to enhance the cooperative behaviors in the reputation system has become to one of the key open issues. Emerging schemes focused on developing efficient reward and punishment mechanisms or capturing the social or economic properties of participants. However, whether this kind of method can work widely or not has been hard to prove until now. Research in evolutionary game theory shows that group selection (or multilevel selection) can favor the cooperative behavior in the finite population. Furthermore, some recent works give fundamental conditions for the evolution of cooperation by group selection. In the paper, we extend the original group selection theory and propose a group-based scheme to enhance cooperation for online reputation systems. Related concepts are defined to capture the social structure and ties among participants in reputation system, e.g., group, assortativity, etc. Also, we use a Fermi distribution function to reflect the bounded rationality of participants and the existence of stochastic factors in evolutionary process. Extended simulations show that our scheme can enhance cooperation and improve the average performance of participants (e.g. payoff) in reputation system. © 2010 Springer Science+Business Media, LLC.

    DOI: 10.1007/s11227-010-0498-8

  • Exploiting reference images for image splicing verification 査読

    Rimba Whidiana Ciptasari, Kyung Hyune Rhee, Kouichi Sakurai

    Digital Investigation   10 ( 3 )   246 - 258   2013年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    At the moment, image forgery in the mainstream media has become common. The degree of manipulation is facilitated by image editing software. Hence, there are many outstanding images which have no provenance information or certainty of authenticity. Therefore, constructing a scientific and automatic way for evaluating image authenticity is an important task. In spite of having outstanding performance, all the image forensics schemes developed so far have not provided verifiable information about source of tampering. This paper aims to propose a different kind of scheme, by exploiting a group of similar images, to verify the source of tampering. We begin with slightly modifying Robert's detector to enhance the detection results. The usage of membership function used to classify the suspicious region from the authentic one is introduced as well. Inspired by the image registration concept, we exploit the correlation-based alignment method to automatically identify the spliced region in any fragment of the reference images. Although the scheme is applicable under particular conditions, the efficacy of the proposed scheme on revealing the source of spliced regions is considerable. We anticipate this scheme to be the first concrete technique toward appropriate tools which are necessary for exposing digital image forgeries.

    DOI: 10.1016/j.diin.2013.06.014

  • Evolution of cooperation in reputation system by group-based scheme 査読

    Yizhi Ren, Mingchu Li, Yang Xiang, Yongrui Cui, Kouichi Sakurai

    Journal of Supercomputing   63 ( 1 )   171 - 190   2013年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Reputation systems are very useful in large online communities in which users may frequently have the opportunity to interact with users with whom they have no prior experience. Recently, how to enhance the cooperative behaviors in the reputation system has become to one of the key open issues. Emerging schemes focused on developing efficient reward and punishment mechanisms or capturing the social or economic properties of participants. However, whether this kind of method can work widely or not has been hard to prove until now. Research in evolutionary game theory shows that group selection (or multilevel selection) can favor the cooperative behavior in the finite population. Furthermore, some recent works give fundamental conditions for the evolution of cooperation by group selection. In the paper, we extend the original group selection theory and propose a group-based scheme to enhance cooperation for online reputation systems. Related concepts are defined to capture the social structure and ties among participants in reputation system, e.g., group, assortativity, etc. Also, we use a Fermi distribution function to reflect the bounded rationality of participants and the existence of stochastic factors in evolutionary process. Extended simulations show that our scheme can enhance cooperation and improve the average performance of participants (e.g. payoff) in reputation system.

    DOI: 10.1007/s11227-010-0498-8

  • General Fault Attacks on Multivariate Public Key Cryptosystems

    Yasufumi Hashimoto, Tsuyoshi Takagi, Kouichi Sakurai

    IEICE Transactions, Volume 96-A   2013年1月

     詳細を見る

    記述言語:英語  

  • A behavior-based method for detecting distributed scan attacks in darknets 査読

    Yaokai Feng, Yoshiaki Hori, Kouichi Sakurai, Junnichi Takeuchi

    Journal of Information Processing   21 ( 3 )   527 - 538   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The technologies used by attackers in the Internet environment are becoming more and more sophisticated. Of the many kinds of attacks, distributed scan attacks have become one of the most serious problems. In this study, we propose a novel method based on normal behavior modes of traffic to detect distributed scan attacks in darknet environments. In our proposed method, all the possible destination TCP and UDP ports are monitored, and when a port is attacked by a distributed scan, an alert is given. Moreover, the alert can have several levels reflecting the relative scale of the attack. To accelerate learning and updating the normal behavior modes and to realize rapid detection, an index is introduced, which is proved to be very efficient. The efficiency of our proposal is verified using real darknet traffic data. Although our proposal focuses on darknets, the idea can also be applied to ordinary networks.

    DOI: 10.2197/ipsjjip.21.527

  • The development of radiation-resistant rf TAGS for use at nuclear power plants

    Nobuyuki Teraura, Kunio Ito, Naoki Takahashi, Kouichi Sakurai

    2013 21st International Conference on Nuclear Engineering, ICONE 2013 Plant Operations, Maintenance, Engineering, Modifications, Life Cycle and Balance of Plant; Nuclear Fuel and Materials; Radiation Protection and Nuclear Technology Applications   1   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    RF tags based on RFID (Radio-frequency Identification) technology have been widely used in various fields including power plant construction and maintenance for the purpose of improving the identification and traceability of the many components in the facility. To date, various types of tags have been developed, including tags that are resistant to chemicals or high-temperature environments, which are used in specialized fields. When considering widespread use of RF tags in nuclear power plants, there is a concern about the effects of radiation on the RF tags, because the data stored in the tag may receive radiation damage, resulting in corruption of data. Here, we describe a newly designed RF tag that achieves resistance to radiation damage by attaching a radiation shield layer and incorporating automatic data-correction software. This radiation-resistant RF tag has been tested under real radiation exposure fields to verify the intended radiation-resistant functions. It is expected that the use of these radiation-resistant RF tags with a data reader and database system will increase the capabilities of RF tags applied to nuclear power plants and it is also expected to lead to reductions in worker radiation exposure doses.

    DOI: 10.1115/ICONE21-16605

  • Supporting secure provenance update by keeping "provenance" of the provenance

    Amril Syalim, Takashi Nishide, Kouichi Sakurai

    International Conference on Information and Communication Technology, ICT-EurAsia 2013 Information and Communication Technology - International Conference, ICT-EurAsia 2013, Proceedings   7804 LNCS   363 - 372   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Provenance of data is a documentation of the origin and processes that produce the data. Many researchers argue that the provenance should be immutable: once a provenance is submitted, it should not be changed or updated. A main reason is that the provenance represents the history of data, and the history should not be altered or changed because it represents the fact in the past. Provenance can be represented by a graph, where each node represents the process executed by a party and an edge represents the relationship between two nodes (i.e. a child node uses the outputs of the parent nodes). A method to ensure that the provenance has not been updated is by using signature chain, where the signatures of the parent nodes are recorded in the children nodes so that any changes to the parent nodes will raise inconsistencies between the parent and the children. However, sticking to the requirement that the provenance should be immutable requires unlimited data storage and also we have problems whenever we need to update the provenance for an accidental error. In this paper, we propose a method that allows updates in the signature chain-based secure provenance, while keeping the signature consistent. The main idea is by keeping the "provenance" of the provenance itself, that is the history of update of the provenance, in the form of the signatures of the previous versions of the nodes. We implement the idea by keeping the signatures of the previous version in a signature tree similar to the Merkle-tree, where the a parent node in tree is the aggregate signature of the children. Using this method, the storage requirement to store signatures is always smaller than the number of updates.

    DOI: 10.1007/978-3-642-36818-9_40

  • Secure and privacy preserving hierarchical wireless sensor networks using hybrid key management technique

    Sushmita Ruj, Kouichi Sakurai

    2013 IEEE Global Communications Conference, GLOBECOM 2013 2013 IEEE Global Communications Conference, GLOBECOM 2013   402 - 407   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    We propose a key management scheme for two-tire hierarchical mobile network using triple key distribution. Sensor nodes are divided into clusters managed by cluster heads which collect and aggregate data and send to base stations. The use of both symmetric and public key techniques makes the network highly resilient to node compromise. The nodes are resource constrained and thus communicate securely using symmetric triple key distribution technique. The cluster heads are powerful and use asymmetric key distribution techniques. The anonymity of cluster heads while forwarding messages is also preserved in our protocol. To the best of our knowledge, this is the first key management scheme which uses both symmetric and asymmetric triple key distribution mechanism. The analysis shows that our scheme is highly secure, preserves privacy of cluster heads and can support efficient addition and deletion of nodes.

    DOI: 10.1109/GLOCOM.2013.6831104

  • Improving Cost-Efficiency through Failure-Aware Server Management and Scheduling in Cloud

    Laiping Zhao, Kouichi Sakurai

    2nd International Conference on Cloud Computing and Services Science, CLOSER 2012 Cloud Computing and Services Science - 2nd International Conference, CLOSER 2012, Revised Selected Papers   367 CCIS   23 - 38   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    We examine the problem of managing a server farm in a cost-efficient way that reduces the cost caused by server failures, according to an Infrastructure-as-a-Service model in cloud. Specifically, failures in cloud systems are so frequent that severely affect the normal operation of job requests and incurring high penalty cost. It is possible to increase the net revenue through reducing the energy cost and penalty by leveraging failure predictiors. First, we incorporate the malfunction and recovery states into the server management process, and improve the cost-efficiency of each server using failure predictor-based proactive recovery. Second, we present a revenue-driven cloud scheduling algorithm, which further increases net revenue in collaboration with server management algorithm. The formal and experimental analysis manifests our expected net revenue improvement.

    DOI: 10.1007/978-3-319-04519-1_2

  • Image splicing verification based on pixel-based alignment method

    Rimba Whidiana Ciptasari, Kyung Hyune Rhee, Kouichi Sakurai

    11th International Workshop on Digital Forensics and Watermaking, IWDW 2012 Digital Forensics and Watermaking - 11th International Workshop, IWDW 2012, Revised Selected Papers   7809 LNCS   198 - 212   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Due to the easy manipulation and alteration of digital images using widely available software tools, forgery detection is emerged as a primary goal in image forensics. A common form of manipulation is to combine parts of the image fragment into another different image to remove objects from the image. Inspired by the image registration concept, we exploit the correlation-based alignment method to automatically identify the spliced region in any fragment of the reference images. We show the efficacy of the proposed scheme on revealing the source of spliced regions. We anticipate this scheme to be the first concrete technique towards appropriate tools which are necessary for exposing digital forgeries.

    DOI: 10.1007/978-3-642-40099-5_17

  • General fault attacks on multivariate public key cryptosystems 査読

    Yasufumi Hashimoto, Tsuyoshi Takagi, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E96-A ( 1 )   196 - 205   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The multivariate public key cryptosystem (MPKC), which is based on the problem of solving a set of multivariate systems of quadratic equations over a finite field, is expected to be secure against quantum attacks. Although there are several existing schemes in MPKC that survived known attacks and are much faster than RSA and ECC, there have been few discussions on security against physical attacks, aside from the work of Okeya et al. (2005) on side-channel attacks against Sflash. In this study, we describe general fault attacks on MPKCs including Big Field type (e.g. Matsumoto-Imai, HFE and Sflash) and Stepwise Triangular System (STS) type (e.g. UOV, Rainbow and TTM/TTS). For both types, recovering (parts of) the secret keys S, T with our fault attacks becomes more efficient than doing without them. Especially, on the Big Field type, only single fault is sufficient to recover the secret keys.

    DOI: 10.1587/transfun.E96.A.196

  • Efficient computing over GF(216) using graphics processing unit

    Satoshi Tanaka, Takanori Yasuda, Bo Yin Yang, Chen Mou Cheng, Kouichi Sakurai

    7th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2013 Proceedings - 7th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2013   843 - 846   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Evaluating non-linear multivariate polynomial systems over finite fields is an important subroutine, e.g., for encryption and signature verification in multivariate cryptography. The security of multivariate cryptography definitely becomes lower if a larger field is used instead of GF(2) given the same number of bits in the key. However, we still would like to use larger fields because multivariate cryptography tends to run faster at the same level of security if a larger field is used. In this paper, we compare the efficiency of several techniques for evaluating multivariate polynomial systems over GF(2 16) vi their implementations on graphics processing units.

    DOI: 10.1109/IMIS.2013.151

  • Detection of android API call using logging mechanism within android framework

    Yuuki Nishimoto, Naoya Kajiwara, Shinichi Matsumoto, Yoshiaki Hori, Kouichi Sakurai

    9th International Conference on Security and Privacy in Communication Networks, SecureComm 2013 Security and Privacy in Communication Networks - 9th International ICST Conference, SecureComm 2013, Revised Selected Papers   127 LNICST   393 - 404   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Android based smartphones have become popular. Accordingly, many malwares are developed. The malwares target information leaked from Android. However, it is difficult for users to judge the availability of application by understanding the potential threats in the application. In this paper, we focus on acquisition of information by using a remote procedure call when we invoke the API to acquire phone ID. We design a methodology to record invocation that are concerned the API by inserting Log.v methods. We examined our method, and confirm empirically the record of the call behavior of the API to acquire phone ID.

  • Detecting HTTP-based botnet based on characteristic of the C&C session using by SVM

    Kazumasa Yamauchi, Yoshiaki Hori, Kouichi Sakurai

    2013 8th Asia Joint Conference on Information Security, AsiaJCIS 2013 Proceedings - 2013 8th Asia Joint Conference on Information Security, AsiaJCIS 2013   63 - 68   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    With the spread of computer, the increase of malware is a serious problem. In some malware, damage caused by botnet is a serious problem. Botnets perform the attack by remote control. The purpose of the present work is to suppress the botnet activity by detecting the C&C traffic through well-suited observations. There already exists many detection techniques, most of which focus on IRC-based botnet, and very little focus on HTTP-based botnet, even less, which include comparisons between both detection techniques. In this work, we focus on the HTTP-based botnet, and in order to classify normal HTTP session and C&C session, we make use of Support Vector Machine.

    DOI: 10.1109/ASIAJCIS.2013.17

  • DASC 2013 Message from the general chairs 査読

    Vincenzo Piuri, Jose M.Alcaraz Calero, Kouichi Sakurai, Yiming Pi

    Proceedings - 2013 IEEE 11th International Conference on Dependable, Autonomic and Secure Computing, DASC 2013   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1109/DASC.2013.7

  • A proposal for the privacy leakage verification tool for android application developers

    Shinichi Matsumoto, Kouichi Sakurai

    7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013 Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2013   2013年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Nowadays, smartphone market has been growing rapidly, and smartphone has become essential as a business tool. One of the crucial advantages of a smartphone is an installable third-party application. Number of these has continued to grow explosively. However, vulnerabilities in smartphone applications are seemed as serious problem. This is not only for the smartphone users, also for smartphone application developers and/or vendors. Until now, most vulnerability tests on smartphone applications are targeted that has been packaged as a commercial product and distributed in application marketplaces. These tests are performed on dynamically on application binaries. In this paper, we aim to develop the static vulnerability verification tool that can be utilized for smartphone application developers and/or vendors in the implementation and/or test phase of development process. This tool intakes source codes and determine where to read the privacy information in the source codes, and determine where to write/send the information in there. Then analyze the privacy information transfer and/or transform flow and report the possibilities of privacy information leakage to application developers.

    DOI: 10.1145/2448556.2448610

  • Guest editorial Managing insider security threats (MIST 2012 Volume 1) 査読

    Kouichi Sakurai, Dieter Gollmann

    Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications   3 ( 4 )   1 - 3   2012年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Insider threats are one of the serious hard problems of organizational security because it is often unclear whether or not an actor is an insider, or what we actually mean by "insider". In addition, it is frequently almost impossible to verify if an authorized insider action (authorized at the level of an operational policy) would constitute an insider attack contravening the organizational security policy of an enterprise. Hence, research on how to fight against insider attacks is one of the recent major topics in information security.

  • Workflow scheduling with fault tolerance

    Laiping Zhao, Kouichi Sakurai

    Network and Traffic Engineering in Emerging Distributed Computing Applications   94 - 123   2012年12月

     詳細を見る

    記述言語:英語  

    This chapter describes a study on workflow scheduling with fault tolerance. It starts with an understanding on workflow scheduling and fault tolerance technologies independently. Next, the chapter surveys the related works on the combination field of workflow scheduling and fault tolerance technologies. Generally, these works are classified into six categories corresponding to the six fault tolerance technologies: workflow scheduling with primary/backup, primary/backup with multiple backups, checkpoint, rescheduling, active replication, and active replication with dynamic replicas. An in-depth study on these six topics illustrates the challenge issues explored so far, e.g. overloading conditions, tradeoffs among scheduling criteria, et cetera, and some future research directions are also identified. As applications are increasingly complex, and failures become a severe problem in the large scale systems, the authors expect to provide a comprehensive review on the problem of workflow scheduling with fault tolerance through this work.

    DOI: 10.4018/978-1-4666-1888-6.ch005

  • Revocation and tracing based on ternary tree Towards optimal broadcast encryption scheme

    Kazuhide Fukushima, Shinsaku Kiyomoto, Yutaka Miyake, Kouichi Sakurai

    8th International Joint Conference on e-Business and Telecommunications, ICETE 2011 E-Business and Telecommunications International Joint Conference, ICETE 2011 Seville, Spain, July 18-21, 2011 Revised Selected Papers   233 - 248   2012年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    This paper proposes a broadcast encryption scheme with traitor tracing based on the ternary tree structure. The subset difference method with ternary tree reduces the communication cost and tracing cost of the original method with the binary tree. However, straightforward expansion of the method ends in failure due to the vulnerability to coalition attacks. Thus, we design a new cover-finding algorithm and label assignment algorithm in order to achieve a coalition-resistant revocation and tracing schemes. Our analysis on efficiency and security shows that our scheme is an improvement of the existing broadcast encryption schemes: complete subtree and subset difference methods.

    DOI: 10.1007/978-3-642-35755-8_17

  • Cryptanalysis of randomized arithmetic codes based on markov model

    Liang Zhao, Takashi Nishide, Avishek Adhikari, Kyung Hyune Rhee, Kouichi Sakurai

    7th China International Conference on Information Security and Cryptography, Inscrypt 2011 Information Security and Cryptology - 7th International Conference, Inscrypt 2011, Revised Selected Papers   341 - 362   2012年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    An improvement of arithmetic coding based on Markov model () has been proposed in the paper (Duan L.L., Liao X. F., Xiang T., Communications in Nonlinear Science and Numerical Simulation, 2011, 16(6):2554-2562). Though, a methodology to construct the is proposed in the above mentioned paper, it really lacks the formal definition of the. In the current paper, we not only investigate the security analysis of the, but also put forward formal definitions of the as well as its different security notions. Based on those definitions, a chosen-plaintext attack is proposed to reveal the used pseudorandom bit sequence for the encryption under the condition that the same pseudorandom bit sequence is used to encrypt the different messages. We also show that the does not have indistinguishable encryptions under the ciphertext-only attack (i.e., does not have indistinguishable encryptions in the presence of an eavesdropper) even if the different pseudorandom bit sequences are used to encrypt the different messages. Moreover, when the is combined with the randomized arithmetic code () (Grangetto M., Magli E., Olmo G., IEEE Trans. Multimedia, 2006 8(5):905-917), we also explore the insecurity of this combined encryption scheme. The analysis demonstrates that the + is also insecure. Finally, the simulated experimental results show the correctness of all the proposed attacks.

    DOI: 10.1007/978-3-642-34704-7-24

  • A repeated game approach for analyzing the collusion on selective forwarding in multihop wireless networks 査読

    Dong Hao, Xiaojuan Liao, Avishek Adhikari, Kouichi Sakurai, Makoto Yokoo

    Computer Communications   35 ( 17 )   2125 - 2137   2012年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In multihop wireless networks (MWNs), the selective forwarding attack is a special case of denial of service attack. In this attack, the malicious wireless nodes only forward a subset of the received packets, but drop the others. This attack becomes more severe if multiple attackers exist and collude together to disrupt the normal functioning of the secure protocols. By colluding, each attacker can even only drop a little packets, but the overall loss of the path will be high. However, most prior researches on selective forwarding attacks assume the attackers do not collude with each other. Furthermore, the previous works also lack of comprehensive security analysis. In this paper, by utilizing the game theoretic approach, we analyze the collusion in selective forwarding attacks. We first put forward a sub-route oriented punish and reward scheme, and propose an multi-attacker repeated colluding game. Then by static and dynamic analysis of this colluding attack game, we find the sub-game equilibriums which indicate the attackers' optimal attack strategies. Based on the analysis result, we establish a security policies for multihop wireless networks, to threaten and detect the malicious insider nodes which collude with each other to launch the selective forwarding attacks.

    DOI: 10.1016/j.comcom.2012.07.006

  • A repeated game approach for analyzing the collusion on selective forwarding in multihop wireless networks 査読

    Dong Hao, Xiaojuan Liao, Avishek Adhikari, Kouichi Sakurai, Makoto Yokoo

    COMPUTER COMMUNICATIONS   35 ( 17 )   2125 - 2137   2012年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In multihop wireless networks (MWNs), the selective forwarding attack is a special case of denial of service attack. In this attack, the malicious wireless nodes only forward a subset of the received packets, but drop the others. This attack becomes more severe if multiple attackers exist and collude together to disrupt the normal functioning of the secure protocols. By colluding, each attacker can even only drop a little packets, but the overall loss of the path will be high. However, most prior researches on selective forwarding attacks assume the attackers do not collude with each other. Furthermore, the previous works also lack of comprehensive security analysis. In this paper, by utilizing the game theoretic approach, we analyze the collusion in selective forwarding attacks. We first put forward a sub-route oriented punish and reward scheme, and propose an multi-attacker repeated colluding game. Then by static and dynamic analysis of this colluding attack game, we find the sub-game equilibriums which indicate the attackers' optimal attack strategies. Based on the analysis result, we establish a security policies for multihop wireless networks, to threaten and detect the malicious insider nodes which collude with each other to launch the selective forwarding attacks. (c) 2012 Elsevier B.V. All rights reserved.

    DOI: 10.1016/j.comcom.2012.07.006

  • Providing secure location-aware services for cooperative vehicular Ad Hoc networks 査読

    Chul Sur, Youngho Park, Kouichi Sakurai, Kyung Hyune Rhee

    Journal of Internet Technology   13 ( 4 )   631 - 644   2012年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In homeland security, the transportation system built on vehicular ad hoc networks (VANETs) is one sector among key resource sectors for national infrastructure protection plan identified by the department of homeland security (DHS) of the United States. Thus, it is an essential aspect to develop a suit of elaborately designed VANET security mechanisms for a successful homeland security infrastructure. However, all prior privacy-preserving authentication protocols for secure vehicular communications have not satisfied the fulfillment of location assurance to develop secure location-aware service applications in VANETs. In this paper, we make up for the limitations and propose an efficient privacy-preserving authentication protocol with location assurance for secure location-aware services over VANETs. In particular, we introduce the notion of location-aware credential so as to guarantee the trustworthiness of geographic location in location-aware services while providing conditional privacy preservation which is a desirable property for secure vehicular communications. Furthermore, the proposed protocol provides efficient procedures that alleviate a burden of computation for location-aware signature generation and verification on vehicles in VANETs. In order to achieve these goals, we consider online/offline signature scheme based on "hash-sign-switch" paradigm and identity-based aggregate signature scheme as our building blocks. Comprehensive simulations are conducted to confirm the efficiency and effectiveness of the proposed protocol.

  • Mixed-strategy game based trust management for clustered wireless sensor networks

    Dong Hao, Avishek Adhikari, Kouichi Sakurai

    3rd International Conference on Trusted Systems, INTRUST 2011 Trusted Systems - Third International Conference, INTRUST 2011, Revised Selected Papers   7222 LNCS   239 - 257   2012年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Wireless sensor networks are vulnerable to a large number of security threats and malicious attacks. The traditional security approaches from encryption and authentication are insufficient to defend the insider attacks which are launched inside of the WSNs and bypass the crypto-based defence. Trust management has been recently suggested as one of the effective security mechanisms for distributed systems, and is a promising new approach to solve the security challenges in wireless sensor networks. However, to the best of our knowledge, it is still a challenge to establish an integrated trust management mechanism with comprehensive security analysis. In this paper, we consider the clustered wireless sensor network in which the cluster head is in charge of the trust management of other sensor nodes. We propose a novel, integrated trust management mechanism for the cluster wireless sensor networks, and analyze the optimal decision making policy by using game theory. First, the upstream/downstream joint monitoring scheme is implemented to securely and efficiently observe the behavior of the insider nodes. Then based on the monitoring results, the local trustworthiness and global trust worthiness are derived based on the trust exchange and the trust computation. Finally, by game theoretic analysis of the security interaction between the attacker and the network, the optimal trust policy can be made based on min-max rule, and the optimal utility of the WSNs can be guaranteed.

    DOI: 10.1007/978-3-642-32298-3_16

  • On revenue driven server management incloud

    Laiping Zhao, Kouichi Sakurai

    2nd International Conference on Cloud Computing and Services Science, CLOSER 2012 CLOSER 2012 - Proceedings of the 2nd International Conference on Cloud Computing and Services Science   295 - 305   2012年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    As failures are becoming frequent due to the increasing scale of data centers, Service Level Agreement (SLA) violation often occurs at a cloud provider, thereby affecting the normal operation of job requests and incurring high penalty cost. To this end, we examine the problem of managing a server farm in a way that reduces the penalty caused by server failures according to an Infrastructure-as-a-Service model. We incorporate the malfunction and recovery states into the server management process, and improve the cost efficiency of server management by leveraging the failure predictors. We also design a utility model describing the expected net revenue obtained from providing service. The basic idea is that, a job could be rejected or migrate to another server if a negative utility is anticipated. The formal and experimental analysis manifests our expected net revenue improvement.

  • On the security analysis of an image scrambling encryption of pixel bit and its improved scheme based on self-correlation encryption 査読

    Liang Zhao, Avishek Adhikari, Di Xiao, Kouichi Sakurai

    COMMUNICATIONS IN NONLINEAR SCIENCE AND NUMERICAL SIMULATION   17 ( 8 )   3303 - 3327   2012年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    An image scrambling encryption scheme for pixel bits was presented by Ye [Ye GD. Image scrambling encryption algorithm of pixel bit based on chaos map. Pattern Recognit Lett 2010;31:347-54], which can be seen as one kind of typical binary image scrambling encryption considering from the bit-plain of size M x (8N). However, recently, some defects existing in the original image encryption scheme, i.e., Ye's scheme, have been observed by Li and Lo [Li CQ, Lo KT. Optimal quantitative cryptanalysis of permutation-only multimedia ciphers against plaintext attacks. Signal Process 2011;91:949-54]. In the attack proposed by Li and Lo at least 3 + inverted right perpendicularlog(2)(MN)inverted left perpendicular plain images of size M x N are used to reveal the permutation matrix W = [w(i,k)] (i is an element of {1, 2, ... , M}; k is an element of {1, 2, ... , 8N}) which can be applied to recover the exact plain image. In the current paper, at first, one type of special plain image/cipher image is used to analyze the security weakness of the original image scrambling scheme under study. The final encryption vectors TM and TN or the decryption vectors TM' and TN' are revealed completely according to our attack. To demonstrate the performance of our attack, a quantified comparison is drawn between our attack and the attack proposed by Li and Lo. Compared with Li and Lo's attack, our attack is more efficient in the general conditions. In particular, when the sizes of images satisfy the condition M = N or M <= 8N, the number of the used plain images/cipher images is at most 9, which is sharply less than 3 + inverted right perpendicularlog(2)(MN)inverted left perpendicular when M and N are of large size. To overcome the weaknesses of the original scheme, in this paper, an improved image scrambling encryption scheme is proposed. In the improved scheme, the idea of the "self-correlation" method is used to resist the chosen-plaintext attack/known-plaintext attack. The corresponding simulations and analyses illustrate that the improved encryption method has good cryptographic properties, and can overcome the weakness of the original image encryption scheme. Finally, farther improvement is briefly presented for the future work. (C) 2011 Elsevier B.V. All rights reserved.

    DOI: 10.1016/j.cnsns.2011.12.015

  • On the security analysis of an image scrambling encryption of pixel bit and its improved scheme based on self-correlation encryption 査読

    Liang Zhao, Avishek Adhikari, Di Xiao, Kouichi Sakurai

    Communications in Nonlinear Science and Numerical Simulation   17 ( 8 )   3303 - 3327   2012年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    An image scrambling encryption scheme for pixel bits was presented by Ye [Ye GD. Image scrambling encryption algorithm of pixel bit based on chaos map. Pattern Recognit Lett 2010;31:347-54], which can be seen as one kind of typical binary image scrambling encryption considering from the bit-plain of size M×(8N). However, recently, some defects existing in the original image encryption scheme, i.e., Ye's scheme, have been observed by Li and Lo [Li CQ, Lo KT. Optimal quantitative cryptanalysis of permutation-only multimedia ciphers against plaintext attacks. Signal Process 2011;91:949-54]. In the attack proposed by Li and Lo at least 3+⌈log 2(MN)⌉ plain images of size M×N are used to reveal the permutation matrix W=[w(i,k)] (i∈{1, 2,...,M};k∈{1,2,...,8N}) which can be applied to recover the exact plain image. In the current paper, at first, one type of special plain image/cipher image is used to analyze the security weakness of the original image scrambling scheme under study. The final encryption vectors TM and TN or the decryption vectors TM' and TN' are revealed completely according to our attack. To demonstrate the performance of our attack, a quantified comparison is drawn between our attack and the attack proposed by Li and Lo. Compared with Li and Lo's attack, our attack is more efficient in the general conditions. In particular, when the sizes of images satisfy the condition M=N or M≤8N, the number of the used plain images/cipher images is at most 9, which is sharply less than 3+⌈log 2(MN)⌉ when M and N are of large size. To overcome the weaknesses of the original scheme, in this paper, an improved image scrambling encryption scheme is proposed. In the improved scheme, the idea of the "self-correlation" method is used to resist the chosen-plaintext attack/known-plaintext attack. The corresponding simulations and analyses illustrate that the improved encryption method has good cryptographic properties, and can overcome the weakness of the original image encryption scheme. Finally, farther improvement is briefly presented for the future work.

    DOI: 10.1016/j.cnsns.2011.12.015

  • Securing provenance of distributed processes in an untrusted environment 査読

    Amril Syalim, Takashi Nishide, Kouichi Sakurai

    IEICE Transactions on Information and Systems   E95-D ( 7 )   1894 - 1907   2012年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Recently, there is much concern about the provenance of distributed processes, that is about the documentation of the origin and the processes to produce an object in a distributed system. The provenance has many applications in the forms of medical records, documentation of processes in the computer systems, recording the origin of data in the cloud, and also documentation of human-executed processes. The provenance of distributed processes can be modeled by a directed acyclic graph (DAG) where each node represents an entity, and an edge represents the origin and causal relationship between entities. Without sufficient security mechanisms, the provenance graph suffers from integrity and confidentiality problems, for example changes or deletions of the correct nodes, additions of fake nodes and edges, and unauthorized accesses to the sensitive nodes and edges. In this paper, we propose an integrity mechanism for provenance graph using the digital signature involving three parties: the process executors who are responsible in the nodes' creation, a provenance owner that records the nodes to the provenance store, and a trusted party that we call the Trusted Counter Server (TCS) that records the number of nodes stored by the provenance owner. We show that the mechanism can detect the integrity problem in the provenance graph, namely unauthorized and malicious "authorized" updates even if all the parties, except the TCS, collude to update the provenance. In this scheme, the TCS only needs a very minimal storage (linear with the number of the provenance owners). To protect the confidentiality and for an efficient access control administration, we propose a method to encrypt the provenance graph that allows access by paths and compartments in the provenance graph. We argue that encryption is important as a mechanism to protect the provenance data stored in an untrusted environment. We analyze the security of the integrity mechanism, and perform experiments to measure the performance of both mechanisms.

    DOI: 10.1587/transinf.E95.D.1894

  • Cooperatively securing network coding against pollution attacks with incentive mechanism

    Yichao Xu, Kouichi Sakurai

    6th International Conference on Ubiquitous Information Management and Communication, ICUIMC'12 Proceedings of the 6th International Conference on Ubiquitous Information Management and Communication, ICUIMC'12   2012年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The availab ility of network system with network coding can suffer from malicious nodes intentionally corrupt the encoded packets. T he sit uat ion will get even worse when t here are self ish nodes that are unwilling to take the measure of securit y mechanism. In such situation, selfish nodes should be motivated to follow the protocol, and malicious nodes need to be detected. We integrate an efficient Homomorphic MAC with a lightweight non-repudiation transmission protocol which can not only detect the corrupted packets but also locate the malicious nodes. In order to deal with the selfish behavior, we propose an incentive scheme which can encourage the nodes to follow the protocol faithfully and detect the pollution attacks. In addition, we analyze the relationship between security and parameters of the protocol, which can help to choose the better parameters the system requires. From the evaluated results, we can see that our design can effectively defense against pollution attacks in the system with network coding with high security and good performance.

    DOI: 10.1145/2184751.2184815

  • Flexible service selection with user-specific QoS support in service-oriented architecture 査読

    Laiping Zhao, Yizhi Ren, Mingchu Li, Kouichi Sakurai

    Journal of Network and Computer Applications   35 ( 3 )   962 - 973   2012年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Along with the development of the service-oriented architecture (SOA) and cloud computing, a large number of service providers have created an intense competitive world of business. Consequently, it is becoming increasingly complex to select a service provider for a user as a result of their various economic and social attributes. In this paper, we state the problem of how to find the appropriate services with satisfying the users multiple QoS requirements. We consider the service's response time, trust degree and monetary cost. And inspired from the mode of Web search engine, such as Yahoo, Google, we propose an innovative service selection algorithm for SOA systems. The algorithm can recommend a number of suitable services based on the user's QoS requirements. Compared with the existing scheduling algorithms, our solution is much more flexible in supporting the multiple objectives and user personalization. We study the scalability of the algorithm with different numbers of jobs, service providers and QoS criteria. And we find that it can capture user's preferences value in less than six times of job submissions.

    DOI: 10.1016/j.jnca.2011.03.013

  • Adaptive and composable non-interactive string-commitment protocols

    Huafei Zhu, Tadashi Araragi, Takashi Nishide, Kouichi Sakurai

    7th International Joint Conference on e-Business and Telecommunications, ICETE 2010 e-Business and Telecommunications - 7th International Joint Conference, ICETE 2010, Revised Selected Papers   222 CCIS   233 - 242   2012年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this paper, a non-interactive string-commitment protocol in the common reference string model is presented and analyzed. We show that the proposed (length-flexible) commitment protocol realizes the universally composable security in the presence of adaptive adversaries in the standard computational model assuming that the underlying Paillier's public-key encryption (or Damgård and Jurik's public-key encryption scheme when a lengthflexible property is claimed) is semantically secure and the Damgård-Fazio- Nicolosi's non-interactive protocol is zero-knowledge in the registered public-key model.

    DOI: 10.1007/978-3-642-25206-8_15

  • Universally composable non-committing encryptions in the presence of adaptive adversaries

    Huafei Zhu, Tadashi Araragi, Takashi Nishide, Kouichi Sakurai

    7th International Joint Conference on e-Business and Telecommunications, ICETE 2010 e-Business and Telecommunications - 7th International Joint Conference, ICETE 2010, Revised Selected Papers   222 CCIS   274 - 288   2012年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Designing non-committing encryptions tolerating adaptive adversaries is a challenging task. In this paper, a simple implementation of non-committing encryptions is presented and analyzed in the strongest security model. We show that the proposed non-committing encryption scheme is provably secure against adaptive adversaries in the universally composable framework assuming that the decisional Diffie-Hellman problem is hard.

    DOI: 10.1007/978-3-642-25206-8_18

  • Security analysis of offline E-cash systems with malicious insider 査読

    Takashi Nishide, Shingo Miyazaki, Kouichi Sakurai

    Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications   3 ( 1-2 )   55 - 71   2012年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    When we build electronic cash systems, the main focus of the design is usually on preventing customers' malicious actions. However, since authorities such as banks and certificate authorities may have important secret data of customers, the insiders in the potentially untrusted authorities can become threats to electronic cash systems. Miyazaki and Sakurai [2] first systematically analyzed security of offline anonymous electronic cash systems by considering the insider threats from untrusted authorities. They investigated the security of the existing electronic cash systems and categorized the systems into four types. In this paper, we reconsider the security of offline anonymous electronic cash systems including more recent systems based on the classification of Miyazaki and Sakurai and investigate the possible effective countermeasures against malicious insiders.

  • Reducing the key size of rainbow using non-commutative rings

    Takanori Yasuda, Kouichi Sakurai, Tsuyoshi Takagi

    12th Cryptographers' Track at the RSA Conference, CT-RSA 2012 Topics in Cryptology, CT-RSA 2012 - The Cryptographers' Track at the RSA Conference 2012, Proceedings   7178 LNCS   68 - 83   2012年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Multivariate Public Key Cryptosystems (MPKC) are candidates for post-quantum cryptography. Rainbow is a digital signature scheme in MPKC, whose encryption and decryption are relatively efficient. However, the security of MPKC depends on the difficulty in solving a system of multivariate polynomials, and the key length of MPKC becomes substantially large compared with that of RSA cryptosystems for the same level of security. The size of the public key in MPKC has been reduced in previous research, but to the best of our knowledge, there are no algorithms to reduce the size of a private key . In this paper, we propose NC-Rainbow, a variation of Rainbow using non-commutative rings and we describe the ability of the proposed scheme to reduce the size of a private key in comparison with the ordinary Rainbow while maintaining the same level of security. In particular, using the proposed NC-Rainbow, the size of a private key is reduced by about 75% at the 80 bit security level. Moreover, the speed of signature generation is accelerated by about 34% at the 80 bit security level.

    DOI: 10.1007/978-3-642-27954-6_5

  • A finite equivalence of verifiable multi-secret sharing 査読

    Hui Zhao, Mingchu Li, Kouichi Sakurai, Yizhi Ren, Jonathan Z. Sun, Fengying Wang

    International Journal of Computational Intelligence Systems   5 ( 1 )   1 - 12   2012年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We give an abstraction of verifiable multi-secret sharing schemes that is accessible to a fully mechanized analysis. This abstraction is formalized within the applied pi-calculus by using an equational theory which characterizes the cryptographic semantics of secret share. We also present an encoding from the equational theory into a convergent rewriting system, which is suitable for the automated protocol verifier ProVerif. Based on that, we verify the threshold certificate protocol in ProVerif.

    DOI: 10.1080/18756891.2012.670517

  • A behavior-based detection method for outbreaks of low-rate attacks

    Yaokai Feng, Yoshiaki Hori, Kouichi Sakurai, Junnichi Takeuchi

    2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet, SAINT 2012 Proceedings - 2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet, SAINT 2012   267 - 272   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Low-rate attacks can conceal their traffic because their packets are at very low rates, which make it easy to bury themselves into the normal traffic. Thus, although a number of volume-based detection techniques are able to identify anomalies that trigger significant changes in traffic volume, they are not applicable to detecting low-rate attacks. Because of this, the problem of low-rate attacks has been attracting many researchers in the community of network security. In this study, for the first time we propose a method based on the normal behavior mode of traffic to detect outbreaks of low-rate attacks. The experimental result indicates that our proposal is efficient.

    DOI: 10.1109/SAINT.2012.50

  • Weakness of provably secure searchable encryption against frequency analysis

    Takanori Suga, Takashi Nishide, Kouichi Sakurai

    5th Mosharaka International Conference on Communications, Computers and Applications, MIC-CCA 2012 Proceedings of the 5th International Conference on Communications, Computers and Applications, MIC-CCA 2012   142 - 147   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    There are encryption schemes called searchable encryption schemes. We can prove the security of these schemes based on a security model. However, we face the risk of the frequency analysis in some constructions because these schemes encrypt the keywords per word in the file as well as itself. In this attack, we assume an adversary knows the frequency distribution of plaintexts (i.e., keywords), and an adversary measures the frequency of the ciphertext and guesses the plaintext by comparing the frequency of the plaintext with it. In this work, we apply this attack to the existing works and evaluate the resistance of the searchable encryption to this attack by considering the difference between the deterministic encryption and the probabilistic encryption, and the supported types of searches.

  • Secure keyword search using bloom filter with specified character positions

    Takanori Suga, Takashi Nishide, Kouichi Sakurai

    6th International Conference on Provable Security, ProvSec 2012 Provable Security - 6th International Conference, ProvSec 2012, Proceedings   7496 LNCS   235 - 252   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    There are encryption schemes called searchable encryption which enable keyword searches. Traditional symmetric ones support only full keyword matches. Therefore, both a data owner and data searcher have to enumerate all possible keywords to realize a variety of searches. It causes increases of data size and run time.We propose searchable symmetric encryption which can check characters in the specified position as we perform search on plaintexts. Our scheme realizes a variety of searches such as fuzzy keyword search, wildcard search, and so on.

    DOI: 10.1007/978-3-642-33272-2_15

  • Proposal of the hierarchical file server groups for implementing mandatory access control

    Taketoshi Sakuraba, Kouichi Sakurai

    6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012 Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012   639 - 644   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    An accessible implementation of MAC for file access is proposed. Instead of traditional but unfamiliar MAC aware tools such as secure-OSs, the security enforcement mechanism of our proposal is FSG (file server group) which is structured so that they reflect a security policy of the organization. Using ordinal file servers, it is accessible to the most of commercial office environment. We also propose the use of FCA (formal concept analysis), a technology for knowledge extraction, to derive the structure of FSG for information flow enforcement. An advantage of use of FCA is that it directly produces configuration parameters such as access points of users as the knowledge extracted from organizational security policy. The configuration of the file server group is easy to understand, and the management cost of FSG is lower than that of the ordinary flat structured file servers.

    DOI: 10.1109/IMIS.2012.129

  • Preventing the access of fraudulent WEB sites by using a special two-dimensional code

    Nobuyuki Teraura, Kouichi Sakurai

    6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012 Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012   645 - 650   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Mobile phone users are being increasingly directed to WEB sites through the identification of the WEB address from a two-dimensional code on the phone. However, incidents where mobile phones direct users to malicious WEB sites are also increasing. The direct lead mechanism, in which mobile phones directly send users to an uninspected WEB address, is the most common mechanism by which users are misdirected to fraudulent WEB sites. To address this issue, a registration server for inspecting WEB addresses and storing the corresponding registration IDs in the two-dimensional code format was established. Subsequently, the reliability of directing users to WEB sites only after verifying the registration ID of the target WEB address was examined. However, this approach was susceptible to phishing and camouflage when malicious software was used to rewrite the registration ID and the relationship of the WEB address on the registration server. Therefore, an approach that uses two-dimensional codes with a secret encrypted component was proposed.

    DOI: 10.1109/IMIS.2012.57

  • Multi-user keyword search scheme for secure data sharing with fine-grained access control

    Fangming Zhao, Takashi Nishide, Kouichi Sakurai

    14th International Conference on Information Security and Cryptology, ICISC 2011 Information Security and Cryptology, ICISC 2011 - 14th International Conference, Revised Selected Papers   7259 LNCS   406 - 418   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    We consider the problem of searchable encryption scheme for the cryptographic cloud storage in such a way that it can be efficiently and privately executed under the multi-user setting. Searchable encryption schemes allow users to perform keyword searches on encrypted files to retrieve their interested data without decryption. All existing such schemes only consider the straightforward search approach where for searching one encrypted keyword, the cloud server must look round all encrypted files on the storage to compare that encrypted keyword to each keyword index. Since the file number can be very huge and the user may be unable to decrypt all files, that approach is not efficient and secure enough. In this paper, we first propose a keyword search scheme for the cryptographic cloud storage based on attribute-based cryptosystems. Our scheme presents a new keyword search notion: fine-grained access control aware keyword search. By narrowing the search scope to the user's decryptable files' group before executing the keyword search, our approach can both decrease information leakage from the query process and be more efficient than other existing schemes.

    DOI: 10.1007/978-3-642-31912-9_27

  • Message from ISSR-2012 workshop chairs 査読

    Kouichi Sakurai, Lizhe Wang, Ei Sayed M Ei-Alfy

    Quaternary International   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1109/TrustCom.2012.311

  • Information hiding of two-dimensional code by multi-layer optical

    Nobuyuki Teraura, Kouichi Sakurai

    2012 10th IEEE International Symposium on Parallel and Distributed Processing with Applications, ISPA 2012 Proceedings of the 2012 10th IEEE International Symposium on Parallel and Distributed Processing with Applications, ISPA 2012   770 - 777   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Optical information media printed on paper use printing materials to absorb visible light. There is a two-dimensional code, which may be encrypted but also can possibly be copied. Hence, we envisage an information medium that cannot possibly be copied and thereby offers high security. At the surface, the normal two-dimensional code is printed. The inner layers consist of two-dimensional codes printed using a variety of materials, which absorb certain distinct wavelengths, to form a multilayered two-dimensional code. Information can be distributed among the two-dimensional codes forming the inner layers of the multiplex.

    DOI: 10.1109/ISPA.2012.113

  • Information hiding in subcells of a two-dimensional code

    Nobuyuki Teraura, Kouichi Sakurai

    1st IEEE Global Conference on Consumer Electronics, GCCE 2012 1st IEEE Global Conference on Consumer Electronics 2012, GCCE 2012   652 - 656   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this paper, we present a method for hiding information in a conventional two-dimensional (2D) code that maintains backward compatibility with conventional 2D code readers. This is achieved by segmenting each cell into subcells that store confidential information.

    DOI: 10.1109/GCCE.2012.6379943

  • Efficient parallel evaluation of multivariate quadratic polynomials on GPUs

    Satoshi Tanaka, Tung Chou, Bo Yin Yang, Chen Mou Cheng, Kouichi Sakurai

    13th International Workshop on Information Security Applications, WISA 2012 Information Security Applications - 13th International Workshop, WISA 2012, Revised Selected Papers   7690 LNCS   28 - 42   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    QUAD is a provably secure stream cipher, whose security is based on the hardness assumption of solving multivariate quadratic polynomial systems over a finite field, which is known to be NP-complete. However, such provable security comes at a price, and QUAD is slower than most other stream ciphers that do not have security proofs. In this paper, we discuss two efficient parallelization techniques for evaluating multivariate quadratic polynomial systems on GPU, which can effectively accelerate the QUAD stream cipher. The first approach focuses on formula of summations in quadratics, while the second approach uses parallel reduction to summations. Our approaches can be easily generalized and applied to other multivariate cryptosystems.

  • Efficient implementation of evaluating multivariate quadratic system with GPUs

    Satoshi Tanaka, Takashi Nishide, Kouichi Sakurai

    6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012 Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012   660 - 664   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    QUAD stream cipher uses multivariate polynomial systems. It has provable security based on the computational hardness assumption. More specifically, the security of QUAD depends on hardness of solving non-linear multivariate system us over a finite field, and it is known as an NP-Hard problem. However, QUAD is slower than other stream ciphers, and an efficient implementation, which has a reduced computational cost is required. In this paper, we propose an efficient implementation of computing multivariate polynomial systems for multivariate cryptography on GPU and evaluate efficiency of the proposal. GPU is considered to be a commodity parallel arithmetic unit. Moreover, we give an evaluation of our proposal. Our proposal parallelizes an algorithm of multivariate cryptography, and makes it efficient by optimizing the algorithm with GPU.

    DOI: 10.1109/IMIS.2012.139

  • Differential fault analysis of full lblock

    Liang Zhao, Takashi Nishide, Kouichi Sakurai

    3rd International Workshop, Constructive Side-Channel Analysis and Secure Design, COSADE 2012 Constructive Side-Channel Analysis and Secure Design - Third International Workshop, COSADE 2012, Proceedings   7275 LNCS   135 - 150   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    LBlock is a 64-bit lightweight block cipher which can be implemented in both hardware environments and software platforms. It was designed by Wu and Zhang, and published at ACNS2011. In this paper, we explore the strength of LBlock against the differential fault analysis (DFA). As far as we know, this is the first time the DFA attack is used to analyze LBlock. Our DFA attack adopts the random bit fault model. When the fault is injected at the end of the round from the 25 th round to the 31 st round, the DFA attack is used to reveal the last three round subkeys (i.e., K 32, K 31 and K 30) by analyzing the active S-box of which the input and output differences can be obtained from the right and faulty ciphertexts (C, C̃). Then, the master key can be recovered based on the analysis of the key scheduling. Specially, for the condition that the fault is injected at the end of the 25 th and 26 th round, we show that the active S-box can be distinguished from the false active S-box by analyzing the nonzero differences from the pair of ciphertexts (C, C̃). The false active S-box which we define implies that the nonzero input difference does not correspond to the right output difference. Moreover, as the LBlock can achieve the best diffusion in eight rounds, there can exist the countermeasures that protect the first and last eight rounds. This countermeasure raises a question whether provoking a fault at the former round of LBlock can reveal the round subkey. Our current work also gives an answer to the question that the DFA attack can be used to reveal the round subkey when the fault is injected into the 24 th round. If the fault model used in this analysis is a semi-random bit model, the round subkey can be revealed directly. Specially, the semi-random bit model corresponds to an adversary who could know the corrupted 4 bits at the chosen round but not know the exact bit in these 4 bits. Finally, the data complexity analysis and simulations show the number of necessary faults for revealing the master key.

    DOI: 10.1007/978-3-642-29912-4_11

  • Communication-efficient anonymous routing protocol for wireless sensor networks using single path tree topology

    Shogo Nakamura, Yoshiaki Hori, Kouichi Sakurai

    26th IEEE International Conference on Advanced Information Networking and Applications Workshops, WAINA 2012 Proceedings - 26th IEEE International Conference on Advanced Information Networking and Applications Workshops, WAINA 2012   766 - 771   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In recent years, there are anonymous routing protocols for mobile ad-hoc networks. These protocols provide anonymous communication between an arbitrary pair of nodes. However, there are also some multipoint-to-point sensor networks. In those environments, we have to consider all routes not between an arbitrary pair of sensor nodes but between an arbitrary one sender node and a specific destination node. These existing protocols consider to only security, so nodes may not be able to work efficiency in those environments. In this paper, we propose a new anonymous routing protocol for such multipoint-to-point sensor networks based on efficient routing protocols and existing anonymous routing mechanisms. Moreover, we evidence superiority of our proposal by comparing the amount of information for anonymous routing and a time for route establishment with that of existing protocols. We show that our protocol can establish the anonymous route faster than existing ones and reduce the information for routing from existing ones.

    DOI: 10.1109/WAINA.2012.175

  • Collaborative behavior visualization and its detection by observing darknet traffic

    Satoru Akimoto, Yoshiaki Hori, Kouichi Sakurai

    4th International Symposium on Cyberspace Safety and Security, CSS 2012 Cyberspace Safety and Security - 4th International Symposium, CSS 2012, Proceedings   7672 LNCS   212 - 226   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Recently, we have a problem about an attack generated by a botnet which consists of a group of compromised computers called bots. An attacker called botmaster controls it and a botnet invokes an attack such as scanning and DDoS attack. In this paper, we use the 3D-visualization to investigate the change of attack according to the darknet traffic. As a result, we discover the attack in which several source IP addresses transmit packets to a single destination within a short period of time. In addition, we find that the packet size and the destination port number are identical on its attack. Furthermore, we propose the method to detect this attack called behavior of collaborative attack. In our proposal, we focus on the number of source IP addresses which transmit packets to the single destination. We detected this packet and the rate of packet with the same packet size and destination port number occupied about 90% of the set unit of extracted packet.

    DOI: 10.1007/978-3-642-35362-8_17

  • Barrier A lightweight hypervisor for protecting kernel integrity via memory isolation

    Jingyu Hua, Kouichi Sakurai

    27th Annual ACM Symposium on Applied Computing, SAC 2012 27th Annual ACM Symposium on Applied Computing, SAC 2012   1470 - 1477   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In the present operating systems such as Linux, all the kernel modules, including unknown extensions, run in the same address space. They are granted the highest privilege and can access arbitrary memory without any limitation. This is at the root of kernel rootkits, which are malware seriously threatening the kernel integrity. In this paper, we present Barrier, a lightweight hypervisor designed for enhancing the kernel integrity of personal computers by isolating the kernel modules. Since this hypervisor is designed for the OS protection on PCs, it does not implement unnecessary virtualization features that are commonly found on the general-purpose hypervisors to support running multiple OS instances concurrently on the same server. As a result, it is much smaller and also much easier to use, especially for unprofessional users. Barrier leverages the hardware-supported memory virtualization to isolate the kernel modules into different address spaces. All the interactions across address spaces have to go through a strict mediation based on some predefined MAC rules. This greatly increases the attacker's hardness to compromise the kernel integrity. We have implemented a prototype of Barrier. The evaluation results show that Barrier can well protect the kernel integrity without bringing unaffordable performance overheads.

    DOI: 10.1145/2245276.2232011

  • Application of scalar multiplication of edwards curves to pairing-based cryptography

    Takanori Yasuda, Tsuyoshi Takagi, Kouichi Sakurai

    7th International Workshop on Security, IWSEC 2012 Advances in Information and Computer Security - 7th International Workshop on Security, IWSEC 2012, Proceedings   7631 LNCS   19 - 36   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Edwards curves have efficient scalar multiplication algorithms, and their application to pairing-based cryptography has been studied. In particular, if a pairing-friendly curve used in a pairing-based protocol is isomorphic to an Edwards curve, all the scalar multiplication appearing in the protocol can be computed efficiently. In this paper, we extend this idea to pairing-friendly curves not isomorphic but isogenous to Edwards curves, and add to pairing-friendly curves to which Edwards curves can be applied. Above all, pairing-friendly curves with smaller ρ-values provide more efficient pairing computation. Therefore, we investigate whether pairing-friendly curves with the minimal ρ-values are isogenous to Edwards curves for embedding degree up to 50. Based on the investigation, we present parameters of pairing-friendly curves with 160-bit and 256-bit security level at embedding degree 16 and 24, respectively. These curves have the minimal ρ-values and are not isomorphic but isogenous to Edwards curves, and thus our proposed method is effective for these curves.

    DOI: 10.1007/978-3-642-34117-5-2

  • Analytic hierarchy process aided key management schemes evaluation in wireless sensor network 査読

    Ruan Na, Yizhi Ren, Yoshiaki Hori, Kouichi Sakurai

    Journal of Networks   7 ( 1 )   88 - 100   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Wireless sensor networks (WSNs) have been widely used in various applications. Since their sensor nodes are resource-constrained and their security primitives need to store a set of security credentials to share a secure channel, key management is one of the most challenging issues in the design of WSN. Currently, various efficient lightweight key management schemes (KMs) have been proposed to enable encryption and authentication in WSN for different application scenarios. According to different requirements, it is important to select the trustworthy key management schemes in a WSN for setting up a fully trusted WSN mechanism. In this context, adaptive methods are required to evaluate those schemes. In this paper, we exploit Analytic Hierarchy Process (AHP) to help with the complex decision. Specifically, we consider the following performance criteria: scalability, key connectivity, resilience, storage overhead, processing overhead and communication overhead. Two case studies are added for verifying our proposal. Via the two case studies, it is verified that our method is able to help selecting a suitable scheme for given requirements.

    DOI: 10.4304/jnw.7.1.88-100

  • Analysis and improvement of privacy-preserving frequent item protocol for accountable computation framework

    Chunhua Su, Guilin Wang, Kouichi Sakurai

    11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012   1012 - 1017   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Nowadays, data collection and processing becomes ubiquitous in social and business areas, especially in Internet of Things. However, sensitive information leakage is a critical issue. To solve problem, privacy-preserving techniques are strongly needed. Jiang {\em et al.} proposed a protocol of finding frequent item in accountable computing (AC) framework which enables two parties to conduct collaborative computation on their transactional databases to find out the common frequent items without disclosing their private data to the other party. Their scheme was proposed in a secure two-party computation model against malicious adversaries. In this paper, we analyze the implementation details of AC-framework and identify some security weaknesses in their scheme. Furthermore, we clarify the security requirements for the AC-framework and present an augmented solution to enhance security.

    DOI: 10.1109/TrustCom.2012.87

  • An image splicing detection based on interpolation analysis

    Rimba W. Ciptasari, Kyung Hyune Rhee, Kouichi Sakurai

    13th Pacific-Rim Conference on Multimedia, PCM 2012 Advances in Multimedia Information Processing, PCM 2012 - 13th Pacific-Rim Conference on Multimedia, Proceedings   7674 LNCS   390 - 401   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    With the advent of low-cost and high-resolution digital cameras and sophisticated editing software, it is becoming increasingly easier to tamper with the digital image. A common form of manipulation is to combine parts of the image fragment into another different image to remove objects from the image. Inspired by the digital image correlation concept, we exploit the peak of cross-correlation function to automatically detect the splicing artifacts in any fragment of an image. We show the efficacy of the proposed scheme on revealing the source of spliced regions. We make the first concrete technique towards appropriate tools which are necessary for rendering digital forgeries.

    DOI: 10.1007/978-3-642-34778-8_36

  • A method for embedding secret key information in RSA public key and its application

    Motoki Kitahara, Takashi Nishide, Kouichi Sakurai

    6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012 Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012   665 - 670   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In public key encryption, we need to be able to verify the certificate from a certificate authority to prevent impersonation. In this paper, we propose an encryption system in which we can verify a public key without the certificate. We can realize our encryption system without a impersonation nor a key escrow problem.

    DOI: 10.1109/IMIS.2012.123

  • A differential game approach to mitigating primary user emulation attacks in cognitive radio networks

    Dong Hao, Kouichi Sakurai

    26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012 Proceedings - 26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012   495 - 502   2012年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In cognitive radio networks, primary user emulation (PUE) attack is a denial-of-service (DoS) attack on secondary users. It means that a malicious attacker sends primary-user-like signals to jam certain spectrum channels during the spectrum sensing period. Sensing the attacker's signal, the legitimate secondary user will regard these channels are used by the primary users, and give up using these attacked channels. In this paper, the interaction between the PUE attacker and the secondary user is modeled as a constant sum differential game which is called PUE attak game. The secondary user's objective is to find the optimal sensing strategy so as to maximize its overall channel usability, while the attacker's objective is to minimize the secondary user's overall channel usability. The Nash equilibrium solution of this PUE attack game is deprived, and the optimal anti-PUE attack strategy is obtained. Numerical results demonstrate the trajectories of the secondary user's optimal channel sensing strategies over time, and also shows that: by following the differential game solution, the secondary user can always optimize its channel usability when confronting PUE attacks.

    DOI: 10.1109/AINA.2012.84

  • A security analysis of uniformly-layered rainbow Revisiting Sato-Araki's non-commutative approach to Ong-Schnorr-Shamir signature towards postquantum paradigm

    Takanori Yasuda, Kouichi Sakurai

    4th International Workshop on Post-Quantum Cryptography, PQCrypto 2011 Post-Quantum Cryptography - 4th International Workshop, PQCrypto 2011, Proceedings   7071 LNCS   275 - 294   2011年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In 1984, Ong, Schnorr and Shamir proposed an efficient signature scheme (OSS signature scheme) using a bivariate quadratic equation. Its security was believed to be based on the difficulty of integer factorization. However, an efficient attack without integer factorization was subsequently found. In 2008, Hashimoto and Sakurai proposed an extended scheme (HS scheme), based on OSS signature scheme that used multivariate and non-commutative ring. HS scheme uses a composite number as a modulus in the same manner as OSS signature scheme. In this paper, we redefine HS scheme in such a way that it deals with not only integers modulo a composite number, but also elements of a finite field. In the case of a finite field, it becomes a scheme in the multivariate public key cryptosystem. In fact, its public key is constructed by a version of Rainbow in which all the components in the parameter are equal. (We call such a Rainbow a uniformly-layered Rainbow.) In particular, our scheme is a candidate for post-quantum cryptography. If a non-commutative ring used in the proposed scheme is chosen by the group ring associated to dihedral group, the speed of the signature generation can be accelerated by about 50% in comparison with the corresponding Rainbow. We analyze the security of the extended HS scheme against some attacks and conclude that if its base field is GF(256), then the dimension of a non-commutative ring must be more than 10 in order to be secure.

    DOI: 10.1007/978-3-642-25405-5_18

  • Towards countermeasure of insider threat in network security

    Yoshiaki Hori, Takashi Nishide, Kouichi Sakurai

    3rd IEEE International Conference on Intelligent Networking and CollaborativeSystems, INCoS 2011 Proceedings - 3rd IEEE International Conference on Intelligent Networking and Collaborative Systems, INCoS 2011   634 - 636   2011年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    We discuss countermeasure against insider threats in network security aspect. In the context of countermeasure against insider threats, there is no perimeter for access control in a network and a traditional process by using a firewall on a perimeter are not suitable. We show a mechanism of countermeasure against insider threats in network security for countermeasure technically and legally.

    DOI: 10.1109/INCoS.2011.156

  • Security of offline anonymous electronic cash systems against insider attacks by untrusted authorities revisited

    Takashi Nishide, Kouichi Sakurai

    3rd IEEE International Conference on Intelligent Networking and CollaborativeSystems, INCoS 2011 Proceedings - 3rd IEEE International Conference on Intelligent Networking and Collaborative Systems, INCoS 2011   656 - 661   2011年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In the design of electronic cash systems, we usually focus on preventing customers' malicious behaviors. However, since authorities such as banks and certificate authorities may have important secret data of customers, the insider attacks by the untrusted authorities also need to be handled carefully. Miyazaki and Sakurai [1] first evaluated security of offline anonymous electronic cash systems against the insider attacks by untrusted authorities. They analyzed the security of the existing electronic cash systems and categorized the systems into four types. In this paper, we reconsider the security of offline anonymous electronic cash systems including more recent systems based on the classification of Miyazaki and Sakurai.

    DOI: 10.1109/INCoS.2011.146

  • Realizing proxy re-encryption in the symmetric world

    Amril Syalim, Takashi Nishide, Kouichi Sakurai

    International Conference on Informatics Engineering and Information Science, ICIEIS 2011 Informatics Engineering and Information Science - International Conference, ICIEIS 2011, Proceeding   251 CCIS   259 - 274   2011年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Proxy re-encryption is a useful concept and many proxy re-encryption schemes have been proposed in the asymmetric encryption setting. In the asymmetric encryption setting, proxy re-encryption can be beautifully implemented because many operations are available to directly transform a cipher to another cipher without the proxy needs to access the plaintexts. However, in many situations, for a better performance, the data is encrypted using symmetric ciphers. Most symmetric ciphers do not support proxy cryptography because of malleability (that is needed to implement the proxy re-encryption) is not a desired property in a secure encryption scheme. In this paper, we suggest an idea to implement a pure proxy re-encryption for the symmetric ciphers by first transforming the plaintext into a random sequence of blocks using an All or nothing transform (AONT). We show an example of the proxy re-encryption scheme using a weak encryption (i.e. simple permutation) that has a simple conversion function to convert a permutation to another. The encryption scheme exploits three characteristics of an AONT transformation: (1) the output of an AONT is a pseudorandom, (2) the output of an AONT cannot be transformed back if any parts is missing, and (3) the output of an AONT cannot be transformed back without having all blocks with correct position. We show security argument of the proposed scheme and its performance evaluation.

    DOI: 10.1007/978-3-642-25327-0_23

  • Proactive blacklisting for malicious web sites by reputation evaluation based on domain and IP address registration

    Yoshiro Fukushima, Yoshiaki Hori, Kouichi Sakurai

    10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on Frontier of Computer Science and Technology, FCST 2011 Proc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. FCST 2011   352 - 361   2011年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The objective of creating malicious software (i.e., malware), intruding computers and conducting malicious activities is shifted from showing off attacker's computer skills to earning money. Thus, recent attackers take more sophisticated and effective malware infection ways such as malware infection via malicious Web sites as well as the traditional exploitations like worm propagation. The malicious Web sites attempt to compromise machines by drive-by-download attack which redirects users to exploiting sites and install malware compulsorily in their machines by exploiting vulnerabilities of their Web browser or plugins. As a countermeasure for these malicious Web sites, blacklisting URLs or domains of them is significant. However, attackers tend to change the URLs or domains in a short period to avoid the blacklist. Thus, a blacklisting scheme which can filter even unknown malicious Web sites is critical. In this paper, we first analyze characteristics of malicious Web sites by their domain information such as AS (Autonomous System), IP address block, IP address, domain, and registrar. Second, we evaluate reputations of IP address blocks and registrars used by attackers. Then, we propose a blacklisting scheme constructed of the combination of IP address block and registrars with low reputation, that is, intensively used by attackers. From our experimental results, the Web sites with the same combination with low reputation appeared over long period, which indicates that our proposed blacklist has a certain capability of filtering unknown malicious Web sites.

    DOI: 10.1109/TrustCom.2011.46

  • General fault attacks on multivariate public key cryptosystems

    Yasufumi Hashimoto, Tsuyoshi Takagi, Kouichi Sakurai

    4th International Workshop on Post-Quantum Cryptography, PQCrypto 2011 Post-Quantum Cryptography - 4th International Workshop, PQCrypto 2011, Proceedings   7071 LNCS   1 - 18   2011年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The multivariate public key cryptosystem (MPKC), which is based on the problem of solving a set of multivariate systems of quadratic equations over a finite field, is expected to be secure against quantum attacks. Although there are several existing schemes in MPKC that survived known attacks and are much faster than RSA and ECC, there have been few discussions on security against physical attacks, aside from the work of Okeya et al. (2005) on side-channel attacks against Sflash. In this study, we describe general fault attacks on MPKCs including Big Field type (e.g. Matsumoto-Imai, HFE and Sflash) and Stepwise Triangular System (STS) type (e.g. UOV, Rainbow and TTM/TTS). For both types, recovering (parts of) the secret keys S,T with our fault attacks becomes more efficient than doing without them. Especially, on the Big Field type, only single fault is sufficient to recover the secret keys.

    DOI: 10.1007/978-3-642-25405-5_1

  • A game theory-based surveillance mechanism against suspicious insiders in MANETs (work-in-progress)

    Dong Hao, Yizhi Ren, Kouichi Sakurai

    2nd International Conference on Trusted Systems, INTRUST 2010 Trusted Systems - Second International Conference, INTRUST 2010, Revised Selected Papers   6802 LNCS   237 - 252   2011年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    One of the most challenging issues in Mobile Ad-Hoc Network (MANET) is that the insiders are untrustworthy in packet forwarding stage. All the nodes which loss data-packets over a preset threshold can be generalized as Suspicious Insiders. To intimidate these suspicious insiders and reduce packet dropping, surveillance is the most direct and easiest method. In this paper, we propose a novel surveillance mechanism to monitor the packet dropping of suspicious insiders. On one hand, our work provides the monitor with optimal strategies which will maximize its long term utility; On the other hand, our work presents an on-demand monitoring scheme which will balance the tradeoff between security and resource consumption. First, we utilize a reputation scheme to distinguish suspicious insiders from legitimate members, and quantify the threat level of the suspicious insiders. Then taking into consideration security and resource consumption, we utilize game theory to analyze the interaction between monitor and suspicious insider. Finally, optimal mixed-strategy is computed to identify the best way for the monitor to respond to the suspicious insider.

    DOI: 10.1007/978-3-642-25283-9_16

  • Design and implementation of document access control model based on role and security policy

    Liangjian Mao, Shuzhen Yao, Kai Zhang, Kouichi Sakurai

    2nd International Conference on Trusted Systems, INTRUST 2010 Trusted Systems - Second International Conference, INTRUST 2010, Revised Selected Papers   6802 LNCS   26 - 36   2011年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    To design a method of document access control with flexibility, generality and fine-granularity, we establish a document access control model, which is an abstract description for general scene of document access. Security policies are presented to describe security constraints, so as to meet security requirements of this model. In order to demonstrate the theories and strategies more intuitively, we design a prototype system of document access control based on XACML-RBAC framework to verify the validity of model and algorithms and the feasibility of mechanism. It realizes the authorization protection of the standard OFFICE documents.

    DOI: 10.1007/978-3-642-25283-9_2

  • Enhancing SVO logic for mobile IPv6 security protocols 査読

    Ilsun You, Yoshiaki Hori, Kouichi Sakurai

    Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications   2 ( 3 )   26 - 52   2011年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In order to protect Mobile Internet Protocol Version 6 (MIPv6), considerable researches have been made, consequently followed by various security protocols, which are based on public key cryptography. Especially, depending on a proper address based public key method, these protocols use each node's address as a public key certificate to authenticate its public key because no global public key infrastructure is available in MIPv6 environments. In addition, they execute an appropriate address test to check if a node exists at its claimed address. With such security features, the protocols prevent critical attacks including redirect, man-in-the middle, and denial of service ones. On the other hand, it is clearly of paramount importance to formally evaluate the MIPv6 security protocols to design them without flaws. Unfortunately, there is lack of the formal verification method to precisely reason about their correctness while considering their unique security properties to our best knowledge. In this paper, we propose an extended SVO logic for the thorough verification of the MIPv6 security protocols. Then, we show its effectiveness by applying the proposed logic to four security protocols.

  • Using game theory to classify wireless Ad Hoc network attacks with analysis on countermeasures 査読

    Xiaojuan Liao, Dong Hao, Kouichi Sakurai

    International Journal of Advancements in Computing Technology   3 ( 8 )   296 - 303   2011年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Game theory has been receiving immense concern to deal with attacks in wireless ad hoc networks, which are widely employed in a large range of applications but vulnerable to various attacks. Previous works provided readers with comprehensive understanding of game theoretic solutions on cyber security problems. However, they neglect the relationship between attack characteristics and the corresponding game features. In this paper, we study the application of game theory on attacks in wireless ad hoc networks. Specifically, we present a classification which associates attack characteristics with types of game players and then examine the relationship between attack scenarios and types of corresponding game models. By illustrating the different players and game types in a variety of game theoretic approaches, we provide a comprehensive view on game based solutions to attacks in wireless ad hoc networks.

    DOI: 10.4156/ijact.vol3.issue8.35

  • Traceback framework against botmaster by sharing network communication pattern information

    Seiichiro Mizoguchi, Keisuke Takemori, Yutaka Miyake, Yoshiaki Hori, Kouichi Sakurai

    2011 5th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2011 Proceedings - 2011 5th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2011   639 - 644   2011年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In order to exterminate a botnet, we have to trace a botnet and arrest its botmaster. In this paper, we make a model of communication pattern of a C&C server that sends/receives packets to/from the botmaster. Then we discuss how botmaster trace back can be achieved. We describe which communication patterns we should focus on to find the botmaster or upper C&C servers. Furthermore, we propose a framework for botmaster trace back. In this framework, owners of servers which become to C&C server will collaborate and share the communication patterns for trace back. To do this, we propose the information sharing using communication pattern monitoring tools with the servers.

    DOI: 10.1109/IMIS.2011.152

  • Towards optimal revocation and tracing schemes - The power of the ternary tree

    Kazuhide Fukushima, Shinsaku Kiyomoto, Yutaka Miyake, Kouichi Sakurai

    International Conference on Security and Cryptography, SECRYPT 2011 SECRYPT 2011 - Proceedings of the International Conference on Security and Cryptography   37 - 49   2011年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Digital content distribution services require that 1) only valid user devices that has a valid key can decrypt the broadcasting content, 2) the keys can no longer be used to decrypt the content, if keys in a device are revealed, and 3) invalid users who illegally use keys in a device can be identified. This paper proposes a broadcast encryption scheme with traitor tracing based on the ternary tree structure. We design a new cover-finding algorithm and label assignment algorithm in order to achieve a coalition-resistant revocation and tracing schemes. In our scheme, the number of labels stored in a client device can be reduced by about 20.4 percent and the average header length by up to 15.0 percent in the case where the total number of devices is 65,536. The efficiency of the traitor tracing is the same as the complete subtree method, and its computational cost imposed on a client device stays within O(logn). Our scheme is an improvement of the complete subtree and difference subset methods.

  • Securing location-aware services based on online/offline signatures in VANETs

    Chul Sur, Youngho Park, Takashi Nishide, Kouichi Sakurai, Kyung Hyune Rhee

    IFIP WG 8.4/8.9 International Cross Domain Conference and Workshop on Availability, Reliability and Security for Business, Enterprise and Health Information Systems, ARES 2011 Availability, Reliability and Security for Business, Enterprise and Health Information Systems - IFIP WG 8.4/8.9 International Cross Domain Conference and Workshop, ARES 2011, Proceedings   271 - 285   2011年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this paper, we propose a novel privacy-preserving location assurance protocol for secure location-aware services over vehicular ad hoc networks (VANETs). In particular, we introduce the notion of location-aware credentials based on "hash-sign-switch" paradigm so as to guarantee the trustworthiness of location in location-aware services while providing conditional privacy preservation which is a desirable property for secure vehicular communications. Furthermore, the proposed protocol provides efficient procedures that alleviate a burden of computation for location-aware signature generation and verification on vehicles in VANETs. In order to achieve these goals, we consider online/offline signature scheme and identity-based aggregate signature scheme as our building blocks. Finally, we demonstrate experimental results to confirm the efficiency and effectiveness of the proposed protocol.

    DOI: 10.1007/978-3-642-23300-5_21

  • A SMS-based mobile botnet using flooding algorithm

    Jingyu Hua, Kouichi Sakurai

    5th Workshop in Information Security Theory and Practice, WISTP 2011 Information Security Theory and Practice Security and Privacy of Mobile Devices in Wireless Communication - 5th IFIP WG 11.2 International Workshop, WISTP 2011, Proceedings   264 - 279   2011年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    As a lot of sophisticated duties are being migrated to mobile phones, they are gradually becoming hot targets of hackers. Actually, during the past few years, It has appeared many malware targeting mobile phones and the situation is getting worse. Under this circumstance, we may ask a serious question: whether can those infected phones be organized to a botnet? In this paper, we present a design of such a botnet using Short Message Service (SMS) as its Command and Control (C&C) medium. We cover all the aspects of the botnet design including the stealthiness protection, the topology selecting and the botnet maintaining. Our simulations show that in our proposed SMS-based botnet a newly issued C&C message can be covertly propagated to over 90% of the total 20000 bots within 20 minutes based on a simple flooding algorithm. Moreover, in this process each bot sends no more than four SMS messages and the botnet is robust to both random and selective node failures. Thereby, we demonstrate that the proposed mobile botnet is indeed a serious threat on the security of the mobile computing environment. For this reason, we further explore several effective defense strategies against such a botnet. In doing so, we hope to be one step ahead of the hackers to discover and prevent this upcoming threat.

    DOI: 10.1007/978-3-642-21040-2_19

  • A resource minimizing scheduling algorithm with ensuring the deadline and reliability in heterogeneous systems

    Laiping Zhao, Yizhi Ren, Kouichi Sakurai

    25th IEEE International Conference on Advanced Information Networking and Applications, AINA 2011 Proceedings - 25th IEEE International Conference on Advanced Information Networking and Applications, AINA 2011   275 - 282   2011年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The distributed system made the large-scale scientific computing possible in a cost effective way. And the hardware resources in such systems are also getting much cheaper than years before. However, the problem of executing the job using minimum resources is still reasonable and important, especially for the cloud environment, who has to save energy and control cost. Unfortunately, only a few existing scheduling algorithms have taken into account the resource usage issue. In this study, with considering the realistic network topology and communication model, we firstly propose the Deadline, Reliability, Resources-aware (DRR) scheduling algorithm. The theory analysis fully demonstrate that, the output schedule of our algorithm can satisfy the user's requirement on reliability and deadline. Through the experiments, with setting the deadline less than the makespan of the MaxRe algorithm's output schedule, we find that our algorithm can complete the job under this deadline. Besides, our algorithm can save almost 50% computation resources and 70% communication resources than FTSA(bl) and FTSA(tl+bl) [3] algorithms.

    DOI: 10.1109/AINA.2011.87

  • Integrity for the In-flight web page based on a fragile watermarking chain scheme

    Peng Gao, Takashi Nishide, Yoshiaki Hori, Kouichi Sakurai

    5th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2011 Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2011   2011年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In recent years, it has been found that middle modifications and attacks widely exist when web pages are transferred from a web server to a user via HTTP. And the reason is that HTTP does not guarantee the integrity of network traffic. This paper presents a protocol which enforces integrity protection in web page against the so called In-flight page change by using a novel fragile watermarking chain scheme. The protocol not only can have a better performance than HTTPS by supporting the web cache technology, but also save the communication bandwidth and storage space of the web server. Furthermore, it can locate the unauthorized modification of HTML code more precisely than existing solutions.

    DOI: 10.1145/1968613.1968715

  • Realizing fine-grained and flexible access control to outsourced data with attribute-based cryptosystems

    Fangming Zhao, Takashi Nishide, Kouichi Sakurai

    7th International Conference on Information Security Practice and Experience, ISPEC 2011 Information Security Practice and Experience - 7th International Conference, ISPEC 2011, Proceedings   6672 LNCS   83 - 97   2011年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    We consider the problem of constructing a secure cloud storage service to which users outsource sensitive data for sharing with others where, in particular, the service provider is not completely trusted by the customer. Cloud storage service denotes an architectural shift toward thin clients and conveniently centralized provision of both computing and storage resources. When utilizing cloud storage for secure data sharing, one of the main motivating problems of this architecture is providing thin clients with both strong data confidentiality and flexible fine-grained access control without imposing additional cost on them (clients). To achieve this goal, we propose a novel data sharing protocol by combining and exploiting two of the latest attribute based cryptographic techniques, attribute-based encryption (ABE) and attribute-based signature (ABS). Furthermore, we also give a detailed comparison of our scheme with several latest existing schemes.

    DOI: 10.1007/978-3-642-21031-0_7

  • Guest editorial Addressing insider threats and information leakage 査読

    Christian W. Probst, Ilsun You, Dongwan Shin, Kouichi Sakurai

    Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications   2 ( 1 )   1 - 3   2011年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Towards formal analysis of wireless LAN security with MIS protocol 査読

    Ilsun You, Yoshiaki Hori, Kouichi Sakurai

    International Journal of Ad Hoc and Ubiquitous Computing   7 ( 2 )   112 - 120   2011年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In 2004, the MIS and MISAUTH protocols (shortly MISP) were proposed for secure and fast connection in Wireless LAN (WLAN). Since then, several studies were conducted to evaluate MISP. However, because of the lack of formal security analysis, the security measures provided by them cannot be trusted to be precise and reasonable. Motivated by this, we formally analyse MISP based on both BAN-logic and the Automated Validation of Internet Security Protocols and Applications (AVISPAS) tool. This analysis clearly shows that MISP suffers from weak Session Key (SK) while being vulnerable to Denial of Service (DoS) attack. We discuss these weaknesses and related attacks in detail, and also provide considerable comments for implementation of MISP. © 2011 Inderscience Enterprises Ltd.

    DOI: 10.1504/IJAHUC.2011.038997

  • Towards formal analysis of wireless LAN security with MIS protocol 査読

    Ilsun You, Yoshiaki Hori, Kouichi Sakurai

    International Journal of Ad Hoc and Ubiquitous Computing   7 ( 2 )   112 - 120   2011年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In 2004, the MIS and MISAUTH protocols (shortly MISP) were proposed for secure and fast connection in Wireless LAN (WLAN). Since then, several studies were conducted to evaluate MISP. However, because of the lack of formal security analysis, the security measures provided by them cannot be trusted to be precise and reasonable. Motivated by this, we formally analyse MISP based on both BAN-logic and the Automated Validation of Internet Security Protocols and Applications (AVISPAS) tool. This analysis clearly shows that MISP suffers from weak Session Key (SK) while being vulnerable to Denial of Service (DoS) attack. We discuss these weaknesses and related attacks in detail, and also provide considerable comments for implementation of MISP.

    DOI: 10.1504/IJAHUC.2011.038997

  • FineTrust: a fine-grained trust model for peer-to-peer networks 査読 国際誌

    Yizhi Ren, MingChu Li, Kouichi Sakurai

    Security and Communication Networks 4(1): 61-69 (2011)   Vol.4 ( No.1 )   2011年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Enhancing MISP with fast mobile IPv6 security 査読

    Ilsun You, Jong Hyouk Lee, Yoshiaki Hori, Kouichi Sakurai

    Mobile Information Systems   7 ( 3 )   271 - 283   2011年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The Mobile Broadband Association has developed the MIS and MISAUTH protocols as link-layer fast authentication protocols. A combination of MIS and MISAUTH protocols, called as MISP, provides secure and fast connection for a wireless access network, but it has been reported that MISP creates a weak session key and suffers from a denial-of-service attack. In addition, a transaction with an authentication server that is required for every authentication is considered as a delay factor during handovers. In this paper, we present an improvement of MISP that utilizes the fast handover approach of Fast Mobile IPv6 and minimizes an involvement of the authentication server while eliminating identified security drawbacks of MISP. The formal security analysis is performed to verify the correctness of the proposed scheme. Moreover, the handover performance of the proposed scheme is compared with an existing scheme.

    DOI: 10.3233/MIS-2011-0121

  • Efficient context-sensitive intrusion detection based on state transition table 査読

    Jingyu Hua, Mingchu Li, Yizhi Ren, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E94-A ( 1 )   255 - 264   2011年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Those host-based intrusion detection models like VPStatic first construct a model of acceptable behaviors for each monitored program via static analysis, and then perform intrusion detection by comparing them with programs' runtime behaviors. These models usually share the highly desirable feature that they do not produce false alarms but face the conflicts between accuracy and efficiency. For instance, the high accuracy of the VP- Static model is at the cost of high space complexity. In this paper, we use a statically-constructed state transition table (SiT), which records expected transitions among system calls as well as their stack states (return address lists), as a behavior model to perform context-sensitive intrusion detection. According to our analysis, our STE model improves the space efficiency of the VPStatic model without decreasing its high precision and time effi ciency. Experiments show that for three test programs, memory uses of our STE models are all much less than half of the VPStatic models'. Thereby, we alleviate the conflicts between the accuracy and the efficiency.

    DOI: 10.1587/transfun.E94.A.255

  • Distributed Paillier Cryptosystem without Trusted Dealer

    Takashi Nishide, Kouichi Sakurai

    11th International Workshop on Information Security Applications, WISA 2010 Information Security Applications - 11th International Workshop, WISA 2010, Revised Selected Papers   44 - 60   2011年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    We propose a distributed key generation protocol for the threshold Paillier cryptosystem. Often in the multiparty computation based on the threshold Paillier cryptosystem, the existence of a trusted dealer is assumed to distribute secret key shares, but it can be a single point of attack, so it is not preferable. Building on the threshold Paillier cryptosystem with a trusted dealer, we show how to eliminate the trusted dealer by robust distributed key generation without using safe primes.

    DOI: 10.1007/978-3-642-17955-6_4

  • Cryptanalysis on an Image Scrambling Encryption Scheme Based on Pixel Bit

    Liang Zhao, Avishek Adhikari, Di Xiao, Kouichi Sakurai

    9th International Workshop on Digital Watermarking, IWDW 2010 Digital Watermarking - 9th International Workshop, IWDW 2010, Revised Selected Papers   45 - 59   2011年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Recently, an image scrambling encryption algorithm which makes use of one-dimensional chaos system for shuffling the pixel bits was proposed in [G.-D. Ye, Pattern Recognition Lett. 31(2010) 347-354]. Through the scrambling algorithm, the pixel locations and values can be encrypted at the same time. This scheme can be thought of as a typical binary image scrambling encryption considering the bit-plain of size (formula presented). In [Li C.Q., Lo K. T., http://arxiv.org/PS_cache/arxiv/pdf/0912/0912.1918v2.pdf], Li et al. proposed an attack using more than ⌈log 2(formula presented)⌉ many known-plaintext images to recover the original plain image with the noise of size M ×N. The same principle is also suitable for the chosen-plaintext attack which can obtain the exact plain image. In the current paper, a simple attack on the original scheme is presented by applying chosen-plaintext images. Using our attack, the encryption vectors (formula presented) and (formula presented) and the decryption vectors TM′ and TN′ can be recovered completely. The experimental simulations on two standard images of size 128 ×128 and 256 ×256 justify our analysis. It is shown that the recovered images are identical with the corresponding original images. For both the original images, the number of chosen-plaintext images required in our scheme is 9, where as to do the same using the scheme proposed in Li et al.’ attack, at least 17 and 19 chosen-plaintext images there will be required respectively. Moreover, the some method can be also used for chosen-ciphertext attack which reveals the decryption vectors TM′ and TN′ directly. Note that our attacks are also successful under iteration system which is remarked in the conclusions.

    DOI: 10.1007/978-3-642-18405-5_5

  • A New Scrambling Evaluation Scheme Based on Spatial Distribution Entropy and Centroid Difference of Bit-Plane

    Liang Zhao, Avishek Adhikari, Kouichi Sakurai

    9th International Workshop on Digital Watermarking, IWDW 2010 Digital Watermarking - 9th International Workshop, IWDW 2010, Revised Selected Papers   29 - 44   2011年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Watermarking is one of the most effective techniques for copyright protection and information hiding. It can be applied in many fields of our society. Nowadays, some image scrambling schemes are used as one part of the watermarking algorithm to enhance the security. Therefore, how to select an image scrambling scheme and what kind of the image scrambling scheme may be used for watermarking are the key problems. Evaluation method of the image scrambling schemes can be seen as a useful test tool for showing the property or flaw of the image scrambling method. In this paper, a new scrambling evaluation system based on spatial distribution entropy and centroid difference of bit-plane is presented to obtain the scrambling degree of image scrambling schemes. Our scheme is illustrated and justified through computer simulations. The experimental results show (in Figs. 6 and 7) that for the general gray-scale image, the evaluation degree of the corresponding cipher image for the first 4 significant bit-planes selection is nearly the same as that for the 8 bit-planes selection. That is why, instead of taking 8 bit-planes of a gray-scale image, it is sufficient to take only the first 4 significant bit-planes for the experiment to find the scrambling degree. This 50% reduction in the computational cost makes our scheme efficient.

    DOI: 10.1007/978-3-642-18405-5_4

  • FineTrust: a fine-grained trust model for peer-to-peer networks 査読 国際誌

    Yizhi Ren, MingChu Li, Kouichi Sakurai

    Security and Communication Networks 4(1): 61-69 (2011)   Vol.4 ( No.1 )   2011年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • A generic evaluation method for key management schemes in wireless sensor network

    Ruan Na, Yizhi Ren, Yoshiaki Hori, Kouichi Sakurai

    5th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2011 Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication, ICUIMC 2011   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Wireless sensor networks (WSN) have been widely used in various applications. Since their sensor nodes are resource-constrained, key management is one of the most challenging issues in design of WSN. Currently, various efficient lightweight key management schemes have been proposed to enable encryption and authentication in WSN for different application scenarios. According to different requirements, it is important to select the trustworthy key management schemes in a WSN for setting up a fully trusted WSN mechanism. In this context, adaptive methods are required to evaluate those schemes. In this paper, we exploit Analytic Hierarchy Process (AHP) to help with the complex decision. Specifically, we consider the following performance criteria: scalability, key connectivity, resilience, storage overhead, processing overhead and communication overhead. Our method is able help choosing a suitable scheme for given requirements.

    DOI: 10.1145/1968613.1968680

  • Welcome message from MIST-2011 international workshop co-chairs 査読

    Ilsun You, Christian W. Probst, Yoshiaki Hori, Kouichi Sakurai

    Quaternary International   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1109/INCoS.2011.171

  • Performance analysis of key management schemes in wireless sensor network using analytic hierarchy process

    Na Ruan, Yizhi Ren, Yoshiaki Hori, Kouichi Sakurai

    10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on Frontier of Computer Science and Technology, FCST 2011 Proc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. FCST 2011   1739 - 1744   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    To achieve security in wireless sensor networks (WSNs), key management is one of the most challenging issues in design of WSN due to resource-constrained sensor nodes. Various key management schemes (KMs) have been proposed to enable encryption and authentication in WSN for different application scenarios. According to different equirements, it is important to select the trustworthy KMs in a WSN for setting up a fully appropriate WSN mechanism. An Analytic Hierarchy Process (AHP)-aided method helping with the complex decision has been presented in our previous work. Our purpose in this paper is to do performance analysis of KMs in WSN using our previous AHP-aided method. We analyze the characters of abundance KMs intuitively. The following five performance criteria are considered: scalability, key connectivity, resilience, storage overhead and communication overhead. As all permutations of five performance criteria include 120 types' situations, experimental analyses on 43 KMs for the optimum selection are presented.

    DOI: 10.1109/TrustCom.2011.243

  • Improvement on secrecy capacity of wireless LAN using matched filter

    Ryuzou Nishi, Kirill Morozov, Yoshiaki Hori, Kouichi Sakurai

    2011 7th International Conference on Mobile Ad-hoc and Sensor Networks, MSN 2011 Proceedings - 2011 7th International Conference on Mobile Ad-hoc and Sensor Networks, MSN 2011   463 - 469   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Wire-tap channel coding allows information-theoretically secure communication between legitimate sender and receiver in presence of an eavesdropper Eve, whose channel is subject to noise. A secrecy capacity for their communication is equal to capacity of the channel connecting them, minus capacity of Eve's channel, when the channels are assumed independent and affected by additive white Gaussian noise. In order to increase the secrecy capacity, we propose to employ a coding scheme using matched filter. The legitimate parties are assumed to share a pre-shared key of the matched filter, secretly from Eve. Hereby, the legitimate parties can use it to increase the capacity of their channel, while Eve cannot. We propose to apply this scheme to indoor wireless communication over IEEE 802.11 wireless LAN, analyze advantages of our construction and discuss an appropriate selection of coding scheme fitting the IEEE 802.11 protocol specification.

    DOI: 10.1109/MSN.2011.40

  • Guest editorial Trusted computing and communications 査読

    Guojun Wang, Laurence T. Yang, Kouichi Sakurai

    Security and Communication Networks   4 ( 1 )   1 - 2   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1002/sec.195

  • FineTrust A fine-grained trust model for peer-to-peer networks 査読

    Yizhi Ren, Mingchu Li, Kouichi Sakurai

    Security and Communication Networks   4 ( 1 )   61 - 69   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Trust research is a key issue in peer-to-peer (P2P) networks. Reputation-based trust models as one of the good solutions to resolve the trust problems in P2P network are received more and more attention in recent years. One of the fundamental challenges is to capture the evolving nature of a trust relationship between peers and reflect the varied bias or preference of peers in a distributed and open environment. In this paper, we present a fine-grained trust computation model for P2P networks. Our model defines the service as a fined-grained quality-of-service (QoS) (N-dimensional vector), and in order to accurate the recommendation trust computing, several concepts are introduced to reflect the recommenders' current status, history behavior, and the gap between these two behaviors. Also, we firstly introduce the Gauss-bar function to measure the preference similarity between peers. All these will result in a flexible model which represents trust in a manner more close to human intuitions and satisfies the diverse QoS requirements of peers in P2P networks. The extensive simulations have confirmed the efficiency of our model.

    DOI: 10.1002/sec.165

  • FCST 2011 Welcome message from the program chairs 査読

    Jianer Chen, Kouichi Sakurai, Cho Li Wang

    Quaternary International   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1109/TrustCom.2011.268

  • Distributed Paillier cryptosystem without trusted dealer

    Takashi Nishide, Kouichi Sakurai

    11th International Workshop on Information Security Applications, WISA 2010 Information Security Applications - 11th International Workshop, WISA 2010, Revised Selected Papers   6513 LNCS   44 - 60   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    We propose a distributed key generation protocol for the threshold Paillier cryptosystem. Often in the multiparty computation based on the threshold Paillier cryptosystem, the existence of a trusted dealer is assumed to distribute secret key shares, but it can be a single point of attack, so it is not preferable. Building on the threshold Paillier cryptosystem with a trusted dealer, we show how to eliminate the trusted dealer by robust distributed key generation without using safe primes.

    DOI: 10.1007/978-3-642-17955-6-4

  • Design and implementation of a forced encryption kernel module

    Jun Furukawa, Akihiro Sakai, Takashi Nishide, Yoshiaki Hori, Kouichi Sakurai

    2011 5th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2011 Proceedings - 2011 5th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2011   607 - 611   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Access control mechanisms such as access control lists (ACLs)are often used against divulging of sensitive information. However, when this is implemented as apart of a kernel, if someone stole the storage media, he can easily avoid the access control mechanisms. To complement the defect of the access control mechanisms, we designed and implemented an LKM that applies forced encryption to the data that is transmitted to an external storage media. Advantages of our LKM-based approach include fast encryption in kernel space, easy activation/deactivation of the functionality and the possibility to easily share encrypted files within an authorized group.

    DOI: 10.1109/IMIS.2011.68

  • Customized program protection for a user customized data protection framework

    Kenichi Takahashi, Takanori Matsuzaki, Tsunenori Mine, Kouichi Sakurai

    2011 IEEE International Conference on Computer Science and Automation Engineering, CSAE 2011 Proceedings - 2011 IEEE International Conference on Computer Science and Automation Engineering, CSAE 2011   1   643 - 649   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Some of Internet services require users to provide their sensitive information such as their name, address, credit card number, and an ID-password pair. In these services, the manner in which the provided information is used is solely determined by the service providers. As a result, even when the manner in which information is used by a service provider appears vulnerable, users have no choice but to allow such usage. Therefore, we have proposed a user customized data protection framework that enables users to select the manner in which their sensitive information is protected. In our framework, a user selects a policy that defines the manner in which his/her information is to be protected and its manner defined by the policy is incorporated into a program. By allowing a service provider to the information provided by a user through the program, the user can protect his/her sensitive information in a manner selected by him/her. This framework works well when existing a manner (protection policy) which is tolerant to the alteration of the program, otherwise, a program alteration might be a concern. Therefore, in this paper, we attempts to protect a customized program by using program obfuscation and sanitizable signature techniques.

    DOI: 10.1109/CSAE.2011.5953301

  • Cryptanalysis on an image scrambling encryption scheme based on pixel bit

    Liang Zhao, Avishek Adhikari, Di Xiao, Kouichi Sakurai

    9th International Workshop on Digital Watermarking, IWDW 2010 Digital Watermarking - 9th International Workshop, IWDW 2010, Revised Selected Papers   6526 LNCS   45 - 59   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Recently, an image scrambling encryption algorithm which makes use of one-dimensional chaos system for shuffling the pixel bits was proposed in [G.-D. Ye, Pattern Recognition Lett. 31(2010) 347-354]. Through the scrambling algorithm, the pixel locations and values can be encrypted at the same time. This scheme can be thought of as a typical binary image scrambling encryption considering the bit-plain of size Mx8. In [Li C.Q., Lo K. T., http://arxiv.org/PS-cache/arxiv/pdf/0912/0912.1918v2.pdf], Li et al. proposed an attack using more than [log2(8MN-1)] many known-plaintext images to recover the original plain image with the noise of size M x N. The same principle is also suitable for the chosen-plaintext attack which can obtain the exact plain image. In the current paper, a simple attack on the original scheme is presented by applying chosen-plaintext images. Using our attack, the encryption vectors TM and TN and the decryption vectors TM′ and TN′ can be recovered completely. The experimental simulations on two standard images of size 128 x 128 and 256 x 256 justify our analysis. It is shown that the recovered images are identical with the corresponding original images. For both the original images, the number of chosen-plaintext images required in our scheme is 9, where as to do the same using the scheme proposed in Li et al.' attack, at least 17 and 19 chosen-plaintext images there will be required respectively. Moreover, the some method can be also used for chosen-ciphertext attack which reveals the decryption vectors TM′ and TN′ directly. Note that our attacks are also successful under iteration system which is remarked in the conclusions.

    DOI: 10.1007/978-3-642-18405-5-5

  • Classification on attacks in wireless ad hoc networks A game theoretic view

    Xiaojuan Liao, Dong Hao, Kouichi Sakurai

    7th International Conference on Networked Computing and Advanced Information Management, NCM 2011 Proceedings - 7th International Conference on Networked Computing and Advanced Information Management, NCM 2011   144 - 149   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Wireless ad hoc network is suitable for a large range of applications but vulnerable to various attacks due to its special characteristics. Despite of the vital importance and ongoing research efforts, the security of wireless ad hoc network remains an open problem. Recently, game theory has been receiving immense concern. It provides rich set of mathematical tools for analyzing attacks and designing corresponding countermeasures. However, game theoretic approaches cannot directly be applicable to all kinds of attacks. In this paper, we present a classification which associates the characteristics of attacks with the applicability of game theory. By illustrating the different players in a variety of game models, we provide a comprehensive view on game based solutions to attacks in wireless ad hoc networks.

  • An efficient key generation method in audio zero-watermarking

    Rimba Whidiana Ciptasari, Aulia Fajar, Fazmah Arif Yulianto, Kouichi Sakurai

    7th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2011 Proceedings - 7th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2011   336 - 339   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    This paper proposes modification of previous audio zero-watermarking, proposed by Chen et. al [1], in terms of its watermark-key generation. We investigate that the size of previous watermark detection key is around two or three times larger than its watermark data. In order to yield an efficient key rather than generating three secret keys, we will exploit data indices, instead of field indices, to store the key. Compared to previous method, our watermark key's size is relatively the same as its watermark data. Despite of having smaller key size, the experiment demonstrates that our scheme has maximum imperceptibility level, indicated by SNR value, and can resist to several non-malicious attacks, such as echo addition, band pass filtering and re-sampling. In addition, we also address the invertibility and quasi-invertibility of our scheme for resolving rightful ownership, and present attack which can cause confusion to rightful claim. We list the objective of attacks, abilities of attacker, and a scenario to evaluate its security. According to the experimental result, our proposed scheme still remains several limitations, regardless of certification authority existence.

    DOI: 10.1109/IIHMSP.2011.63

  • Achieving cooperative detection against Sybil attack in wireless ad hoc networks A game theoretic approach

    Xiaojuan Liao, Dong Hao, Kouichi Sakurai

    17th Asia Pacific Conference on Communications, APCC 2011 17th Asia Pacific Conference on Communications, APCC 2011   806 - 811   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Sybil Attack means one node counterfeits multiple identities. It poses great threats to the routing of wireless ad hoc networks. Many existing solutions employ local detection method to capture misbehavior and then enhance the detection accuracy by information exchange. However, they ignore the rationality of member nodes. To save resource, rational nodes are reluctant to share information, therefore, how to guarantee reliable information exchange becomes a challenge issue. This paper presents a cooperative detection method against Sybil attack. Our method adopts the reputation mechanism which relies on the observation exchange to differentiate Sybil identities from legitimate ones. To promote the observation exchange, we present a cooperative detection game with initial condition, which helps nodes be aware that with which to share the observations can bring the maximum utilities. The theoretical and numerical analysis indicate that only benign and unselfish nodes can be accepted by their rational neighbors while Sybil nodes are excluded from the information exchange.

    DOI: 10.1109/APCC.2011.6152918

  • A study of communication route selection considering route security

    Fumiharu Etoh, Yoshiaki Hori, Kouichi Sakurai

    11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011 Proceedings - 11th IEEE/IPSJ International Symposium on Applications and the Internet, SAINT 2011   360 - 365   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Networks such as the Internet and mobile phone networks are widely used. Existing telecommunication route selection is based on the transmission quality, such as bandwidth, delay, costs, and network obstacles when routing is requested. However, the security level of the selected route has not traditionally been a priority when selecting a route. In this paper, we propose a method of selecting a communication route for secure communications by evaluating the security of the route. For the security evaluation of the route, we define both metrics and measurements. It is possible to evaluate the security level of a route by recognizing how the level changes after measuring certain metrics. Furthermore, we propose metrics and measurement based on the Common Criteria.

    DOI: 10.1109/SAINT.2011.69

  • A robust and compression-combined digital image encryption method based on compressive sensing

    Rong Huang, Kouichi Sakurai

    7th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2011 Proceedings - 7th International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2011   105 - 108   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    This paper proposes a compression-combined digital image encryption method which is robust against consecutive packet loss and malicious shear attack. We utilize the characteristics of compressive sensing, dimensional reduction and random projection, to compress and encrypt a digital image simultaneously. On this basis, block Arnold scrambling is used to permutate the position of measurements. Bit wise XOR operation is executed on the quantized binary bit stream to dissipate the Gaussian distribution property of cipher image. In this paper, one dimensional Logistic mapping is used to generate chaotic sequences, which will be regarded as the parameters of block Arnold transformation and the pseudo-random sequence for XOR operation. Numerical experiments show that the cipher image has following features, robustness, low data volume, incoherence, key sensitivity, and resistance to brute force attack.

    DOI: 10.1109/IIHMSP.2011.53

  • A new scrambling evaluation scheme based on spatial distribution entropy and centroid difference of bit-plane

    Liang Zhao, Avishek Adhikari, Kouichi Sakurai

    9th International Workshop on Digital Watermarking, IWDW 2010 Digital Watermarking - 9th International Workshop, IWDW 2010, Revised Selected Papers   6526 LNCS   29 - 44   2011年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Watermarking is one of the most effective techniques for copyright protection and information hiding. It can be applied in many fields of our society. Nowadays, some image scrambling schemes are used as one part of the watermarking algorithm to enhance the security. Therefore, how to select an image scrambling scheme and what kind of the image scrambling scheme may be used for watermarking are the key problems. Evaluation method of the image scrambling schemes can be seen as a useful test tool for showing the property or flaw of the image scrambling method. In this paper, a new scrambling evaluation system based on spatial distribution entropy and centroid difference of bit-plane is presented to obtain the scrambling degree of image scrambling schemes. Our scheme is illustrated and justified through computer simulations. The experimental results show (in Figs. 6 and 7) that for the general gray-scale image, the evaluation degree of the corresponding cipher image for the first 4 significant bit-planes selection is nearly the same as that for the 8 bit-planes selection. That is why, instead of taking 8 bit-planes of a gray-scale image, it is sufficient to take only the first 4 significant bit-planes for the experiment to find the scrambling degree. This 50% reduction in the computational cost makes our scheme efficient.

    DOI: 10.1007/978-3-642-18405-5-4

  • Adaptive and composable non-committing encryptions

    Huafei Zhu, Tadashi Araragi, Takashi Nishide, Kouichi Sakurai

    15th Australasian Conference on Information Security and Privacy, ACISP 2010 Information Security and Privacy - 15th Australasian Conference, ACISP 2010, Proceedings   6168 LNCS   135 - 144   2010年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this paper, a new non-committing encryption protocol without failure during the course of a channel setup procedure is constructed and analyzed in the universally composable (UC) framework. We show that the proposed non-committing scheme realizes the UC-security in the presence of adaptive adversary assuming that the decisional Diffie-Hellman problem is hard.

    DOI: 10.1007/978-3-642-14081-5_9

  • Improved subset difference method with ternary tree 査読

    Kazuhide Fukushima, Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E93-A ( 11 )   2034 - 2044   2010年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    This paper proposes a ternary subset difference method (SD method) that is resistant to coalition attacks. In order to realize a secure ternary SD method, we design a new cover-finding algorithm, label assignment algorithm and encryption algorithm. These algorithms are required to revoke one or two subtrees simultaneously while maintaining resistance against coalition attacks. We realize this two-way revocation mechanism by creatively using labels and hashed labels. Then, we evaluate the efficiency and security of the ternary SD method. We show that the number of labels on each client device can be reduced by about 20.4 percent. The simulation results show that the proposed scheme reduces the average header length by up to 15.0 percent in case where the total number of devices is 65,536. On the other hand, the computational cost imposed on a client device stays within O(log n). Finally, we prove that the ternary SD method is secure against coalition attacks.

    DOI: 10.1587/transfun.E93.A.2034

  • Towards a fairness multimedia transmission using layered-based multicast protocol 査読

    Heru Sukocof, Yoshiaki Hori, Hendrawan, Kouichi Sakurai

    IEICE Transactions on Information and Systems   E93-D ( 11 )   2953 - 2961   2010年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The distribution of streaming multicast and real time audio/video applications in the Internet has been quickly increased in the Internet. Commonly, these applications rarely use congestion control and do not fairly share provided network capacity with TCP-based applications such as HTTP, FTP and emails. Therefore, Internet communities will be threatened by the increase of non-TCP-based applications that likely cause a significant increase of traffics congestion and starvation. This paper proposes a set of mechanisms, such as providing various data rates, background traffics, and various scenarios, to act friendly with TCP when sending multicast traffics. By using 8 scenarios of simulations, we use 6 layered multicast transmissions with background traffic Pareto with the shape factor 1.5 to evaluate performance metrics such as throughput, delay/latency, jitter, TCP friendliness, packet loss ratio, and convergence time. Our study shows that non TCP traffics behave fairly and respectful of the co-existent TCP-based applications that run on shared link transmissions even with background traffic. Another result shows that the simulation has low values on throughput, vary in jitter (0-10 ms), and packet loss ratio > 3%. It was also difficult to reach convergence time quickly when involving only non TCP traffics.

    DOI: 10.1587/transinf.E93.D.2953

  • Model-based intrusion detection by abstract interpretation

    Jingyu Hua, Takashi Nishide, Kouichi Sakurai

    2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010 Proceedings - 2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010   359 - 362   2010年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Model-based intrusion detection works by comparing a process's runtime behavior with a pre-computed normal program model. This paper studies this technology from the viewpoint of abstract interpretation theory. We regard different program behavior models used to perform intrusion detection as different abstractions of the concrete trace semantics of programs. Based on this point, we formally define model-based intrusion detection and present a generic generation algorithm for program models on a provided abstraction domain. Eventually, we discuss how to use this mechanism to implement a real intrusion detection model proposed by us before.

    DOI: 10.1109/SAINT.2010.107

  • Preserving integrity and confidentiality of a directed acyclic graph model of provenance

    Amril Syalim, Takashi Nishide, Kouichi Sakurai

    24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy Data and Applications Security and Privacy XXIV - 24th Annual IFIP WG 11.3 Working Conference, Proceedings   6166 LNCS   311 - 318   2010年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    This paper describes how to preserve integrity and confidentiality of a directed acyclic graph (DAG) model of provenance database. We show a method to preserve integrity by using digital signature where both of the provenance owner and the process executors (i.e. contributors) sign the nodes and the relationships between nodes in the provenance graph so that attacks to integrity can be detected by checking the signatures. To preserve confidentiality of the nodes and edges in the provenance graph we propose an access control model based on paths on the provenance graph because an auditor who need to audit a result normally need to access all nodes that have causal relationship with the result (i.e. all nodes that have a path to the result). We also complement the path-based access control with a compartment-based access control where each node is classified into compartments and the auditor is not allowed to access the nodes included in a compartment that can not be accessed by him/her (because of the sensitivity of the compartment). We implement the path-based access control by encrypting the nodes and later store encrypted encryption's keys in the children of the nodes. The compartment-based access control is implemented by encrypting the nodes in different compartments with different keys. We developed a prototype of the model and performed experiments to measure the overhead of digital signature and the double encryptions.

    DOI: 10.1007/978-3-642-13739-6_22

  • Modeling and containment of search worms targeting web applications

    Jingyu Hua, Kouichi Sakurai

    7th GI International Conference on Detection of Intrusions and Malware and Vulnerability Assessment, DIMVA 2010 Detection of Intrusions and Malware, and Vulnerability Assessment - 7th International Conference, DIMVA 2010, Proceedings   6201 LNCS   183 - 199   2010年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Many web applications leak sensitive pages (we name them eigenpages) that can disclose their vulnerabilities. As a result, some worms like Santy locate their targets by searching specific eigenpages in search engines with well-crafted keywords. Such worms are so called search worms. In this paper, we focus on the modeling and containment of these search worms. We first study the influence of the eigenpage distribution on their spreading by introducing two propagation models: U-Model assuming eigenpages uniformly distributed on servers and PL-Model assuming the distribution follows a power law. We show that the uniform distribution maximizes the spreading speed of the search worm. Then we study the influence of the page ranking and introduce another propagation model: PR-Model. In this model, search results are ranked based on their PageRank values and the relative importance of their resident servers. Finally, we propose a containment system for search worms based on honey-page insertion: a small number of fake pages which will induce visitors to pre-established honeypots are randomly inserted into search results, and then infectious can be detected and reported to search engines when their malicious scans hit honeypots. We study the relationship between the containment effectiveness and the honey-page insert rate with our propagation models and find that the Santy worm can be almost completely stopped at its early age by inserting no more than 2 honey pages in every 100 search results, which is extremely effective.

    DOI: 10.1007/978-3-642-14215-4_11

  • Mechanized analysis of verifiable multi-secret sharing in the appliedPi-calculus 査読

    Hui Zhao, Mingchu Li, Kouichi Sakurai, Yizhi Ren

    ICIC Express Letters   4 ( 3 )   1053 - 1058   2010年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In this paper, we give an abstraction of verifiable multi-secret sharingschemes that is accessible to a, fully mechanized analysis. The abstraction isformalized, within the applied, pi-calculus using an equational theory thatabstractly characterizes the cryptographic semantics of secret share. Based onthat, we verify the threshold certificate protocol in a convergent rewritingsystem suitable for the automated protocol verifier Pro Verif. ICIC International

  • A behavior based malware detection scheme for avoiding false positive

    Yoshiro Fukushima, Akihiro Sakai, Yoshiaki Hori, Kouichi Sakurai

    2010 6th IEEE Workshop on Secure Network Protocols, NPSec 2010 2010 6th IEEE Workshop on Secure Network Protocols, NPSec 2010   79 - 84   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The number of malware is increasing rapidly and a lot of malware use stealth techniques such as encryption to evade pattern matching detection by anti-virus software. To resolve the problem, behavior based detection method which focuses on malicious behaviors of malware have been researched. Although they can detect unknown and encrypted malware, they suffer a serious problem of false positives against benign programs. For example, creating files and executing them are common behaviors performed by malware, however, they are also likely performed by benign programs thus it causes false positives. In this paper, we propose a malware detection method based on evaluation of suspicious process behaviors on Windows OS. To avoid false positives, our proposal focuses on not only malware specific behaviors but also normal behavior that malware would usually not do. Moreover, we implement a prototype of our proposal to effectively analyze behaviors of programs. Our evaluation experiments using our malware and benign program datasets show that our malware detection rate is about 60% and it does not cause any false positives. Furthermore, we compare our proposal with completely behavior-based anti-virus software. Our results show that our proposal puts few burdens on users and reduces false positives.

    DOI: 10.1109/NPSEC.2010.5634444

  • Universally composable non-committing encryptions in the presence of adaptive adversaries

    Huafei Zhu, Tadashi Araragi, Takashi Nishide, Kouichi Sakurai

    International Conference on Security and Cryptography, SECRYPT 2010 SECRYPT 2010 - Proceedings of the International Conference on Security and Cryptography   389 - 398   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Designing non-committing encryptions tolerating adaptive adversaries is a challenging task. In this paper, a simple implementation of non-committing encryptions is presented and analyzed in the strongest security model. We show that the proposed non-committing encryption scheme is provably secure against adaptive adversaries in the universally composable framework assuming that the decisional Diffie-Hellman problem is hard.

  • Study of log file dispersion management method

    Fumiharu Etoh, Kenichi Takahashi, Yoshiaki Hori, Kouichi Sakurai

    2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010 Proceedings - 2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010   371 - 374   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In system equipment, a mechanism to prevent the manipulation or deletion of log information and log files by an attacker and to maintain the contents of log files are essential. Because log files include an active event and an operation event in the system equipment, these files are at risk of attacks such as file manipulation or deletion. In this paper, we propose a log file dispersion management method using hash values. It is possible to detect the manipulation or deletion of log information and log files and to reconstruct original log files. Further, this method has both redundancy and resistibility.

    DOI: 10.1109/SAINT.2010.104

  • Special section on trust, security and privacy for pervasive applications 査読

    Guojun Wang, Laurence T. Yang, Kouichi Sakurai

    IEICE Transactions on Information and Systems   E93-D ( 3 )   409 - 410   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The special section of The Institute of Electronics, Information and Communication Engineers Journal presents Trust, Security and Privacy for Pervasive Applications and aims at bringing together researchers and practitioners in the world working on related issues. In order to achieve these goals, an editorial committee for this special section was organized to publish new research results on this area. The editorial committee thanks all the authors who submitted their papers to this special section, which made this special section come true. They also thank all the reviewers who spent a lot of time on reviewing these papers with a lot of valuable comments and suggestions, which made it easy to select high-quality papers.

  • SPSE A flexible QoS-based service scheduling algorithm for service-oriented Grid

    Laiping Zhao, Yizhi Ren, Mingchu Li, Kouichi Sakurai

    2010 IEEE International Symposium on Parallel and Distributed Processing, Workshops and Phd Forum, IPDPSW 2010 Proceedings of the 2010 IEEE International Symposium on Parallel and Distributed Processing, Workshops and Phd Forum, IPDPSW 2010   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    With the development of the Grid computing, increased attention is paid to services and user personalization. How to search and schedule the most suitable service for an end user direct affects the popularization use of service oriented Grid. Inspired from the mode of web search engine, such as Yahoo, Google, this paper proposes an innovative service searching and scheduling algorithm (SPSE: Service Providers Search Engine) for the Grid. The SPSE sorts all services from Internet and returns the most appropriate ones to the end user. Compared with the existing scheduling algorithms, our method is much more flexible in meeting user's QoS requirements, especially supporting the multiobjective and user personalization. The related simulation experiments show that our method performs well in scalability, and can capture user's preferences value precisely and automatically.

    DOI: 10.1109/IPDPSW.2010.5470920

  • Implementation and evaluation of bot detection scheme based on data transmission intervals

    Seiichiro Mizoguchi, Yuji Kugisaki, Yoshiaki Kasahara, Yoshiaki Hori, Kouichi Sakurai

    2010 6th IEEE Workshop on Secure Network Protocols, NPSec 2010 2010 6th IEEE Workshop on Secure Network Protocols, NPSec 2010   73 - 78   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Botnet is one of the most considerable issues in the world. A host infected with a bot is used for collecting personal information, launching DoS attacks, sending spam e-mail and so on. If such a machine exists in an organizational network, that organization will lose its reputation. We have to detect these bots existing in organizational networks immediately. Several network-based bot detection methods have been proposed; however, some traditional methods using payload analysis or signature-based detection scheme are undesirable in large amount of traffic. Also there is a privacy issue with looking into payloads, so we have to develop another scheme that is independent of payload analysis. In this paper, we propose a bot detection method which focuses on data transmission intervals. We distinguish human-operated clients and bots by their network behaviors. We assumed that a bot communicates with C&C server periodically and each interval of data transmission will be the same. We found that we can detect such behaviors by using clustering analysis to these intervals. We implemented our proposed algorithm and evaluated by testing normal IRC traffic and bot traffic captured in our campus network. We found that our method could detect IRC-based bots with low false positives.

    DOI: 10.1109/NPSEC.2010.5634446

  • Image encryption design based on multi-dimensional matrix map and partitioning substitution and diffusion-integration substitution network structure

    Liang Zhao, Di Xiao, Kouichi Sakurai

    2010 International Conference in Information Science and Applications, ICISA 2010 2010 International Conference on Information Science and Applications, ICISA 2010   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Multimedia security is already one of the most crucial problems in information science. Specially, as the character of digital image, the traditional cipher such as DES and RSA are not suitable for being applied to encrypt the digital image. Therefore, the study of image encryption scheme attracts the interest of large researchers. Nowadays, a variety of image encryption methods have been proposed with several kinds of structures. Many of them can finish the encryption process effectively. However, most of them are only based on encryption of two phases: substitution and diffusion, which is a traditional framework. In order to achieve an exceptional encryption effect, this paper presents a novel encryption structure named as PSDIS network(Partitioning Substitution and Diffusion-Integration Substitution network). Based on this structure, a corresponding encryption algorithm is designed utilizing the generalized multidimensional Arnold cat map and PSD-IS network structure. The experimental results and their analyses demonstrate that the proposed scheme is secure and meets the requirement of image encryption.

    DOI: 10.1109/ICISA.2010.5480269

  • Fault-Tolerant Scheduling with Dynamic Number of Replicas in Heterogeneous Systems

    Laiping Zhao, Yizhi Ren, Yang Xiang, Kouichi Sakurai

    2010 12th IEEE International Conference on High Performance Computing and Communications, HPCC 2010 Proceedings - 2010 12th IEEE International Conference on High Performance Computing and Communications, HPCC 2010   434 - 441   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In the existing studies on fault-tolerant scheduling, the active replication schema makes use of ε + 1 replicas for each task to tolerate ε failures. However, in this paper, we show that it does not always lead to a higher reliability with more replicas. Besides, the more replicas implies more resource consumption and higher economic cost. To address this problem, with the target to satisfy the user's reliability requirement with minimum resources, this paper proposes a new fault tolerant scheduling algorithm: MaxRe. In the algorithm, we incorporate the reliability analysis into the active replication schema, and exploit a dynamic number of replicas for different tasks. Both the theoretical analysis and experiments prove that the MaxRe algorithm's schedule can certainly satisfy user's reliability requirements. And the MaxRe scheduling algorithm can achieve the corresponding reliability with at most 70% fewer resources than the FTSA algorithm.

    DOI: 10.1109/HPCC.2010.72

  • ESS-FH Enhanced security scheme for fast handover in hierarchical mobile IPv6 査読

    Ilsun You, Jong Hyouk Lee, Kouichi Sakurai, Yoshiaki Hori

    IEICE Transactions on Information and Systems   E93-D ( 5 )   1096 - 1105   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Fast Handover for Hierarchical Mobile IPv6 (F-HMIPv6) that combines advantages of Fast Handover for Mobile IPv6 (FMIPv6) and Hierarchical Mobile IPv6 (HMIPv6) achieves the superior performance in terms of handover latency and signaling overhead compared with previously developed mobility protocols. However, without being secured, F-HMIPv6 is vulnerable to various security threats. In 2007, Kang and Park proposed a security scheme, which is seamlessly integrated into FHMIPv6. In this paper, we reveal that Kang-Park's scheme cannot defendagainst the Denial of Service (DoS) and redirect attacks while largely relying on the group key. Then, we propose an Enhanced Security Scheme for F-HMIPv6 (ESS-FH) that achieves the strong key exchange and the key independence as well as addresses the weaknesses of Kang-Park's scheme. More importantly, it enables fast handover between different MAP domains. The proposed scheme is formally verified based on BAN-logic, and its handover latency is analyzed and compared with that of Kang-Park's scheme.

    DOI: 10.1587/transinf.E93.D.1096

  • Darknet monitoring on real-operated networks

    Seiichiro Mizoguchi, Yoshiro Fukushima, Yoshiaki Kasahara, Yoshiaki Hori, Kouichi Sakurai

    5th International Conference on Broadband Wireless Computing, Communication and Applications, BWCCA 2010 Proceedings - 2010 International Conference on Broadband, Wireless Computing Communication and Applications, BWCCA 2010   278 - 285   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Darknet monitoring is an effective method to analyze malicious activities on networks including the Internet. Since there is no legitimate host on darknets, traffic sent to such a space is considered to be malicious. There are two major issues for darknet monitoring: how to prepare unused address space and how to configure network sensors deployed on the network. Preparation of monitoring addresses is difficult, and it have not been obvious yet what an appropriate configuration is. To solve the first issue, we proposed a method for network monitoring by exploiting unused IP addresses on segments managed by DHCP server, where is a real-operated network. By assigning these addresses, we can easily obtain IP addresses for monitoring and enable network monitoring on production network. Furthermore, we conducted real darknet monitoring experiments and clarified what kind of information could be obtained. We deployed several types of sensors on real-operated network and captured darknet traffic. After analyzing the traffic, we compared the data between each sensor. We found that there were dramatic differences between the data collected by each sensor and our proposed method was useful for real network monitoring.

    DOI: 10.1109/BWCCA.2010.82

  • Behavior control based on dynamic code translation

    Akihiro Sakai, Yoshiaki Hori, Kouichi Sakurai

    2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010 Proceedings - 2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010   375 - 378   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    When analyzing the behaviors of an existing binary code, it is difficult because need to learn about special technologies. Moreover, static analysis is also difficult to detect the malicious behaviors if codes are encrypted by themselves. In this paper, we propose the method of dynamic change of program behavior, and avoid executing malicious codes intentionally. In order to make it possible, we plan to generalize it to separate dynamic analysis codes from dynamic analysis technologies as reusable programming approach.

    DOI: 10.1109/SAINT.2010.103

  • Analysis of existing privacy-preserving protocols in domain name system 査読

    Fangming Zhao, Yoshiaki Hori, Kouichi Sakurai

    IEICE Transactions on Information and Systems   E93-D ( 5 )   1031 - 1043   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In a society preoccupied with gradual erosion of electronic privacy, loss of privacy in the current Domain Name System is an important issue worth considering. In this paper, we first review the DNS and some security & privacy threats to make average users begin to concern about the significance of privacy preservation in DNS protocols. Then, by an careful survey of four noise query generation based existing privacy protection approaches, we analyze some benefits and limitations of these proposals in terms of both related performance evaluation results and theoretic proofs. Finally, we point out some problems that still exist for research community's continuing efforts in the future.

    DOI: 10.1587/transinf.E93.D.1031

  • Adaptive and composable non-interactive string-commitment protocols

    Huafei Zhu, Tadashi Araragi, Takashi Nishide, Kouichi Sakurai

    International Conference on Security and Cryptography, SECRYPT 2010 SECRYPT 2010 - Proceedings of the International Conference on Security and Cryptography   354 - 361   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Designing non-committing encryptions tolerating adaptive adversaries is a challenging task. In this paper, a simple implementation of non-committing encryptions is presented and analyzed in the strongest security model. We show that the proposed non-committing encryption scheme is provably secure against adaptive adversaries in the universally composable framework assuming that the decisional Diffie-Hellman problem is hard.

  • A design of history based traffic filtering with probabilistic packet marking against DoS attacks

    Tadashi Kiuchi, Yoshiaki Hori, Kouichi Sakurai

    2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010 Proceedings - 2010 10th Annual International Symposium on Applications and the Internet, SAINT 2010   261 - 264   2010年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Recently, one of threats on the increasing network includes DoS(Denial of Service) attacks. A large amount of packets is transmitted to a server that becomes a target of DoS attacks. Therefore, a packet filtering that intercepts the communication of a doubtful packet is researched. We investigate two packet filtering methods. In the history based filtering, it looks for IP addresses that frequently appears at a router. DoS attack traffic is filtered by filtering IP address not observed usually so much. However, the filtering method is weak when the attacker know how to filtering. In the filtering approach that uses the probabilistic packet marking, a communication from an attack path is intercepted and the technique for intercepting the attack is proposed. However, an non-attacker's communication is also intercepted, and there is a problem that the number of packets necessary for the route construction increases according to a superscription of mark information. Then, to solve both problems of the expression, it proposes the probabilistic packet marking with and the filtering approach using the observation of transmission source IP address. The attack path is specified from mark information when an attack starts, and an attack packet is filtered from the record and mark information on an address of the router. It becomes possible to prevent packets being filtered when packets sent by a result and regular those who communicate is marked on the attack path. This technique achieve low false positive of benign traffic.

    DOI: 10.1109/SAINT.2010.44

  • Efficient intrusion detection based on static analysis and stack walks

    Jingyu Hua, Mingchu Li, Kouichi Sakurai, Yizhi Ren

    4th International Workshop on Security, IWSEC 2009 Advances in Information and Computer Security - 4th International Workshop on Security, IWSEC 2009, Proceedings   5824 LNCS   158 - 173   2009年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Some intrusion detection models such as the VPStatic first construct a behavior model for a program via static analysis, and then perform intrusion detection by monitoring whether its execution is consistent with this behavior model. These models usually share the highly desirable feature that they do not produce false alarms but they face the conflict between precision and efficiency. The high precision of the VPStatic is at the cost of high space complexity. In this paper, we propose a new context-sensitive intrusion detection model based on static analysis and stack walks, which is similar to VPStatic but much more efficient, especially in memory use. We replace the automaton in the VPStatic with a state transition table (STT) and all redundant states and transitions in VPStatic are eliminated. We prove that our STT model is a deterministic pushdown automaton (DPDA) and the precision is the same as the VPStatic. Experiments also demonstrate that our STT model reduces both time and memory costs comparing with the VPStatic, in particular, memory overheads are less than half of the VPStatic's. Thereby, we alleviate the conflict between precision and efficiency.

    DOI: 10.1007/978-3-642-04846-3_11

  • Enhancing cooperative behavior for online reputation systems by group selection

    Yizhi Ren, Mingchu Li, Yongrui Cui, Cheng Guo, Kouichi Sakurai

    Symposia and Workshops on Ubiquitous, Autonomic and Trusted Computing in Conjunction with the UIC'09 and ATC'09 Conferences, UIC-ATC 2009 UIC-ATC 2009 - Symposia and Workshops on Ubiquitous, Autonomic and Trusted Computing in Conjunction with the UIC'09 and ATC'09 Conferences   568 - 573   2009年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Reputation systems are very useful in large online communities in which users may frequently have the opportunity to interact with users with whom they have no prior experience. Recently, how to enhance the cooperative behaviors in the reputation system that has became to one of the key open issues. Research in the evolutionary game theory shows that the group selection or multilevel selection can favor the cooperation in the finite populations. Furthermore, Nowak et al., in [1], [2] give a fundamental condition for the evolution of cooperation by group selection.Based on the above important result, we extend the group selection concept in evolutionary biology and propose a group-based mechanism to enhance cooperation for online reputation systems.

    DOI: 10.1109/UIC-ATC.2009.81

  • Formal verification for access control in web information sharing system

    Akihiro Sakai, Yoshiaki Hori, Kouichi Sakurai

    3rd International Conference on Information Security and Assurance, ISA 2009 Advances in Information Security and Assurance - Third International Conference and Workshops, ISA 2009, Proceedings   5576 LNCS   80 - 89   2009年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    When we write access-control description of the Web Applications using the group and the role, there is a problem that it is difficult for a user to decide the joint ownership partner of data. Therefore, there are the trials for describing access-control using social networks. However, unexpected defects might sneak in this description if it is marked in a careless manner. In this paper, we propose the formal definition of the access-control description consist of the first-order predicate logic for the automatic checking.

    DOI: 10.1007/978-3-642-02617-1_9

  • Ternary subset difference method and its quantitative analysis

    Kazuhide Fukushima, Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai

    9th International Workshop on Information Security Applications, WISA 2008 Information Security Applications - 9th International Workshop, WISA 2008, Revised Selected Papers   5379 LNCS   225 - 239   2009年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    This paper proposes a ternary subset difference method (SD method) that is resistant to coalition attacks. In order to realize a secure ternary SD method, we design a new cover-finding algorithm, label assignment algorithm, and encryption algorithm. These algorithms are required to revoke one or two subtrees simultaneously while maintaining resistance against coalition attacks. We realize this two-way revocation mechanism by creatively using labels and hashed labels. Then, we evaluate the efficiency and security of the ternary SD method. We show that the upper bound of the average message length in the ternary SD method is smaller by about 12.2 percent than that of the conventional SD method, and the number of labels on each client device can be reduced by about 20.4 percent. On the other hand, the computational cost imposed on a client device stays within O(logn). Finally, we prove that the ternary SD method is secure against coalition attacks.

    DOI: 10.1007/978-3-642-00306-6_17

  • Grouping provenance information to improve efficiency of access Control

    Amril Syalim, Yoshiaki Hori, Kouichi Sakurai

    3rd International Conference on Information Security and Assurance, ISA 2009 Advances in Information Security and Assurance - Third International Conference and Workshops, ISA 2009, Proceedings   5576 LNCS   51 - 59   2009年11月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Provenance is defined in some literature as a complete documentation of process that led to an object. Provenance has been utilized in some contexts, i.e. database systems, file systems and grid systems. Provenance can be represented by a directed acyclic graph (DAG). In this paper we show an access control method to the provenance information that is represented by a directed acyclic graph and a method to improve efficiency of access control by grouping the provenance information. The idea of our model is that by controlling access to nodes, edges and paths in the provenance graph we may build an expressive access control model to the provenance graph. We improve the efficiency of access control model by grouping some provenance information. In our model, the provenance information is stored in a relational database. Before explaining our idea, we describe provenance store, provenance representation, and how to store provenance graph in a relational database.

    DOI: 10.1007/978-3-642-02617-1_6

  • An Enhanced Security Protocol for Fast Mobile IPv6 査読 国際誌

    YOU Ilsun, SAKURAI Kouichi, HORI Yoshiaki

    IEICE Transactions on Information and Systems   2009年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • The 3rd International workshop on intelligent, mobile and internet services in ubiquitous computing (IMIS 2009) Welcome message from IMIS 2009 organizers 査読

    Kouichi Sakurai, Ilsun You, Bonam Kim, Feilong Tang

    Proceedings of the International Conference on Complex, Intelligent and Software Intensive Systems, CISIS 2009   2009年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1109/CISIS.2009.212

  • 個別アドレス発行によるメーリングリストへのスパムメール削減方式の提案と評価 査読 国際誌

    高橋健一, 境顕宏, 堀良彰, 櫻井幸一

    情報処理学会論文誌(IPSJ Journal)   2009年9月

     詳細を見る

    掲載種別:研究論文(学術雑誌)  

  • Importance of data standardization in privacy-preserving k-means clustering

    Chunhua Su, Justin Zhan, Kouichi Sakurai

    International Workshops on Database Systems for Advanced Applications, DASFAA 2009: BenchmarX, MCIS, WDPP, PPDA, MBC, PhD Database Systems for Advanced Applications - DASFAA 2009 International Workshops BenchmarX, MCIS, WDPP, PPDA, MBC, PhD   5667 LNCS   276 - 286   2009年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Privacy-preserving k-means clustering assumes that there are at least two parties in the secure interactive computation. However, the existing schemes do not consider the data standardization which is an important task before executing the clustering among the different database. In this paper, we point out without data standardization, some problems will arise from many applications of data mining. Also, we provide a solution for the secure data standardization in the privacy-preserving k-means clustering.

    DOI: 10.1007/978-3-642-04205-8_23

  • Distributed Noise Generation for Density Estimation Based Clustering without Trusted Third Party 査読 国際誌

    SU Chunhua, BAO Feng, ZHOU Jianying, TAKAGI Tsuyoshi, SAKURAI Kouich

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   2009年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Distributed Noise Generation for Density Estimation Based Clustering without Trusted Third Party 査読

    Chunhua Su, Feng Bao, Jianying Zhou, Tsuyoshi Takagi, Kouichi Sakurai

    IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E92A ( 8 )   1868 - 1871   2009年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The rapid growth of the Internet provides people with tremendous opportunities for data collection, knowledge discovery and cooperative computation. However, it also brings the problem of sensitive information leakage. Both individuals and enterprises may suffer from the massive data collection and the information retrieval by distrusted parties. In this paper, we propose a privacy-preserving protocol for the distributed kernel density estimation-based clustering. Our scheme applies random data perturbation (RDP) technique and the verifiable secret sharing to solve the security problem of distributed kernel density estimation in [4] which assumed a mediate party to help in the computation,

    DOI: 10.1587/transfun.E92.A.1868

  • Design and implementation of security mechanisms for a hierarchical community-based multi-agent system

    Kenichi Takahashi, Yoshiki Mitsuyuki, Tsunenori Mine, Kouichi Sakurai, Makoto Amamiya

    10th Pacific Rim International Conference on Multi-Agents, PRIMA 2007 Agent Computing and Multi-Agent Systems - 10th Pacific Rim International Conference on Multi-Agents, PRIMA 2007, Revised Papers   5044 LNAI   134 - 145   2009年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Recently, several community-based systems have been developed; however, almost all such systems have been developed as Webserver- based systems. Thus, server administrator can easily eavesdrop on user communications, since they have to send/receive information through the server. Therefore, we propose multi-agent-based peer-topeer (P2P) system wherein each peer manages his/her information and exchanges it with other peers directly. This, thus, resolves the problems posed byWeb-server-based systems; however, we have to consider attacks from malicious third parties. This study designs and implements security protocols/mechanisms for a hierarchical community-based multi-agent system. Furthermore, if we consider a practical use case, we should be able to demonstrate that the proposed system can be implemented by combining it with existing security techniques for more reliable and rapid deployment. Finally, we evaluate the performance of the proposed security system and present an example application.

    DOI: 10.1007/978-3-642-01639-4_12

  • Reconsidering data logging in light of digital forensics

    Bin Hui Chou, Kenichi Takahashi, Yoshiaki Hori, Kouichi Sakurai

    Advances in Information Security and Its Application Third International Conference, ISA 2009, Proceedings   36   111 - 118   2009年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Logs record the events that have happened within in a system so they are considered the history of system activities. They are one of the objects that digital forensic investigators would like to examine when a security incident happens. However, logs were initially created for trouble shooting, and are not purposefully designed for digital forensics. Thus, enormous and redundant log data make analysis tasks complicated and time-consuming to find valuable information, and make logging-related techniques difficult utilized in some systems such as embedded systems. In this paper, we reconsider a data logging mechanism in terms of forensics and consequently, we propose purpose-based forensic logging. In purpose-based forensic logging, we only collect the required logs according to a specific purpose, which could decrease the space that logs occupy and may mitigate the analysis tasks during forensic investigations.

    DOI: 10.1007/978-3-642-02633-1_15

  • Improving the quality of protection of web application firewalls by a simplified taxonomy of web attacks

    Yi Han, Akihiro Sakai, Yoshiaki Hori, Kouichi Sakurai

    Advances in Information Security and Its Application Third International Conference, ISA 2009, Proceedings   36   105 - 110   2009年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Nowadays, with over 70% of attacks carried out over the web application level, organizations need all the help they can get in making their system secure. Web Application Firewalls (WAFs) are among the tools that are commonly used for the prevention of Web attacks. However, the WAFs provide very little protection on their own. In order to become useful, they must be configured with rules. Unfortunately, the rule configuration process is not easy and error-prone, thus the quality of protection(QoP) of WAFs is still behind our expectations. In this paper, we investigate the current WAFs and point out some of their problems regarding about the poor QoP. We then analyze the origins of these problems and propose two decision modules, the attack-decision module and priority-decision module based on a proposed simplified taxonomy of web attacks which are helpful for improving the QoP of WAFs. Finally, we conclude our work and show future interests to extend our modules to IDS systems.

    DOI: 10.1007/978-3-642-02633-1_14

  • A Security Analysis on Kempf-Koodlis Security Scheme for Fast Mobile IPv6 査読 国際誌

    YOU Ilsun, SAKURAI Kouichi, HORI Yoshiaki

    IEICE Transactions on Communications   2009年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • A security analysis on Kempf-Koodli's security scheme for Fast Mobile IPv6 査読

    Ilsun You, Kouichi Sakurai, Yoshiaki Hori

    IEICE Transactions on Communications   E92-B ( 6 )   2287 - 2290   2009年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Recently, the security scheme, proposed by Kempf and Koodli, has been adopted as a security standard for Fast handover for Mobile IPv6. But, it does not prevent denial of service attacks while resulting in high computation cost. More importantly, we find that it is still vulnerable to redirection attacks because it fails to secure the Unsolicited Neighbor Advertisement messages. In this paper, Kempf-Koodli's scheme is formally analyzed through BAN-logic and its weaknesses are demonstrated.

    DOI: 10.1587/transcom.E92.B.2287

  • Enhancing Cooperative Behavior for P2P Reputation Systems by Group Selection 査読 国際誌

    Yizhi Ren, Mingchu Li, Yongrui Cui, Cheng Guo and Kouichi Sakurai

    RIMS Kokyuroku   2009年5月

     詳細を見る

    掲載種別:研究論文(学術雑誌)  

  • An Adaptive Reputation-Based Algorithm for Grid Virtual Organization Formation 査読 国際誌

    Yongrui CUI, Mingchu LI, Yizhi REN, Kouichi SAKURAI

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   2009年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Security and Correctness Analysis on Privacy-Preserving k-Means Clustering Schemes 査読 国際誌

    SU Chunhua, BAO Feng, ZHOU Jianying, TAKAGI Tsuyoshi, SAKURAI Kouichi

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   2009年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Security and Correctness Analysis on Privacy-Preserving k-Means Clustering Schemes 査読

    Chunhua Su, Feng Bao, Jianying Zhou, Tsuyoshi Takagi, Kouichi Sakurai

    IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E92A ( 4 )   1246 - 1250   2009年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Due to the fast development of Internet and the related IT technologies, it becomes more and more easier to access a large amount of data. k-means clustering is a powerful and frequently used technique in data mining. Many research papers about privacy-preserving k-means clustering were published. In this paper, we analyze the existing privacy-preserving k-means clustering schemes based on the cryptographic techniques. We show those schemes will cause the privacy breach and cannot output the correct results due to the faults in the protocol construction. Furthermore, we analyze our proposal as an option to improve such problems but with intermediate information breach during the computation.

    DOI: 10.1587/transfun.E92.A.1246

  • A new secret sharing scheme based on the multi-dealer 査読

    Cheng Guo, Mingchu Li, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E92-A ( 5 )   1373 - 1378   2009年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Almost all the existing secret sharing schemes are based on a single dealer. Maybe in some situations, the secret needs to be maintained by multiple dealers. In this paper, we proposed a novel secret sharing scheme based on the multi-dealer by means of Shamir's threshold scheme and T. Okamoto and S. Uchiyama's public-key cryptosystem. Multiple dealers can commonly maintain the secret and the secret can be dynamically renewed by any dealer. Meanwhile, the reusable secret shadows just needs to be distributed only once. In the secret updated phase, the dealer just needs to publish a little public information instead of redistributing the new secret shadows. Its security is based on the security of Shamir's threshold scheme and the intractability of factoring problem and discrete logarithm problem.

    DOI: 10.1587/transfun.E92.A.1373

  • A signature scheme associated with universal re-signcryption

    Kohei Tatara, Kouichi Sakurai

    International Conference on Availability, Reliability and Security, ARES 2009 Proceedings - International Conference on Availability, Reliability and Security, ARES 2009   780 - 785   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Today, with increasing deversity of network technologies, people have been likely to be insterested in anonymity. The attacker might threaten anonymity of senders and receivers by confirming linkability between their sessions. Recently, Golle et al. proposed the re-encryption scheme applicable to Mix, called Universal Re-encryption. In this scheme, a ciphertext is supposed to be re-encrypted without public information corresponding to it. Moreover, only a subject that re-enctypts a ciphertext can know the correspondence of original ciphertext and it, and the computational complexity to break the unlinkability property is equal to the semantic secrecy. In this paper, we consider and improve the Universal Re-encryption scheme, and propose a scheme that can verify who transmit the message by adding the property of signature.

    DOI: 10.1109/ARES.2009.104

  • The optimal choice by resource consumers in Grid market

    Laiping Zhao, Mingchu Li, Weifeng Sun, Kouichi Sakurai, Yizhi Ren

    Symposia and Workshops on Ubiquitous, Autonomic and Trusted Computing in Conjunction with the UIC'09 and ATC'09 Conferences, UIC-ATC 2009 UIC-ATC 2009 - Symposia and Workshops on Ubiquitous, Autonomic and Trusted Computing in Conjunction with the UIC'09 and ATC'09 Conferences   580 - 585   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Market mechanism is effective to encourage more people to participate in the Grid environment. Applying economic principles to Grid is deemed promising to improve the overall value provided by such participants. However, resource scheduling algorithms are different depending on different needs. In this paper, we mainly focus on the consumers' own interest. Assuming that the consumers are selfish and what they concern about is lower cost and higher success rate, we improve the HRED algorithm using hierarchical mechanism and resource selection mechanism, which cooperate with resource providers' trust degree, making it more suitable, practical and credible for Grid market. The experiments prove that the improved HRED algorithm works faster especially when there are large numbers of resource providers in Grid market, and it also gives much higher success rates in the non-credible Grid environment.

    DOI: 10.1109/UIC-ATC.2009.75

  • Security and correctness analysis on privacy-preserving k-means clustering schemes 査読

    Chunhua Su, Feng Bao, Jianying Zhou, Tsuyoshi Takagi, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E92-A ( 4 )   1246 - 1250   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Due to the fast development of Internet and the related IT technologies, it becomes more and more easier to access a large amount of data. k-means clustering is a powerful and frequently used technique in data mining. Many research papers about privacy-preserving k-means clustering were published. In this paper, we analyze the existing privacy-preserving k-means clustering schemes based on the cryptographic techniques. We show those schemes will cause the privacy breach and cannot output the correct results due to the faults in the protocol construction. Furthermore, we analyze our proposal as an option to improve such problems but with intermediate information breach during the computation.

    DOI: 10.1587/transfun.E92.A.1246

  • Security analysis for P2P routing protocols

    Tatsuro Fujii, Yizhi Ren, Yoshiaki Hori, Kouichi Sakurai

    International Conference on Availability, Reliability and Security, ARES 2009 Proceedings - International Conference on Availability, Reliability and Security, ARES 2009   899 - 904   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In P2P systems, nodes use a plenty of styles flooding the messages to the destination or discover the target node. Therefore, it is important to guarantee the efficiency and security of message routing between the source and the destination. Unfortunately, malicious attackers can easily insert a lot of nodes they controlled, and disturb the message routing between honest nodes. In order to counter such attacks, secure routing protocols which ensure successful message routing are needed. Furthermore, it is very important to analyze existing routing protocols for the inventions of secure routing protocols. In this paper, we propose a security model for evaluating security level of routing protocol. In this model, we define the concept of Regular Path, and use it as the indicator of security level. Then, we analyze three representative routing protocols based on proposed model to make comparisons from the aspects of security level and implement level. The simulation and the related theory have proven that Conditional Probability of Regular Path(CPRP) is mainly affected by the scale of network and malicious nodes rate in the network. The results can help to choose a reasonable routing protocol of the context-based application, or give some basic guideline for the invention of the new routing protocol.

    DOI: 10.1109/ARES.2009.82

  • Secrecy capacity of wireless LAN

    Ryuzou Nishi, Yoshiaki Hori, Kouichi Sakurai

    International Conference on Availability, Reliability and Security, ARES 2009 Proceedings - International Conference on Availability, Reliability and Security, ARES 2009   905 - 910   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    We address secure secret key distribution in wireless communication systems. There is the secrecy capacity concept that it can distribute information which the third parties can not eavesdrop because of the noise over the distribution channel. Then, we address secure secret key distribution in wireless communication systems using secrecy capacity concept. Wireless channel is noisier compared with wired channel. Specifically, we investigate about wiretap channel coding that it can implement in the existing wireless LAN systems. We have investigated the coding parameters and the conditions that it can implement.

    DOI: 10.1109/ARES.2009.91

  • Polymorphic worm detection by analyzing maximum length of instruction sequence in network packets

    Kohei Tatara, Yoshiaki Hori, Kouichi Sakurai

    International Conference on Availability, Reliability and Security, ARES 2009 Proceedings - International Conference on Availability, Reliability and Security, ARES 2009   972 - 977   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Intrusion detection system records worm's signature, and detects the attack that lurks in traffic based on it. However, to detect the worm that corrects, and changes some oneself, a highly accurate detection technique for distinguishing the code that seems to be the worm included in traffic is requested. In this paper, we pay attention to the Toth et al.'s method to extract the executable code included in the data flows on the network and detect the attack by measuring the length of them. Then, we describe the problem of their method and how to solve it.

    DOI: 10.1109/ARES.2009.103

  • Modeling security bridge certificate authority architecture 査読

    Yizhi Ren, Mingchu Li, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E92-A ( 6 )   1544 - 1547   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Current Public Key Infrastructures suffer from a scaling problem, and some may have security problems, even given the topological simplification of bridge certification authorities. This paper analyzes the security problems in Bridge Certificate Authorities (BCA) model by using the concept of "impersonation risk," and proposes a new modified BCA model, which enhances its security, but is a bit more complex incertification path building and implementation than the existing one.

    DOI: 10.1587/transfun.E92.A.1544

  • Message from the trustcom 2009 symposium chairs 査読

    Guojun Wang, Peter Mueller, Kouichi Sakurai, Maria S. Perez-Hernandez

    Proceedings - 12th IEEE International Conference on Computational Science and Engineering, CSE 2009   2   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1109/CSE.2009.524

  • Foreword Special section on information and communication system security 査読

    Kouichi Sakurai

    IEICE Transactions on Information and Systems   E92-D ( 5 )   765   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Flow traffic classification with support vector machine by using payload length

    Masayoshi Kohara, Yoshiaki Hori, Kouichi Sakurai, Heejo Lee, Jae Cheol Ryou

    2009 2nd International Conference on Computer Science and Its Applications, CSA 2009 Proceedings of the 2009 2nd International Conference on Computer Science and Its Applications, CSA 2009   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Classifying traffic is an important task for effective network planning and design, and monitoring the trends of the applications in operational networks. In this paper, we propose flow traffic classification methods using support vector machine. Classifying traffic is an important task for effective network planning and design, and monitoring the trends of the applications in operational networks. The proposals satisfy the following three requirements. Using to only flow information, not using port numbers, automatic making of traffic models. In this paper, we provide an empirical evaluation of our proposals using datasets of MIT Lincoln Laboratory, which illustrates that our proposals can classify network traffic flow over 90 % precision.

    DOI: 10.1109/CSA.2009.5404180

  • Distributed noise generation for density estimation based clustering without trusted third party 査読

    Chunhua Su, Feng Bao, Jianying Zhou, Tsuyoshi Takagi, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E92-A ( 8 )   1868 - 1871   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The rapid growth of the Internet provides people with tremendous opportunities for data collection, knowledge discovery and cooperative computation. However, it also brings the problem of sensitive information leakage. Both individuals and enterprises may suff er from the massive data collection and the information retrieval by distrusted parties. In this paper, we propose a privacy-preserving protocol for the distributed kernel density estimation-based clustering. Our scheme applies random data perturbation (RDP) technique and the verifiable secret sharing to solve the security problem of distributed kernel density estimation in [4] which assumed a mediate party to help in the computation.

    DOI: 10.1587/transfun.E92.A.1868

  • Design and object-oriented implementation of an intelligence entity sharing pool

    Runhe Huang, Jianhua Ma, Kenichi Takahashi, Kouichi Sakurai

    2009 WRI Global Congress on Intelligent Systems, GCIS 2009 Proceedings of the 2009 WRI Global Congress on Intelligent Systems, GCIS 2009   2   583 - 587   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    One of the challenges for ubiquitous intelligence computing is how to enable ubiquitous devices (u-devices) certain levels of intelligent/smart/ autonomic/ processing capabilities. Due to their limited capacity and processing power, it is difficult to embed such capabilities into u-devices. The idea is to design an intelligence entity sharing pool in which an intelligence entity can be dynamically composed from a number of atomic intelligence entities and/or complex intelligence entities. This research has two phases: (1) how to design the intelligence entity sharing pool; and (2) how to share an intelligence entity in the sharing pool. The second phase is completely upon the first phase as the premise. This paper is mainly focused on presenting our design ideas of the intelligence entity sharing pool in the following aspects: (1) defining atomic intelligence entity and complex intelligence entity; (2) designing an appropriate structure for storing atomic/complex intelligence entities; and (3) designing mechanisms for composition and decomposition of intelligence entity/entities.

    DOI: 10.1109/GCIS.2009.269

  • Comparison of risk analysis methods Mehari, magerit, NIST800-30 and microsoft's security management guide

    Amril Syalim, Yoshiaki Hori, Kouichi Sakurai

    International Conference on Availability, Reliability and Security, ARES 2009 Proceedings - International Conference on Availability, Reliability and Security, ARES 2009   726 - 731   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    In this paper we compare four risk analysis methods: Mehari, Magerit, NIST800-30 and Microsoft's Security Management Guide. Mehari is a method for risk analysis and risk management developed by CLUSIF (Club de la Sécurité de l'Information Français). Magerit is a risk analysis and management methodology for information systems developed by CSAE (Consejo Superior de Administración Electrónica). NIST800-30 is a risk management guide for information technology systems recommended by the National Institute of Standard and Technology (NIST) in NIST Special Publication 800-30. Microsoft's Security Management Guide is a security risk management guide developed by Microsoft. In this paper, we compare those methods based on two main criteria: the first criterion is the steps that are used by the methods to conduct the risk assessment, the second one is the contents of the methods and supplementary documents provided with them. We found that all methods follow the first three general steps of risk analysis. However, the Mehari method, the Magerit method and the Microsoft Security Management Guide do not include control recommendations. Control recommendations in these methods are proposed as the next step to security management (i.e. after risk analysis). All methods provide a detailed guide for risk analysis. However, only three methods - Mehari, Magerit and the one proposed in the Microsoft Security Management Guide-provide supplementary documents for risk assessment.

    DOI: 10.1109/ARES.2009.75

  • Comments on Kang-Park's security scheme for fast handover in hierarchical mobile IPv6

    Ilsun You, Kouichi Sakurai, Yoshiaki Hori

    4th International Conference on Frontier of Computer Science and Technology, FCST 2009 4th International Conference on Frontier of Computer Science and Technology, FCST 2009   351 - 355   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    While gracefully combining FMIPv6 and HMIPv6 together, F-HMIPv6 enables the best performance in terms of handover latency and signaling overhead. Recently, to protect F-HMIPv6, Kang and Park proposed a security scheme. This scheme successfully achieves seamless integration with F-HMIPv6 while providing the session key exchange as well as the mobile node authentication. In this paper, Kang-Park's scheme is formally verified based on BAN-logic, and then its weaknesses and related attacks are discussed.

    DOI: 10.1109/FCST.2009.75

  • An enhanced security protocol for fast mobile IPv6 査読

    Ilsun You, Kouichi Sakurai, Yoshiaki Hori

    IEICE Transactions on Information and Systems   E92-D ( 10 )   1979 - 1982   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Recently, Kempf and Koodli have proposed a security protocol for Fast Mobile IPv6 (FMIPv6). Through the SEcure Neighbor Discovery (SEND) protocol, it achieves secure distribution of a handover key, and consequently becomes a security standard for FMIPv6. However, it is still vulnerable to redirection attacks. In addition, due to the SEND protocol, it suffers from denial of service attacks and expensive computational cost. In this paper, we present a security protocol, which enhances Kempf-Koodli's one with the help of the AAA infrastructure.

    DOI: 10.1587/transinf.E92.D.1979

  • An adaptive reputation-based algorithm for grid virtual organization formation 査読

    Yongrui Cui, Mingchu Li, Yizhi Ren, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E92-A ( 5 )   1339 - 1346   2009年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    A novel adaptive reputation-based virtual organization formation is proposed. It restrains the bad performers effectively based on the consideration of the global experience of the evaluator and evaluates the direct trust relation between two grid nodes accurately by consulting the previous trust value rationally. It also consults and improves the reputation evaluation process in PathTrust model by taking account of the inter-organizational trust relationship and combines it with direct and recommended trust in a weighted way, which makes the algorithm more robust against collusion attacks. Additionally, the proposed algorithm considers the perspective of the VO creator and takes required VO services as one of the most important fine-grained evaluation criterion, which makes the algorithm more suitable for constructing VOs in grid environments that include autonomous organizations. Simulation results show that our algorithm restrains the bad performers and resists against fake transaction attacks and badmouth attacks effectively. It provides a clear advantage in the design of a VO infrastructure.

    DOI: 10.1587/transfun.E92.A.1339

  • Trust similarity measure in trust model for P2P networks

    Yizhi Ren, Mingchu Li, Cheng Guo, Yongrui Cui, Kouichi Sakurai

    5th International Conference on Embedded and Ubiquitous Computing, EUC 2008 Proceedings of The 5th International Conference on Embedded and Ubiquitous Computing, EUC 2008   2   107 - 112   2008年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Trust and reputation have become important research topics in P2P networks. Traditional researches can hardly adaptable to each separate peer's needs and preferences which are common concern in trust and reputation system. This paper proposes two methods of similarity measure in trust model, which develop to reflect the difference of peers' preference and improve the sensitiveness of detecting peers' behaviors.

    DOI: 10.1109/EUC.2008.137

  • A secure virtualized logging scheme for digital forensics in comparison with kernel module approach

    Bin Hui Chou, Kohei Tatara, Taketoshi Sakuraba, Yoshiaki Hori, Kouichi Sakurai

    2nd International Conference on Information Security and Assurance, ISA 2008 Proceedings of the 2nd International Conference on Information Security and Assurance, ISA 2008   421 - 426   2008年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Digital forensics encompasses the process of identifying the perpetrator and the criminal method by analyzing the logs generated in the computer. Log files record the activities of the computer and by reading them one can know what kind of event happened at a certain time. Therefore, secure logs with the integrity property are essential. In this paper, we discuss two approaches to achieve the integrity of logsthe kernel module and virtualization, and compare them. Although virtualization is more inefficient in performance than the kernel module, it provides more security properties for logs. Thus, we then focus on the virtualization approach with a detailed proposal, which describes ways to preserve logs without tampering and deletion.

    DOI: 10.1109/ISA.2008.96

  • Key distribution scheme using matched filter resistant against DoS attack

    Ryuzou Nishi, Yoshiaki Hori, Kouichi Sakurai

    22nd International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINA 2008 Proceedings - 22nd International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINA 2008   1534 - 1539   2008年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The vulnerabilities, e.g., DoS attack or dictionary attack, are shown in 4-Way Handshake which is the rekey protocol used in Wireless LAN security standard IEEE 802.11i. And the countermeasures against these are already proposed. In this paper, we propose key distribution scheme using matched filter. This paper shows that our proposal improves the resistance against DoS attack with less computational overhead compared with previous approaches, and is also effective against dictionary attack.

    DOI: 10.1109/WAINA.2008.180

  • IMIS 2008 message from the workshop organizers MUE 2008 査読

    Seong Moo Yoo, Bonam Kim, Hui Huang Hsu, Ilsun You, Jong Hyuk Park, Minyi Guo, Ching Hsien Hsu, David Simplot-Ryl, Edwin H.M. Sha, Hai Jin, Javier Lopez, Shu Ching Chen, Tatsuya Yamazaki, Junmo Yang, Wen Tzeng Huang, Akiyo Nadamoto, Chengcui Zhang, Ching Sheng Wang, Chunming Rong, Frode Eika Sandnes, Geyong Min, Howard Leung, Hyobeom Ahn, Hyunju Kim, Indrakshi Ray, Isabelle Simplot-Ryl, Ismail Khalil Ibrahim, Javier García-Villalba, Jemal H. Abawajy, Jinhua Guo, Jon Youn, Kouichi Sakurai, Kuei Ping Shih, Lawrence Y. Deng, Mei Ling Shyu, Mohammad Al-Shurman, Oh Heum Kwon, Pedro M. Ruiz, Pilar Herrero, Q. Shi, Qun Jin, Seungjin Park, Sang Hyuk Son, Whai En Chen, Witold Pedrycz, Xiaofeng Chen, Yin Fu Huang

    2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008 Proceedings - 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008   2008年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1109/MUE.2008.7

  • Reliable key distribution scheme for lossy channels 査読

    Ryuzou Nishi, Yoshiaki Hori, Kouichi Sakurai

    IEICE Transactions on Information and Systems   E91-D ( 5 )   1485 - 1488   2008年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We address reliable key distribution scheme for lossy channels such as wireless or power line. In the key distribution over these lossy channels, if key information is lost, there is critical issue that the subsequent communication is disabled. In this paper, we show that our proposal has more reliable property than the related works and has the reliable property equivalent to the dedicated communication channels such as Ethernet.

    DOI: 10.1093/ietisy/e91-d.5.1485

  • Characterizing economic and social properties of trust and reputation systems in P2P environment 査読

    Yu Feng Wang, Yoshiaki Hori, Kouichi Sakurai

    Journal of Computer Science and Technology   23 ( 1 )   129 - 140   2008年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Considering the fact that P2P (Peer-to-Peer) systems are self-organized and autonomous, social-control mechanism (like trust and reputation) is essential to evaluate the trustworthiness of participating peers and to combat the selfish, dishonest and malicious peer behaviors. So, naturally, we advocate that P2P systems that gradually act as an important information infrastructure should be multi-disciplinary research topic, and reflect certain features of our society. So, from economic and social perspective, this paper designs the incentive-compatible reputation feedback scheme based on well-known economic model, and characterizes the social features of trust network in terms of efficiency and cost. Specifically, our framework has two distinctive purposes: first, from high-level perspective, we argue trust system is a special kind of social network, and an accurate characterization of the structural properties of the network can be of fundamental importance to understand the dynamics of the system. Thus, inspired by the concept of weighted small-world, this paper proposes new measurements to characterize the social properties of trust system, that is, high global and local efficiency, and low cost; then, from relative low-level perspective, we argue that reputation feedback is a special kind of information, and it is not free. So, based on economic model, VCG (Vickrey-Clarke-Grove)-like reputation remuneration mechanism is proposed to stimulate rational peers not only to provide reputation feedback, but truthfully offer feedback. Furthermore, considering that trust and reputation is subjective, we classify the trust into functional trust and referral trust, and extend the referral trust to include two factors: similarity and truthfulness, which can efficiently reduce the trust inference error. The preliminary simulation results show the benefits of our proposal and the emergence of certain social properties in trust network.

    DOI: 10.1007/s11390-008-9118-y

  • Analysis of program obfuscation schemes with variable encoding technique 査読

    Kazuhide Fukushima, Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai

    IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E91A ( 1 )   316 - 329   2008年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Program analysis techniques have improved steadily over the past several decades, and software obfuscation schemes have come to be used in many commercial programs. A software obfuscation scheme transforms an original program or a binary file into an obfuscated program that is more complicated and difficult to analyze, while preserving its functionality. However, the security of obfuscation schemes has not been properly evaluated. In this paper, we analyze obfuscation schemes in order to clarify the advantages of our scheme, the XOR-encoding scheme. First, we more clearly define five types of attack models that we defined previously, and define quantitative resistance to these attacks. Then, we compare the security, functionality and efficiency of three obfuscation schemes with encoding variables: (1) Sato et al.'s scheme with linear transformation, (2) our previous scheme with affine transformation, and (3) the XOR-encoding scheme. We show that the XOR-encoding scheme is superior with regard to the following two points: (1) the XOR-encoding scheme is more secure against a data-dependency attack and a brute force attack than our previous scheme, and is as secure against an information-collecting attack and an inverse transformation attack as our previous scheme, (2) the XOR-encoding scheme does not restrict the calculable ranges of programs and the loss of efficiency is less than in our previous scheme.

    DOI: 10.1093/ietfec/e91-a.1.316

  • Optimization of group key management structure with a client join-leave mechanism 査読

    Kazuhide Fukushima, Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai

    Journal of Information Processing   16   130 - 141   2008年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Many group key management schemes that reduce the total communication cost and/or the computational cost imposed on client devices have been proposed. However, optimizations of the key-management structure have not been studied. This paper proposes ways to optimize the key-management structure in a hybrid group key management scheme. The proposed method is able to minimize both the total communication cost and the computational cost imposed on client devices. First, we propose a probabilistic client join/leave model in order to evaluate the communication and computational costs of group key management schemes. This model idealizes client actions generally and considers the existence of the peaks of the joining/leaving frequency. Thus, we can analyze not only the average case scenario but also the worst case scenario using this model. Then, we formalize the total computation cost and the computational cost imposed on client devices in group key management schemes under the model. We present both an average case analysis and a worst case analysis. Finally, we show the parameters that minimize the total communication cost and the computational cost imposed on clients under the model. Our results should be useful in designing a secure group communication system for large and dynamic groups.

    DOI: 10.2197/ipsjjip.16.130

  • Toward a scalable visualization system for network traffic monitoring 査読

    Erwan Le Malécot, Masayoshi Kohara, Yoshiaki Hori, Kouichi Sakurai

    IEICE Transactions on Information and Systems   E91-D ( 5 )   1300 - 1310   2008年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    With the multiplication of attacks against computer networks, system administrators are required to monitor carefully the traffic exchanged by the networks they manage. However, that monitoring task is increasingly laborious because of the augmentation of the amount of data to analyze. And that trend is going to intensify with the explosion of the number of devices connected to computer networks along with the global rise of the available network bandwidth. So system administrators now heavily rely on automated tools to assist them and simplify the analysis of the data. Yet, these tools provide limited support and, most of the time, require highly skilled operators. Recently, some research teams have started to study the application of visualization techniques to the analysis of network traffic data. We believe that this original approach can also allow system administrators to deal with the large amount of data they have to process. In this paper, we introduce a tool for network traffic monitoring using visualization techniques that we developed in order to assist the system administrators of our corporate network. We explain how we designed the tool and some of the choices we made regarding the visualization techniques to use. The resulting tool proposes two linked representations of the network traffic and activity, one in 2D and the other in 3D. As 2D and 3D visualization techniques have different assets, we resulted in combining them in our tool to take advantage of their complementarity. We finally tested our tool in order to evaluate the accuracy of our approach.

    DOI: 10.1093/ietisy/e91-d.5.1300

  • A distributed privacy-preserving association rules mining scheme using frequent-pattern tree

    Chunhua Su, Kouichi Sakurai

    4th International Conference on Advanced Data Mining and Applications, ADMA 2008 Advanced Data Mining and Applications - 4th International Conference, ADMA 2008, Proceedings   5139 LNAI   170 - 181   2008年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Association rules mining is a frequently used technique which finds interesting association and correlation relationships among large set of data items which occur frequently together. Nowadays, data collection is ubiquitous in social and business areas. Many companies and organizations want to do the collaborative association rules mining to get the joint benefits. However, the sensitive information leakage is a problem we have to solve and privacy-preserving techniques are strongly needed. In this paper, we focus on the privacy issue of the association rules mining and propose a secure frequent-pattern tree (FP-tree) based scheme to preserve private information while doing the collaborative association rules mining. We show that our scheme is secure and collusion-resistant for n parties, which means that even if n - 1 dishonest parties collude with a dishonest data miner in an attempt to learn the associations rules between honest respondents and their responses, they will be unable to success.

    DOI: 10.1007/978-3-540-88192-6-17

  • Definition of security practices in security management part of security level management model 査読

    Tai Hoon Kim, Kouichi Sakurai

    International Journal of Security and its Applications   2 ( 1 )   63 - 71   2008年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    To manage security level of IS, the first, organizations must be able to decide security level, the second, organizations must have procedures for building security countermeasures according to security level. For next step, organizations must be able to select areas where security countermeasures should be applied, and the last, organizations must be able to evaluate and improve the effect of security countermeasures. In this paper, we propose some essential elements for security level management of IS. These essential elements are expressed like as security practices, and in this paper, we propose some security practices related to security management area.

  • Analysis of program obfuscation schemes with variable encoding technique 査読

    Kazuhide Fukushima, Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E91-A ( 1 )   316 - 329   2008年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Program analysis techniques have improved steadily over the past several decades, and software obfuscation schemes have come to be used in many commercial programs. A software obfuscation scheme transforms an original program or a binary file into an obfuscated program that is more complicated and difficult to analyze, while preserving its functionality. However, the security of obfuscation schemes has not been properly evaluated. In this paper, we analyze obfuscation schemes in order to clarify the advantages of our scheme, the XOR-encoding scheme. First, we more clearly define five types of attack models that we defined previously, and define quantitative resistance to these attacks. Then, we compare the security, functionality and efficiency of three obfuscation schemes with encoding variables: (1) Sato et al.'s scheme with linear transformation, (2) our previous scheme with affine transformation, and (3) the XOR-encoding scheme. We show that the XOR-encoding scheme is superior with regard to the following two points: (1) the XOR-encoding scheme is more secure against a data-dependency attack and a brute force attack than our previous scheme, and is as secure against an information-collecting attack and an inverse transformation attack as our previous scheme, (2) the XOR-encoding scheme does not restrict the calculable ranges of programs and the loss of efficiency is less than in our previous scheme.

    DOI: 10.1093/ietfec/e91-a.1.316

  • Achieving evenhandedness in certified email system for contract signing 査読

    Kenji Imamoto, Jianying Zhou, Kouichi Sakurai

    International Journal of Information Security   7 ( 6 )   383 - 394   2008年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Certified email is a system which enables a sender to prove a receiver's receipt of email. Such a system can be used for applications related to electronic commerce on the Internet. This paper considers a situation where a sender or a receiver wants to change his/her mind due to the change of mail content value (e.g., stock, auction, gambling) during the transaction. We point out that no traditional certified email systems have been designed for such a case, thus one of the participants can be at a disadvantage. To avoid this problem, we propose an evenhanded certified email system in which each participant can change his/her choice, either cancel or finish the transaction, at any time during the transaction.

    DOI: 10.1007/s10207-008-0056-z

  • A study on security level management model description 査読

    Tai Hoon Kim, Kouichi Sakurai

    International Journal of Multimedia and Ubiquitous Engineering   3 ( 1 )   87 - 94   2008年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Security level decision is a basic activity for developing and managing of safe information systems, and core factor which can affect the investment for security countermeasures. According to the security level of IS, where and how the security countermeasures are implemented, which security policies are selected, and who will manage them are able to be decided. But more important thing than level decision is the management of level decided. And in this model, we proposed a new model to manage security level of IS.

  • A new scheme for distributed density estimation based privacy-preserving clustering

    Chunhua Su, Feng Bao, Jianying Zhou, Tsuyoshi Takagi, Kouichi Sakurai

    3rd International Conference on Availability, Security, and Reliability, ARES 2008 ARES 2008 - 3rd International Conference on Availability, Security, and Reliability, Proceedings   112 - 119   2008年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    The sensitive information leakage and security risk is a problem from which both individual and enterprise suffer in massive data collection and the information retrieval by the distrusted parties. In this paper, we focus on the privacy issue of data clustering and point out some security risks in the existing data mining algorithms. Associated with cryptographic techniques, we initiate an application of random data perturbation (RDP) which has been widely used for preserving the privacy of individual records in statistical database for the distributed data clustering scheme. Our scheme applies linear transformation of Gaussian distribution perturbed data and general additional data perturbation (GADP) schemes to preserve the privacy for distributed kernel density estimation with the help of any trusted third party. We also show that our scheme is more secure against the random matrix-based filtering attack which is based on analysis of the distribution of the eigenvalues by using two RDP methods.

    DOI: 10.1109/ARES.2008.129

  • A framework for user privacy protection using trusted programs 査読

    Kenichi Takahashi, Zhaoyu Liu, Kouichi Sakurai, Makoto Amamiya

    International Journal of Security and its Applications   1 ( 2 )   59 - 70   2007年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The evolution of mobile technologies enables us to realize ubiquitous computing environments. In such environments, a user's mobile terminal manages the sensitive information and assists in various activities based on the user's information. At the same time, information leakage will become a serious social problem. In this paper, we propose a framework to protect the sensitive information of users in a manner they consider safe. In the framework, the user provides a trusted program that implements the manner he/she considers safe. The information recipient accesses user's sensitive information through this trusted program. In this manner, the user can protect his/her sensitive information. However, there exist several challenges in the realization of this framework. In this paper, we propose a method for generating a trusted program and discuss the solutions to other challenges.

  • Efficient verifier-based password-authenticated key exchange in the three-party setting 査読

    Jeong Ok Kwon, Ik Rae Jeong, Kouichi Sakurai, Dong Hoon Lee

    Computer Standards and Interfaces   29 ( 5 )   513 - 520   2007年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature.

    DOI: 10.1016/j.csi.2006.12.002

  • A proposal of key management scheme and its operation using Anonymous biometrics on ID-based infrastructure 査読

    Akitoshi Izumi, Yoshifumi Ueshige, Kouichi Sakurai

    International Journal of Security and its Applications   1 ( 1 )   83 - 94   2007年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In the information exchange through network, the security risks always exist, that is eavesdropping, defacing, and spoofing by the attacker. PKI (Public Key Infrastructure) will prevent such attacks. But key management is very serious problem in PKI. The public key certificate is issued and distributed by certificate authority, but we think that the updating of expired certificate etc. are very costly for users. And secret key management is more serious problem. In order to solve above problems, we propose the scheme that stores protected secret key which is made by combination of biometrics and secret key in the smartcard in IDbased cryptography system. The user can restore the secret key from protected secret key by presenting his fingerprint to smartcard that has protected secret key and helper data. In our scheme, the template is not need for authentication. So, the problem of the template leakage won't arise. Lastly, we proposed the concrete operation scheme in which our scheme is used and how to make signature or authentication by applying our scheme. We show that the cost of the public key and secret key management will be reduced by using this operation scheme.

  • Special section on cryptography and information security 査読

    Masakatu Morii, Shiho Moriai, Goichiro Hanaoka, Toru Akishita, Tetsuya Izu, Tetsu Iwata, Koji Okada, Toshinobu Kaneko, Hiroaki Kikuchi, Kwangjo Kim, Shinsaku Kiyomoto, Noboru Kunthiro, Hiroki Koga, Kazukuni Kobara, Ryuichi Sakai, Kouichi Sakurai, Kazue Sako, Takashi Satoh, Akira Shiozaki, Hiroki Shizuya, Tsuyoshi Takagi, Mitsuru Tada, Keisuke Tanaka, Hiroshi Doi, Toru Nakanishi, Shoichi Hirose, Eiichiro Fujisaki, Soichi Furuya, Mitsuru Matsui, Natsume Matsuzaki, Tsutomu Matsumoto, Atsuko Miyaji, Maid Yoshida

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E90-A ( 1 )   2007年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1093/ietfec/e90-a.1.1

  • Privacy-preservation techniques in data mining

    Chunhua Su, Jianying Zhou, Feng Bao, Guilin Wang, Kouichi Sakurai

    Digital Privacy Theory, Technologies, and Practices   187 - 226   2007年1月

     詳細を見る

    記述言語:英語  

    In today’s information age, data collection is ubiquitous, and every transaction is recorded somewhere. The resulting data sets can consist of terabytes or even petabytes of data, so efficiency and scalability is the primary consideration of most data-mining algorithms. Data mining is becoming increasingly common in both the private and public sectors. Industries, such as banking, insurance, medicine, and retailing, commonly use data mining to reduce costs, enhance research, and increase sales. In the public sector, data-mining applications initially were used as a means to detect fraud and waste, but have grown to also be used for purposes, such as measuring and improving program performance.

  • On effectiveness of clock control in stream ciphers 査読

    Shinsaku Kiyomoto, Kazuhide Fukushima, Toshiaki Tanaka, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E90-A ( 9 )   1780 - 1787   2007年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In this paper, we examine the effectiveness of clock control in protecting stream ciphers from a distinguishing attack, and show that this form of control is effective against such attacks. We model two typical clock-controlled stream ciphers and analyze the increase in computational complexity for these attacks due to clock control. We then analyze parameters for the design of clock-controlled stream ciphers, such as the length of the LFSR used for clock control. By adopting the design criteria described in this paper, a designer can find the optimal length of the clock-control sequence LFSR.

    DOI: 10.1093/ietfec/e90-a.9.1780

  • Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Preface 査読

    Masayuki Abe, Kazumaro Aoki, Giuseppe Ateniese, Roberto Avanzi, Zuzana Beerliová, Olivier Billet, Alex Biryukov, Ian Blake, Colin Boyd, Eric Brier, Aniello Castiglione, Juyoung Cha, Aldar Chan, Liqun Chen, Kookrae Cho, Scott Contini, Paolo D'Arco, Jintai Ding, Christophe Doche, Orr Dunkelman, Matthias Fitzi, Pierre Alain Fouque, Jacques J.A. Fournier, Kouichi Fujisaki, Eiichiro Fujisaki, Jun Furukawa, David Galindo, Shai Halevi, Helena Handschuh, Chris Heneghan, Thomas Holenstein, Fumitaka Hoshino, Yong Ho Hwang, Toshiyuki Isshiki, Ellen Jochemsz, Antoine Joux, Ari Juels, Charanjit Jutla, Aggelos Kiayias, Hiroaki Kikuchi, Tetsutarou Kobayashi, Tadayoshi Kohno, Hugo Krawczyk, Sandeep Kumar, Tanja Lange, Jung Wook Lee, Barbara Masucci, Alexander May, Miodrag Mihaljevic, Kazuhiko Minematsu, Fabian Monrose, Paul Montague, Steve Myers, David Naccache, Antonio Nicolosi, Satoshi Obana, Satomi Okazaki, Katsuyuki Okeya, Francis Olivier, Roger Oyono, Dan Page, Jung Hyung Park, Kun Peng, Krzysztof Pietrzak, Dominik Raub, Yasuyuki Sakai, Kouichi Sakurai, Werner Schindler, Jae Woo Seo, Jong Hoon Shin, Igor Shparlinski, Ron Steinfeld, Mike Szydlo, Yael Tauman Kalai, Isamu Teranishi, Toshio Tokita, Michael Tunstall, Frederik Vercauteren, Karine Villegas, Shabsi Walfish, Huaxiong Wang, Xiaofeng Wang, Bogdan Warinschi, Benne De Weger, Christopher Wolf, Alex Yampolskiy, Yeon Hyeong Yang, Yiqun Lisa Yin, Jeong Yoon, David Pointcheval

    Topics in Cryptology - CT-RSA 2006: The Cryptographers' Track at the RSA Conference 2006, Proceedings Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   3960 LNCS   2006年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Preface 査読

    Laurence T. Yang, Hai Jin, Jianhua Ma, Theo Ungerer, David Ogle, Manish Parashar, Kouichi Sakurai

    Thrid International Conference on Autonomic and Trusted Computing, ATC 2006 Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   4158 LNCS   2006年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Simple power analysis on fast modular reduction with generalized Mersenne prime for elliptic curve cryptosystems 査読

    Yasuyuki Sakai, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E89-A ( 1 )   231 - 237   2006年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We discuss side channel leakage from modular reduction for NIST recommended domain parameters. FIPS 186-2 has 5 recommended prime fields. These primes have a special form which is referred to as generalized Mersenne prime. These special form primes facilitate especially efficient implementation. A typical implementation of efficient modular reduction with such primes includes conditional reduction. A conditional reduction in modular reduction can constitute an information channel on the secret exponent. Several researchers have produced unified code for elliptic point addition and doubling in order to avoid a simple power analysis (SPA). However, Walter showed that SPA still be possible if Montgomery multiplication with conditional reduction is implemented within the unified code. In this paper we show SPA on the modular reduction with NIST recommended primes, combining with the unified code for elliptic point operations. As Walter stated, our results also indicate that even if the unified codes are implemented for elliptic point operations, underlying field operations should be implemented in constant time. The unified approach in itself can not be a countermeasure for side channel attacks.

    DOI: 10.1093/ietfec/e89-a.1.231

  • Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Preface 査読

    Yuko Murayama, Shinichi Kawamura, Hiroshi Yoshiura, Kouichi Sakurai, Kai Rannenberg

    Lecture Notes in Computer Science   4266 LNCS   2006年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Security protocol for IMT-2000-based contents service 査読

    Sang Soo Yeo, Deok Gyu Lee, Kouichi Sakurai

    International Journal of Multimedia and Ubiquitous Engineering   1 ( 4 )   11 - 20   2006年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    IMT-2000 appeared in order to satisfy the desires of the uses who wish to supply through wireless most of the services being provided through wire, such as Internet services and multimedia high-speed data information.[1] However, during global roaming, the signal data and the user data get transmitted through the networks of other users. Also, it is judged that with the provision of high speed data communication the amount of data communication necessary for confidentiality protection will increase. It is planned that the recent IMT-2000 project will begin its commercial service in 2002. From this viewpoint, wireless contents, due to their special characteristics, are greatly exposed to illegal actions by third persons. As a result, it can be said that security and authentication issues in the mobile telecommunication environment are indispensable matters. For this purpose, it is intended that in this thesis through an analysis of the existent IMT-2000 authentication method, a more safe and efficient authentication method is presented and, at the same time, a security protocol necessary in the provision of wireless contents is designed.

  • Security countermeasure design for information systems by using block model 査読

    Tai Hoon Kim, Kouichi Sakurai

    International Journal of Multimedia and Ubiquitous Engineering   1 ( 2 )   30 - 33   2006年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Because the networks and systems become more complex, the implementation of the security countermeasures becomes more critical consideration. The designers and developers of the security policy should recognize the importance of building security countermeasures by using both technical and non-technical methods, such as personnel and operational facts. Security countermeasures may be made for formulating an effective overall security solution to address threats at all layers of the information infrastructure. This paper uses the security engineering principles for determining appropriate security countermeasures. This paper proposes a method for building security countermeasures by modeling and dividing IT systems and security components into some blocks.

  • Experimental analysis of guess-and-determine attacks on clock-controlled stream ciphers 査読

    Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E88-A ( 10 )   2778 - 2791   2005年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Guess-and-Determine (GD) attacks have recently been proposed for the effective analysis of word-oriented stream ciphers. This paper discusses GD attacks on clock-controlled stream ciphers, which use irregular clocking for a non-linear function. The main focus is the analysis of irregular clocking for GD attacks. We propose GD attacks on a typical clock-controlled stream cipher AA5, and calculate the process complexity of our proposed GD attacks. In the attacks, we assume that the clocking of linear feedback shift registers (LFSRs) is truly random. An important consideration affecting the practicality of these attacks is the question of whether these assumptions are realistic. Because in practice, the clocking is determined by the internal states. We implement miniature ciphers to evaluate the proposed attacks, and show that they are applicable. We also apply the GD attacks to other clock controlled stream ciphers and compare them. Finally, we discuss some properties of GD attacks on clock-controlled stream ciphers and the effectiveness of the clock controllers. Our research results contain information that are useful in the design of clock-controlled stream ciphers.

    DOI: 10.1093/ietfec/e88-a.10.2778

  • Analysis and comparison of cryptographic techniques in e-voting and e-auction 査読

    Yong Sork Her, Kenji Imamoto, Kouichi Sakurai

    Research Reports on Information Science and Electrical Engineering of Kyushu University   10 ( 2 )   91 - 96   2005年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Recently, many cryptographic techniques have been used for secure e-voting systems and e-auction systems. In this paper, we compare the used cryptographic techniques of e-voting systems with those of e-auction systems. We analyze advantages and disadvantages of various cryptographic techniques through e-voting systems and e-auction systems. Also, we discuss receipt-freeness which is one of the important requirements in e-voting systems and e-auction systems. Several receipt-free schemes have been proposed to prevent a vote-coercion (e-voting) or a bid-rigging (e-auction). In this paper, we analyze the existing receipt-free schemes and point out that the existing receipt-free schemes for the e-auction system do not prevent the bid-rigging. Moreover, we show the simulation results of computational costs in e-voting systems and e-auction systems which used the similar cryptographic techniques.

  • Design and analysis of Diffie-Hellman-based key exchange using one-time ID by SVO logic 査読

    Kenji Imamoto, Kouichi Sakurai

    Electronic Notes in Theoretical Computer Science   135 ( 1 )   79 - 94   2005年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(その他学術会議資料等)  

    Authenticated key exchange protocols have been developed to establish secure channel on the Internet. In this paper, we consider following attacks against an authenticated key exchange using shared secret: eavesdropping, DoS attack, replay attack, and impersonation. Besides prevention from all these attacks, efficiency is also important. In this paper, we propose a three-party authenticated key exchange protocol based on Diffie-Hellman key exchange with one-time ID, which is a user's extraordinary identity used only once [K. Imamoto, K. Sakurai, Notes on Dynamic Information Management for Authenticated Key Exchange, ISEC, March 2003
    H. Krawczyk, The IKE-SIGMA Protocol, Internet Draft, Nov 2001. http://www.ee.technion.ac.il/~hugo/draft-krawczyk-ipsec-ike- sigma-00.txt]. Moreover, we analyze our proposal by SVO Logic, which is one of formal methods to analyze cryptographic protocols [P. Syverson and P. C. van Oorschot. A Unified Cryptographic Protocol Logic. NRL CHAOS Report, 5540-227, 1996
    P. Syverson and I. Cervesato. The Logic of Authentication Protocols. FOSAD'00, LNCS2171, pp.63-137, 2001], and show what assumptions are needed. © 2005 Published by Elseveir B.V.

    DOI: 10.1016/j.entcs.2005.06.003

  • A collaborative role-based access control for trusted operating systems in distributed environment 査読

    Hyung Chan Kim, R. S. Ramakrishna, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E88-A ( 1 )   270 - 279   2005年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The research communitiy has shown considerable interest in studying access control in single Trusted Operating Systems (TOS). However, interactions among multiple TOSs have attracted relatively little attention. In this paper, we propose a Collaborative Role-Based Access Control (C-RBAC) model for distributed systems in which accesses across system domain boundaries are allowed. Access entities in a TOS vary in time. The changes in the organizational structure of the access entities in one system may influence other cooperating systems. In addition, policy-freeness, domain and rule conflicts are possible. These problems restrict the flexibility and scalability of coordination. We propose drafting a meta-component to play the role of a coordinator in multi-domain role-based access control. It is then possible to impart flexibility and scalability in a secure fashion. Experimental studies of the proposed model with the Network File System and SELinux system support our conclusion.

    DOI: 10.1093/ietfec/E88-A.1.270

  • Special section on cryptography and information security 査読

    Tetsuya Izu, Tetsu Iwata, Shiho Moriai, Tomoyuki Asano, Toshinobu Kaneko, Kwangjo Kim, Noboru Kunihiro, Hidenori Kuwakado, Hiroki Koga, Kazukuni Kobara, Ryuichi Sakai, Kouichi Sakurai, Takashi Satoh, Akira Shiozaki, Hideo Shimizu, Mitsuru Tada, Tsuyoshi Takagi, Keisuke Tanaka, Toshiaki Tanaka, Yukiyasu Tsunoo, Hiroshi Doi, Eiichiro Fujisaki, Soichi Furuya, Mitsuru Matsui, Tsutomu Matsumoto, Natsume Matsuzaki, Masahiro Mambo, Atsuko Miyaji, Yuko Murayama, Maki Yoshida, Hajime Watanabe, Akira Hayashi

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E88-A ( 1 )   2005年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1093/ietfec/E88-A.1.1

  • Proposal and analysis of a distributed online certificate status protocol with low communication cost 査読

    Satoshi Koga, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E88-A ( 1 )   247 - 254   2005年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The Public Key Infrastructure (PKI) technology is very important to support the electronic commerce and digital communications on existing networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in the PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme. [6], In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed. Therefore the user simply obtains and stores one certificate, and can verify any responses by using a single public key.

    DOI: 10.1093/ietfec/E88-A.1.247

  • Procedural constraints in the extended RBAC and the coloured Petri net modeling 査読

    Wook Shin, Jeong Gun Lee, Hong Kook Klm, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E88-A ( 1 )   327 - 330   2005年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    This paper presents the Coloured Petri Net modeling for security analysis of the Extended Role Based Access Control systems.

    DOI: 10.1093/ietfec/E88-A.1.327

  • On the vulnerability of exponent recodings for the exponentiation against side channel attacks 査読

    Yasuyuki Sakai, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E88-A ( 1 )   154 - 160   2005年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In this paper we propose a new side channel attack, where exponent recodings for public key cryptosystems such as RSA and ECDSA are considered. The known side channel attacks and countermeasures for public key cryptosystems were against the main stage (square and multiply stage) of the modular exponentiation (or the point multiplication on an elliptic curve). We have many algorithms which achieve fast computation of exponentiations. When we compute an exponentiation, the exponent receding has to be carried out before the main stage. There are some exponent receding algorithms including conditional branches, in which instructions depend on the given exponent value. Consequently exponent receding can constitute an information channel, providing the attacker with valuable information on the secret exponent. In this paper we show new algorithms of attack on exponent receding. The proposed algorithms can recover the secret exponent, when the width-w NAF [9] and the unsigned/signed fractional window representation [5] are used. copyright

    DOI: 10.1093/ietfec/E88-A.1.154

  • On the pseudorandomness of a modification of KASUMI type permutations 査読

    Wonil Lee, Kouichi Sakurai, Seokhie Hong, Sangjin Lee

    Lecture Notes in Computer Science   3506   313 - 329   2005年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We present a modification of KASUMI type permutations and analyze the security of it using the notion of pseudorandomness. Our modified KASUMI type permutation can be computed more efficiently than the original KASUMI type permutation. Furthermore, our results have a slightly better (same) upper bound of success probability against arbitrary attackers in the sense of (super) pseudorandomness.

  • The improved risk analysis mechanism in the practical risk analysis system 査読

    SangCheol Hwang, NamHoon Lee, Kouichi Sakurai, GungGil Park, JaeCheol Ryou

    Unknown Journal   3391   835 - 842   2005年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The risk analysis system has a mechanism to evaluate and analysis the potential risk level in an organization IT system. To evaluate the Risk Level, it must be calculated the essential vulnerability that appear in various assets of organization, threats for these assets. These elements, vulnerabilities, threats and assets are the important factor to evaluate the risk level in an organization In this paper, we describe about design and implementation of a system using the practical risk analysis process that we propose. Furthermore we suggest the security countermeasure choice algorithm against the risk we found in an organization. Especially, The Security Countermeasure choice algorithm is implemented by using the Genetic-Algorithm restricted by some important factor. In this paper, we describe the design and implementation idea of the suggested genetic-algorithm module. Finally, We propose the main idea of the practical risk analysis process and the system using the risk analysis process that we propose in this paper.

  • Side channel cryptanalysis on XTR public key cryptosystem 査読

    Dong Guk Han, Tetsuya Izu, Jongin Lim, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E88-A ( 5 )   1214 - 1223   2005年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The XTR public key cryptosystem was introduced in 2000. XTR is suitable for a variety of environments including low-end smart cards, and is regarded as an excellent alternative to RSA and ECC. Moreover, it is remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as the timing attack and the differential power analysis (DPA). This paper investigates the security of side channel attack (SCA) on XTR. In this paper, we show the immunity of XTR-SE against the simple power analysis if the order of the computation of XTR-SE is carefully considered. In addition, we show that XTR-SE is vulnerable to the data-bit DPA, the address-bit DPA, the doubling attack, the modified refined power analysis, and the modified zero-value attack. Moreover, we propose some countermeasures against these attacks. We also show experimental results of the efficiency of the countermeasures. From our implementation results, if we compare XTR with ECC with countermeasures against "SCAs." we think XTR is as suitable to smart cards as ECC.

    DOI: 10.1093/ietfec/e88-a.5.1214

  • PGV-style block-cipher-based hash families and black-box analysis 査読

    Wonil Lee, Mridul Nandi, Palash Sarkar, Donghoon Chang, Sangjin Lee, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E88-A ( 1 )   39 - 48   2005年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In [1] it was proved that 20 of 64 PGV hash functions [2] based on block cipher are collision-resistant and one-way in the black-box model of the underlying block cipher. Here, we generalize the definition of PGV-hash function into a hash family and we will prove that, aside from the previously reported 20 hash functions, we have 22 more collision-resistant and one-way hash families. As all these 42 families are keyed hash family, these are also target-collision-resistant. All these 42 hash families have tight upper and lower bounds on (target) collision-resistant and one-way-ness.

    DOI: 10.1093/ietfec/E88-A.1.39

  • A DRM framework for secure distribution of mobile contents 査読

    Kwon Il Lee, Kouichi Sakurai, Jun Seok Lee, Jae Cheol Ryou

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   3090   905 - 914   2004年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DRM technology allows content to be distributed in a controlled manner. Therefore, appropriate security mechanism is required. The Mobile DRM System is same as the general DRM system. Encryption technology is in use digital contents packaging. In case of Mobile DRM system, secure distribution and store of packaging encryption key is important. In this paper, we propose a DRM framework, SDRM (Secure mobile Digital Rights Management)*, to ensure secure distribution of mobile contents and rights. We considered being a secure DRM system to contain appropriate security solution.

  • Pre-production methods of a response to certificates with the common status - Design and theoretical evaluation 査読

    Satoshi Koga, Jae Cheol Ryou, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   3093   85 - 97   2004年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The Online Certificate Status Protocol provides the up-to-date response to certificate status queries. To reduce the risk of denial of service attacks, the responder can pre-produce responses. However this approach has the disadvantage that computational costs of the responder are inefficient since the responder should pre-produce one response message for each certificate. This paper proposes efficient pre-producing methods, which the responder can pre-produce a response message for each group consisting of certificates with the common status. In our methods, computational costs of the responder are efficient, compared with the previous pre-producing method.

  • Modified power-analysis attacks on XTR and an efficient countermeasure 査読

    Dong Guk Han, Tetsuya Izu, Jongin Lim, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   3269   305 - 317   2004年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In [HLS04a], Han et al. presented a nice overview of some side channel attacks (SCA), and some classical countermeasures. However, their proposed countermeasures against SCA are so inefficient that the efficiency of XTR with SCA countermeasures is at least 129 times slower than that of XTR without them. Thus they remained the construction of the efficient countermeasures against SCA as an open question. In this paper, we show that XTR can be also attacked by the modified refined power analysis (MRPA) and the modified zero-value attack (MZVA). To show validity of MRPA and MZVA on XTR, we give some numerical data of them. We propose a novel efficient countermeasure (XTR-RSE) against "SCAs": SPA, Data-bit DPA, Address-bit DPA, Doubling attack, MRPA, and MZVA. We show that XTR-RSE itself without other countermeasures is secure against all "SCAs". From our implementation results, if we compare XTR with ECC with countermeasures against "SCAs", we think XTR is as suitable to smart-cards as ECC due to the efficiency of the proposed XTR-RSE.

  • A software fingerprinting scheme for java using classfiles obfuscation 査読

    Kazuhide Fukushima, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   2908   303 - 316   2004年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Embedding a personal identifier as a watermark to Java classfile is effective in order to protect copyrights of them. Monden et al.[1] proposed watermarking scheme that embeds arbitrary character sequence to the target method in a Java classfiles. But the scheme can be only used to embed the same watermark to each user's classfiles. Therefore, if we apply this scheme for embedding each user's personal identifier, the watermarks can be specified by comparing two or more users' Java classfiles. In this paper solve the problem by using "Classfiles Obfuscation" which is our obfuscation scheme for Java sourcecodes. By the scheme, we distribute all the methods among the all the Java classfiles at random. Evrey user's Java classfiles will have different structures respectively by appling "Clasfiles Obfuscation". As the result, to specify watermark by compareing classfiles will be difficult.

  • A generalization of PGV-hash functions and security analysis in black-box model 査読

    Wonil Lee, Mridul Nandi, Palash Sarkar, Donghoon Chang, Sangjin Lee, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   3108   212 - 223   2004年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In [1] it was proved that 20 out of 64 PGV-hash functions [2] based on block cipher are collision resistant and one-way-secure in black-box model of the underlying block cipher. Here, we generalize the definition of PGV-hash function into a hash family and prove that besides the previous 20 hash functions we have 22 more collision resistant and one-way secure hash families. As all these 42 families are keyed hash families, these become target collision resistant also. All these 42 hash families have tight upper and lower bounds on (target) collision resistant and one-way-ness.

  • A distributed online certificate status protocol with a single public key 査読

    Satoshi Koga, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   2947   389 - 401   2004年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The Public Key Infrastructure (PKI) technology is very important to support secure global electronic commerce and digital communications on networks. The Online Certificate Status Protocol (OCSP) is the standard protocol for retrieving certificate revocation information in PKI. To minimize the damages caused by OCSP responder's private key exposure, a distributed OCSP composed of multiple responders is needed. This paper presents a new distributed OCSP with a single public key by using key-insulated signature scheme [6]. In proposed distributed OCSP, each responder has the different private key, but corresponding public key remains fixed, so the client simply obtains and stores one certificate and can verify any responses by using a single public key.

  • チャレンジ-レスポンスとベイジアンフィルタを併用した迷惑メール対策の提案 査読

    岩永学, 田端利宏, 櫻井 幸一

    情報処理学会論文誌   2004年8月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • 普遍再暗号化によるRFIDタグのプライバシ保護の実現 査読

    齊藤純一郎, 櫻井 幸一

    情報処理学会論文誌   2004年8月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • Timing Attacks against a Parallelized RSA Implementation 査読

    Yasuyuki Sakai and Kouichi Sakurai

    情報処理学会論文誌   2004年8月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • On Security of XTR Public Key Cryptosystems Against Side Channel Attacks 査読 国際誌

    Dong-Guk Han, Jongin Lim, Kouichi Sakurai

    Proc. ACISP 2004   2004年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Pseudorandomness of SPN-Type Transformations 査読 国際誌

    Wonil Lee, Mridul Nandi, Palash Sarkar, Donghoon Chang, Sangjin Lee, Kouichi Sakura

    Proc. ACISP 2004   2004年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Pre-production Methods of a Response to Certificates with the Common Status - Design and Theoretical Evaluation 査読 国際誌

    Satoshi Koga, Jae-Cheol Ryou, Kouichi Sakurai

    Proc. EuroPKI 2004   3093   85 - 97   2004年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Special section on Discrete Mathematics and its applications 査読

    Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E87-A ( 5 )   977   2004年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • A Distributed Online Certificate Status Protocol with a Single Public Key 査読 国際誌

    Satoshi Koga, Kouichi SAKURAI

    Proc. Public Key Cryptography 2004   2947   389 - 401   2004年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Design of Diffie-Hellman Based Key Exchange Using One-time ID in Pre-shared Key Model 査読 国際誌

    Kenji IMAMOTO, Kouichi SAKURAI

    Proc. AINA (1) 2004   327 - 332   2004年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Merging Method of Certification Authorities Without Using Cross-Certifications 査読 国際誌

    Satoshi Koga, Kouichi SAKURAI

    Proc. AINA (2) 2004   174 - 177   2004年3月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • 検証エージェントを用いたモバイルエージェントのためのリアルタイム改竄検出システムの提案 査読

    小手川祐樹, 櫻井幸一

    情報処理学会論文誌   2004年2月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • A New Attack with Side Channel Leakage During Exponent Recoding Computations 査読 国際誌

    Yasuyuki Sakai, Kouichi SAKURAI

    Proc. CHES 2004   3156   298 - 311   2004年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Analysis and Design for Private Message Board Systems 査読

    Kenji Imamotoh, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E87-A ( 1 )   204 - 211   2004年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    When two parties connect via a possibly unreliable net-work, ensuring fairness becomes a serious problem. To solve this problem, a lot of Certified E-mail systems are proposed. However, user's privacy including confidentiality and anonymity is not considered in almost all of these systems. In this paper, we propose two private message board systems using an electronic notice board to solve Certified mail problem.

  • Analysis and Design for Private Message Board Systems 査読 国際誌

    Kenji IMAMOTO, Kouichi SAKURAI

    IEICE Trans. Fundamentals   E87A ( 1 )   204 - 211   2004年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • A new attack with side channel leakage during exponent recoding computations 査読

    Yasuyuki Sakai, Kouichi Sakurai

    Lecture Notes in Computer Science   3156   298 - 311   2004年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In this paper we propose a new side channel attack, where exponent recodings for public key cryptosystems such as RSA and ECDSA are considered. The known side channel attacks and countermeasures for public key cryptosystems were against the main stage (square and multiply stage) of the modular exponentiation (or the point multiplication on an elliptic curve). We have many algorithms which achieve fast computation of exponentiations. When we compute an exponentiation, the exponent recoding has to be carried out before the main stage. There are some exponent recoding algorithms including conditional branches, in which instructions depend on the given exponent value. Consequently exponent recoding can constitute an information channel, providing the attacker with valuable information on the secret exponent. In this paper we show new algorithms of attack on exponent recoding. The proposed algorithms can recover the secret exponent, when the width-ω NAF [9] and the unsigned/signed fractional window representation [5] are used. Keywords: Side channel attack, exponent recoding, RSA cryptosystems, elliptic curve cryptosystems.

  • On security of XTR public key cryptosystems against side channel attacks 査読

    Dong Guk Han, Jongin Lim, Kouichi Sakurai

    Lecture Notes in Computer Science   3108   454 - 465   2004年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The XTR public key system was introduced at Crypto 2000. It is regarded that XTR is suitable for a variety of environments, including low-end smart cards, and XTR is the excellent alternative to either RSA or ECC. In [LV00a,SL01], authors remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as timing attacks and Differential Power Analysis (DPA). In this paper, however, we investigate the security of side channel attack (SCA) on XTR. This paper shows that XTR-SE is immune against simple power analysis under assumption that the order of the computation of XTR-SE is carefully considered. However, we show that XTR-SE is vulnerable to Data-bit DPA, Address-bit DPA, and doubling attack. Moreover, we propose countermeasures that prevent the proposed attacks. As the proposed countermeasure against doubling attack is very inefficient, a good countermeasure against doubling attack is actually necessary to maintain the advantage of efficiency of XTR.

  • Enhancing privacy of universal re-encryption scheme for RFID tags 査読

    Junichiro Saito, Jae Cheol Ryou, Kouichi Sakurai

    Lecture Notes in Computer Science   3207   879 - 890   2004年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    A Radio-Frequency-Identification (RFID) tag is a small and cheap device which is combined in IC chip and an antenna for radio communications. It emits an ID in response to a query from a radio communication device called as a reader. For this reason, the RFID tag is used for management of goods and it is used as a substitute for a bar code. However, RFID system may infringe on a consumer's privacy because it has a strong tracing ability. Although ID of a RFID tag can be encrypted, it is possible to pursue an object by tracing specific information. Therefore, we discuss the privacy protection using universal re-encryption proposed by Golle, Jakobsson, Juels and Syverson. Since the system does not protect a modification of the information on RFID tags, it can be exploited by an attacker. Therefore we point out two attacks using modification of the information on RFID tags. Moreover, we offer two proposed schemes for addressing the problem.

  • On the Security of SELinux with a Simplified Policy 査読 国際誌

    Katsuya SUEYASU, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of the IASTED International Conference on Communication   2003年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Single-path authenticated-encryption scheme based on universal hashing 査読

    Soichi Furuya, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   2595   94 - 109   2003年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    An authenticated-encryption scheme is frequently used to provide a communication both with confidentiality and integrity. For stream ciphers, i.e., an encryption scheme using a cryptographic pseudorandom-number generator, this objective can be achieved by the simple combination of encryption and MAC generation. This naive approach, however, introduces the following drawbacks; the implementation is likely to require two scans of the data, and independent keys for the encryption and MAC generations must be exchanged. The single-path construction of an authenticated-encryption scheme for a stream cipher is advantageous in these two aspects but non-trivial design. In this paper we propose a single-path authenticated-encryption scheme with provable security. This scheme is based on one of the well-known ∈-almost-universal hash functions, the evaluation hash. The encryption and decryption of the scheme can be calculated by single-path operation on a plaintext and a ciphertext. We analyze the security of the proposed scheme and give a security proof, which claims that the security of the proposed scheme can be reduced to that of an underlying PRNG in the indistinguishability from random bits. The security model we use, real-or-random, is one of the strongest notions amongst the four well-known notions for confidentiality, and an encryption scheme with real-or-random sense security can be efficiently reduced to the other three security notions. We also note that the security of the proposed scheme is tight.

  • Fast multi-scalar multiplication methods on elliptic curves with precomputation strategy using montgomery trick 査読

    Katsuyuki Okeya, Kouichi Sakurai

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   2523   564 - 578   2003年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Our development of efficient methods for the precomputation of multi-scalar multiplication for elliptic curve cryptosystems (ECCs) is presented. Multi-scalar multiplication is required in many forms of ECC, including schemes for the verification of ECDSA signatures. The simultaneous method is one known method for fast multi-scalar multiplication. The method has two stages: a precomputation stage and an evaluation stage. Points for use in the evaluation stage are computed in the precomputation stage. The actual multi-scalar multiplication is carried out on the basis of the precomputed points in the evaluation stage. In the evaluation stage of the simultaneous method, we are able to quickly compute the points of the multi-scalar multiple because few additions are required. On the other hand, if we use a large window width, we have to compute an enormous number of points in the precomputation stage. Hence, we have to compute an abundance of inversions, which carries a high computational cost. The result is that a large amount of time is required by the precomputation stage. This is the well-known draw-back of the simultaneous method. In our proposed method, we apply the Montgomery trick to reduce the number of inversions required with a width window w from O(22w) to O(w). In addition, our proposed method computes uP and vQ for any u,v, then compute uP + vQ, where P,Q are elliptic points. This procedure enables us to remove points that will not be used later from the process of precomputation. Without our proposed method, an algorithm to compute precomputation table would have to be changed dependently on unused points. Compared with the method without Montgomery trick, our proposed method is 3.6 times faster than the conventional simultaneous method, i.e., than in the absence of the Montgomery trick. Moreover, the optimal window width for our proposed method is 3, whereas the corresponding width for conventional simultaneous methods is 2.

  • Does it need trusted third party? Design of buyer-seller watermarking protocol without trusted third party 査読

    Jae Gwi Choi, Kouichi Sakurai, Ji Hwan Park

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   2846   265 - 279   2003年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Buyer-seller watermarking protocol is a combination of traditional watermarking and fingerprinting techniques. For example, in applications where multimedia content is electronically distributed over a network, the content owner can embed a distinct watermark (a fingerprint), in each copy of the data that is distributed. If unauthorized copies of the data are found, then the origin of the copy can be determined by retrieving the unique watermark corresponding to each buyer. Recently, Ju and Kim proposed an anonymous buyer-seller watermarking protocol, where a buyer can purchase contents anonymously, but the anonymity can be controlled. They used two trusted parties: the watermark certification authority and the judge. The significance of this protocol is that it offered anonymity to watermarking protocol. But this protocol has the problem that honest buyers can be found as guilty, because sellers can recreate the same contents as the buyer's one if he/she colludes with the watermark certification authority and the judge. Thus this scheme must assume existence of the trusted third parties for its security. In this paper, we show shortcomings of this protocol and suggest a buyer-seller watermarking protocol that provides security of buyers and sellers without trusted third party.

  • A reject timing attack on an IND-CCA2 public-key cryptosystem 査読

    Kouichi Sakurai, Tsuyoshi Takagi

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   2587   359 - 373   2003年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    EPOC-2 is a public-key cryptosystem that can be proved IND-CCA2 under the factoring assumption in the random oracle model. It was written into a standard specification P1363 of IEEE, and it has been a candidate of the public-key cryptosystem in several international standards (or portfolio) on cryptography, e.g. NESSIE, CRYPTREC, ISO, etc. In this paper we propose a chosen ciphertext attack against EPOC-2 from NESSIE by observing the timing of the reject signs from the decryption oracle. We construct an algorithm, which can factor the public modulus using the difference of the reject symbols. For random 384-bit primes, the modulus can be factored with probability at least 1/2 by invoking about 385 times to the decryption oracle.

  • Evaluation of Anti-spam Method Combining Bayesian Filtering and Strong Challenge and Response 査読 国際誌

    Manabu IWANAGA, Toshihiro TABATA, Kouichi SAKURAI

    Proc. of IASTED Int. Conf. on Communication, Network, and Information Security (CNIS 2003)   2003年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Does It Need Trusted Third Party? Design of Buyer-Seller Watermarking Protocol without Trusted Third Party 査読 国際誌

    Jae-Gwi Choi, Kouichi Sakurai, Ji-Hwan Park

    Prof. ACNS 2003   2846   265 - 279   2003年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Timing Attack against Implementation of a Parallel Algorithm for Modular Exponentiation 査読 国際誌

    Yasuyuki Sakai, Kouichi SAKURAI

    Proc. ACNS 2003   2846   319 - 330   2003年10月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Mechanism to Detect Tampering on Mobile Agents using The Verification Agent 査読 国際誌

    Yuki Kotegawa, Kouichi SAKURAI

    Proc. International Workshop on Cryptology and Network Security (CANS03)   2003年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Private Certified E-mail Systems with Electronic Notice Board 査読 国際誌

    Kenji IMAMOTO, Kouichi SAKURAI

    Proc. International Workshop on Cryptology and Network Security (CANS03)   2003年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Tampering Detection Mechanism using a Trusted Host for Mobile Agents 査読 国際誌

    Yuki KOTEGAWA, Kouichi SAKURAI

    Proc. of the 2003 International Workshop on CRYPTOLOGY AND NETWORK SECURITY (CANS2003)   2003年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Certified E-mail Systems Using Public Notice Board 査読 国際誌

    Kenji IMAMOTO, Kouichi SAKURAI

    Trust and Privacy in Digital Business (TrustBus'03)   460 - 464   2003年9月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

    DOI: 10.1109/DEXA.2003.1232065

  • A Software Fingerprinting Scheme for Java Using Classfiles Obfuscation 査読 国際誌

    Kazuhide Fukushima, Kouichi SAKURAI

    Proc. WISA 2003   2908   303 - 316   2003年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • 配達仲介人を利用した配達証明付き電子メールの改良 査読

    今本 健二, 櫻井 幸一

    情報処理学会論文誌   2003年8月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • Enhancing Airport Access Control Security With Multiple Biometrics Contactless Smart Card 査読

    M.David and K.SAKURAI

    情報処理学会論文誌   2003年8月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • A secure digital watermark system for secondary distribution 査読

    Keiichi Iwamura, Kouichi Sakurai, Hideki Imai

    Electronics and Communications in Japan, Part III: Fundamental Electronic Science (English translation of Denshi Tsushin Gakkai Ronbunshi)   86 ( 6 )   76 - 85   2003年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Conventional digital watermark systems assume that the distributor (server) is a completely reliable organization. If the server is not a reliable organization, in a conventional system it is possible that suspicion may fall on a user who is not illegally distributing. Several methods have been proposed to handle this problem. In these methods, however, the system is essentially composed of two kinds of entities: the agent and the users. There is no discussion of a system composed of three entities - authors, agent, and users - where secondary distribution takes place from the author to an agent and then to the users. This paper proposes a digital watermark system that can prevent illegal conduct in a secondary distribution system composed of three types of entities - authors, agent, and users.

    DOI: 10.1002/ecjc.1151

  • A secure digital watermark system for secondary distribution 査読

    Keiichi Iwamura, Kouichi Sakurai, Hideki Imai

    Electronics and Communications in Japan, Part III: Fundamental Electronic Science (English translation of Denshi Tsushin Gakkai Ronbunshi)   86 ( 6 )   76 - 85   2003年6月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Conventional digital watermark systems assume that the distributor (server) is a completely reliable organization. If the server is not a reliable organization, in a conventional system it is possible that suspicion may fall on a user who is not illegally distributing. Several methods have been proposed to handle this problem. In these methods, however, the system is essentially composed of two kinds of entities: the agent and the users. There is no discussion of a system composed of three entities - authors, agent, and users - where secondary distribution takes place from the author to an agent and then to the users. This paper proposes a digital watermark system that can prevent illegal conduct in a secondary distribution system composed of three types of entities - authors, agent, and users.

    DOI: 10.1002/ecjc.1151

  • Decentralization Methods of Certification Authority Using the Digital Signature Schemes 査読 国際誌

    Satoshi KOGA, Kouichi SAKURAI

    2nd Annual PKI Research Workshop   2003年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Reject Timing Attack on an IND-CCA2 Public-Key Cryptosystem 査読 国際誌

    Kouichi SAKURAI and Tsuyoshi TAKAGI

    5th International Conference on Information Security and Cryptology, ICISC 2002   2587   359 - 373   2003年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • “A Secure Fragile Watermarking” 査読

    Keiichi Iwamura, Jun'ichi Hayashi, Kouichi Sakurai, Hideki Imai

    Journal of the Institute of Image Electronics Engineers of Japan   32 ( 1 )   22 - 28   2003年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Previous fragile watermarking algorithms have been kept in secret, and not been discussed about the security except2).In 2), a secure fragile watermarking algorithm was proposed, even if it opens to the public. However, the algorithm needs to use different keys for different images. In this paper, we propose a fragile watermarking algorithm which can use the same key for different images. We show that this algorithm is secure, if it uses secure cryptographic function, pseudo-random number and self-synchronized pattern.

    DOI: 10.11371/iieej.32.22

  • Use of montgomery trick in precomputation of multi-scalar multiplication in elliptic curve cryptosystems 査読

    Katsuyuki Okeya, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E86-A ( 1 )   98 - 112   2003年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We develop efficient precomputation methods of multi-scalar multiplication on ECC. We should recall that multi-scalar multiplication is required in some elliptic curve cryptosystems including the signature verification of ECDSA signature scheme. One of the known fast computation methods of multi-scalar multiplication is a simultaneous method. A simultaneous method consists of two stages; precomputation stage and evaluation stage. Precomputation stage computes points of precomputation, which are used at evaluation stage. Evaluation stage computes multi-scalar multiplication using precomputed points. In the evaluation stage of simultaneous methods, we can compute the multi-scalar multiplied point quickly because the number of additions is small. However, if we take a large window width, we have to compute an enormous number of points in precomputation stage. Hence, we have to compute an abundance of inversions, which have large computational amount. As a result, precomputation stage requires much time, as well known. Our proposed method reduces from O(22w) inversions to O(w) inversions for a window width w, using Montgomery trick. In addition, our proposed method computes uP and vQ first, then compute uP + vQ, where P, Q are elliptic points. This procedure enables us to remove unused points of precomputation. Compared with the method without Montgomery trick, our proposed method is 3.6 times faster in the case of the precomputation stage for simultaneous sliding window NAF method with window width w = 3 and 160-bit scalars under the assumption that I/M = 30, S/M = 0.8, where I, M, S respectively denote computational amounts of inversion, multiplication and squaring on a finite field.

  • An Efficient Representation of Scalars for Simultaneous Elliptic Scalar Multiplication 査読

    Yasuyuki Sakai, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E86-A ( 5 )   1135 - 1146   2003年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    The computational performance of cryptographic protocols using an elliptic curve strongly depends on the efficiency of the scalar multiplication. Some elliptic curve based cryptographic protocols, such as signature verification, require computation of multi scalar multiplications of kP + lQ, where P and Q are points on an elliptic curve. An efficient way to compute kP + lQ is to compute two scalar multiplications simultaneously, rather than computing each scalar multiplication separately. We introduce new efficient algorithms for simultaneous scalar multiplication on an elliptic curve. We also give a detailed analysis of the computational efficiency of our proposed algorithms.

  • A Simple Power Attack On a Randomized Addition-Subtraction Chains Method for Elliptic Curve Cryptosystems 査読 国際誌

    Katsuyuki Okeya, Kouichi Sakurai

    IEICE Trans. Fundamentals   E86A ( 5 )   1171 - 1180   2003年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Use of Montgomery Trick in Precomputation of Multi-Scalar Multiplication in Elliptic Curve Cryptosystem 査読 国際誌

    Katsuyuki Okeya, Kouichi Sakurai

    IEICE Trans. Fundamentals   E86A ( 1 )   98 - 112   2003年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • サイドチャネル攻撃へのウィンドウ法を用いた防御法に対する2階電力差分攻撃 査読

    桶屋 勝幸, 櫻井 幸一

    情報処理学会論文誌   2003年1月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • 高度版ランダム化加算減算鎖法に対する多重電力解析 査読

    桶屋 勝幸, 櫻井 幸一

    情報処理学会論文誌   2003年1月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • A Simple Power Attack on a Randomized Addition-Subtraction Chains Method for Elliptic Curve Cryptosystems 査読

    Katsuyuki Okeya, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E86-A ( 5 )   1171 - 1180   2003年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We show that a randomized addition-subtraction chains countermeasure against side channel attacks is vulnerable to an SPA attack, which is a kind of side channel attack, under distinguishability between addition and doubling. The side channel attack takes advantage of information leaked during execution of a cryptographic procedure. The randomized addition-subtraction chains countermeasure was proposed by Oswald-Aigner, and is based on a random decision inserted into computations. However, the question of its immunity to side channel attacks is still controversial. The randomized addition-subtraction chains countermeasure has security flaw in timing attacks, another kind of side channel attack. We have implemented the proposed attack algorithm, whose input is a set of AD sequences, which consist of the characters "A" and "D" to indicate addition and doubling, respectively. Our program has clarified the effectiveness of the attack. The attack algorithm could actually detect secret scalars for given AD sequences. The average time to detect a 160-bit scalar was about 6 milliseconds, and only 30 AD sequences were enough to detect such a scalar. Compared with other countermeasures against side channel attacks, the randomized addition-subtraction chains countermeasure is much slower.

  • Timing attack against implementation of a parallel algorithm for modular exponentiation 査読

    Yasuyuki Sakai, Kouichi Sakurai

    Lecture Notes in Computer Science   2846   319 - 330   2003年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We describe a parallel algorithm for modular exponentiation y ≡ xk mod n. Then we discuss timing attacks against an implementation of the proposed parallel algorithm for modular exponentiation. When we have two processors, which perform modular exponentiation, an exponent k is scattered into two partial exponents k(0) and k(1), where k(0) and k(1) are derived by bitwise AND operation from k such that k(0) = k ∧ (0101⋯01)2 and k(1) = k ∧(1010 ⋯10)2. Two partial modular exponentiations y0 ≡ xk(0) mod n and y1 ≡ xk(1) mod n are performed in parallel using two processors. Then we can obtain y by computing y ≡ y0y1 mod n. In general, the hamming weight of k(0) and k(1) are smaller than that of k. Thus fast computation of modular exponentiation y ≡ xk mod n can be achieved. Moreover we show a timing attack against an implementation of this algorithm. We perform a software simulation of the attack and analyze security of the parallel implementation.

  • On the security of yet another reduced version of 3-pass HAVAL 査読

    Yong Sork Her, Kouichi Sakurai

    Unknown Journal   137   2003年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We find collisions for the first and third passes of 3-pass HAVAL (following HAVAL[1,3]) which is not using the second pass and not successive two passes. To find a collision in HAVAL[1,3], we introduce the scheme of S.W.Park et al.

  • Analysis and design of SHA-V and RIPEMD-V with variable output-length 査読

    Yong Sork Her, Kouichi Sakurai

    Research Reports on Information Science and Electrical Engineering of Kyushu University   8 ( 1 )   13 - 18   2003年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    A hash function provides services of information security, authentication, integrity and non-reputation in a branch of information security. Cryptographic hash functions had been developed since MD4 was proposed by Rivest. U. S standard of a hash function is SHA-1 with 160 bits of output length. RIPEMD was designed in 1992 by den Boer and others under the RIPE project. When we consider the improvement of computation ability and speed, it can be difficult to guarantee the security of a hash function with 160 bits of output length. It is required a hash function with variable output length that can take a suitable output length by systems. HAVAL is the first hash function with variable output length, which was proposed by Zheng et al. HAS-V based on HAVAL-1 was proposed by N. K. Park et al. In this paper, we design two hash functions with variable output length, namely SHA-V and RIPEMD-V. based on SHA-1 and RIPEMD-1, and analyze the security on two designed hash functions.

  • Risks with Raw-key Masking the Security Evaluation of 2-key XCBC 査読 国際誌

    Soichi Furuya, Kouichi Sakurai

    Information and Communications Security, 4th International Conference, ICICS 2002   2513   327 - 341   2002年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Certified E-mail System With Receiver's Selective Usage of Delivery Authority 査読 国際誌

    Kenji IMAMOTO, Kouichi SAKURAI

    Third International Cryptology Conference in India (INDOCRYPT2002)   2551   326 - 338   2002年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Single-path Authenticated-encryption Scheme Based on Universal Hashing 査読 国際誌

    Soichi Furuya, Kouichi Sakurai

    9th Annual Workshop, SAC 2002   2595   94 - 109   2002年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Scalable On-line Certified E-mail Protocol Using Password Authentication 査読 国際誌

    Kenji IMAMOTO, Kouichi SAKURAI

    The 3rd International Workshop on Information Security Applications (WISA2002)   2002年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Fast Scalar Multiplication Method with Randomized Projective Coordinates on a Montgomery-form Elliptic Curve Secure against Side Channel Attacks 査読 国際誌

    Katsuyuki Okeya, Kunihiko Miyazaki, Kouichi Sakurai

    The 4th International Conference on Information Security and Cryptology (ICISC 2001)   2002年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Scalar Multiplication Algorithm with Recovery of the y-Coordinate on the Montgomery Form and Analysis of Efficiency for Elliptic Curve Cryptosystems 査読 国際誌

    Katsuyuki Okeya, Kouichi Sakurai

    IEICE Trans. Fundamentals   E85A ( 1 )   84 - 93   2002年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • An Efficient Representation of Scalars for Simultaneous Elliptic Scalar Multiplication 査読 国際誌

    Yasuyuki Sakai, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E86A ( 5 )   1135 - 1146   2002年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Speeding Up Elliptic Scalar Multiplication Using Multidoubling 査読 国際誌

    Yasuyuki Sakai, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E85A ( 5 )   1075 - 1083   2002年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • 暗号に利用可能なモンゴメリ型楕円曲線の存在数に関する一考察 査読

    桶屋 勝幸, 宮崎 邦彦, 櫻井 幸一

    応用数理学会論文誌   2002年1月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • サイドチャネル攻撃を防ぐモンゴメリ型楕円曲線上の 高速なスカラー倍計算方法 - 理論的アプローチ - 査読

    桶屋 勝幸, 宮崎 邦彦, 櫻井 幸一

    情報処理学会論文誌   2002年1月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • New Semantically Secure Public-Key Cryptosystems from the RSA-Primitive 査読 国際誌

    Kouichi SAKURAI and Tsuyoshi TAKAGI

    5th International Workshop on Practice and Theory in Public Key Cryptography, PKC 2002   2002年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Second-Order DPA Attack Breaks a Window-method based Countermeasure against Side Channel Attacks 査読 国際誌

    Katsuyuki Okeya, Kouichi Sakurai

    Information Security Conference (ISC 2002)   2002年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Fast Multi-Scalar Multiplication Methods on Elliptic Curves with Precomputation Strategy using Montgomery Trick 査読 国際誌

    Katsuyuki Okeya, Kouichi Sakurai

    Cryptographic Hardware and Embedded System (CHES 2002)   2523   564 - 578   2002年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • On Insecurity of the Side Channel Attack Countermeasure using Addition-Subtraction Chains under Distinguishability between Addition and Doubling 査読 国際誌

    Katsuyuki Okeya, Kouichi Sakurai

    Information Security and Privacy, 7th Australasian Conference (ACISP 2002)   2002年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • An IND-CCA2 Public-Key Cryptosystem with Fast Decryption 査読 国際誌

    Johannes Buchmann, Kouichi SAKURAI and Tsuyoshi TAKAGI

    4th International Conference on Information Security and Cryptology, ICISC'01   2002年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A scalar multiplication algorithm with recovery of the y-coordinate on the montgomery form and analysis of efficiency for elliptic curve cryptosystems 査読

    Katsuyuki Okeya, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E85-A ( 1 )   84 - 93   2002年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We present a scalar multiplication algorithm with recovery of the y-coordinate on a Montgomery-form elliptic curve over any non-binary field. The previous algorithms for scalar multiplication on a Montgomery form do not consider how to recover the y-coordinate. So although they can be applicable to certain restricted schemes (e.g. ECDH and ECDSA-S), some schemes (e.g. ECDSA-V and MQV) require scalar multiplication with recovery of the y-coordinate. We compare our proposed scalar multiplication algorithm with the traditional scalar multiplication algorithms (including Window-methods on the Weierstrass form), and discuss the Montgomery form versus the Weierstrass form in the performance of implementation with several techniques of elliptic curve cryptosystems (including ECES, ECDSA, and ECMQV). Our results clarify the advantage of the cryptographic usage of Montgomery-form elliptic curve in constrained environments such as mobile devices and smart cards.

  • Speeding up elliptic scalar multiplication using multidoubling 査読

    Yasuyuki Sakai, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E85-A ( 5 )   1075 - 1083   2002年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We discuss multidoubling methods for efficient elliptic scalar multiplication. The methods allows computation of 2k P directly from P without computing the intermediate points, where P denotes a randomly selected point on an elliptic curve. We introduce algorithms for elliptic curves with Montgomery form and Weierstrass form defined over finite fields with characteristic greater than 3 in terms of affine coordinates. These algorithms are faster than k repeated doublings. Moreover, we apply the algorithms to scalar multiplication on elliptic curves and analyze computational complexity. As a result of our implementation with respect to the Montgomery and Weierstrass forms in terms of affine coordinates, we achieved running time reduced by 28% and 31%, respectively, in the scalar multiplication of an elliptic curve of size 160-bit over finite fields with characteristic greater than 3.

  • On the Power of Direct Computations in Speeding Up Elliptic Scalar Multiplication 査読 国際誌

    Y.Sakai and K.SAKURAI

    PreProc. Eighth Annual Workshop on Selected Areas in Cryptography (Aug. 2001)   2001年8月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Efficient elliptic curve cryptosystems from a scalar multiplication algorithm with recovery of the y-coordinate on a Montgomery-form elliptic curve 査読 国際誌

    K.Okeya and K.SAKURAI

    Proc. Workshop on Cryptographic Hardware and Embedded Systems 2001   2001年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • English vs. Sealed bid in anonymous electronic auction protocols 査読 国際誌

    Hirakiuchi DAISUKE , Kouichi Sakurai

    Proc. of 10th IEEE international workshops on enabling technologies, WETICE 2001   171 - 176   2001年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

    DOI: 10.1109/ENABL.2001.953409

  • On distributed cryptographic protocols for threshold RSA signing and decrypting with no dealer 査読

    Shingo Miyazaki, Kouichi Sakurai, Moti Yung

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E84-A ( 5 )   1177 - 1184   2001年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We consider methods for threshold RSA decryption among distributed agencies without any dealer or trusted party. The first solution is a combination of two techniques by [9] and [7]. It demonstrates the feasibility of combining the distributed key generation and the RSA secure function application. The second solution is another approach making the distributed key distribution simpler and alleviating a burden of each shareholder in comparison with the first scheme. The latter scheme is newly developed technique based on [9] and further inspired by Simmons' protocol-failure of RSA (we believe that it is very interesting that a "protocol failure attack" be turned into a constructive method). Our comparison between these two schemes indicates a new measure of the performance of a distributed cryptographic protocol that consists of multiple stages.

  • Efficient scalar multiplications on elliptic curves with direct computations of several doublings 査読

    Yasuyuki Sakai, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E84-A ( 1 )   120 - 129   2001年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We introduce efficient algorithms for scalar multiplication on elliptic curves defined over IFp. The algorithms compute 2kP directly from P, where P is a random point on an elliptic curve, without computing the intermediate points, which is faster than k repeated doublings. Moreover, we apply the algorithms to scalar multiplication on elliptic curves, and analyze their computational complexity. As a result of their implementation with respect to affine (resp. weighted projective) coordinates, we achieved an increased performance factor of 1.45 (45%) (resp. 1.15 (15%)) in the scalar multiplication of the elliptic curve of size 160-bit.

  • A theory of demonstrating program result-correctness with cryptographic applications 査読

    Kouichi Sakurai

    IEICE Transactions on Information and Systems   E84-D ( 1 )   4 - 14   2001年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We formalize a model of "demonstration of program result-correctness," and investigate how to prove this fact against possible adversaries, which naturally extends Blum's theory of program checking by adding zero-knowledge requirements. The zero-knowledge requirements are universal for yes and no instances alike.

  • Efficient Scalar Multiplications on Elliptic Curves with Direct Computations of Several Doublings 査読 国際誌

    Yasuyuki Sakai, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E84A ( 1 )   120 - 129   2001年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • A Theory of Demonstrating Program Result-Correctness with Cryptographic Applications 招待 査読 国際誌

    Kouichi SAKURAI

    IEICE Trans.   E84D ( 1 )   4 - 14   2001年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • On Distributed Cryptographic Protocols for Threshold RSA Signing and Decrypting with No Dealer 査読 国際誌

    Shingo MIYAZAKI, Kouichi SAKURAI and Moti YUNG

    IEICE Trans   E84A ( 5 )   1177 - 1183   2001年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • 非周期的自己アフィンタイル貼りにおけるタイルの境界集合の構成と彩色 査読

    貞広 泰造, 櫻井幸一

    情報処理学会論文誌   2001年1月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • 複数の機密画像を埋め込み可能なグラフタイプ視覚複合型秘密分散方式の拡張 査読

    須賀 祐治, 岩村 恵市, 櫻井幸一, 今井 秀樹

    情報処理学会論文誌   2001年1月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • 2次配布に対して安全な電子透かしシステム 査読

    岩村 恵市, 櫻井 幸一, 今井 秀樹

    電子情報通信学会論文誌   2001年1月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • Efficient Elliptic Curve Cryptosystems from a Scalar Multiplication Algorithm with Recovery of the $y$-Coordinate on a Montgomery-Form Elliptic Curve 査読 国際誌

    Katsuyuki Okeya, Kouichi Sakurai

    Cryptographic Hardware and Embedded System (CHES 2001)   2001年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • An Anonymous Electronic Bidding Protocol Based on New Convertible Group Signature Scheme 査読 国際誌

    Kouichi SAKURAI, Shingo Miyazaki

    Proc. ACISP2000   2000年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • 配布者の不正に対して安全な電子透かしシステム 査読

    岩村 恵市, 櫻井 幸一, 今井 秀樹

    電子情報通信学会論文誌   2000年7月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • Efficient Scalar Multiplication on Elliptic Curves without Repeated Doublings and their Practical Performance 査読 国際誌

    Yasuyuki Sakai, Kouichi SAKURAI

    Proc. ACISP2000   2000年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • On zero-knowledge proofs: "from membership to decision" 査読 国際誌

    G. Di Crecenzo, K. SAKURAI and M. Yung

    Proc. ACM STOC2000   2000年5月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Elliptic Curves with the Montgomery-Form and Their Cryptographic Applications 査読 国際誌

    Katsuyuki Okeya, Hiroyuki Kurumatani, Kouichi Sakurai

    Public Key Cryptography (PKC 2000)   1751   238 - 257   2000年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A practical off-line digital money system with partially blind signatures based on the discrete logarithm problem 査読

    Shingo Miyazaki, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E83-A ( 1 )   106 - 108   2000年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We propose an untraceable electronic money system. Our system uses the partially blind signature based on the discrete logarithm problem, and applies secret key certificates to the payment protocol.

  • A Progress Report on Lattice Based Public-Key Cryptosystems -Theoretical Security versus Practical Cryptanalysis 査読

    Kouichi Sakurai

    IEICE Transactions on Information and Systems   E83-D ( 3 )   570 - 579   2000年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    SUMMARY We review public-key cryptosystems from lattice problems which are inspired by Ajtai's remarkable result and consider their security from the point of view of both theory and practice. We also survey recent results on the power of the lattice reduction algorithm in cryptanalysis.

  • On the Practical Performance of Hyperelliptic Curve Cryptosystems in Software Implementation 査読 国際誌

    Yasuyuki Sakai, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E83A ( 4 )   692 - 703   2000年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • A Progress Report on Lattice Based Public-Key Cryptosystems --Theoretical Security versus Practical Cryptanalysis -- 招待 査読 国際誌

    Kouichi SAKURAI

    IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS   E83D ( 3 )   570 - 579   2000年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • A practical off-line digital-money system with partilly blind signatures based on the discrete logarithm problem 査読 国際誌

    Shingo MIYAZAKI, Kouichi SAKURAI

    IEICE Transactions   E83A ( 1 )   106 - 108   2000年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • 変換可能なグループ署名を用いた電子電子入札方式 査読

    宮崎真悟, 櫻井幸一

    情報処理学会論文誌   2000年1月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • Power Analysis Breaks Elliptic Curve Cryptosystems even Secure against the Timing Attack 査読 国際誌

    Katsuyuki Okeya, Kouichi Sakurai

    Progress in Cryptology - INDOCRYPT 2000   2000年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Making Hash Functions from Block Ciphers secure and efficient by using convolutional codes 査読 国際誌

    Toru Inoue and Kouichi SAKURAI

    Proc. PKC2000   1751   391 - 404   2000年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • On the practical performance of hyperelliptic curve cryptosystems in software implementation 査読

    Yasuyuki Sakai, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E83-A ( 4 )   692 - 701   2000年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    We consider the performance of hyperelliptic curve cryptosystems over the fields Fp vs. F2n. We analyze the complexity of the group law of the jacobians JC (Fp) and JC (F2n) and compare their performance taking into consideration the effectiveness of the word size (32-bit or 64-bit) of the applied CPU (Alpha and Pentium) on the arithmetic of the definition field. Our experimental results show that JC(F2n) is faster than JC (Fp) on an Alpha, whereas JC (Fp) is faster than JC(F2n) on a Pentium. Moreover, we investigate the algorithm of the jacobian and the definition-field arithmetic to clarify our results from a practical point of view, with theoretical analysis.

  • A Hardware-Oriented Algorithm for Computing in Jacobians and Its Implementation for Hyperelliptic Cryptosystems 査読 国際誌

    Tetsuya Tamura, Kouichi SAKURAI

    PreProc. 1999 International Conference on Information Security and Cryptology   1787   221 - 235   1999年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Over $F_p$ vs. $F_{2^n}$ over and on Pentium vs. on Alpha in Software Implementation of Hyperelliptic Curve 査読 国際誌

    Yasuyuki Sakai and Kouichi SAKURAI

    PreProc. 1999 International Conference on Information Security and Cryptology   1787   82 - 101   1999年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • On Threshold RSA-Signing with no Dealer 査読 国際誌

    Shingo MIYAZAKI, Kouichi SAKURAI and Moti YUNG

    PreProc. 1999 International Conference on Information Security and Cryptology   1787   197 - 207   1999年12月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • 公開掲示板を用いた競り下げ電子オークション方式 査読

    宮崎真悟, 櫻井幸一

    情報処理学会論文誌   1999年8月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • 有限体$F_{2^n}$上の超楕円曲線暗号のソフトウエア実装 査読

    酒井 康行, 櫻井幸一

    電子情報通信学会論文誌   1999年8月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • オフライン型電子現金システムの分類と管理機関の内部不正に対する安全性評価 査読

    宮崎 真悟, 櫻井 幸一

    情報処理学会論文誌   1999年3月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • Toward Fair International Key Escrow -- An attempt by distributed Trusted Third Agencies with threshold cryptography -- 査読 国際誌

    S.Miyazaki, I. Kuroda, and K. SAKURAI

    Proc. 1999 International Workshop on Practice and Theory in Public Key Cryptography   1560   171 - 187   1999年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Divertible and subliminal-free zero-knowledge proofs for languages 査読 国際誌

    T.Itoh, M.Burmester, Y.Desmdet, K.SAKURAI, and H.Shizuya

    J. of Cryptology   12 ( 3 )   197 - 223   1999年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1007/s001459900053

  • Efficient algorithms for the Jacobian variety fo hyperelliptic curves $y^2 = x^p -x + 1$ over a finite field of odd characteristic $p$ 査読 国際誌

    I. Duursma, and K. SAKURAI

    Coding Theory, Cryptography and related areas   1999年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Parallel Withstanding Attack with Forging Key Certificates on an Electronic Cash System Based on Message-Recovery Blind Digital Signatures 査読 国際誌

    S.Miyazaki, and K. SAKURAI

    Proc. International Workshop on Cryptographic Techniques & E-Commerce   1999年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Bulletin-Board Based Digital Auction Scheme with Bidding Down Strategy - Towards Anonymous Electronic Bidding without Anonymous Channels nor Trusted Centers 査読 国際誌

    K. SAKURAI and S.Miyazaki

    Proc. International Workshop on Cryptographic Techniques & E-Commerce   1999年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Classification of Chaum-Fiat-Naor Paradigm based anonymous electronic cash systems accroding to vulunerability aganist insider-attacks from untrusted authorities 査読 国際誌

    M.Shingo and K. SAKURAI

    Proc. International Workshop on Cryptographic Techniques & E-Commerce   1999年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • An improvement of ElYaniv-Fiat-Karp-Tarpin's money-making bi-directional strategy 査読 国際誌

    E. Dannoura and K.SAKURAI

    Information Processing Letters   66 ( 1 )   27 - 33   1998年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1016/S0020-0190(98)00032-5

  • An improvement on El-Yaniv-Fiat-Karp-Turpin's money-making bi-directional trading strategy 査読

    Eisuke Dannoura, Kouichi Sakurai

    Information Processing Letters   66 ( 1 )   27 - 33   1998年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

  • Secure hyperelliptic cryptosystems and their performance 査読 国際誌

    Y.Sakai, K. SAKURAI and M. Ishizuka

    Proc. PKC'98   1998年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A Structural comparison of the computational difficulty of breaking discrete log cryptosystems. 査読 国際誌

    K.SAKURAI and H. Shizuya

    J. of Cryptology   11 ( 1 )   29 - 43   1998年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1007/s001459900033

  • 取引手数料を考慮したオンライン為替交換アルゴリズムの効率解析 査読

    檀浦 詠介, 櫻井 幸一

    情報処理学会論文誌   1998年1月

     詳細を見る

    記述言語:日本語   掲載種別:研究論文(学術雑誌)  

  • Design of Hyperelliptic Cryptosystems in Small Characteristic and a Software Implementation over $F_{2^n}$ 査読 国際誌

    Y.Sakai, K. SAKURAI

    Proc. of ASIACRYPT'98   1514   80 - 94   1998年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Checking programs discreteetly: Demonstrating result-correctness efficiently while concealing it 査読 国際誌

    G. Di Crecenzo, K. SAKURAI and M. Yung

    Algorithms and Computation 9th International Symposium, ISAAC'98   1533   59 - 68   1998年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Secure hyperelliptic cryptosystems and their performance 査読 国際誌

    Y.Sakai, K. SAKURAI and M. Ishizuka

    Proc. Public Key Cryptography'98   1998年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • A more efficient untraceable e-cash system with partially blind signatures based on the the discrete logarithm problem 査読 国際誌

    S.Miyazaki, and K. SAKURAI

    Proc.Financial Cryptology'98   1998年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Result-indistinguishable zero-knowledge proofs: increased power and constant-round protocols 査読 国際誌

    G. Di Crecenzo, K. SAKURAI and M. Yung

    STACS 98, 15th Annual Symposium on Theoretical Aspects of Computer Science   1373   511 - 521   1998年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Security Issues for Contactless Smart Cards 査読 国際誌

    M.David and K. SAKURAI

    Proc. PKC'98   1998年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(国際会議プロシーディングス)  

  • Practical proofs of knowledge without relying on theoretical proofs of membership on languages 査読

    Kouichi Sakurai

    Theoretical Computer Science   181 ( 2 )   317 - 335   1997年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Formulations and properties of proving possession of knowledge in interactive protocols are investigated. A four-move protocol for quadratic residuosity is proposed and a new notion of practical soundness is introduced based on its application to a cryptographic identification scheme. The role of cryptographic assumptions in arguments (i.e., computationally convincing proofs) of knowledge is also explored.

    DOI: 10.1016/S0304-3975(96)00277-0

  • Practical proofs of knowledge without relying on theoretical proofs of membership on languages 査読

    Kouichi Sakurai

    Theoretical Computer Science   181 ( 2 )   317 - 335   1997年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Formulations and properties of proving possession of knowledge in interactive protocols are investigated. A four-move protocol for quadratic residuosity is proposed and a new notion of practical soundness is introduced based on its application to a cryptographic identification scheme. The role of cryptographic assumptions in arguments (i.e., computationally convincing proofs) of knowledge is also explored.

    DOI: 10.1016/S0304-3975(96)00277-0

  • On non-pseudorandomness from block ciphers with provable immunity against linear cryptanalysis 査読

    Kouichi Sakurai, Yuliang Zheng

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E80-A ( 1 )   19 - 24   1997年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    Weakness of a block cipher, which has provable immunity against linear cryptanalysis, is investigated. To this end, the round transformation used in MISTY, which is a data encryption algorithm recently proposed by M. Matsui from Mitsubishi Electric Corporation, is compared to the round transformation of DES from the point of view of pseudorandom generation. An important property of the MISTY cipher is that, in terms of theoretically provable resistance against linear and differential cryptanalysis, which are the most powerful cryptanalytic attacks known to date, it is more robust than the Data Encryption Standard or DES. This property can be attributed to the application of a new round transform in the MISTY cipher, which is obtained by changing the location of the basic round-function in a transform used in DES. Cryptographic roles of the transform used in the MISTY cipher are the main focus of this paper. Our research reveals that when used for constructing pseudorandom permutations, the transform employed by the MISTY cipher is inferior to the transform in DES, though the former is superior to the latter in terms of strength against linear and differential attacks. More specifically, we show that a 3-round (4-round, respectively) concatenation of transforms used in the MISTY cipher is not a pseudorandom (super pseudorandom, respectively) permutation. For comparison, we note that with three (four, respectively) rounds, transforms used in DES yield a pseudorandom (super pseudorandom, respectively) permutation. Another contribution of this paper is to show that a 3-round concatenation of transforms used in (the preliminary version of) the MISTY cipher has an algebraic property, which may open a door for various cryptanalytic attacks. These results clearly indicate that provable immunity against linear and differential cryptanalysis is not sufficient for designing a secure block cipher, and the security of the MISTY cipher will remain open until a close examination of its resistance is conducted against other cryptanalytic attacks than the linear or differential attack.

  • A short certificate of the number of universal optimal strategies for stopping simple stochastic games 査読

    Akio Yanbe, Kouichi Sakurai

    Information Processing Letters   57 ( 1 )   17 - 24   1996年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1016/0020-0190(95)00181-6

  • A short certificate of the number of universal optimal strategies for stopping simple stochastic games 査読

    Akio Yanbe, Kouichi Sakurai

    Information Processing Letters   57 ( 1 )   17 - 24   1996年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    DOI: 10.1016/0020-0190(95)00181-6

  • On the complexity of the discrete logarithm for a general finite group 査読

    Tatsuaki Okamoto, Kouichi Sakurai, Hiroki Shizuya

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E79-A ( 1 )   61 - 65   1996年

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    GDL is the language whose membership problem is polynomial-time Turing equivalent to the discrete logarithm problem for a general finite group G. This paper gives a characterization of GDL from the viewpoint of computational complexity theory. It is shown that GDL ε NP ∩ co-AM, assuming that G is in NP ∩ co-NP, and that the group law operation of G can be executed in polynomial time of the element size. Furthermore, as a natural probabilistic extension, the complexity of GDL is investigated under the assumption that the group law operation is executed in an expected polynomial time of the element size. In this case, it is shown that GDL ε MA ∩ co-AM if G ε MA ∩ co-MA. As a consequence, we show that GDL is not NP-complete unless the polynomial time hierarchy collapses to the second level.

  • Subliminal channels for transferring signatures Yet another cryptographic primitive 査読

    Kouichi Sakurai, Toshiya Itoh

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E77-A ( 1 )   31 - 38   1994年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    This paper considers the subliminal channel, hidden in an identification scheme, for transferring signatures. We observe the direct parallelization of the Fiat-Shamir identification scheme has a subliminal channel for the transmission of the digital signature. A positive aspect of this hidden channel supplies us how to transfer signatures without secure channels. As a formulation of such application, we introduce a new notion called privately recordable signature. The privately recordable signature is generated in an interactive protocol between a signer and a verifier, and only the verifier can keep the signatures although no third adversary can record the signatures. In this scheme, then the disclosure of the verifier's private coin turns the signer's signature into the ordinary digital signature which is verified by anybody with the singer's public key. The basic idea of our construction suggests the novel primitive that a transferring securely signatures without secret channels could be constructed using only one-way function (without trapdoor).

  • Constant round perfect ZKIP of computational ability 査読

    Toshiya Itoh, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E76-A ( 7 )   1225 - 1233   1993年7月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In this paper, we show that without any unproven assumption, there exists a 'four' move blackbox simulation perfect zero-knowledge interactive proof system of computational ability for any random self-reducible relation R whose domain is in B P P, and that without any unproven assumption, there exists a 'four' move blackbox simulation perfect zero-knowledge interactive proof system of knowledge on the prime factorization. These results are optimal in the light of the round complexity, because it is shown that if a relation R has a three move blackbox simulation (perfect) zero-knowledge interactive proof system of computational ability (or of knowledge), then there exists a probabilistic polynomial time algorithm that on input x ε {0, 1}, outputs y such that (x,y) ε R with overwhelming probability if x ε dom R, and outputs '⊥' with probability 1 if x ε dom R.

  • Characterization of languages in constant round perfect zero-knowledge interactive proofs 査読

    Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E76-A ( 4 )   546 - 554   1993年4月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In this paper, we consider a class of the languages that have (constant round) perfect zero-knowledge interactive proofs without assuming any complexity assumptions. Especially, we investigate the interactive protocol with the restricted prover who runs in probabilistic polynomial time and knows the complete factorization as a trapdoor information of the integer associated with the input. We give a condition of the existence of constant round perfect zero-knowledge interactive proofs without assuming any complexity assumptions. The bit commitment based on the quadratic residuosity has an important role in our protocol and the simulation is based on the technique developed by Bellare, Micali, and Ostrovsky in Ref. (9), so call double running process. However, the proof of perfect zero-knowledgeness needs a more powerful simulation technique. Our simulation extracts more knowledge, the complete factorization of the integer associated with the input, from a (cheating) verifier than Bellare-Micali-Ostrovsky's simulation does. Furthermore, our main result implies that Blum integer has a five move perfect zero-knowledge interactive proof without assuming any complexity assumptions. (All previous known zero-knowledge protocols for Blum integer required either unproven cryptographic assumptions or unbounded number of rounds of message exchange.)

  • On the complexity of constant round ZKIP of possession of knowledge 査読

    Tosyiya Itoh, Kouichi Sakurai

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E76-A ( 1 )   31 - 39   1993年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In this paper, we investigate the round complexity of zero-knowledge interactive proof systems of possession of knowledge, and mainly show that if a relation R has a three move blackbox simulation zero-knowledge interactive proof system of possession of knowledge, then there exists a probabilistic polynomial time algorithm that can be satisfied under certain conditions. The result can be generalized to zero-knowledge interactive proof systems of possession of knowledge with more than four moves, because it s known that there exist a 'four' move blackbox simulation perfect zero-knowledge interactive proof system of possession of knowledge for a nontrivial relation R.

  • Practical consequences of the discrepancy between zero-knowledge protocols and their parallel execution 査読

    Kouichi Sakurai, Toshiya Itoh

    IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E76-A ( 1 )   14 - 22   1993年1月

     詳細を見る

    記述言語:英語   掲載種別:研究論文(学術雑誌)  

    In this paper, we investigate the discrepancy between a serial version and parallel version of zero-knowledge protocols, and clarify the information 'leaked' in the parallel version, which is not zero-knowledge unlike the case of the serial version. We consider two sides: one negative and the other positive in the parallel version of zero-knowledge protocols, especially of the Fiat-Shamir scheme.

▼全件表示

書籍等出版物

  • 情報セキュリティ (IT Text)

    宮地 充子 編著、菊池 浩明 編著 執筆分担 /櫻井幸一(担当:共著)

    オーム社  2003年10月 

     詳細を見る

    記述言語:日本語   著書種別:学術書

    ネットワーク化の進展により重要度が増している情報セキュリティ技術について、基礎となる現代暗号理論から評価、認証技術、ネットワークセキュリティの最新の具体的技術まで、基準や情報倫理も含めて網羅した教科書。  情報セキュリティの全分野を体系的に学習できる。

  • 数論アルゴリズムと楕円暗号理論入門 ニール コブリッツ (著), 桜井 幸一 (翻訳)

    ニール コブリッツ (著), 桜井 幸一 (翻訳)(担当:単訳)

    (シュプリンガー数学クラブ)  1997年8月 

     詳細を見る

    記述言語:日本語   著書種別:学術書

    リポジトリ公開URL: http://hdl.handle.net/2324/1001353021

講演・口頭発表等

  • Application and limitations of non-fungible tokens from a cryptographic perspective 招待

    Kouichi SAKURAI

    BIOTC 2023  2023年7月 

     詳細を見る

    開催年月日: 2023年7月

    記述言語:英語   会議種別:口頭発表(一般)  

    開催地:Osaka International Convention Center   国名:日本国  

    その他リンク: https://www.biotc.net/biotc2023.html

  • Revisiting computationally independent pair of one-way functions from the point of view of non-malleability 招待 国際会議

    櫻井幸一/Kouichi SAKURAI

    The 2021 IEEE Conference on Dependable and Secure Computing  2021年2月 

     詳細を見る

    開催年月日: 2021年1月 - 2021年2月

    記述言語:英語   会議種別:口頭発表(招待・特別)  

    開催地:Aizu Univ, Fukushima/Hybrid   国名:日本国  

    One-way functions have been playing a fundamental role in modern cryptography, based on which important constructions and results are obtained. This talk introduces computationally-independent pair of one-way functions, which was motivated from Koyama’s initiated work on two move interactive proofs of computational power [“Direct Demonstration of the Power to Break Public-Key Cryptosystems", AUSCRYPT’90]. The speaker’s previous work [“Theory and application of computationally independent one-way functions: Interactive proof of ability - Revisited” ICMC’19] were focusing mainly on (non) one-way property of the pairwise one-way functions as an independency and remarked a connection with a side-channel model by Komargodski [Leakage Resilient One-Way Functions: The Auxiliary-Input Setting", TCC’16], whereas this talk discusses their non-malleability. Also we revisit Koyama’s approach with recent developments of cryptographic theory and applications.

    その他リンク: http://nsclab.org/dsc2021/keynote.html

  • Hiding digital information with AI: Power and Generalization of Adversarial Cryptography 招待

    櫻井幸一/Kouichi Sakurai

    The International Conference on Security & Privacy (ICSP 2020)  2020年11月 

     詳細を見る

    開催年月日: 2020年11月 - 2021年11月

    記述言語:英語   会議種別:口頭発表(招待・特別)  

    開催地:Department of Mathematics National Institute of Technology Jamshedpur/Online   国名:インド  

    Techniques of Artificial Intelligence including Neural Network have been applied to Cryptography and Information Hiding, while an important breakthrough “Adversarial Neural Cryptography” is presented by Abadi and Anderson, two researchers with Google, on 2016. This talk gives a survey on design and analysis of Information Hiding including Cryptography: before vs. after the Google-2016, and introduces recent results by the authors’ research group.

    その他リンク: https://sites.google.com/view/icsp2020/invited-speakers

  • How does Blockchain improve Electronic Voting ? 招待 国際会議

    櫻井 幸一/Kouichi Sakurai

    International Conference on Computational Intelligence, Data Science and Cloud Computing  2020年11月 

     詳細を見る

    開催年月日: 2020年9月

    記述言語:英語   会議種別:口頭発表(招待・特別)  

    開催地:Department of Information Technology Institute of Engineering & Management, Kolkata/Virtual   国名:インド  

    First we survey recent development of e-voting protocols based on Blockchain, while comparing the e-voting schemes proposed before Blockchain, and consider what Blockchain resolve the issue with designing e-voting schemes. Next, we discuss the security of e-voting including "Receipt-freeness" and "coercion-resistance" in recently proposed e-voting schemes with Blockchain, while we investigate the relationship and real gap between "receipt-freeness" and "coercion-resistance", which is one of the significant issues in Internet e-voting systems. Final remark is about how to design the ideal e-voting scheme with perfect security and strong privacy.

    その他リンク: http://www.iem-icdc.org/index.html#

  • Power and limitation of Adversarial Machine Learning an thdeir consequences 招待 国際会議

    Kouichi SAKURAI

    The Conference for ICT-Research in the Netherlands  2018年3月 

     詳細を見る

    開催年月日: 2018年3月

    記述言語:英語   会議種別:口頭発表(招待・特別)  

    開催地:Flint Amersfoort   国名:オランダ王国  

    その他リンク: http://www.ictopen.nl

  • Non-commutative approach enhance security of cryptosytems ?—    from Ong-Schnorr-Shamir via Sato-Araki towards Post Quantum Paradigm -- 招待 国際会議

    Kouichi SAKURAI

    4th International Conference on Mathematics and Computing  2018年1月 

     詳細を見る

    開催年月日: 2018年1月 - 2018年6月

    記述言語:英語   会議種別:口頭発表(招待・特別)  

    開催地:IIT (BHU) Varanasi   国名:インド  

  • (1)Bitcoin, Blockchain, FinTech, IoT, AI and your Future (2) Cryptography with Blockchain 招待 国際会議

    Koichi SAKURAI

    BLOCKCHAIN 2017 Workshop on Blockchain Technologies 29 November — 1 December, 2017  2018年6月 

     詳細を見る

    開催年月日: 2017年11月 - 2017年12月

    記述言語:日本語   会議種別:シンポジウム・ワークショップ パネル(公募)  

    開催地:Indian Statistical Institute, Kolkata   国名:インド  

    その他リンク: https://www.isical.ac.in/~rcbose/blockchain2017/

  • Anti-forensic aspects of biometirics towards Receipt-freeness and Coercion-Resistance in authentication protocols 招待 国際会議

    櫻井 幸一

    ATCS workshop of 12th EAI International Conference on Security and Privacy in Communication Networks  2016年10月 

     詳細を見る

    開催年月日: 2016年10月

    記述言語:日本語  

    国名:中華人民共和国  

    Currently, cancelable biometrics, asymmetric biometric authentication, and some related methods are proposed as remote biometrics. These proposals are discussed in the viewpoint of privacy protection. Namely, that are regarded as a forensic approach which means collecting evidence for some person’s authentication. However, there are a few research on anti-forensic approach which includes remaining no data in authentication systems. Therefore, we define “receipt-freeness” of biometric authentication protocol, which means no evidence left, as a first step. We analyse some remote biometric authentication protocols about “receipt-freeness.” This talk also consider the property and recent techniques for Coercion-Resistance in biometric authentication protocols, which have been investigated in electronic voting schemes.

    その他リンク: http://securecomm.org/2016/show/program-preliminary

  • Anti-forensic Aspects in Biometric Authentication Protocols: Receipt-freeness, Coercion-Resistance, and Undeniability 招待 国際会議

    Kouichi Sakurai

    UAE Cyber Security Workshop  2016年4月 

     詳細を見る

    開催年月日: 2016年4月

    記述言語:英語   会議種別:口頭発表(招待・特別)  

    開催地:NEY YORK Univ. UAE Campus   国名:アラブ首長国連邦  

    その他リンク: https://cybersecurityseminar.splashthat.com/

  • New infrastructure and applications developed from a cryptocurrency BITCOIN and a platform ETHEREUM 招待 国際会議

    Kouichi Sakurai

    ICoICT 2015 (The 3rd International Conference of Information and Communication Technology)  2015年5月 

     詳細を見る

    開催年月日: 2015年5月

    記述言語:英語   会議種別:口頭発表(招待・特別)  

    開催地:Bali Nusa Dua Convention Center, Bali, Indonesia.   国名:インドネシア共和国  

    Bitcoin is a peer-to-peer payment system and digital currency designed by the inventor named Satoshi Nakamoto. In this talk, we overview the current status of BITCOIN including problems from recent news. We also discuss a new cryptographic infrastructure inspired by BITCOIN, which is a kind of Decentralized Cryptographic system, whereas the traditional PKI is purely centralized. We further consider new applications with such decentralized cryptographic infrastructure including digital right management service. The state of the art with ETHEREUM, a platform for decentralized application which is inspired from BITCOIN, is also reported.

    その他リンク: http://2015.icoict.org/keynote-speaker/

  • A recent progress on design and analysis of Neural Cryptosystems 招待 国際会議

    Kouichi Sakurai

    The 8th IEEE International Conference on Smart City and Informatization (iSCI 2020)  2020年12月 

     詳細を見る

    開催年月日: 2020年12月 - 2021年1月

    記述言語:英語   会議種別:口頭発表(一般)  

    開催地:Guangzhou, China /Online   国名:中華人民共和国  

    Neural Network have been applied to Cryptography and extended to Steganography, while an important breakthrough “Adversarial Neural Cryptography” is presented by Abadi and Anderson, two researchers with Google, on 2016. This talk gives a survey on research progress of Neural Cryptography: before vs. after the Google-2016, and introduces recent results by the speaker’s research group.

  • An ANN Based Sequential Detection Method for Balancing Performance Indicators of IDS

    Hao Zhao, Yaokai Feng, Hiroshi Koide, Kouichi Sakurai

    7th International Symposium on Computing and Networking, CANDAR 2019  2019年11月 

     詳細を見る

    開催年月日: 2019年11月

    記述言語:英語  

    開催地:Nagasaki   国名:日本国  

    In recent years, the number of cyber attacks has been increasing rapidly and network security has become an important issue. As a vital component of defense against network threats, intrusion detection system (IDS) was introduced and machine learning algorithms have been widely used in such systems for high detection performance. There are several evaluation indices such as false positive rate, false negative rate, and so on. A problem is that these indices are often related to each other. For example, while we try to decrease the false positive rate, the false negative rate often tends to increase, and vice versa. In this study, we proposed an ANN based sequential classifier method to mitigate this problem. Specifically, we try to train ANN to have a low false positive rate, despite which may lead to high false negative rate. Then, the reported negative instances are sent to the next ANN to make a further investigation, where the false negative instances reported at the previous ANN may be classified correctly. In this way, the final false negative rate can also be improved greatly. The results of the experiment shows that the proposed method can bring lower false negative rate and higher accuracy of detection while making the false positive rate at an acceptable level. Moreover, the optimum number of ANNs for our proposal is also investigated and discussed in this study.

  • Reliable decentralized oracle with mechanisms for verification and disputation

    Limao Ma, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai

    7th International Symposium on Computing and Networking Workshops, CANDARW 2019  2019年11月 

     詳細を見る

    開催年月日: 2019年11月

    記述言語:英語  

    開催地:Nagasaki   国名:日本国  

    Smart contract using Blockchain technology provides a mechanism to automatically exchange 'cash' and 'service' according to programmed conditions without requiring reliable third-party intervention. This results in reduction of time and cost for complex contract execution. Some contract execution require external information outside Blockchain as a trigger to execute the code specifying process for a certain contract. However, because Blockchain technology itself does not provide a function to directly access such external information, these applications require a proxy system called 'oracle'. Oracle is in charge accessing external information, to verify it, and to write it on Blockchain. To avoid security incidents such as oracle writing malicious information on Blockchain, reliability of oracle must be required. This paper introduces a decentralized oracle equipping with verification and disputation mechanisms. To evaluate reliability of the proposed mechanisms, a simulation-based experiment was conducted. The experimental results showed that our solution could effectively suppress the interference of malicious participants and obtained reliable consensus results even if relatively many malicious participants joined in the consensus process on the proposed decentralized oracle.

  • Frame difference generative adversarial networks Clearer contour video generating

    Rui Qiu, Danilo Vasconcellos Vargas, Kouich Sakurai

    7th International Symposium on Computing and Networking Workshops, CANDARW 2019  2019年11月 

     詳細を見る

    開催年月日: 2019年11月

    記述言語:英語  

    開催地:Nagasaki   国名:日本国  

    Generating image and video is a hot topic in Deep Learning. Especially, generating video is a difficult but meaningful work. How to generate video which has diversity and plausibility is still a problem to be solved. In this paper, we propose a novel model of Generative Adversarial Network(GAN) which called FDGAN to generate clear contour lines. Unlike existing GAN that only use frames, our method extends to use inter-frame difference. First introduce two temporal difference methods to process the inter-frame. Then increase a frame difference discriminator to discriminate whether the inter-frame is true or not. Using the model and new structure proposed, we perform video generation experiments on several widely used benchmark datasets such as MOVING MNIST, UCF-101. Consequently, the results achieve state-of-the-art performance for clarifying contour lines. Both quantitative and qualitative evaluations were made to show the effectiveness of our methods.

  • Proposal and evaluation of a security incident response training method using programming

    Katsumi Nagai, Hiroshi Koide, Kouichi Sakurai

    20th Annual Conference on Information Technology Education, SIGITE 2019  2019年9月 

     詳細を見る

    開催年月日: 2019年10月

    記述言語:英語  

    開催地:Tacoma   国名:アメリカ合衆国  

    Nowadays, there are various cyber-attacks in the world. In terms of dealing with cyber incident, there are many non-technical factors. Table Top Exercises are available for improving it but need some fund, time and trainers who conduct it more smoothly. So, in this work, we propose a security incident response training method using programming. It aims to improve some non-technical skills. Our proposal is actually executed with questionnaires.

  • Efficient shortest path routing algorithms for distributed XML processing

    Ye Longjian, Hiroshi Koide, Dirceu Cavendish, Kouichi Sakurai

    15th International Conference on Web Information Systems and Technologies, WEBIST 2019  2019年1月 

     詳細を見る

    開催年月日: 2019年9月

    記述言語:英語  

    開催地:Vienna   国名:オーストリア共和国  

    This paper analyses the problem of efficiently routing XML documents on a network whose nodes are capable of distributed XML processing. The goal of our study is to find network paths for which XML documents' transmission will result in high likelihood that a large portion of the documents be processed within the network, decreasing the amount of XML processing at documents arrival at the destination site. We propose several routing algorithms for single route and multipath routing and evaluate them on a distributed XML network simulation environment. We show the benefits of the proposed XML routing algorithms as compared with widespread minimum hop routing strategy of the Internet.

  • Secret Sharing on Evolving Multi-level Access Structure

    Sabyasachi Dutta, Partha Sarathi Roy, Kazuhide Fukushima, Shinsaku Kiyomoto, Kouichi Sakurai

    20th World Conference on Information Security Applications, WISA 2019  2020年1月 

     詳細を見る

    開催年月日: 2019年8月

    記述言語:英語  

    開催地:Jeju Island   国名:大韓民国  

    Secret sharing is a process that allows storing secret information in a distributed manner among several participants. In the original setting of secret sharing schemes, it was assumed that the total number of participants is fixed from the very beginning. However, to meet the state of the art needs, it is required to consider the scenario where any time a new participant can join and the total number of participants is (possibly) unbounded. Evolving secret sharing solves the problem. Secret sharing for evolving threshold access structure has been considered in the last few years. Here, we consider the Multi-level access structures. More specifically, we consider evolving compartmental and hierarchical access structures. We provide constructions with the estimation of share sizes.

  • A sequential scheme for detecting cyber attacks in IoT environment

    Yan Naung Soe, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, Kouichi Sakurai

    17th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 17th International Conference on Pervasive Intelligence and Computing, IEEE 5th International Conference on Cloud and Big Data Computing, 4th Cyber Science and Technology Congress, DASC-PiCom-CBDCom-CyberSciTech 2019  2019年8月 

     詳細を見る

    開催年月日: 2019年8月

    記述言語:英語  

    開催地:Fukuoka   国名:日本国  

    With the rapid spread of the IoT (Internet of Things) devices, our daily life has been becoming more convenient and efficient. However, the attacker is more easily targeting the IoT devices to make them become attack destinations or bots for attacking other victims. This is because most of the IoT devices have not enough resources, memory and computation skill, to be equipped with an efficient security system. The mainstream of the actual IDSs (Intrusion Detection Systems) for traditional networks/computers and those for the IoT devices are still signature/rule-based. It is well known that such detection systems cannot handle new kind of attacks or new variants. And, the formal rule-based detection techniques would be circumvented by attackers. Moreover, for many IoT devices, so many signatures/rules often cannot be operated. Machine learning-based technologies are attracted much attention from many researchers and developers in recent years. Such methods can detect specific attacks or just detect anomalies. In many related works, one classifier is often trained for detecting multiple kinds of attacks, which is obviously cannot grantee an optimum performance for every kind of attacks. In this study, we proposed a system that detects multiple specific attacks in a sequential manner. That is, each kind of specific attacks is detected using a designated classifier instead of a common one. An artificial neural network as the classifier is trained and used for each kind of the specific attacks. As a result, the multiple classifiers can detect the specific attacks in a sequential manner. Our proposal is explained in detail in this paper and its performance is examined using different activation functions. We also make it clear which activation function is the best choice for our system.

  • Security and trust issues on digital supply chain

    Haibo Zhang, Toru Nakamura, Kouichi Sakurai

    17th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 17th International Conference on Pervasive Intelligence and Computing, IEEE 5th International Conference on Cloud and Big Data Computing, 4th Cyber Science and Technology Congress, DASC-PiCom-CBDCom-CyberSciTech 2019  2019年8月 

     詳細を見る

    開催年月日: 2019年8月

    記述言語:英語  

    開催地:Fukuoka   国名:日本国  

    This exploratory investigation aims to discuss current status and challenges, especially in aspect of security and trust problems, of digital supply chain management system with applying some advanced information technologies, such as Internet of Things, cloud computing and blockchain, for improving various system performance and properties, i.e. transparency, visibility, accountability, traceability and reliability. This paper introduces the general histories and definitions, in terms of information science, of the supply chain and relevant technologies which have been applied or are potential to be applied on supply chain with purpose of lowering cost, facilitating its security and convenience. It provides a comprehensive review of current relative research work and industrial cases from several famous companies. It also illustrates requirements or performance of digital supply chain system, security management and trust issues. Finally, this paper concludes several potential or existing security issues and challenges which supply chain management is facing.

  • Universal Rules for Fooling Deep Neural Networks based Text Classification

    Di Li, Danilo Vasconcellos Vargas, Sakurai Kouichi

    2019 IEEE Congress on Evolutionary Computation, CEC 2019  2019年6月 

     詳細を見る

    開催年月日: 2019年6月

    記述言語:英語  

    開催地:Wellington   国名:ニュージーランド  

    Recently, deep learning based natural language processing techniques are being extensively used to deal with spam mail, censorship evaluation in social networks, among others. However, there is only a couple of works evaluating the vulnerabilities of such deep neural networks. Here, we go beyond attacks to investigate, for the first time, universal rules, i.e., rules that are sample agnostic and therefore could turn any text sample in an adversarial one. In fact, the universal rules do not use any information from the method itself (no information from the method, gradient information or training dataset information is used), making them black-box universal attacks. In other words, the universal rules are sample and method agnostic. By proposing a coevolutionary optimization algorithm we show that it is possible to create universal rules that can automatically craft imperceptible adversarial samples (only less than five perturbations which are close to misspelling are inserted in the text sample). A comparison with a random search algorithm further justifies the strength of the method. Thus, universal rules for fooling networks are here shown to exist. Hopefully, the results from this work will impact the development of yet more sample and model agnostic attacks as well as their defenses.

  • Deniable Secret Handshake Protocol - Revisited

    Somnath Panja, Sabyasachi Dutta, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019  2020年1月 

     詳細を見る

    開催年月日: 2019年3月

    記述言語:英語  

    開催地:Matsue   国名:日本国  

    The notion of deniability ensures that the transcript generated in an interactive protocol does not yield any evidence of the interaction. In the context of key-exchange protocols for secure message transmission, the notion of deniability is well-explored. On the other hand, a secret handshake protocol enables a group of authorized users to establish a shared secret key and authenticate each other. Recently, a framework for deniable secret handshake is proposed by Tian et al. in ISPEC 2018. We analyze the protocol, show three flaws and give solutions to prevent them.

  • Simulation of Secure Volunteer Computing by Using Blockchain

    Johjima Shota, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019  2020年1月 

     詳細を見る

    開催年月日: 2019年3月

    記述言語:英語  

    開催地:Matsue   国名:日本国  

    Volunteer Computing (VC) is one of methods of distributed computing. In VC process, several volunteers provide their computing resources for some computational purposes. Because most VC is supposed to be executed based on a situation that each volunteer is an honest one, in a case that some malicious volunteers are inside the VC network, the VC contains potential risk of causing to output an unreliable computational result. To improve the reliability of the computational result, several existing VCs adopt a method of majority voting using reliability parameters. However, this method contains potential vulnerability against to “Sybil Attack”. Therefore, in this paper, we propose our VC system using blockchain technology named “Hierarchy-System” to solve these problems and also show the evaluation result executed on a VC system simulated our proposed method.

  • Implementing Lightweight IoT-IDS on Raspberry Pi Using Correlation-Based Feature Selection and Its Performance Evaluation

    Yan Naung Soe, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019  2020年1月 

     詳細を見る

    開催年月日: 2019年3月

    記述言語:英語  

    開催地:Matsue   国名:日本国  

    The application of many IoT devices is making our world more convenient and efficient. However, it also makes a large number of cyber-attacks possible because most IoT devices have very limited resources and cannot perform ordinary intrusion detection systems. How to implement efficient and lightweight IDS in IoT environments is a critically important and challenging task. Several detection systems have been implemented on Raspberry Pi, but most of them are signature-based and only allow limited rules. In this study, a lightweight IDS based on machine learning is implemented on a Raspberry Pi. To make the system lightweight, a correlation-based feature selection algorithm is applied to significantly reduce the number of features and a lightweight classifier is utilized. The performance of our system is examined in detail and the experimental result indicates that our system is lightweight and has a much higher detection speed with almost no sacrifice of detection accuracy.

  • Deniable Secret Handshake Protocol - Revisited

    Somnath Panja, Sabyasachi Dutta, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019  2020年1月 

     詳細を見る

    開催年月日: 2019年3月

    記述言語:英語  

    開催地:Matsue   国名:日本国  

    The notion of deniability ensures that the transcript generated in an interactive protocol does not yield any evidence of the interaction. In the context of key-exchange protocols for secure message transmission, the notion of deniability is well-explored. On the other hand, a secret handshake protocol enables a group of authorized users to establish a shared secret key and authenticate each other. Recently, a framework for deniable secret handshake is proposed by Tian et al. in ISPEC 2018. We analyze the protocol, show three flaws and give solutions to prevent them.

  • Simulation of Secure Volunteer Computing by Using Blockchain

    Johjima Shota, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019  2020年1月 

     詳細を見る

    開催年月日: 2019年3月

    記述言語:英語  

    開催地:Matsue   国名:日本国  

    Volunteer Computing (VC) is one of methods of distributed computing. In VC process, several volunteers provide their computing resources for some computational purposes. Because most VC is supposed to be executed based on a situation that each volunteer is an honest one, in a case that some malicious volunteers are inside the VC network, the VC contains potential risk of causing to output an unreliable computational result. To improve the reliability of the computational result, several existing VCs adopt a method of majority voting using reliability parameters. However, this method contains potential vulnerability against to “Sybil Attack”. Therefore, in this paper, we propose our VC system using blockchain technology named “Hierarchy-System” to solve these problems and also show the evaluation result executed on a VC system simulated our proposed method.

  • Implementing Lightweight IoT-IDS on Raspberry Pi Using Correlation-Based Feature Selection and Its Performance Evaluation

    Yan Naung Soe, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019  2020年1月 

     詳細を見る

    開催年月日: 2019年3月

    記述言語:英語  

    開催地:Matsue   国名:日本国  

    The application of many IoT devices is making our world more convenient and efficient. However, it also makes a large number of cyber-attacks possible because most IoT devices have very limited resources and cannot perform ordinary intrusion detection systems. How to implement efficient and lightweight IDS in IoT environments is a critically important and challenging task. Several detection systems have been implemented on Raspberry Pi, but most of them are signature-based and only allow limited rules. In this study, a lightweight IDS based on machine learning is implemented on a Raspberry Pi. To make the system lightweight, a correlation-based feature selection algorithm is applied to significantly reduce the number of features and a lightweight classifier is utilized. The performance of our system is examined in detail and the experimental result indicates that our system is lightweight and has a much higher detection speed with almost no sacrifice of detection accuracy.

  • Deniable Secret Handshake Protocol - Revisited

    Somnath Panja, Sabyasachi Dutta, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019  2020年1月 

     詳細を見る

    開催年月日: 2019年3月

    記述言語:英語  

    開催地:Matsue   国名:日本国  

    The notion of deniability ensures that the transcript generated in an interactive protocol does not yield any evidence of the interaction. In the context of key-exchange protocols for secure message transmission, the notion of deniability is well-explored. On the other hand, a secret handshake protocol enables a group of authorized users to establish a shared secret key and authenticate each other. Recently, a framework for deniable secret handshake is proposed by Tian et al. in ISPEC 2018. We analyze the protocol, show three flaws and give solutions to prevent them.

  • Simulation of Secure Volunteer Computing by Using Blockchain

    Johjima Shota, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019  2020年1月 

     詳細を見る

    開催年月日: 2019年3月

    記述言語:英語  

    開催地:Matsue   国名:日本国  

    Volunteer Computing (VC) is one of methods of distributed computing. In VC process, several volunteers provide their computing resources for some computational purposes. Because most VC is supposed to be executed based on a situation that each volunteer is an honest one, in a case that some malicious volunteers are inside the VC network, the VC contains potential risk of causing to output an unreliable computational result. To improve the reliability of the computational result, several existing VCs adopt a method of majority voting using reliability parameters. However, this method contains potential vulnerability against to “Sybil Attack”. Therefore, in this paper, we propose our VC system using blockchain technology named “Hierarchy-System” to solve these problems and also show the evaluation result executed on a VC system simulated our proposed method.

  • Implementing Lightweight IoT-IDS on Raspberry Pi Using Correlation-Based Feature Selection and Its Performance Evaluation

    Yan Naung Soe, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, Kouichi Sakurai

    33rd International Conference on Advanced Information Networking and Applications, AINA-2019  2020年1月 

     詳細を見る

    開催年月日: 2019年3月

    記述言語:英語  

    開催地:Matsue   国名:日本国  

    The application of many IoT devices is making our world more convenient and efficient. However, it also makes a large number of cyber-attacks possible because most IoT devices have very limited resources and cannot perform ordinary intrusion detection systems. How to implement efficient and lightweight IDS in IoT environments is a critically important and challenging task. Several detection systems have been implemented on Raspberry Pi, but most of them are signature-based and only allow limited rules. In this study, a lightweight IDS based on machine learning is implemented on a Raspberry Pi. To make the system lightweight, a correlation-based feature selection algorithm is applied to significantly reduce the number of features and a lightweight classifier is utilized. The performance of our system is examined in detail and the experimental result indicates that our system is lightweight and has a much higher detection speed with almost no sacrifice of detection accuracy.

  • Secret Sharing Schemes on Compartmental Access Structure in Presence of Cheaters

    Jyotirmoy Pramanik, Partha Sarathi Roy, Sabyasachi Dutta, Avishek Adhikari, Kouichi Sakurai

    14th International Conference on Information Systems Security, ICISS 2018  2018年1月 

     詳細を見る

    開催年月日: 2018年12月

    記述言語:英語  

    開催地:Bangalore   国名:インド  

    Various adversarial scenarios have been considered in secret sharing for threshold access structure. However, threshold access structure can not provide efficient solution when participants are classified in different compartments. Of many access structures for which ideal secret sharing schemes can be realized, compartmental access structure is an important one. This paper is targeted to initiate the study of secret sharing schemes for compartmental access structure secure against malicious adversary. This paper presents definitions of cheating detectable, cheater identifiable and robust secret sharing schemes in compartmental access structure and their realization through five different constructions in the information-theoretic setting. Moreover in case of cheater identification and robustness, proposed protocols are secure against rushing adversary who are allowed to submit (possibly forged) shares after observing shares of the honest participants in the reconstruction phase.

  • Analysis of variance of graph-clique mining for scalable proof of work

    Hiroaki Anada, Tomohiro Matsushima, Chunhua Su, Weizhi Meng, Junpei Kawamoto, Samiran Bag, Kouichi Sakurai

    14th International Conference on Information Security and Cryptology, Inscrypt 2018  2019年1月 

     詳細を見る

    開催年月日: 2018年12月

    記述言語:英語  

    開催地:Fuzhou   国名:中華人民共和国  

    Recently, Bitcoin is becoming one of the most popular decentralized cryptographic currency technologies, and Bitcoin mining is a process of adding transaction records to Bitcoin’s public ledger of past transactions or blockchain. To obtain a bitcoin, the mining process involves compiling recent transactions into blocks and trying to solve a computationally difficult puzzle, e.g., proof of work puzzle. A proof of work allows miners the ability to quantify how much work a given proof contains. Basically, the required time for mining is decided in advance, but problems will occur if the value is large for dispersion. In this paper, we first accept that the required time between consecutive blocks follows the exponential distribution. That is, the variance is stable as long as the expected time is fixed. Then, we focus on the graph clique mining technique proposed by the literature, like Tromp (BITCOIN 2015) and Bag-Ruj-Sakurai (Inscrypt 2015), which is based on a computational difficulty problem of searching cliques of undirected graphs, where a clique is a subset of vertices. In particular, when the clique size is two, graph clique mining can be used to gain Bitcoins. The previous work also claimed that if the clique size is parameterized and increased, even if the expected time is fixed, the variance would not be stable. However, no qualitative or quantitative results were given to support their claim. Motivated by this issue, in this work, we propose a simple search algorithm for graph cliques mining, and perform a small scale evaluation on Bitcoin and Graph cliques’s solo mining to investigate the variance issue.

  • Analysis of variance of graph-clique mining for scalable proof of work

    Hiroaki Anada, Tomohiro Matsushima, Chunhua Su, Weizhi Meng, Junpei Kawamoto, Samiran Bag, Kouichi Sakurai

    14th International Conference on Information Security and Cryptology, Inscrypt 2018  2019年1月 

     詳細を見る

    開催年月日: 2018年12月

    記述言語:英語  

    開催地:Fuzhou   国名:中華人民共和国  

    Recently, Bitcoin is becoming one of the most popular decentralized cryptographic currency technologies, and Bitcoin mining is a process of adding transaction records to Bitcoin’s public ledger of past transactions or blockchain. To obtain a bitcoin, the mining process involves compiling recent transactions into blocks and trying to solve a computationally difficult puzzle, e.g., proof of work puzzle. A proof of work allows miners the ability to quantify how much work a given proof contains. Basically, the required time for mining is decided in advance, but problems will occur if the value is large for dispersion. In this paper, we first accept that the required time between consecutive blocks follows the exponential distribution. That is, the variance is stable as long as the expected time is fixed. Then, we focus on the graph clique mining technique proposed by the literature, like Tromp (BITCOIN 2015) and Bag-Ruj-Sakurai (Inscrypt 2015), which is based on a computational difficulty problem of searching cliques of undirected graphs, where a clique is a subset of vertices. In particular, when the clique size is two, graph clique mining can be used to gain Bitcoins. The previous work also claimed that if the clique size is parameterized and increased, even if the expected time is fixed, the variance would not be stable. However, no qualitative or quantitative results were given to support their claim. Motivated by this issue, in this work, we propose a simple search algorithm for graph cliques mining, and perform a small scale evaluation on Bitcoin and Graph cliques’s solo mining to investigate the variance issue.

  • Analysis of variance of graph-clique mining for scalable proof of work

    Hiroaki Anada, Tomohiro Matsushima, Chunhua Su, Weizhi Meng, Junpei Kawamoto, Samiran Bag, Kouichi Sakurai

    14th International Conference on Information Security and Cryptology, Inscrypt 2018  2019年1月 

     詳細を見る

    開催年月日: 2018年12月

    記述言語:英語  

    開催地:Fuzhou   国名:中華人民共和国  

    Recently, Bitcoin is becoming one of the most popular decentralized cryptographic currency technologies, and Bitcoin mining is a process of adding transaction records to Bitcoin’s public ledger of past transactions or blockchain. To obtain a bitcoin, the mining process involves compiling recent transactions into blocks and trying to solve a computationally difficult puzzle, e.g., proof of work puzzle. A proof of work allows miners the ability to quantify how much work a given proof contains. Basically, the required time for mining is decided in advance, but problems will occur if the value is large for dispersion. In this paper, we first accept that the required time between consecutive blocks follows the exponential distribution. That is, the variance is stable as long as the expected time is fixed. Then, we focus on the graph clique mining technique proposed by the literature, like Tromp (BITCOIN 2015) and Bag-Ruj-Sakurai (Inscrypt 2015), which is based on a computational difficulty problem of searching cliques of undirected graphs, where a clique is a subset of vertices. In particular, when the clique size is two, graph clique mining can be used to gain Bitcoins. The previous work also claimed that if the clique size is parameterized and increased, even if the expected time is fixed, the variance would not be stable. However, no qualitative or quantitative results were given to support their claim. Motivated by this issue, in this work, we propose a simple search algorithm for graph cliques mining, and perform a small scale evaluation on Bitcoin and Graph cliques’s solo mining to investigate the variance issue.

  • A new design for evaluating moving target defense system

    Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment.

  • Tracing MIRAI malware in networked system

    Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    In 2021, it is anticipated that there will be approximately 30 billion Internet of Things (IoT) devices. The tremendous aggregate value of the IoT makes it a tempting and lucrative target for cyber criminals. The breakout of Mirai malware, which compromises poorly secured IoT devices with factory-default username and passphrase to launch Distributed Denial of Service (DDoS) attacks, has raised broad awareness towards the need for increased IoT security. To better defend against Mirai infection and spread, it is critical to know how the malware operates as the first step. In this paper, we give a combined static and dynamic analysis of Mirai, basing on the results of which, we introduce the application of Threat Tracer. Threat tracer is an information system simulator initially developed to help design a system robust against Advanced Persistent Attacks(APT). It offers an intuitive track on how a cyber threat behaves in a complicated networked system. The feedback simultaneously contributes to revealing vulnerabilities of a system. Our work focuses on the replication of Mirai Malware's operating processes in Threat Tracer simulation. By achieving doing so, we believe it could offer a comprehensible description of how Mirai acts. Also, considering the continuous emergence of Mirai variants, the simulation serves as a predictor on upcoming threats' behavior patterns.

  • Suppressing chain size of blockchain-based information sharing for swarm robotic systems

    Yuki Nishida, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Swarm robotics is a research field in which a group of autonomous robots execute tasks through cooperative works. Sharing information among robots is a central function for an optimal performance of the system. Given that the swarm network structure constantly changes when robots move, it becomes difficult to guarantee on information sharing by all swarm members. We, in this work, propose an approach for information sharing on swarm robotic systems by using Blockchain technology. A function of distributed ledger in Blockchain technology has possibility to solve the information sharing problem and to easily synchronize their state. However, because Blockchain persistently keeps past transactions, the increase of its chain size is one of the serious issues to manage Blockchain technology. In this paper, we introduce a methodology to share information among autonomous robots and demonstrate through experiments that how the differences in data size recorded in the blockchain affect the chain size. As a result, compared with our previous approach, we succeeded in suppressing increase in chain size by using the proposal approach; it was reduced the amount of increase in chain size about 73.0% when each node repeatedly shared about 2.8KB image data by 100 times.

  • Neural cryptography based on the topology evolving neural networks

    Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Modern cryptographic schemes is developed based on the mathematical theory. Recently works show a new direction about cryptography based on the neural networks. Instead of learning a specific algorithm, a cryptographic scheme is generated automatically. While one kind of neural network is used to achieve the scheme, the idea of the neural cryptography can be realized by other neural network architecture is unknown. In this paper, we make use of this property to create neural cryptography scheme on a new topology evolving neural network architecture called Spectrum-diverse unified neuroevolution architecture. First, experiments are conducted to verify that Spectrum-diverse unified neuroevolution architecture is able to achieve automatic encryption and decryption. Subsequently, we do experiments to achieve the neural symmetric cryptosystem by using adversarial training.

  • Empirical evaluation on robustness of deep convolutional neural networks activation functions against adversarial perturbation

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Recent research has shown that deep convolutional neural networks (DCNN) are vulnerable to several different types of attacks while the reasons of such vulnerability are still under investigation. For instance, the adversarial perturbations can conduct a slight change on a natural image to make the target DCNN make the wrong recognition, while the reasons that DCNN is sensitive to such small modification are divergent from one research to another. In this paper, we evaluate the robustness of two commonly used activation functions of DCNN, namely the sigmoid and ReLu, against the recently proposed low-dimensional one-pixel attack. We show that the choosing of activation functions can be an important factor that influences the robustness of DCNN. The results show that comparing with sigmoid, the ReLu non-linearity is more vulnerable which allows the low dimensional one-pixel attack exploit much higher success rate and confidence of launching the attack. The results give insights on designing new activation functions to enhance the security of DCNN.

  • Detecting distributed cyber attacks in SDN based on automatic thresholding

    Ryousuke Komiya, Yaokai Feng, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Distributed Cyber Attack launched from many hosts simultaneously has become one of the most sophisticated and the most dangerous attacks in the cyber world including the traditional Internet and the SDN (Software Defined Networking) environments. As a kind of centralized network environment, the SDN has been greatly developed and popularized in recent years, especially in cloud systems. Thus, how to efficiently detect distributed attacks in SDN environments has attracted great attentions in academia and industry and various researches have been done to counter such attacks. The latest related researches made attempts to exploit the information of the PacketIn packets collected in the SDN controller and those methods proved efficient for detecting distributed cyber attacks in SDN environments. However, such methods adopted a threshold for distinguishing between attacks and normal situations. The threshold must be properly determined manually in advance, which is not easy in many applications even for experts. In this study, we try to automatically extract a proper threshold from the historical data of the monitored SDN environment so that the difficult parameter-tuning (determination of the threshold) process can be removed. In addition, because the extracted threshold can well reflect the actual situations of the monitored environment, a better detection performance than the existing approaches can be expected. The detection performance of our proposal is also tested using real traffic data.

  • A new design for evaluating moving target defense system

    Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment.

  • Tracing MIRAI malware in networked system

    Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    In 2021, it is anticipated that there will be approximately 30 billion Internet of Things (IoT) devices. The tremendous aggregate value of the IoT makes it a tempting and lucrative target for cyber criminals. The breakout of Mirai malware, which compromises poorly secured IoT devices with factory-default username and passphrase to launch Distributed Denial of Service (DDoS) attacks, has raised broad awareness towards the need for increased IoT security. To better defend against Mirai infection and spread, it is critical to know how the malware operates as the first step. In this paper, we give a combined static and dynamic analysis of Mirai, basing on the results of which, we introduce the application of Threat Tracer. Threat tracer is an information system simulator initially developed to help design a system robust against Advanced Persistent Attacks(APT). It offers an intuitive track on how a cyber threat behaves in a complicated networked system. The feedback simultaneously contributes to revealing vulnerabilities of a system. Our work focuses on the replication of Mirai Malware's operating processes in Threat Tracer simulation. By achieving doing so, we believe it could offer a comprehensible description of how Mirai acts. Also, considering the continuous emergence of Mirai variants, the simulation serves as a predictor on upcoming threats' behavior patterns.

  • Suppressing chain size of blockchain-based information sharing for swarm robotic systems

    Yuki Nishida, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Swarm robotics is a research field in which a group of autonomous robots execute tasks through cooperative works. Sharing information among robots is a central function for an optimal performance of the system. Given that the swarm network structure constantly changes when robots move, it becomes difficult to guarantee on information sharing by all swarm members. We, in this work, propose an approach for information sharing on swarm robotic systems by using Blockchain technology. A function of distributed ledger in Blockchain technology has possibility to solve the information sharing problem and to easily synchronize their state. However, because Blockchain persistently keeps past transactions, the increase of its chain size is one of the serious issues to manage Blockchain technology. In this paper, we introduce a methodology to share information among autonomous robots and demonstrate through experiments that how the differences in data size recorded in the blockchain affect the chain size. As a result, compared with our previous approach, we succeeded in suppressing increase in chain size by using the proposal approach; it was reduced the amount of increase in chain size about 73.0% when each node repeatedly shared about 2.8KB image data by 100 times.

  • Neural cryptography based on the topology evolving neural networks

    Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Modern cryptographic schemes is developed based on the mathematical theory. Recently works show a new direction about cryptography based on the neural networks. Instead of learning a specific algorithm, a cryptographic scheme is generated automatically. While one kind of neural network is used to achieve the scheme, the idea of the neural cryptography can be realized by other neural network architecture is unknown. In this paper, we make use of this property to create neural cryptography scheme on a new topology evolving neural network architecture called Spectrum-diverse unified neuroevolution architecture. First, experiments are conducted to verify that Spectrum-diverse unified neuroevolution architecture is able to achieve automatic encryption and decryption. Subsequently, we do experiments to achieve the neural symmetric cryptosystem by using adversarial training.

  • Empirical evaluation on robustness of deep convolutional neural networks activation functions against adversarial perturbation

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Recent research has shown that deep convolutional neural networks (DCNN) are vulnerable to several different types of attacks while the reasons of such vulnerability are still under investigation. For instance, the adversarial perturbations can conduct a slight change on a natural image to make the target DCNN make the wrong recognition, while the reasons that DCNN is sensitive to such small modification are divergent from one research to another. In this paper, we evaluate the robustness of two commonly used activation functions of DCNN, namely the sigmoid and ReLu, against the recently proposed low-dimensional one-pixel attack. We show that the choosing of activation functions can be an important factor that influences the robustness of DCNN. The results show that comparing with sigmoid, the ReLu non-linearity is more vulnerable which allows the low dimensional one-pixel attack exploit much higher success rate and confidence of launching the attack. The results give insights on designing new activation functions to enhance the security of DCNN.

  • Detecting distributed cyber attacks in SDN based on automatic thresholding

    Ryousuke Komiya, Yaokai Feng, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Distributed Cyber Attack launched from many hosts simultaneously has become one of the most sophisticated and the most dangerous attacks in the cyber world including the traditional Internet and the SDN (Software Defined Networking) environments. As a kind of centralized network environment, the SDN has been greatly developed and popularized in recent years, especially in cloud systems. Thus, how to efficiently detect distributed attacks in SDN environments has attracted great attentions in academia and industry and various researches have been done to counter such attacks. The latest related researches made attempts to exploit the information of the PacketIn packets collected in the SDN controller and those methods proved efficient for detecting distributed cyber attacks in SDN environments. However, such methods adopted a threshold for distinguishing between attacks and normal situations. The threshold must be properly determined manually in advance, which is not easy in many applications even for experts. In this study, we try to automatically extract a proper threshold from the historical data of the monitored SDN environment so that the difficult parameter-tuning (determination of the threshold) process can be removed. In addition, because the extracted threshold can well reflect the actual situations of the monitored environment, a better detection performance than the existing approaches can be expected. The detection performance of our proposal is also tested using real traffic data.

  • A new design for evaluating moving target defense system

    Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment.

  • Tracing MIRAI malware in networked system

    Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    In 2021, it is anticipated that there will be approximately 30 billion Internet of Things (IoT) devices. The tremendous aggregate value of the IoT makes it a tempting and lucrative target for cyber criminals. The breakout of Mirai malware, which compromises poorly secured IoT devices with factory-default username and passphrase to launch Distributed Denial of Service (DDoS) attacks, has raised broad awareness towards the need for increased IoT security. To better defend against Mirai infection and spread, it is critical to know how the malware operates as the first step. In this paper, we give a combined static and dynamic analysis of Mirai, basing on the results of which, we introduce the application of Threat Tracer. Threat tracer is an information system simulator initially developed to help design a system robust against Advanced Persistent Attacks(APT). It offers an intuitive track on how a cyber threat behaves in a complicated networked system. The feedback simultaneously contributes to revealing vulnerabilities of a system. Our work focuses on the replication of Mirai Malware's operating processes in Threat Tracer simulation. By achieving doing so, we believe it could offer a comprehensible description of how Mirai acts. Also, considering the continuous emergence of Mirai variants, the simulation serves as a predictor on upcoming threats' behavior patterns.

  • Suppressing chain size of blockchain-based information sharing for swarm robotic systems

    Yuki Nishida, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Swarm robotics is a research field in which a group of autonomous robots execute tasks through cooperative works. Sharing information among robots is a central function for an optimal performance of the system. Given that the swarm network structure constantly changes when robots move, it becomes difficult to guarantee on information sharing by all swarm members. We, in this work, propose an approach for information sharing on swarm robotic systems by using Blockchain technology. A function of distributed ledger in Blockchain technology has possibility to solve the information sharing problem and to easily synchronize their state. However, because Blockchain persistently keeps past transactions, the increase of its chain size is one of the serious issues to manage Blockchain technology. In this paper, we introduce a methodology to share information among autonomous robots and demonstrate through experiments that how the differences in data size recorded in the blockchain affect the chain size. As a result, compared with our previous approach, we succeeded in suppressing increase in chain size by using the proposal approach; it was reduced the amount of increase in chain size about 73.0% when each node repeatedly shared about 2.8KB image data by 100 times.

  • Neural cryptography based on the topology evolving neural networks

    Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Modern cryptographic schemes is developed based on the mathematical theory. Recently works show a new direction about cryptography based on the neural networks. Instead of learning a specific algorithm, a cryptographic scheme is generated automatically. While one kind of neural network is used to achieve the scheme, the idea of the neural cryptography can be realized by other neural network architecture is unknown. In this paper, we make use of this property to create neural cryptography scheme on a new topology evolving neural network architecture called Spectrum-diverse unified neuroevolution architecture. First, experiments are conducted to verify that Spectrum-diverse unified neuroevolution architecture is able to achieve automatic encryption and decryption. Subsequently, we do experiments to achieve the neural symmetric cryptosystem by using adversarial training.

  • Empirical evaluation on robustness of deep convolutional neural networks activation functions against adversarial perturbation

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Recent research has shown that deep convolutional neural networks (DCNN) are vulnerable to several different types of attacks while the reasons of such vulnerability are still under investigation. For instance, the adversarial perturbations can conduct a slight change on a natural image to make the target DCNN make the wrong recognition, while the reasons that DCNN is sensitive to such small modification are divergent from one research to another. In this paper, we evaluate the robustness of two commonly used activation functions of DCNN, namely the sigmoid and ReLu, against the recently proposed low-dimensional one-pixel attack. We show that the choosing of activation functions can be an important factor that influences the robustness of DCNN. The results show that comparing with sigmoid, the ReLu non-linearity is more vulnerable which allows the low dimensional one-pixel attack exploit much higher success rate and confidence of launching the attack. The results give insights on designing new activation functions to enhance the security of DCNN.

  • Detecting distributed cyber attacks in SDN based on automatic thresholding

    Ryousuke Komiya, Yaokai Feng, Kouichi Sakurai

    6th International Symposium on Computing and Networking Workshops, CANDARW 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年11月

    記述言語:英語  

    開催地:Takayama   国名:日本国  

    Distributed Cyber Attack launched from many hosts simultaneously has become one of the most sophisticated and the most dangerous attacks in the cyber world including the traditional Internet and the SDN (Software Defined Networking) environments. As a kind of centralized network environment, the SDN has been greatly developed and popularized in recent years, especially in cloud systems. Thus, how to efficiently detect distributed attacks in SDN environments has attracted great attentions in academia and industry and various researches have been done to counter such attacks. The latest related researches made attempts to exploit the information of the PacketIn packets collected in the SDN controller and those methods proved efficient for detecting distributed cyber attacks in SDN environments. However, such methods adopted a threshold for distinguishing between attacks and normal situations. The threshold must be properly determined manually in advance, which is not easy in many applications even for experts. In this study, we try to automatically extract a proper threshold from the historical data of the monitored SDN environment so that the difficult parameter-tuning (determination of the threshold) process can be removed. In addition, because the extracted threshold can well reflect the actual situations of the monitored environment, a better detection performance than the existing approaches can be expected. The detection performance of our proposal is also tested using real traffic data.

  • Proof of disease A blockchain consensus protocol for accurate medical decisions and reducing the disease burden

    Asoke K. Talukder, Manish Chaitanya, David Arnold, Kouichi Sakurai

    4th IEEE SmartWorld, 15th IEEE International Conference on Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People and Smart City Innovations, SmartWorld/UIC/ATC/ScalCom/CBDCom/IoP/SCI 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年10月

    記述言語:英語  

    開催地:Guangzhou   国名:中華人民共和国  

    Studies suggest that a significant proportion of the diagnosis in non-communicable diseases (NCD) is erroneous, unwanted, or unnecessary. To reduce the disease burden and improve public health, algorithmic support is essential. To realize this, health data must be computer understandable, secured, ubiquitous, and interoperable. Medical and disease data entered into computers are unstructured natural language texts with medical jargons which a computer normally cannot understand. EMR (Electronic Medical Records) are data silos in the hospital and do not interoperate. In this paper we present Ethereum based future ready Proof of Disease (PoD) consensus protocol with a computer understandable single instance of truth. It will solve many challenges that electronic health records (EHR) or health information exchange (HIE) have failed to address. This medical system will help achieve all the complex needs of P6 (Participatory, Personalized, Proactive, Preventive, Predictive and Precision) medicine and finally reduce the disease burden.

  • Proof of disease A blockchain consensus protocol for accurate medical decisions and reducing the disease burden

    Asoke K. Talukder, Manish Chaitanya, David Arnold, Kouichi Sakurai

    4th IEEE SmartWorld, 15th IEEE International Conference on Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People and Smart City Innovations, SmartWorld/UIC/ATC/ScalCom/CBDCom/IoP/SCI 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年10月

    記述言語:英語  

    開催地:Guangzhou   国名:中華人民共和国  

    Studies suggest that a significant proportion of the diagnosis in non-communicable diseases (NCD) is erroneous, unwanted, or unnecessary. To reduce the disease burden and improve public health, algorithmic support is essential. To realize this, health data must be computer understandable, secured, ubiquitous, and interoperable. Medical and disease data entered into computers are unstructured natural language texts with medical jargons which a computer normally cannot understand. EMR (Electronic Medical Records) are data silos in the hospital and do not interoperate. In this paper we present Ethereum based future ready Proof of Disease (PoD) consensus protocol with a computer understandable single instance of truth. It will solve many challenges that electronic health records (EHR) or health information exchange (HIE) have failed to address. This medical system will help achieve all the complex needs of P6 (Participatory, Personalized, Proactive, Preventive, Predictive and Precision) medicine and finally reduce the disease burden.

  • Proof of disease A blockchain consensus protocol for accurate medical decisions and reducing the disease burden

    Asoke K. Talukder, Manish Chaitanya, David Arnold, Kouichi Sakurai

    4th IEEE SmartWorld, 15th IEEE International Conference on Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People and Smart City Innovations, SmartWorld/UIC/ATC/ScalCom/CBDCom/IoP/SCI 2018  2018年12月 

     詳細を見る

    開催年月日: 2018年10月

    記述言語:英語  

    開催地:Guangzhou   国名:中華人民共和国  

    Studies suggest that a significant proportion of the diagnosis in non-communicable diseases (NCD) is erroneous, unwanted, or unnecessary. To reduce the disease burden and improve public health, algorithmic support is essential. To realize this, health data must be computer understandable, secured, ubiquitous, and interoperable. Medical and disease data entered into computers are unstructured natural language texts with medical jargons which a computer normally cannot understand. EMR (Electronic Medical Records) are data silos in the hospital and do not interoperate. In this paper we present Ethereum based future ready Proof of Disease (PoD) consensus protocol with a computer understandable single instance of truth. It will solve many challenges that electronic health records (EHR) or health information exchange (HIE) have failed to address. This medical system will help achieve all the complex needs of P6 (Participatory, Personalized, Proactive, Preventive, Predictive and Precision) medicine and finally reduce the disease burden.

  • Hierarchical secret sharing schemes secure against rushing adversary Cheater identification and robustness

    Partha Sarathi Roy, Sabyasachi Dutta, Kirill Morozov, Avishek Adhikari, Kazuhide Fukushima, Shinsaku Kiyomoto, Kouichi Sakurai

    14th International Conference on Information Security Practice and Experience, ISPEC 2018  2018年1月 

     詳細を見る

    開催年月日: 2018年9月

    記述言語:英語  

    開催地:Tokyo   国名:日本国  

    Threshold access structures of secret sharing schemes capture a scenario in which all the participants have the same weight (or power) and their contributions are equal. However, in some situations such as gradation among officials in an organization, the participants have different weights. Hierarchical access structures capture those natural scenarios, where different levels of hierarchy are present and a participant belongs precisely to one of them. Although an extensive research addressing the issues of cheater identifiability and robustness have been done for threshold secret sharing, no such research has been carried out for hierarchical secret sharing (HSS). This paper resolves this long-standing open issue by presenting definitions and constructions of both cheater identifiable and robust HSS schemes secure against rushing adversary, in the information-theoretic setting.

  • Feature selection for machine learning-based early detection of distributed cyber attacks

    Yaokai Feng, Hitoshi Akiyama, Liang Lu, Kouichi Sakurai

    16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018  2018年10月 

     詳細を見る

    開催年月日: 2018年8月

    記述言語:英語  

    開催地:Athens   国名:ギリシャ共和国  

    It is well known that distributed cyber attacks simultaneously launched from many hosts have caused the most serious problems in recent years including problems of privacy leakage and denial of services. Thus, how to detect those attacks at early stage has become an important and urgent topic in the cyber security community. For this purpose, recognizing C&C (Command & Control) communication between compromised bots and the C&C server becomes a crucially important issue, because C&C communication is in the preparation phase of distributed attacks. Although attack detection based on signature has been practically applied since long ago, it is well-known that it cannot efficiently deal with new kinds of attacks. In recent years, ML(Machine learning)-based detection methods have been studied widely. In those methods, feature selection is obviously very important to the detection performance. We once utilized up to 55 features to pick out C&C traffic in order to accomplish early detection of DDoS attacks. In this work, we try to answer the question that 'Are all of those features really necessary?' We mainly investigate how the detection performance moves as the features are removed from those having lowest importance and we try to make it clear that what features should be payed attention for early detection of distributed attacks. We use honeypot data collected during the period from 2008 to 2013. SVM(Support Vector Machine) and PCA(Principal Component Analysis) are utilized for feature selection and SVM and RF(Random Forest) are for building the classifier. We find that the detection performance is generally getting better if more features are utilized. However, after the number of features has reached around 40, the detection performance will not change much even more features are used. It is also verified that, in some specific cases, more features do not always means a better detection performance. We also discuss 10 important features which have the biggest influence on classification.

  • Feature selection for machine learning-based early detection of distributed cyber attacks

    Yaokai Feng, Hitoshi Akiyama, Liang Lu, Kouichi Sakurai

    16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018  2018年10月 

     詳細を見る

    開催年月日: 2018年8月

    記述言語:英語  

    開催地:Athens   国名:ギリシャ共和国  

    It is well known that distributed cyber attacks simultaneously launched from many hosts have caused the most serious problems in recent years including problems of privacy leakage and denial of services. Thus, how to detect those attacks at early stage has become an important and urgent topic in the cyber security community. For this purpose, recognizing C&C (Command & Control) communication between compromised bots and the C&C server becomes a crucially important issue, because C&C communication is in the preparation phase of distributed attacks. Although attack detection based on signature has been practically applied since long ago, it is well-known that it cannot efficiently deal with new kinds of attacks. In recent years, ML(Machine learning)-based detection methods have been studied widely. In those methods, feature selection is obviously very important to the detection performance. We once utilized up to 55 features to pick out C&C traffic in order to accomplish early detection of DDoS attacks. In this work, we try to answer the question that 'Are all of those features really necessary?' We mainly investigate how the detection performance moves as the features are removed from those having lowest importance and we try to make it clear that what features should be payed attention for early detection of distributed attacks. We use honeypot data collected during the period from 2008 to 2013. SVM(Support Vector Machine) and PCA(Principal Component Analysis) are utilized for feature selection and SVM and RF(Random Forest) are for building the classifier. We find that the detection performance is generally getting better if more features are utilized. However, after the number of features has reached around 40, the detection performance will not change much even more features are used. It is also verified that, in some specific cases, more features do not always means a better detection performance. We also discuss 10 important features which have the biggest influence on classification.

  • Feature selection for machine learning-based early detection of distributed cyber attacks

    Yaokai Feng, Hitoshi Akiyama, Liang Lu, Kouichi Sakurai

    16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018  2018年10月 

     詳細を見る

    開催年月日: 2018年8月

    記述言語:英語  

    開催地:Athens   国名:ギリシャ共和国  

    It is well known that distributed cyber attacks simultaneously launched from many hosts have caused the most serious problems in recent years including problems of privacy leakage and denial of services. Thus, how to detect those attacks at early stage has become an important and urgent topic in the cyber security community. For this purpose, recognizing C&C (Command & Control) communication between compromised bots and the C&C server becomes a crucially important issue, because C&C communication is in the preparation phase of distributed attacks. Although attack detection based on signature has been practically applied since long ago, it is well-known that it cannot efficiently deal with new kinds of attacks. In recent years, ML(Machine learning)-based detection methods have been studied widely. In those methods, feature selection is obviously very important to the detection performance. We once utilized up to 55 features to pick out C&C traffic in order to accomplish early detection of DDoS attacks. In this work, we try to answer the question that 'Are all of those features really necessary?' We mainly investigate how the detection performance moves as the features are removed from those having lowest importance and we try to make it clear that what features should be payed attention for early detection of distributed attacks. We use honeypot data collected during the period from 2008 to 2013. SVM(Support Vector Machine) and PCA(Principal Component Analysis) are utilized for feature selection and SVM and RF(Random Forest) are for building the classifier. We find that the detection performance is generally getting better if more features are utilized. However, after the number of features has reached around 40, the detection performance will not change much even more features are used. It is also verified that, in some specific cases, more features do not always means a better detection performance. We also discuss 10 important features which have the biggest influence on classification.

  • Lightweight Classification of IoT Malware Based on Image Recognition

    Jiawei Su, Danilo Vasconcellos Vargas, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai

    42nd IEEE Computer Software and Applications Conference, COMPSAC 2018  2018年6月 

     詳細を見る

    開催年月日: 2018年7月

    記述言語:英語  

    開催地:Tokyo   国名:日本国  

    The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware, and 81:8% accuracy for the classification of goodware and two main malware families.

  • Lightweight Classification of IoT Malware Based on Image Recognition

    Jiawei Su, Danilo Vasconcellos Vargas, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai

    42nd IEEE Computer Software and Applications Conference, COMPSAC 2018  2018年6月 

     詳細を見る

    開催年月日: 2018年7月

    記述言語:英語  

    開催地:Tokyo   国名:日本国  

    The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware, and 81:8% accuracy for the classification of goodware and two main malware families.

  • Lightweight Classification of IoT Malware Based on Image Recognition

    Jiawei Su, Danilo Vasconcellos Vargas, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai

    42nd IEEE Computer Software and Applications Conference, COMPSAC 2018  2018年6月 

     詳細を見る

    開催年月日: 2018年7月

    記述言語:英語  

    開催地:Tokyo   国名:日本国  

    The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware, and 81:8% accuracy for the classification of goodware and two main malware families.

  • Active attack against oblivious RAM

    Yuto Nakano, Seira Hidano, Shinsaku Kiyomoto, Kouichi Sakurai

    32nd IEEE International Conference on Advanced Information Networking and Applications, AINA 2018  2018年8月 

     詳細を見る

    開催年月日: 2018年5月

    記述言語:英語  

    開催地:Krakow   国名:ポーランド共和国  

    When a user consumes an encrypted digital content (for example video and music files), the player application accesses the secret key to decrypt the content. If the user is malicious, he can analyse the access pattern of the player application to extract the secret key efficiently. Oblivious RAMs (ORAMs) are effective solution for such threats. However, ORAMs are only effective for 'passive' attackers who can observe the RAM access done by the application, but cannot alter data stored on RAM. The attacker with ability to alter data on RAM can be called 'active' attackers. In this paper, we evaluate the security of ORAM schemes against active adversaries where they alter data on RAM and try to efficiently extract the secret information. We also propose countermeasures against active adversaries.

  • Active attack against oblivious RAM

    Yuto Nakano, Seira Hidano, Shinsaku Kiyomoto, Kouichi Sakurai

    32nd IEEE International Conference on Advanced Information Networking and Applications, AINA 2018  2018年8月 

     詳細を見る

    開催年月日: 2018年5月

    記述言語:英語  

    開催地:Krakow   国名:ポーランド共和国  

    When a user consumes an encrypted digital content (for example video and music files), the player application accesses the secret key to decrypt the content. If the user is malicious, he can analyse the access pattern of the player application to extract the secret key efficiently. Oblivious RAMs (ORAMs) are effective solution for such threats. However, ORAMs are only effective for 'passive' attackers who can observe the RAM access done by the application, but cannot alter data stored on RAM. The attacker with ability to alter data on RAM can be called 'active' attackers. In this paper, we evaluate the security of ORAM schemes against active adversaries where they alter data on RAM and try to efficiently extract the secret information. We also propose countermeasures against active adversaries.

  • Active attack against oblivious RAM

    Yuto Nakano, Seira Hidano, Shinsaku Kiyomoto, Kouichi Sakurai

    32nd IEEE International Conference on Advanced Information Networking and Applications, AINA 2018  2018年8月 

     詳細を見る

    開催年月日: 2018年5月

    記述言語:英語  

    開催地:Krakow   国名:ポーランド共和国  

    When a user consumes an encrypted digital content (for example video and music files), the player application accesses the secret key to decrypt the content. If the user is malicious, he can analyse the access pattern of the player application to extract the secret key efficiently. Oblivious RAMs (ORAMs) are effective solution for such threats. However, ORAMs are only effective for 'passive' attackers who can observe the RAM access done by the application, but cannot alter data stored on RAM. The attacker with ability to alter data on RAM can be called 'active' attackers. In this paper, we evaluate the security of ORAM schemes against active adversaries where they alter data on RAM and try to efficiently extract the secret information. We also propose countermeasures against active adversaries.

  • Hardware trojan cyber-physical threats to supply chains

    Kurt Sauer, Michael David, Kouichi Sakurai

    13th International Conference on Cyber Warfare and Security, ICCWS 2018  2018年1月 

     詳細を見る

    開催年月日: 2018年3月

    記述言語:英語  

    開催地:Washington   国名:アメリカ合衆国  

    Many actors are involved in the supply chain processes needed to produce an integrated circuit. Any one of these individuals or groups could make illicit copies of semiconductor IP during their work. In addition, chips could be intentionally compromised during the design process, before they are even manufactured. If placed into the design with sufficient skill, these built-in vulnerabilities would be extremely difficult to detect during testing. Moreover, they could lay dormant, only to be triggered months or years later to disrupt or exfiltrate data from a system containing the compromised chip. This paper primarily reviews the risks posed by design tampering, looks at threat actors and their possible activities, threat models for these activities, and possible mitigations. It assesses the impacts of security composability theory on risk management and practical design, and tries to identify the greatest threat. Our proposal is to contrast Trojan insertion risks at the two ends of the spectrum in early design phase: first at the highest abstraction level, the RTL description, and second at the layout level, in GDSII. A key question for the future is how to develop security architectures that are Trojan tolerant, meaning that other layers of protective controls exist to protect the overall system from malfunctioning at a level commensurate with the risk tolerance of the system. The views expressed do not reflect the official policy or position of the National Intelligence University, the Department of Defense, the U.S. Intelligence Community, or the U.S. Government.

  • Effectively Protect Your Privacy Enabling Flexible Privacy Control on Web Tracking

    Shiqian Yu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    5th International Symposium on Computing and Networking, CANDAR 2017  2018年4月 

     詳細を見る

    開催年月日: 2017年11月

    記述言語:英語  

    開催地:Aomori   国名:日本国  

    Third-party tracking, which can collect the users' privacy when users are surfing the Internet, has garnered much attention. Nowadays tracker-blocking tools often use a ruleset based on the domains and elements that need to be blocked. This results in blocking all access tracking, even though the website shows no sign about tracking users' privacy. And what's more, although the tracker-blocking tools try their best to block all the third-party tracking, not all the users dislike the advertisement. Some of them think if their privacy is fine, it's all right to accept advertisements. In this paper, we present a novel framework by using Word2Vec to block third-party tracking. Our goal is to create more flexible and well-developed ruleset that can help users to protect their privacy according to their needs. Instead of blocking all access tracking, we decide to pay more attention to the websites that have a strong probability to collect the users' privacy. We use Word2Vec to classify the websites, and our results show that after using our framework, the error rate drops from 71% to 24%. We believe it brings the new blood into the field of web privacy by providing not only the new third-party tracking tool but also a novel way of thinking about how to block the third-party tracking.

  • Packet in Message Based DDoS Attack Detection in SDN Network Using OpenFlow

    Xiang You, Yaokai Feng, Kouichi Sakurai

    5th International Symposium on Computing and Networking, CANDAR 2017  2018年4月 

     詳細を見る

    開催年月日: 2017年11月

    記述言語:英語  

    開催地:Aomori   国名:日本国  

    Using the OpenFlow protocol, the virtual network technology SDN (Software Defined Network) is now widely used. In recent years, the number of DDoS attacks has been increasing year by year. To detect DDoS attacks in SDN, data recorded in the flow table in OpenFlow switch is analyzed and various detection methods are submitted. However, SDN centrally manages communication within the network, when detecting DDoS (Distributed Denial of Service) attacks. This creates a heavy processing load, and the processing load of the OpenFlow controller must be considered. In this paper, in order to reduce the processing load of the controller, we do not collect data of the flow table, extract three features from the Packet In message for communication between the controller and the switch, and perform real-time attack detection. Furthermore, to avoid stringent detection time intervals, triggers will be added before detection to realize light and dynamic DDoS attacks detection.

  • Effectively Protect Your Privacy Enabling Flexible Privacy Control on Web Tracking

    Shiqian Yu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    5th International Symposium on Computing and Networking, CANDAR 2017  2018年4月 

     詳細を見る

    開催年月日: 2017年11月

    記述言語:英語  

    開催地:Aomori   国名:日本国  

    Third-party tracking, which can collect the users' privacy when users are surfing the Internet, has garnered much attention. Nowadays tracker-blocking tools often use a ruleset based on the domains and elements that need to be blocked. This results in blocking all access tracking, even though the website shows no sign about tracking users' privacy. And what's more, although the tracker-blocking tools try their best to block all the third-party tracking, not all the users dislike the advertisement. Some of them think if their privacy is fine, it's all right to accept advertisements. In this paper, we present a novel framework by using Word2Vec to block third-party tracking. Our goal is to create more flexible and well-developed ruleset that can help users to protect their privacy according to their needs. Instead of blocking all access tracking, we decide to pay more attention to the websites that have a strong probability to collect the users' privacy. We use Word2Vec to classify the websites, and our results show that after using our framework, the error rate drops from 71% to 24%. We believe it brings the new blood into the field of web privacy by providing not only the new third-party tracking tool but also a novel way of thinking about how to block the third-party tracking.

  • Packet in Message Based DDoS Attack Detection in SDN Network Using OpenFlow

    Xiang You, Yaokai Feng, Kouichi Sakurai

    5th International Symposium on Computing and Networking, CANDAR 2017  2018年4月 

     詳細を見る

    開催年月日: 2017年11月

    記述言語:英語  

    開催地:Aomori   国名:日本国  

    Using the OpenFlow protocol, the virtual network technology SDN (Software Defined Network) is now widely used. In recent years, the number of DDoS attacks has been increasing year by year. To detect DDoS attacks in SDN, data recorded in the flow table in OpenFlow switch is analyzed and various detection methods are submitted. However, SDN centrally manages communication within the network, when detecting DDoS (Distributed Denial of Service) attacks. This creates a heavy processing load, and the processing load of the OpenFlow controller must be considered. In this paper, in order to reduce the processing load of the controller, we do not collect data of the flow table, extract three features from the Packet In message for communication between the controller and the switch, and perform real-time attack detection. Furthermore, to avoid stringent detection time intervals, triggers will be added before detection to realize light and dynamic DDoS attacks detection.

  • Effectively Protect Your Privacy Enabling Flexible Privacy Control on Web Tracking

    Shiqian Yu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    5th International Symposium on Computing and Networking, CANDAR 2017  2018年4月 

     詳細を見る

    開催年月日: 2017年11月

    記述言語:英語  

    開催地:Aomori   国名:日本国  

    Third-party tracking, which can collect the users' privacy when users are surfing the Internet, has garnered much attention. Nowadays tracker-blocking tools often use a ruleset based on the domains and elements that need to be blocked. This results in blocking all access tracking, even though the website shows no sign about tracking users' privacy. And what's more, although the tracker-blocking tools try their best to block all the third-party tracking, not all the users dislike the advertisement. Some of them think if their privacy is fine, it's all right to accept advertisements. In this paper, we present a novel framework by using Word2Vec to block third-party tracking. Our goal is to create more flexible and well-developed ruleset that can help users to protect their privacy according to their needs. Instead of blocking all access tracking, we decide to pay more attention to the websites that have a strong probability to collect the users' privacy. We use Word2Vec to classify the websites, and our results show that after using our framework, the error rate drops from 71% to 24%. We believe it brings the new blood into the field of web privacy by providing not only the new third-party tracking tool but also a novel way of thinking about how to block the third-party tracking.

  • Packet in Message Based DDoS Attack Detection in SDN Network Using OpenFlow

    Xiang You, Yaokai Feng, Kouichi Sakurai

    5th International Symposium on Computing and Networking, CANDAR 2017  2018年4月 

     詳細を見る

    開催年月日: 2017年11月

    記述言語:英語  

    開催地:Aomori   国名:日本国  

    Using the OpenFlow protocol, the virtual network technology SDN (Software Defined Network) is now widely used. In recent years, the number of DDoS attacks has been increasing year by year. To detect DDoS attacks in SDN, data recorded in the flow table in OpenFlow switch is analyzed and various detection methods are submitted. However, SDN centrally manages communication within the network, when detecting DDoS (Distributed Denial of Service) attacks. This creates a heavy processing load, and the processing load of the OpenFlow controller must be considered. In this paper, in order to reduce the processing load of the controller, we do not collect data of the flow table, extract three features from the Packet In message for communication between the controller and the switch, and perform real-time attack detection. Furthermore, to avoid stringent detection time intervals, triggers will be added before detection to realize light and dynamic DDoS attacks detection.

  • A new security middleware architecture based on fog computing and cloud to support IoT constrained devices

    Wissam Razouk, Daniele Sgandurra, Kouichi Sakurai

    1st International Conference on Internet of Things and Machine Learning, IML 2017  2017年10月 

     詳細を見る

    開催年月日: 2017年10月

    記述言語:英語  

    開催地:Liverpool   国名:グレートブリテン・北アイルランド連合王国(英国)  

    The increase of sensitive data in the current Internet of Things (IoT) raises demands of computation, communication and storage capabilities. Indeed, thanks to RFID tags and wireless sensor networks, anything can be part of IoT. As a result, a large amount of data is generated, which is hard for many IoT devices to handle, as many IoT devices are resource-constrained and cannot use the existing standard security protocols. Cloud computing might seem like a convenient solution, since it offers on-demand access to a shared pool of resources such as processors, storage, applications and services. However this comes as a cost, as unnecessary communications not only burden the core network, but also the data center in the cloud. Therefore, considering suitable approaches such as fog computing and security middleware solutions is crucial. In this paper, we propose a novel middleware architecture to solve the above issues, and discuss the generic concept of using fog computing along with cloud in order to achieve a higher security level. Our security middleware acts as a smart gateway as it is meant to pre-process data at the edge of the network. Depending on the received information, data might either be processed and stored locally on fog or sent to the cloud for further processing. Moreover, in our scheme, IoT constrained devices communicate through the proposed middleware, which provide access to more computing power and enhanced capability to perform secure communications. We discuss these concepts in detail, and explain how our proposal is effective to cope with some of the most relevant IoT security challenges.

  • How to Teach Crypto-Math for Under Graduate 国際会議

    Kouichi SAKURAI

    The Tenth International Conference on Science and Mathematics Education in Developing Countries  2017年11月 

     詳細を見る

    開催年月日: 2017年10月

    記述言語:英語   会議種別:口頭発表(一般)  

    開催地:University of Mandalay, Mandalay   国名:ミャンマー連邦  

  • How to sign multiple versions of digital documents

    Amril Syalim, Kouichi Sakurai

    2017 International Workshop on Big Data and Information Security, WBIS 2017  2018年1月 

     詳細を見る

    開催年月日: 2017年9月

    記述言語:英語  

    開催地:Jakarta   国名:インドネシア共和国  

    In some applications, it is useful to record multiple versions of digital documents, so that we can trace the history and changes applied to the documents. The creators of the documents are often required to sign the documents to protect the origin and integrity of the documents. A typical implementation of the signature method is by using a standard signature scheme (i.e. RSA) and storing the signature along with the document. The version numbers of the documents are appended to the documents before signing. The problem is, when we need to sign many versions of the documents, the signer should create the signature of each version, which is not efficient in term of the storage. In this paper, we propose a more efficient method to sign multiple version of digital document and show the security argument of the signature scheme.

  • Improved proxy re-encryption scheme for symmetric key cryptography

    Amril Syalim, Takashi Nishide, Kouichi Sakurai

    2017 International Workshop on Big Data and Information Security, WBIS 2017  2018年1月 

     詳細を見る

    開催年月日: 2017年9月

    記述言語:英語  

    開催地:Jakarta   国名:インドネシア共和国  

    A proxy re-encryption scheme is a scheme that can be executed by a semi-trusted proxy, so that we can convert a ciphertext encrypted with a key to another ciphertext without allowing the proxy to access the plaintext. A method to implement a secure proxy re-encryption is by first converting the plaintext to an intermediate form by using an all or nothing transform (AONT). In this paper, we describe an improved proxy re-encryption scheme for symmetric cipher by advocating the usage of a variant of the AONT function in the proxy re-encryption scheme. We show that the scheme secure under Chosen Plaintext Attack (CPA) for all possible types of attackers.

  • How much is your phone-number, living address or date of your birth ? 招待 国際会議

    櫻井 幸一

    International Workshop on Cybersecurity  2015年7月 

     詳細を見る

    開催年月日: 2015年7月

    記述言語:英語   会議種別:口頭発表(一般)  

    開催地:九大   国名:日本国  

  • Bitcoin: Current Status, Problems, Prospect and Applications 国際会議

    Kouichi Sakurai

    MMU  2014年3月 

     詳細を見る

    開催年月日: 2014年3月

    記述言語:英語   会議種別:口頭発表(招待・特別)  

    開催地:マルチメディア大学   国名:マレーシア  

    マルチメディア大学(MMU)は1996年に電話通信系企業テレコムマレーシアが100% 出資により設立したマレーシア初の私立大学である.*学生向け講演*.またMMUの学生向けの講演を穴田研究員(ISIT紹介,20分)及び下名(“ Bitcoin”,60分)が行った.参加者は学生や教員50名以上で, 7,8件の質問が聴講者から寄せられる等,内容が伝わり講演は盛況であった

  • Attribute-Based Identification Schemes of Proofs of Knowledge

    Hiroaki Anada, Seiko Arita, Kouichi Sakurai

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:英語  

    国名:日本国  

  • Bitcoinプロトコルの拡張による著作権管理方式の提案

    北原基貴, 川本 淳平, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • 多値化二次元コードのハイブリッド暗号による秘匿

    寺浦信之, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • 機械学習を用いたセッション分類によるC&Cトラフィック抽出

    山内一将, 川本 淳平, 堀 良彰, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • ポートのアクセス数分布によるポートスキャン検知

    王 サン, 馮 尭鍇, 川本 淳平, 堀 良彰, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • 生体認証プロトコルにおける証拠性・無証拠性に関する一検討

    上繁義史, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • デジタル・ステガノグラフィ(ANGO)の評価

    石塚 裕一, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • 格子簡約に対するMatrix NTRUの安全性解析

    山口 雄也, 安田 貴徳, DAHAN XAVIER GILLES MESSAOUD, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • 挙動に基づく分散型攻撃の検知案の再考

    馮 尭鍇, 堀 良彰, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • 固定された係数を持つペアリングフレンドリ曲線

    安田貴徳, 高木 剛, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • 自動車情報セキュリティの動向: 国際会議“escar”についての報告

    穴田 啓晃, 松本 晋一, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • WebブラウザにおけるHTML 5固有属性のオンメモリ獲得

    松本晋一, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • XL-Wiedemannアルゴリズムを用いたGF(2)上の32変数連立2次方程式の解法

    田中 哲士, Bo-Yin Yang, Chen-Mou Cheng, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • AndroidOSにおける動作特徴に着目した広告ライブラリ挙動解析

    梶原 直也, 松本 晋一, 堀 良彰, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    開催年月日: 2014年1月

    記述言語:日本語  

    国名:日本国  

  • Detection of Android API Call Using Logging Mechanism within Android Framework 国際会議

    Yuuki Nishimoto, Naoya Kajiwara, Shinichi Matsumoto, Kouichi Sakurai

    SecureComm 2013  2013年9月 

     詳細を見る

    開催年月日: 2013年9月

    記述言語:英語  

    国名:日本国  

  • Revisiting Identity-based encryption towards no-escrow: Application and analysis of Embedding Secret Key Information in RSA moduli 招待 国際会議

    Kouichi Sakurai

    Applications and Techniques in Information Security  2013年9月 

     詳細を見る

    開催年月日: 2013年9月

    記述言語:英語   会議種別:口頭発表(招待・特別)  

    国名:オーストラリア連邦  

  • A Resource Minimizing Scheduling Algorithm with Ensuring the Deadline and Reliability in Heterogeneous Systems 国際会議

    Laiping Zhao, Yizhi Ren, Kouichi Sakurai

    AINA 2011  2011年3月 

     詳細を見る

    開催年月日: 2011年3月

    国名:シンガポール共和国  

  • Comments on Kang-Park's Security Scheme for Fast Handover in Hierarchical Mobile IPv6 国際会議

    Ilsun You, Kouichi Sakurai, Yoshiaki Hori

    Proceedings of 2009 Fourth International Conference on Frontier of Computer Science and Technology (FCST2009)  2009年12月 

     詳細を見る

    開催年月日: 2009年12月

    国名:中華人民共和国  

  • Efficient Intrusion Detection Based on Static Analysis and Stack Walks 国際会議

    Jingyu Hua, Mingchu Li, Kouichi Sakurai, Yizhi Ren

    IWSEC2009  2009年10月 

     詳細を見る

    開催年月日: 2009年10月

    国名:日本国  

  • A Countermeasure to Email Sender Address Spoofing 国際会議

    Toshiyuki Tanaka, Akihiro Sakai, Yoshiaki Hori, Kouichi Sakurai

    Joint Workshop on Information Security 2009  2009年8月 

     詳細を見る

    開催年月日: 2009年8月

    国名:台湾  

  • Malware Detection Focusing on Behaviors of Process and its Implementation 国際会議

    Yoshiro Fukushima, Akihiro Sakai, Yoshiaki Hori, Kouichi Sakurai

    Joint Workshop on Information Security 2009  2009年8月 

     詳細を見る

    開催年月日: 2009年8月

    国名:台湾  

  • Enhancing Cooperative Behavior for Online Reputation Systems by Group Selection 国際会議

    Yizhi Ren, Mingchu Li, Yongrui Cui, Cheng Guo, Kouichi Sakurai

    Proceedings of International Symposium on Multidisciplinary Autonomous Networks and Systems (MANS 2009), ARES 2009 Workshops  2009年7月 

     詳細を見る

    開催年月日: 2009年7月

    国名:オーストラリア連邦  

  • The Optimal Choice by Resource Consumers in Grid Market 国際会議

    Laiping Zhao, Mingchu Li, Weifeng Sun, Kouichi Sakurai, Yizhi Ren

    Proceedings of International Symposium on Multidisciplinary Autonomous Networks and Systems (MANS 2009), ARES 2009 Workshops  2009年7月 

     詳細を見る

    開催年月日: 2009年7月

    国名:オーストラリア連邦  

  • Reconsidering Data Logging in Light of Digital Forensics 国際会議

    Bin-Hui Chou, Kenichi Takahashi, Yoshiaki Hori, Kouichi Sakurai

    The 3rd International Conference on Information Security and Assurance (ISA-09)  2009年6月 

     詳細を見る

    開催年月日: 2009年6月

    国名:大韓民国  

  • Grouping Provenance Information to Improve Efficiency of Access Control 国際会議

    Amril Syalim, Yoshiaki Hori, Kouichi Sakurai

    ISA 2009  2009年6月 

     詳細を見る

    開催年月日: 2009年6月

    国名:大韓民国  

  • Design and Object-oriented Implementation of an Intelligence Entity Sharing Pool 国際会議

    Runhe Huang, Jianhua Ma, Kenichi Takahashi, Kouichi Sakurai

    Proceedings of 2009 WRI Global Congress on Intelligent Systems (GCIS2009)  2009年5月 

     詳細を見る

    開催年月日: 2009年5月

    国名:中華人民共和国  

  • Invalidation of mailing list address to block spam mails

    Kenichi Takahashi, Akihiro Sakai, Kouichi Sakurai

    3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008  2008年1月 

     詳細を見る

    開催年月日: 2008年12月

    記述言語:英語  

    開催地:Yilan   国名:台湾  

    Mailing lists are used for information exchange in specific groups. However, in the recent times, the number of spam mails received has increased, and considerable amount of time is wasted in filtering spam mails. Spam filtering techniques are widerly used tool, however, they produce false positive and false negative results. We propose a system to block spam mails in a mailing list. In our system, we assign different posting addresses to different mailing list members. A mailing list member sends a mail to the mail address assigned to him for sending a mail to the mailing list. When a spam mail is received, the address that is the cause of the spam mail is identified and invalidated, and a new address is assigned to the member. Thus, we can block spam mails from the invalidated address. Furthermore, our system is highly compatibile with current mail systems because our system does not require any particular software to be installed in the client machines.

  • Intrusion detection using third-parties support

    Masakazu Fujii, Kenichi Takahashi, Yoshiaki Hori, Kouichi Sakurai

    12th IEEE International Workshop on Future Trends of Distributed Computing Systems, FTDCS 2008  2008年12月 

     詳細を見る

    開催年月日: 2008年10月

    記述言語:英語  

    開催地:Kunming   国名:中華人民共和国  

    Intrusions are one of the most important issues in the current Internet environment. Therefore, a lot of researchers and companies elaborated countermeasure techniques such as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). These systems detect intrusions and prevent attackers from succeeding in their intrusion attempts. They usually rely on pattern matching and therefore, work efficiently on known-attacks. However, they do not work efficiently on unknown-attacks such as zero-day attacks and targeted attacks. This means, we should assume that our machines can be corrupted anytime. Therefore, we should consider what we can do under this assumption for a next generation security framework. In this paper, we propose a new intrusion detection methodology using the support of other machines. In our proposal, when an attacker tries to attack other machines from a corrupted machine that the attacker has already intruded, other machines notify it to the administrator of the corrupted machine. Then, the attacker may lose the corrupted machine. Therefore, the attacker restrains itself from imprudently attacking other machines. This will suppress the propagation of corrupted machines in the Internet.

  • Trusted connection between mobile nodes and mobility anchor points in hierarchical mobile IPv6

    Ying Qiu, Jianying Zhou, Kouichi Sakurai, Feng Bao

    3rd Asia-Pacific Trusted Infrastructure Technologies Conference, APTC 2008  2008年12月 

     詳細を見る

    開催年月日: 2008年10月

    記述言語:英語  

    開催地:Wuhan, Hubei   国名:中華人民共和国  

    This paper proposes solutions for the trusted connection between mobile nodes and mobility anchor points in Hierarchical Mobile IPv6. Two operation modes are supported for different scenarios: The first one is authentication-only mode for the scenario that the mobility anchor point only needs to ensure any binding update messages are from the claimed mobile nodes. The second one is authentication and authorization mode for the scenario that the mobility anchor point and mobile node need to authenticate each other and the mobility anchor point also needs to know if the mobile node is authorized for using it.

  • Monitoring unused IP addresses on segments managed by DHCP

    Seiichiro Mizoguchi, Yoshiaki Hori, Kouichi Sakurai

    4th International Conference on Networked Computing and Advanced Information Management, NCM 2008  2008年12月 

     詳細を見る

    開催年月日: 2008年9月

    記述言語:英語  

    開催地:Gyeongju   国名:大韓民国  

    New threats are constantly appearing on the Internet. System administrators have developed many tools to try to mitigate those threats, however, currently available coun-termeasures are still limited. Moreover, it is difficult for system administrators to fully understand what happens in their networks in (near) real time. We focus on the monitoring of network traffic sent to unused IP addresses with honeypot devices to capture information about network activity. More precisely, we consider ways of handling such unused addresses on network segments managed via DHCP (Dynamic Host Configuration Protocol). In this paper, we propose, to exploit that DHCP service to dynamically assign unused IP addresses to honeypot devices, and, discuss the design of such monitoring system.

  • FPGA-targeted hardware implementations of K2

    Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai

    International Conference on Security and Cryptography, SECRYPT 2008  2008年 

     詳細を見る

    開催年月日: 2008年7月

    記述言語:英語  

    開催地:Porto   国名:ポルトガル共和国  

    K2 is a new type of word oriented stream cipher that has dynamic feedback control. Existing research has shown that K2 v2.0 is a high performance stream cipher in software implementations and can be used in several applications. However, no evaluation results for its performance in hardware implementations have been published. In this paper, we presented two hardware implementations of K2 v2.0: a high speed implementation and a compact implementation. We then show the evaluation results on FPGA implementation simulations. The implementations of K2 demonstrated high efficiency compared with other stream ciphers, with K2 being 4-10 times higher than AES implementations. We think that the FPGA implementation of K2 is suitable for applications using high speed encryption/decryption.

  • Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection

    Kohei Tatara, Yoshiaki Hori, Kouichi Sakurai

    2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008  2008年9月 

     詳細を見る

    開催年月日: 2008年4月

    記述言語:英語  

    開催地:Busan   国名:大韓民国  

    The importance of the method for finding out the worms that are made through the modification of parts of their original worms increases. It is difficult to detect these worms by comparing with the simple definition that past anti-virus software adapts. Moreover, if it is not an already-known worm, it is not possible to detect it. In this paper, we pay attention to the Toth et al.'s method to extract the executable code included in the dataflows on the network and detect the attack by measuring the length of them. Then, we describe the problem of their method and how to solve it.

  • Methodology for evaluating information security countermeasures of a system

    Takaaki Shigematsu, Bin Hui Chou, Yoshiaki Hori, Kouichi Sakurai

    2nd International Conference on Information Security and Assurance, ISA 2008  2008年 

     詳細を見る

    開催年月日: 2008年4月

    記述言語:英語  

    開催地:Busan   国名:大韓民国  

    For leveraging the security level of the systems, it is required to develop an effective and practical methodology for evaluating the adequacy of the designed and/or implemented security countermeasures for a system. We propose a model as a one of the methodologies for evaluating security countermeasures which does not depend on the characteristics of a target system shown by the supporting businesses or the system configuration or the scale. This model consists of required security countermeasures that are well arranged for easy implementing, and required technologies and activities for achieving a target level for every required countermeasures.

  • Exploring security countermeasures along the attack sequence

    Taketoshi Sakuraba, Bin Hui Chou, Seiichi Domyo, Kouichi Sakurai

    2nd International Conference on Information Security and Assurance, ISA 2008  2008年 

     詳細を見る

    開催年月日: 2008年4月

    記述言語:英語  

    開催地:Busan   国名:大韓民国  

    A Systematic method exploring security countermeasures is proposed. For each attack, one can consider the moments along the time sequence of the attack, and for each of the moments, one can define approaches of countermeasure design against the attack that is effective at the moment. One could extract new approaches from the existing counter-measures, and think of new countermeasures based on the new approaches against other threats and attacks.

  • Security policy pre-evaluation towards risk analysis

    Han Yi, Yoshiaki Hori, Kouichi Sakurai

    2nd International Conference on Information Security and Assurance, ISA 2008  2008年9月 

     詳細を見る

    開催年月日: 2008年4月

    記述言語:英語  

    開催地:Busan   国名:大韓民国  

    Nowadays, security policy evaluation becomes a very hot topic since high QoP(Quality of Protection) is required by more and more people. Most of the researchers focus on the security policy evaluation after they have been enforced into real application systems via some real attacks. However, before security policy enforcement, the policy themselves may also contain some anomalies which shouldn't be ignored. In this paper, we pointed out the importance of security policy pre-evaluation which focuses on security , policy evaluation before policy enforcement. In addition we propose a framework for it towards risk analysis. As a concrete example, we show how to apply our framework to firewall security policies. Finally we discuss about the difficulty of our proposal and show future work interests.

  • Thoughts on multi-disciplinary inspired research on open network and information system

    Wang Yufeng, Yoshiaki Hori, Kouichi Sakurai

    22nd International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINA 2008  2008年9月 

     詳細を見る

    開催年月日: 2008年3月

    記述言語:英語  

    開催地:Gino-wan, Okinawa   国名:日本国  

    Current and future computing system acting as the fundamental infrastructure of our society should be multi-disciplinary research topics, and possess the economic-social characteristics which reflect the features of our society. Specifically, in this paper, we propose a unified framework to categorize and describe research problems in socially-inspired computing system from two distinctive viewpoints. That is, in macro-level, we propose architectural space including economic space, intelligent space and trust space to characterize the whole system; in micro-level, we demonstrate that it is suitable to adapt some interdisciplinary concepts and theories to better understand and properly address problems in communications network. Finally, we illustrate the interdependence between architectural space and interaction space, that is, the local interaction behaviors should shape and be shaped by architectural properties.

  • Granularity considering in a trust model for P2P networks

    Mingchu Li, Yizhi Ren, Kouichi Sakurai, Yongrui Cui, Zhihui Wang

    22nd International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINA 2008  2008年 

     詳細を見る

    開催年月日: 2008年3月

    記述言語:英語  

    開催地:Gino-wan, Okinawa   国名:日本国  

    Trust research is an important issue in P2P networks. Current trust models are lack of flexibility in dynamic environment. This paper presents a fine-grained trust computation model- FineTrust. The main contribution including: offering Gauss-bar function to evaluate the similarity of service satisfaction; considering the reliability of information from different people; setting some parameters in computing trust, such as recommendation consistent, recommendation accuracy, and recommendation error, which make the result of trust evaluation more natural, and so on. Theoretic analyses and simulations show that, the proposed trust model is more precise and more robust.

  • A note on the (Im)possibility of using obfuscators to transform private-key encryption into public-key encryption

    Satoshi Hada, Kouichi Sakurai

    2nd International Workshop on Security, IWSEC 2007  2007年 

     詳細を見る

    開催年月日: 2007年10月

    記述言語:英語  

    開催地:Nara   国名:日本国  

    Transforming private-key encryption schemes into public-key encryption schemes is an interesting application of program obfuscation. The idea is that, given a private-key encryption scheme, an obfuscation of an encryption program with a private key embedded is used as a public key and the private key is used for decryption as it is. The security of the resulting public-key encryption scheme would be ensured because obfuscation is unintelligible and the public key is expected to leak no information on the private key. This paper investigates the possibility of general-purpose obfuscators for such a transformation, i.e., obfuscators that can transform an arbitrary private-key encryption scheme into a secure public-key encryption scheme. Barak et al. have shown a negative result, which says that there is a deterministic private-key encryption scheme that is unobfuscatable in the sense that, given any encryption program with a private key embedded, one can efficiently compute the private key. However, it is an open problem whether their result extends to probabilistic encryption schemes, where we should consider a relaxed notion of obfuscators, i.e., sampling obfuscators. Programs obfuscated by sampling obfuscators do not necessarily compute the same function as the original program, but produce the same distribution as the original program. In this paper, we show that there is a probabilistic private-key encryption scheme that can not be transformed into a secure public-key encryption scheme by sampling obfuscators which have a special property regarding input-output dependency of encryption programs. Our intention is not to claim that the required special property is reasonable. Rather, we claim that general-purpose obfuscators for the transformation, if they exist, must be a sampling obfuscator which does NOT have the special property.

  • Enforcement of integrated security policy in trusted operating systems

    Hyung Chan Kim, R. S. Ramakrishna, Wook Shin, Kouichi Sakurai

    2nd International Workshop on Security, IWSEC 2007  2007年 

     詳細を見る

    開催年月日: 2007年10月

    記述言語:英語  

    開催地:Nara   国名:日本国  

    The main focus of Trusted Operating System (TOS) research these days is on the enhanced access control of reference monitors which, in turn, control the individual operations on a given access instance. However, many real-life runtime attacks involve behavioral semantics. It is desirable, therefore, to enforce an integrated security policy that includes both behavioral security and access control policies. We have proposed an extended reference monitor to support both access and behavior controls. This results in a sequence of operations which is also of concern in security enforcement. This paper presents the design of the extended reference monitor for integrated policy enforcement and describes its implementation in Linux operating systems.

  • Bot detection based on traffic analysis

    Yuji Kugisaki, Yoshiaki Kasahara, Yoshiaki Hori, Kouichi Sakurai

    2007 International Conference on Intelligent Pervasive Computing, IPC 2007  2007年12月 

     詳細を見る

    開催年月日: 2007年10月

    記述言語:英語  

    開催地:Jeju Island   国名:大韓民国  

    Recently, botnet becomes a social problem due to the expansion of bot infection. Ideally, all the vulnerable computers should be fortified to counteract laying malware. Accordingly, it is important to implement an information system which detects bot-infected computers and alerts them. In this paper, we focused on bots using IRC to communicate, and examined the behavior of such bots when they connected to an IRC server. We observed the actual traffic of some ports which were often used by IRC protocol. As a result, we confirmed that bots tried to reconnect to an IRC server at certain intervals when the server refused the connection from the bot. Moreover, we examined the distribution of the intervals and confirmed that the communication from other IP addresses showed similar behavior.

  • Two-servers PIR based DNS query scheme with privacy-preserving

    Fangming Zhao, Yoshiaki Hori, Kouichi Sakurai

    2007 International Conference on Intelligent Pervasive Computing, IPC 2007  2007年 

     詳細を見る

    開催年月日: 2007年10月

    記述言語:英語  

    開催地:Jeju Island   国名:大韓民国  

    In a society preoccupied with gradual erosion of electronic privacy, loss of privacy in current DNS queries is an important issue worth considering. From the definition, the privacy problem is to prove that none of the private data can be inferred from the information which is made public. The privacy disclosure problem in DNS Query was well analyzed by Zhao et al. from MUE 2007. In this paper, we first analyze the "Range Query" from that paper, then by results of that scheme and another well-known client-to-server privacy-preserving query scheme: Two-DBServer Private Information Retrieval theory, we propose a new privacy-preserving DNS Query scheme, which was proved to achieve higher efficiency and theoretic privacy.

  • Forward secure privacy protection scheme for RFID system using advanced encryption standard

    Sang Soo Yeo, Kouichi Sakurai, SungEon Cho, KiSung Yang, Sung Kwon Kim

    5th International Symposium on Parallel and Distributed Processing and Applications, ISPA 2007 International Workshops: SSDSN, UPWN, WISH, SGC, ParDMCom, HiPCoMB, and IST-AWSN  2007年 

     詳細を見る

    開催年月日: 2007年8月

    記述言語:英語  

    開催地:Niagara Falls, ON   国名:カナダ  

    There are many researches related to privacy protection in RFID system. Among them, Ohkubo's hash-based scheme is provably secure and it can protect user's privacy, prevent location tracking, and guarantee forward security completely. Unfortunately, one-way hash functions, which play important roles in Ohkubo's schem, can't be implemented into the current RFID tag hardware. So we propose a new secure protocol for RFID privacy protection, and it is a modified version of Ohkubo's scheme using Feldhofer's AES module for RFID tag. Our new scheme has almost all of advantages of Ohkubo's scheme and moreover it can be embedded into RFID tag hardware easily.

  • A practical proxy device for protecting RFID tag's identifier

    Sang Soo Yeo, Kouichi Sakurai, Jin Kwak

    2007 ECSIS Symposium on Bio-inspired, Learning, and Intelligent Systems for Security, BLISS 2007  2007年 

     詳細を見る

    開催年月日: 2007年8月

    記述言語:英語  

    開催地:Edinburgh   国名:グレートブリテン・北アイルランド連合王国(英国)  

    RFID, Radio Frequency Identification, is an emerging technology in the world of automatic identification. It uses RF signal for gathering information of tags, which can be attached or embedded to goods such as consumer electronics, items in supermarkets, automobile's parts. It may make our life more comfortable and more ubiquitous, but it may make us, on the other hand, more nervous. This is because that there are some privacy problems in RFID system. More comfortable automatic identifications would lead to more disclosure of our private life. This reason rushed many researches results related to security and privacy in RFID system. However, we cannot choose anything among them for applying to the current RFID system. Most of them require either of high-cost hardware specification or giving up potential convenience of consumers. In this paper, we propose a simple privacy protection scheme that can be used for the current existing RFID system such as ISO 18000-6 type C. We modify this standard tag identification protocol slightly and introduce a light-weight proxy device for privacy enhancing.

  • K2 stream cipher

    Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai

    4th International Conference on E-Business and Telecommunications, ICETE 2007  2008年 

     詳細を見る

    開催年月日: 2007年7月

    記述言語:英語  

    開催地:Barcelona   国名:スペイン  

    A variety of different clock-controlled stream ciphers and attacks on them have been described in a number of papers. However, few word-oriented algorithms with an irregular clocking mechanism have been proposed. This paper proposes a new design of irregular clocking for word-oriented stream ciphers that is dynamic feedback control and show analysis results of its security and performance. The stream cipher K2 v2.0 is a secure and high-performance stream cipher using the dynamic feedback control, which is applicable for several applications. We believe that the dynamic feedback control mechanism is potentially effective against several different types of attacks, not only existing attacks but also novel attacks.

  • K2 A stream cipher algorithm using dynamic feedback control

    Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai

    SECRYPT 2007 - International Conference on Security and Cryptography  2007年 

     詳細を見る

    開催年月日: 2007年7月

    記述言語:英語  

    開催地:Barcelona   国名:スペイン  

    A variety of different clock-controlled stream ciphers and attacks on them have been described in a number of papers. However, few word-oriented algorithms with an irregular clocking mechanism have been proposed. This paper proposes a new design of irregular clocking for word-oriented stream ciphers that is dynamic feedback control and show analysis results of its security and performance. The stream cipher K2 v2.0 is a secure and high-performance stream cipher using the dynamic feedback control, which is applicable for several applications. We believe that the dynamic feedback control mechanism is potentially effective against several different types of attacks, not only existing attacks but also novel attacks.

  • An adaptive spreading activation approach to combating the front-peer attack in trust and reputation system

    Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai

    4th International Conference on Autonomic and Trusted Computing: Bringing Safe, Self-x and Organic Computing Systems into Reality, ATC 2007  2007年12月 

     詳細を見る

    開催年月日: 2007年7月 - 2011年7月

    記述言語:英語  

    開催地:Hong Kong   国名:中華人民共和国  

    It is argued that group-based trust metric is effective in resisting attacks, which evaluates groups of assertions "in tandem", and generally computes trust ranks for sets of individuals according to peers' social position in trust network. Thus, the group-based trust value should be called "reputation rank". But, unfortunately, most group-based trust metrics are vulnerable to the attack of front peers, which represent these malicious colluding peers always cooperate with others in order to increase their reputation, and then provide misinformation to promote actively malicious peers. In this paper, we proposed adaptive spreading activation approach to mitigating the effect of front peer attack, in which adaptive spreading factor is used to reflect the peer's recommendation ability according to behaviors of the peer's direct/indirect children in trust network; Simulation results show that the adaptive spreading activation approach can identify and mitigate the attack of front peer.

  • An approach of trusted program generation for user-responsible privacy

    Ken'ichi Takahashi, Zhaoyu Liu, Kouichi Sakurai, Makoto Amamiya

    4th International Conference on Ubiquitous Intelligence and Computing: Building Smart Worlds in Real and Cyber Spaces, UIC 2007  2007年12月 

     詳細を見る

    開催年月日: 2007年7月

    記述言語:英語  

    開催地:Hong Kong  

    Presently, one can use services on the Internet. These services require user's sensitive information such as name, address, credit card number, etc. However, various privacy problems such as information leakage cases are becoming serious social concern. Therefore, we propose a framework to protect user's sensitive information. It allows a user to specify the usage of his/her sensitive information and restricts the use of information by an information recipient. The main concept of the framework is that an information recipient can use sensitive information only in the manner considered safe by the information owner. This is realized by a trusted program that implements the manner of information usage trusted by the information owner. The user offers his/her trusted program to an information recipient and requires to make use of the user's sensitive information through the trusted program. In this paper, we propose the approach for trusted program generation.

  • On characterizing economic-based incentive-compatible mechanisms to solving hidden information and hidden action in ad hoc network

    Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai

    4th International Conference on Ubiquitous Intelligence and Computing: Building Smart Worlds in Real and Cyber Spaces, UIC 2007  2007年12月 

     詳細を見る

    開催年月日: 2007年7月

    記述言語:英語  

    開催地:Hong Kong  

    This paper attempts to comprehensively characterize economic-based incentive compatible routing and forwarding mechanisms in ad hoc network, including hidden information in routing phase, and hidden action in forwarding phase. By incentive compatibility it means that system designer should respect rationality of nodes, and design proper incentive mechanisms to encourage nodes to conduct something beneficial to the whole system, while nodes pursued their own utility. Firstly, based on analysis of extensive game form, we argue that, for each participant, truth-telling is the expected dominant strategy equilibrium in VCG-like routing mechanism, even under the situation of mutually dependent link cost. Then, Individual rationality (IR) and Incentive Compatibility (IC) constraints are formally offered, which should be satisfied by any game theoretical routing and forwarding scheme. And different solution concepts are investigated to characterize the economic meanings of two kind forwarding approaches, that is, Nash equilibrium with no per-hop monitoring and dominant strategy equilibrium with per-hop monitoring. Finally, we discuss frugality problem in VCG-like mechanism.

  • On studying front-peer attack-resistant trust and reputation mechanisms based on enhanced spreading activation model in P2P environments

    Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai

    ApWeb/WAIM 2007 International Workshops: 1st International workshop on Database Management and Applications over Networks, DBMAN 2007 - 1st Workshop on Emerging Trends of Web Technologies and Applications, WebETrends 2007 - International Workshop on  2007年12月 

     詳細を見る

    開催年月日: 2007年6月

    記述言語:英語  

    開催地:Huang Shan   国名:中華人民共和国  

    In this paper, we proposed two enhanced trust propagation and reputation ranking approaches based on spreading activation model to mitigate the effect of front peer. By front peer it means that these malicious colluding peers always cooperate with others in order to increase their reputation, and then provide misinformation to promote actively malicious peers. One approach is to use adaptive spreading factor to reflect the peer's recommendation ability according to behaviors of the peer's direct/indirect children in trust graph; another way is to investigate the feasibility of propagating distrust to effectively combat front peer. Preliminary simulation results show that those approaches can identify and mitigate the attack of front peer.

  • Studying on economic-inspired mechanisms for routing and forwarding in wireless ad hoc network

    Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai

    4th International Conference on Theory and Applications of Models of Computation, TAMC 2007  2007年10月 

     詳細を見る

    開催年月日: 2007年5月

    記述言語:英語  

    開催地:Shanghai   国名:中華人民共和国  

    Considering the fact that there exist information asymmetry (hidden information) in routing phase, and moral hazard (hidden action) in forwarding phase in autonomous Ad hoc network, this paper argues that economic-based mechanisms play both a signaling and a sanctioning role, which reveal the node's true forwarding cost in routing phase while provide incentives to nodes to exert reasonable effort in forwarding phase, that is, the role of economicinspired mechanisms in information asymmetry is to induce learning whereas the role of such mechanisms in moral hazard settings is to constrain behavior. Specifically, this paper conducts the following works: considering the mutually dependent link cost, we demonstrate that, for each participant, truth-telling is the risk dominant strategy in VCG-like routing mechanism based on analysis of extensive game form. Then, Individual rationality (IR) and Incentive Compatibility (IC) constraints are formally offered, which should be satisfied by any game theoretical routing and forwarding scheme. And different solution concepts are investigated to characterize the economic meanings of two kind forwarding approaches, that is, Nash equilibrium with no per-hop monitoring and dominant strategy equilibrium with per-hop monitoring.

  • Study on trust inference and emergence of economical small-world phenomena in P2P environment

    Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai

    Pacific-Asia Conference on Knowledge Discovery and Data Mining, PAKDD 2007  2007年12月 

     詳細を見る

    開催年月日: 2007年5月

    記述言語:英語  

    開催地:Nanjing   国名:中華人民共和国  

    With the increasing popularity of self-organized communication systems, distributed trust and reputation systems in particular have received increasing attention. By formalizing trust relationships, trust between parties within the community can be derived by analyzing the trust paths linking the parties together. This paper treats trust network as an emergent property. The emergence interpretation concerns both the maintenance and usage of trust network inference. Specifically, in P2P system, trust network is maintained by individual agents at micro level, and it is used (i.e., queried) as one entity at macro level. In this paper, we first discuss micro level activities, that is, we classifies trust into functional trust and referral trust to facilitate trust inference, and extend the referral trust to include factors of similarity and truthfulness, so that our approach can accommodate the personalized feature of reputation rating, and reduce trust inference error effectively; then we discuss macro level properties of trust network. Specifically, we investigate the emergence of network structural properties of trust and reputation system in terms of efficiency and cost. That is, efficiency measures how well information propagates over trust system, and cost measures how expensive it is to build this system. Preliminary simulation results show the performance improvement of P2P community and the emergence of economical small-world trust network, namely relatively high efficiency and low cost.

  • Privacy-preserving two-party K-means clustering via secure approximation

    Chunhua Su, Feng Bao, Jianying Zhou, Tsuyoshi Takagi, Kouichi Sakurai

    21st International Conference on Advanced Information Networking and ApplicationsWorkshops/Symposia, AINAW'07  2007年 

     詳細を見る

    開催年月日: 2007年5月

    記述言語:英語  

    開催地:Niagara Falls, ON   国名:カナダ  

    K-means clustering is a powerful and frequently used technique in data mining. However, privacy breaching is a serious problem if the k-means clustering is used without any security treatment, while privacy is a real concern in many practical applications. Recently, four privacypreserving solutions based on cryptography have been proposed by different researchers. Unfortunately none of these four schemes can achieve both security and completeness with good efficiency. In this paper, we present a new scheme to overcome the problems occurred previously. Our scheme deals with data standardization in order to make the result more reasonable. We show that our scheme is secure and complete with good efficiency.

  • Two-party privacy-preserving agglomerative document clustering

    Chunhua Su, Jianying Zhou, Feng Bao, Tsuyoshi Takagi, Kouichi Sakurai

    3rd International Conference on Information Security Practice and Experience, ISPEC 2007  2007年 

     詳細を見る

    開催年月日: 2007年5月

    記述言語:英語  

    開催地:Hong Kong  

    Document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. Many organizations or companies want to share their documents in a similar theme to get the joint benefits. However, it also brings the problem of sensitive information leakage without consideration of privacy. In this paper, we propose a cryptography-based framework to do the privacy-preserving document clustering among the users under the distributed environment: two parties, each having his private documents, want to collaboratively execute agglomerative document clustering without disclosing their private contents.

  • A proposal of efficient scheme of key management using ID-based encryption and biometrics

    Akitoshi Izumi, Yoshifumi Ueshige, Kouichi Sakurai

    2007 International Conference on Multimedia and Ubiquitous Engineering, MUE 2007  2007年12月 

     詳細を見る

    開催年月日: 2007年4月

    記述言語:英語  

    開催地:Seoul   国名:大韓民国  

    In the information exchange through network, the security risks always exists, that is eavesdropping, defacing, and spoofing by the attacker. Crypthography, digital signature, and authentication are techniques oppose such attacker. PKI (Public Key Infrastructure) enables such technique. In PKI, the public key certificate is used. This public key certificate is issued and distributed by certificate authority, but we think that the updating of expired certificate etc. are very costly for the user. It seems that the management of secret key is more serious problem than that of public key certificate for the user. As above, in the system using public key cryptography, the managements of public key and secret key are very important problem. In order to solve the above problems, we propose the scheme that stores protected secret key which is made by combination of biometrics and secret key in the smartcard in the system which uses ID-based cryptography. In our proposal, TA (Trusted Authority) protects the secret key using biometrics information extracted from owner of that secret key and stores it as protected secret key in smartcard which has fingerprint reading function. And we must extract the same biometrics information as that is extracted at enrollment. So, we extract the helper data from biometrics information at making protected secret key and store it in smartcard. The user can restore the secret key form protected secret key by presenting his fingerprint to smart-card that has protected secret key and helper data. In our scheme, the template is not need for authentication. So, the problem of the leakes of the template arise in traditional baiometric authentication won't arise. Also we proposed the concrete operation scheme in which our scheme is used. We show that the cost of the public key and secret key management will be reduced by using this operation scheme.

  • Analysis of privacy disclosure in DNS query

    Fangming Zhao, Yoshiaki Hori, Kouichi Sakurai

    2007 International Conference on Multimedia and Ubiquitous Engineering, MUE 2007  2007年12月 

     詳細を見る

    開催年月日: 2007年4月

    記述言語:英語  

    開催地:Seoul   国名:大韓民国  

    When a DNS (domain name system) client needs to look up a name, it queries DNS servers to resolve the name on the Internet. The query information from the client was passed through one or more DNS servers. While useful, in the whole query transmission, we say it can leak potentially sensitive information: what a client wants to connect to, or what the client is always paying attention to? From the definition, the privacy problem is to prove that none of the private data can be inferred from the information which is made public.We firstly analyzed the complete DNS query process now in use; then, from each step of the DNS query process, we discussed the privacy disclosure problem in each step of the query: Client side, Query transmission process and DNS server side. Finally, we proposed a simple and flexible privacy-preserving query scheme "Range Query", which could maximally decrease privacy disclosure in the whole DNS query process. And we also discuss efficiency and implementation on the Range Query.

  • An approach of program analysis prevention for information protection

    Ken'ichi Takahashi, Zhaoyu Liu, Kouichi Sakurai

    2007 International Conference on Multimedia and Ubiquitous Engineering, MUE 2007  2007年12月 

     詳細を見る

    開催年月日: 2007年4月

    記述言語:英語  

    開催地:Seoul   国名:大韓民国  

    The evolution of mobile technologies will enable us to realize the ubiquitous computing environment. In such environment, a user's mobile terminal manages his sensitive information and assists in his activities. At the same time, information leakage will become more serious social problems. In this paper, we propose a framework which protects user's sensitive information according to a way the user supposes safe. In the framework, a user offers a program, which implements a way the user supposes safe, to an information recipient. And then, the information recipient makes use of the user's sensitive information through the program. In this manner, the user can protect his sensitive information. The framework, however, has a problem, by which the information recipient may analyze the program and obtain some sensitive information. In this paper, we introduce a tamper-proof device and trust relationship for a solution of this problem.

  • A policy language for the extended reference monitor in trusted operating systems

    Hyung Chan Kim, R. S. Ramakrishna, Wook Shin, Kouichi Sakurai

    2nd International Conference on Availability, Reliability and Security, ARES 2007  2007年 

     詳細を見る

    開催年月日: 2007年4月

    記述言語:英語  

    開催地:Vienna   国名:オーストラリア連邦  

    The main focus of current research in Trusted Operating Systems (TOS) is on the enhanced access control of reference monitors which, in turn, control the individual operations on a given access instance. However, many real-life runtime attacks involve behavioral semantics. We have proposed an extended reference monitor to support both access and behavior controls. This results in a sequence of operations which are also of concern in security enforcement. This paper presents a policy language for the extended reference monitor. Our policy language is based on Domain and Type Enforcement (DTE) and Role-Based Access Control (RBAC). Permission is defined as an event and a state of behavior is represented as a fluent to be accorded with the convention of Event Calculus (EC). Behavior policies can be expressed with the EC style syntax as well as access control policies.

  • Economic-inspired truthful reputation feedback mechanism in P2P networks

    Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai

    FTDCS 2007: 11th IEEE International Workshop on Future Trends of Distributed Computing Systems  2007年8月 

     詳細を見る

    開催年月日: 2007年3月

    記述言語:英語  

    開催地:Sedona, AZ   国名:アメリカ合衆国  

    Recently, cross-disciplinary efforts involving economics and computer security have proliferated. And Peer-to-Peer (P2P) reputation systems are essential to evaluate the trustworthiness of participating peers and to combat the selfish, dishonest and malicious behaviors of peers. But reputation feedback is special kind of information, and it is not free. Based on those above consideration, in this paper, VCG (Vickery-Clarke-Groves)-like reputation remuneration scheme inspired by economic model is proposed to stimulate rational peers not only to provide reputation feedback, but truthfully offer feedback.

  • An intrusion detection system which can restore altered data

    Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    4th International Conference on Information Technology and Applications, ICITA 2007  2007年12月 

     詳細を見る

    開催年月日: 2007年1月

    記述言語:英語  

    開催地:Harbin   国名:中華人民共和国  

    We propose an intrusion detection system. Our system can detect the alteration of data in memory and also can restore altered data. This type of intrusion detection system has been proposed variously so far. But many of them can detect only a part of attacks. And as far as we know, few of them can restore altered data. Our system can detect attacks which can not be detected by existing systems and also can restore altered data. Our system protects data in the kernel area using hash functions. The overhead of accessing the kernel area and using a hash function is high. But our system reduces the frequency of accessing the kernel area and using a hash function in safety.

  • An efficient password-based e-mail protocol for encrypted e-mail transmissions on mobile equipment

    Jeong Ok Kwon, Ik Rae Jeong, Kouichi Sakurai, Dong Hoon Lee

    2007 Digest of Technical Papers International Conference on Consumer Electronics  2007年 

     詳細を見る

    開催年月日: 2007年1月

    記述言語:英語  

    開催地:Las Vegas, NV   国名:アメリカ合衆国  

    This paper presents an efficient e-mail protocol that can be used for secure e-mail transmissions between mobile equipments, especially mobile phones equipped with IC (Integrated Circuit) chips. The protocol makes it possible that a user who has a mobile phone, but has no public-key certificate, sends or receives an encrypted e-mail using a memorable password shared with his mobile e-mail server only. Therefore the protocol can be more easily implemented and efficiently used for mobile e-mail systems. To the best of our knowledge, the new protocol is the first e-mail protocol does not require expensive public-key certificate related computations.

  • Induction and implementation of security requirements in each system block

    Tai Hoon Kim, Kouichi Sakurai, Sun Myung Hwang

    13th International Multimedia Modeling Conference, MMM 2007  2007年12月 

     詳細を見る

    開催年月日: 2007年1月

    記述言語:英語  

    開催地:Singapore   国名:シンガポール共和国  

    When building some kinds of IT systems, security-related requirements must be considered. It is essential that not only the customer's requirements for software or systems functionality should be satisfied but also the security requirements imposed on the software or systems development should be effectively analyzed and implemented in contributing to the security objectives of customer's requirements. Though the customer's requirements must be implemented to software or systems perfectly, but these are not sufficient. The secure software or systems may be implemented by not only applying security products but also considering security requirement appended to customer's requirement. In this paper, we propose a security engineering based approach considering security when developing software or systems based on System Block Model.

  • Application and evaluation of Bayesian filter for Chinese spam

    Wang Zhan, Yoshiaki Hori, Kouichi Sakurai

    2nd SKLOIS Conference on Information Security and Cryptology, Inscrypt 2006  2006年 

     詳細を見る

    開催年月日: 2006年11月 - 2006年12月

    記述言語:英語  

    開催地:Beijing   国名:中華人民共和国  

    Recently, a statistical filtering based on Bayes theory, socalled Bayesian filtering gain attention when it was described in the paper "A Plan for Spam" by Paul Graham, and has become a popular mechanism to distinguish spam email from legitimate email. Many modern mail programs make use of Bayesian spam filtering techniques. The implementation of the Bayesian filtering corresponding to the email written in English and Japanese has already been developed. On the other hand, few work is conducted on the implementation of the Bayesian spam corresponding to Chinese email. In this paper, firstly, we adopted a statistical filtering called as bsfilter and modified it to filter out Chinese email. When we targeted Chinese emails for experiment, we analyzed the relation between the parameter and the spam judgement accuracy of the filtering, and also considered the optimal parameter values.

  • Interactively combining 2D and 3D visualization for network traffic monitoring

    Erwan Le Malécot, Masayoshi Kohara, Yoshiaki Hori, Kouichi Sakurai

    3rd International Workshop on Visualization for Computer Security, VizSEC'06. Co-located with the 13th ACM Conference on Computer and Communications Security, CCS'06  2006年12月 

     詳細を見る

    開催年月日: 2006年11月

    記述言語:英語  

    開催地:Alexandria, VA   国名:アメリカ合衆国  

    With the multiplication of attacks against computer networks, system administrators need to monitor carefully the networks they manage. However, that monitoring task is made harder because of the increasing amount of data to process. Conventional automated tools provide limited support and most of the time require high skilled operators. Recently, tools using visualization techniques started to be proposed to resolve those issues. In this paper we introduce an original visualization design which combine 3D and 2D representations of the network traffic and activity. Both representations are based on the same interactive grid representation of the network space and are linked together as they provide complementary functionalities.The 3D representation provides an overview of the communications between several network zones and the 2D representation provides a detailed view of selected parts of the 3D one. A prototype was built according to the proposed visualization design.

  • Security analysis of MIS protocol on wireless LAN comparison with IEEE802.11i

    Yoshiaki Hori, Kouichi Sakurai

    3rd International Conference on Mobile Technology, Applications and Systems  2006年12月 

     詳細を見る

    開催年月日: 2006年10月

    記述言語:英語  

    開催地:Bangkok   国名:タイ王国  

    We attempt security analysis of MIS protocol comparison with IEEE 802.11i. The both protocols, IEEE 802.11i and MIS protocol, achieve enough confidentiality, integrity, authentication and key exchange in practical use. However, the both protocols are under threats of forged control messages by using of management/control frame of IEEE 802.11 and control messages of MIS protocol. In fact, countermeasure against DoS attack which inflicts a lack of availability can provide by the technique on the system implementation.

  • Security analysis of MIS protocol on wireless LAN comparison with IEEE802.11i

    Yoshiaki Hori, Kouichi Sakurai

    3rd International Conference on Mobile Technology, Applications and Systems, Mobility '06  2006年 

     詳細を見る

    開催年月日: 2006年10月

    記述言語:英語  

    開催地:Bangkok   国名:タイ王国  

    We attempt security analysis of MIS protocol comparison with IEEE 802.11i. The both protocols, IEEE 802.11i and MIS protocol, achieve enough confidentiality, integrity, authentication and key exchange in practical use. However, the both protocols are under threats of forged control messages by using of management/control frame of IEEE 802.11 and control messages of MIS protocol. In fact, countermeasure against DoS attack which inflicts a lack of availability can provide by the technique on the system implementation.

  • Ciphertext-auditable public key encryption

    Satoshi Hada, Kouichi Sakurai

    1st International Workshop on Security, IWSEC 2006  2006年 

     詳細を見る

    開催年月日: 2006年10月

    記述言語:英語  

    開催地:Kyoto   国名:日本国  

    Loss of backup tapes containing personal information (PI) is a potential breach of privacy and encryption is the typical way to prevent the breach. This paper considers an attack scenario where an adversary who encrypts the PI for backup purpose tries to hide the plain PI in a valid-looking ciphertext without being detected. We show that the standard security notion IND-CCA2 does not capture such a scenario. For example, the Cramer-Shoup scheme is vulnerable to such an attack. To capture such a scenario, we define a new notion of "ciphertext-auditability" as a new property of public key encryption schemes (PKESs). It requires that, given a public key and a ciphertext, anyone should be able to verify whether the ciphertext was actually generated using the public key. Also, it requires that, given a public key and a plaintext, no adversary should be able to generate a valid-looking ciphertext so that the verification passes, but nevertheless the plaintext can be recovered from the ciphertext without the corresponding secret key. We propose a general construction of such PKESs based on standard cryptographic primitives in the random oracle model.

  • One-round protocol for two-party verifier-based password-authenticated key exchange

    Jeong Ok Kwon, Kouichi Sakurai, Dong Hoon Lee

    10th IFIP TC-6 TC-11 International Conference on Communications and Multimedia Security, CMS 2006  2006年 

     詳細を見る

    開催年月日: 2006年10月

    記述言語:英語  

    開催地:Heraklion, Crete   国名:ギリシャ共和国  

    Password-authenticated key exchange (PAKE) for two-party allows a client and a server communicating over a public network to share a session key using a human-memorable password only. PAKE protocols can be served as basic building blocks for constructing secure, complex, and higher-level protocols which were initially built upon the Transport Layer Security (TLS) protocol. In this paper, we propose a provably-secure verifier-based PAKE protocol well suited with the TLS protocol which requires only a single round. The protocol is secure against attacks using compromised server's password file and known-key attacks, and provides forward secrecy, which is analyzed in the ideal hash model. This scheme matches the most efficient verifier-based PAKE protocol among those found in the literature. It is the first provably-secure one-round protocol for verifier-based PAKE in the two-party setting.

  • Actively modifying control flow of program for efficient anormaly detection

    Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    10th International Conference on Knowledge-Based Intelligent Information and Engineering Systems, KES 2006  2006年 

     詳細を見る

    開催年月日: 2006年10月

    記述言語:英語  

    開催地:Bournemouth   国名:グレートブリテン・北アイルランド連合王国(英国)  

    In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives.

  • A proactive secret sharing for server assisted threshold signatures

    Jong Phil Yang, Kyung Hyune Rhee, Kouichi Sakurai

    2nd International Conference on High Performance Computing and Communications, HPCC 2006  2006年 

     詳細を見る

    開催年月日: 2006年9月

    記述言語:英語  

    開催地:Munich   国名:ドイツ連邦共和国  

    Threshold signature schemes distribute secret information to several servers and make the whole system that maintains the secret information fault-tolerant. Since threshold signature schemes typically assume that the shared signing function can only be activated by a quorum number of servers. If anyone has a power to activate the signing function of servers, he can easily compute valid signatures for a specific organization without knowing the private key. S. Xu et al. proposed a general construction to build threshold signature schemes (called as server assisted threshold signatures) which provide an organization (e.g., a user) with controllability for activating his private signing function in a certain enhanced way. In this paper, we newly propose proactive secret sharing schemes which are suitable for server-assisted threshold signatures.

  • On studying P2P topology construction based on virtual regions and its effect on search performance

    Yufeng Wang, Wendong Wang, Kouichi Sakurai, Yoshiaki Hori

    3rd International Conference on Ubiquitous Intelligence and Computing, UIC 2006  2006年 

     詳細を見る

    開催年月日: 2006年9月

    記述言語:英語  

    開催地:Wuhan   国名:中華人民共和国  

    The virtual region-based P2P architecture was provided in this paper, which extended the proximity concept in overlay network. By virtual region it meant various related factors should be integrated into the design of P2P topology, such as peer interest, peer locality, and heterogeneity in peer capacity etc. But, the shared contents in P2P are vast and miscellaneous, it is very difficult to recognize the interest similarity among peers, dynamically form the interest region and direct peer to appropriate interest region. In this paper, the Jensen-Shannon Divergence (JSD) was used to characterize interest/semantic similarity among peers, and the interest region formation and location mechanism based on Dynamic Interest Landmark (DIL) was offered to facilitate to dynamically guide peers to join the appropriate interest region corresponding to peers' content semantic. Considering that interest region is composed of geographically sporadic peers, each interest region was organized according to peer proximity in underlying infrastructure. The theoretical and simulated results illustrated that our architecture can significantly reduce the query overhead, and improve the search performance.

  • An RFID system based MCLT system with improved privacy

    Jin Kwak, Keunwoo Rhee, Namje Park, Howon Kim, Seungjoo Kim, Kouichi Sakurai, Dongho Won

    EUC 2006: Embedded and Ubiquitous Computing Workshops  2006年1月 

     詳細を見る

    開催年月日: 2006年8月

    記述言語:英語  

    開催地:Seoul   国名:大韓民国  

    Radio Frequency Identification (RFID) systems are increasingly becoming accepted for many EPC Network applications. However, RFID systems have some privacy problems. In this paper, a system for missing child location tracking in the EPC Network applications, is proposed. The proposed system improves security and privacy compared to existing applications, while also keeping in line with traditional procedures, commonly accepted by most industrial applications. The proposed MCLT (Missing Child Location Tracking) system can protect users' privacy while providing location tracking of the RFID tag.

  • Enhanced privacy in key-exchange protocols by one-time ID

    Kenji Imamoto, Kouichi Sakurai

    2nd International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing, SecPerU 2006  2006年12月 

     詳細を見る

    開催年月日: 2006年6月

    記述言語:英語  

    開催地:Lyon   国名:フランス共和国  

    This paper considers how two parties communicate securely over an adversary-controlled network. We especially focus on the problem of ID protection because of the recently rapid development of mobile network where any transferred message is easily eavesdropped on. We analyze several existing key exchange protocols and point out their problems: e.g. incompleteness of ID protection and vulnerability to DoS attacks. Then we model the notion of ID protection and construct a protocol with provable security.

  • A framework for the user-oriented personal information protection

    Ken'ichi Takahashi, Kouichi Sakurai

    2006 International Conference on Security and Management, SAM'06  2006年12月 

     詳細を見る

    開催年月日: 2006年6月

    記述言語:英語  

    開催地:Las Vegas, NV   国名:アメリカ合衆国  

    Thanks to the spread of mobile technologies, we can access to the network anytime and from anywhere. In the near future, we will enable to realize the ubiquitous computing environment, in which user's mobile terminal assists in their activity. In the ubiquitous computing environment, user's mobile terminal manages personal information, which is used for negotiations with a service provider. However, various privacy problems, such as information leakage cases, have happened, so that we desire to protect our personal information. We propose a framework for protecting personal information. A basic idea of the framework is to make use of personal information through a program which the owner of personal information knows the behaviour of. We call this program trusted program, because the owner of personal information can trust a way of personal information use. Then, a user offers his/her trusted program to a service provider and compels the service provider to make use of his/her personal information. In this paper, we introduce the framework under the assumption of using an anti-tampering device and propose the method for creating trusted-program.

  • A proposal of one-time biometric authentication

    Yoshifumi Ueshige, Kouichi Sakurai

    2006 International Conference on Security and Management, SAM'06  2006年 

     詳細を見る

    開催年月日: 2006年6月

    記述言語:英語  

    開催地:Las Vegas, NV   国名:アメリカ合衆国  

    In biométrie authentication, feature information of each enrolled person's biométrie information is enrolled as templates. Secure databases or anti-tampered devices store the templates in general. The biométrie information, however, is irreplaceable information, when it is compromised. Thereby, one must give a special attention to protection of such information. On the other hands, increasing internet economical services causes a motivation of implementing online biométrie authentication. We propose a novel protection technique for the biométrie information, especially the feature information and the templates. The point of our proposal is that the extracted features and the enrolled templates are transformed by one-time transformation that is generated in each authentication. The transformed features and templates travel through insecure communication line like the internet, and they are used in matching process. This technique causes security against eavesdropping and replay attacks on the internet, because the transmitted feature information and the templates are different every time.

  • Grid based network address space browsing for network traffic visualization

    Erwan Le Malécot, Masayoshi Kohara, Yoshiaki Hori, Kouichi Sakurai

    2006 IEEE Workshop on Information Assurance  2006年1月 

     詳細を見る

    開催年月日: 2006年6月

    記述言語:英語  

    開催地:West Point, NY   国名:アメリカ合衆国  

    The security of computer networks has become a priority during the past few years. More and more organizations heavily depend on services that are provided by computer networks and this trend is certainly going to rise in the near future. At the same time, malicious attacks against such systems are also increasing in number and variety. System administrators can try to prevent these attacks with the use of firewalls for instance. However, these precautions are not always enough and so they also need to monitor the network traffic in order to detect anomalies and intrusions. Usually, system administrators use automated systems to process network traffic logs and to analyze them. This processing is based on learning techniques, signature databases or statistical analysis. Another approach is to use visualization techniques to display these logs and to favor user interaction with the data. This paper presents a visualization design based on interactive grids representing the network space. The network traffic is then displayed on these grids. We also introduce a prototype of this design that has been implemented to test its validity.

  • Distributing security-mediated PKI revisited

    Jong Phil Yang, Kouichi Sakurai, Kyung Hyune Rhee

    Third European PKI Workshop, Public Key Infrastructure - Theory and Practice, EuroPKI 2006  2006年 

     詳細を見る

    開催年月日: 2006年6月

    記述言語:英語  

    開催地:Turin   国名:イタリア共和国  

    The SEM approach to PKI offers several advantages, such as immediate revocation of users' signing ability without CRLs and compatibility with the standard RSA. However, it has a weakness against denial of service attack caused by breaking down or being compromised. G. Vanrenen et al. proposed a distributed SEM approach to overcome the weakness. However, it does not provide the desirable properties such as instant availability and immunity against denial of service attack, due to inadequate usage of threshold cryptography and proactive secret sharing. In this paper, we point out its structural shortcomings and propose a modified version.

  • Efficient password-authenticated key exchange for three-party secure against undetectable on-line dictionary attacks

    Jeong Ok Kwon, Kouichi Sakurai, Dong Hoon Lee

    ICCS 2006: 6th International Conference on Computational Science  2006年1月 

     詳細を見る

    開催年月日: 2006年5月

    記述言語:英語  

    開催地:Reading   国名:グレートブリテン・北アイルランド連合王国(英国)  

    A password-authenticated key exchange (PAKE) protocol in the three-party setting allows two users communicating over a public network to agree on a common session key by the help of a server. In the setting the users do not share a password between themselves, but only with the server. In this paper, we explore the possibility of designing a round-efficient three-party PAKE protocol with a method to protect against undetectable on-line dictionary attacks without using the random oracle. The protocol matches the most efficient three-party PAKE protocol secure against undetectable on-line dictionary attacks among those found in the literature while providing the same level of security. Finally, we indentify the relations between detectable on-line and undetectable on-line dictionary attacks by providing counter-examples to support the observed relations1.

  • An intrusion detection system using alteration of data

    Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    20th International Conference on Advanced Information Networking and Applications  2006年11月 

     詳細を見る

    開催年月日: 2006年4月

    記述言語:英語  

    開催地:Vienna   国名:オーストリア共和国  

    Attacks against data in memory are one of the most serious threats these days. Although many detection systems have been proposed so far, most of them can detect only part of alteration. Some detection systems use canaries to detect alteration. However, if an execution code has bugs that enable attackers to read data in memory, the system could be bypassed by attackers who can guess canaries. To overcome the problems, we propose a system using alteration of data. Our proposed system detects illegal alteration with verifier for vulnerable data. Verifier is made before vulnerable data could be altered by attackers, and verifier is checked when the program uses the vulnerable data. Part of Verifier is stored in kernel area to prevent attackers from reading data in user memory. Our approach can detect illegal alteration of arbitrary data in user memory. Our proposed system, moreover, does not have the problem systems using canaries have.

  • Design and implementation of an extended reference monitor for trusted operating systems

    Hyung Chan Kim, Wook Shin, R. S. Ramakrishna, Kouichi Sakurai

    2nd International Conference on Information Security Practice and Experience, ISPEC 2006  2006年7月 

     詳細を見る

    開催年月日: 2006年4月

    記述言語:英語  

    開催地:Hangzhou   国名:中華人民共和国  

    Conventional access control schemes have supported confidentiality and integrity acknowledging the necessary organizational security policy in operating systems. However, many runtime attacks in operating systems involve behavioral semantics, indicating that attacks should be seen as a sequence of access operations. Ironically these attacks are legitimate under any access control policy. This is due to the lack of behavioral dimension in security enforcement. We propose an extended reference monitor to include this dimension. Our method is based on safety property specification on system call sequences. The reference monitor checks the trace at runtime for behavior control in Linux operating system.

  • An evenhanded certified email system for contract signing

    Kenji Imamoto, Jianying Zhou, Kouichi Sakurai

    7th International Conference on Information and Communications Security, ICICS 2005  2005年12月 

     詳細を見る

    開催年月日: 2005年12月

    記述言語:英語  

    開催地:Beijing   国名:中華人民共和国  

    Certified email is a system which enables a sender to prove a receiver's receipt of email. Such a system can be used for applications related to electronic commerce on the Internet. This paper considers a situation where a sender or a receiver wants to change his/her mind due to the change of mail content value (e.g., stock, auction, gambling) during the transaction. We point out that no traditional certified email systems have been designed for such a case, thus one of the participants can be at a disadvantage. To avoid this problem, we propose an evenhanded certified email system in which each participant can change his/her choice, either cancel or finish the transaction, at any time during the transaction.

  • Generic, optimistic, and efficient schemes for fair certified email delivery

    Guilin Wang, Feng Bao, Kenji Imamoto, Kouichi Sakurai

    7th International Conference on Information and Communications Security, ICICS 2005  2005年 

     詳細を見る

    開催年月日: 2005年12月

    記述言語:英語  

    開催地:Beijing   国名:中華人民共和国  

    As a value-added service for standard email systems, a certified email scheme allows a sender to deliver a message to a receiver in a fair way in the sense that either the sender obtains a receipt from the receiver and the receiver accesses the content of the email simultaneously, or neither party gets the expected item. In this paper, we first point out some weaknesses in several existing schemes. Then, we present two generic optimistic certified email schemes with transparent TTP. Our schemes are not only fair, but also support timeliness in two flavors: one scheme supports weak timeliness but with stateless TTP, while the other guarantees (strong) timeliness though only supports weak stateless TTP. Technical discussion and comparison are provide to show that our schemes are both secure and efficient, compared with the-state-of-art in this field.

  • Simple power analysis on fast modular reduction with NIST recommended elliptic curves

    Yasuyuki Sakai, Kouichi Sakurai

    7th International Conference on Information and Communications Security, ICICS 2005  2005年12月 

     詳細を見る

    開催年月日: 2005年12月

    記述言語:英語  

    開催地:Beijing   国名:中華人民共和国  

    We discuss side channel leakage from modular reduction for NIST recommended domain parameters. FIPS 186-2 has 5 recommended prime fields. These primes have a special form which is referred to as generalized Mersenne prime. These special form primes facilitate especially efficient implementation. A typical implementation of efficient modular reduction with such primes includes extra reduction. The extra reduction in modular reduction can constitute an information channel on the secret exponent. Several researchers have produced unified code for elliptic point addition and doubling in order to avoid a simple power analysis (SPA). However, Walter showed that SPA still be possible if Montgomery multiplication with extra reduction is implemented within the unified code. In this paper we show SPA on the modular reduction with NIST recommended primes, combining with the unified code for elliptic point operations. As Walter stated, our results also indicate that even if the unified codes are implemented for elliptic point operations, underlying field operations should be implemented in constant time. The unified approach in itself cannot be a countermeasure for side channel attacks.

  • A framework for protecting private information through user-trusted-program and its realizability

    Ken'ichi Takahashi, Kouichi Sakurai, Makoto Amamiya

    EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES  2005年12月 

     詳細を見る

    開催年月日: 2005年12月

    記述言語:英語  

    開催地:Nagasaki   国名:日本国  

    Thanks to the spread of mobile technologies, we will be able to realize the ubiquitous computing environment, in which equipment connected to the Internet assists users in their activities without special care on their part. Then, a function to protect private information is needed. This paper proposes a model for protecting private information. The basic idea of our model is to make use of private information through a program which a user trusts. A user offers a trusted program to a partner and compels a partner to make use of his private information through this program. In this way, a user prevents illegal use of his private information.

  • Reassignment scheme of an RFID tag's key for owner transfer

    Junichiro Saito, Kenji Imamoto, Kouichi Sakurai

    EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES  2005年12月 

     詳細を見る

    開催年月日: 2005年12月

    記述言語:英語  

    開催地:Nagasaki   国名:日本国  

    A Radio-Frequency-Identification (RFID) tag is a small and cheap device which is combined in IC chip and an antenna for radio communications. The RFID tag is used for management of goods and used as a substitute for a bar code. However, RFID system may infringe on a consumer's privacy because it has a strong tracing ability. In this paper, we propose a key change scheme which can prevent previous owner from reading the RFID tag after changing its owner. By using our scheme, previous owner cannot read and trace ID information on the RFID tag. Moreover it is possible to combine other privacy protection scheme with our scheme because our scheme uses only symmetric key cryptography.

  • Program obfuscation scheme using random numbers to complicate control flow

    Tatsuya Toyofuku, Toshihiro Tabata, Kouichi Sakurai

    EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES  2005年12月 

     詳細を見る

    開催年月日: 2005年12月

    記述言語:英語  

    開催地:Nagasaki   国名:日本国  

    For the security technology that has been achieved with software in the computer system and the protection of the intellectual property right of software, software protection technology is necessary. One of those techniques is called obfuscation, which converts program to make analysis difficult while preserving its function. In this paper, we examine the applicability of our program obfuscation scheme to complicate control flow and study the tolerance against program analysis.

  • Group key distribution scheme for reducing required rekey message size

    Ryuzou Nishi, Kouichi Sakurai

    11th International Conference on Parallel and Distributed Systems Workshops, ICPADS 2005  2005年9月 

     詳細を見る

    開催年月日: 2005年7月

    記述言語:英語  

    開催地:Fukuoka   国名:日本国  

    Generally, systems, such as the pay-per-view TV, require secure multi-party communication. In these systems, group key is required, and members participate in and leave from party frequently, so that, group key materials of all members of the network must be updated. Therefore, an approach which tries to distribute a key materials effectively is proposed from Onen-Molva, the approach divides the members of the network into the two sub-groups according to the relative length in the period of the operation of the each member, and the approach uses FEC (Forward Error Correction) and an ARQ (Automatic Repeat reQuest) in the key update to the group of the long network-connection period. There are some issues in their proposal. When the communication quality is good, its efficiency is less, and there is an overhead in the bandwidth. Therefore, we propose an efficient group key distribution method using M-ary coding for a key message without using FEC and an ARQ, and transmitting this in parallel with the non-key message.

  • Query forwarding algorithm supporting initiator anonymity in GNUnet

    Kohei Tatara, Yoshiaki Hori, Kouichi Sakurai

    11th International Conference on Parallel and Distributed Systems Workshops, ICPADS 2005  2005年9月 

     詳細を見る

    開催年月日: 2005年7月

    記述言語:英語  

    開催地:Fukuoka   国名:日本国  

    Anonymity in Peer-to-Peer network means that it is difficult to associate a particular communication with a sender or a recipient. Recently, anonymous Peer-to-Peer framework, called GNUnet, was developed. A primary feature of GNUnet is resistance to traffic-analysis. However, Kügler analyzed a routing protocol in GNUnet, and pointed out traceability of initiator. In this paper, we propose an alternative routing protocol applicable in GNUnet, which is resistant to Kügler's shortcut Attacks.

  • Design and analysis of Diffie-Hellman-based key exchange using one-time ID by SVO logic

    Kenji Imamoto, Kouichi Sakurai

    Proceedings of the Second Workshop on Automated Reasoning for Security Protocol Analysis (ARSPA 2005)  2005年7月 

     詳細を見る

    開催年月日: 2005年7月

    記述言語:英語  

    国名:その他  

    Authenticated key exchange protocols have been developed to establish secure channel on the Internet. In this paper, we consider following attacks against an authenticated key exchange using shared secret: eavesdropping, DoS attack, replay attack, and impersonation. Besides prevention from all these attacks, efficiency is also important. In this paper, we propose a three-party authenticated key exchange protocol based on Diffie-Hellman key exchange with one-time ID, which is a user's extraordinary identity used only once [K. Imamoto, K. Sakurai, Notes on Dynamic Information Management for Authenticated Key Exchange, ISEC, March 2003; H. Krawczyk, The IKE-SIGMA Protocol, Internet Draft, Nov 2001. http://www.ee.technion.ac.il/~hugo/draft-krawczyk-ipsec-ike- sigma-00.txt]. Moreover, we analyze our proposal by SVO Logic, which is one of formal methods to analyze cryptographic protocols [P. Syverson and P. C. van Oorschot. A Unified Cryptographic Protocol Logic. NRL CHAOS Report, 5540-227, 1996; P. Syverson and I. Cervesato. The Logic of Authentication Protocols. FOSAD'00, LNCS2171, pp.63-137, 2001], and show what assumptions are needed.

  • Some remarks on security of receipt-free E-auction

    Yong Sork Her, Kenji Imamoto, Kouichi Sakurai

    3rd International Conference on Information Technology and Applications, ICITA 2005  2005年 

     詳細を見る

    開催年月日: 2005年7月

    記述言語:英語  

    開催地:Sydney   国名:オーストラリア連邦  

    Recently, a receipt-free scheme is rising for a secure e-auction. The goal of a receipt-free scheme in an e-auction is to prevent a bid-rigging. If the bid-rigging happens in the e-auction. the winner can get the bidding item with an unreasonably low price. The first receipt-free scheme tea: the e-auction was proposed by Abe and Suzuki. Chen, Lee and Kim also proposed the extended receipt-free scheme. In this paper, we point out that the proposed receipt-free schemes do nor prevent perfectly the bid-rigging attack. Moreover, we indicate that a bid-collision is a possible cause of an e-auction. In the strict sense, the bid-collusion is different fro m the bid-rigging. In this paper, we do not present the scheme which can prevent the bid-collision attack. We compare the bid-rigging attack with the bid-collusion attack, and analyze the security of the existed receipt-free schemes in a viewpoint of the bidrigging attack and the bid-collusion attack.

  • Grouping proof for RFID tags

    Junichiro Saito, Kouichi Sakurai

    19th International Conference on Advanced Information Networking and Applications, AINA 2005  2005年12月 

     詳細を見る

    開催年月日: 2005年3月

    記述言語:英語  

    開催地:Taipei   国名:台湾  

    An RFID tag is a small and cheap device which is combined in IC chip and an antenna for radio communications. The tag is used for management of goods and its distribution. Moreover it reduces the cost of managements of goods. Howevel; an RFID system has some security problems. Juels proposed a "yoking-proof" which guarantees the existence of two tags [2]. But we point out that this scheme is not secure against a replay attack. In this papel; we propose a scheme which deals with the problem by using time stamp. Moreovel; we propose a scheme which guarantees the existence of a group of RFID tags.

  • Trends and issues for security of home-network based on power line communication

    Ryuzou Nishi, Hitoshi Morioka, Kouichi Sakurai

    19th International Conference on Advanced Information Networking and Applications, AINA 2005  2005年12月 

     詳細を見る

    開催年月日: 2005年3月

    記述言語:英語  

    開催地:Taipei   国名:台湾  

    A home-network is expected to spread now. We considered the security issues on home networks based on power line communication, because these topics have not been sufficiently considered. We discuss the issues, risk and required countermeasures. These issues are categorized into control network, information network, AV network and community network. We also discuss differences on the security between the power line communication and wired-LAN or wireless-LAN.

  • Security analysis of a 2/3-rate double length compression function in the black-box model

    Mridul Nandi, Wonil Lee, Kouichi Sakurai, Sangjin Lee

    12th International Workshop on Fast Software Encryption. FSE 2005  2005年10月 

     詳細を見る

    開催年月日: 2005年2月

    記述言語:英語  

    開催地:Paris   国名:フランス共和国  

    In this paper, we propose a 2/3-rate double length compression function and study its security in the black-box model. We prove that to get a collision attack for the compression function requires Ω(22n/3) queries, where π is the single length output size. Thus, it has better security than a most secure single length compression function. This construction is more efficient than the construction given in [8]. Also the three computations of underlying compression functions can be done in parallel. The proof idea uses a concept of computable message which can be helpful to study security of other constructions like [8], [14], [16] etc.

  • A probabilistic method for detecting anomalous program behavior

    Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

    5th International Workshop on Information Security Applications, WISA 2004  2005年9月 

     詳細を見る

    開催年月日: 2004年8月

    記述言語:英語  

    開催地:Jeju Island   国名:大韓民国  

    In this paper, we, as well as Eskin, Lee, Stolfo propose a method of prediction model. In their method, the program was characterized with both the order and the kind of system calls. We focus on a non-sequential feature of system calls given from a program. We apply a Bayesian network to predicting the N-th system call from the sequence of system calls of the length N - 1. In addition, we show that a correlation between several kinds of system calls can be expressed by using our method, and can characterize a program behavior.

  • Some fitting of naive Bayesian spam filtering for Japanese environment

    Manabu Iwanaga, Toshihiro Tabata, Kouichi Sakurai

    5th International Workshop on Information Security Applications, WISA 2004  2005年9月 

     詳細を見る

    開催年月日: 2004年8月

    記述言語:英語  

    開催地:Jeju Island   国名:大韓民国  

    Bayesian filtering is one of the most famous anti-spam measures. However, there is no standard implementation for treatment of Japanese emails by Bayesian filtering. In this paper, we compare several conceivable ways to treat Japanese emails about tokenizing and corpus separation. In addition, we give experimental results and some knowledge obtained by the experiments.

  • Key-exchange protocol using pre-agreed session-ID

    Kenji Imamoto, Kouichi Sakurai

    5th International Workshop on Information Security Applications, WISA 2004  2005年9月 

     詳細を見る

    開催年月日: 2004年8月

    記述言語:英語  

    開催地:Jeju Island   国名:大韓民国  

    Technical applications for various uses have been proposed in communication technology in recent years. Although especially the Internet and radio communications are used daily it is known that eaves-dropping is easy and the related problem has occurred mostly, especially privacy. In this paper, we introduce Pre-Agreed Session ID (PAS) and formalize a key-exchange protocol using it. PAS is a identification which is a disposable unique value used for every session to protect identity from the attacker. The security notion of identity concealment is formulized in this paper. Moreover, we propose a secure key-exchange protocol using PAS under the cryptographic primitives. Furthermore, we argue about the problems which arise when PAS is introduced.

  • Protecting the electric power infrastructure with a mobile agent monitoring and analysis system

    Michael W. David, Kouichi Sakurai

    Proceedings - 2004 International Conference on Information and Communication Technologies: From Theory to Applications, ICTTA 2004  2004年6月 

     詳細を見る

    開催年月日: 2004年4月

    記述言語:英語  

    開催地:Damascus   国名:シリア・アラブ共和国  

    The protection of electric power infrastructure with a mobile agent monitoring and analysis system are discussed. The Electric Power Research Institute (EPRI) proposes a wide-area, secure communication system to replace use of the Internet for critical monitoring functions. The concept of a Critical Network Infrastructure Analysis Center (CNIAC) is proposed to provide better coordination and dissemination of information, improve incident prevention and detection, database analysis and real time network monitoring and surveillance systems. This use a combination of human analysts supported by mobile agents to continually audit, monitor, assess and protect the networks.

  • A merging method of certification authorities without using cross-certifications

    Satoshi Koga, Kouichi Sakurai

    Proceedings - 18th International Conference on Advanced Information Networking and Applications, AINA 2004  2004年7月 

     詳細を見る

    開催年月日: 2004年3月

    記述言語:英語  

    開催地:Fukuoka   国名:日本国  

    The Public Key Infrastructure (PKI) technology is very important to support secure global electronic commerce and digital communications on networks. In electronic commerce, different PKIs need to be interoperated. Especially, they need to be merged for merger and acquisition of companies. This paper takes a different approach from cross-certification techniques toward merging different PKIs. Our method is to merge the multiple CAs into one. By using our method, the trust model with an efficient path processing can be built in comparison with the traditional merging methods. Then we formalize merging processes and discuss the certification path processing and the operational cost.

  • A design of Diffie-Hellman based key exchange using one-time ID in pre-shared key model

    Kenji Imamoto, Kouichi Sakurai

    Proceedings - 18th International Conference on Advanced Information Networking and Applications, AINA 2004  2004年 

     詳細を見る

    開催年月日: 2004年3月

    記述言語:英語  

    開催地:Fukuoka   国名:日本国  

    To exchange an important information through the Internet, an authenticated key exchange is required. In this paper, we consider the following attacks as the problems of an authenticated key exchange using shared secret: eavesdropping on identity, DoS attack, replay attack, and impersonation. Besides prevention from all these attacks, efficient key exchange should be realized. In this paper, we propose an authenticated key exchange system based on Diffie-Hellman key exchange with One-time ID, which can be used at only once.

  • Evaluation of anti-spam method combining Bayesian filtering and strong challenge and response

    Manabu Iwanaga, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, an d Information Security  2003年12月 

     詳細を見る

    開催年月日: 2003年12月

    記述言語:英語  

    開催地:New York, NY.   国名:アメリカ合衆国  

    Recently, various schemes against spam are proposed because of rapid increasing of spam. Some schemes are based on sender whitelisting with auto registration, a principle that a recipient reads only messages from senders who are registered by the recipient, and a sender have to perform some procedure to be registered (challenge-response.) In these schemes, some exceptions are required to show error mail to a sender of an original message. However, spammers can abuse this exception to send spam to users. We have proposed improved scheme in [1], combining challenge-response and Bayesian filtering. In this paper, we make tests on our scheme and a scheme using only Bayesian filtering to show efficiency of our scheme.

  • Evaluation of obfuscation scheme focusing on calling relationships of fields and methods in methods

    Kazuhide Fukushima, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, an d Information Security  2003年 

     詳細を見る

    開催年月日: 2003年12月

    記述言語:英語  

    開催地:New York, NY.   国名:アメリカ合衆国  

    Recently, Java has been spread widely. However, Java has a problem that an attacker can reconstruct Java source codes from Java classfiles. Therefore many techniques for protecting Java software have been proposed, but, quantitive security evaluations are not fully given. This paper proposes an obfuscation scheme for Java source codes by destructing the encapsulation. In addition, we propose an evaluation scheme on the number of accesses to the fields and the methods of the other classes. We try to realize tamper-resistant software with the certain quantitive basis of security using our evaluation.

  • On the security of SELinux with a simplified policy

    Katsuya Sueyasu, Toshihiro Tabata, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, an d Information Security  2003年12月 

     詳細を見る

    開催年月日: 2003年12月

    記述言語:英語  

    開催地:New York, NY.   国名:アメリカ合衆国  

    Security-Enhanced Linux (SELinux) is a secure operating system. SELinux implements some features in order to perform strong access control. However, the configuration of SELinux access control becomes very complex. Such complexity may cause misconfiguration which can harm the strong access control. SELinux Policy Editor is a configuration tool for SELinux. It is developed in order to reduce the complexity and the risk of misconfiguration. As a part of its support of configuration, this tool simplifies the configuration of SELinux by integrating configuration items for complicated access control policy of SELinux. Although we can originally define and use macros which integrate permissions in SELinux access control policy, the integrated permissions of SELinux Policy Editor and the macros differ fundamentally in whether the use of them is mandatory or discretionary. In this paper, we examine effects of the simplification by SELinux Policy Editor on an example access control policy and evaluate the security of the access control based on the simplified policy about Apache, a web server software.

  • Mobile agent based security monitoring and analysis for the electric power infrastructure

    Michael W. David, Kouichi Sakurai

    Proceedings of the IASTED International Conference on Communication, Network, an d Information Security  2003年12月 

     詳細を見る

    開催年月日: 2003年12月

    記述言語:英語  

    開催地:New York, NY.   国名:アメリカ合衆国  

    This paper proposes a concept designed to support the US Computer Emergency Response Team (US-CERT) and the National Infrastructure Protection Center's (NIPC) Indications, Analysis & Warning (IAW) program. It recommends methodologies and an infrastructure to enhance the reporting of cyber incidents affecting critical network infrastructure (CM) like electric power. It is not designed to deal with the physical power generation and transmission infrastructure, but the security and integrity of the information/data networks, which helps control, monitor and manage it. Our approach is to use distributed mobile agents to integrate security policy, intrusion prevention, intrusion detection and attack/failure analysis activities into a mutually supporting infrastructure. We tentatively call this a Critical Network Infrastructure Analysis Center (CNIAC), and suggest one for the Information Sharing and Analysis Center (ISAC) for the electric power grid, the North American Reliability Council (NERC) and its interface with the regional Independent Systems Operators (ISO) and Regional Transmission Organizations (RTO). We propose an electric power mobile agent system (EPMAS) be designed to support secure communications interface, update security policy, collect and audit IDS related data and provide status reports.

  • Proxy certificates-based digital fingerprinting scheme for mobile communication

    Jae Gwi Choi, Kouichi Sakurai, Ji Hwan Park

    Proceedings: 37th Annual 2003 International Carnahan Conference on Security Technology  2003年12月 

     詳細を見る

    開催年月日: 2003年10月

    記述言語:英語  

    開催地:Taipei   国名:台湾  

    Protection of intellectual property in digital contents has been a subject of research for many years and led to the development of various techniques. Digital fingerprinting scheme is an important class of these techniques. The goal of fingerprinting scheme is to deter people from illegally redistributing digital data. But, the problem of known anonymous fingerprinting schemes is that, being based on computationally unspecified black boxes: Secure multiparty computation or minimum disclosure proofs of knowledge. Their complexity is much too high to be implemental in real application. Still less, buyer's memory and computation power is very small in mobile communication. In this paper, we present an anonymous fingerprinting scheme for mobile communication using mobile agent, which is efficient and feasible from a practical view. The basic primitive used is a proxy certificates. Our proposal satisfies that (1) only the buyer can know the fingerprinted copy however the mobile agent executes its computations instead of him/her, and (2) it reduces amount of the buyer's computations to the minimum and risk about exposure of the buyer's private information which will be occurred owing to delegation.

  • Secure identity authentication and logical access control for airport information systems

    M. W. David, G. A. Hussein, Kouichi Sakurai

    Proceedings: 37th Annual 2003 International Carnahan Conference on Security Technology  2003年12月 

     詳細を見る

    開催年月日: 2003年10月

    記述言語:英語  

    開催地:Taipei   国名:台湾  

    The development an identity authentification system by a contactless smart card (CSC) for airport information system is discussed. Proper identification of cardholder with reliable data securely stored in a CSC provides a means to validate and audit access into a computer or communications network. For authenticating the user, the smart card is positioned onto a reader/writer, the stored file of the encrypted biometric template is retrieved, and then the identity verification process starts with placing the user's biometric feature on the scanner. The use of multiple biometric features would allow the selection of services and applications to fit the security, economic and social needs of the specific subsystem and its environment.

  • A multiple power analysis breaks the advanced version of the randomized addition-subtraction chains countermeasure against side channel attacks

    K. Okeya, Kouichi Sakurai

    2003 IEEE Information Theory Workshop, ITW 2003  2003年 

     詳細を見る

    開催年月日: 2003年3月 - 2003年4月

    記述言語:英語  

    開催地:Paris   国名:フランス共和国  

    We show that the advanced version of the randomized addition-subtraction chains countermeasure against side channel attacks is vulnerable to a multiple power analysis attack, a new kind of side channel attack, under distinguishability between addition and doubling. The side channel attack takes advantage of information leaked during execution of a cryptographic procedure. The randomized addition-subtraction chains countermeasure was proposed by E. Oswald and M. Aigner (see Lect. Notes in Comp. Sci., vol.2162, p.39-50, 2001), and is based on a random decision inserted into computations. The countermeasure has two versions; the basic version and the advanced version. The basic version has been proved to be vulnerable to a side channel attack. This is due to a shrinkage of states for randomization if a bit of the secret scalar is zero. However, the advanced version does not have such a shrinkage. The multiple power analysis uses plural AD sequences, which are sequences of additions and doublings, and obtained by the distinguishability and measurements. The multiple power analysis relates the AD sequences to each other, and deduces the secret scalar. A point of the multiple power analysis against the advanced version is that two different states are combined, and regarded as the same state. This provides a shrinkage of states if a bit of the secret scalar is zero.

  • Combating cyber terrorism Countering cyber terrorist advantages of surprise and anonymity

    M. W. David, Kouichi Sakurai

    17th International Conference on Advanced Information Networking and Applications, AINA 2003  2003年1月 

     詳細を見る

    開催年月日: 2003年3月

    記述言語:英語  

    開催地:Xi'an   国名:中華人民共和国  

    The paper proposes ways to counter the cyber terrorist (CT) advantages of surprise and anonymity. It recommends the creation of a Cyberint Analysis Center to develop and evaluate methods to improve the ability to detect, identify and deter cyber terrorist attacks. It also proposes ways to implement responsible, accountable and identifiable use of the Internet, and deny anonymity to the attackers.

  • A certified E-mail system with receiver’s selective usage of delivery authority

    Kenji Imamoto, Kouichi Sakurai

    3rd International Conference on Cryptology in India, INDOCRYPT 2002  2002年1月 

     詳細を見る

    開催年月日: 2002年12月

    記述言語:英語  

    開催地:Hyderabad   国名:インド  

    Certified E-mail can be divided into an on-line protocol an optimistic protocol by the usage of a third party. We call this party “Delivery Authority”. An on-line protocol can realize send-and-forget. There is a drawback, however, that the cost to Delivery Authority becomes large, because users surely access Delivery Authority in the middle of a protocol. On the other hand, when an optimistic protocol is used, there is little cost to Delivery Authority because users access Delivery Authority only in case a problem occurs, however, send-and-forget is unrealizable. Each protocol may be inconvenient depending on the situation. In the conventional system, however, a sender selects which protocol to use depending on a sender’s convenience. In this paper, we propose the new system having both our proposed on-line protocol and optimistic protocol a receiver can choose freely. By this mechanism, a receiver can choose the usage of Delivery Authority freely according to that time after taking the necessity and the situation of Delivery Authority and the sender into consideration.

  • Risks with raw-key masking – The security evaluation of 2-key XCBC

    Soichi Furuya, Kouichi Sakurai

    4th International Conference on Information and Communications Security, ICICS 2002  2002年1月 

     詳細を見る

    開催年月日: 2002年12月

    記述言語:英語  

    開催地:Singapore   国名:シンガポール共和国  

    There are extensive researches on how CBC-MAC can be modified in order to efficiently deal with messages of arbitrary lengths. Based on the three-key construction of XCBC by Black and Rogaway, Moriai and Imai improved the scheme and proposed an optimally efficient CBC-MAC variants with two key materials, that is called 2-key XCBC. They give a proof of the security in the same manner as 3-key XCBC. In this paper, we study 2-key XCBC, and discuss the security of 2-key XCBC used with real replacement to an ideal PRP. We show (1) a forgery based on the raw-key masking technique used in 2-key XCBC for a particular instance where Even-Mansour PRP construction is used, and (2) an attack that violates the provable security of DESX construction. Therefore, the raw-key masking technique, which is the core improvement of 2-key CBC, must be avoided unless an overall implementation is considered in detail. Moreover, we discuss 2-key XCBC with two promising real block ciphers AES and Camellia and note important security consideration concerning their uses with 2-key XCBC.

  • Algorithms for efficient simultaneous elliptic scalar multiplication with reduced joint hamming weight representation of scalars

    Yasuyuki Sakai, Kouichi Sakurai

    5th International Conference on Information Security, ISC 2002  2002年1月 

     詳細を見る

    開催年月日: 2002年9月 - 2002年10月

    記述言語:英語  

    開催地:Sao Paulo   国名:ブラジル連邦共和国  

    The computational performance of cryptographic protocols using an elliptic curve strongly depends on the efficiency of the scalar multiplication. Some elliptic curve based cryptographic protocols, such as signature verification, require computation of multi scalar multiplications of kP + lQ, where P and Q are points on an elliptic curve. An efficient way to compute kP + lQ is to compute two scalar multiplications simultaneously, rather than computing each scalar multiplication separately. We introduce new efficient algorithms for simultaneous scalar multiplication on an elliptic curve. We also give a detailed analysis of the computational efficiency of our proposed algorithms.

  • A second-order DPA attack breaks a window-method based countermeasure against side channel attacks

    Katsuyuki Okeya, Kouichi Sakurai

    5th International Conference on Information Security, ISC 2002  2002年 

     詳細を見る

    開催年月日: 2002年9月 - 2002年10月

    記述言語:英語  

    開催地:Sao Paulo   国名:ブラジル連邦共和国  

    Möller proposed a countermeasure using window method against side channel attacks. However, its immunity to side channel attacks is still controversial. In this paper, we show Möller’s countermeasure is vulnerable to a second-order differential power analysis attack. A side channel attackis an attackthat takes advantage of information leaked during execution of a cryptographic procedure. An nth-order differential power analysis attackis the side channel attackwhic h uses n different leaked data that correspond to n different intermediate values during the execution. Our proposed attackagainst Möller’s countermeasure finds out the use of same elliptic points, and restricts candidates of the secret scalar value. In these circumstances, the attackcompletely detects the scalar value using Baby-Step-Giant-Step method as a directcomputational attack. For a 160-bit scalar value, the proposed attack restricts the number of candidates of the scalar to a 45-bit integer, and the direct-computational attackcan actually detect the scalar value. Besides, we improve Möller’s countermeasure to prevent the proposed attack. We compare the original method and improved countermeasure in terms of the computational intractability and the computational cost of the scalar multiplication.

  • On insecurity of the side channel attack countermeasure using addition-subtraction chains under distinguishability between addition and doubling

    Katsuyuki Okeya, Kouichi Sakurai

    7th Australasian Conference on Information Security and Privacy, ACISP 2002  2002年 

     詳細を見る

    開催年月日: 2002年7月

    記述言語:英語  

    開催地:Melbourne   国名:オーストラリア連邦  

    We show that a randomized addition-subtraction chains countermeasure against side channel attacks is vulnerable to SPA attack, a kind of side channel attack, under distinguishability between addition and doubling. A side channel attackis an attackthat takes advantage of information leaked during execution of a cryptographic procedure. The randomized addition-subtraction chains countermeasure has been proposed by Oswald-Aigner, and is a random decision inserted into computations. However, its immunity to side channel attacks is still controversial. As for timing attack, a kind of side channel attack, the randomized addition-subtraction chains countermeasure is also vulnerable. Moreover, compared with other countermeasures against side channel attacks, the randomized addition-subtraction chains countermeasure, after being improved to prevent side channel attacks, is much slower.

  • On the security of a modified paillier public-key primitive

    Kouichi Sakurai, Tsuyoshi Takagi

    7th Australasian Conference on Information Security and Privacy, ACISP 2002  2002年 

     詳細を見る

    開催年月日: 2002年7月

    記述言語:英語  

    開催地:Melbourne   国名:オーストラリア連邦  

    Choi et al. proposed the modified Paillier cryptosystem (M-Paillier cryptosystem). They use a special public-key g ∈ ZZ/nZZ such that gϕ(n) = 1+n mod n2, where n is the RSA modulus. The distribution of the public key g is different from that of the original one. In this paper, we study the security of the usage of the public key. Firstly, we prove that the one-wayness of the M-Paillier cryptosystem is as intractable as factoring the modulus n, if the public key g can be generated only by the public modulus n. Secondly, we prove that the oracle that can generate the public-key factors the modulus n. Thus the public keys cannot be generated without knowing the factoring of n. The Paillier cryptosystem can use the public key g = 1+n, which is generated only from the public modulus n. Thirdly, we propose a chosen ciphertext attack against the M-Paillier cryptosystem. Our attack can factor the modulus n by only one query to the decryption oracle. This type of total breaking attack has not been reported for the original Paillier cryptosystem. Finally, we discuss the relationship between the M-Paillier cryptosystem and the Okamoto-Uchiyama scheme.

  • New semantically secure public-key cryptosystems from the rsa-primitive

    Kouichi Sakurai, Tsuyoshi Takagi

    5th International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2002  2002年1月 

     詳細を見る

    開催年月日: 2002年2月

    記述言語:英語  

    開催地:Paris   国名:フランス共和国  

    We analyze the security of the simplified Paillier (S-Paillier) cryptosystem, which was proposed by Catalano et al. We prove that the one-wayness of the S-Paillier scheme is as intractable as the standard RSA problem. We also prove that an adversary, which breaks the semantic security, can compute the least significant bits of the nonce. This observation is interesting, because the least significant bit of the nonce is the hard core bit of the encryption function. Moreover, we proposed a novel semantically secure cryptosystem, based on the one-way function fe,n MSBZ ( l ) (r) = (r−MSBl(r))emod n, where (e, n) is the RSA public-key and r −MSBl(r) means that the l most significant bits of r are zeroed. We proved that the one-wayness of the proposed scheme is as intractable as the standard RSA problem. An adversary, which breaks the semantic security of the proposed scheme, can break the least significant bits of the nonce. These security results of the proposed scheme are similar to those of the S-Paillier cryptosystem. However, the proposed scheme is more efficient than the S-Paillier cryptosystem.

  • An IND-CCA2 public-key cryptosystem with fast decryption

    Johannes Buchmann, Kouichi Sakurai, Tsuyoshi Takagi

    4th International Conference on Information Security and Cryptology, ICISC 2001  2002年1月 

     詳細を見る

    開催年月日: 2001年12月

    記述言語:英語  

    開催地:Seoul   国名:大韓民国  

    We propose an IND-CCA2 public-key cryptosystem with fast decryption, called the NICE-X cryptosystem. Its decryption time is the polynomial time of degree 2 by the bit-length of a public-key D, i.e., O((log |D|)2), and the cost of two hash functions. The NICE-X is an enhancement of the NICE cryptosystem, which is constructed over the quadratic class group Cl(D). We first show that the one-wayness of the encryption of the NICE cryptosystem is as intractable as the Smallest Kernel Equivalent Problem (SKEP). We also prove that the NICE cryptosystem is IND-CPA under the Decisional Kernel Problem (DKP). Then we prove that the NICE-X cryptosystem is IND-CCA2 under the SKEP in the random oracle model. Indeed, the overhead of the decryption of the NICE-X from the NICE is only the cost of one ideal multiplication and two hash functions. Our conversion technique from the NICE to the NICE-X is based on the REACT. However we modify it to be suitable for the NICE. A message of the NICE-X is encrypted with the random mask of the encryption function of the NICE, instead of the encrypted key. Then the reduced security problem of the NICE-X is enhanced from the Gap-SKEP to the SKEP.

  • A fast scalar multiplication method with randomized projective coordinates on a Montgomery-form elliptic curve secure against side channel attacks

    Katsuyuki Okeya, Kunihiko Miyazaki, Kouichi Sakurai

    4th International Conference on Information Security and Cryptology, ICISC 2001  2002年 

     詳細を見る

    開催年月日: 2001年12月

    記述言語:英語  

    開催地:Seoul   国名:大韓民国  

    In this paper, we propose a scalar multiplication method that does not incur a higher computational cost for randomized projective coordinates of the Montgomery form of elliptic curves. A randomized projective coordinates method is a countermeasure against side channel attacks on an elliptic curve cryptosystem in which an attacker cannot predict the appearance of a specific value because the coordinates have been randomized. However, because of this randomization, we cannot assume the Z-coordinate to be 1. Thus, the computational cost increases by multiplications of Z-coordinates, 10%. Our results clarify the advantages of cryptographic usage of Montgomery-form elliptic curves in constrained environments such as mobile devices and smart cards.

  • Design and analysis of fast provably secure public-key cryptosystems based on a modular squaring

    Mototsugu Nishioka, Hisayoshi Satoh, Kouichi Sakurai

    4th International Conference on Information Security and Cryptology, ICISC 2001  2002年1月 

     詳細を見る

    開催年月日: 2001年12月

    記述言語:英語  

    開催地:Seoul   国名:大韓民国  

    We design a provably secure public-key encryption scheme based on modular squaring (Rabin’s public-key encryption scheme [28]) over ZN, where N = pdq (p and q are prime integers, and d > 1), and we show that this scheme is extremely faster than the existing provably secure schemes. Security of our scheme is enhanced by the original OAEP padding scheme [3]. While Boneh presents two padding schemes that are simplified OAEP, and applies them to design provably secure Rabin-based schemes (Rabin-SAEP, Rabin-SAEP+), no previous works explores Rabin-OAEP. We gives the exact argument of security of our OAEP-based scheme. For speeding up our scheme, we develop a new technique of fast decryption, which is a modification of Takagi’s method for RSA-type scheme with N = pdq [31]. Takagi’s method uses Chinese Remainder Theorem (CRT), whereas our decryption requires no CRTlike computation. We also compare our scheme to existing factoringbased schemes including RSA-OAEP, Rabin-SAEP and Rabin-SAEP+. Furthermore, we consider the (future) hardness of the integer-factoring: N = pdq vs. N = pq for large size of N.

  • On the power of multidoubling in speeding up elliptic scalar multiplication

    Yasuyuki Sakai, Kouichi Sakurai

    8th Annual International Workshop on Selected Areas in Cryptography, SAC 2001  2001年 

     詳細を見る

    開催年月日: 2001年8月

    記述言語:英語  

    開催地:Toronto   国名:カナダ  

    We discuss multidoubling methods for efficient elliptic scalar multiplication. The methods allows computation of 2kP directly from P without computing the intermediate points, where P denotes a randomly selected point on an elliptic curve. We introduce algorithms for elliptic curves with Montgomery form and Weierstrass form defined over finite fields with characteristic greater than 3 in terms of affine coordinates. These algorithms are faster than k repeated doublings. Moreover, we apply the algorithms to scalar multiplication on elliptic curves and analyze computational complexity. As a result of our implementation with respect to the Montgomery and Weierstrass forms in terms of affine coordinates, we achieved running time reduced by 28% and 31%, respectively, in the scalar multiplication of an elliptic curve of size 160-bit over finite fields with characteristic greater than 3.

  • Efficient elliptic curve cryptosystems from a scalar multiplication algorithm with recovery of the y-coordinate on a montgomery-form elliptic curve

    Katsuyuki Okeya, Kouichi Sakurai

    3rd International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2001  2001年 

     詳細を見る

    開催年月日: 2001年5月

    記述言語:英語  

    開催地:Paris   国名:フランス共和国  

    We present a scalar multiplication algorithm with recovery of the y-coordinate on a Montgomery form elliptic curve over any nonbinary field. The previous algorithms for scalar multiplication on a Montgomery form do not consider how to recover the y-coordinate. So although they can be applicable to certain restricted schemes (e.g. ECDH and ECDSA-S), some schemes (e.g. ECDSA-V and MQV) require scalar multiplication with recovery of the y-coordinate. We compare our proposed scalar multiplication algorithm with the traditional scalar multiplication algorithms (including Window-methods in Weierstrass form), and discuss the Montgomery form versus the Weierstrass form in the performance of implementations with several techniques of elliptic curve cryptosystems (including ECES, ECDSA, and ECMQV). Our results clarify the advantage of the cryptographic usage of Montgomery-form elliptic curves in constrained environments such as mobile devices and smart cards.

  • Power analysis breaks elliptic curve cryptosystems even secure against the timing attack

    Katsuyuki Okeya, Kouichi Sakurai

    1st International Conference in Cryptology in India, INDOCRYPT 2000  2000年1月 

     詳細を見る

    開催年月日: 2000年12月

    記述言語:英語  

    開催地:Calcutta   国名:インド  

    We apply power analysis on known elliptic curve cryptosystems, and consider an exact implementation of scalar multiplication on elliptic curves for resisting against power attacks. Our proposed algorithm does not decrease the computational performance compared to the conventional scalar multiplication algorithm, whereas previous methods did cost the performance or fail to protect against power analysis attacks.

  • An anonymous electronic bidding protocol Based on a new convertible group signature scheme-on the importance of hiding the winner’s identity against bid-rigging-

    Kouichi Sakurai, Shingo Miyazaki

    5th Australasian Conference on Information Security and Privacy, ACISP 2000  2000年1月 

     詳細を見る

    開催年月日: 2000年7月

    記述言語:英語  

    開催地:Brisbane   国名:オーストラリア連邦  

    We propose an electronic auction scheme satisfying that (i) a group of colluding bidders cannot control the contract price arbitrarily, (ii) all prices of bidders except the winner are never revealed to anyone (even to the auction house), and (iii) only the auction house recognizes the winner’s identity, while the other losers can verify the fact that the winner belongs to the advanced registered group. Our scheme does not rely on an anonymous channel nor a trusted third center. Our system can be implemented only with the public-key technology and cryptographic hash functions and all bidders can verify the validity of process for determining a winner via a public bulletin board. To achieve stronger anonymity of the winner, we develop a new variant of convertible undeniable group signatures. In our designed signature scheme, the convertibility has two phases: one is convertible from online to off-line in verification-stage, and the other is convertible from individual to group.

  • Efficient scalar multiplications on elliptic curves without repeated doublings and their practical performance

    Yasuyuki Sakai, Kouichi Sakurai

    5th Australasian Conference on Information Security and Privacy, ACISP 2000  2000年1月 

     詳細を見る

    開催年月日: 2000年7月

    記述言語:英語  

    開催地:Brisbane   国名:オーストラリア連邦  

    We introduce efficient algorithms for scalar multiplication on elliptic curves defined over 1Fp. The algorithms compute 2fc P directly from P, where P is a random point on an elliptic curve, without computing the intermediate points, which is faster than k repeated doublings. Moreover, we apply the algorithms to scalar multiplication on elliptic curves, and analyze their computational complexity. As a result of their implementation with respect to affine (resp. weighted projective) coordinates, we achieved an increased performance factor of 1.45 (45%) (resp. 1.15 (15%)) in the scalar multiplication of the elliptic curve of size 160bit.

  • On zero-knowledge proofs "From membership to decision" (extended abstract)

    Giovanni Di Crescenzo, Kouichi Sakurai, Moti Yung

    32nd Annual ACM Symposium on Theory of Computing, STOC 2000  2000年12月 

     詳細を見る

    開催年月日: 2000年5月

    記述言語:英語  

    開催地:Portland, OR   国名:アメリカ合衆国  

    "Zero-knowledge proofs of membership" are methods for proving that a string x is in a language L without revealing any additional information. This is a fundamental notion that has proven to be useful and applicable in many settings. Two main variants have been considered in the literature. The first, "zero-knowledge proofs of decision power", consists of methods for proving the knowledge of whether a string x is in a language L or not without revealing any additional information. The second, "result- indistinguishable zero-knowledge proofs of decision", consists of methods for transfering whether a string x is in a language L or not without revealing any additional information. Due to the quite stringent definitions of these two variants, it seemed that the class of languages having zero-knowledge proofs of membership was not as large as any of the classes of languages having zero-knowledge protocols in these two models. In this paper we give strong indications that this may not be the case. Our main result is that any language having what we call "meet-the challenge" game as a perfect (statistical) zk proof of membership, has also such a perfect (statistical) zk proof in the two "decision proof" models. This can be extended to prove, among other things, that honest-verifier statistical zk proof of membership for a language implies a honest-verifier statistical zk protocol in the two "decision" models. Technically, we introduce new protocol techniques, such as "language-based coin flipping protocols" that may have other applications.

  • Making hash functions from block ciphers secure and efficient by using convolutional codes

    Toru Inoue, Kouichi Sakurai

    3rd International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2000  2000年1月 

     詳細を見る

    開催年月日: 2000年1月

    記述言語:英語  

    開催地:Melbourne   国名:オーストラリア連邦  

    We improve Knudsen-Preneel's constructions for cryptographic hash functions based on block ciphers with error correcting codes. We first modify to extend original constructions, which are effective only for non-binary codes, to the case with binary codes (e.g. BCH codes). We also revise the original method by introducing convolutional codes, whereas the previous adapts only block codes. This reduces the circuit complexity of the hardware-implementation 1/N times in terms of the number of (Davies-Meyer's) module functions than that based block error correcting codes.

  • Elliptic curves with the montgomery-form and their cryptographic applications

    Katsuyuki Okeya, Hiroyuki Kurumatani, Kouichi Sakurai

    3rd International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2000  2000年 

     詳細を見る

    開催年月日: 2000年1月

    記述言語:英語  

    開催地:Melbourne   国名:オーストラリア連邦  

    We show that the elliptic curve cryptosystems based on the Montgomery-form EM: BY2 = X3+ AX2 +X are immune to the timing-attacks by using our technique of randomized projective coordinates, while Montgomery originally introduced this type of curves for speeding up the Pollard and Elliptic Curve Methods of integer factorization [Math. Comp. Vol.48, No.177, (1987) pp.243-264]. However, it should be noted that not all the elliptic curves have the Montgomery-form, because the order of any elliptic curve with the Montgomery-form is divisible by “4”. Whereas recent ECC-standards [NIST,SEC-1] recommend that the cofactor of elliptic curve should be no greater than 4 for cryptographic applications. Therefore, we present an efficient algorithm for generating Montgomery-form elliptic curve whose cofactor is exactly “4”. Finally, we give the exact consition on the elliptic curves whether they can be represented as a Montgomery-form or not. We consider divisibility by “8” for Montgomery-form elliptic curves. We implement the proposed algorithm and give some numerical examples obtained by this.

  • A hardware-oriented algorithm for computing in Jacobians and its implementation for hyperelliptic curve cryptosystems

    Tetsuya Tamura, Kouichi Sakurai, Tsutomu Matsumoto

    2nd International Conference on Information Security and Cryptology, ICISC 1999  2000年1月 

     詳細を見る

    開催年月日: 1999年12月

    記述言語:英語  

    開催地:Seoul   国名:大韓民国  

    In this paper, we present algorithms, suitable for hardware implementation, for computation in the Jacobian of a hyperelliptic curve defined over GF(2n). We take curves of genus 3 and 6, designed by using 0.27- um CMOS gate array technology, and estimate the number of multiplication operations and the size and speed of hardware based on the proposed algorithm. It is shown that hardware for genus 6 curves computes an addition (resp. doubling) operation in 100 (resp. 29) clock cycles and can work at clock frequencies of up to 83 MHz We also compare a hyperelliptic curve cryptosystem with RSA and elliptic curve cryptosystems from the viewpoint of hardware implementation.

  • Over Fp vs. Over F2n and on pentium vs. on alpha in software implementation of hyperelliptic curve cryptosystems

    Yasuyuki Sakai, Kouichi Sakurai

    2nd International Conference on Information Security and Cryptology, ICISC 1999  2000年1月 

     詳細を見る

    開催年月日: 1999年12月

    記述言語:英語  

    開催地:Seoul   国名:大韓民国  

    We consider the performance of hyperelliptic curve cryptosystems over the fields Fp vs. F2n. We analyze the complexity of the group law of the Jacobians JC(Fp) and JC(F2n) and compare their performance taking into consideration the effiectiveness of the word size (32- bit or 64-bit) of the applied CPU (Alpha and Pentium) on the arithmetic of the definition field. Our experimental results show that JC(F2n) is faster than JC(Fp) on an Alpha, whereas JC(Fp) is faster than JC(F2n) on a Pentium. Moreover, we investigate the algorithm of the Jacobian and the definition-field arithmetic to clarify our results from a practical point of view, with theoretical analysis.

  • On threshold RSA-signing with no dealer

    Shingo Miyazaki, Kouichi Sakurai, Moti Yung

    2nd International Conference on Information Security and Cryptology, ICISC 1999  2000年1月 

     詳細を見る

    開催年月日: 1999年12月

    記述言語:英語  

    開催地:Seoul   国名:大韓民国  

    We consider methods for threshold RSA decryption among distributed agencies without any dealer or trusted party. We present two methods: One is based on the previous two techniques by [FMY98] and [FGMY97]. It demonstrates the feasibility of combining the distributed key generation and the RSA secure function application. The other method [MS99] is newly developed technique based on [FMY98] and further inspired by Simmons’ protocol-failure of RSA (we believe that it is very interesting that a “protocol failure attack” be turned into a constructive method!). The latter requires less “distributed computation” as the key is being set up and it can be more smoothly incorporated into the existing distributed key generation techniques.

  • Toward fair international key escrow An attempt by distributed trusted third agencies with threshold cryptography

    Shingo Miyazaki, Ikuko Kuroda, Kouichi Sakurai

    2nd International Workshop on Practice and Theory in Public Key Cryptography, PKC 1999  1999年 

     詳細を見る

    開催年月日: 1999年3月

    記述言語:英語  

    開催地:Kamakura   国名:日本国  

    We consider key escrow system for international communication between multiple domains with different policies. In intercepting international communications between two domains serious problems on unfairness may arise when one government has not authorized the message interception in legal. We solve this problem by incorporating a mechanism that allows message interception by law enforcement parties subject to the consent of both governments involved in the communication. That mechanism involves the establishment of an independent International Trusted Third Party (ITTP) that has the ultimate authority to check of the security policies of each country and permit or deny the interception of international messages. We present a scheme with multiple Diffie-Hellman type key distribution protocoland the ITTP copes with only the secret-key corresponding to its own public-key. We can also make the ITTP “multiple”, and we apply recent developed techniques on distributed (threshold) cryptography to our multiple ITTPs. Thus, the establishment and control of an international trusted third party can done with incorporating by each governments.

  • Checking programs discreetly Demonstrating result-correctness efficiently while concealing it

    Giovanni Di Crescenzo, Kouichi Sakurai, Moti Yung

    9th Annual International Symposium on Algorithms and Computation, ISAAC'98  1998年12月 

     詳細を見る

    開催年月日: 1998年12月

    記述言語:英語  

    開催地:Taejon   国名:大韓民国  

    We formalize and investigate a model for zero-knowledge proofs of "program result-correctness", which naturally extends Blum's theory of program checking by adding zero-knowledge requirements. The zero-knowledge requirements are universal for yes and no instances alike.

  • Design of hyperelliptic cryptosystems in small characteristic and a software implementation over F2n

    Yasuyuki Sakai, Kouichi Sakurai

    4th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 1998  1998年1月 

     詳細を見る

    開催年月日: 1998年10月

    記述言語:英語  

    開催地:Beijing   国名:中華人民共和国  

    We investigate the discrete logarithm problem over jacobians of hyperelliptic curves suitable for public-key cryptosystems. We focus on the case when the definition field has small characteristic 2, 3, 5 and 7, then we present hyperelliptic cryptosystems that resist against all known attacks. We further implement our designed hyperelliptic cryptosystems over finite fields F2n in software on Alpha and Pentium-II computers. Our results indicate that if we choose curves carefully, hyperelliptic cryp-tosystems do have practical performance.

  • Result-indistinguishable zero-knowledge proofs Increased power and constant-round protocols

    Giovanni Di Crescenzo, Kouichi Sakurai, Moti Yung

    15th Annual Symposium on Theoretical Aspects of Computer Science, STACS 98  1998年12月 

     詳細を見る

    開催年月日: 1998年2月

    記述言語:英語  

    開催地:Paris   国名:フランス共和国  

    We investigate result-indistinguishable perfect zero-knowledge proof systems [8] for "transferring the decision of whether the membership of an input in a language is true or not". Previously only a single number-theoretic language was known to have such a proof system and possible extensions were left as an open question. We show that all known random self-reducible languages (e.g., graph isomorphism, quadratic residuosity, discrete log) and compositions over them have such systems. We also consider techniques for constant-round protocols for these languages in this model, and obtain a 5 round protocol scheme.

  • A more efficient untraceable e-cash system with partially blind signatures based on the discrete logarithm problem

    Shingo Miyazaki, Kouichi Sakurai

    2nd International Conference on Financial Cryptography, FC 1998  1998年1月 

     詳細を見る

    開催年月日: 1998年2月

    記述言語:英語  

    開催地:British West Indies   国名:アンギラ  

    We propose a new untraceable electronic money system based on the discrete logarithm problem. Our system improves the efficiency of Yacobi's E-money system by making the applied blind signature partial. We compare our system to the previous e-money systems which use the E1Gamal-type scheme in their tracing a double-spender. We also remark a double-registration problem on a digital cash system, recently presented in [Nguyen-Mu-Varadharajan, in Information Security Workshop'97], based on the blind Nyberg-Rueppel signature.

  • Secure hyperelliptic cryptosystems and their performance

    Yasuyuki Sakai, Kouichi Sakurai, Hirokazu Ishizuka

    1st International Workshop on Practice and Theory in Public Key Cryptography, PKC 1998  1998年1月 

     詳細を見る

    開催年月日: 1998年2月

    記述言語:英語  

    開催地:Pacifico Yokohama   国名:日本国  

    We investigate the discrete logarithm problem over jacobian varieties of hypereUiptic curves suitable for public-key cryptosysterns, and clarify practical advantages of hyperelliptic cryptosystems compared to the elliptic cryptosystems and to RSA. We focus on the curves defined over the ground field of characteristic 2, and we present hyperelliptic cryptosystems from the jacobian associated with curves[Formula Presented]of genus g=3 and 11, which are secure against the known attacks. We further discuss the efficiency in implementation of such secure hyperelliptic cryptosystems.

  • Security issues for contactless smart cards

    Michael W. David, Kouichi Sakurai

    1st International Workshop on Practice and Theory in Public Key Cryptography, PKC 1998  1998年1月 

     詳細を見る

    開催年月日: 1998年2月

    記述言語:英語  

    開催地:Pacifico Yokohama   国名:日本国  

    We review the current technologies of contactless smart cards and compare them with contact cards. We discuss the problems of implementing encryption in contactless cards, and consider how to solve the problems. We also report the state of standardization of contactless smart card.

  • On-line versus off-line in money-making strategies with brokerage

    Eisuke Dannoura, Kouichi Sakurai

    8th Annual International Symposium on Algorithms and Computation, ISAAC 1997  1997年1月 

     詳細を見る

    開催年月日: 1997年12月

    記述言語:英語  

    開催地:Singapore   国名:シンガポール共和国  

    We investigate on-line strategies for money-making trading with brokerage, while competitive algorithms without considering the costs of exchanging are investigated in [R.E1-Yaniv, A.Fiat, R.Karp, and G.Turpin, Proc. of FOCS, (1992)]. We first give the optimal off-line algorithm for the (bidirectional) conversion problem with brokerage. Next, we design an on-line algorithm, which is a combination of the EFKT-Mgorithm with our decided off-line algorithm. Furthermore, we analyze the competitive performance of our proposed on-line algorithm, and discuss lower bounds of the competitive ratio for the problem with brokerage.

  • Protection of data and delegated keys in digital distribution

    Masahiro Mambo, Eiji Okamoto, Kouichi Sakurai

    2nd Australasian Conference on Information Security and Privacy, ACISP 1997  1997年1月 

     詳細を見る

    開催年月日: 1997年7月

    記述言語:英語  

    開催地:Sydney   国名:オーストラリア連邦  

    A cryptography is quite effective in protecting digital information from unauthorized access. But if a receiver of information is determined after the encryption of the information, e.g. a posted encrypted news is withdrawn by an arbitrary user in open networks, we need an additional mechanism for converting the encrypted information into a form accessible only to an admissible user. Even though such a transformation is done by the consecutive execution of decryption of a ciphertext and re-encryption of a recovered plaintext, an intermediary plaintext may be stolen during the re-encryption. In this paper we examine secure digital distribution systems, information storage system and information provider system, in which encrypted information is directly transformed into a ciphertext of an admissible user. We show that the technique of a proxy cryptosystem is useful for establishing these distribution systems. Proposed protocols can be constructed base on the EIGamal cryptosystem or the RSA cryptosystem. Meanwhile, a blind decryption protocol provides privacy protection with respect to the selection of a ciphertext to be decrypted. In terms of digital distribution it also provides a secure information delivery. An information provider system using a blind decryption protocol possesses a problem such that a decrypting person computes exponentiation for a message freely selected by a requesting person. For such an oracle problem, a solution is known with use of a transformable signature. In this paper we show another measure prohibiting the abuse of the blind decryption protocol.

  • Improving linear cryptanalysis of LOKI91 by probabilistic counting method

    Kouichi Sakurai, Souichi Furuya

    4th International Workshop on Fast Software Encryption, FSE 1997  1997年1月 

     詳細を見る

    開催年月日: 1997年1月

    記述言語:英語  

    開催地:Haifa   国名:イスラエル国  

    We improve linear cryptanalysis by introducing a technique of probabilistic counting into the maximum likelihood stage. In the original linear cryptanalysis based on maximum likelihood method with deterministic counting, the number of effective key and text bits is a multiple of the number of bit involved in the input to some S-box. Then, when larger S-boxes are used, 2R-method and even the 1R-methods can become impractical just because the number of effective text and key bits become excessive. Though 2R-method is practical for attacking DES, existing examples of ciphers where 2R-method is impractical include LOKI91. We overcome this problem by selecting a part of the effective key bits and investigating the probabilistic behavior of the remained effective key bits. The previous attacks discusses deterministic evaluation of the given approximated formula only when all values of the effective text/key bits are known, while we compute the probability that the approximated formula with unknown inputs equals to zero. This extension of linear cryptanalysis make useful for 2R-attack on LOKI91, then improves the performance of previous attacks. Furthermore, we implemented some experiments of attacks on 4-round LOKI91, and confirmed the effectiveness of our method.

  • Cryptographic weaknesses in the round transformation used in a block cipher with provable immunity against linear cryptanalysis

    Kouichi Sakurai, Yuliang Zheng

    7th International Symposium on Algorithms and Computation, ISAAC 1996  1996年1月 

     詳細を見る

    開催年月日: 1996年12月

    記述言語:英語  

    開催地:Osaka   国名:日本国  

    MISTY is a data encryption algorithm recently proposed by M. Matsui from Mitsubishi Electric Corporation. This paper focuses on cryptographic roles of the transform used in the MISTY cipher. Our research reveals that when used for constructing pseudorandom permutations, the transform employed by the MISTY cipher is inferior to the transform in DES, though the former is superior to the latter in terms of strength against linear and differential attacks. More specifically, we show that a 3-round (4-round, respectively) concatenation of transforms used in the MISTY cipher is not a pseudorandom (super pseudorandom, respectively) permutation. For comparison, we note that with three (four, respectively) rounds, transforms used in DES yield a pseudorandom (super pseudorandom, respectively) permutation. Another contribution of this paper is to show that a 3-round concatenation of transforms used in (the preliminary version of) the MISTY cipher has an algebraic property, which may open a door for various cryptanalytic attacks.

  • A hidden cryptographic assumption in no-transferable indentification schemes

    Kouichi Sakurai

    International Conference on the Theory and Applications of Cryptology and Information Security, ASIACRYPT 1996  1996年1月 

     詳細を見る

    開催年月日: 1996年11月

    記述言語:英語  

    開催地:Kyongju   国名:大韓民国  

    A 4-move perfect zero-knowledge argument for quadratic residuosity is discussed and the identification scheme based on this protocol is shown to be no-transferable. Note that the soundness of all known previous no-transferable protocols require no computational assumption, while our proposed protocol assumes a restriction of the power of cheating provers. Furthermore, a new notion of practical soundness is introduced and the relationship between practical soundness and no-transferable is investigated. An important consequence is that perfect zero-knowledge arguments does not always satisfy no-transferable nor practical soundness.

  • How to utilize the transformability of digital signatures for solving the oracle problem

    Masahiro Mambo, Kouichi Sakurai, Eiji Okamoto

    International Conference on the Theory and Applications of Cryptology and Information Security, ASIACRYPT 1996  1996年1月 

     詳細を見る

    開催年月日: 1996年11月

    記述言語:英語  

    開催地:Kyongju   国名:大韓民国  

    Transformability is a property of a digital signature such that one valid signature can be transformed into another valid signature of the same signature scheme. Usually digital signatures should not be forged so that the transformability is regarded as an unfavorable property. Contrarily we show that the transformability can be positively utilized for solving the oracle problem. The oracle problem is the following problem existing in some cryptographic protocols. An entity following a protocol receives a message from an adversary, and returns a certain value computed by a procedure specified in the protocol. In this process the adversary may obtain useful information by interacting with the oracle entity. The blind signature scheme and the blind decoding scheme are examples of such a protocol. Since these blinding techniques are very important in cryptographic applications, e.g. electronic money and digital pay magazine, a method to prevent illegal information leakage should be found. In this paper an oracle problem in the blind decoding scheme based on the ElGamal cryptosystem is solved with the use of a transformable digital signature. As in the original blind decoding scheme, the proposed blind decoding protocol offers users perfect untraceability. We also discuss the relevance of the transformable signature to the blind signature, the divertible zeroknowledge interactive proof and other schemes.

  • On the complexity of computational problems associated with simple stochastic games Extended abstract of COCOON'96

    Akio Yanbe, Kouichi Sakurai

    2nd Annual International Conference on Computing and Combinatorics, COCOON 1996  1996年1月 

     詳細を見る

    開催年月日: 1996年6月

    記述言語:英語  

    開催地:Hong Kong  

    We investigate simple stochastic games (SSGs): a kind of two-person games under uncertainty, the original model of which was introduced in [L.S. Shapley, Proc. Nat. Acad. Sci. U.S.A. 39 (1953) 1095–1100]. We consider the computational complexity of 1. deciding whether a given SSG is stopping (discounted) or not, 2. counting the number of all the optimal strategies of SSGs, 3. finding an optimal strategy against the player who takes random strategies.

  • A progress report on subliminal-free channels

    Mike Burmester, Yvo G. Desraedt, Toshiya Itoh, Kouichi Sakurai, Hiroki Shizuya, Moti Yung

    1st International Workshop on Information Hiding, 1996  1996年1月 

     詳細を見る

    開催年月日: 1996年5月 - 1996年6月

    記述言語:英語  

    開催地:Cambridge   国名:グレートブリテン・北アイルランド連合王国(英国)  

    Subliminal channels are closely related to covert channelsand are used to hide secret information. They abuse the communications resource. Subliminal channels can be introduced in many cryptographicsystems, and exploit the inherent randomness of the systems. For example, secret information can be hidden in the randomness of the authenticators of an authentication system. Similarly secret information can be hidden in the randomness (of the prover or verifier) of both zeroknowledge proof systems and signature systems. To establish a subliminal channel the cryptosystem is abused, that is, used in a different way and for a different purpose than intended by its designer. A particularly obnoxious type of subliminal channel may be activated by abortive halting. For state-of-the-art security, it may be desirable to detect, and if possible prevent, subliminal channels. In this paper we address the problem of whether it is possible to develop (and if so, how) appropriate techniquesfor detecting or preventing the use of such channels. Several such techniques have already been proposed in the literature, and are suitable for many systems. We review these. We also consider recent developments, in particular with regards to the formal security requirements and their impact on research.

  • Blind decoding, blind undeniable signatures, and their applications to privacy protection

    Kouichi Sakurai, Yoshinori Yamane

    1st International Workshop on Information Hiding, 1996  1996年1月 

     詳細を見る

    開催年月日: 1996年5月 - 1996年6月

    記述言語:英語  

    開催地:Cambridge   国名:グレートブリテン・北アイルランド連合王国(英国)  

    A cryptographic concept, blind decoding is discussed: a client has a message encrypted with a server's public key and the client asks the server to decode the message without revealing what is the decoded plaintext nor learning the server's secret key. Blind decoding is a useful tool for protecting user's privacy in on-line shopping over the Internet. The RSA-based blind decoding is easily converted from the similar protocol as the Chaum's blind signature scheme, and a blind decoding protocol for the E1Gama] encryption scheme is newly proposed. Moreover, the practical gap between the known RSA-based blind decoding and our E1Gamal-based scheme is discussed in the application to protecting copyright matter of electronic documents. In blind decoding scheme, undeteetability of the decrypted message has both negative and positive aspects: a negative aspect is considered as the problem of spotting the oracle and a positive aspect is applicable to making undeniable signatures blind against the signer.

  • On separating proofs of knowledge from proofs of membership of languages and its application to secure identification schemes

    Kouichi Sakurai

    1st Annual International Computing and Combinatorics Conference, COCOON 1995  1995年1月 

     詳細を見る

    開催年月日: 1995年8月

    記述言語:英語  

    開催地:Xi’an   国名:中華人民共和国  

    A four-move protocol for quadratic residuosity is proposed and the security is discussed. An application of the proposed protocol to a cryptographic identification scheme introduces a new notion of practical soundness. Our basic approach is to separate proofs of knowledge from proofs of membership of languages. Previous works deal with proofs of knowledge as an additional property of proofs of membership.

  • On bit correlations among preimages of “many to one” one-way functions — A new approach to study on randomness and hardness of one-way functions —

    Kouichi Sakurai, Toshiya Itoh

    Workshop on the Theory and Application of Cryptographic Techniques, AUSCRYPT 1992  1993年1月 

     詳細を見る

    開催年月日: 1992年12月

    記述言語:英語  

    開催地:Gold Coast   国名:オーストラリア連邦  

    This paper presents a new measure of the complexity of many to one functions. We study bit correlations among the preimages of an element of the range of many to one one-way functions. Especially, we investigate the correlation among the least significant bit of the preimages of 2 to 1 one-way functions based on algebraic problems such as the factorization and the discrete logarithm.

  • Subliminal channels for signature transfer and their application to signature distribution schemes

    Kouichi Sakurai, Toshiya Itoh

    Workshop on the Theory and Application of Cryptographic Techniques, AUSCRYPT 1992  1993年1月 

     詳細を見る

    開催年月日: 1992年12月

    記述言語:英語  

    開催地:Gold Coast   国名:オーストラリア連邦  

    In this paper, we consider the subliminal channel, hidden in an identification scheme, for signature transfer. We point out that the direct parallelization of the Fiat-Shamir identification scheme has a subliminal channel for the transmission of the digital signature, which does not exist in the serial (zero-knowledge) version. We apply this subliminal channel to a multi-verifier interactive protocol and propose a distributed verification signature that cannot be verified without all verifiers' corporation. Our proposed protocol is the first implementation of the distributed verification signature without secure channels, and the basic idea of our construction suggests the novel primitive with which a signature transfer secure against adversary can be constructed using only one-way function (without trapdoor).

  • On the discrepancy between serial and parallel of zero-knowledge protocols

    Kouichi Sakurai, Toshiya Itoh

    12th Annual International Cryptology Conference, CRYPTO 1992  1993年1月 

     詳細を見る

    開催年月日: 1992年8月

    記述言語:英語  

    開催地:Santa Barbara   国名:アメリカ合衆国  

    In this paper, we investigate the discrepancy between a serìal version and a parallel version of zero-knowledge protocols, and clarify the information “leaked” in the parallel version, which is not zero-knowledge unlike the case of the serial version. We consider two sides: one negative and the other positive in the parallel version of zero-knowledge protocols, especially of the Fiat-Sbamir scheme.

  • How intractable is the discrete logarithm for a general finite group?

    Tatsuaki Okamoto, Kouichi Sakurai, Hiroki Shizuya

    Workshop on the Theory and Application of Cryptographic Technique, EUROCRYPT 1992  1993年1月 

     詳細を見る

    開催年月日: 1992年5月

    記述言語:英語  

    開催地:Balatonfured   国名:ハンガリー共和国  

    GDL is the discrete logarithm problem for a general finitc group G. This paper gives a characterization for the intractability of GDL from the viewpoint of computational complexity theory. It is shown that GDL ∈ NP ∩ co-AM, assuming that G is in NP ∩ co-NP, and that the group law operation of G can be exccuted in a polynomial time of the element size. Furthermore, as a natural probabilistic extension, the complexity of GDL is investigated under the assumption that the group law operation is executed in an expected polynomial time of the element size. In this case, it is shown that GDL ∈ MA ∩ co-AM if G ∈ NP ∩ co-NP. Finally, we show that GDL is less intractable than NP-complete problems unless the polynomial time hierarchy collapses to the second level.

  • 4 move perfect ZKIP of knowledge with no assumption

    Takeshi Saito, Kaoru Kurosawa, Kouichi Sakurai

    1st International Conference on the Theory and Application of Cryptology, ASIACRYPT 1991  1993年1月 

     詳細を見る

    開催年月日: 1991年11月

    記述言語:英語  

    開催地:Fujiyoshida   国名:日本国  

    This paper presents a 4-move perfect ZKIP of knowledge with no cryptographic assumption for the random self reducible problems [TW87] whose domain is NP∩BPP. The certified discrete log problem is such an example. (Finding a witness is more difficult than the language membership problem.) A largely simplified 4-move ZKIP for the Hamilton Circuit problem is also shown. In our ZKIP, a trapdoor coin flipping protocol is introduced to generate a challenge bit. P and V cooperatively generate a random bit in a coin flipping protocol. In a trapdoor coin flipping protocol, V who knows the trapdoor can create the view which he can later reveal in two possible ways: both as head and as tail.

  • On the complexity of constant round ZKIP of possession of knowledge

    Toshiya Itoh, Kouichi Sakurai

    1st International Conference on the Theory and Application of Cryptology, ASIACRYPT 1991  1993年1月 

     詳細を見る

    開催年月日: 1991年11月

    記述言語:英語  

    開催地:Fujiyoshida   国名:日本国  

    In this paper, we show that if a relation R has a three move blackbox simulation zero-knowledge interactive proof system of possession of knowledge, then there exists a probabilistic polynomial time algorithm that on input x ∈ {0,1}*, outputs y such that (x, y) ∈ R with overwhelming probability if x ∈ dom R, and outputs “⊥” with probability 1 if x ∉ dom R. In the present paper, we also show that without any unproven assumption, there exists a four move blackbox simulation perfect zero-knowledge interactive proof system of possession of the prime factorization, which is optimal in the light of the round complexity.

  • Any language in IP has a divertible ZKIP

    Toshiya Itoh, Kouichi Sakurai, Hiroki Shizuya

    1st International Conference on the Theory and Application of Cryptology, ASIACRYPT 1991  1993年1月 

     詳細を見る

    開催年月日: 1991年11月

    記述言語:英語  

    開催地:Fujiyoshida   国名:日本国  

    A notion of “divertible” zero-knowledge interactive proof systems was introduced by Okamoto and Ohta, and they showed that for any commutative random self-reducible relation, there exists a divertible (perfect) zero-knowledge interactive proof system of possession of information. In addition, Burmester and Desmedt proved that for any language L ∈ NP, there exists a divertible zero-knowledge interactive proof system for the language L under the assumption that probabilistic encryption homomorphisms exist. In this paper, we classify the notion of divertible into three types, i.e., perfectly divertible, almost perfectly divertible, and computationally divertible, and investigate which complexity class of languages has a perfectly (almost perfectly) (computationally) divertible zero-knowledge interactive proof system. The main results in this paper are: (1) there exists a perfectly divertible perfect zero-knowledge interactive proof system for graph non-isomorphism (GNI) without any unproven assumption; and (2) for any language L having an interactive proof system, there exists a computationally divertible computational zero-knowledge interactive proof system for the language L under the assumption that probabilistic encryption homomorphisms exist.

  • Efficient algorithms for the construction of hyperelliptic cryptosystems

    Tatsuaki Okamoto, Kouichi Sakurai

    11th Confrence on Advances in Cryptology, CRYPTO 1991  1992年1月 

     詳細を見る

    開催年月日: 1991年8月

    記述言語:英語  

    開催地:Santa Barbara   国名:アメリカ合衆国  

    The jacobian of hyperelliptic curves, including elliptic curves as a special case, offers a good primitive for cryptosystems, since cryptosystems (discrete logarithms) based on the jacobians seem to be more intractable than those based on conventional multiplicative groups. In this paper, we show that the problem to determine the group structure of the jacobian can be characterized to be in NP ∩ co-NP, when the jacobian is a non-degenerate type (“non-half-degenerate”). We also show that the hyperelliptic discrete logarithm can be characterized to be in NP ∩ co-NP, when the group structure is non-half-degenerate. Moreover, we imply the reducibility of the hyperelliptic discrete logarithm to a multiplicative discrete logarithm. The extended Weil pairing over the jacobian is the key tool for these algorithms.

  • On the complexity of hyperelliptic discrete logarithm problem

    Hiroki Shizuya, Toshiya Itoh, Kouichi Sakurai

    Workshop on the Theory and Application of Cryptographic Techniques, EUROCRYPT 1991  1991年1月 

     詳細を見る

    開催年月日: 1991年4月

    記述言語:英語  

    開催地:Brighton   国名:グレートブリテン・北アイルランド連合王国(英国)  

    We give a characterization for the intractability of hyperelliptic discrete logarithm problem from a viewpoint of computational complexity theory. It is shown that the language of which complexity is equivalent to that of the hyperelliptic discrete logarithm problem is in NP ∩ co-AM, and that especially for elliptic curves, the corresponding language is in NP ∩ co-NP. It should be noted here that the language of which complexity is equivalent to that of the discrete logarithm problem defined over the multiplicative group of a finite field is also characterized as in NP ∩ co-NP.

  • A New Design for Evaluating Moving Target Defense System

    Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • 2005年度戦略的ソフトウエア研究(SSR)海外連携型調査研究

    ???

  • Efficient Context-Sensitive Intrusion Detection Based on State Transition Table

    Jingyu Hua, MingChu Li, Yizhi Ren, Kouichi Sakurai

    IEICE Transactions  2011年1月 

     詳細を見る

    国名:日本国  

  • A method of digital rights management based on Bitcoin protocol

    Motoki Kitahara, Junpei Kawamoto, Kouichi Sakurai

    ICUIMC 2014  2013年1月 

     詳細を見る

    記述言語:英語  

    国名:カンボジア王国  

  • A proposal for the privacy leakage verification tool for Android application developers 国際会議

    Shinichi Matsumoto, Kouichi Sakurai

    ICUIMC 2013  2013年1月 

     詳細を見る

    記述言語:英語  

    国名:マレーシア  

  • Supporting Secure Provenance Update by Keeping "Provenance" of the Provenance

    Amril Syalim, Takashi Nishide, Kouichi Sakurai

    ICT-EurAsia 2013  2013年3月 

     詳細を見る

    記述言語:英語  

    国名:インドネシア共和国  

  • Upper bound of the length of information embedd in RSA public key efficiently

    Motoki Kitahara, Takanori Yasuda, Takashi Nishide, Kouichi Sakurai

    AsiaPKC@AsiaCCS 2013  2013年5月 

     詳細を見る

    記述言語:英語  

    国名:中華人民共和国  

  • A variant of rainbow with shorter secret key and faster signature generation

    Takanori Yasuda, Jintai Ding, Tsuyoshi Takagi, Kouichi Sakurai

    AsiaPKC@AsiaCCS 2013  2013年5月 

     詳細を見る

    記述言語:英語  

    国名:中華人民共和国  

  • Multivariate Signature Scheme Using Quadratic Forms 国際会議

    Takanori Yasuda, Tsuyoshi Takagi, Kouichi Sakurai

    PQCrypto 2013  2013年6月 

     詳細を見る

    記述言語:英語  

    国名:日本国  

  • Detecting HTTP-Based Botnet Based on Characteristic of the C & C Session Using by SVM

    Kazumasa Yamauchi, Yoshiaki Hori, Kouichi Sakurai

    AsiaJCIS 2013  2013年7月 

     詳細を見る

    記述言語:英語  

    国名:大韓民国  

  • Efficient Computing over GF(2^16) Using Graphics Processing Unit 国際会議

    Satoshi Tanaka, Takanori Yasuda, Bo-Yin Yang, Chen-Mou Cheng, Kouichi Sakurai

    IMIS 2013  2013年7月 

     詳細を見る

    記述言語:英語  

    国名:台湾  

  • Performance Evaluation of Information Theoretic Secure Multi-channel Transmission on Multihop Wireless Network

    Wataru Tsuda, Yoshiaki Hori, Kouichi Sakurai

    BWCCA 2013  2013年10月 

     詳細を見る

    記述言語:英語  

    国名:フランス共和国  

  • 暗号化データベースモデルにおける問合せの関連情報を秘匿する範囲検索

    川本 淳平, 櫻井 幸一

    SCIS2014  2014年1月 

     詳細を見る

    記述言語:日本語  

    国名:日本国  

  • Efficient Variant of Rainbow without Triangular Matrix Representation 国際会議

    Takanori Yasuda, Tsuyoshi Takagi, Kouichi Sakurai

    ICT-EurAsia 2014  2014年4月 

     詳細を見る

    記述言語:英語  

    国名:インドネシア共和国  

  • Implementation of Efficient Operations over GF(232) Using Graphics Processing Units 国際会議

    Satoshi Tanaka, Takanori Yasuda, Kouichi Sakurai

    ICT-EurAsia 2014  2014年4月 

     詳細を見る

    記述言語:英語  

    国名:インドネシア共和国  

  • Keynote speech"Mobile Forensic aspects of Web browser: from HTML4 to HTML5" 招待 国際会議

    Kouichi Sakurai

    2014 International Workshop on Applications and Technologies in Cyber Security (ATCS)September 23, 2014, Beijing, China  2014年9月 

     詳細を見る

    記述言語:英語   会議種別:シンポジウム・ワークショップ パネル(公募)  

    国名:中華人民共和国  

  • Forensic vs. Anti-forensic in Biometirics: Towards Receipt-freeness and Coercion-Resistance in biometric authentication protocols 招待 国際会議

    Kouichi Sakurai

    ICoICT 2015 (The 3rd International Conference of Information and Communication Technology)  2015年9月 

     詳細を見る

    記述言語:英語   会議種別:口頭発表(招待・特別)  

    開催地:Bali Nusa Dua Convention Center, Bali, Indonesia.   国名:インドネシア共和国  

    Currently, cancelable biometrics, asymmetric biometric authentication, and some related methods are proposed as remote biometrics. These proposals are discussed in the viewpoint of privacy protection. Namely, thet are regarded as forensic approach which means collecting evidence for some person’s authentication. However, there are a few research on no anti-forensic approach which includes remaining no data in authentication systems. Therefore, we define “receipt-freeness” of biometric authentication protocol, which means no evidence left, as a first step. We analyze some remote biometric authentication protocols about “receipt-freeness.” This talk also consider the property and recent techniques for Coercion-Resistance in biometric authentication protocols, which have been investigated in electronic voting schemes.

    その他リンク: http://2015.icoict.org/tutorials/

  • Effectively Protect Your Privacy: Enabling Flexible Privacy Control on Web Tracking

    Shiqian Yu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2017年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Tracing MIRAI Malware in Networked System

    Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Neural Cryptography Based on the Topology Evolving Neural Networks

    Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Lightweight classification of IoT malware based on image recognition

    Jiawei Su, Vargas Danilo Vasconcellos, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Empirical Evaluation on Robustness of Deep Convolutional Neural Networks Activation Functions Against Adversarial Perturbation

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • A New Design for Evaluating Moving Target Defense System

    Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Tracing MIRAI Malware in Networked System

    Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Neural Cryptography Based on the Topology Evolving Neural Networks

    Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Lightweight classification of IoT malware based on image recognition

    Jiawei Su, Vargas Danilo Vasconcellos, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Empirical Evaluation on Robustness of Deep Convolutional Neural Networks Activation Functions Against Adversarial Perturbation

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • A New Design for Evaluating Moving Target Defense System

    Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Tracing MIRAI Malware in Networked System

    Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Neural Cryptography Based on the Topology Evolving Neural Networks

    Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Lightweight classification of IoT malware based on image recognition

    Jiawei Su, Vargas Danilo Vasconcellos, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

  • Empirical Evaluation on Robustness of Deep Convolutional Neural Networks Activation Functions Against Adversarial Perturbation

    Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai

    2018年 

     詳細を見る

    記述言語:その他  

    国名:その他  

▼全件表示

MISC

  • ASIA CCS '22: ACM Asia Conference on Computer and Communications Security 査読

    @Yuji Suga, @Kouichi Sakurai, @Xuhua Ding, @Kazue Sako

    ACM   2022年4月

     詳細を見る

    記述言語:英語   掲載種別:機関テクニカルレポート,技術報告書,プレプリント等  

    その他リンク: https://dl.acm.org/doi/proceedings/10.1145/3488932

  • 公開鍵暗号方式の安全性評価に関する現状と課題 Discussion Paper No. 97-J-11

    公開鍵暗号方式の安全性 評価に関する現状と課題 楠田浩二・櫻井幸一 Discussion Paper No. 97-J-11

    日本銀行金融 研究所 ディスカッションペーパー   1997年8月

     詳細を見る

    記述言語:日本語   掲載種別:記事・総説・解説・論説等(学術雑誌)  

  • Preface

    Giri D., Gollmann D., Ponnusamy S., Kouichi S., Stanimirović P.S., Sahoo J.K.

    Lecture Notes in Networks and Systems   697 LNNS   xv - xvii   2023年   ISSN:23673370 ISBN:9789819930791

     詳細を見る

    出版者・発行元:Lecture Notes in Networks and Systems  

    Scopus

  • General Chairs' Welcome

    Suga Y., Sakurai K.

    ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security   2022年5月   ISBN:9781450391405

     詳細を見る

    出版者・発行元:ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security  

    Scopus

  • Preface

    Giri D., Mandal J.K., Sakurai K., De D.

    Lecture Notes in Networks and Systems   481 LNNS   v - vi   2022年   ISSN:23673370 ISBN:9789811931819

     詳細を見る

    出版者・発行元:Lecture Notes in Networks and Systems  

    DOI: 10.1055/s-0040-1717048

    Scopus

  • Preface

    Su C., Sakurai K., Chen G., Meng W., Otsuka A.

    Communications in Computer and Information Science   1680 CCIS   2022年   ISSN:18650929 ISBN:9789811977688

     詳細を見る

    出版者・発行元:Communications in Computer and Information Science  

    Scopus

  • Preface

    Su C., Sakurai K.

    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   13580 LNCS   2022年   ISSN:03029743 ISBN:9783031175503

     詳細を見る

    出版者・発行元:Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

    Scopus

  • 分散処理によるOpenFlowを用いた端末非依存なネットワーク攻撃検知手法とその評価 (情報通信システムセキュリティ)

    宮崎 亮輔, 川本 淳平, 松本 晋一, 櫻井 幸一

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   2017年3月

     詳細を見る

    記述言語:日本語  

    Evaluation of Host Independent and Distributed Detection System of the Network Attack by Using OpenFlow

  • A Brief Review on Anomaly Detection and its Applications to Cybersecurity (情報通信システムセキュリティ)

    Vargas Danilo Vasconcellos, Sakurai Kouichi

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   2017年3月

     詳細を見る

    記述言語:英語  

  • A Hybrid Encryption Scheme with Key-cloning Protection: User / Terminal Double Authentication via Attributes and Fingerprints

    Chen Chunlu, Anada Hiroaki, Kawamoto Junpei, Sakurai Kouichi, Sakurai Koichi

    Journal of Internet Services and Information Security   2016年5月

     詳細を見る

    記述言語:英語  

    A Hybrid Encryption Scheme with Key-cloning Protection: User / Terminal Double Authentication via Attributes and Fingerprints

  • A-7-11 ランダムフォレストを用いたボットネットの検出(A-7.情報セキュリティ,一般セッション)

    呂 良, フォン ヤオカイ, 川本 淳平, 櫻井 幸一

    電子情報通信学会基礎・境界ソサイエティ/NOLTAソサイエティ大会講演論文集   2016年3月

     詳細を見る

    記述言語:日本語  

    A-7-11 Botnet Detection Using Random Forest

  • Authentication in mobile cloud computing: A survey

    Mojtaba Alizadeh, Saeid Abolfazli, Mazdak Zamani, Sabariah Baharun, Kouichi Sakurai

    JOURNAL OF NETWORK AND COMPUTER APPLICATIONS   2016年2月

     詳細を見る

    記述言語:英語  

    Mobile cloud computing (MCC) is the state-of-the-art mobile distributed computing model that incorporates multitude of heterogeneous cloud-based resources to augment computational capabilities of the plethora of resource-constraint mobile devices. In MCC, execution time and energy consumption are significantly improved by transferring execution of resource-intensive tasks such as image processing, 3D rendering, and voice recognition from the hosting mobile to the cloud-based resources. However, accessing and exploiting remote cloud-based resources is associated with numerous security and privacy implications, including user authentication and authorization. User authentication in MCC is a critical requirement in securing cloud-based computations and communications. Despite its critical role, there is a gap for a comprehensive study of the authentication approaches in MCC which can provide a deep insight into the state-of-the-art research. This paper presents a comprehensive study of authentication methods in MCC to describe MCC authentication and compare it with that of cloud computing. The taxonomy of the state-of-the-art authentication methods is devised and the most credible efforts are critically reviewed. Moreover, we present a comparison of the state-of-the-art MCC authentication methods considering five evaluation metrics. The results suggest the need for futuristic authentication methods that are designed based on capabilities and limitations of MCC environment. Finally, the design factors deemed could lead to effective authentication mechanisms are presented, and open challenges are highlighted based on the weaknesses and strengths of existing authentication methods. (C) 2015 Elsevier Ltd. All rights reserved.

    DOI: 10.1016/j.jnca.2015.10.005

  • Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks" (vol 10, e0142716, 2015)

    Mojtaba Alizadeh, Mazdak Zamani, Sabariah Baharun, Azizah Abdul Manaf, Kouichi Sakurai, Hiroaki Anada, Hassan Keshavarz, Shehzad Ashraf Chaudhry, Muhammad Khurram Khan

    PLOS ONE   2015年12月

     詳細を見る

    記述言語:英語  

    DOI: 10.1371/journal.pone.0145975

  • Attribute-Based Two-Tier Signatures (マルチメディア情報ハイディング・エンリッチメント)

    穴田 啓晃, 有田 正剛, 櫻井 幸一

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   2015年7月

     詳細を見る

    記述言語:英語  

  • Attribute-Based Two-Tier Signatures (情報通信システムセキュリティ)

    穴田 啓晃, 有田 正剛, 櫻井 幸一

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   2015年7月

     詳細を見る

    記述言語:英語  

  • Accelerating QUAD Stream Cipher using Optimal Extension Field on GPU (情報セキュリティ)

    田中 哲士, 鄭 振牟, 安田 貴徳, 櫻井 幸一

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   2015年3月

     詳細を見る

    記述言語:英語  

    鍵ストリームの生成に多変数二次多項式の付値を用いるQUADストリーム暗号において,有限体上の乗算はコアな計算である.その為,QUADストリーム暗号の高速化には効率的な有限体上の乗算が必要となる.実装上の効率的な乗算として,Optimal Extension Field(OEF)による乗算が知られている.本発表ではOEFを有限体として用いた,QUADストリーム暗号のGraphics Processing Unit上における実装結果について報告する.GF(2^<32>-5)上の32変数64多項式のQUADはGF(2^<32>)のものよりもGPU上で9倍高速であった.

  • Accelerating QUAD Stream Cipher using Optimal Extension Field on GPU (ワイドバンドシステム)

    田中 哲士, 鄭 振牟, 安田 貴徳, 櫻井 幸一

    電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   2015年3月

     詳細を見る

    記述言語:英語  

    鍵ストリームの生成に多変数二次多項式の付値を用いるQUADストリーム暗号において,有限体上の乗算はコアな計算である.その為,QUADストリーム暗号の高速化には効率的な有限体上の乗算が必要となる.実装上の効率的な乗算として,Optimal Extension Field(OEF)による乗算が知られている.本発表ではOEFを有限体として用いた,QUADストリーム暗号のGraphics Processing Unit上における実装結果について報告する.GF(2^<32>-5)上の32変数64多項式のQUADはGF(2^<32>)のものよりもGPU上で9倍高速であった.

  • プライバシを考慮したクラウド型IME

    川本淳平, 櫻井幸一

    研究報告グループウェアとネットワークサービス(GN)   2014年5月

     詳細を見る

    記述言語:日本語  

    クラウドサービスは便利である一方プライバシの問題は未だ重要な懸念事項の一つである.本論文では,昨今話題となったクラウド型 IME に焦点を当て,プライバシを保護したクラウド型 IME を提案する.IME は,入力記号列を受け取り別の記号列へ変換するソフトウェアと考えることができる.これをクラウドサービスとして実現する場合,利用者は入力記号列をクエリとしてクラウド上のサーバへ送信し,変換後の記号列を受け取るシステムと言える.本論文では,このモデルに適した検索可能暗号を提案し,またプライバシを考慮したクラウド型 IME への応用を示す.

  • RSA暗号の公開鍵への所有者情報埋め込み手法とその著作権管理システムへの応用

    北原基貴, 穴田啓晃, 川本淳平, 櫻井幸一

    研究報告コンピュータセキュリティ(CSEC)   2014年5月

     詳細を見る

    記述言語:日本語  

    公開鍵暗号では,ユーザの公開した公開鍵に対するなりすましを防ぐため,公開鍵の正当性を保証する証明書が信頼できる認証局によって添付される.この仕組みは公開鍵基盤と呼ばれる.公開鍵と証明書は誰もが参照できる公開鍵ディレクトリに保存される.送信者はこれらの情報を用いて認証・暗号化を行う.この証明書を必要としない暗号として,ID ベース暗号がある.ID ベース暗号ではユーザの ID が公開鍵として扱われる.秘密鍵は,秘密情報を持つ鍵配付センターから,自身の証明を行うことで受け取る.これまでの ID ベース暗号には鍵配付センターがユーザの使う秘密鍵を知ってしまうという鍵供託問題が存在する.本論文では,所有者情報と証明書を RSA 暗号の公開鍵に埋め込むことで,鍵供託問題のない ID ベース暗号に相当するシステムを提案する.提案システムでは,正当な ID を持つユーザ以外は ID を埋め込み不可にするため,公開鍵への所有者情報の改ざんが行われた場合にそれを検知できる.また,証明書添付の必要がない.更に,提案システムの著作権管理システムへの適用を提案する.コンテンツ提供者の公開鍵に証明書を埋め込むことにより,著作権管理システムを,コンテンツの盗作販売を検出可能なものにすることができる.

  • RSA暗号の公開鍵への所有者情報埋め込み手法とその著作権管理システムへの応用

    北原基貴, 穴田啓晃, 川本淳平, 櫻井幸一

    研究報告インターネットと運用技術(IOT)   2014年5月

     詳細を見る

    記述言語:日本語  

    公開鍵暗号では,ユーザの公開した公開鍵に対するなりすましを防ぐため,公開鍵の正当性を保証する証明書が信頼できる認証局によって添付される.この仕組みは公開鍵基盤と呼ばれる.公開鍵と証明書は誰もが参照できる公開鍵ディレクトリに保存される.送信者はこれらの情報を用いて認証・暗号化を行う.この証明書を必要としない暗号として,ID ベース暗号がある.ID ベース暗号ではユーザの ID が公開鍵として扱われる.秘密鍵は,秘密情報を持つ鍵配付センターから,自身の証明を行うことで受け取る.これまでの ID ベース暗号には鍵配付センターがユーザの使う秘密鍵を知ってしまうという鍵供託問題が存在する.本論文では,所有者情報と証明書を RSA 暗号の公開鍵に埋め込むことで,鍵供託問題のない ID ベース暗号に相当するシステムを提案する.提案システムでは,正当な ID を持つユーザ以外は ID を埋め込み不可にするため,公開鍵への所有者情報の改ざんが行われた場合にそれを検知できる.また,証明書添付の必要がない.更に,提案システムの著作権管理システムへの適用を提案する.コンテンツ提供者の公開鍵に証明書を埋め込むことにより,著作権管理システムを,コンテンツの盗作販売を検出可能なものにすることができる.

  • デジタルフォレンジクスの為のWeb閲覧履歴可視化方式の提案

    松本 晋一, 鬼塚 雄也, 川本 淳平, 櫻井 幸一

    研究報告コンピュータセキュリティ(CSEC)   2014年5月

     詳細を見る

    記述言語:日本語  

    ユーザの多くが常時携行し,活用するモバイル端末は必然的にプライバシ情報を集約しており,デジタルフォレンジクスにおいては当該端末の調査は非常に有効となる.スマートフォンに代表されるモバイル端末は HTML5 に対応した Web ブラウザをアプリケーション実行環境とする HTML5 プラットフォーム化が進んでおり,HTML5 のクライアント側記憶機能はフォレンジクスにおける調査対象として今後重要が増すものと考えられる.本研究では,当該記憶領域の内容を,オフラインで獲得し,構造化,グラフィカルに可視化する方法を提案する.Mobile devices accumulates much private information of the user. This is due to the carried by user and utilized for communication. Therefore, digital forensics that targets mobile devices will be deemed to be more effective. Mobile terminals, especially smartphones is transforming a HTML5 platform. This is what the application execution environment that supports HTML5 Web browser. One of the significant feature of HTML5 is WebStorage. It is intended to enable the storage feature that is easy to handle and large capacity to Web browser. This feature will be deemed to be important in the digital forensics. In this research, we propose the method to acquire this storage area offline and structuralize and graphically visualize it.

  • デジタルフォレンジクスの為のWeb閲覧履歴可視化方式の提案

    松本 晋一, 鬼塚 雄也, 川本 淳平, 櫻井 幸一

    研究報告インターネットと運用技術(IOT)   2014年5月

     詳細を見る

    記述言語:日本語  

    ユーザの多くが常時携行し,活用するモバイル端末は必然的にプライバシ情報を集約しており,デジタルフォレンジクスにおいては当該端末の調査は非常に有効となる.スマートフォンに代表されるモバイル端末は HTML5 に対応した Web ブラウザをアプリケーション実行環境とする HTML5 プラットフォーム化が進んでおり,HTML5 のクライアント側記憶機能はフォレンジクスにおける調査対象として今後重要が増すものと考えられる.本研究では,当該記憶領域の内容を,オフラインで獲得し,構造化,グラフィカルに可視化する方法を提案する.Mobile devices accumulates much private information of the user. This is due to the carried by user and utilized for communication. Therefore, digital forensics that targets mobile devices will be deemed to be more effective. Mobile terminals, especially smartphones is transforming a HTML5 platform. This is what the application execution environment that supports HTML5 Web browser. One of the significant feature of HTML5 is WebStorage. It is intended to enable the storage feature that is easy to handle and large capacity to Web browser. This feature will be deemed to be important in the digital forensics. In this research, we propose the method to acquire this storage area offline and structuralize and graphically visualize it.

  • プライバシを考慮したクラウド型IME

    川本淳平, 櫻井幸一

    研究報告セキュリティ心理学とトラスト(SPT)   2014年5月

     詳細を見る

    記述言語:日本語  

    クラウドサービスは便利である一方プライバシの問題は未だ重要な懸念事項の一つである.本論文では,昨今話題となったクラウド型 IME に焦点を当て,プライバシを保護したクラウド型 IME を提案する.IME は,入力記号列を受け取り別の記号列へ変換するソフトウェアと考えることができる.これをクラウドサービスとして実現する場合,利用者は入力記号列をクエリとしてクラウド上のサーバへ送信し,変換後の記号列を受け取るシステムと言える.本論文では,このモデルに適した検索可能暗号を提案し,またプライバシを考慮したクラウド型 IME への応用を示す.

  • A Behavior-based Method for Detecting Distributed Scan Attacks in Darknets

    Yaokai Feng, Yoshiaki Hori, Kouichi Sakurai, Jun'ichi Takeuchi

    情報処理学会論文誌   2013年6月

     詳細を見る

    記述言語:英語  

    The technologies used by attackers in the Internet environment are becoming more and more sophisticated. Of the many kinds of attacks, distributed scan attacks have become one of the most serious problems. In this study, we propose a novel method based on normal behavior modes of traffic to detect distributed scan attacks in darknet environments. In our proposed method, all the possible destination TCP and UDP ports are monitored, and when a port is attacked by a distributed scan, an alert is given. Moreover, the alert can have several levels reflecting the relative scale of the attack. To accelerate learning and updating the normal behavior modes and to realize rapid detection, an index is introduced, which is proved to be very efficient. The efficiency of our proposal is verified using real darknet traffic data. Although our proposal focuses on darknets, the idea can also be applied to ordinary networks.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.21(2013) No.3 (online)DOI http://dx.doi.org/10.2197/ipsjjip.21.527------------------------------The technologies used by attackers in the Internet environment are becoming more and more sophisticated. Of the many kinds of attacks, distributed scan attacks have become one of the most serious problems. In this study, we propose a novel method based on normal behavior modes of traffic to detect distributed scan attacks in darknet environments. In our proposed method, all the possible destination TCP and UDP ports are monitored, and when a port is attacked by a distributed scan, an alert is given. Moreover, the alert can have several levels reflecting the relative scale of the attack. To accelerate learning and updating the normal behavior modes and to realize rapid detection, an index is introduced, which is proved to be very efficient. The efficiency of our proposal is verified using real darknet traffic data. Although our proposal focuses on darknets, the idea can also be applied to ordinary networks.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.21(2013) No.3 (online)DOI http://dx.doi.org/10.2197/ipsjjip.21.527------------------------------

  • 頻出パータン木を利用した安全な相関ルール発見手法

    蘇春華, 櫻井 幸一

    情報処理学会研究報告コンピュータセキュリティ(CSEC)   2008年7月

     詳細を見る

    記述言語:英語  

    Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment it may involve the users' privacy of their own document. In this paper we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties each having their private documents want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties.Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment, it may involve the users' privacy of their own document. In this paper, we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties, each having their private documents, want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties.

  • セキュリティ対策の統合評価における個々の対策についての評価技法の提案

    重松 孝明, 周 秉慧, 堀 良彰, 櫻井 幸一

    電子情報通信学会技術研究報告. ISEC, 情報セキュリティ   2008年7月

     詳細を見る

    記述言語:日本語  

    セキュリティ対策の評価についてのさまざまな要求に対する解を,相互に整合性のあるものにするためには,さまざまな評価を相互に連携させる統合評価技法の確立が必要となる.このセキュリティ対策の統合評価における,個々の対策についての評価の位置付けを示し,統合評価技法の要となるセキュリティ対策の基本単位の評価についての要件を示すとともに,その実務的な評価方法を提案し,その課題を論じる.

  • 頻出パータン木を利用した安全な相関ルール発見手法

    蘇 春華, 櫻井 幸一

    電子情報通信学会技術研究報告. ISEC, 情報セキュリティ   2008年7月

     詳細を見る

    記述言語:英語  

    Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment, it may involve the users' privacy of their own document. In this paper, we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties, each having their private documents, want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties.

  • テキストと画像情報用いた画像スパムフィルタリングの設計と評価

    王戦, 堀 良彰, 櫻井 幸一

    情報処理学会研究報告マルチメディア通信と分散処理(DPS)   2008年3月

     詳細を見る

    記述言語:英語  

    近年,インターネットの発展と電子メールの普及に伴い,迷惑メールが増加している。それに対する技術的対策も研究され,その中でもテキスト分類技術を利用するフィルタリングが広く用いられている.しかし,その回避策として,迷惑メール本文を画像に入れて,フィルタを通過する画像スパムが急増している.本論文では,画像スパムを光学式文字認識(OCR)を用いてデータに変換し、さらに添付画像の情報を学習データに加え、フィルタリングを行う方式を提案する.また,筆者収集した画像スパムと SpamArchive のデータセットを用いて評価を行うことで提案手法の有効性を明らかにする.Spam have received much attention on Internet users and the amount of the spam increases. The number of technical approaches to the spam is increasing in recent years and text categorisation techniques have been investigated by researchers for the filter of the semantic content of e-mails. However, one of the spam construction techniques involves embedding test messages into images, which usually called "image spam" has been successful in bypassing text-based spam filters. In this paper, we propose an approach to anti-spam filtering. Our approach combines standard OCR and text categorization techniques, and distinctive properties of spam images to detect image spam. The effectiveness of the proposed approach is experimentally evaluated on personal corpus and SpamArchive corpus.

  • A-7-25 Security Problems in Existing Privacy-preserving K-means Clustering Schemes

    蘇 春華, 鮑 峰, 周 建英, 高木 剛, 櫻井 幸一

    電子情報通信学会総合大会講演論文集   2008年3月

     詳細を見る

    記述言語:英語  

    A-7-25 Security Problems in Existing Privacy-preserving K-means Clustering Schemes

  • 公開鍵暗号基盤における匿名バイオメトリクスを用いた秘密鍵管理の提案

    泉 昭年, 上繁 義史, 櫻井 幸一

    情報処理学会研究報告コンピュータセキュリティ(CSEC)   2007年7月

     詳細を見る

    記述言語:日本語  

    公開鍵暗号基盤においてトークンに秘密鍵とバイオメトリクスを組み合わせた,保護秘密鍵を保管する方式を提案する.提案方式では,秘密鍵所有者の指紋から抽出したバイオメトリクス情報によって秘密鍵を暗号化し,それを保護秘密鍵として指紋読み取り機能を持つトークンに格納する.ユーザは秘密鍵使用時には保護秘密鍵と補助データが格納されたトークンに指紋を提示することで保護秘密鍵から秘密鍵を復元することが可能である.本提案方式を用いることで,テンプレート(登録情報)を用いず本人認証を行うことが出来るため,従来のバイオメトリクス認証で生じるようなテンプレート漏洩の危険性は無い.We propose the scheme that stores protected secret key which is made by combination of biometrics and secret key in the smartcard in PKI. In our proposal, the user encrypts the secret key using biometrics information extracted from owner of that secret key and stores it as protected secret key in smartcard which has fingerprint reading function. The user can restore the secret key form protected secret key by presenting his fingerprint to smartcard that has protected secret key and helper data. In our scheme, the template is not need for authentication. So, the problem of the leaks of the template which arise in traditional biometric authentication won ' t arise in our scheme.

  • Efficient verifier-based password-authenticated key exchange in the three-party setting

    Jeong Ok Kwon, Ik Rae Jeong, Kouichi Sakurai, Dong Hoon Lee

    Computer Standards and Interfaces   2007年7月

     詳細を見る

    記述言語:英語  

    In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature. © 2006 Elsevier B.V. All rights reserved.

    DOI: 10.1016/j.csi.2006.12.002

  • プライバシー保護した相関ルールマイニングに関する再考

    蘇春華, 周建英, 鉋豊, 高木 剛, 櫻井 幸一

    情報処理学会研究報告コンピュータセキュリティ(CSEC)   2007年7月

     詳細を見る

    記述言語:英語  

    Assocaition Rules Mining is a frequently used technique which finds interesting associations and correlation relationships among large set of data items that occur frequently together in varieties of social and bussiness area. For the coopertional distributed assocaition rules mining privacy-preserving techniques are strongly needed. In this paper we employ frequent-pattern tree (FP-tree) structure storing compressed crucial information about frequent patterns and develop an efficient and secure FP-treebased mining method. We show that our protocol is collusion resistant which means that even if all dishonest respondents collude with a dishonest data minerin an attempt to learn the associations between honest respondents and their responses they will be unable to do so. Key words association rule mining privacy-preserving data mining FP-tree attributes-based encryptionAssocaition Rules Mining is a frequently used technique which finds interesting associations and correlation relationships among large set of data items that occur frequently together in varieties of social and bussiness area. For the coopertional distributed assocaition rules mining, privacy-preserving techniques are strongly needed. In this paper, we employ frequent-pattern tree (FP-tree) structure storing compressed, crucial information about frequent patterns, and develop an efficient and secure FP-treebased mining method. We show that our protocol is collusion resistant, which means that even if all dishonest respondents collude with a dishonest data minerin an attempt to learn the associations between honest respondents and their responses, they will be unable to do so. Key words association rule mining, privacy-preserving data mining, FP-tree, attributes-based encryption

  • プライバシー保護した相関ルールマイニングに関する再考

    蘇 春華, 周 建英, 鮑 豊, 高木 剛, 櫻井 幸一

    電子情報通信学会技術研究報告. ISEC, 情報セキュリティ   2007年7月

     詳細を見る

    記述言語:英語  

    Assocaition Rules Mining is a frequently used technique which finds interesting associations and correlation relationships among large set of data items that occur frequently together in varieties of social and bussiness area. For the coopertional distributed assocaition rules mining, privacy-preserving techniques are strongly needed. In this paper, we employ frequent-pattern tree (FP-tree) structure storing compressed, crucial information about frequent patterns, and develop an efficient and secure FP-treebased mining method. We show that our protocol is collusion resistant, which means that even if all dishonest respondents collude with a dishonest data minerin an attempt to learn the associations between honest respondents and their responses, they will be unable to do so.

  • A-7-24 Privacy-Preserving Density Estimation-based Clustering via Random Data Perturbation

    蘇 春華, 鮑 峰, 周 建英, 高木 剛, 櫻井 幸一

    電子情報通信学会総合大会講演論文集   2007年3月

     詳細を見る

    記述言語:日本語  

    A-7-24 Privacy-Preserving Density Estimation-based Clustering via Random Data Perturbation

  • Private Data Clustering based on Secure Approximation

    SU Chunhua, BAO Feng, ZHOU Jianying, SAKURAI Kouichi

    情報理論とその応用シンポジウム予稿集 = The proceedings of the Symposium on Information Theory and Its Applications   2006年11月

     詳細を見る

    記述言語:英語  

    Private Data Clustering based on Secure Approximation

  • IDベース暗号、バイオメトリック認証における失効問題についての比較

    泉昭年, 上繁義史, 櫻井幸一

    情報処理学会研究報告コンピュータセキュリティ(CSEC)   2006年7月

     詳細を見る

    記述言語:日本語  

    IDベース暗号においては、、そのものを公開鍵として扱うことで公開鍵とその所有者の関連付けを行い、バイオメトリック本人認証においては、登録されているテンプレートを抽出することの出来る生体情報を所有するのは本人だけであるという事実に基づいて本人認証を行う。このように本人の個人情報から抽出できる電子データは、本人との関連付けが比較的強いものであるが反面、盗難・紛失に際しての失効・再登録が困難である。個人'情報から作成・抽出されるデータをどのようにして失効させるかという着眼から本論分では、ベース暗号、バイオメトリック認証における失効問題の比較・考察を行う。

  • プライバシー保護した分散的Fキュメントクラスタリング

    蘇春華, 周建英, 鮠豊, 櫻井 幸一

    情報処理学会研究報告コンピュータセキュリティ(CSEC)   2006年7月

     詳細を見る

    記述言語:英語  

    Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment it may involve the users' privacy of their own document. In this paper we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties each having their private documents want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties.Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment, it may involve the users' privacy of their own document. In this paper, we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties, each having their private documents, want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties.

  • プライバシー保護した分散的ドキュメントクラスタリング

    蘇 春華, 周 建英, 鮑 豊, 櫻井 幸一

    電子情報通信学会技術研究報告. ISEC, 情報セキュリティ   2006年7月

     詳細を見る

    記述言語:英語  

    Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment, it may involve the users' privacy of their own document. In this paper, we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties. each having their private documents, want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties.

  • ネットワークセキュリティ

    Amril Syalim, Toshihiro Tabata, Kouichi Sakurai

    情報処理学会論文誌   2006年2月

     詳細を見る

    記述言語:英語  

    A database service provider (DSP) is a provider of an Internet service for maintaining data so that users can access their data any time and anywhere via the Internet. The DSP model involves several challenges including the issue of data confidentiality.A database service provider (DSP) is a provider of an Internet service for maintaining data so that users can access their data any time and anywhere via the Internet. The DSP model involves several challenges, including the issue of data confidentiality.

  • Information Security Conference (ISC)/International Workshop for Applied PKI(IWAP)/Secure Mobile Ad-hoc Networks and Sensors (MADNES) 参加報告

    長野 文昭, 上繁 義史, 櫻井 幸一

    情報処理学会研究報告コンピュータセキュリティ(CSEC)   2005年12月

     詳細を見る

    記述言語:日本語  

    本稿では,今年9 月21 日から23 日にシンガポールのセントーサにて開催されたInformation Security Conference(ISC),International Workshop for Applied PKI (IWAP),Secure Mobile Ad-hoc Networks and Sensors(MADNES) について,その概要を報告する.This paper reports Information Security Conference (ISC), International Workshop for Applied PKI (IWAP), and Secure Mobile Ad-hoc Networks and Sensors (MADNES) held on September 20-23, 2005 at Sentosa, Singapore.

  • ワンタイムID鍵交換プロトコルの設計, および様相論理による安全性検証

    今本 健二, 櫻井 幸一

    電子情報通信学会技術研究報告. AI, 人工知能と知識処理   2005年10月

     詳細を見る

    記述言語:日本語  

    既知共有鍵モデルにおけるユーザの身元識別情報の漏えいを防ぎ, 拡張性の高いシステムを構成するため, 使い捨ての識別情報"ワンタイムID"を用いた3者モデルのDiffie-Hellmanベース鍵交換プロトコルを提案する.また, 本論文ではこの方式に対し, 様相論理に基づいた形式的検証法のひとつであるSVOロジック[1], [2]を用いて, プロトコルの安全性検証を行う.また, 既存のワンタイムID生成法を考察する.

  • プライバシー保護したK-meansクラスタリング対話型プロトコル

    蘇 春華, 櫻井 幸一

    電子情報通信学会技術研究報告   2005年9月

     詳細を見る

    記述言語:英語  

    K-means clustering is a powerful and frequently used technique of Data mining, the traditional techniques which require access to precise information in individual records will cause privacy problem. For this concern, privacy-preserving k-means technique is needed. In this paper, we consider a scenario in which two parties owning confidential databases wish to run a k-means clustering algorithm to do data mining task on the union of their databases, without revealing any unnecessary information under the semi-honest model. We focus on the problem of k-means clustering algorithm and give out a proposal which can deal with both numeric data and non-numeric data to execute the k-means clustering algorithm while preserving the privacy. The former research results often employ either Trust Third Party or cryptographic methods with too much complexity and cannot process the non-numeric attributes. Our solution is using the secure multi-party computation techniques to construct privacy-preserving k-means clustering protocols with less communication and computational complexity, and we show our solution can process the non-numeric attributes over two parties' databases.

  • M-004 Preserving-preserving Multi-party Statistical Computation

    蘇 春華, 櫻井 幸一

    情報科学技術フォーラム一般講演論文集   2005年8月

     詳細を見る

    記述言語:英語  

    The rapid development of Internet provides us tremendous opportunities for cooperative computations. As a new technology, Data Mining can extract valuable knowledge from large among of data. And statistical computation is a major tool used in data mining. However, the collected data may contain the sensitive Information or privacy of individual or company. This privacy concern may prevent them to share their data for the cooperation. In paper, we proposed some protocols for privacy-preserving statistical computation over the distributed databases in the network environment. Our protocols are based on the data perturbation and cryptographic techniques.

  • クラス構造変換手法を用いたJavaプログラムへの利用者識別情報の埋め込み手法

    福島 和英, 田端 利宏, 田中 俊昭, 櫻井 幸一

    情報処理学会論文誌   2005年8月

     詳細を見る

    記述言語:日本語  

    ソフトウェアの盗用を立証するために,利用者の識別情報をプログラムに埋め込むことが考えられる.門田らによって,Javaクラスファイルに任意の文字列を埋め込む手法が提案されている.しかし,この手法は,すべてのクラスファイルに同一の情報を埋め込むことを前提としている.このため,この手法を用いて利用者ごとに異なる識別情報を埋め込んだ場合,複数のプログラムを比較することで埋め込み部分がただちに判明してしまう.本研究ではJavaプログラムのクラス構造を変換することで,電子透かしの埋め込み位置の特定を難しくすることを検討する.Embedding personal identifiers as watermarks to software is effective in order to protect copyright of them. Monden et al. proposed program watermarking scheme for embeddingarbiter character sequence to target Java class files. But their scheme can be used to embed only the same watermarking to all the programs. Thus, if we apply their scheme to embed users' personal identifiers, the watermark can be specified by comparing two or more users' program. This paper improve the problem by using a class structure transformation.

  • 個人リポジトリの検証機構を備えたオンラインのバイオメトリック認証のフレームワーク

    上繁 義史, 櫻井 幸一

    電子情報通信学会技術研究報告. ISEC, 情報セキュリティ   2005年7月

     詳細を見る

    記述言語:日本語  

    バイオメトリック認証は正当な利用者の識別において有望な技術として知られている.インターネットなどのオープンなネットワークにおける利用も期待されているが, その一方でバイオメトリックロウデータやテンプレートデータなどのバイオメトリック情報漏洩により個人情報の漏洩が懸念される.そこで, 本論文ではバイオメトリック認証の段階でバイオメトリック情報と氏名等の情報が同時に漏洩しないために, バイオメトリックテンプレート, 公開鍵証明書などを格納した個人リポジトリを利用したバイオメトリック認証のフレームワークを提案する.このフレームワークでは個人リポジトリを検証する仕組みを設けることにより所有者の正当性が検証できる.

  • 個人リポジトリ検証機構を備えたオンラインのバイオメトリック認証のフレームワーク

    上繁 義史, 櫻井 幸一

    情報処理学会研究報告コンピュータセキュリティ(CSEC)   2005年7月

     詳細を見る

    記述言語:日本語  

    バイオメトリック認証は正当な利用者の識別において有望な技術として知られている。インターネットなどのオープンなネットワークにおける利用も期待されているが、その一方でバイオメトリックロウデータやテンプレートデータなどのバイオメトリック情報漏洩により個人情報の漏洩が懸念される。そこで、本論文ではバイオメトリック認証の段階でバイオメトリック情報と氏名等の情報が同時に漏洩しないために、バイオメトリックテンプレート、公開鍵証明書などを格納した個人リポジトリを利用したバイオメトリック認証のフレームワークを提案する。このフレームワークでは個人リポジトリを検証する仕組みを設けることにより所有者の正当性が検証できる。Biometric authentication is remarkable with respect to identification legitimate users. Biometric authentication is hopeful of service on the internet as reinforcement for conventional authentication such as ID and password, however, biometric information 窶殿cquisition raw data and template data- is unrenewable even though the data is compromised. We propose a framework of online biometric authentication with verification of validity of user's personal repository based on PKI. In this framework, information of biometrics authentication (certificate of templates) is related to not process by verifying validity of the user's personal repository.

  • 第三者機関を利用したワンタイムIDシステムの様相論理による安全性検証

    今本 健二, 櫻井 幸一

    電子情報通信学会技術研究報告. ISEC, 情報セキュリティ   2003年12月

     詳細を見る

    記述言語:日本語  

    CSS2003において,既知共有鍵モデルにおけるユーザの身元識別情報の漏えいを防ぎ,拡張性の高いシステムを構成するため,使い捨ての識別情報"ワンタイムID"を用いた3者モデルのDiffie-Hellmanベース鍵交換プロトコルを提案した.本論文ではこの方式に対し,様相論理に基づいた形式的検証法のひとつであるSVOロジックを用いて,プロトコルの安全性検証を行う.また,既存のワンタイムID生成法を考察する.

  • 認証局と販売者の共謀攻撃に対して安全な匿名消費者-販売者透かし方式

    崔 在貴, 櫻井 幸一, 朴 志煥

    電子情報通信学会技術研究報告. ISEC, 情報セキュリティ   2003年7月

     詳細を見る

    記述言語:日本語  

    消費者-販売者透かしプロトコルはコンテンツに消費者の情報を挿入することによって不正コピーを抑制する,著作権保護の技術の一つである.本論文では,最近,提案された2つの匿名消費者-販売者透かしプロトコルの弱点を指摘する.この2つのプロトコルは認証局と販売者が共謀する場合,プロトコルの安全性が損なわれる壊れる問題点を持っている.また,本論文で我々は可換暗号を利用することよって,この問題を解決した消費者-販売者透かしプロトコルを提案する.

  • クラスファイル変換による難読化を用いた JAVA への個人識別情報の埋め込み

    福島 和英, 櫻井 幸一

    電子情報通信学会技術研究報告. ISEC, 情報セキュリティ   2003年5月

     詳細を見る

    記述言語:日本語  

    JAVAプログラムの盗用を防ぐための方法として,購入者の個人識別情報をプログラム中に埋め込むことが考えられる.門田[14]らによって,JAVAプログラム中に任意の文字列を挿入する方法が提案されているが,すべてのプログラムに同一の情報を埋め込むことを前提としている.そのためこの手法を用いて購入者ごとに異なる個人情報を埋め込んだ場合,複数のプログラムを比較することで埋め込み部分が直ちに判明してしまう.本研究ではクラスファイル変換によるJAVAの難読化手法[16]を利用することでこの問題を解決し,クラスファイルのセキュリティを高める.さらに,我々は実験的な手法により難読化,電子透かしの評価を試みる.

  • 認証・拡張性を考慮した配達証明付き電子メールの一提案

    今本 健二, 櫻井 幸一

    電子情報通信学会技術研究報告. ISEC, 情報セキュリティ   2002年7月

     詳細を見る

    記述言語:日本語  

    近年のインターネットの普及に伴い、ネットワークを介したビジネスが拡大してきている。公平な契約には、認証・秘匿性・完全性・非拒否性・公平性・効率性などの性質が必要である。インターネットを介した契約においてこのような機能を実現するシステムとして、配達保証付き電子メールがある。このシステムには様々な方式が考えられているが、特にAbadiらの方式[AGHP02]は必要な通信回数が少なく、TTPへの送信量も少ない。しかしAbadiらの方式では、送信者と受信者が共有しているパスワードによって送信者の認証を行うため、取引相手が増えるほど、両ユーザーにとってパスワードを用意・管理する負担が大きくなる。そこで本論文ではAbadiらの方式で行われている認証方法を修正し、送信者もTTPとパスワードの前登録を行わせるように変更することによって、取引相手がいくら増えたとしてもユーザー側はパスワードをひとつだけ用意すれば良い方式を提案する。

  • ブロック暗号における秘密鍵の平文ブロックのマスクについて : 2-key XCBC によるMAC生成スキームの安全性

    古屋 聡一, 櫻井 幸一

    電子情報通信学会技術研究報告. ISEC, 情報セキュリティ   2002年7月

     詳細を見る

    記述言語:日本語  

    2-key XCBCは盛合今井が提案したCBC-MACに基づくMAC生成手法である。この方式は、秘密PRPの呼出回数、鍵セットアップ回数、鍵資源の数の観点からもっとも効率的な手法であり、また呼び出す秘密PRPの安全性に基づいてMACとしての安全性が証明されている。本稿では、2-key XCBCの本質である、秘密鍵を平文にマスクすること、の安全性への影響について議論する。PRPが特別な置換に限定される場合として、Even-Mansour構築を使ったある2-key XCBCの例では攻撃者が改竄可能であることを示す。また2-key XCBCにDESX constrctionを使った例では、このスキームを攻撃するのに必要な計算量が、DESXが証明する安全性の下限を下回ることを示す。さらに別の観点からの安全性の評価として、2-key XCBCをAESやCamelliaに用いた場合の安全性についても議論する。

▼全件表示

所属学協会

  • ACM

  • IEEE

  • 日本数学会

  • 情報処理学会

  • 電子情報通信学会

  • 応用数理学会

  • 人工知能学会

  • 国際暗号学会

  • 国際暗号学会

▼全件表示

委員歴

  • 人工知能学会 AIセキュリティ研究会   主査   国内

    2022年4月 - 2024年3月   

  • 電子情報通信学会   シニア会員   国内

    2020年12月 - 2025年7月   

  • 情報処理学会   シニア会員   国内

    2020年9月 - 2027年9月   

  • 電子情報通信学会/情報通信セキュリティ研究会   運営委員   国内

    2020年4月 - 2021年4月   

  • 電子情報通信学会/情報通信セキュリティ研究会   専門委員   国内

    2020年4月 - 2021年4月   

  • 電子情報通信学会   運営委員   国内

    2016年6月 - 2017年5月   

  • 電子情報通信学会   英文A(基礎境界)編集委員長   国内

    2016年6月 - 2017年5月   

  • ACM Asia Conference on Computer and Communication Security   評議員   国際

    2015年6月 - 2018年6月   

  • ACM Asia Conference on Computer and Communication Security   Steering Committee (諮問委員)   国際

    2015年6月 - 2018年6月   

  • 電子情報通信学会   英文A編集委員長   国内

    2015年6月 - 2017年5月   

  • 電子情報通信学会 情報セキィリティ研究会   顧問   国内

    2015年6月 - 2016年5月   

  • 電子情報通信学会 情報セキュリティ研究会 委員長   幹事   国内

    2014年5月 - 2015年5月   

  • 電子情報通信学会 情報セキュリティ研究会 委員長   情報セキュリティ研究会 委員長   国内

    2014年5月 - 2015年5月   

  • 電子情報通信学会・情報セキュリティ研究会・副委員長   副委員長   国内

    2012年5月 - 現在   

▼全件表示

学術貢献活動

  • PC Chair 国際学術貢献

    The 4th International Conference on Science of Cyber Security - SciSec 2022  ( Matsue Japan ) 2022年8月

     詳細を見る

    種別:大会・シンポジウム等 

    参加者数:50

  • General Chair 国際学術貢献

    the 2022 ACM on Asia Conference on Computer and Communications Security  ( NAGASAKI Japan ) 2022年5月 - 2022年6月

     詳細を見る

    種別:大会・シンポジウム等 

    参加者数:250

  • 主催長/General Chair 国際学術貢献

    ACM AsiaCCS 2022  ( 長崎/出島メッセ ) 2022年5月 - 2022年6月

     詳細を見る

    種別:大会・シンポジウム等 

  • One of General Co-chairs 国際学術貢献

    2020 IEEE International Conference on Blockchain (Blockchain-2020)  ( Rhodes Island Greece ) 2020年11月

     詳細を見る

    種別:大会・シンポジウム等 

  • One of PC-chairs 国際学術貢献

    1st INTERNATIONAL CONFERENCE ON SECURITY & PRIVACY (ICSP2020)  ( National Institute of Technology Jamshedpur, India & Online India ) 2020年9月

     詳細を見る

    種別:大会・シンポジウム等 

    参加者数:80

  • 学術論文等の審査

    役割:査読

    2020年

     詳細を見る

    種別:査読等 

    外国語雑誌 査読論文数:5

    日本語雑誌 査読論文数:1

    国際会議録 査読論文数:20

    国内会議録 査読論文数:0

  • One of General Chairs 国際学術貢献

    IEEE Cyber Science and Technology Congress (CyberSciTech) 2019  ( Fukuoka Japan ) 2019年8月

     詳細を見る

    種別:大会・シンポジウム等 

    参加者数:150

  • サイバーセキュリティテクニカルアドバイサー

    役割:審査・評価

    九州管区l警察局  2019年4月 - 2020年3月

     詳細を見る

    種別:審査・学術的助言 

  • 学術論文等の審査

    役割:査読

    2019年

     詳細を見る

    種別:査読等 

    外国語雑誌 査読論文数:2

    日本語雑誌 査読論文数:0

    国際会議録 査読論文数:10

    国内会議録 査読論文数:0

  • PC-cochair 国際学術貢献

    2nd ACM Workshop on Blockchain, Cryptocurrencies and Contracts (BCC'18)  ( 仁川 ) 2018年6月

     詳細を見る

    種別:大会・シンポジウム等 

    参加者数:40

  • One of Program Chairs 国際学術貢献

    4th ICMC/ International Conference on Mathematics and Computing  ( IIT VARANASHI India ) 2018年1月

     詳細を見る

    種別:大会・シンポジウム等 

    参加者数:50

  • サイバーセキュリティテクニカルアドバイサー

    役割:審査・評価

    九週管区警察局  2017年6月 - 2018年3月

     詳細を見る

    種別:審査・学術的助言 

  • PC co-chair 国際学術貢献

    1at ACM Workshop on Blockchain, Cryptocurrencies and Contracts (BCC'18)  ( Abu Dhabi, NYU UnitedArabEmirates ) 2017年4月

     詳細を見る

    種別:大会・シンポジウム等 

    参加者数:30

  • 九週管区警察局サイバーセキュリティテクニカルアドバイサー

    役割:審査・評価

    九週管区警察局  2016年5月 - 2017年3月

     詳細を見る

    種別:審査・学術的助言 

  • 座長(Chairmanship)

    Ieie 総合大会  ( 九大 伊都キャンパス ) 2016年3月

     詳細を見る

    種別:大会・シンポジウム等 

  • workshop chair 国際学術貢献

    The 2014 7th IEEE International Conference on Service Oriented Computing and Application(SOCA)  ( Matsue Japan ) 2014年11月

     詳細を見る

    種別:大会・シンポジウム等 

    参加者数:70

  • General Co-Chair 国際学術貢献

    The 9th International Workshop on Security (IWSEC 2014)  ( 弘前 ) 2014年8月

     詳細を見る

    種別:大会・シンポジウム等 

    参加者数:70

  • PC-CoChair 国際学術貢献

    The 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2014)  ( 京都 ) 2014年6月 - 2015年6月

     詳細を見る

    種別:大会・シンポジウム等 

    参加者数:120

  • PC委員 国際学術貢献

    INDOCRYPTO2010  ( Hyderabad India ) 2010年12月

     詳細を見る

    種別:大会・シンポジウム等 

  • 副委員長(2005~2009)

    情報通信システムセキュリティ(ICSS)時限研究専門委員会  ( Japan ) 2005年10月 - 現在

     詳細を見る

    種別:大会・シンポジウム等 

▼全件表示

その他

  • 人工知能の安全性とセキュリティ

    2021年3月

     詳細を見る

    人工知能学会にAI-safety/security第2種研究会の設立提案を代表として行った。
     残念ながら、採択には至らなかったが、次回/次年度の再申請へ向けて準備を進めている。
    同時に、学会傘下ではない、単独の研究協議会として、2021年内の発足/発動開始へ向けて、
    主援機関であるDNVジャパンと準備を始めた。

  • ACM AsiaCCS workshop "BlockChains, CryptoCurrencies, and Contracts"

    2017年6月

     詳細を見る

    国際研究集会:ブロックチェーンに関しては, 2016年から準備を始め, インド統計機構のRuj(現・CSIRO)とマイクロソフト(バンガロール研)のSatyaらと連携し, ACM AsiaCCS 2017 併設ワークショップ BlockChains, CryptoCurrencies, and Contracts を立ち上げた. 続く第2回は韓国で2018の6月に開催した.
    2021年は香港、2022年は日本(長崎)での開催を計画している。

  • 暗号アルゴリズムとプロトコルの理論と応用

    2013年3月

     詳細を見る

    暗号アルゴリスムとプロトコルの設計と解析、およびネットワークセキュリティでも数理解析的手法を必要とされる分野に焦点をあてた研究を行う。日本側は、暗号アルゴリズムの設計や実装をはじめとする情報セキュリティ技術で先行しており、実際のシステムのモデル化を通して、多様な環境における最適な暗号通信方式の確立を担当する。片やインド側は、伝統的に数理統計をはじめとする理論解析の強みを生かし、日本側の設計した方式の安全性評価や、ネットワークにおける不正な攻撃者の挙動データの解析を行う。日印それぞれの強みを生かし、連携・補完する形で交流を行い、単独では得られない研究成果を得ることを目的とする。

  • 数理科学的手法による暗号アルゴリズム解析とネットワークセキュリティ強化評価

    2013年3月

共同研究・競争的資金等の研究課題

  • 偏在計算資源の活用による巨大モデルに対する連合学習・連合アンラーニング技術の確立

    研究課題/領域番号:24K02932  2024年4月 - 2027年3月

    科学研究費助成事業  基盤研究(B)

    李 鵬, Ben.A Abderazek, 櫻井 幸一, 策力 木格

      詳細を見る

    資金種別:科研費

    本研究では、さまざまな所に偏在するデータと計算資源を活用し、巨大AIモデルの連合学習 (Federated Learning)を効率的に実行可能とする技術の研究開発することである。元の巨大AIモデルを多数の小型「専門家」モデルに再構築し、それぞれのデイバスが特定のデータに対して最適化される専門家モデルの連合学習技術を確立する。さらに、特定のデータをモデルから「忘れる」権利を保障するために、巨大モデルの連 合アンラーニング(Federated Unlearning)を研究する。

    CiNii Research

  • IoT応用のための連合学習システムの効率化とプライバシー強化

    研究課題/領域番号:24KF0065  2024年4月 - 2026年3月

    科学研究費助成事業  特別研究員奨励費

    櫻井 幸一, LIAN ZHUOTAO

      詳細を見る

    資金種別:科研費

    本研究は、IoT環境におけるデータのプライバシー問題に対応するため、データをローカルに処理し結果のみを共有する連合学習システムを開発する。これは、個人情報の漏洩リスクを減らし、データの有効活用を可能にする。具体的には、通信の効率を高め、プライバシー保護をさらに強化する技術とメカニズムを導入することを計画している。この研究により、医療、交通、都市計画などの分野で安全なデータ利用が期待される。

    CiNii Research

  • JST-DST日印交流研究 国際共著

    2023年7月 - 2024年3月

    JST(日本) 

      詳細を見る

    担当区分:研究代表者 

    IIIT-DMJと人工知能セキュティの研究を行う。

  • 高速移動に伴う二重選択性通信路を介した通信及びセンシングの基礎理論構築

    研究課題/領域番号:23K26104  2023年4月 - 2027年3月

    科学研究費助成事業  基盤研究(B)

    實松 豊, 大橋 正良, 櫻井 幸一, 牟田 修, 篠原 克寿, 森 慎太郎

      詳細を見る

    資金種別:科研費

    本研究では、海、空、宇宙空間における通信とセンシングを行う信号処理の基礎理論構築を目指す。海中音響通信や低軌道衛星通信で課題となるのは大きなドップラー周波数である。センシングでは物体までの距離を十分高い精度で測定することを目標とする。
    本研究では、申請者らが過去に提案したGabor分割スペクトル拡散(GDSS)信号を拡張し、ドップラー周波数対策のための送信信号の設計、効果的なドップラー周波数の検出法、二重選択性フェージングの補償、高い時間周波数分解能を達成するとともに、MIMO通信/レーダまで構築することを目標とする。

    CiNii Research

  • スマート化IoT環境向けの物理層に基く暗号鍵管理とデータ信頼性確保方式

    研究課題/領域番号:23K11103  2023年4月 - 2026年3月

    科学研究費助成事業  基盤研究(C)

    SU Chunhua, 櫻井 幸一

      詳細を見る

    資金種別:科研費

    本研究はスマート化IoT環境において物理層の情報の利用を特化し,無線チャネルの予測不可能でランダム性を活用して,計算量が少なく,鍵関連の情報を事前保存が不要という利点を最大限に利用してIoT機器のセキュリティの基盤技術である鍵生成・共有とそのデータの信頼性を確保のフレームワークを構築することである.また,既存研究で検討されていない中継攻撃,注入攻撃,中間者攻撃を取り入れて安全性を強化する.さらにIoT機器の展開におけるセキュリティを向上するため,攻撃や異常の検出のため連合学習のような機械学習フレームワークの構築を試み,サイバーフィジカルセキュリティ向けの機械学習の従来手法より効率向上を行う.

    CiNii Research

  • AIセキュリティ

    2023年1月 - 2023年12月

    受託研究

      詳細を見る

    担当区分:研究代表者  資金種別:その他産学連携による資金

  • SCAT研究助成

    2023年

      詳細を見る

    資金種別:寄附金

  • 分権民主暗号基盤での電子投票方式の設計と理想的安全性の探究

    研究課題/領域番号:22K12029  2022年 - 2024年

    日本学術振興会  科学研究費助成事業  基盤研究(C)

    櫻井 幸一, 上繁 義史

      詳細を見る

    担当区分:研究代表者  資金種別:科研費

    インターネット投票の実現への重要課題である票売買と強制投票を防ぐ電子選挙方式の設 計を目指す. 投票者ですら投票事実を第三者には証明できない無証拠性を満たす方式を, ブロックチェーン基盤で実現できるかを解明する. 現在は, 投票所における投票ブースでの無記名投票により, 第三者が介入する不正を防いでいるが, この投票ブースを, 電子的にオンラインで実現が可能かどうか, この技術的な限界も含めて, 分散暗号計算論に基づき明らかにする.

    CiNii Research

  • 研究調査助成/Ai暗号

    2022年

      詳細を見る

    資金種別:寄附金

  • SCAT研究助成

    2022年

      詳細を見る

    資金種別:寄附金

  • SCAT研究助成

    2021年

      詳細を見る

    資金種別:寄附金

  • ガウス波形による2次元BPSK変調信号を用いた最尤推定レーダの研究開発

    2019年

    総務省SCOPE

      詳細を見る

    担当区分:研究分担者  資金種別:受託研究

  • 無証拠性・耐強制性・否認可能性を保証するプライバシ保護が可能な認証プロトコル

    研究課題/領域番号:18K11297  2018年4月 - 2023年3月

    科学研究費助成事業  基盤研究(C)

    上繁 義史, 櫻井 幸一, 穴田 啓晃

      詳細を見る

    資金種別:科研費

    無証拠性,耐強制性,否認可能性を持つ認証プロトコルの構築を目的として研究を行った。主要な成果は次の通りである。(1)匿名性と無効化を同時に実現する暗号を用いた認証の仕組みとして,失効機能を備えた匿名否認が可能な述語認証スキームを提案した。(2)ブロックチェーンを用いた電子投票における無証拠性と耐強制性の研究(11件)の評価を行った。その多くの方式において,無証拠性の議論はあるが,耐強制性の保証が難しいことが判明した。(3)認証の無証拠性と耐強制性について,証拠情報に基づき定義を行った。さらに定義を適切に行うため,生体認証について,正当な利用者に認証行為を強制しうるシナリオを提示した。

    CiNii Research

  • 暗号仮想通貨群のセキィリティとプライバシーに関する体系的理論評価

    研究課題/領域番号:18H03240  2018年 - 2020年

    日本学術振興会  科学研究費助成事業  基盤研究(B)

      詳細を見る

    担当区分:研究代表者  資金種別:科研費

  • ブロックチェーン

    2018年

      詳細を見る

    資金種別:寄附金

  • ステガノグラフィとテンプレートマッチングの併用技術の確立

    2017年4月 - 2017年3月

    共同研究

      詳細を見る

    担当区分:研究代表者  資金種別:その他産学連携による資金

  • 戦略的国際共同研究プログラム(SICORP)「国際共同研究拠点」 「安全な IoT サイバー空間の実現」 国際共著

    2016年8月 - 2020年5月

    JST 

      詳細を見る

    担当区分:研究分担者 

    本プロジェクトでは,複雑なIoT機器,ネットワーク,サーバおよび様々な情報で構成されるIoT空間のセキュア化を,インド工科大学デリー校の電気・電子技術と九州大学の情報科学技術を融合させ実現する.さらに本プロジェクトでは,研究開発に留まらず,IoT空間サービスを提供する人間やそのサービスを利用する人間が安全にIoT空間を利用するための訓練や教育を実施する.
     本プロジェクトでは,上記の研究課題を6つのWorking Package(WP)に分けて,各WPがお互いに協力し合いながら研究を進めていく(下図を参照).また,各WPには,インド側と日本側のそれぞれの研究代表者を配置しており,WP内でインドの研究者グループと日本の研究者グループが互いに交流しながら研究の成果を公表していく.

  • zero-watermarking型ステガノグラフィ技術の確立と周波数分析方法

    2015年4月 - 2016年3月

    共同研究

      詳細を見る

    担当区分:連携研究者  資金種別:その他産学連携による資金

  • 分権管理型暗号認証基盤の構築と応用システムの設計と解析

    研究課題/領域番号:15H02711  2015年 - 2017年

    日本学術振興会  科学研究費助成事業  基盤研究(B)

      詳細を見る

    担当区分:研究代表者  資金種別:科研費

  • 暗号原理を用いたセキュア通信システムの数学的設計と解析における計算論的側面 国際共著

    2014年6月 - 2016年3月

    日本 

      詳細を見る

    担当区分:研究代表者 

  • “暗号原理を用いたセキュア通信 システムの数学的設計と解析における計算論的側面”

    2014年 - 2015年

    日本学術振興会  二国間交流

      詳細を見る

    担当区分:研究代表者  資金種別:共同研究

  • 財団法人・九州先端科学技術研究所・情報セキュリティ研究室・室長

    2013年4月 - 2016年3月

    共同研究

      詳細を見る

    資金種別:その他産学連携による資金

  • 確率検査証明理論に基づく非対話型ゼロ知識証明の構成理論と暗号系への実用強化

    研究課題/領域番号:25540004  2013年 - 2015年

    科学研究費助成事業  挑戦的萌芽研究

      詳細を見る

    担当区分:研究代表者  資金種別:科研費

  • 情報セキュリティ技術およびその標準化に関する委託研究

    2012年5月 - 2013年3月

    受託研究

      詳細を見る

    担当区分:研究代表者  資金種別:その他産学連携による資金

  • 財団法人・九州先端科学技術研究所・情報セキュリティ研究室・室長

    2012年4月 - 2013年3月

    共同研究

      詳細を見る

    資金種別:その他産学連携による資金

  • サイバーシステムにおける内部攻撃脅威に対する評価指標確立と体系的対策研究

    研究課題/領域番号:23300027  2011年 - 2013年

    日本学術振興会  科学研究費助成事業  基盤研究(B)

      詳細を見る

    担当区分:研究代表者  資金種別:科研費

  • 暗号技術

    2010年5月 - 2011年3月

    共同研究

      詳細を見る

    担当区分:研究代表者  資金種別:その他産学連携による資金

  • 数理科学的手法による暗号アルゴリズム解析とネットワークセキュリティ強化評価

    2008年4月 - 2013年3月

    受託研究

      詳細を見る

    担当区分:研究代表者  資金種別:その他産学連携による資金

  • 暗号アルゴリズム解析と数理学に基づくネットワークセキュリティ強化の評価@{情報通信技術と他の分野を結合した複合領域}/JST&DST 国際共著

    2006年12月 - 2013年3月

    JST 

      詳細を見る

    担当区分:研究代表者 

    2006年12月8日に科学技術振興機構(JST)と インド国科学技術庁(DST)との間で 締結された覚書を基に,JSTとDSTは 「情報通信技術と他の分野を結合した複合領域」 (「ICT複合領域」)における 日本とインドの共同研究プロジェクトの ファンドプログラムに着手してきました. この財的支援は主に二国間の研究交流の強化を目的とすると共に 特に研究者同士の相互訪問や共同会議実施に重点が置かれています. 採択されたプロジェクトは3年間に渡って支援を受けることができます.

    「暗号アルゴリズム解析と数理学に基づくネットワークセキュリティ強化の評価」は 採択された共同プロジェクトの一つであり, 日本の櫻井教授,インドのRoy教授による主導の元,2008年から開始しました. このプロジェクトはJSTとDSTから研究資金の支援を受けています.

  • 高速暗号方式と解析に関する研究

    2004年10月 - 2005年3月

    共同研究

      詳細を見る

    担当区分:研究代表者  資金種別:その他産学連携による資金

  • 暗号アルゴリズムとその実装に関する安全性評価

    2004年8月 - 2005年3月

    共同研究

      詳細を見る

    担当区分:研究代表者  資金種別:その他産学連携による資金

  • セキュリティシステムの安全性評価と対策技術に関する共同研究

    2004年2月 - 2005年3月

    共同研究

      詳細を見る

    担当区分:研究代表者  資金種別:その他産学連携による資金

  • 暗号システムに対する実装攻撃の適用と限界に関する計算論的研究

    研究課題/領域番号:16092221  2004年 - 2007年

    科学研究費助成事業  特定領域研究

      詳細を見る

    担当区分:研究代表者  資金種別:科研費

  • 暗号認証システムにおける双対性原理の確立と応用

    研究課題/領域番号:16016270  2004年 - 2005年

    科学研究費助成事業  特定領域研究

      詳細を見る

    担当区分:研究代表者  資金種別:科研費

  • オペレーティングシステムのセキュリティ機能に関する調査研究

    2004年 - 2005年

    財団法人 情報科学国際交流財団 SSR産学戦略的研究フォーラム 平成16年度プロポーザル 海外連携型調査研究

      詳細を見る

    担当区分:研究代表者  資金種別:受託研究

  • システム情報科学研究院研究資金

    2004年

      詳細を見る

    資金種別:寄附金

  • システム情報科学研究院研究資金

    2004年

      詳細を見る

    資金種別:寄附金

  • システム情報科学研究院研究資金

    2004年

      詳細を見る

    資金種別:寄附金

  • 暗号アルゴリズムの実装攻撃に対する耐性評価に関する体系的研究

    研究課題/領域番号:15300004  2003年 - 2005年

    日本学術振興会  科学研究費助成事業  基盤研究(B)

      詳細を見る

    担当区分:研究代表者  資金種別:科研費

  • ソフトウェア難読化技術の安全性に関する理論的解析と統一的性能指標の確立

    研究課題/領域番号:15650002  2003年 - 2004年

    科学研究費助成事業  萌芽研究

      詳細を見る

    担当区分:研究代表者  資金種別:科研費

  • インターネット妨害障害に対する暗号論的対策技術の研究

    2003年 - 2004年

    平成15年度 セコム科学技術振興財団研究助成

      詳細を見る

    担当区分:研究代表者  資金種別:受託研究

  • 2005年度戦略的ソフトウエア研究(SSR)海外連携型調査研究

  • 計算機システムのセキュリティ機能に関する日中韓連携調査研究

▼全件表示

教育活動概要

  • 2022年より確率・統計(電気情報学科)~2023年継続
    平成26年より データベース(電気情報学科)~令和3年継続
    平成27年よりR2年までサイバーセキュリティ基礎論(基幹教育)[法学部クラス]〜令和2年継続[法学部と医学部クラス]

    平成21〜25年
     言語とオートマトン(電気情報学科) 〜令和3年/継続
     計算機科学入門(電気情報学科)
     暗号と情報セキュリティ(システム情報科学府)〜令和3年/継続

    平成11,12年度 応用数学D(数理学研究科)・応用数学4(工学研究科)
    『暗号と情報セキュリティの数理論』

担当授業科目

  • 確率・統計

    2023年4月 - 2023年9月   前期

  • データベースB

    2022年6月 - 2022年8月   夏学期

  • 情報理工学研究Ⅰ

    2022年4月 - 2023年3月   通年

  • 情報理工学講究

    2022年4月 - 2023年3月   通年

  • 情報理工学演習

    2022年4月 - 2023年3月   通年

  • 確率・統計

    2022年4月 - 2022年9月   前期

  • 情報理工学論議Ⅰ

    2022年4月 - 2022年9月   前期

  • 情報理工学論述Ⅰ

    2022年4月 - 2022年9月   前期

  • 情報理工学読解

    2022年4月 - 2022年9月   前期

  • データベース

    2022年4月 - 2022年9月   前期

  • 確率統計

    2022年4月 - 2022年9月   前期

  • 確率と統計

    2022年4月 - 2022年9月   前期

  • データベースA

    2022年4月 - 2022年6月   春学期

  • Cryptography and Information Security

    2022年4月 - 2022年6月   春学期

  • [Field of Cyber]Cryptography and Information Security

    2022年4月 - 2022年6月   春学期

  • Advanced Cryptography and Information Security

    2022年4月 - 2022年6月   春学期

  • 暗号と情報セキュリティ

    2022年4月 - 2022年6月   春学期

  • 【サイバー】暗号と情報セキュリティ

    2022年4月 - 2022年6月   春学期

  • 暗号と情報セキュリティ特論

    2022年4月 - 2022年6月   春学期

  • 形式言語とオートマトンB

    2021年12月 - 2022年2月   冬学期

  • 形式言語とオートマトン

    2021年10月 - 2022年3月   後期

  • 情報科学講究

    2021年10月 - 2022年3月   後期

  • 情報理工学演示

    2021年10月 - 2022年3月   後期

  • 情報学論議Ⅱ

    2021年10月 - 2022年3月   後期

  • 情報学論述Ⅱ

    2021年10月 - 2022年3月   後期

  • 形式言語とオートマトンA

    2021年10月 - 2021年12月   秋学期

  • データベースB

    2021年6月 - 2021年8月   夏学期

  • データベースB

    2021年6月 - 2021年8月   夏学期

  • Advanced Seminar in Informatics

    2021年4月 - 2022年3月   通年

  • 情報理工学研究Ⅰ

    2021年4月 - 2022年3月   通年

  • 情報理工学演習

    2021年4月 - 2022年3月   通年

  • 国際演示技法

    2021年4月 - 2022年3月   通年

  • 知的財産技法

    2021年4月 - 2022年3月   通年

  • ティーチング演習

    2021年4月 - 2022年3月   通年

  • 先端プロジェクト管理技法

    2021年4月 - 2022年3月   通年

  • Scientific English Presentation

    2021年4月 - 2022年3月   通年

  • Intellectual Property Management

    2021年4月 - 2022年3月   通年

  • Exercise in Teaching

    2021年4月 - 2022年3月   通年

  • Advanced Project Management Technique

    2021年4月 - 2022年3月   通年

  • 計算機科学基礎特別講究

    2021年4月 - 2022年3月   通年

  • Advanced Research in Fundamentals of Computer Science

    2021年4月 - 2022年3月   通年

  • 情報学特別講究第一

    2021年4月 - 2022年3月   通年

  • 情報学特別講究第二

    2021年4月 - 2022年3月   通年

  • 情報学特別演習

    2021年4月 - 2022年3月   通年

  • Advanced Research in Informatics I

    2021年4月 - 2022年3月   通年

  • Advanced Research in Informatics II

    2021年4月 - 2022年3月   通年

  • 言語とオートマトン

    2021年4月 - 2021年9月   前期

  • データベース

    2021年4月 - 2021年9月   前期

  • 情報理工学読解

    2021年4月 - 2021年9月   前期

  • [M2]情報学論述Ⅰ

    2021年4月 - 2021年9月   前期

  • [M2]情報学論議Ⅰ

    2021年4月 - 2021年9月   前期

  • データベースA

    2021年4月 - 2021年6月   春学期

  • データベースA

    2021年4月 - 2021年6月   春学期

  • 暗号と情報セキュリティ特論

    2021年4月 - 2021年6月   春学期

  • [M2]【サイバー】暗号と情報セキュリティ

    2021年4月 - 2021年6月   春学期

  • [M2]暗号と情報セキュリティ

    2021年4月 - 2021年6月   春学期

  • Advanced Cryptography and Information Security

    2021年4月 - 2021年6月   春学期

  • [M2][Field of Cyber]Cryptography and Information Security

    2021年4月 - 2021年6月   春学期

  • [M2]Cryptography and Information Security

    2021年4月 - 2021年6月   春学期

  • 暗号と情報セキュリティ

    2021年4月 - 2021年6月   春学期

  • 形式言語とオートマトンB

    2020年12月 - 2021年2月   冬学期

  • 形式言語とオートマトン

    2020年10月 - 2021年3月   後期

  • 情報学論議Ⅱ

    2020年10月 - 2021年3月   後期

  • 情報学論述Ⅱ

    2020年10月 - 2021年3月   後期

  • 情報学演示

    2020年10月 - 2021年3月   後期

  • 形式言語とオートマトン

    2020年10月 - 2021年3月   後期

  • 形式言語とオートマトンA

    2020年10月 - 2020年12月   秋学期

  • データベースB

    2020年6月 - 2020年8月   夏学期

  • 国際演示技法

    2020年4月 - 2021年3月   通年

  • 計算機科学基礎特別講究

    2020年4月 - 2021年3月   通年

  • Advanced Research in Fundamentals of Computer Science

    2020年4月 - 2021年3月   通年

  • 情報学特別講究第一

    2020年4月 - 2021年3月   通年

  • 情報学特別講究第二

    2020年4月 - 2021年3月   通年

  • 情報学特別演習

    2020年4月 - 2021年3月   通年

  • Advanced Research in Informatics I

    2020年4月 - 2021年3月   通年

  • Advanced Research in Informatics II

    2020年4月 - 2021年3月   通年

  • Advanced Seminar in Informatics

    2020年4月 - 2021年3月   通年

  • Advanced Project Management Technique

    2020年4月 - 2021年3月   通年

  • Exercise in Teaching

    2020年4月 - 2021年3月   通年

  • Intellectual Property Management

    2020年4月 - 2021年3月   通年

  • Scientific English Presentation

    2020年4月 - 2021年3月   通年

  • 先端プロジェクト管理技法

    2020年4月 - 2021年3月   通年

  • ティーチング演習

    2020年4月 - 2021年3月   通年

  • 知的財産技法

    2020年4月 - 2021年3月   通年

  • 情報学論議Ⅰ

    2020年4月 - 2020年9月   前期

  • データベース

    2020年4月 - 2020年9月   前期

  • 【サイバー】暗号と情報セキュリティ

    2020年4月 - 2020年9月   前期

  • 暗号と情報セキュリティ

    2020年4月 - 2020年9月   前期

  • 情報学読解

    2020年4月 - 2020年9月   前期

  • 情報学論述Ⅰ

    2020年4月 - 2020年9月   前期

  • サイバーセキュリティ基礎論

    2020年4月 - 2020年6月   春学期

  • データベースA

    2020年4月 - 2020年6月   春学期

  • 形式言語とオートマトンB

    2019年12月 - 2020年2月   冬学期

  • 情報学論述Ⅱ

    2019年10月 - 2020年3月   後期

  • 情報学論議Ⅱ

    2019年10月 - 2020年3月   後期

  • 形式言語とオートマトン

    2019年10月 - 2020年3月   後期

  • 情報学演示

    2019年10月 - 2020年3月   後期

  • 形式言語とオートマトンA

    2019年10月 - 2019年12月   秋学期

  • データベースB

    2019年6月 - 2019年8月   夏学期

  • データベース

    2019年4月 - 2019年9月   前期

  • データベース

    2019年4月 - 2019年9月   前期

  • 【サイバー】暗号と情報セキュリティ

    2019年4月 - 2019年9月   前期

  • 暗号と情報セキュリティ

    2019年4月 - 2019年9月   前期

  • 情報学読解

    2019年4月 - 2019年9月   前期

  • 情報学論述Ⅰ

    2019年4月 - 2019年9月   前期

  • 情報学論議Ⅰ

    2019年4月 - 2019年9月   前期

  • 暗号と情報セキュリティ

    2019年4月 - 2019年9月   前期

  • サイバーセキュリティ基礎論

    2019年4月 - 2019年6月   春学期

  • データベースA

    2019年4月 - 2019年6月   春学期

  • サイバーセキュリティ基礎論

    2019年4月 - 2019年6月   春学期

  • 形式言語とオートマトンB

    2018年12月 - 2019年2月   冬学期

  • 情報学論議Ⅱ

    2018年10月 - 2019年3月   後期

  • 言語とオートマトン

    2018年10月 - 2019年3月   後期

  • 形式言語とオートマトン

    2018年10月 - 2019年3月   後期

  • 情報学演示

    2018年10月 - 2019年3月   後期

  • 情報学論述Ⅱ

    2018年10月 - 2019年3月   後期

  • 形式言語とオートマトンA

    2018年10月 - 2018年12月   秋学期

  • 情報学論議Ⅰ

    2018年4月 - 2018年9月   前期

  • データベース

    2018年4月 - 2018年9月   前期

  • 暗号と情報セキュリティ

    2018年4月 - 2018年9月   前期

  • 暗号と情報セキュリティ

    2018年4月 - 2018年9月   前期

  • 情報学読解

    2018年4月 - 2018年9月   前期

  • 情報学論述Ⅰ

    2018年4月 - 2018年9月   前期

  • 情報学論議Ⅰ

    2018年4月 - 2018年9月   前期

  • データベース

    2018年4月 - 2018年9月   前期

  • 暗号と情報セキュリティ

    2018年4月 - 2018年9月   前期

  • 暗号と情報セキュリティ

    2018年4月 - 2018年9月   前期

  • 情報学読解

    2018年4月 - 2018年9月   前期

  • 情報学論述Ⅰ

    2018年4月 - 2018年9月   前期

  • 情報学論議Ⅰ

    2018年4月 - 2018年9月   前期

  • データベース

    2018年4月 - 2018年9月   前期

  • 暗号と情報セキュリティ

    2018年4月 - 2018年9月   前期

  • 暗号と情報セキュリティ

    2018年4月 - 2018年9月   前期

  • 情報学読解

    2018年4月 - 2018年9月   前期

  • 情報学論述Ⅰ

    2018年4月 - 2018年9月   前期

  • 情報学論議Ⅰ

    2018年4月 - 2018年9月   前期

  • データベース

    2018年4月 - 2018年9月   前期

  • 暗号と情報セキュリティ

    2018年4月 - 2018年9月   前期

  • 暗号と情報セキュリティ

    2018年4月 - 2018年9月   前期

  • 情報学読解

    2018年4月 - 2018年9月   前期

  • 情報学論述Ⅰ

    2018年4月 - 2018年9月   前期

  • サイバーセキュリティ基礎論

    2018年4月 - 2018年6月   春学期

  • 情報学論議Ⅱ

    2017年10月 - 2018年3月   後期

  • 情報学論述Ⅱ

    2017年10月 - 2018年3月   後期

  • 形式言語とオートマトン

    2017年10月 - 2018年3月   後期

  • 形式言語とオートマトン

    2017年10月 - 2018年3月   後期

  • 形式言語とオートマトン

    2017年10月 - 2018年3月   後期

  • 情報学演示

    2017年10月 - 2018年3月   後期

  • Advanced Research in Fundamentals of Computer Science

    2017年4月 - 2018年3月   通年

  • 国際演示技法

    2017年4月 - 2018年3月   通年

  • 知的財産技法

    2017年4月 - 2018年3月   通年

  • ティーチング演習

    2017年4月 - 2018年3月   通年

  • 先端プロジェクト管理技法

    2017年4月 - 2018年3月   通年

  • Advanced Seminar in Informatics

    2017年4月 - 2018年3月   通年

  • 計算機科学基礎特別講究

    2017年4月 - 2018年3月   通年

  • 情報学特別演習

    2017年4月 - 2018年3月   通年

  • Overseas Internship

    2017年4月 - 2018年3月   通年

  • Scientific English Presentation

    2017年4月 - 2018年3月   通年

  • Intellectual Property Management

    2017年4月 - 2018年3月   通年

  • Exercise in Teaching

    2017年4月 - 2018年3月   通年

  • Advanced Project Management Technique

    2017年4月 - 2018年3月   通年

  • 情報学特別講究第一

    2017年4月 - 2018年3月   通年

  • 情報学特別講究第二

    2017年4月 - 2018年3月   通年

  • Advanced Research in Informatics I

    2017年4月 - 2018年3月   通年

  • Advanced Research in Informatics II

    2017年4月 - 2018年3月   通年

  • データベース

    2017年4月 - 2017年9月   前期

  • 情報学論議Ⅰ

    2017年4月 - 2017年9月   前期

  • データベース

    2017年4月 - 2017年9月   前期

  • データベース

    2017年4月 - 2017年9月   前期

  • 暗号と情報セキュリティ

    2017年4月 - 2017年9月   前期

  • 暗号と情報セキュリティ

    2017年4月 - 2017年9月   前期

  • 暗号と情報セキュリティ

    2017年4月 - 2017年9月   前期

  • データベース

    2017年4月 - 2017年9月   前期

  • 暗号と情報セキュリティ

    2017年4月 - 2017年9月   前期

  • 暗号と情報セキュリティ

    2017年4月 - 2017年9月   前期

  • 暗号と情報セキュリティ

    2017年4月 - 2017年9月   前期

  • 情報学読解

    2017年4月 - 2017年9月   前期

  • 情報学論述Ⅰ

    2017年4月 - 2017年9月   前期

  • サイバーセキュリティ基礎論

    2017年4月 - 2017年6月   春学期

  • サイバーセキュリティ基礎論

    2017年4月 - 2017年6月   春学期

  • サイバーセキュリティ基礎論

    2017年4月 - 2017年6月   春学期

  • 形式言語とオートマトン

    2016年10月 - 2017年3月   後期

  • データベース

    2016年4月 - 2016年9月   前期

  • 高度プログラム演習

    2016年4月 - 2016年9月   前期

  • 暗号と情報セキュリティ

    2016年4月 - 2016年9月   前期

  • データベース

    2015年10月 - 2016年3月   後期

  • 形式言語とオートマトン

    2015年4月 - 2015年9月   前期

  • 暗号と情報セキュリティ

    2015年4月 - 2015年9月   前期

  • 高年次教養科目 (理系主題科目 理系主題科目 VII )

    2014年4月 - 2014年9月   前期

  • 暗号と情報セキュリティ

    2014年4月 - 2014年9月   前期

  • 計算機科学入門

    2014年4月 - 2014年9月   前期

  • 形式言語とオートマトン

    2013年10月 - 2014年3月   後期

  • 暗号と情報セキュリティ

    2013年4月 - 2013年9月   前期

  • 高年次教養科目 (理系主題科目 理系主題科目 VII )

    2013年4月 - 2013年9月   前期

  • 計算機科学入門

    2013年4月 - 2013年9月   前期

  • 形式言語とオートマトン

    2012年10月 - 2013年3月   後期

  • 計算機科学入門

    2012年4月 - 2012年9月   前期

  • 暗号と情報セキュリティ

    2012年4月 - 2012年9月   前期

  • 形式言語とオートマトン

    2011年10月 - 2012年3月   後期

  • 形式言語とオートマトン

    2011年10月 - 2012年3月   後期

  • 暗号と情報セキュリティ

    2011年4月 - 2011年9月   前期

  • 計算機科学入門

    2011年4月 - 2011年9月   前期

  • 形式言語とオートマトン

    2010年10月 - 2011年3月   後期

  • 計算機科学入門

    2010年4月 - 2010年9月   前期

  • 暗号と情報セキュリティ

    2010年4月 - 2010年9月   前期

  • 暗号と情報セキュリティ特論

    2010年4月 - 2010年9月   前期

  • 形式言語とオートマトン

    2009年10月 - 2010年3月   後期

  • 計算機科学入門

    2009年4月 - 2009年9月   前期

  • 暗号と情報セキュリティ

    2009年4月 - 2009年9月   前期

  • 暗号と情報セキュリティ特論

    2009年4月 - 2009年9月   前期

  • 形式言語とオートマトン

    2008年10月 - 2009年3月   後期

  • 計算機科学入門

    2008年4月 - 2008年9月   前期

  • 情報セキュリティ特論

    2008年4月 - 2008年9月   前期

  • 計算機科学基礎特論

    2008年4月 - 2008年9月   前期

  • 形式言語とオートマトン

    2007年10月 - 2008年3月   後期

  • 計算機科学入門

    2007年4月 - 2007年9月   前期

  • 計算機科学基礎特論

    2007年4月 - 2007年9月   前期

  • 形式言語とオートマトン

    2006年10月 - 2007年3月   後期

  • 計算機科学入門

    2006年4月 - 2006年9月   前期

  • 計算機科学基礎特論

    2006年4月 - 2006年9月   前期

  • 形式言語とオートマトン

    2005年10月 - 2006年3月   後期

  • コンピュータシステム I

    2005年10月 - 2006年3月   後期

  • 計算機科学基礎特論

    2005年4月 - 2005年9月   前期

▼全件表示

FD参加状況

  • 2023年3月   役割:参加   名称:【シス情FD】独・蘭・台湾での産学連携を垣間見る-Industy 4.0・量子コンピューティング・先端半導体-

    主催組織:部局

  • 2023年1月   役割:参加   名称:【シス情FD】若手教員による研究紹介⑦

    主催組織:部局

  • 2022年7月   役割:参加   名称:【シス情FD】若手教員による研究紹介⑤

    主催組織:部局

  • 2021年12月   役割:参加   名称:【シス情FD】企業出身教員から見た大学

    主催組織:部局

  • 2021年9月   役割:参加   名称:博士後期課程の充足率向上に向けて

    主催組織:部局

  • 2021年7月   役割:参加   名称:若手教員による研究紹介 及び 科研取得のポイント、その他について ②

    主催組織:部局

  • 2021年6月   役割:参加   名称:若手教員による研究紹介 及び 科研取得のポイントについて ①

    主催組織:部局

  • 2021年5月   役割:参加   名称:先導的人材育成フェローシップ事業(情報・AI分野)について

    主催組織:部局

  • 2020年12月   役割:参加   名称:Moodle&MS Teams連携によるオンライン講義実施報告(Youtube Prezi Powerpoint Wolframcloud そして TeX)

    主催組織:部局

  • 2020年11月   役割:参加   名称:マス・フォア・イノベーション卓越大学院について

    主催組織:部局

  • 2020年10月   役割:参加   名称:2020年度 ユニバーシティ・デザイン・ワークショップの報告

    主催組織:部局

  • 2020年9月   役割:参加   名称:電気情報工学科総合型選抜(AO入試)について

    主催組織:部局

  • 2020年8月   役割:参加   名称:【IDE大学セミナー】大学教職員の多様な働き方について

  • 2017年3月   役割:講演   名称:外務省「インド情報技術大学ジャバルプール校(IIIT-DMJ)のための日印協力」 による日本人教員派遣プログラム参加報告   -- 集中講義「サイバーセキュリティ先端論」(2016 & 2017) を通じて ---

    主催組織:部局

▼全件表示

他大学・他機関等の客員・兼任・非常勤講師等

  • 2021年  ATR 先端セキュリティ研究室  区分:客員教員  国内外の区分:国内 

  • 2020年  ATR 先端セキュリティ研究室  区分:客員教員  国内外の区分:国内 

  • 2019年  ATR  区分:客員教員  国内外の区分:国内 

  • 2017年  インド情報技術大学ジャバルプール校(IIIT・J)  区分:集中講義  国内外の区分:国外 

    学期、曜日時限または期間:2018年3月末に一週間//

国際教育イベント等への参加状況等

  • 2023年9月

    ソウル大&九大

    KYUSHU-SNU JOINT SYMPOSIUM

      詳細を見る

    開催国・都市名:韓国・ソウル

    参加者数:60

  • 2019年3月

    IIITDM Jabalpur & MOFA/外務省

    DeW workshop at IIITDM Jabalpur Theme : Security and Privacy of Cyber-Physical Systems

      詳細を見る

    開催国・都市名:India/Jabalpur

    参加者数:50

  • 2018年11月

    Sogang University Uppsala University Royal University of Phnom Penh

    Angkor International Conference on Applied Mathematics and Statistics 2018

      詳細を見る

    開催国・都市名:Angkor Paradise Hotel 19-21 November 2018 Siem Reap, Cambodia

    参加者数:20

  • 2017年11月

    Organized jointly by the Myanmar Mathematical Society and the Southeast Asian Mathematical Society (SEAMS)

    The Tenth International Conference on Science and Mathematics Education in Developing Countries

      詳細を見る

    開催国・都市名:University of Mandalay, Mandalay, Myanmar

    参加者数:200

その他教育活動及び特記事項

  • 2020年  その他特記事項  インドの大学からの博士学位論文の外部審査委員を、積極的に務めている。 R2年 には、インド工科大とインドANNA大/数件の博士論文審査を行った。

     詳細を見る

    インドの大学からの博士学位論文の外部審査委員を、積極的に務めている。
    R2年 には、インド工科大とインドANNA大/数件の博士論文審査を行った。

  • 2019年  その他特記事項  2019年9月に学位を取得したJiaWei SUさんを筆頭とするDr.Vargasと我々研究グループの論文が、BBCニュースや朝日新聞とする電子新聞等に掲載され、社会的に特にインパクトを与えたこと業績を評価する。 この業績のおかげもあって、SUさんは、日本企業の研究所に就職し、現在は、就寝雇用の身分で研究開発を続けています。 以下は、論文発表とメディアでの取材や掲載の経緯です。 2017/10/24: Arxivへ論文を投稿し公開発表する: 題目:“One pixel attack for fooling deep neural networks” 著者:Su, Vargas, and Sakurai 2017/10/30 MIT Tech Review review でArxiv論文が紹介される: How Do You Turn a Dog into a Car? Change a Single Pixel”. 2017/11/02: Suさん宛にBBC記者から当該論文の関する質問eメールが届く。 2017.11/03: BBC e-Newsに掲載される “Computers can be fooled into thinking a picture of a taxi is a dog just by changing one pixel, suggests research” 2018/01/10 朝日新聞社より、推薦者宛に、当該論文に関する問い合わせのemailが届き、数回の説明と解説を行う。 2018/01/19 朝日新聞朝刊コラムに研究の引用と下名のコメントが掲載 未報道ですが、2018/01/17にも、下名宛にNHK報道局科学文化部から電話で問い合わせあり、emailにて回答しています。 内容は、ニューラルネットの専門家であるVargas助教主導導の下、博士研究の一環として行ったものであり、敵対的機械学習に関する最先端の解析実験です。 Suさんは、この研究を発展させ、IoTマルウエアの研究に応用した研究でも、JST国際共同研究の一環として、インドIITデリーやロンドン大の一線の研究者との共著論文もまとめ上げて、ACM主催の国際会議へ投稿した。

     詳細を見る

    2019年9月に学位を取得したJiaWei SUさんを筆頭とするDr.Vargasと我々研究グループの論文が、BBCニュースや朝日新聞とする電子新聞等に掲載され、社会的に特にインパクトを与えたこと業績を評価する。 この業績のおかげもあって、SUさんは、日本企業の研究所に就職し、現在は、就寝雇用の身分で研究開発を続けています。
    以下は、論文発表とメディアでの取材や掲載の経緯です。

    2017/10/24: Arxivへ論文を投稿し公開発表する: 題目:“One pixel attack for fooling deep neural networks” 著者:Su, Vargas, and Sakurai
    2017/10/30 MIT Tech Review review でArxiv論文が紹介される: How Do You Turn a Dog into a Car? Change a Single Pixel”.
    2017/11/02: Suさん宛にBBC記者から当該論文の関する質問eメールが届く。
    2017.11/03: BBC e-Newsに掲載される “Computers can be fooled into thinking a picture of a taxi is a dog just by changing one pixel, suggests research”
    2018/01/10 朝日新聞社より、推薦者宛に、当該論文に関する問い合わせのemailが届き、数回の説明と解説を行う。
    2018/01/19 朝日新聞朝刊コラムに研究の引用と下名のコメントが掲載

    未報道ですが、2018/01/17にも、下名宛にNHK報道局科学文化部から電話で問い合わせあり、emailにて回答しています。
    内容は、ニューラルネットの専門家であるVargas助教主導導の下、博士研究の一環として行ったものであり、敵対的機械学習に関する最先端の解析実験です。
    Suさんは、この研究を発展させ、IoTマルウエアの研究に応用した研究でも、JST国際共同研究の一環として、インドIITデリーやロンドン大の一線の研究者との共著論文もまとめ上げて、ACM主催の国際会議へ投稿した。

  • 2018年  その他特記事項  Angkor International Conference on Applied Mathematics and Statistics 2018 Angkor Paradise Hotel 19-21 November 2018 Siem Reap, Cambodia に参加し、How to teach Math with CyberSpace to UnderGraduateの講演を行い、 カンボジアやミャンマーの数理学教育者と意見交換できた。

     詳細を見る

    Angkor International Conference on Applied Mathematics and Statistics 2018
    Angkor Paradise Hotel 19-21 November 2018 Siem Reap, Cambodia
    に参加し、How to teach Math with CyberSpace to UnderGraduateの講演を行い、
    カンボジアやミャンマーの数理学教育者と意見交換できた。

  • 2018年  その他特記事項  2015年12月から2019年3月まで毎年、 外務省派遣/インド情報技術大学ジャバルプル校(IIITDM-J)への集中講義を行った。 担当はサイバーセキュリティの最先端を、学部と修士へ講義し、クイズと試験で成績評価まで行う。 部局FDでもその一部を紹介した。 受講生は毎回100名と盛況であった。2020以降はコロナで延期となっているが、今後の復活を期待している。

     詳細を見る

    2015年12月から2019年3月まで毎年、
    外務省派遣/インド情報技術大学ジャバルプル校(IIITDM-J)への集中講義を行った。
    担当はサイバーセキュリティの最先端を、学部と修士へ講義し、クイズと試験で成績評価まで行う。
    部局FDでもその一部を紹介した。
    受講生は毎回100名と盛況であった。2020以降はコロナで延期となっているが、今後の復活を期待している。

  • 2017年  その他特記事項  The Tenth International Conference on Science and Mathematics Education in Developing Countries 10-12 November 2017, University of Mandalay, Mandalay, Myanmar へ参加し、 Contributed Papers: Kouichi SAKURAI, “How to Teach Crypto-Math for Under Graduate”, Department of Informatics, and Cyber Security Center, Kyushu University, Fukuoka, Japan. を発表した。ミャンマーやラオスなどアジアの理数系研究者をはじめ、欧米からの大学教育に関心ある研究者と交流をもつ機会をもてた。

     詳細を見る

    The Tenth International Conference on Science and Mathematics Education in Developing Countries
    10-12 November 2017, University of Mandalay, Mandalay, Myanmar
    へ参加し、
    Contributed Papers: Kouichi SAKURAI, “How to Teach Crypto-Math for Under Graduate”, Department of Informatics, and Cyber Security Center, Kyushu University, Fukuoka, Japan.
    を発表した。ミャンマーやラオスなどアジアの理数系研究者をはじめ、欧米からの大学教育に関心ある研究者と交流をもつ機会をもてた。

社会貢献・国際連携活動概要

  • 暗号技術国際標準化委員会 ISO/SC27 /WG2 の日本代表として、
    1991年東京会議,1992年チューリッヒ会議,1993年パリ会議に出席.
    1990年より情報処理振興事業協会
    "コンピュータウイルス対策システム研究会委員,
    1994年より郵政省 「マルチメディア社会におけるセキュリティ技術
    に関する調査研究会」専門委員,
    1995年より日本情報処理開発協会 暗号技術研究タスクフォース専門委員,
    1996年より通信放送機構・情報セキュリティプロジェクト・
    サブグループリーダー,
    1999年より2010年まで
    暗号技術国際標準化委員会(ISO/SC27/WG2)
    主査 兼 WG2日本代表長(情報処理学会 情報規格調査会)

    2004年4月より、(財)九州システム情報技術研究所 第2研究室室長を兼務し、「社会システムにおける情報セキュリティ」の確保をテーマに、産学官の研究交流を促進。 
    2005-2006年度・情報通信研究機構より採択された日韓国際共同研究プロジェクトのリーダーとしてセキュリティ技術に関する日中韓の産学官連携を推進。 
    2006年5月インド暗号学会(The Cryptology Research Society of India, (CRSI) 事務局長ビマル クマール ロイ(Bimal Kumar Roy)教授)との間で、情報セキュリティ分野での研究協定覚書(MOU)の締結を日本の研究機関としてはじめて実現。
    2014年には, CSRIとのMOUは, インド統計機構(ISI)も含めた形で, 延長更新した.
    この20年間は, 韓国,中国・台湾,マレーシア・シンガポールなどアジアを中心に共同研究を行なってきた. 最近は, 数理・計算機科学と, ソフトウエア工学に強いインドから3名のポスドク(各1年間)や5名の博士学生の短期受け入れで連携を強めている.
    2016年より、九州管区警察局サイバーセキュリティテクニカルアドバイザーを務めている。九州管区警察局では、複雑・巧妙化するサイバー空間の脅威に的確に対処する上で、学術機関・研究者の有する最先端の情報や技術を活用することを目的
    とし、最先端の知見を有する櫻井にテクニカルアドバイザーを委嘱した。管区内サイバーセキュリティ責任者会議をはじめ、九州全県の県警への訪問講演と討議会を担当した、R2はコロナで休会/延期であったが、R3はonline講演を行った。

社会貢献活動

  • 福岡市個人情報保護審議会

    福岡市  福岡市役所  2023年9月

     詳細を見る

    対象:社会人・一般, 学術団体, 企業, 市民団体, 行政機関

    種別:研究指導

  • 2023年6月、「日台情報セキュリティ交流セミナー」(台湾工業技術研究院(ITRI)主催)で、招待講演(CyberSecurity Beyond Computer Science)を行なった。 さらに、台湾のサイバーセキュリティ系スタートアップ企業をはじめ、ITRI日本支部の方との実質的な交流をはじめるきっかけとなった。

    2023年

     詳細を見る

    2023年6月、「日台情報セキュリティ交流セミナー」(台湾工業技術研究院(ITRI)主催)で、招待講演(CyberSecurity Beyond Computer Science)を行なった。
    さらに、台湾のサイバーセキュリティ系スタートアップ企業をはじめ、ITRI日本支部の方との実質的な交流をはじめるきっかけとなった。

  • 福岡県個人情報保護審議会の委員

    福岡県  福岡県庁での審議会/  2022年4月

     詳細を見る

    対象:社会人・一般, 学術団体, 企業, 市民団体, 行政機関

    種別:その他

  • 福岡県個人情報保護審議会の委員

    福岡県  福岡県庁での審議会/  2021年4月

     詳細を見る

    対象:社会人・一般, 学術団体, 企業, 市民団体, 行政機関

    種別:その他

  • 福岡県個人情報保護審議会の委員

    福岡県  福岡県庁での審議会  2020年4月

     詳細を見る

    対象:社会人・一般, 学術団体, 企業, 市民団体, 行政機関

    種別:その他

  • 2019年よりATR/株式会社国際電気通信基礎技術研究所の客員研究員を務めている。 ATRは、発足してこの35年、国際的な産・学・官の連携のもとに情報通信関連分野における先駆的・独創的研究を推進している。 客員として、この間に、先端セキュリティ研究室の発足を手伝い、現在は、研究指導連携をKDDI総研や関西地区の大学とも連携している。 以前は、九州ISIT-KDDI研究所セミナーを、ATR-KDDI研セミナーとして、リブートし、毎年公開型の研究情報発信も行っている。 2021年3月には 「第2回 ATR-KDDI総合研究所セキュリティ技術セミナー ~ ニューノーマル時代のセキュリティ・プライバシ技術と研究開発事例 ~」を開催した。//

    2020年

     詳細を見る

    2019年よりATR/株式会社国際電気通信基礎技術研究所の客員研究員を務めている。
    ATRは、発足してこの35年、国際的な産・学・官の連携のもとに情報通信関連分野における先駆的・独創的研究を推進している。
    客員として、この間に、先端セキュリティ研究室の発足を手伝い、現在は、研究指導連携をKDDI総研や関西地区の大学とも連携している。
    以前は、九州ISIT-KDDI研究所セミナーを、ATR-KDDI研セミナーとして、リブートし、毎年公開型の研究情報発信も行っている。
    2021年3月には 「第2回 ATR-KDDI総合研究所セキュリティ技術セミナー ~ ニューノーマル時代のセキュリティ・プライバシ技術と研究開発事例 ~」を開催した。//

  • 2016年より九州管区警察局の委嘱を受け、 サイバーセキュリティテクニカルアドバイザーを担当している。 管区内サイバーセキュリティ責任者会議を初め、毎年、九州全県の県警へ訪問講演と討議会を持った。 2020は休会であったが,2021はonline講演の開催を計画している。

    2019年

     詳細を見る

    2016年より九州管区警察局の委嘱を受け、
    サイバーセキュリティテクニカルアドバイザーを担当している。
    管区内サイバーセキュリティ責任者会議を初め、毎年、九州全県の県警へ訪問講演と討議会を持った。
    2020は休会であったが,2021はonline講演の開催を計画している。

  • 最近は, 数理・計算機科学と, ソフトウエア工学に強いインドから3名のポスドク(各1年間)や5名の博士学生の短期受け入れで、国際連携を強めている. 2017年11月インド統計機構(ISIコルカタ)が主催・マイクロソフト支援のブロックチェーンワークショップで招待講演, 2018年12月・ベンガル州主催・コルカタでのGlobal Blockchain大会で貴重講演.

    2019年

     詳細を見る

    最近は, 数理・計算機科学と, ソフトウエア工学に強いインドから3名のポスドク(各1年間)や5名の博士学生の短期受け入れで、国際連携を強めている.
    2017年11月インド統計機構(ISIコルカタ)が主催・マイクロソフト支援のブロックチェーンワークショップで招待講演, 2018年12月・ベンガル州主催・コルカタでのGlobal Blockchain大会で貴重講演.

  • 九州管区警察局サイバーセキュリティテクニカルアドバイザー

    役割:助言・指導

    2017年5月 - 現在

     詳細を見る

    種別:研究指導

    researchmap

  • 個人情報保護審議委員会委員

    福岡県  福岡県庁  2017年4月

     詳細を見る

    対象:社会人・一般, 学術団体, 企業, 市民団体, 行政機関

    種別:研究指導

  • 個人情報保護審議委員会委員

    福岡県  県庁  2016年4月

     詳細を見る

    対象:社会人・一般, 学術団体, 企業, 市民団体, 行政機関

    種別:研究指導

    個人情報保護の改定にあたって、福岡県の情報管理に関するアドバイスを行う。

  • インド情報技術大学ジャバルプル校(IIITDM-J)への出講/特別講義[外務省依頼]

    2016年

     詳細を見る

    インド情報技術大学ジャバルプル校(IIITDM-J)への出講/特別講義[外務省依頼]

  • 個人情報保護審議委員会委員

    福岡県   県庁  2015年4月

     詳細を見る

    対象:社会人・一般, 学術団体, 企業, 市民団体, 行政機関

    種別:研究指導

  • 平成13年 九州大学公開講座 先端領域“動き始めたIT革命”(IT社会における情報セキュリティ)

    九州大学  2000年11月

     詳細を見る

    対象:社会人・一般, 学術団体, 企業, 市民団体, 行政機関

    種別:講演会

▼全件表示

メディア報道

  • 去年11月に開業の長崎市出島メッセ長崎で初めての本格的な国際学術会議であり、サイバー犯罪への対策などを議論する国際会議。オンラインを含め29の国からサイバーセキュリティ―分野の研究者や学生ら約280人が参加登録した。共同実行委員長で九州大学サイバーセキュリティセンターの櫻井教授は「最新の設備で申し分ない。これをきっかけにここで国際会議をどんどん誘致していただければ」と評価した。会議は6月2日まで開かれた。 テレビ・ラジオ番組

    長崎国際テレビ  2022年5月

     詳細を見る

    去年11月に開業の長崎市出島メッセ長崎で初めての本格的な国際学術会議であり、サイバー犯罪への対策などを議論する国際会議。オンラインを含め29の国からサイバーセキュリティ―分野の研究者や学生ら約280人が参加登録した。共同実行委員長で九州大学サイバーセキュリティセンターの櫻井教授は「最新の設備で申し分ない。これをきっかけにここで国際会議をどんどん誘致していただければ」と評価した。会議は6月2日まで開かれた。

  • IEEEメンバー サイバー社会暗号技術の第一人者  『九州大学 櫻井幸一教授が提言』 2020年2月、IEEEメンバーで九州大学大学院システム情報科学研究院の櫻井幸一教授は、「インターネットなどのネットワークや人工知能(AI)への不正を仕掛ける攻撃は年々高度化しており、暗号技術が重要さを増していることや、セキュリティーとプライバシーとの関係性に注意すべきだ」と提言しました。櫻井幸一教授は、仮想通貨(暗号資産)やそれを支えるブロックチェーン(分散型台帳)の研究者であり、それら技術の不可欠な要素であるサイバー社会暗号技術の第一人者です。 https://www.atpress.ne.jp/news/208741

    IEEE プレスリリース  2020年3月

     詳細を見る

    IEEEメンバー サイバー社会暗号技術の第一人者  『九州大学 櫻井幸一教授が提言』
    2020年2月、IEEEメンバーで九州大学大学院システム情報科学研究院の櫻井幸一教授は、「インターネットなどのネットワークや人工知能(AI)への不正を仕掛ける攻撃は年々高度化しており、暗号技術が重要さを増していることや、セキュリティーとプライバシーとの関係性に注意すべきだ」と提言しました。櫻井幸一教授は、仮想通貨(暗号資産)やそれを支えるブロックチェーン(分散型台帳)の研究者であり、それら技術の不可欠な要素であるサイバー社会暗号技術の第一人者です。
    https://www.atpress.ne.jp/news/208741

  • 教えて人工知能/7/社会で広くつかわれるため、どんな研究がされている?/ 一方、AIが社会に広く普及するには多くの課題も残っている。 米マサチューセッツ工科大の研究グループは昨年、画像を認識するAIに、 3Dプリンター で作った亀の模型を様々な角度から見せたところ、AIは「ライフル銃」と認識してしまうという研究を発表した。九州大の櫻井幸一教授らの研究でも、画像の1マスをほかの色に変えただけで、AIが別のものと誤認することがわかった。 こうした弱点は、自動運転のAIに標識を別のものに誤認識させるなど、犯罪やテロに悪用されてしまう恐れがある。櫻井さんは「原因や対策は研究中だが、社会で広く使うには、人間の目とAIが補完しあう必要があるのではないか」と話す。 新聞・雑誌

    朝日新聞デジタル  2018年1月

     詳細を見る

    教えて人工知能/7/社会で広くつかわれるため、どんな研究がされている?/
    一方、AIが社会に広く普及するには多くの課題も残っている。
    米マサチューセッツ工科大の研究グループは昨年、画像を認識するAIに、 3Dプリンター で作った亀の模型を様々な角度から見せたところ、AIは「ライフル銃」と認識してしまうという研究を発表した。九州大の櫻井幸一教授らの研究でも、画像の1マスをほかの色に変えただけで、AIが別のものと誤認することがわかった。
    こうした弱点は、自動運転のAIに標識を別のものに誤認識させるなど、犯罪やテロに悪用されてしまう恐れがある。櫻井さんは「原因や対策は研究中だが、社会で広く使うには、人間の目とAIが補完しあう必要があるのではないか」と話す。

  • たった1ピクセルの変更でAIが画像を誤認識、九大チームが発表 九州大学の研究チームが画像認識AIを騙す新しいアプローチを発明した。

    MIT technocal Review  2017年11月

     詳細を見る

    たった1ピクセルの変更でAIが画像を誤認識、九大チームが発表
    九州大学の研究チームが画像認識AIを騙す新しいアプローチを発明した。

  • 九州管区警察局・サイバーセキュリティテクニカルアドバイサー就任 新聞・雑誌

    西日本、毎日、読売、日経  2016年5月

     詳細を見る

    九州管区警察局・サイバーセキュリティテクニカルアドバイサー就任

  • 九州管区警察局サイバーセキュリティテクニカルアドバオサー就任 テレビ・ラジオ番組

    KBC, TNC, NHK, FBS, RKB  2016年5月

     詳細を見る

    九州管区警察局サイバーセキュリティテクニカルアドバオサー就任

  • 現代における情報セキュリティ~サイバー社会の今を知る~ 新聞・雑誌

    読売新聞鹿児島広告社  2014年2月

     詳細を見る

    現代における情報セキュリティ~サイバー社会の今を知る~

▼全件表示

政策形成、学術振興等への寄与活動

  • 2022年4月 - 2024年3月   人工知能学会

    AIセキュリティ研究会/主査

  • 2020年11月 - 2021年3月   総務省/事務局/三菱総合研究所

    「AIセキュリティの研究開発に関する調査検討会」委員

外国人研究者等の受け入れ状況

  • 山東大学 機械工学院・ 准教授

    受入れ期間: 2023年12月 - 2024年3月   (期間):1ヶ月以上

    国籍:中華人民共和国

    専業主体:その他

  • KAIST

    受入れ期間: 2023年1月   (期間):2週間未満

    国籍:大韓民国

  • ISI Kolkata/インド統計研究所コルカタ

    受入れ期間: 2019年5月 - 2019年6月   (期間):2週間以上1ヶ月未満

    国籍:インド

    専業主体:学内資金

  • IIT MADRAS

    受入れ期間: 2019年2月 - 2019年3月   (期間):2週間以上1ヶ月未満

    国籍:インド

    専業主体:学内資金

  • Graduate School of Information Security(GSIS), School of Computing(SOC), KAIST

    受入れ期間: 2018年11月   (期間):2週間未満

    国籍:大韓民国

    専業主体:学内資金

  • UGM.AC.ID

    受入れ期間: 2018年9月 - 2019年1月   (期間):1ヶ月以上

    国籍:ミャンマー連邦

    専業主体:その他

  • ISI Kolkara/インド統計研究所

    受入れ期間: 2018年9月 - 2018年10月   (期間):2週間以上1ヶ月未満

    国籍:インド

    専業主体:学内資金

  • 九州大学大学院 情報学部門

    受入れ期間: 2018年8月 - 2019年7月   (期間):1ヶ月以上

    国籍:インド

    専業主体:政府関係機関

  • ISI Kolkata/インド統計研究所コルカタ

    受入れ期間: 2018年8月 - 2016年9月   (期間):2週間以上1ヶ月未満

    国籍:インド

    専業主体:学内資金

  • IIIT-DMJ

    受入れ期間: 2017年12月   (期間):2週間未満

    国籍:インド

  • NIU/ Sceince & Technology Intelligence

    受入れ期間: 2017年7月 - 2017年8月   (期間):1ヶ月以上

    国籍:アメリカ合衆国

    専業主体:政府関係機関

  • システム情報科学研究員

    受入れ期間: 2016年4月 - 2017年3月   (期間):1ヶ月以上

    国籍:インド

    専業主体:学内資金

  • Jina Univ.

    受入れ期間: 2014年9月 - 2015年1月   (期間):1ヶ月以上

    国籍:中華人民共和国

    専業主体:政府関係機関

  • Daekin Univ.

    受入れ期間: 2014年6月 - 2015年7月   (期間):1ヶ月以上

    国籍:オーストラリア連邦

  • カルカッタ大学

    受入れ期間: 2013年5月 - 2013年6月   (期間):2週間未満

    国籍:インド

    専業主体:科学技術振興事業団

  • シンガポールI2R研究所

    受入れ期間: 2013年3月   (期間):2週間未満

    国籍:シンガポール共和国

  • インド統計大学

    受入れ期間: 2013年3月   (期間):2週間未満

    国籍:インド

    専業主体:科学技術振興事業団

  • シンガポールI2R研究所

    受入れ期間: 2013年3月   (期間):2週間未満

    国籍:シンガポール共和国

  • 復旦大学 ソフトウエア大学院

    受入れ期間: 2012年9月 - 2013年3月   (期間):1ヶ月以上

    国籍:中華人民共和国

  • カルカッタ大学

    受入れ期間: 2011年8月  

    国籍:インド

  • 釜慶大学IT融合応用工学科

    受入れ期間: 2011年7月 - 2012年7月  

    国籍:大韓民国

  • 釜慶大学

    受入れ期間: 2010年1月 - 2011年10月  

    国籍:大韓民国

▼全件表示

海外渡航歴

  • 2019年3月

    滞在国名1:インド   滞在機関名1:インド情報技術大学ジャバルプル校(IIITDM-J)

  • 2018年3月 - 2018年4月

    滞在国名1:インド   滞在機関名1:インド情報技術大学ジャバルプル校(IIITDM-J)

  • 2017年1月 - 2017年2月

    滞在国名1:インド   滞在機関名1:インド情報技術大学ジャバルプル校(IIITDM-J)

  • 2016年1月 - 2016年2月

    滞在国名1:インド   滞在機関名1:IIIT-DMJ

  • 1997年9月 - 1998年8月

    滞在国名1:アメリカ合衆国   滞在機関名1:Columbia Univ.

学内運営に関わる各種委員・役職等

  • 2022年4月 - 2024年3月   研究院 情報通信委員会長

  • 2021年4月 - 2022年3月   部門 主任

  • 2021年4月 - 2022年3月   学部 情報理学コース長

  • 2020年4月 - 2022年3月   全学 留学生委員会委員(部局から)

  • 2019年4月 - 2022年3月   研究院 実験倫理委員会

  • 2017年4月 - 2022年3月   研究院 実験倫理委員会

  • 2015年4月 - 2018年3月   学部 教務委員(専攻)

  • 2014年12月 - 2018年3月   センター サイバーセキュリティセンター

  • 2012年4月 - 現在   研究院 情報セキュリティ委員会・委員

  • 2010年4月 - 2011年3月   研究院 図書館商議委員

  • 2010年4月 - 2011年3月   研究院 伊都図書館運営委員会

▼全件表示