Kyushu University Academic Staff Educational and Research Activities Database
List of Presentations
Kouichi Sakurai Last modified date:2021.07.06

Professor / Mathematical Informatics / Department of Informatics / Faculty of Information Science and Electrical Engineering


Presentations
1. 櫻井幸一/Kouichi SAKURAI, Revisiting computationally independent pair of one-way functions from the point of view of non-malleability, The 2021 IEEE Conference on Dependable and Secure Computing, 2021.02, [URL], One-way functions have been playing a fundamental role in modern cryptography, based on which important constructions and results are obtained. This talk introduces computationally-independent pair of one-way functions, which was motivated from Koyama’s initiated work on two move interactive proofs of computational power [“Direct Demonstration of the Power to Break Public-Key Cryptosystems", AUSCRYPT’90]. The speaker’s previous work [“Theory and application of computationally independent one-way functions: Interactive proof of ability - Revisited” ICMC’19] were focusing mainly on (non) one-way property of the pairwise one-way functions as an independency and remarked a connection with a side-channel model by Komargodski [Leakage Resilient One-Way Functions: The Auxiliary-Input Setting", TCC’16], whereas this talk discusses their non-malleability. Also we revisit Koyama’s approach with recent developments of cryptographic theory and applications..
2. Kouichi Sakurai, A recent progress on design and analysis of Neural Cryptosystems, The 8th IEEE International Conference on Smart City and Informatization (iSCI 2020) , 2020.12, Neural Network have been applied to Cryptography and extended to Steganography, while an important breakthrough “Adversarial Neural Cryptography” is presented by Abadi and Anderson, two researchers with Google, on 2016. This talk gives a survey on research progress of Neural Cryptography: before vs. after the Google-2016, and introduces recent results by the speaker’s research group..
3. 櫻井幸一/Kouichi Sakurai, Hiding digital information with AI: Power and Generalization of Adversarial Cryptography, The International Conference on Security & Privacy (ICSP 2020) , 2020.11, [URL], Techniques of Artificial Intelligence including Neural Network have been applied to Cryptography and Information Hiding, while an important breakthrough “Adversarial Neural Cryptography” is presented by Abadi and Anderson, two researchers with Google, on 2016. This talk gives a survey on design and analysis of Information Hiding including Cryptography: before vs. after the Google-2016, and introduces recent results by the authors’ research group..
4. 櫻井 幸一/Kouichi Sakurai, How does Blockchain improve Electronic Voting ?, International Conference on Computational Intelligence, Data Science and Cloud Computing, 2020.11, [URL], First we survey recent development of e-voting protocols based on Blockchain, while comparing the e-voting schemes proposed before Blockchain, and consider what Blockchain resolve the issue with designing e-voting schemes. Next, we discuss the security of e-voting including "Receipt-freeness" and "coercion-resistance" in recently proposed e-voting schemes with Blockchain, while we investigate the relationship and real gap between "receipt-freeness" and "coercion-resistance", which is one of the significant issues in Internet e-voting systems. Final remark is about how to design the ideal e-voting scheme with perfect security and strong privacy..
5. Somnath Panja, Sabyasachi Dutta, Kouichi Sakurai, Deniable Secret Handshake Protocol - Revisited, 33rd International Conference on Advanced Information Networking and Applications, AINA-2019, 2020.01, The notion of deniability ensures that the transcript generated in an interactive protocol does not yield any evidence of the interaction. In the context of key-exchange protocols for secure message transmission, the notion of deniability is well-explored. On the other hand, a secret handshake protocol enables a group of authorized users to establish a shared secret key and authenticate each other. Recently, a framework for deniable secret handshake is proposed by Tian et al. in ISPEC 2018. We analyze the protocol, show three flaws and give solutions to prevent them..
6. Yan Naung Soe, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, Kouichi Sakurai, Implementing Lightweight IoT-IDS on Raspberry Pi Using Correlation-Based Feature Selection and Its Performance Evaluation, 33rd International Conference on Advanced Information Networking and Applications, AINA-2019, 2020.01, The application of many IoT devices is making our world more convenient and efficient. However, it also makes a large number of cyber-attacks possible because most IoT devices have very limited resources and cannot perform ordinary intrusion detection systems. How to implement efficient and lightweight IDS in IoT environments is a critically important and challenging task. Several detection systems have been implemented on Raspberry Pi, but most of them are signature-based and only allow limited rules. In this study, a lightweight IDS based on machine learning is implemented on a Raspberry Pi. To make the system lightweight, a correlation-based feature selection algorithm is applied to significantly reduce the number of features and a lightweight classifier is utilized. The performance of our system is examined in detail and the experimental result indicates that our system is lightweight and has a much higher detection speed with almost no sacrifice of detection accuracy..
7. Johjima Shota, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai, Simulation of Secure Volunteer Computing by Using Blockchain, 33rd International Conference on Advanced Information Networking and Applications, AINA-2019, 2020.01, Volunteer Computing (VC) is one of methods of distributed computing. In VC process, several volunteers provide their computing resources for some computational purposes. Because most VC is supposed to be executed based on a situation that each volunteer is an honest one, in a case that some malicious volunteers are inside the VC network, the VC contains potential risk of causing to output an unreliable computational result. To improve the reliability of the computational result, several existing VCs adopt a method of majority voting using reliability parameters. However, this method contains potential vulnerability against to “Sybil Attack”. Therefore, in this paper, we propose our VC system using blockchain technology named “Hierarchy-System” to solve these problems and also show the evaluation result executed on a VC system simulated our proposed method..
8. Somnath Panja, Sabyasachi Dutta, Kouichi Sakurai, Deniable Secret Handshake Protocol - Revisited, 33rd International Conference on Advanced Information Networking and Applications, AINA-2019, 2020.01, The notion of deniability ensures that the transcript generated in an interactive protocol does not yield any evidence of the interaction. In the context of key-exchange protocols for secure message transmission, the notion of deniability is well-explored. On the other hand, a secret handshake protocol enables a group of authorized users to establish a shared secret key and authenticate each other. Recently, a framework for deniable secret handshake is proposed by Tian et al. in ISPEC 2018. We analyze the protocol, show three flaws and give solutions to prevent them..
9. Yan Naung Soe, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, Kouichi Sakurai, Implementing Lightweight IoT-IDS on Raspberry Pi Using Correlation-Based Feature Selection and Its Performance Evaluation, 33rd International Conference on Advanced Information Networking and Applications, AINA-2019, 2020.01, The application of many IoT devices is making our world more convenient and efficient. However, it also makes a large number of cyber-attacks possible because most IoT devices have very limited resources and cannot perform ordinary intrusion detection systems. How to implement efficient and lightweight IDS in IoT environments is a critically important and challenging task. Several detection systems have been implemented on Raspberry Pi, but most of them are signature-based and only allow limited rules. In this study, a lightweight IDS based on machine learning is implemented on a Raspberry Pi. To make the system lightweight, a correlation-based feature selection algorithm is applied to significantly reduce the number of features and a lightweight classifier is utilized. The performance of our system is examined in detail and the experimental result indicates that our system is lightweight and has a much higher detection speed with almost no sacrifice of detection accuracy..
10. Johjima Shota, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai, Simulation of Secure Volunteer Computing by Using Blockchain, 33rd International Conference on Advanced Information Networking and Applications, AINA-2019, 2020.01, Volunteer Computing (VC) is one of methods of distributed computing. In VC process, several volunteers provide their computing resources for some computational purposes. Because most VC is supposed to be executed based on a situation that each volunteer is an honest one, in a case that some malicious volunteers are inside the VC network, the VC contains potential risk of causing to output an unreliable computational result. To improve the reliability of the computational result, several existing VCs adopt a method of majority voting using reliability parameters. However, this method contains potential vulnerability against to “Sybil Attack”. Therefore, in this paper, we propose our VC system using blockchain technology named “Hierarchy-System” to solve these problems and also show the evaluation result executed on a VC system simulated our proposed method..
11. Somnath Panja, Sabyasachi Dutta, Kouichi Sakurai, Deniable Secret Handshake Protocol - Revisited, 33rd International Conference on Advanced Information Networking and Applications, AINA-2019, 2020.01, The notion of deniability ensures that the transcript generated in an interactive protocol does not yield any evidence of the interaction. In the context of key-exchange protocols for secure message transmission, the notion of deniability is well-explored. On the other hand, a secret handshake protocol enables a group of authorized users to establish a shared secret key and authenticate each other. Recently, a framework for deniable secret handshake is proposed by Tian et al. in ISPEC 2018. We analyze the protocol, show three flaws and give solutions to prevent them..
12. Yan Naung Soe, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, Kouichi Sakurai, Implementing Lightweight IoT-IDS on Raspberry Pi Using Correlation-Based Feature Selection and Its Performance Evaluation, 33rd International Conference on Advanced Information Networking and Applications, AINA-2019, 2020.01, The application of many IoT devices is making our world more convenient and efficient. However, it also makes a large number of cyber-attacks possible because most IoT devices have very limited resources and cannot perform ordinary intrusion detection systems. How to implement efficient and lightweight IDS in IoT environments is a critically important and challenging task. Several detection systems have been implemented on Raspberry Pi, but most of them are signature-based and only allow limited rules. In this study, a lightweight IDS based on machine learning is implemented on a Raspberry Pi. To make the system lightweight, a correlation-based feature selection algorithm is applied to significantly reduce the number of features and a lightweight classifier is utilized. The performance of our system is examined in detail and the experimental result indicates that our system is lightweight and has a much higher detection speed with almost no sacrifice of detection accuracy..
13. Johjima Shota, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai, Simulation of Secure Volunteer Computing by Using Blockchain, 33rd International Conference on Advanced Information Networking and Applications, AINA-2019, 2020.01, Volunteer Computing (VC) is one of methods of distributed computing. In VC process, several volunteers provide their computing resources for some computational purposes. Because most VC is supposed to be executed based on a situation that each volunteer is an honest one, in a case that some malicious volunteers are inside the VC network, the VC contains potential risk of causing to output an unreliable computational result. To improve the reliability of the computational result, several existing VCs adopt a method of majority voting using reliability parameters. However, this method contains potential vulnerability against to “Sybil Attack”. Therefore, in this paper, we propose our VC system using blockchain technology named “Hierarchy-System” to solve these problems and also show the evaluation result executed on a VC system simulated our proposed method..
14. Sabyasachi Dutta, Partha Sarathi Roy, Kazuhide Fukushima, Shinsaku Kiyomoto, Kouichi Sakurai, Secret Sharing on Evolving Multi-level Access Structure, 20th World Conference on Information Security Applications, WISA 2019, 2020.01, Secret sharing is a process that allows storing secret information in a distributed manner among several participants. In the original setting of secret sharing schemes, it was assumed that the total number of participants is fixed from the very beginning. However, to meet the state of the art needs, it is required to consider the scenario where any time a new participant can join and the total number of participants is (possibly) unbounded. Evolving secret sharing solves the problem. Secret sharing for evolving threshold access structure has been considered in the last few years. Here, we consider the Multi-level access structures. More specifically, we consider evolving compartmental and hierarchical access structures. We provide constructions with the estimation of share sizes..
15. Hao Zhao, Yaokai Feng, Hiroshi Koide, Kouichi Sakurai, An ANN Based Sequential Detection Method for Balancing Performance Indicators of IDS, 7th International Symposium on Computing and Networking, CANDAR 2019, 2019.11, In recent years, the number of cyber attacks has been increasing rapidly and network security has become an important issue. As a vital component of defense against network threats, intrusion detection system (IDS) was introduced and machine learning algorithms have been widely used in such systems for high detection performance. There are several evaluation indices such as false positive rate, false negative rate, and so on. A problem is that these indices are often related to each other. For example, while we try to decrease the false positive rate, the false negative rate often tends to increase, and vice versa. In this study, we proposed an ANN based sequential classifier method to mitigate this problem. Specifically, we try to train ANN to have a low false positive rate, despite which may lead to high false negative rate. Then, the reported negative instances are sent to the next ANN to make a further investigation, where the false negative instances reported at the previous ANN may be classified correctly. In this way, the final false negative rate can also be improved greatly. The results of the experiment shows that the proposed method can bring lower false negative rate and higher accuracy of detection while making the false positive rate at an acceptable level. Moreover, the optimum number of ANNs for our proposal is also investigated and discussed in this study..
16. Rui Qiu, Danilo Vasconcellos Vargas, Kouich Sakurai, Frame difference generative adversarial networks
Clearer contour video generating, 7th International Symposium on Computing and Networking Workshops, CANDARW 2019, 2019.11, Generating image and video is a hot topic in Deep Learning. Especially, generating video is a difficult but meaningful work. How to generate video which has diversity and plausibility is still a problem to be solved. In this paper, we propose a novel model of Generative Adversarial Network(GAN) which called FDGAN to generate clear contour lines. Unlike existing GAN that only use frames, our method extends to use inter-frame difference. First introduce two temporal difference methods to process the inter-frame. Then increase a frame difference discriminator to discriminate whether the inter-frame is true or not. Using the model and new structure proposed, we perform video generation experiments on several widely used benchmark datasets such as MOVING MNIST, UCF-101. Consequently, the results achieve state-of-the-art performance for clarifying contour lines. Both quantitative and qualitative evaluations were made to show the effectiveness of our methods..
17. Limao Ma, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai, Reliable decentralized oracle with mechanisms for verification and disputation, 7th International Symposium on Computing and Networking Workshops, CANDARW 2019, 2019.11, Smart contract using Blockchain technology provides a mechanism to automatically exchange 'cash' and 'service' according to programmed conditions without requiring reliable third-party intervention. This results in reduction of time and cost for complex contract execution. Some contract execution require external information outside Blockchain as a trigger to execute the code specifying process for a certain contract. However, because Blockchain technology itself does not provide a function to directly access such external information, these applications require a proxy system called 'oracle'. Oracle is in charge accessing external information, to verify it, and to write it on Blockchain. To avoid security incidents such as oracle writing malicious information on Blockchain, reliability of oracle must be required. This paper introduces a decentralized oracle equipping with verification and disputation mechanisms. To evaluate reliability of the proposed mechanisms, a simulation-based experiment was conducted. The experimental results showed that our solution could effectively suppress the interference of malicious participants and obtained reliable consensus results even if relatively many malicious participants joined in the consensus process on the proposed decentralized oracle..
18. Katsumi Nagai, Hiroshi Koide, Kouichi Sakurai, Proposal and evaluation of a security incident response training method using programming, 20th Annual Conference on Information Technology Education, SIGITE 2019, 2019.09, Nowadays, there are various cyber-attacks in the world. In terms of dealing with cyber incident, there are many non-technical factors. Table Top Exercises are available for improving it but need some fund, time and trainers who conduct it more smoothly. So, in this work, we propose a security incident response training method using programming. It aims to improve some non-technical skills. Our proposal is actually executed with questionnaires..
19. Yan Naung Soe, Yaokai Feng, Paulus Insap Santosa, Rudy Hartanto, Kouichi Sakurai, A sequential scheme for detecting cyber attacks in IoT environment, 17th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 17th International Conference on Pervasive Intelligence and Computing, IEEE 5th International Conference on Cloud and Big Data Computing, 4th Cyber Science and Technology Congress, DASC-PiCom-CBDCom-CyberSciTech 2019, 2019.08, With the rapid spread of the IoT (Internet of Things) devices, our daily life has been becoming more convenient and efficient. However, the attacker is more easily targeting the IoT devices to make them become attack destinations or bots for attacking other victims. This is because most of the IoT devices have not enough resources, memory and computation skill, to be equipped with an efficient security system. The mainstream of the actual IDSs (Intrusion Detection Systems) for traditional networks/computers and those for the IoT devices are still signature/rule-based. It is well known that such detection systems cannot handle new kind of attacks or new variants. And, the formal rule-based detection techniques would be circumvented by attackers. Moreover, for many IoT devices, so many signatures/rules often cannot be operated. Machine learning-based technologies are attracted much attention from many researchers and developers in recent years. Such methods can detect specific attacks or just detect anomalies. In many related works, one classifier is often trained for detecting multiple kinds of attacks, which is obviously cannot grantee an optimum performance for every kind of attacks. In this study, we proposed a system that detects multiple specific attacks in a sequential manner. That is, each kind of specific attacks is detected using a designated classifier instead of a common one. An artificial neural network as the classifier is trained and used for each kind of the specific attacks. As a result, the multiple classifiers can detect the specific attacks in a sequential manner. Our proposal is explained in detail in this paper and its performance is examined using different activation functions. We also make it clear which activation function is the best choice for our system..
20. Haibo Zhang, Toru Nakamura, Kouichi Sakurai, Security and trust issues on digital supply chain, 17th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 17th International Conference on Pervasive Intelligence and Computing, IEEE 5th International Conference on Cloud and Big Data Computing, 4th Cyber Science and Technology Congress, DASC-PiCom-CBDCom-CyberSciTech 2019, 2019.08, This exploratory investigation aims to discuss current status and challenges, especially in aspect of security and trust problems, of digital supply chain management system with applying some advanced information technologies, such as Internet of Things, cloud computing and blockchain, for improving various system performance and properties, i.e. transparency, visibility, accountability, traceability and reliability. This paper introduces the general histories and definitions, in terms of information science, of the supply chain and relevant technologies which have been applied or are potential to be applied on supply chain with purpose of lowering cost, facilitating its security and convenience. It provides a comprehensive review of current relative research work and industrial cases from several famous companies. It also illustrates requirements or performance of digital supply chain system, security management and trust issues. Finally, this paper concludes several potential or existing security issues and challenges which supply chain management is facing..
21. Di Li, Danilo Vasconcellos Vargas, Sakurai Kouichi, Universal Rules for Fooling Deep Neural Networks based Text Classification, 2019 IEEE Congress on Evolutionary Computation, CEC 2019, 2019.06, Recently, deep learning based natural language processing techniques are being extensively used to deal with spam mail, censorship evaluation in social networks, among others. However, there is only a couple of works evaluating the vulnerabilities of such deep neural networks. Here, we go beyond attacks to investigate, for the first time, universal rules, i.e., rules that are sample agnostic and therefore could turn any text sample in an adversarial one. In fact, the universal rules do not use any information from the method itself (no information from the method, gradient information or training dataset information is used), making them black-box universal attacks. In other words, the universal rules are sample and method agnostic. By proposing a coevolutionary optimization algorithm we show that it is possible to create universal rules that can automatically craft imperceptible adversarial samples (only less than five perturbations which are close to misspelling are inserted in the text sample). A comparison with a random search algorithm further justifies the strength of the method. Thus, universal rules for fooling networks are here shown to exist. Hopefully, the results from this work will impact the development of yet more sample and model agnostic attacks as well as their defenses..
22. Hiroaki Anada, Tomohiro Matsushima, Chunhua Su, Weizhi Meng, Junpei Kawamoto, Samiran Bag, Kouichi Sakurai, Analysis of variance of graph-clique mining for scalable proof of work, 14th International Conference on Information Security and Cryptology, Inscrypt 2018, 2019.01, Recently, Bitcoin is becoming one of the most popular decentralized cryptographic currency technologies, and Bitcoin mining is a process of adding transaction records to Bitcoin’s public ledger of past transactions or blockchain. To obtain a bitcoin, the mining process involves compiling recent transactions into blocks and trying to solve a computationally difficult puzzle, e.g., proof of work puzzle. A proof of work allows miners the ability to quantify how much work a given proof contains. Basically, the required time for mining is decided in advance, but problems will occur if the value is large for dispersion. In this paper, we first accept that the required time between consecutive blocks follows the exponential distribution. That is, the variance is stable as long as the expected time is fixed. Then, we focus on the graph clique mining technique proposed by the literature, like Tromp (BITCOIN 2015) and Bag-Ruj-Sakurai (Inscrypt 2015), which is based on a computational difficulty problem of searching cliques of undirected graphs, where a clique is a subset of vertices. In particular, when the clique size is two, graph clique mining can be used to gain Bitcoins. The previous work also claimed that if the clique size is parameterized and increased, even if the expected time is fixed, the variance would not be stable. However, no qualitative or quantitative results were given to support their claim. Motivated by this issue, in this work, we propose a simple search algorithm for graph cliques mining, and perform a small scale evaluation on Bitcoin and Graph cliques’s solo mining to investigate the variance issue..
23. Hiroaki Anada, Tomohiro Matsushima, Chunhua Su, Weizhi Meng, Junpei Kawamoto, Samiran Bag, Kouichi Sakurai, Analysis of variance of graph-clique mining for scalable proof of work, 14th International Conference on Information Security and Cryptology, Inscrypt 2018, 2019.01, Recently, Bitcoin is becoming one of the most popular decentralized cryptographic currency technologies, and Bitcoin mining is a process of adding transaction records to Bitcoin’s public ledger of past transactions or blockchain. To obtain a bitcoin, the mining process involves compiling recent transactions into blocks and trying to solve a computationally difficult puzzle, e.g., proof of work puzzle. A proof of work allows miners the ability to quantify how much work a given proof contains. Basically, the required time for mining is decided in advance, but problems will occur if the value is large for dispersion. In this paper, we first accept that the required time between consecutive blocks follows the exponential distribution. That is, the variance is stable as long as the expected time is fixed. Then, we focus on the graph clique mining technique proposed by the literature, like Tromp (BITCOIN 2015) and Bag-Ruj-Sakurai (Inscrypt 2015), which is based on a computational difficulty problem of searching cliques of undirected graphs, where a clique is a subset of vertices. In particular, when the clique size is two, graph clique mining can be used to gain Bitcoins. The previous work also claimed that if the clique size is parameterized and increased, even if the expected time is fixed, the variance would not be stable. However, no qualitative or quantitative results were given to support their claim. Motivated by this issue, in this work, we propose a simple search algorithm for graph cliques mining, and perform a small scale evaluation on Bitcoin and Graph cliques’s solo mining to investigate the variance issue..
24. Hiroaki Anada, Tomohiro Matsushima, Chunhua Su, Weizhi Meng, Junpei Kawamoto, Samiran Bag, Kouichi Sakurai, Analysis of variance of graph-clique mining for scalable proof of work, 14th International Conference on Information Security and Cryptology, Inscrypt 2018, 2019.01, Recently, Bitcoin is becoming one of the most popular decentralized cryptographic currency technologies, and Bitcoin mining is a process of adding transaction records to Bitcoin’s public ledger of past transactions or blockchain. To obtain a bitcoin, the mining process involves compiling recent transactions into blocks and trying to solve a computationally difficult puzzle, e.g., proof of work puzzle. A proof of work allows miners the ability to quantify how much work a given proof contains. Basically, the required time for mining is decided in advance, but problems will occur if the value is large for dispersion. In this paper, we first accept that the required time between consecutive blocks follows the exponential distribution. That is, the variance is stable as long as the expected time is fixed. Then, we focus on the graph clique mining technique proposed by the literature, like Tromp (BITCOIN 2015) and Bag-Ruj-Sakurai (Inscrypt 2015), which is based on a computational difficulty problem of searching cliques of undirected graphs, where a clique is a subset of vertices. In particular, when the clique size is two, graph clique mining can be used to gain Bitcoins. The previous work also claimed that if the clique size is parameterized and increased, even if the expected time is fixed, the variance would not be stable. However, no qualitative or quantitative results were given to support their claim. Motivated by this issue, in this work, we propose a simple search algorithm for graph cliques mining, and perform a small scale evaluation on Bitcoin and Graph cliques’s solo mining to investigate the variance issue..
25. Ye Longjian, Hiroshi Koide, Dirceu Cavendish, Kouichi Sakurai, Efficient shortest path routing algorithms for distributed XML processing, 15th International Conference on Web Information Systems and Technologies, WEBIST 2019, 2019.01, This paper analyses the problem of efficiently routing XML documents on a network whose nodes are capable of distributed XML processing. The goal of our study is to find network paths for which XML documents' transmission will result in high likelihood that a large portion of the documents be processed within the network, decreasing the amount of XML processing at documents arrival at the destination site. We propose several routing algorithms for single route and multipath routing and evaluate them on a distributed XML network simulation environment. We show the benefits of the proposed XML routing algorithms as compared with widespread minimum hop routing strategy of the Internet..
26. Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai, A new design for evaluating moving target defense system, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment..
27. Ryousuke Komiya, Yaokai Feng, Kouichi Sakurai, Detecting distributed cyber attacks in SDN based on automatic thresholding, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Distributed Cyber Attack launched from many hosts simultaneously has become one of the most sophisticated and the most dangerous attacks in the cyber world including the traditional Internet and the SDN (Software Defined Networking) environments. As a kind of centralized network environment, the SDN has been greatly developed and popularized in recent years, especially in cloud systems. Thus, how to efficiently detect distributed attacks in SDN environments has attracted great attentions in academia and industry and various researches have been done to counter such attacks. The latest related researches made attempts to exploit the information of the PacketIn packets collected in the SDN controller and those methods proved efficient for detecting distributed cyber attacks in SDN environments. However, such methods adopted a threshold for distinguishing between attacks and normal situations. The threshold must be properly determined manually in advance, which is not easy in many applications even for experts. In this study, we try to automatically extract a proper threshold from the historical data of the monitored SDN environment so that the difficult parameter-tuning (determination of the threshold) process can be removed. In addition, because the extracted threshold can well reflect the actual situations of the monitored environment, a better detection performance than the existing approaches can be expected. The detection performance of our proposal is also tested using real traffic data..
28. Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai, Empirical evaluation on robustness of deep convolutional neural networks activation functions against adversarial perturbation, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Recent research has shown that deep convolutional neural networks (DCNN) are vulnerable to several different types of attacks while the reasons of such vulnerability are still under investigation. For instance, the adversarial perturbations can conduct a slight change on a natural image to make the target DCNN make the wrong recognition, while the reasons that DCNN is sensitive to such small modification are divergent from one research to another. In this paper, we evaluate the robustness of two commonly used activation functions of DCNN, namely the sigmoid and ReLu, against the recently proposed low-dimensional one-pixel attack. We show that the choosing of activation functions can be an important factor that influences the robustness of DCNN. The results show that comparing with sigmoid, the ReLu non-linearity is more vulnerable which allows the low dimensional one-pixel attack exploit much higher success rate and confidence of launching the attack. The results give insights on designing new activation functions to enhance the security of DCNN..
29. Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai, Neural cryptography based on the topology evolving neural networks, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Modern cryptographic schemes is developed based on the mathematical theory. Recently works show a new direction about cryptography based on the neural networks. Instead of learning a specific algorithm, a cryptographic scheme is generated automatically. While one kind of neural network is used to achieve the scheme, the idea of the neural cryptography can be realized by other neural network architecture is unknown. In this paper, we make use of this property to create neural cryptography scheme on a new topology evolving neural network architecture called Spectrum-diverse unified neuroevolution architecture. First, experiments are conducted to verify that Spectrum-diverse unified neuroevolution architecture is able to achieve automatic encryption and decryption. Subsequently, we do experiments to achieve the neural symmetric cryptosystem by using adversarial training..
30. Asoke K. Talukder, Manish Chaitanya, David Arnold, Kouichi Sakurai, Proof of disease
A blockchain consensus protocol for accurate medical decisions and reducing the disease burden, 4th IEEE SmartWorld, 15th IEEE International Conference on Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People and Smart City Innovations, SmartWorld/UIC/ATC/ScalCom/CBDCom/IoP/SCI 2018, 2018.12, Studies suggest that a significant proportion of the diagnosis in non-communicable diseases (NCD) is erroneous, unwanted, or unnecessary. To reduce the disease burden and improve public health, algorithmic support is essential. To realize this, health data must be computer understandable, secured, ubiquitous, and interoperable. Medical and disease data entered into computers are unstructured natural language texts with medical jargons which a computer normally cannot understand. EMR (Electronic Medical Records) are data silos in the hospital and do not interoperate. In this paper we present Ethereum based future ready Proof of Disease (PoD) consensus protocol with a computer understandable single instance of truth. It will solve many challenges that electronic health records (EHR) or health information exchange (HIE) have failed to address. This medical system will help achieve all the complex needs of P6 (Participatory, Personalized, Proactive, Preventive, Predictive and Precision) medicine and finally reduce the disease burden..
31. Yuki Nishida, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai, Suppressing chain size of blockchain-based information sharing for swarm robotic systems, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Swarm robotics is a research field in which a group of autonomous robots execute tasks through cooperative works. Sharing information among robots is a central function for an optimal performance of the system. Given that the swarm network structure constantly changes when robots move, it becomes difficult to guarantee on information sharing by all swarm members. We, in this work, propose an approach for information sharing on swarm robotic systems by using Blockchain technology. A function of distributed ledger in Blockchain technology has possibility to solve the information sharing problem and to easily synchronize their state. However, because Blockchain persistently keeps past transactions, the increase of its chain size is one of the serious issues to manage Blockchain technology. In this paper, we introduce a methodology to share information among autonomous robots and demonstrate through experiments that how the differences in data size recorded in the blockchain affect the chain size. As a result, compared with our previous approach, we succeeded in suppressing increase in chain size by using the proposal approach; it was reduced the amount of increase in chain size about 73.0% when each node repeatedly shared about 2.8KB image data by 100 times..
32. Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai, Tracing MIRAI malware in networked system, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, In 2021, it is anticipated that there will be approximately 30 billion Internet of Things (IoT) devices. The tremendous aggregate value of the IoT makes it a tempting and lucrative target for cyber criminals. The breakout of Mirai malware, which compromises poorly secured IoT devices with factory-default username and passphrase to launch Distributed Denial of Service (DDoS) attacks, has raised broad awareness towards the need for increased IoT security. To better defend against Mirai infection and spread, it is critical to know how the malware operates as the first step. In this paper, we give a combined static and dynamic analysis of Mirai, basing on the results of which, we introduce the application of Threat Tracer. Threat tracer is an information system simulator initially developed to help design a system robust against Advanced Persistent Attacks(APT). It offers an intuitive track on how a cyber threat behaves in a complicated networked system. The feedback simultaneously contributes to revealing vulnerabilities of a system. Our work focuses on the replication of Mirai Malware's operating processes in Threat Tracer simulation. By achieving doing so, we believe it could offer a comprehensible description of how Mirai acts. Also, considering the continuous emergence of Mirai variants, the simulation serves as a predictor on upcoming threats' behavior patterns..
33. Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai, A new design for evaluating moving target defense system, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment..
34. Ryousuke Komiya, Yaokai Feng, Kouichi Sakurai, Detecting distributed cyber attacks in SDN based on automatic thresholding, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Distributed Cyber Attack launched from many hosts simultaneously has become one of the most sophisticated and the most dangerous attacks in the cyber world including the traditional Internet and the SDN (Software Defined Networking) environments. As a kind of centralized network environment, the SDN has been greatly developed and popularized in recent years, especially in cloud systems. Thus, how to efficiently detect distributed attacks in SDN environments has attracted great attentions in academia and industry and various researches have been done to counter such attacks. The latest related researches made attempts to exploit the information of the PacketIn packets collected in the SDN controller and those methods proved efficient for detecting distributed cyber attacks in SDN environments. However, such methods adopted a threshold for distinguishing between attacks and normal situations. The threshold must be properly determined manually in advance, which is not easy in many applications even for experts. In this study, we try to automatically extract a proper threshold from the historical data of the monitored SDN environment so that the difficult parameter-tuning (determination of the threshold) process can be removed. In addition, because the extracted threshold can well reflect the actual situations of the monitored environment, a better detection performance than the existing approaches can be expected. The detection performance of our proposal is also tested using real traffic data..
35. Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai, Empirical evaluation on robustness of deep convolutional neural networks activation functions against adversarial perturbation, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Recent research has shown that deep convolutional neural networks (DCNN) are vulnerable to several different types of attacks while the reasons of such vulnerability are still under investigation. For instance, the adversarial perturbations can conduct a slight change on a natural image to make the target DCNN make the wrong recognition, while the reasons that DCNN is sensitive to such small modification are divergent from one research to another. In this paper, we evaluate the robustness of two commonly used activation functions of DCNN, namely the sigmoid and ReLu, against the recently proposed low-dimensional one-pixel attack. We show that the choosing of activation functions can be an important factor that influences the robustness of DCNN. The results show that comparing with sigmoid, the ReLu non-linearity is more vulnerable which allows the low dimensional one-pixel attack exploit much higher success rate and confidence of launching the attack. The results give insights on designing new activation functions to enhance the security of DCNN..
36. Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai, Neural cryptography based on the topology evolving neural networks, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Modern cryptographic schemes is developed based on the mathematical theory. Recently works show a new direction about cryptography based on the neural networks. Instead of learning a specific algorithm, a cryptographic scheme is generated automatically. While one kind of neural network is used to achieve the scheme, the idea of the neural cryptography can be realized by other neural network architecture is unknown. In this paper, we make use of this property to create neural cryptography scheme on a new topology evolving neural network architecture called Spectrum-diverse unified neuroevolution architecture. First, experiments are conducted to verify that Spectrum-diverse unified neuroevolution architecture is able to achieve automatic encryption and decryption. Subsequently, we do experiments to achieve the neural symmetric cryptosystem by using adversarial training..
37. Asoke K. Talukder, Manish Chaitanya, David Arnold, Kouichi Sakurai, Proof of disease
A blockchain consensus protocol for accurate medical decisions and reducing the disease burden, 4th IEEE SmartWorld, 15th IEEE International Conference on Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People and Smart City Innovations, SmartWorld/UIC/ATC/ScalCom/CBDCom/IoP/SCI 2018, 2018.12, Studies suggest that a significant proportion of the diagnosis in non-communicable diseases (NCD) is erroneous, unwanted, or unnecessary. To reduce the disease burden and improve public health, algorithmic support is essential. To realize this, health data must be computer understandable, secured, ubiquitous, and interoperable. Medical and disease data entered into computers are unstructured natural language texts with medical jargons which a computer normally cannot understand. EMR (Electronic Medical Records) are data silos in the hospital and do not interoperate. In this paper we present Ethereum based future ready Proof of Disease (PoD) consensus protocol with a computer understandable single instance of truth. It will solve many challenges that electronic health records (EHR) or health information exchange (HIE) have failed to address. This medical system will help achieve all the complex needs of P6 (Participatory, Personalized, Proactive, Preventive, Predictive and Precision) medicine and finally reduce the disease burden..
38. Yuki Nishida, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai, Suppressing chain size of blockchain-based information sharing for swarm robotic systems, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Swarm robotics is a research field in which a group of autonomous robots execute tasks through cooperative works. Sharing information among robots is a central function for an optimal performance of the system. Given that the swarm network structure constantly changes when robots move, it becomes difficult to guarantee on information sharing by all swarm members. We, in this work, propose an approach for information sharing on swarm robotic systems by using Blockchain technology. A function of distributed ledger in Blockchain technology has possibility to solve the information sharing problem and to easily synchronize their state. However, because Blockchain persistently keeps past transactions, the increase of its chain size is one of the serious issues to manage Blockchain technology. In this paper, we introduce a methodology to share information among autonomous robots and demonstrate through experiments that how the differences in data size recorded in the blockchain affect the chain size. As a result, compared with our previous approach, we succeeded in suppressing increase in chain size by using the proposal approach; it was reduced the amount of increase in chain size about 73.0% when each node repeatedly shared about 2.8KB image data by 100 times..
39. Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai, Tracing MIRAI malware in networked system, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, In 2021, it is anticipated that there will be approximately 30 billion Internet of Things (IoT) devices. The tremendous aggregate value of the IoT makes it a tempting and lucrative target for cyber criminals. The breakout of Mirai malware, which compromises poorly secured IoT devices with factory-default username and passphrase to launch Distributed Denial of Service (DDoS) attacks, has raised broad awareness towards the need for increased IoT security. To better defend against Mirai infection and spread, it is critical to know how the malware operates as the first step. In this paper, we give a combined static and dynamic analysis of Mirai, basing on the results of which, we introduce the application of Threat Tracer. Threat tracer is an information system simulator initially developed to help design a system robust against Advanced Persistent Attacks(APT). It offers an intuitive track on how a cyber threat behaves in a complicated networked system. The feedback simultaneously contributes to revealing vulnerabilities of a system. Our work focuses on the replication of Mirai Malware's operating processes in Threat Tracer simulation. By achieving doing so, we believe it could offer a comprehensible description of how Mirai acts. Also, considering the continuous emergence of Mirai variants, the simulation serves as a predictor on upcoming threats' behavior patterns..
40. Wai Kyi Kyi Oo, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai, A new design for evaluating moving target defense system, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Moving Target Defense (MTD) concept has been a feasible idea for reducing the possibility of attack happening through alternation attack surfaces or diversification the attribute or parameters of a protected system. As a result of applying MTD techniques to the system, an attacker would have more difficulties in exploiting a vulnerabilities of the target system. This study proposes an evaluation method of MTD systems combined with several different MTD techniques. The proposed method is a primary step in designing an evaluation model for the effectiveness of MTD. The main goal is to estimate the attack success ratio on the MTD systems mitigating from threats of executable binary file or malware injection. With the proposed evaluation method, we expect to prove that the MTD technology can enhance the security of a web server, and can be applied in a real-world information system. As our preliminary work done, we set up a prototype framework to validate the proposed work in a pseudo-experimental environment..
41. Ryousuke Komiya, Yaokai Feng, Kouichi Sakurai, Detecting distributed cyber attacks in SDN based on automatic thresholding, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Distributed Cyber Attack launched from many hosts simultaneously has become one of the most sophisticated and the most dangerous attacks in the cyber world including the traditional Internet and the SDN (Software Defined Networking) environments. As a kind of centralized network environment, the SDN has been greatly developed and popularized in recent years, especially in cloud systems. Thus, how to efficiently detect distributed attacks in SDN environments has attracted great attentions in academia and industry and various researches have been done to counter such attacks. The latest related researches made attempts to exploit the information of the PacketIn packets collected in the SDN controller and those methods proved efficient for detecting distributed cyber attacks in SDN environments. However, such methods adopted a threshold for distinguishing between attacks and normal situations. The threshold must be properly determined manually in advance, which is not easy in many applications even for experts. In this study, we try to automatically extract a proper threshold from the historical data of the monitored SDN environment so that the difficult parameter-tuning (determination of the threshold) process can be removed. In addition, because the extracted threshold can well reflect the actual situations of the monitored environment, a better detection performance than the existing approaches can be expected. The detection performance of our proposal is also tested using real traffic data..
42. Jiawei Su, Danilo Vasconcellos Vargas, Kouichi Sakurai, Empirical evaluation on robustness of deep convolutional neural networks activation functions against adversarial perturbation, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Recent research has shown that deep convolutional neural networks (DCNN) are vulnerable to several different types of attacks while the reasons of such vulnerability are still under investigation. For instance, the adversarial perturbations can conduct a slight change on a natural image to make the target DCNN make the wrong recognition, while the reasons that DCNN is sensitive to such small modification are divergent from one research to another. In this paper, we evaluate the robustness of two commonly used activation functions of DCNN, namely the sigmoid and ReLu, against the recently proposed low-dimensional one-pixel attack. We show that the choosing of activation functions can be an important factor that influences the robustness of DCNN. The results show that comparing with sigmoid, the ReLu non-linearity is more vulnerable which allows the low dimensional one-pixel attack exploit much higher success rate and confidence of launching the attack. The results give insights on designing new activation functions to enhance the security of DCNN..
43. Yuetong Zhu, Danilo Vasconcellos Vargas, Kouichi Sakurai, Neural cryptography based on the topology evolving neural networks, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Modern cryptographic schemes is developed based on the mathematical theory. Recently works show a new direction about cryptography based on the neural networks. Instead of learning a specific algorithm, a cryptographic scheme is generated automatically. While one kind of neural network is used to achieve the scheme, the idea of the neural cryptography can be realized by other neural network architecture is unknown. In this paper, we make use of this property to create neural cryptography scheme on a new topology evolving neural network architecture called Spectrum-diverse unified neuroevolution architecture. First, experiments are conducted to verify that Spectrum-diverse unified neuroevolution architecture is able to achieve automatic encryption and decryption. Subsequently, we do experiments to achieve the neural symmetric cryptosystem by using adversarial training..
44. Asoke K. Talukder, Manish Chaitanya, David Arnold, Kouichi Sakurai, Proof of disease
A blockchain consensus protocol for accurate medical decisions and reducing the disease burden, 4th IEEE SmartWorld, 15th IEEE International Conference on Ubiquitous Intelligence and Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People and Smart City Innovations, SmartWorld/UIC/ATC/ScalCom/CBDCom/IoP/SCI 2018, 2018.12, Studies suggest that a significant proportion of the diagnosis in non-communicable diseases (NCD) is erroneous, unwanted, or unnecessary. To reduce the disease burden and improve public health, algorithmic support is essential. To realize this, health data must be computer understandable, secured, ubiquitous, and interoperable. Medical and disease data entered into computers are unstructured natural language texts with medical jargons which a computer normally cannot understand. EMR (Electronic Medical Records) are data silos in the hospital and do not interoperate. In this paper we present Ethereum based future ready Proof of Disease (PoD) consensus protocol with a computer understandable single instance of truth. It will solve many challenges that electronic health records (EHR) or health information exchange (HIE) have failed to address. This medical system will help achieve all the complex needs of P6 (Participatory, Personalized, Proactive, Preventive, Predictive and Precision) medicine and finally reduce the disease burden..
45. Yuki Nishida, Kosuke Kaneko, Subodh Sharma, Kouichi Sakurai, Suppressing chain size of blockchain-based information sharing for swarm robotic systems, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, Swarm robotics is a research field in which a group of autonomous robots execute tasks through cooperative works. Sharing information among robots is a central function for an optimal performance of the system. Given that the swarm network structure constantly changes when robots move, it becomes difficult to guarantee on information sharing by all swarm members. We, in this work, propose an approach for information sharing on swarm robotic systems by using Blockchain technology. A function of distributed ledger in Blockchain technology has possibility to solve the information sharing problem and to easily synchronize their state. However, because Blockchain persistently keeps past transactions, the increase of its chain size is one of the serious issues to manage Blockchain technology. In this paper, we introduce a methodology to share information among autonomous robots and demonstrate through experiments that how the differences in data size recorded in the blockchain affect the chain size. As a result, compared with our previous approach, we succeeded in suppressing increase in chain size by using the proposal approach; it was reduced the amount of increase in chain size about 73.0% when each node repeatedly shared about 2.8KB image data by 100 times..
46. Yao Xu, Hiroshi Koide, Danilo Vasconcellos Vargas, Kouichi Sakurai, Tracing MIRAI malware in networked system, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, 2018.12, In 2021, it is anticipated that there will be approximately 30 billion Internet of Things (IoT) devices. The tremendous aggregate value of the IoT makes it a tempting and lucrative target for cyber criminals. The breakout of Mirai malware, which compromises poorly secured IoT devices with factory-default username and passphrase to launch Distributed Denial of Service (DDoS) attacks, has raised broad awareness towards the need for increased IoT security. To better defend against Mirai infection and spread, it is critical to know how the malware operates as the first step. In this paper, we give a combined static and dynamic analysis of Mirai, basing on the results of which, we introduce the application of Threat Tracer. Threat tracer is an information system simulator initially developed to help design a system robust against Advanced Persistent Attacks(APT). It offers an intuitive track on how a cyber threat behaves in a complicated networked system. The feedback simultaneously contributes to revealing vulnerabilities of a system. Our work focuses on the replication of Mirai Malware's operating processes in Threat Tracer simulation. By achieving doing so, we believe it could offer a comprehensible description of how Mirai acts. Also, considering the continuous emergence of Mirai variants, the simulation serves as a predictor on upcoming threats' behavior patterns..
47. Yaokai Feng, Hitoshi Akiyama, Liang Lu, Kouichi Sakurai, Feature selection for machine learning-based early detection of distributed cyber attacks, 16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018, 2018.10, It is well known that distributed cyber attacks simultaneously launched from many hosts have caused the most serious problems in recent years including problems of privacy leakage and denial of services. Thus, how to detect those attacks at early stage has become an important and urgent topic in the cyber security community. For this purpose, recognizing C&C (Command & Control) communication between compromised bots and the C&C server becomes a crucially important issue, because C&C communication is in the preparation phase of distributed attacks. Although attack detection based on signature has been practically applied since long ago, it is well-known that it cannot efficiently deal with new kinds of attacks. In recent years, ML(Machine learning)-based detection methods have been studied widely. In those methods, feature selection is obviously very important to the detection performance. We once utilized up to 55 features to pick out C&C traffic in order to accomplish early detection of DDoS attacks. In this work, we try to answer the question that 'Are all of those features really necessary?' We mainly investigate how the detection performance moves as the features are removed from those having lowest importance and we try to make it clear that what features should be payed attention for early detection of distributed attacks. We use honeypot data collected during the period from 2008 to 2013. SVM(Support Vector Machine) and PCA(Principal Component Analysis) are utilized for feature selection and SVM and RF(Random Forest) are for building the classifier. We find that the detection performance is generally getting better if more features are utilized. However, after the number of features has reached around 40, the detection performance will not change much even more features are used. It is also verified that, in some specific cases, more features do not always means a better detection performance. We also discuss 10 important features which have the biggest influence on classification..
48. Yaokai Feng, Hitoshi Akiyama, Liang Lu, Kouichi Sakurai, Feature selection for machine learning-based early detection of distributed cyber attacks, 16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018, 2018.10, It is well known that distributed cyber attacks simultaneously launched from many hosts have caused the most serious problems in recent years including problems of privacy leakage and denial of services. Thus, how to detect those attacks at early stage has become an important and urgent topic in the cyber security community. For this purpose, recognizing C&C (Command & Control) communication between compromised bots and the C&C server becomes a crucially important issue, because C&C communication is in the preparation phase of distributed attacks. Although attack detection based on signature has been practically applied since long ago, it is well-known that it cannot efficiently deal with new kinds of attacks. In recent years, ML(Machine learning)-based detection methods have been studied widely. In those methods, feature selection is obviously very important to the detection performance. We once utilized up to 55 features to pick out C&C traffic in order to accomplish early detection of DDoS attacks. In this work, we try to answer the question that 'Are all of those features really necessary?' We mainly investigate how the detection performance moves as the features are removed from those having lowest importance and we try to make it clear that what features should be payed attention for early detection of distributed attacks. We use honeypot data collected during the period from 2008 to 2013. SVM(Support Vector Machine) and PCA(Principal Component Analysis) are utilized for feature selection and SVM and RF(Random Forest) are for building the classifier. We find that the detection performance is generally getting better if more features are utilized. However, after the number of features has reached around 40, the detection performance will not change much even more features are used. It is also verified that, in some specific cases, more features do not always means a better detection performance. We also discuss 10 important features which have the biggest influence on classification..
49. Yaokai Feng, Hitoshi Akiyama, Liang Lu, Kouichi Sakurai, Feature selection for machine learning-based early detection of distributed cyber attacks, 16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018, 2018.10, It is well known that distributed cyber attacks simultaneously launched from many hosts have caused the most serious problems in recent years including problems of privacy leakage and denial of services. Thus, how to detect those attacks at early stage has become an important and urgent topic in the cyber security community. For this purpose, recognizing C&C (Command & Control) communication between compromised bots and the C&C server becomes a crucially important issue, because C&C communication is in the preparation phase of distributed attacks. Although attack detection based on signature has been practically applied since long ago, it is well-known that it cannot efficiently deal with new kinds of attacks. In recent years, ML(Machine learning)-based detection methods have been studied widely. In those methods, feature selection is obviously very important to the detection performance. We once utilized up to 55 features to pick out C&C traffic in order to accomplish early detection of DDoS attacks. In this work, we try to answer the question that 'Are all of those features really necessary?' We mainly investigate how the detection performance moves as the features are removed from those having lowest importance and we try to make it clear that what features should be payed attention for early detection of distributed attacks. We use honeypot data collected during the period from 2008 to 2013. SVM(Support Vector Machine) and PCA(Principal Component Analysis) are utilized for feature selection and SVM and RF(Random Forest) are for building the classifier. We find that the detection performance is generally getting better if more features are utilized. However, after the number of features has reached around 40, the detection performance will not change much even more features are used. It is also verified that, in some specific cases, more features do not always means a better detection performance. We also discuss 10 important features which have the biggest influence on classification..
50. Yuto Nakano, Seira Hidano, Shinsaku Kiyomoto, Kouichi Sakurai, Active attack against oblivious RAM, 32nd IEEE International Conference on Advanced Information Networking and Applications, AINA 2018, 2018.08, When a user consumes an encrypted digital content (for example video and music files), the player application accesses the secret key to decrypt the content. If the user is malicious, he can analyse the access pattern of the player application to extract the secret key efficiently. Oblivious RAMs (ORAMs) are effective solution for such threats. However, ORAMs are only effective for 'passive' attackers who can observe the RAM access done by the application, but cannot alter data stored on RAM. The attacker with ability to alter data on RAM can be called 'active' attackers. In this paper, we evaluate the security of ORAM schemes against active adversaries where they alter data on RAM and try to efficiently extract the secret information. We also propose countermeasures against active adversaries..
51. Yuto Nakano, Seira Hidano, Shinsaku Kiyomoto, Kouichi Sakurai, Active attack against oblivious RAM, 32nd IEEE International Conference on Advanced Information Networking and Applications, AINA 2018, 2018.08, When a user consumes an encrypted digital content (for example video and music files), the player application accesses the secret key to decrypt the content. If the user is malicious, he can analyse the access pattern of the player application to extract the secret key efficiently. Oblivious RAMs (ORAMs) are effective solution for such threats. However, ORAMs are only effective for 'passive' attackers who can observe the RAM access done by the application, but cannot alter data stored on RAM. The attacker with ability to alter data on RAM can be called 'active' attackers. In this paper, we evaluate the security of ORAM schemes against active adversaries where they alter data on RAM and try to efficiently extract the secret information. We also propose countermeasures against active adversaries..
52. Yuto Nakano, Seira Hidano, Shinsaku Kiyomoto, Kouichi Sakurai, Active attack against oblivious RAM, 32nd IEEE International Conference on Advanced Information Networking and Applications, AINA 2018, 2018.08, When a user consumes an encrypted digital content (for example video and music files), the player application accesses the secret key to decrypt the content. If the user is malicious, he can analyse the access pattern of the player application to extract the secret key efficiently. Oblivious RAMs (ORAMs) are effective solution for such threats. However, ORAMs are only effective for 'passive' attackers who can observe the RAM access done by the application, but cannot alter data stored on RAM. The attacker with ability to alter data on RAM can be called 'active' attackers. In this paper, we evaluate the security of ORAM schemes against active adversaries where they alter data on RAM and try to efficiently extract the secret information. We also propose countermeasures against active adversaries..
53. , [URL].
54. Jiawei Su, Danilo Vasconcellos Vargas, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai, Lightweight Classification of IoT Malware Based on Image Recognition, 42nd IEEE Computer Software and Applications Conference, COMPSAC 2018, 2018.06, The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware, and 81:8% accuracy for the classification of goodware and two main malware families..
55. Jiawei Su, Danilo Vasconcellos Vargas, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai, Lightweight Classification of IoT Malware Based on Image Recognition, 42nd IEEE Computer Software and Applications Conference, COMPSAC 2018, 2018.06, The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware, and 81:8% accuracy for the classification of goodware and two main malware families..
56. Jiawei Su, Danilo Vasconcellos Vargas, Sanjiva Prasad, Sgandurra Daniele, Yaokai Feng, Kouichi Sakurai, Lightweight Classification of IoT Malware Based on Image Recognition, 42nd IEEE Computer Software and Applications Conference, COMPSAC 2018, 2018.06, The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information and improve user experiences. IoT devices are micro-computers for domain-specific computations rather than traditional functionspecific embedded devices. This opens the possibility of seeing many kinds of existing attacks, traditionally targeted at the Internet, also directed at IoT devices. As shown by recent events, such as the Mirai and Brickerbot botnets, DDoS attacks have become very common in IoT environments as these lack basic security monitoring and protection mechanisms. In this paper, we propose a novel light-weight approach for detecting DDos malware in IoT environments. We extract the malware images (i.e., a one-channel gray-scale image converted from a malware binary) and utilize a light-weight convolutional neural network for classifying their families. The experimental results show that the proposed system can achieve 94:0% accuracy for the classification of goodware and DDoS malware, and 81:8% accuracy for the classification of goodware and two main malware families..
57. Shiqian Yu, Danilo Vasconcellos Vargas, Kouichi Sakurai, Effectively Protect Your Privacy
Enabling Flexible Privacy Control on Web Tracking, 5th International Symposium on Computing and Networking, CANDAR 2017, 2018.04, Third-party tracking, which can collect the users' privacy when users are surfing the Internet, has garnered much attention. Nowadays tracker-blocking tools often use a ruleset based on the domains and elements that need to be blocked. This results in blocking all access tracking, even though the website shows no sign about tracking users' privacy. And what's more, although the tracker-blocking tools try their best to block all the third-party tracking, not all the users dislike the advertisement. Some of them think if their privacy is fine, it's all right to accept advertisements. In this paper, we present a novel framework by using Word2Vec to block third-party tracking. Our goal is to create more flexible and well-developed ruleset that can help users to protect their privacy according to their needs. Instead of blocking all access tracking, we decide to pay more attention to the websites that have a strong probability to collect the users' privacy. We use Word2Vec to classify the websites, and our results show that after using our framework, the error rate drops from 71% to 24%. We believe it brings the new blood into the field of web privacy by providing not only the new third-party tracking tool but also a novel way of thinking about how to block the third-party tracking..
58. Xiang You, Yaokai Feng, Kouichi Sakurai, Packet in Message Based DDoS Attack Detection in SDN Network Using OpenFlow, 5th International Symposium on Computing and Networking, CANDAR 2017, 2018.04, Using the OpenFlow protocol, the virtual network technology SDN (Software Defined Network) is now widely used. In recent years, the number of DDoS attacks has been increasing year by year. To detect DDoS attacks in SDN, data recorded in the flow table in OpenFlow switch is analyzed and various detection methods are submitted. However, SDN centrally manages communication within the network, when detecting DDoS (Distributed Denial of Service) attacks. This creates a heavy processing load, and the processing load of the OpenFlow controller must be considered. In this paper, in order to reduce the processing load of the controller, we do not collect data of the flow table, extract three features from the Packet In message for communication between the controller and the switch, and perform real-time attack detection. Furthermore, to avoid stringent detection time intervals, triggers will be added before detection to realize light and dynamic DDoS attacks detection..
59. Shiqian Yu, Danilo Vasconcellos Vargas, Kouichi Sakurai, Effectively Protect Your Privacy
Enabling Flexible Privacy Control on Web Tracking, 5th International Symposium on Computing and Networking, CANDAR 2017, 2018.04, Third-party tracking, which can collect the users' privacy when users are surfing the Internet, has garnered much attention. Nowadays tracker-blocking tools often use a ruleset based on the domains and elements that need to be blocked. This results in blocking all access tracking, even though the website shows no sign about tracking users' privacy. And what's more, although the tracker-blocking tools try their best to block all the third-party tracking, not all the users dislike the advertisement. Some of them think if their privacy is fine, it's all right to accept advertisements. In this paper, we present a novel framework by using Word2Vec to block third-party tracking. Our goal is to create more flexible and well-developed ruleset that can help users to protect their privacy according to their needs. Instead of blocking all access tracking, we decide to pay more attention to the websites that have a strong probability to collect the users' privacy. We use Word2Vec to classify the websites, and our results show that after using our framework, the error rate drops from 71% to 24%. We believe it brings the new blood into the field of web privacy by providing not only the new third-party tracking tool but also a novel way of thinking about how to block the third-party tracking..
60. Xiang You, Yaokai Feng, Kouichi Sakurai, Packet in Message Based DDoS Attack Detection in SDN Network Using OpenFlow, 5th International Symposium on Computing and Networking, CANDAR 2017, 2018.04, Using the OpenFlow protocol, the virtual network technology SDN (Software Defined Network) is now widely used. In recent years, the number of DDoS attacks has been increasing year by year. To detect DDoS attacks in SDN, data recorded in the flow table in OpenFlow switch is analyzed and various detection methods are submitted. However, SDN centrally manages communication within the network, when detecting DDoS (Distributed Denial of Service) attacks. This creates a heavy processing load, and the processing load of the OpenFlow controller must be considered. In this paper, in order to reduce the processing load of the controller, we do not collect data of the flow table, extract three features from the Packet In message for communication between the controller and the switch, and perform real-time attack detection. Furthermore, to avoid stringent detection time intervals, triggers will be added before detection to realize light and dynamic DDoS attacks detection..
61. Shiqian Yu, Danilo Vasconcellos Vargas, Kouichi Sakurai, Effectively Protect Your Privacy
Enabling Flexible Privacy Control on Web Tracking, 5th International Symposium on Computing and Networking, CANDAR 2017, 2018.04, Third-party tracking, which can collect the users' privacy when users are surfing the Internet, has garnered much attention. Nowadays tracker-blocking tools often use a ruleset based on the domains and elements that need to be blocked. This results in blocking all access tracking, even though the website shows no sign about tracking users' privacy. And what's more, although the tracker-blocking tools try their best to block all the third-party tracking, not all the users dislike the advertisement. Some of them think if their privacy is fine, it's all right to accept advertisements. In this paper, we present a novel framework by using Word2Vec to block third-party tracking. Our goal is to create more flexible and well-developed ruleset that can help users to protect their privacy according to their needs. Instead of blocking all access tracking, we decide to pay more attention to the websites that have a strong probability to collect the users' privacy. We use Word2Vec to classify the websites, and our results show that after using our framework, the error rate drops from 71% to 24%. We believe it brings the new blood into the field of web privacy by providing not only the new third-party tracking tool but also a novel way of thinking about how to block the third-party tracking..
62. Xiang You, Yaokai Feng, Kouichi Sakurai, Packet in Message Based DDoS Attack Detection in SDN Network Using OpenFlow, 5th International Symposium on Computing and Networking, CANDAR 2017, 2018.04, Using the OpenFlow protocol, the virtual network technology SDN (Software Defined Network) is now widely used. In recent years, the number of DDoS attacks has been increasing year by year. To detect DDoS attacks in SDN, data recorded in the flow table in OpenFlow switch is analyzed and various detection methods are submitted. However, SDN centrally manages communication within the network, when detecting DDoS (Distributed Denial of Service) attacks. This creates a heavy processing load, and the processing load of the OpenFlow controller must be considered. In this paper, in order to reduce the processing load of the controller, we do not collect data of the flow table, extract three features from the Packet In message for communication between the controller and the switch, and perform real-time attack detection. Furthermore, to avoid stringent detection time intervals, triggers will be added before detection to realize light and dynamic DDoS attacks detection..
63. Kouichi SAKURAI, Power and limitation of Adversarial Machine Learning an thdeir consequences, The Conference for ICT-Research in the Netherlands, 2018.03, [URL].
64. Kouichi SAKURAI, Non-commutative approach enhance security of cryptosytems ?—    from Ong-Schnorr-Shamir via Sato-Araki towards Post Quantum Paradigm --, 4th International Conference on Mathematics and Computing, 2018.01.
65. Kurt Sauer, Michael David, Kouichi Sakurai, Hardware trojan cyber-physical threats to supply chains, 13th International Conference on Cyber Warfare and Security, ICCWS 2018, 2018.01, Many actors are involved in the supply chain processes needed to produce an integrated circuit. Any one of these individuals or groups could make illicit copies of semiconductor IP during their work. In addition, chips could be intentionally compromised during the design process, before they are even manufactured. If placed into the design with sufficient skill, these built-in vulnerabilities would be extremely difficult to detect during testing. Moreover, they could lay dormant, only to be triggered months or years later to disrupt or exfiltrate data from a system containing the compromised chip. This paper primarily reviews the risks posed by design tampering, looks at threat actors and their possible activities, threat models for these activities, and possible mitigations. It assesses the impacts of security composability theory on risk management and practical design, and tries to identify the greatest threat. Our proposal is to contrast Trojan insertion risks at the two ends of the spectrum in early design phase: first at the highest abstraction level, the RTL description, and second at the layout level, in GDSII. A key question for the future is how to develop security architectures that are Trojan tolerant, meaning that other layers of protective controls exist to protect the overall system from malfunctioning at a level commensurate with the risk tolerance of the system. The views expressed do not reflect the official policy or position of the National Intelligence University, the Department of Defense, the U.S. Intelligence Community, or the U.S. Government..
66. Partha Sarathi Roy, Sabyasachi Dutta, Kirill Morozov, Avishek Adhikari, Kazuhide Fukushima, Shinsaku Kiyomoto, Kouichi Sakurai, Hierarchical secret sharing schemes secure against rushing adversary
Cheater identification and robustness, 14th International Conference on Information Security Practice and Experience, ISPEC 2018, 2018.01, Threshold access structures of secret sharing schemes capture a scenario in which all the participants have the same weight (or power) and their contributions are equal. However, in some situations such as gradation among officials in an organization, the participants have different weights. Hierarchical access structures capture those natural scenarios, where different levels of hierarchy are present and a participant belongs precisely to one of them. Although an extensive research addressing the issues of cheater identifiability and robustness have been done for threshold secret sharing, no such research has been carried out for hierarchical secret sharing (HSS). This paper resolves this long-standing open issue by presenting definitions and constructions of both cheater identifiable and robust HSS schemes secure against rushing adversary, in the information-theoretic setting..
67. Amril Syalim, Kouichi Sakurai, How to sign multiple versions of digital documents, 2017 International Workshop on Big Data and Information Security, WBIS 2017, 2018.01, In some applications, it is useful to record multiple versions of digital documents, so that we can trace the history and changes applied to the documents. The creators of the documents are often required to sign the documents to protect the origin and integrity of the documents. A typical implementation of the signature method is by using a standard signature scheme (i.e. RSA) and storing the signature along with the document. The version numbers of the documents are appended to the documents before signing. The problem is, when we need to sign many versions of the documents, the signer should create the signature of each version, which is not efficient in term of the storage. In this paper, we propose a more efficient method to sign multiple version of digital document and show the security argument of the signature scheme..
68. Amril Syalim, Takashi Nishide, Kouichi Sakurai, Improved proxy re-encryption scheme for symmetric key cryptography, 2017 International Workshop on Big Data and Information Security, WBIS 2017, 2018.01, A proxy re-encryption scheme is a scheme that can be executed by a semi-trusted proxy, so that we can convert a ciphertext encrypted with a key to another ciphertext without allowing the proxy to access the plaintext. A method to implement a secure proxy re-encryption is by first converting the plaintext to an intermediate form by using an all or nothing transform (AONT). In this paper, we describe an improved proxy re-encryption scheme for symmetric cipher by advocating the usage of a variant of the AONT function in the proxy re-encryption scheme. We show that the scheme secure under Chosen Plaintext Attack (CPA) for all possible types of attackers..
69. Jyotirmoy Pramanik, Partha Sarathi Roy, Sabyasachi Dutta, Avishek Adhikari, Kouichi Sakurai, Secret Sharing Schemes on Compartmental Access Structure in Presence of Cheaters, 14th International Conference on Information Systems Security, ICISS 2018, 2018.01, Various adversarial scenarios have been considered in secret sharing for threshold access structure. However, threshold access structure can not provide efficient solution when participants are classified in different compartments. Of many access structures for which ideal secret sharing schemes can be realized, compartmental access structure is an important one. This paper is targeted to initiate the study of secret sharing schemes for compartmental access structure secure against malicious adversary. This paper presents definitions of cheating detectable, cheater identifiable and robust secret sharing schemes in compartmental access structure and their realization through five different constructions in the information-theoretic setting. Moreover in case of cheater identification and robustness, proposed protocols are secure against rushing adversary who are allowed to submit (possibly forged) shares after observing shares of the honest participants in the reconstruction phase..
70. Kouichi SAKURAI, How to Teach Crypto-Math for Under Graduate, The Tenth International Conference on Science and Mathematics Education in Developing Countries , 2017.11.
71. Wissam Razouk, Daniele Sgandurra, Kouichi Sakurai, A new security middleware architecture based on fog computing and cloud to support IoT constrained devices, 1st International Conference on Internet of Things and Machine Learning, IML 2017, 2017.10, The increase of sensitive data in the current Internet of Things (IoT) raises demands of computation, communication and storage capabilities. Indeed, thanks to RFID tags and wireless sensor networks, anything can be part of IoT. As a result, a large amount of data is generated, which is hard for many IoT devices to handle, as many IoT devices are resource-constrained and cannot use the existing standard security protocols. Cloud computing might seem like a convenient solution, since it offers on-demand access to a shared pool of resources such as processors, storage, applications and services. However this comes as a cost, as unnecessary communications not only burden the core network, but also the data center in the cloud. Therefore, considering suitable approaches such as fog computing and security middleware solutions is crucial. In this paper, we propose a novel middleware architecture to solve the above issues, and discuss the generic concept of using fog computing along with cloud in order to achieve a higher security level. Our security middleware acts as a smart gateway as it is meant to pre-process data at the edge of the network. Depending on the received information, data might either be processed and stored locally on fog or sent to the cloud for further processing. Moreover, in our scheme, IoT constrained devices communicate through the proposed middleware, which provide access to more computing power and enhanced capability to perform secure communications. We discuss these concepts in detail, and explain how our proposal is effective to cope with some of the most relevant IoT security challenges..
72. , [URL].
73. Kouichi Sakurai, Anti-forensic Aspects in Biometric Authentication Protocols:
Receipt-freeness, Coercion-Resistance, and Undeniability, UAE Cyber Security Workshop, 2016.04, [URL].
74. Kouichi Sakurai, Forensic vs. Anti-forensic in Biometirics: Towards Receipt-freeness and Coercion-Resistance in biometric authentication protocols, ICoICT 2015 (The 3rd International Conference of Information and Communication Technology), 2015.09, [URL], Currently, cancelable biometrics, asymmetric biometric authentication, and some related methods are proposed as remote biometrics. These proposals are discussed in the viewpoint of privacy protection. Namely, thet are regarded as forensic approach which means collecting evidence for some person’s authentication. However, there are a few research on no anti-forensic approach which includes remaining no data in authentication systems. Therefore, we define “receipt-freeness” of biometric authentication protocol, which means no evidence left, as a first step. We analyze some remote biometric authentication protocols about “receipt-freeness.” This talk also consider the property and recent techniques for Coercion-Resistance in biometric authentication protocols, which have been investigated in electronic voting schemes..
75. 櫻井 幸一, How much is your phone-number, living address or date of your birth ?, International Workshop on Cybersecurity, 2015.07.
76. Kouichi Sakurai, New infrastructure and applications developed from a cryptocurrency BITCOIN and a platform ETHEREUM, ICoICT 2015 (The 3rd International Conference of Information and Communication Technology), 2015.05, [URL], Bitcoin is a peer-to-peer payment system and digital currency designed by the inventor named Satoshi Nakamoto. In this talk, we overview the current status of BITCOIN including problems from recent news. We also discuss a new cryptographic infrastructure inspired by BITCOIN, which is a kind of Decentralized Cryptographic system, whereas the traditional PKI is purely centralized. We further consider new applications with such decentralized cryptographic infrastructure including digital right management service. The state of the art with ETHEREUM, a platform for decentralized application which is inspired from BITCOIN, is also reported..
77. Kouichi Sakurai, Keynote speech"Mobile Forensic aspects of Web browser: from HTML4 to HTML5", 2014 International Workshop on Applications and Technologies in Cyber Security (ATCS)September 23, 2014, Beijing, China, 2014.09.
78. Satoshi Tanaka, Takanori Yasuda, Kouichi Sakurai, Implementation of Efficient Operations over GF(232) Using Graphics Processing Units, ICT-EurAsia 2014, 2014.04.
79. Takanori Yasuda, Tsuyoshi Takagi, Kouichi Sakurai, Efficient Variant of Rainbow without Triangular Matrix Representation, ICT-EurAsia 2014, 2014.04.
80. Kouichi Sakurai, Bitcoin: Current Status, Problems, Prospect and Applications, MMU, 2014.03, マルチメディア大学(MMU)は1996年に電話通信系企業テレコムマレーシアが100%
出資により設立したマレーシア初の私立大学である.*学生向け講演*.またMMUの学生向けの講演を穴田研究員(ISIT紹介,20分)及び下名(“
Bitcoin”,60分)が行った.参加者は学生や教員50名以上で, 7,8件の質問が聴講者から寄せられる等,内容が伝わり講演は盛況であった
.
81. Hiroaki Anada, Seiko Arita, Kouichi Sakurai, Attribute-Based Identification Schemes of Proofs of Knowledge
, SCIS2014, 2014.01.
82. Wataru Tsuda, Yoshiaki Hori, Kouichi Sakurai, Performance Evaluation of Information Theoretic Secure Multi-channel Transmission on Multihop Wireless Network, BWCCA 2013, 2013.10.
83. Yuuki Nishimoto, Naoya Kajiwara, Shinichi Matsumoto, Kouichi Sakurai, Detection of Android API Call Using Logging Mechanism within Android Framework, SecureComm 2013, 2013.09.
84. Kouichi Sakurai, Revisiting Identity-based encryption towards no-escrow: Application and analysis of Embedding Secret Key Information in RSA moduli, Applications and Techniques in Information Security, 2013.09.
85. Satoshi Tanaka, Takanori Yasuda, Bo-Yin Yang, Chen-Mou Cheng, Kouichi Sakurai, Efficient Computing over GF(2^16) Using Graphics Processing Unit, IMIS 2013, 2013.07.
86. Kazumasa Yamauchi, Yoshiaki Hori, Kouichi Sakurai, Detecting HTTP-Based Botnet Based on Characteristic of the C & C Session Using by SVM, AsiaJCIS 2013, 2013.07.
87. Takanori Yasuda, Tsuyoshi Takagi, Kouichi Sakurai, Multivariate Signature Scheme Using Quadratic Forms, PQCrypto 2013, 2013.06.
88. Takanori Yasuda, Jintai Ding, Tsuyoshi Takagi, Kouichi Sakurai, A variant of rainbow with shorter secret key and faster signature generation, AsiaPKC@AsiaCCS 2013, 2013.05.
89. Motoki Kitahara, Takanori Yasuda, Takashi Nishide, Kouichi Sakurai, Upper bound of the length of information embedd in RSA public key efficiently, AsiaPKC@AsiaCCS 2013, 2013.05.
90. Amril Syalim, Takashi Nishide, Kouichi Sakurai, Supporting Secure Provenance Update by Keeping "Provenance" of the Provenance, ICT-EurAsia 2013, 2013.03.
91. Shinichi Matsumoto, Kouichi Sakurai, A proposal for the privacy leakage verification tool for Android application developers, ICUIMC 2013, 2013.01.
92. Motoki Kitahara, Junpei Kawamoto, Kouichi Sakurai, A method of digital rights management based on Bitcoin protocol, ICUIMC 2014, 2013.01.
93. Masakazu Fujii, Kenichi Takahashi, Yoshiaki Hori, Kouichi Sakurai, Intrusion detection using third-parties support, 12th IEEE International Workshop on Future Trends of Distributed Computing Systems, FTDCS 2008, 2008.12, Intrusions are one of the most important issues in the current Internet environment. Therefore, a lot of researchers and companies elaborated countermeasure techniques such as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). These systems detect intrusions and prevent attackers from succeeding in their intrusion attempts. They usually rely on pattern matching and therefore, work efficiently on known-attacks. However, they do not work efficiently on unknown-attacks such as zero-day attacks and targeted attacks. This means, we should assume that our machines can be corrupted anytime. Therefore, we should consider what we can do under this assumption for a next generation security framework. In this paper, we propose a new intrusion detection methodology using the support of other machines. In our proposal, when an attacker tries to attack other machines from a corrupted machine that the attacker has already intruded, other machines notify it to the administrator of the corrupted machine. Then, the attacker may lose the corrupted machine. Therefore, the attacker restrains itself from imprudently attacking other machines. This will suppress the propagation of corrupted machines in the Internet..
94. Seiichiro Mizoguchi, Yoshiaki Hori, Kouichi Sakurai, Monitoring unused IP addresses on segments managed by DHCP, 4th International Conference on Networked Computing and Advanced Information Management, NCM 2008, 2008.12, New threats are constantly appearing on the Internet. System administrators have developed many tools to try to mitigate those threats, however, currently available coun-termeasures are still limited. Moreover, it is difficult for system administrators to fully understand what happens in their networks in (near) real time. We focus on the monitoring of network traffic sent to unused IP addresses with honeypot devices to capture information about network activity. More precisely, we consider ways of handling such unused addresses on network segments managed via DHCP (Dynamic Host Configuration Protocol). In this paper, we propose, to exploit that DHCP service to dynamically assign unused IP addresses to honeypot devices, and, discuss the design of such monitoring system..
95. Ying Qiu, Jianying Zhou, Kouichi Sakurai, Feng Bao, Trusted connection between mobile nodes and mobility anchor points in hierarchical mobile IPv6, 3rd Asia-Pacific Trusted Infrastructure Technologies Conference, APTC 2008, 2008.12, This paper proposes solutions for the trusted connection between mobile nodes and mobility anchor points in Hierarchical Mobile IPv6. Two operation modes are supported for different scenarios: The first one is authentication-only mode for the scenario that the mobility anchor point only needs to ensure any binding update messages are from the claimed mobile nodes. The second one is authentication and authorization mode for the scenario that the mobility anchor point and mobile node need to authenticate each other and the mobility anchor point also needs to know if the mobile node is authorized for using it..
96. Kohei Tatara, Yoshiaki Hori, Kouichi Sakurai, Analyzing maximum length of instruction sequence in network packets for polymorphic worm detection, 2008 International Conference on Multimedia and Ubiquitous Engineering, MUE 2008, 2008.09, The importance of the method for finding out the worms that are made through the modification of parts of their original worms increases. It is difficult to detect these worms by comparing with the simple definition that past anti-virus software adapts. Moreover, if it is not an already-known worm, it is not possible to detect it. In this paper, we pay attention to the Toth et al.'s method to extract the executable code included in the dataflows on the network and detect the attack by measuring the length of them. Then, we describe the problem of their method and how to solve it..
97. Han Yi, Yoshiaki Hori, Kouichi Sakurai, Security policy pre-evaluation towards risk analysis, 2nd International Conference on Information Security and Assurance, ISA 2008, 2008.09, Nowadays, security policy evaluation becomes a very hot topic since high QoP(Quality of Protection) is required by more and more people. Most of the researchers focus on the security policy evaluation after they have been enforced into real application systems via some real attacks. However, before security policy enforcement, the policy themselves may also contain some anomalies which shouldn't be ignored. In this paper, we pointed out the importance of security policy pre-evaluation which focuses on security , policy evaluation before policy enforcement. In addition we propose a framework for it towards risk analysis. As a concrete example, we show how to apply our framework to firewall security policies. Finally we discuss about the difficulty of our proposal and show future work interests..
98. Wang Yufeng, Yoshiaki Hori, Kouichi Sakurai, Thoughts on multi-disciplinary inspired research on open network and information system, 22nd International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINA 2008, 2008.09, Current and future computing system acting as the fundamental infrastructure of our society should be multi-disciplinary research topics, and possess the economic-social characteristics which reflect the features of our society. Specifically, in this paper, we propose a unified framework to categorize and describe research problems in socially-inspired computing system from two distinctive viewpoints. That is, in macro-level, we propose architectural space including economic space, intelligent space and trust space to characterize the whole system; in micro-level, we demonstrate that it is suitable to adapt some interdisciplinary concepts and theories to better understand and properly address problems in communications network. Finally, we illustrate the interdependence between architectural space and interaction space, that is, the local interaction behaviors should shape and be shaped by architectural properties..
99. Kenichi Takahashi, Akihiro Sakai, Kouichi Sakurai, Invalidation of mailing list address to block spam mails, 3rd IEEE Asia-Pacific Services Computing Conference, APSCC 2008, 2008.01, Mailing lists are used for information exchange in specific groups. However, in the recent times, the number of spam mails received has increased, and considerable amount of time is wasted in filtering spam mails. Spam filtering techniques are widerly used tool, however, they produce false positive and false negative results. We propose a system to block spam mails in a mailing list. In our system, we assign different posting addresses to different mailing list members. A mailing list member sends a mail to the mail address assigned to him for sending a mail to the mailing list. When a spam mail is received, the address that is the cause of the spam mail is identified and invalidated, and a new address is assigned to the member. Thus, we can block spam mails from the invalidated address. Furthermore, our system is highly compatibile with current mail systems because our system does not require any particular software to be installed in the client machines..
100. Taketoshi Sakuraba, Bin Hui Chou, Seiichi Domyo, Kouichi Sakurai, Exploring security countermeasures along the attack sequence, 2nd International Conference on Information Security and Assurance, ISA 2008, 2008, A Systematic method exploring security countermeasures is proposed. For each attack, one can consider the moments along the time sequence of the attack, and for each of the moments, one can define approaches of countermeasure design against the attack that is effective at the moment. One could extract new approaches from the existing counter-measures, and think of new countermeasures based on the new approaches against other threats and attacks..
101. Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai, FPGA-targeted hardware implementations of K2, International Conference on Security and Cryptography, SECRYPT 2008, 2008, K2 is a new type of word oriented stream cipher that has dynamic feedback control. Existing research has shown that K2 v2.0 is a high performance stream cipher in software implementations and can be used in several applications. However, no evaluation results for its performance in hardware implementations have been published. In this paper, we presented two hardware implementations of K2 v2.0: a high speed implementation and a compact implementation. We then show the evaluation results on FPGA implementation simulations. The implementations of K2 demonstrated high efficiency compared with other stream ciphers, with K2 being 4-10 times higher than AES implementations. We think that the FPGA implementation of K2 is suitable for applications using high speed encryption/decryption..
102. Mingchu Li, Yizhi Ren, Kouichi Sakurai, Yongrui Cui, Zhihui Wang, Granularity considering in a trust model for P2P networks, 22nd International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINA 2008, 2008, Trust research is an important issue in P2P networks. Current trust models are lack of flexibility in dynamic environment. This paper presents a fine-grained trust computation model- FineTrust. The main contribution including: offering Gauss-bar function to evaluate the similarity of service satisfaction; considering the reliability of information from different people; setting some parameters in computing trust, such as recommendation consistent, recommendation accuracy, and recommendation error, which make the result of trust evaluation more natural, and so on. Theoretic analyses and simulations show that, the proposed trust model is more precise and more robust..
103. Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai, K2 stream cipher, 4th International Conference on E-Business and Telecommunications, ICETE 2007, 2008, A variety of different clock-controlled stream ciphers and attacks on them have been described in a number of papers. However, few word-oriented algorithms with an irregular clocking mechanism have been proposed. This paper proposes a new design of irregular clocking for word-oriented stream ciphers that is dynamic feedback control and show analysis results of its security and performance. The stream cipher K2 v2.0 is a secure and high-performance stream cipher using the dynamic feedback control, which is applicable for several applications. We believe that the dynamic feedback control mechanism is potentially effective against several different types of attacks, not only existing attacks but also novel attacks..
104. Takaaki Shigematsu, Bin Hui Chou, Yoshiaki Hori, Kouichi Sakurai, Methodology for evaluating information security countermeasures of a system, 2nd International Conference on Information Security and Assurance, ISA 2008, 2008, For leveraging the security level of the systems, it is required to develop an effective and practical methodology for evaluating the adequacy of the designed and/or implemented security countermeasures for a system. We propose a model as a one of the methodologies for evaluating security countermeasures which does not depend on the characteristics of a target system shown by the supporting businesses or the system configuration or the scale. This model consists of required security countermeasures that are well arranged for easy implementing, and required technologies and activities for achieving a target level for every required countermeasures..
105. Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai, Study on trust inference and emergence of economical small-world phenomena in P2P environment, Pacific-Asia Conference on Knowledge Discovery and Data Mining, PAKDD 2007, 2007.12, With the increasing popularity of self-organized communication systems, distributed trust and reputation systems in particular have received increasing attention. By formalizing trust relationships, trust between parties within the community can be derived by analyzing the trust paths linking the parties together. This paper treats trust network as an emergent property. The emergence interpretation concerns both the maintenance and usage of trust network inference. Specifically, in P2P system, trust network is maintained by individual agents at micro level, and it is used (i.e., queried) as one entity at macro level. In this paper, we first discuss micro level activities, that is, we classifies trust into functional trust and referral trust to facilitate trust inference, and extend the referral trust to include factors of similarity and truthfulness, so that our approach can accommodate the personalized feature of reputation rating, and reduce trust inference error effectively; then we discuss macro level properties of trust network. Specifically, we investigate the emergence of network structural properties of trust and reputation system in terms of efficiency and cost. That is, efficiency measures how well information propagates over trust system, and cost measures how expensive it is to build this system. Preliminary simulation results show the performance improvement of P2P community and the emergence of economical small-world trust network, namely relatively high efficiency and low cost..
106. Akitoshi Izumi, Yoshifumi Ueshige, Kouichi Sakurai, A proposal of efficient scheme of key management using ID-based encryption and biometrics, 2007 International Conference on Multimedia and Ubiquitous Engineering, MUE 2007, 2007.12, In the information exchange through network, the security risks always exists, that is eavesdropping, defacing, and spoofing by the attacker. Crypthography, digital signature, and authentication are techniques oppose such attacker. PKI (Public Key Infrastructure) enables such technique. In PKI, the public key certificate is used. This public key certificate is issued and distributed by certificate authority, but we think that the updating of expired certificate etc. are very costly for the user. It seems that the management of secret key is more serious problem than that of public key certificate for the user. As above, in the system using public key cryptography, the managements of public key and secret key are very important problem. In order to solve the above problems, we propose the scheme that stores protected secret key which is made by combination of biometrics and secret key in the smartcard in the system which uses ID-based cryptography. In our proposal, TA (Trusted Authority) protects the secret key using biometrics information extracted from owner of that secret key and stores it as protected secret key in smartcard which has fingerprint reading function. And we must extract the same biometrics information as that is extracted at enrollment. So, we extract the helper data from biometrics information at making protected secret key and store it in smartcard. The user can restore the secret key form protected secret key by presenting his fingerprint to smart-card that has protected secret key and helper data. In our scheme, the template is not need for authentication. So, the problem of the leakes of the template arise in traditional baiometric authentication won't arise. Also we proposed the concrete operation scheme in which our scheme is used. We show that the cost of the public key and secret key management will be reduced by using this operation scheme..
107. Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai, An adaptive spreading activation approach to combating the front-peer attack in trust and reputation system, 4th International Conference on Autonomic and Trusted Computing: Bringing Safe, Self-x and Organic Computing Systems into Reality, ATC 2007, 2007.12, It is argued that group-based trust metric is effective in resisting attacks, which evaluates groups of assertions "in tandem", and generally computes trust ranks for sets of individuals according to peers' social position in trust network. Thus, the group-based trust value should be called "reputation rank". But, unfortunately, most group-based trust metrics are vulnerable to the attack of front peers, which represent these malicious colluding peers always cooperate with others in order to increase their reputation, and then provide misinformation to promote actively malicious peers. In this paper, we proposed adaptive spreading activation approach to mitigating the effect of front peer attack, in which adaptive spreading factor is used to reflect the peer's recommendation ability according to behaviors of the peer's direct/indirect children in trust network; Simulation results show that the adaptive spreading activation approach can identify and mitigate the attack of front peer..
108. Ken'ichi Takahashi, Zhaoyu Liu, Kouichi Sakurai, An approach of program analysis prevention for information protection, 2007 International Conference on Multimedia and Ubiquitous Engineering, MUE 2007, 2007.12, The evolution of mobile technologies will enable us to realize the ubiquitous computing environment. In such environment, a user's mobile terminal manages his sensitive information and assists in his activities. At the same time, information leakage will become more serious social problems. In this paper, we propose a framework which protects user's sensitive information according to a way the user supposes safe. In the framework, a user offers a program, which implements a way the user supposes safe, to an information recipient. And then, the information recipient makes use of the user's sensitive information through the program. In this manner, the user can protect his sensitive information. The framework, however, has a problem, by which the information recipient may analyze the program and obtain some sensitive information. In this paper, we introduce a tamper-proof device and trust relationship for a solution of this problem..
109. Ken'ichi Takahashi, Zhaoyu Liu, Kouichi Sakurai, Makoto Amamiya, An approach of trusted program generation for user-responsible privacy, 4th International Conference on Ubiquitous Intelligence and Computing: Building Smart Worlds in Real and Cyber Spaces, UIC 2007, 2007.12, Presently, one can use services on the Internet. These services require user's sensitive information such as name, address, credit card number, etc. However, various privacy problems such as information leakage cases are becoming serious social concern. Therefore, we propose a framework to protect user's sensitive information. It allows a user to specify the usage of his/her sensitive information and restricts the use of information by an information recipient. The main concept of the framework is that an information recipient can use sensitive information only in the manner considered safe by the information owner. This is realized by a trusted program that implements the manner of information usage trusted by the information owner. The user offers his/her trusted program to an information recipient and requires to make use of the user's sensitive information through the trusted program. In this paper, we propose the approach for trusted program generation..
110. Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai, An intrusion detection system which can restore altered data, 4th International Conference on Information Technology and Applications, ICITA 2007, 2007.12, We propose an intrusion detection system. Our system can detect the alteration of data in memory and also can restore altered data. This type of intrusion detection system has been proposed variously so far. But many of them can detect only a part of attacks. And as far as we know, few of them can restore altered data. Our system can detect attacks which can not be detected by existing systems and also can restore altered data. Our system protects data in the kernel area using hash functions. The overhead of accessing the kernel area and using a hash function is high. But our system reduces the frequency of accessing the kernel area and using a hash function in safety..
111. Fangming Zhao, Yoshiaki Hori, Kouichi Sakurai, Analysis of privacy disclosure in DNS query, 2007 International Conference on Multimedia and Ubiquitous Engineering, MUE 2007, 2007.12, When a DNS (domain name system) client needs to look up a name, it queries DNS servers to resolve the name on the Internet. The query information from the client was passed through one or more DNS servers. While useful, in the whole query transmission, we say it can leak potentially sensitive information: what a client wants to connect to, or what the client is always paying attention to? From the definition, the privacy problem is to prove that none of the private data can be inferred from the information which is made public.We firstly analyzed the complete DNS query process now in use; then, from each step of the DNS query process, we discussed the privacy disclosure problem in each step of the query: Client side, Query transmission process and DNS server side. Finally, we proposed a simple and flexible privacy-preserving query scheme "Range Query", which could maximally decrease privacy disclosure in the whole DNS query process. And we also discuss efficiency and implementation on the Range Query..
112. Yuji Kugisaki, Yoshiaki Kasahara, Yoshiaki Hori, Kouichi Sakurai, Bot detection based on traffic analysis, 2007 International Conference on Intelligent Pervasive Computing, IPC 2007, 2007.12, Recently, botnet becomes a social problem due to the expansion of bot infection. Ideally, all the vulnerable computers should be fortified to counteract laying malware. Accordingly, it is important to implement an information system which detects bot-infected computers and alerts them. In this paper, we focused on bots using IRC to communicate, and examined the behavior of such bots when they connected to an IRC server. We observed the actual traffic of some ports which were often used by IRC protocol. As a result, we confirmed that bots tried to reconnect to an IRC server at certain intervals when the server refused the connection from the bot. Moreover, we examined the distribution of the intervals and confirmed that the communication from other IP addresses showed similar behavior..
113. Tai Hoon Kim, Kouichi Sakurai, Sun Myung Hwang, Induction and implementation of security requirements in each system block, 13th International Multimedia Modeling Conference, MMM 2007, 2007.12, When building some kinds of IT systems, security-related requirements must be considered. It is essential that not only the customer's requirements for software or systems functionality should be satisfied but also the security requirements imposed on the software or systems development should be effectively analyzed and implemented in contributing to the security objectives of customer's requirements. Though the customer's requirements must be implemented to software or systems perfectly, but these are not sufficient. The secure software or systems may be implemented by not only applying security products but also considering security requirement appended to customer's requirement. In this paper, we propose a security engineering based approach considering security when developing software or systems based on System Block Model..
114. Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai, On characterizing economic-based incentive-compatible mechanisms to solving hidden information and hidden action in ad hoc network, 4th International Conference on Ubiquitous Intelligence and Computing: Building Smart Worlds in Real and Cyber Spaces, UIC 2007, 2007.12, This paper attempts to comprehensively characterize economic-based incentive compatible routing and forwarding mechanisms in ad hoc network, including hidden information in routing phase, and hidden action in forwarding phase. By incentive compatibility it means that system designer should respect rationality of nodes, and design proper incentive mechanisms to encourage nodes to conduct something beneficial to the whole system, while nodes pursued their own utility. Firstly, based on analysis of extensive game form, we argue that, for each participant, truth-telling is the expected dominant strategy equilibrium in VCG-like routing mechanism, even under the situation of mutually dependent link cost. Then, Individual rationality (IR) and Incentive Compatibility (IC) constraints are formally offered, which should be satisfied by any game theoretical routing and forwarding scheme. And different solution concepts are investigated to characterize the economic meanings of two kind forwarding approaches, that is, Nash equilibrium with no per-hop monitoring and dominant strategy equilibrium with per-hop monitoring. Finally, we discuss frugality problem in VCG-like mechanism..
115. Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai, On studying front-peer attack-resistant trust and reputation mechanisms based on enhanced spreading activation model in P2P environments, ApWeb/WAIM 2007 International Workshops: 1st International workshop on Database Management and Applications over Networks, DBMAN 2007 - 1st Workshop on Emerging Trends of Web Technologies and Applications, WebETrends 2007 - International Workshop on, 2007.12, In this paper, we proposed two enhanced trust propagation and reputation ranking approaches based on spreading activation model to mitigate the effect of front peer. By front peer it means that these malicious colluding peers always cooperate with others in order to increase their reputation, and then provide misinformation to promote actively malicious peers. One approach is to use adaptive spreading factor to reflect the peer's recommendation ability according to behaviors of the peer's direct/indirect children in trust graph; another way is to investigate the feasibility of propagating distrust to effectively combat front peer. Preliminary simulation results show that those approaches can identify and mitigate the attack of front peer..
116. Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai, Studying on economic-inspired mechanisms for routing and forwarding in wireless ad hoc network, 4th International Conference on Theory and Applications of Models of Computation, TAMC 2007, 2007.10, Considering the fact that there exist information asymmetry (hidden information) in routing phase, and moral hazard (hidden action) in forwarding phase in autonomous Ad hoc network, this paper argues that economic-based mechanisms play both a signaling and a sanctioning role, which reveal the node's true forwarding cost in routing phase while provide incentives to nodes to exert reasonable effort in forwarding phase, that is, the role of economicinspired mechanisms in information asymmetry is to induce learning whereas the role of such mechanisms in moral hazard settings is to constrain behavior. Specifically, this paper conducts the following works: considering the mutually dependent link cost, we demonstrate that, for each participant, truth-telling is the risk dominant strategy in VCG-like routing mechanism based on analysis of extensive game form. Then, Individual rationality (IR) and Incentive Compatibility (IC) constraints are formally offered, which should be satisfied by any game theoretical routing and forwarding scheme. And different solution concepts are investigated to characterize the economic meanings of two kind forwarding approaches, that is, Nash equilibrium with no per-hop monitoring and dominant strategy equilibrium with per-hop monitoring..
117. Yufeng Wang, Yoshiaki Hori, Kouichi Sakurai, Economic-inspired truthful reputation feedback mechanism in P2P networks, FTDCS 2007: 11th IEEE International Workshop on Future Trends of Distributed Computing Systems, 2007.08, Recently, cross-disciplinary efforts involving economics and computer security have proliferated. And Peer-to-Peer (P2P) reputation systems are essential to evaluate the trustworthiness of participating peers and to combat the selfish, dishonest and malicious behaviors of peers. But reputation feedback is special kind of information, and it is not free. Based on those above consideration, in this paper, VCG (Vickery-Clarke-Groves)-like reputation remuneration scheme inspired by economic model is proposed to stimulate rational peers not only to provide reputation feedback, but truthfully offer feedback..
118. Satoshi Hada, Kouichi Sakurai, A note on the (Im)possibility of using obfuscators to transform private-key encryption into public-key encryption, 2nd International Workshop on Security, IWSEC 2007, 2007, Transforming private-key encryption schemes into public-key encryption schemes is an interesting application of program obfuscation. The idea is that, given a private-key encryption scheme, an obfuscation of an encryption program with a private key embedded is used as a public key and the private key is used for decryption as it is. The security of the resulting public-key encryption scheme would be ensured because obfuscation is unintelligible and the public key is expected to leak no information on the private key. This paper investigates the possibility of general-purpose obfuscators for such a transformation, i.e., obfuscators that can transform an arbitrary private-key encryption scheme into a secure public-key encryption scheme. Barak et al. have shown a negative result, which says that there is a deterministic private-key encryption scheme that is unobfuscatable in the sense that, given any encryption program with a private key embedded, one can efficiently compute the private key. However, it is an open problem whether their result extends to probabilistic encryption schemes, where we should consider a relaxed notion of obfuscators, i.e., sampling obfuscators. Programs obfuscated by sampling obfuscators do not necessarily compute the same function as the original program, but produce the same distribution as the original program. In this paper, we show that there is a probabilistic private-key encryption scheme that can not be transformed into a secure public-key encryption scheme by sampling obfuscators which have a special property regarding input-output dependency of encryption programs. Our intention is not to claim that the required special property is reasonable. Rather, we claim that general-purpose obfuscators for the transformation, if they exist, must be a sampling obfuscator which does NOT have the special property..
119. Hyung Chan Kim, R. S. Ramakrishna, Wook Shin, Kouichi Sakurai, A policy language for the extended reference monitor in trusted operating systems, 2nd International Conference on Availability, Reliability and Security, ARES 2007, 2007, The main focus of current research in Trusted Operating Systems (TOS) is on the enhanced access control of reference monitors which, in turn, control the individual operations on a given access instance. However, many real-life runtime attacks involve behavioral semantics. We have proposed an extended reference monitor to support both access and behavior controls. This results in a sequence of operations which are also of concern in security enforcement. This paper presents a policy language for the extended reference monitor. Our policy language is based on Domain and Type Enforcement (DTE) and Role-Based Access Control (RBAC). Permission is defined as an event and a state of behavior is represented as a fluent to be accorded with the convention of Event Calculus (EC). Behavior policies can be expressed with the EC style syntax as well as access control policies..
120. Sang Soo Yeo, Kouichi Sakurai, Jin Kwak, A practical proxy device for protecting RFID tag's identifier, 2007 ECSIS Symposium on Bio-inspired, Learning, and Intelligent Systems for Security, BLISS 2007, 2007, RFID, Radio Frequency Identification, is an emerging technology in the world of automatic identification. It uses RF signal for gathering information of tags, which can be attached or embedded to goods such as consumer electronics, items in supermarkets, automobile's parts. It may make our life more comfortable and more ubiquitous, but it may make us, on the other hand, more nervous. This is because that there are some privacy problems in RFID system. More comfortable automatic identifications would lead to more disclosure of our private life. This reason rushed many researches results related to security and privacy in RFID system. However, we cannot choose anything among them for applying to the current RFID system. Most of them require either of high-cost hardware specification or giving up potential convenience of consumers. In this paper, we propose a simple privacy protection scheme that can be used for the current existing RFID system such as ISO 18000-6 type C. We modify this standard tag identification protocol slightly and introduce a light-weight proxy device for privacy enhancing..
121. Jeong Ok Kwon, Ik Rae Jeong, Kouichi Sakurai, Dong Hoon Lee, An efficient password-based e-mail protocol for encrypted e-mail transmissions on mobile equipment, 2007 Digest of Technical Papers International Conference on Consumer Electronics, 2007, This paper presents an efficient e-mail protocol that can be used for secure e-mail transmissions between mobile equipments, especially mobile phones equipped with IC (Integrated Circuit) chips. The protocol makes it possible that a user who has a mobile phone, but has no public-key certificate, sends or receives an encrypted e-mail using a memorable password shared with his mobile e-mail server only. Therefore the protocol can be more easily implemented and efficiently used for mobile e-mail systems. To the best of our knowledge, the new protocol is the first e-mail protocol does not require expensive public-key certificate related computations..
122. Hyung Chan Kim, R. S. Ramakrishna, Wook Shin, Kouichi Sakurai, Enforcement of integrated security policy in trusted operating systems, 2nd International Workshop on Security, IWSEC 2007, 2007, The main focus of Trusted Operating System (TOS) research these days is on the enhanced access control of reference monitors which, in turn, control the individual operations on a given access instance. However, many real-life runtime attacks involve behavioral semantics. It is desirable, therefore, to enforce an integrated security policy that includes both behavioral security and access control policies. We have proposed an extended reference monitor to support both access and behavior controls. This results in a sequence of operations which is also of concern in security enforcement. This paper presents the design of the extended reference monitor for integrated policy enforcement and describes its implementation in Linux operating systems..
123. Sang Soo Yeo, Kouichi Sakurai, SungEon Cho, KiSung Yang, Sung Kwon Kim, Forward secure privacy protection scheme for RFID system using advanced encryption standard, 5th International Symposium on Parallel and Distributed Processing and Applications, ISPA 2007 International Workshops: SSDSN, UPWN, WISH, SGC, ParDMCom, HiPCoMB, and IST-AWSN, 2007, There are many researches related to privacy protection in RFID system. Among them, Ohkubo's hash-based scheme is provably secure and it can protect user's privacy, prevent location tracking, and guarantee forward security completely. Unfortunately, one-way hash functions, which play important roles in Ohkubo's schem, can't be implemented into the current RFID tag hardware. So we propose a new secure protocol for RFID privacy protection, and it is a modified version of Ohkubo's scheme using Feldhofer's AES module for RFID tag. Our new scheme has almost all of advantages of Ohkubo's scheme and moreover it can be embedded into RFID tag hardware easily..
124. Shinsaku Kiyomoto, Toshiaki Tanaka, Kouichi Sakurai, K2
A stream cipher algorithm using dynamic feedback control, SECRYPT 2007 - International Conference on Security and Cryptography, 2007, A variety of different clock-controlled stream ciphers and attacks on them have been described in a number of papers. However, few word-oriented algorithms with an irregular clocking mechanism have been proposed. This paper proposes a new design of irregular clocking for word-oriented stream ciphers that is dynamic feedback control and show analysis results of its security and performance. The stream cipher K2 v2.0 is a secure and high-performance stream cipher using the dynamic feedback control, which is applicable for several applications. We believe that the dynamic feedback control mechanism is potentially effective against several different types of attacks, not only existing attacks but also novel attacks..
125. Chunhua Su, Feng Bao, Jianying Zhou, Tsuyoshi Takagi, Kouichi Sakurai, Privacy-preserving two-party K-means clustering via secure approximation, 21st International Conference on Advanced Information Networking and ApplicationsWorkshops/Symposia, AINAW'07, 2007, K-means clustering is a powerful and frequently used technique in data mining. However, privacy breaching is a serious problem if the k-means clustering is used without any security treatment, while privacy is a real concern in many practical applications. Recently, four privacypreserving solutions based on cryptography have been proposed by different researchers. Unfortunately none of these four schemes can achieve both security and completeness with good efficiency. In this paper, we present a new scheme to overcome the problems occurred previously. Our scheme deals with data standardization in order to make the result more reasonable. We show that our scheme is secure and complete with good efficiency..
126. Chunhua Su, Jianying Zhou, Feng Bao, Tsuyoshi Takagi, Kouichi Sakurai, Two-party privacy-preserving agglomerative document clustering, 3rd International Conference on Information Security Practice and Experience, ISPEC 2007, 2007, Document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. Many organizations or companies want to share their documents in a similar theme to get the joint benefits. However, it also brings the problem of sensitive information leakage without consideration of privacy. In this paper, we propose a cryptography-based framework to do the privacy-preserving document clustering among the users under the distributed environment: two parties, each having his private documents, want to collaboratively execute agglomerative document clustering without disclosing their private contents..
127. Fangming Zhao, Yoshiaki Hori, Kouichi Sakurai, Two-servers PIR based DNS query scheme with privacy-preserving, 2007 International Conference on Intelligent Pervasive Computing, IPC 2007, 2007, In a society preoccupied with gradual erosion of electronic privacy, loss of privacy in current DNS queries is an important issue worth considering. From the definition, the privacy problem is to prove that none of the private data can be inferred from the information which is made public. The privacy disclosure problem in DNS Query was well analyzed by Zhao et al. from MUE 2007. In this paper, we first analyze the "Range Query" from that paper, then by results of that scheme and another well-known client-to-server privacy-preserving query scheme: Two-DBServer Private Information Retrieval theory, we propose a new privacy-preserving DNS Query scheme, which was proved to achieve higher efficiency and theoretic privacy..
128. Ken'ichi Takahashi, Kouichi Sakurai, A framework for the user-oriented personal information protection, 2006 International Conference on Security and Management, SAM'06, 2006.12, Thanks to the spread of mobile technologies, we can access to the network anytime and from anywhere. In the near future, we will enable to realize the ubiquitous computing environment, in which user's mobile terminal assists in their activity. In the ubiquitous computing environment, user's mobile terminal manages personal information, which is used for negotiations with a service provider. However, various privacy problems, such as information leakage cases, have happened, so that we desire to protect our personal information. We propose a framework for protecting personal information. A basic idea of the framework is to make use of personal information through a program which the owner of personal information knows the behaviour of. We call this program trusted program, because the owner of personal information can trust a way of personal information use. Then, a user offers his/her trusted program to a service provider and compels the service provider to make use of his/her personal information. In this paper, we introduce the framework under the assumption of using an anti-tampering device and propose the method for creating trusted-program..
129. Kenji Imamoto, Kouichi Sakurai, Enhanced privacy in key-exchange protocols by one-time ID, 2nd International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing, SecPerU 2006, 2006.12, This paper considers how two parties communicate securely over an adversary-controlled network. We especially focus on the problem of ID protection because of the recently rapid development of mobile network where any transferred message is easily eavesdropped on. We analyze several existing key exchange protocols and point out their problems: e.g. incompleteness of ID protection and vulnerability to DoS attacks. Then we model the notion of ID protection and construct a protocol with provable security..
130. Erwan Le Malécot, Masayoshi Kohara, Yoshiaki Hori, Kouichi Sakurai, Interactively combining 2D and 3D visualization for network traffic monitoring, 3rd International Workshop on Visualization for Computer Security, VizSEC'06. Co-located with the 13th ACM Conference on Computer and Communications Security, CCS'06, 2006.12, With the multiplication of attacks against computer networks, system administrators need to monitor carefully the networks they manage. However, that monitoring task is made harder because of the increasing amount of data to process. Conventional automated tools provide limited support and most of the time require high skilled operators. Recently, tools using visualization techniques started to be proposed to resolve those issues. In this paper we introduce an original visualization design which combine 3D and 2D representations of the network traffic and activity. Both representations are based on the same interactive grid representation of the network space and are linked together as they provide complementary functionalities.The 3D representation provides an overview of the communications between several network zones and the 2D representation provides a detailed view of selected parts of the 3D one. A prototype was built according to the proposed visualization design..
131. Yoshiaki Hori, Kouichi Sakurai, Security analysis of MIS protocol on wireless LAN comparison with IEEE802.11i, 3rd International Conference on Mobile Technology, Applications and Systems, 2006.12, We attempt security analysis of MIS protocol comparison with IEEE 802.11i. The both protocols, IEEE 802.11i and MIS protocol, achieve enough confidentiality, integrity, authentication and key exchange in practical use. However, the both protocols are under threats of forged control messages by using of management/control frame of IEEE 802.11 and control messages of MIS protocol. In fact, countermeasure against DoS attack which inflicts a lack of availability can provide by the technique on the system implementation..
132. Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai, An intrusion detection system using alteration of data, 20th International Conference on Advanced Information Networking and Applications, 2006.11, Attacks against data in memory are one of the most serious threats these days. Although many detection systems have been proposed so far, most of them can detect only part of alteration. Some detection systems use canaries to detect alteration. However, if an execution code has bugs that enable attackers to read data in memory, the system could be bypassed by attackers who can guess canaries. To overcome the problems, we propose a system using alteration of data. Our proposed system detects illegal alteration with verifier for vulnerable data. Verifier is made before vulnerable data could be altered by attackers, and verifier is checked when the program uses the vulnerable data. Part of Verifier is stored in kernel area to prevent attackers from reading data in user memory. Our approach can detect illegal alteration of arbitrary data in user memory. Our proposed system, moreover, does not have the problem systems using canaries have..
133. Hyung Chan Kim, Wook Shin, R. S. Ramakrishna, Kouichi Sakurai, Design and implementation of an extended reference monitor for trusted operating systems, 2nd International Conference on Information Security Practice and Experience, ISPEC 2006, 2006.07, Conventional access control schemes have supported confidentiality and integrity acknowledging the necessary organizational security policy in operating systems. However, many runtime attacks in operating systems involve behavioral semantics, indicating that attacks should be seen as a sequence of access operations. Ironically these attacks are legitimate under any access control policy. This is due to the lack of behavioral dimension in security enforcement. We propose an extended reference monitor to include this dimension. Our method is based on safety property specification on system call sequences. The reference monitor checks the trace at runtime for behavior control in Linux operating system..
134. Jin Kwak, Keunwoo Rhee, Namje Park, Howon Kim, Seungjoo Kim, Kouichi Sakurai, Dongho Won, An RFID system based MCLT system with improved privacy, EUC 2006: Embedded and Ubiquitous Computing Workshops, 2006.01, Radio Frequency Identification (RFID) systems are increasingly becoming accepted for many EPC Network applications. However, RFID systems have some privacy problems. In this paper, a system for missing child location tracking in the EPC Network applications, is proposed. The proposed system improves security and privacy compared to existing applications, while also keeping in line with traditional procedures, commonly accepted by most industrial applications. The proposed MCLT (Missing Child Location Tracking) system can protect users' privacy while providing location tracking of the RFID tag..
135. Jeong Ok Kwon, Kouichi Sakurai, Dong Hoon Lee, Efficient password-authenticated key exchange for three-party secure against undetectable on-line dictionary attacks, ICCS 2006: 6th International Conference on Computational Science, 2006.01, A password-authenticated key exchange (PAKE) protocol in the three-party setting allows two users communicating over a public network to agree on a common session key by the help of a server. In the setting the users do not share a password between themselves, but only with the server. In this paper, we explore the possibility of designing a round-efficient three-party PAKE protocol with a method to protect against undetectable on-line dictionary attacks without using the random oracle. The protocol matches the most efficient three-party PAKE protocol secure against undetectable on-line dictionary attacks among those found in the literature while providing the same level of security. Finally, we indentify the relations between detectable on-line and undetectable on-line dictionary attacks by providing counter-examples to support the observed relations1..
136. Erwan Le Malécot, Masayoshi Kohara, Yoshiaki Hori, Kouichi Sakurai, Grid based network address space browsing for network traffic visualization, 2006 IEEE Workshop on Information Assurance, 2006.01, The security of computer networks has become a priority during the past few years. More and more organizations heavily depend on services that are provided by computer networks and this trend is certainly going to rise in the near future. At the same time, malicious attacks against such systems are also increasing in number and variety. System administrators can try to prevent these attacks with the use of firewalls for instance. However, these precautions are not always enough and so they also need to monitor the network traffic in order to detect anomalies and intrusions. Usually, system administrators use automated systems to process network traffic logs and to analyze them. This processing is based on learning techniques, signature databases or statistical analysis. Another approach is to use visualization techniques to display these logs and to favor user interaction with the data. This paper presents a visualization design based on interactive grids representing the network space. The network traffic is then displayed on these grids. We also introduce a prototype of this design that has been implemented to test its validity..
137. Jong Phil Yang, Kyung Hyune Rhee, Kouichi Sakurai, A proactive secret sharing for server assisted threshold signatures, 2nd International Conference on High Performance Computing and Communications, HPCC 2006, 2006, Threshold signature schemes distribute secret information to several servers and make the whole system that maintains the secret information fault-tolerant. Since threshold signature schemes typically assume that the shared signing function can only be activated by a quorum number of servers. If anyone has a power to activate the signing function of servers, he can easily compute valid signatures for a specific organization without knowing the private key. S. Xu et al. proposed a general construction to build threshold signature schemes (called as server assisted threshold signatures) which provide an organization (e.g., a user) with controllability for activating his private signing function in a certain enhanced way. In this paper, we newly propose proactive secret sharing schemes which are suitable for server-assisted threshold signatures..
138. Yoshifumi Ueshige, Kouichi Sakurai, A proposal of one-time biometric authentication, 2006 International Conference on Security and Management, SAM'06, 2006, In biométrie authentication, feature information of each enrolled person's biométrie information is enrolled as templates. Secure databases or anti-tampered devices store the templates in general. The biométrie information, however, is irreplaceable information, when it is compromised. Thereby, one must give a special attention to protection of such information. On the other hands, increasing internet economical services causes a motivation of implementing online biométrie authentication. We propose a novel protection technique for the biométrie information, especially the feature information and the templates. The point of our proposal is that the extracted features and the enrolled templates are transformed by one-time transformation that is generated in each authentication. The transformed features and templates travel through insecure communication line like the internet, and they are used in matching process. This technique causes security against eavesdropping and replay attacks on the internet, because the transmitted feature information and the templates are different every time..
139. Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai, Actively modifying control flow of program for efficient anormaly detection, 10th International Conference on Knowledge-Based Intelligent Information and Engineering Systems, KES 2006, 2006, In order to prevent the malicious use of the computers exploiting buffer overflow vulnerabilities, a corrective action by not only calling a programmer's attention but expansion of compiler or operating system is likely to be important. On the other hand, the introduction and employment of intrusion detection systems must be easy for people with the restricted knowledge of computers. In this paper, we propose an anomaly detection method by modifying actively some control flows of programs. Our method can efficiently detect anomaly program behavior and give no false positives..
140. Wang Zhan, Yoshiaki Hori, Kouichi Sakurai, Application and evaluation of Bayesian filter for Chinese spam, 2nd SKLOIS Conference on Information Security and Cryptology, Inscrypt 2006, 2006, Recently, a statistical filtering based on Bayes theory, socalled Bayesian filtering gain attention when it was described in the paper "A Plan for Spam" by Paul Graham, and has become a popular mechanism to distinguish spam email from legitimate email. Many modern mail programs make use of Bayesian spam filtering techniques. The implementation of the Bayesian filtering corresponding to the email written in English and Japanese has already been developed. On the other hand, few work is conducted on the implementation of the Bayesian spam corresponding to Chinese email. In this paper, firstly, we adopted a statistical filtering called as bsfilter and modified it to filter out Chinese email. When we targeted Chinese emails for experiment, we analyzed the relation between the parameter and the spam judgement accuracy of the filtering, and also considered the optimal parameter values..
141. Satoshi Hada, Kouichi Sakurai, Ciphertext-auditable public key encryption, 1st International Workshop on Security, IWSEC 2006, 2006, Loss of backup tapes containing personal information (PI) is a potential breach of privacy and encryption is the typical way to prevent the breach. This paper considers an attack scenario where an adversary who encrypts the PI for backup purpose tries to hide the plain PI in a valid-looking ciphertext without being detected. We show that the standard security notion IND-CCA2 does not capture such a scenario. For example, the Cramer-Shoup scheme is vulnerable to such an attack. To capture such a scenario, we define a new notion of "ciphertext-auditability" as a new property of public key encryption schemes (PKESs). It requires that, given a public key and a ciphertext, anyone should be able to verify whether the ciphertext was actually generated using the public key. Also, it requires that, given a public key and a plaintext, no adversary should be able to generate a valid-looking ciphertext so that the verification passes, but nevertheless the plaintext can be recovered from the ciphertext without the corresponding secret key. We propose a general construction of such PKESs based on standard cryptographic primitives in the random oracle model..
142. Jong Phil Yang, Kouichi Sakurai, Kyung Hyune Rhee, Distributing security-mediated PKI revisited, Third European PKI Workshop, Public Key Infrastructure - Theory and Practice, EuroPKI 2006, 2006, The SEM approach to PKI offers several advantages, such as immediate revocation of users' signing ability without CRLs and compatibility with the standard RSA. However, it has a weakness against denial of service attack caused by breaking down or being compromised. G. Vanrenen et al. proposed a distributed SEM approach to overcome the weakness. However, it does not provide the desirable properties such as instant availability and immunity against denial of service attack, due to inadequate usage of threshold cryptography and proactive secret sharing. In this paper, we point out its structural shortcomings and propose a modified version..
143. Yufeng Wang, Wendong Wang, Kouichi Sakurai, Yoshiaki Hori, On studying P2P topology construction based on virtual regions and its effect on search performance, 3rd International Conference on Ubiquitous Intelligence and Computing, UIC 2006, 2006, The virtual region-based P2P architecture was provided in this paper, which extended the proximity concept in overlay network. By virtual region it meant various related factors should be integrated into the design of P2P topology, such as peer interest, peer locality, and heterogeneity in peer capacity etc. But, the shared contents in P2P are vast and miscellaneous, it is very difficult to recognize the interest similarity among peers, dynamically form the interest region and direct peer to appropriate interest region. In this paper, the Jensen-Shannon Divergence (JSD) was used to characterize interest/semantic similarity among peers, and the interest region formation and location mechanism based on Dynamic Interest Landmark (DIL) was offered to facilitate to dynamically guide peers to join the appropriate interest region corresponding to peers' content semantic. Considering that interest region is composed of geographically sporadic peers, each interest region was organized according to peer proximity in underlying infrastructure. The theoretical and simulated results illustrated that our architecture can significantly reduce the query overhead, and improve the search performance..
144. Jeong Ok Kwon, Kouichi Sakurai, Dong Hoon Lee, One-round protocol for two-party verifier-based password-authenticated key exchange, 10th IFIP TC-6 TC-11 International Conference on Communications and Multimedia Security, CMS 2006, 2006, Password-authenticated key exchange (PAKE) for two-party allows a client and a server communicating over a public network to share a session key using a human-memorable password only. PAKE protocols can be served as basic building blocks for constructing secure, complex, and higher-level protocols which were initially built upon the Transport Layer Security (TLS) protocol. In this paper, we propose a provably-secure verifier-based PAKE protocol well suited with the TLS protocol which requires only a single round. The protocol is secure against attacks using compromised server's password file and known-key attacks, and provides forward secrecy, which is analyzed in the ideal hash model. This scheme matches the most efficient verifier-based PAKE protocol among those found in the literature. It is the first provably-secure one-round protocol for verifier-based PAKE in the two-party setting..
145. Yoshiaki Hori, Kouichi Sakurai, Security analysis of MIS protocol on wireless LAN comparison with IEEE802.11i, 3rd International Conference on Mobile Technology, Applications and Systems, Mobility '06, 2006, We attempt security analysis of MIS protocol comparison with IEEE 802.11i. The both protocols, IEEE 802.11i and MIS protocol, achieve enough confidentiality, integrity, authentication and key exchange in practical use. However, the both protocols are under threats of forged control messages by using of management/control frame of IEEE 802.11 and control messages of MIS protocol. In fact, countermeasure against DoS attack which inflicts a lack of availability can provide by the technique on the system implementation..
146. Ken'ichi Takahashi, Kouichi Sakurai, Makoto Amamiya, A framework for protecting private information through user-trusted-program and its realizability, EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES, 2005.12, Thanks to the spread of mobile technologies, we will be able to realize the ubiquitous computing environment, in which equipment connected to the Internet assists users in their activities without special care on their part. Then, a function to protect private information is needed. This paper proposes a model for protecting private information. The basic idea of our model is to make use of private information through a program which a user trusts. A user offers a trusted program to a partner and compels a partner to make use of his private information through this program. In this way, a user prevents illegal use of his private information..
147. Kenji Imamoto, Jianying Zhou, Kouichi Sakurai, An evenhanded certified email system for contract signing, 7th International Conference on Information and Communications Security, ICICS 2005, 2005.12, Certified email is a system which enables a sender to prove a receiver's receipt of email. Such a system can be used for applications related to electronic commerce on the Internet. This paper considers a situation where a sender or a receiver wants to change his/her mind due to the change of mail content value (e.g., stock, auction, gambling) during the transaction. We point out that no traditional certified email systems have been designed for such a case, thus one of the participants can be at a disadvantage. To avoid this problem, we propose an evenhanded certified email system in which each participant can change his/her choice, either cancel or finish the transaction, at any time during the transaction..
148. Junichiro Saito, Kouichi Sakurai, Grouping proof for RFID tags, 19th International Conference on Advanced Information Networking and Applications, AINA 2005, 2005.12, An RFID tag is a small and cheap device which is combined in IC chip and an antenna for radio communications. The tag is used for management of goods and its distribution. Moreover it reduces the cost of managements of goods. Howevel; an RFID system has some security problems. Juels proposed a "yoking-proof" which guarantees the existence of two tags [2]. But we point out that this scheme is not secure against a replay attack. In this papel; we propose a scheme which deals with the problem by using time stamp. Moreovel; we propose a scheme which guarantees the existence of a group of RFID tags..
149. Tatsuya Toyofuku, Toshihiro Tabata, Kouichi Sakurai, Program obfuscation scheme using random numbers to complicate control flow, EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES, 2005.12, For the security technology that has been achieved with software in the computer system and the protection of the intellectual property right of software, software protection technology is necessary. One of those techniques is called obfuscation, which converts program to make analysis difficult while preserving its function. In this paper, we examine the applicability of our program obfuscation scheme to complicate control flow and study the tolerance against program analysis..
150. Junichiro Saito, Kenji Imamoto, Kouichi Sakurai, Reassignment scheme of an RFID tag's key for owner transfer, EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES, 2005.12, A Radio-Frequency-Identification (RFID) tag is a small and cheap device which is combined in IC chip and an antenna for radio communications. The RFID tag is used for management of goods and used as a substitute for a bar code. However, RFID system may infringe on a consumer's privacy because it has a strong tracing ability. In this paper, we propose a key change scheme which can prevent previous owner from reading the RFID tag after changing its owner. By using our scheme, previous owner cannot read and trace ID information on the RFID tag. Moreover it is possible to combine other privacy protection scheme with our scheme because our scheme uses only symmetric key cryptography..
151. Yasuyuki Sakai, Kouichi Sakurai, Simple power analysis on fast modular reduction with NIST recommended elliptic curves, 7th International Conference on Information and Communications Security, ICICS 2005, 2005.12, We discuss side channel leakage from modular reduction for NIST recommended domain parameters. FIPS 186-2 has 5 recommended prime fields. These primes have a special form which is referred to as generalized Mersenne prime. These special form primes facilitate especially efficient implementation. A typical implementation of efficient modular reduction with such primes includes extra reduction. The extra reduction in modular reduction can constitute an information channel on the secret exponent. Several researchers have produced unified code for elliptic point addition and doubling in order to avoid a simple power analysis (SPA). However, Walter showed that SPA still be possible if Montgomery multiplication with extra reduction is implemented within the unified code. In this paper we show SPA on the modular reduction with NIST recommended primes, combining with the unified code for elliptic point operations. As Walter stated, our results also indicate that even if the unified codes are implemented for elliptic point operations, underlying field operations should be implemented in constant time. The unified approach in itself cannot be a countermeasure for side channel attacks..
152. Ryuzou Nishi, Hitoshi Morioka, Kouichi Sakurai, Trends and issues for security of home-network based on power line communication, 19th International Conference on Advanced Information Networking and Applications, AINA 2005, 2005.12, A home-network is expected to spread now. We considered the security issues on home networks based on power line communication, because these topics have not been sufficiently considered. We discuss the issues, risk and required countermeasures. These issues are categorized into control network, information network, AV network and community network. We also discuss differences on the security between the power line communication and wired-LAN or wireless-LAN..
153. Mridul Nandi, Wonil Lee, Kouichi Sakurai, Sangjin Lee, Security analysis of a 2/3-rate double length compression function in the black-box model, 12th International Workshop on Fast Software Encryption. FSE 2005, 2005.10, In this paper, we propose a 2/3-rate double length compression function and study its security in the black-box model. We prove that to get a collision attack for the compression function requires Ω(22n/3) queries, where π is the single length output size. Thus, it has better security than a most secure single length compression function. This construction is more efficient than the construction given in [8]. Also the three computations of underlying compression functions can be done in parallel. The proof idea uses a concept of computable message which can be helpful to study security of other constructions like [8], [14], [16] etc..
154. Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai, A probabilistic method for detecting anomalous program behavior, 5th International Workshop on Information Security Applications, WISA 2004, 2005.09, In this paper, we, as well as Eskin, Lee, Stolfo propose a method of prediction model. In their method, the program was characterized with both the order and the kind of system calls. We focus on a non-sequential feature of system calls given from a program. We apply a Bayesian network to predicting the N-th system call from the sequence of system calls of the length N - 1. In addition, we show that a correlation between several kinds of system calls can be expressed by using our method, and can characterize a program behavior..
155. Ryuzou Nishi, Kouichi Sakurai, Group key distribution scheme for reducing required rekey message size, 11th International Conference on Parallel and Distributed Systems Workshops, ICPADS 2005, 2005.09, Generally, systems, such as the pay-per-view TV, require secure multi-party communication. In these systems, group key is required, and members participate in and leave from party frequently, so that, group key materials of all members of the network must be updated. Therefore, an approach which tries to distribute a key materials effectively is proposed from Onen-Molva, the approach divides the members of the network into the two sub-groups according to the relative length in the period of the operation of the each member, and the approach uses FEC (Forward Error Correction) and an ARQ (Automatic Repeat reQuest) in the key update to the group of the long network-connection period. There are some issues in their proposal. When the communication quality is good, its efficiency is less, and there is an overhead in the bandwidth. Therefore, we propose an efficient group key distribution method using M-ary coding for a key message without using FEC and an ARQ, and transmitting this in parallel with the non-key message..
156. Kenji Imamoto, Kouichi Sakurai, Key-exchange protocol using pre-agreed session-ID, 5th International Workshop on Information Security Applications, WISA 2004, 2005.09, Technical applications for various uses have been proposed in communication technology in recent years. Although especially the Internet and radio communications are used daily it is known that eaves-dropping is easy and the related problem has occurred mostly, especially privacy. In this paper, we introduce Pre-Agreed Session ID (PAS) and formalize a key-exchange protocol using it. PAS is a identification which is a disposable unique value used for every session to protect identity from the attacker. The security notion of identity concealment is formulized in this paper. Moreover, we propose a secure key-exchange protocol using PAS under the cryptographic primitives. Furthermore, we argue about the problems which arise when PAS is introduced..
157. Kohei Tatara, Yoshiaki Hori, Kouichi Sakurai, Query forwarding algorithm supporting initiator anonymity in GNUnet, 11th International Conference on Parallel and Distributed Systems Workshops, ICPADS 2005, 2005.09, Anonymity in Peer-to-Peer network means that it is difficult to associate a particular communication with a sender or a recipient. Recently, anonymous Peer-to-Peer framework, called GNUnet, was developed. A primary feature of GNUnet is resistance to traffic-analysis. However, Kügler analyzed a routing protocol in GNUnet, and pointed out traceability of initiator. In this paper, we propose an alternative routing protocol applicable in GNUnet, which is resistant to Kügler's shortcut Attacks..
158. Manabu Iwanaga, Toshihiro Tabata, Kouichi Sakurai, Some fitting of naive Bayesian spam filtering for Japanese environment, 5th International Workshop on Information Security Applications, WISA 2004, 2005.09, Bayesian filtering is one of the most famous anti-spam measures. However, there is no standard implementation for treatment of Japanese emails by Bayesian filtering. In this paper, we compare several conceivable ways to treat Japanese emails about tokenizing and corpus separation. In addition, we give experimental results and some knowledge obtained by the experiments..
159. Kenji Imamoto, Kouichi Sakurai, Design and analysis of Diffie-Hellman-based key exchange using one-time ID by SVO logic, Proceedings of the Second Workshop on Automated Reasoning for Security Protocol Analysis (ARSPA 2005), 2005.07, Authenticated key exchange protocols have been developed to establish secure channel on the Internet. In this paper, we consider following attacks against an authenticated key exchange using shared secret: eavesdropping, DoS attack, replay attack, and impersonation. Besides prevention from all these attacks, efficiency is also important. In this paper, we propose a three-party authenticated key exchange protocol based on Diffie-Hellman key exchange with one-time ID, which is a user's extraordinary identity used only once [K. Imamoto, K. Sakurai, Notes on Dynamic Information Management for Authenticated Key Exchange, ISEC, March 2003; H. Krawczyk, The IKE-SIGMA Protocol, Internet Draft, Nov 2001. http://www.ee.technion.ac.il/~hugo/draft-krawczyk-ipsec-ike- sigma-00.txt]. Moreover, we analyze our proposal by SVO Logic, which is one of formal methods to analyze cryptographic protocols [P. Syverson and P. C. van Oorschot. A Unified Cryptographic Protocol Logic. NRL CHAOS Report, 5540-227, 1996; P. Syverson and I. Cervesato. The Logic of Authentication Protocols. FOSAD'00, LNCS2171, pp.63-137, 2001], and show what assumptions are needed..
160. Guilin Wang, Feng Bao, Kenji Imamoto, Kouichi Sakurai, Generic, optimistic, and efficient schemes for fair certified email delivery, 7th International Conference on Information and Communications Security, ICICS 2005, 2005, As a value-added service for standard email systems, a certified email scheme allows a sender to deliver a message to a receiver in a fair way in the sense that either the sender obtains a receipt from the receiver and the receiver accesses the content of the email simultaneously, or neither party gets the expected item. In this paper, we first point out some weaknesses in several existing schemes. Then, we present two generic optimistic certified email schemes with transparent TTP. Our schemes are not only fair, but also support timeliness in two flavors: one scheme supports weak timeliness but with stateless TTP, while the other guarantees (strong) timeliness though only supports weak stateless TTP. Technical discussion and comparison are provide to show that our schemes are both secure and efficient, compared with the-state-of-art in this field..
161. Yong Sork Her, Kenji Imamoto, Kouichi Sakurai, Some remarks on security of receipt-free E-auction, 3rd International Conference on Information Technology and Applications, ICITA 2005, 2005, Recently, a receipt-free scheme is rising for a secure e-auction. The goal of a receipt-free scheme in an e-auction is to prevent a bid-rigging. If the bid-rigging happens in the e-auction. the winner can get the bidding item with an unreasonably low price. The first receipt-free scheme tea: the e-auction was proposed by Abe and Suzuki. Chen, Lee and Kim also proposed the extended receipt-free scheme. In this paper, we point out that the proposed receipt-free schemes do nor prevent perfectly the bid-rigging attack. Moreover, we indicate that a bid-collision is a possible cause of an e-auction. In the strict sense, the bid-collusion is different fro m the bid-rigging. In this paper, we do not present the scheme which can prevent the bid-collision attack. We compare the bid-rigging attack with the bid-collusion attack, and analyze the security of the existed receipt-free schemes in a viewpoint of the bidrigging attack and the bid-collusion attack..
162. Satoshi Koga, Kouichi Sakurai, A merging method of certification authorities without using cross-certifications, Proceedings - 18th International Conference on Advanced Information Networking and Applications, AINA 2004, 2004.07, The Public Key Infrastructure (PKI) technology is very important to support secure global electronic commerce and digital communications on networks. In electronic commerce, different PKIs need to be interoperated. Especially, they need to be merged for merger and acquisition of companies. This paper takes a different approach from cross-certification techniques toward merging different PKIs. Our method is to merge the multiple CAs into one. By using our method, the trust model with an efficient path processing can be built in comparison with the traditional merging methods. Then we formalize merging processes and discuss the certification path processing and the operational cost..
163. Michael W. David, Kouichi Sakurai, Protecting the electric power infrastructure with a mobile agent monitoring and analysis system, Proceedings - 2004 International Conference on Information and Communication Technologies: From Theory to Applications, ICTTA 2004, 2004.06, The protection of electric power infrastructure with a mobile agent monitoring and analysis system are discussed. The Electric Power Research Institute (EPRI) proposes a wide-area, secure communication system to replace use of the Internet for critical monitoring functions. The concept of a Critical Network Infrastructure Analysis Center (CNIAC) is proposed to provide better coordination and dissemination of information, improve incident prevention and detection, database analysis and real time network monitoring and surveillance systems. This use a combination of human analysts supported by mobile agents to continually audit, monitor, assess and protect the networks..
164. Kenji Imamoto, Kouichi Sakurai, A design of Diffie-Hellman based key exchange using one-time ID in pre-shared key model, Proceedings - 18th International Conference on Advanced Information Networking and Applications, AINA 2004, 2004, To exchange an important information through the Internet, an authenticated key exchange is required. In this paper, we consider the following attacks as the problems of an authenticated key exchange using shared secret: eavesdropping on identity, DoS attack, replay attack, and impersonation. Besides prevention from all these attacks, efficient key exchange should be realized. In this paper, we propose an authenticated key exchange system based on Diffie-Hellman key exchange with One-time ID, which can be used at only once..
165. Manabu Iwanaga, Toshihiro Tabata, Kouichi Sakurai, Evaluation of anti-spam method combining Bayesian filtering and strong challenge and response, Proceedings of the IASTED International Conference on Communication, Network, an d Information Security, 2003.12, Recently, various schemes against spam are proposed because of rapid increasing of spam. Some schemes are based on sender whitelisting with auto registration, a principle that a recipient reads only messages from senders who are registered by the recipient, and a sender have to perform some procedure to be registered (challenge-response.) In these schemes, some exceptions are required to show error mail to a sender of an original message. However, spammers can abuse this exception to send spam to users. We have proposed improved scheme in [1], combining challenge-response and Bayesian filtering. In this paper, we make tests on our scheme and a scheme using only Bayesian filtering to show efficiency of our scheme..
166. Michael W. David, Kouichi Sakurai, Mobile agent based security monitoring and analysis for the electric power infrastructure, Proceedings of the IASTED International Conference on Communication, Network, an d Information Security, 2003.12, This paper proposes a concept designed to support the US Computer Emergency Response Team (US-CERT) and the National Infrastructure Protection Center's (NIPC) Indications, Analysis & Warning (IAW) program. It recommends methodologies and an infrastructure to enhance the reporting of cyber incidents affecting critical network infrastructure (CM) like electric power. It is not designed to deal with the physical power generation and transmission infrastructure, but the security and integrity of the information/data networks, which helps control, monitor and manage it. Our approach is to use distributed mobile agents to integrate security policy, intrusion prevention, intrusion detection and attack/failure analysis activities into a mutually supporting infrastructure. We tentatively call this a Critical Network Infrastructure Analysis Center (CNIAC), and suggest one for the Information Sharing and Analysis Center (ISAC) for the electric power grid, the North American Reliability Council (NERC) and its interface with the regional Independent Systems Operators (ISO) and Regional Transmission Organizations (RTO). We propose an electric power mobile agent system (EPMAS) be designed to support secure communications interface, update security policy, collect and audit IDS related data and provide status reports..
167. Katsuya Sueyasu, Toshihiro Tabata, Kouichi Sakurai, On the security of SELinux with a simplified policy, Proceedings of the IASTED International Conference on Communication, Network, an d Information Security, 2003.12, Security-Enhanced Linux (SELinux) is a secure operating system. SELinux implements some features in order to perform strong access control. However, the configuration of SELinux access control becomes very complex. Such complexity may cause misconfiguration which can harm the strong access control. SELinux Policy Editor is a configuration tool for SELinux. It is developed in order to reduce the complexity and the risk of misconfiguration. As a part of its support of configuration, this tool simplifies the configuration of SELinux by integrating configuration items for complicated access control policy of SELinux. Although we can originally define and use macros which integrate permissions in SELinux access control policy, the integrated permissions of SELinux Policy Editor and the macros differ fundamentally in whether the use of them is mandatory or discretionary. In this paper, we examine effects of the simplification by SELinux Policy Editor on an example access control policy and evaluate the security of the access control based on the simplified policy about Apache, a web server software..
168. Jae Gwi Choi, Kouichi Sakurai, Ji Hwan Park, Proxy certificates-based digital fingerprinting scheme for mobile communication, Proceedings: 37th Annual 2003 International Carnahan Conference on Security Technology, 2003.12, Protection of intellectual property in digital contents has been a subject of research for many years and led to the development of various techniques. Digital fingerprinting scheme is an important class of these techniques. The goal of fingerprinting scheme is to deter people from illegally redistributing digital data. But, the problem of known anonymous fingerprinting schemes is that, being based on computationally unspecified black boxes: Secure multiparty computation or minimum disclosure proofs of knowledge. Their complexity is much too high to be implemental in real application. Still less, buyer's memory and computation power is very small in mobile communication. In this paper, we present an anonymous fingerprinting scheme for mobile communication using mobile agent, which is efficient and feasible from a practical view. The basic primitive used is a proxy certificates. Our proposal satisfies that (1) only the buyer can know the fingerprinted copy however the mobile agent executes its computations instead of him/her, and (2) it reduces amount of the buyer's computations to the minimum and risk about exposure of the buyer's private information which will be occurred owing to delegation..
169. M. W. David, G. A. Hussein, Kouichi Sakurai, Secure identity authentication and logical access control for airport information systems, Proceedings: 37th Annual 2003 International Carnahan Conference on Security Technology, 2003.12, The development an identity authentification system by a contactless smart card (CSC) for airport information system is discussed. Proper identification of cardholder with reliable data securely stored in a CSC provides a means to validate and audit access into a computer or communications network. For authenticating the user, the smart card is positioned onto a reader/writer, the stored file of the encrypted biometric template is retrieved, and then the identity verification process starts with placing the user's biometric feature on the scanner. The use of multiple biometric features would allow the selection of services and applications to fit the security, economic and social needs of the specific subsystem and its environment..
170. M. W. David, Kouichi Sakurai, Combating cyber terrorism
Countering cyber terrorist advantages of surprise and anonymity, 17th International Conference on Advanced Information Networking and Applications, AINA 2003, 2003.01, The paper proposes ways to counter the cyber terrorist (CT) advantages of surprise and anonymity. It recommends the creation of a Cyberint Analysis Center to develop and evaluate methods to improve the ability to detect, identify and deter cyber terrorist attacks. It also proposes ways to implement responsible, accountable and identifiable use of the Internet, and deny anonymity to the attackers..
171. K. Okeya, Kouichi Sakurai, A multiple power analysis breaks the advanced version of the randomized addition-subtraction chains countermeasure against side channel attacks, 2003 IEEE Information Theory Workshop, ITW 2003, 2003, We show that the advanced version of the randomized addition-subtraction chains countermeasure against side channel attacks is vulnerable to a multiple power analysis attack, a new kind of side channel attack, under distinguishability between addition and doubling. The side channel attack takes advantage of information leaked during execution of a cryptographic procedure. The randomized addition-subtraction chains countermeasure was proposed by E. Oswald and M. Aigner (see Lect. Notes in Comp. Sci., vol.2162, p.39-50, 2001), and is based on a random decision inserted into computations. The countermeasure has two versions; the basic version and the advanced version. The basic version has been proved to be vulnerable to a side channel attack. This is due to a shrinkage of states for randomization if a bit of the secret scalar is zero. However, the advanced version does not have such a shrinkage. The multiple power analysis uses plural AD sequences, which are sequences of additions and doublings, and obtained by the distinguishability and measurements. The multiple power analysis relates the AD sequences to each other, and deduces the secret scalar. A point of the multiple power analysis against the advanced version is that two different states are combined, and regarded as the same state. This provides a shrinkage of states if a bit of the secret scalar is zero..
172. Kazuhide Fukushima, Toshihiro Tabata, Kouichi Sakurai, Evaluation of obfuscation scheme focusing on calling relationships of fields and methods in methods, Proceedings of the IASTED International Conference on Communication, Network, an d Information Security, 2003, Recently, Java has been spread widely. However, Java has a problem that an attacker can reconstruct Java source codes from Java classfiles. Therefore many techniques for protecting Java software have been proposed, but, quantitive security evaluations are not fully given. This paper proposes an obfuscation scheme for Java source codes by destructing the encapsulation. In addition, we propose an evaluation scheme on the number of accesses to the fields and the methods of the other classes. We try to realize tamper-resistant software with the certain quantitive basis of security using our evaluation..
173. Kenji Imamoto, Kouichi Sakurai, A certified E-mail system with receiver’s selective usage of delivery authority, 3rd International Conference on Cryptology in India, INDOCRYPT 2002, 2002.01, Certified E-mail can be divided into an on-line protocol an optimistic protocol by the usage of a third party. We call this party “Delivery Authority”. An on-line protocol can realize send-and-forget. There is a drawback, however, that the cost to Delivery Authority becomes large, because users surely access Delivery Authority in the middle of a protocol. On the other hand, when an optimistic protocol is used, there is little cost to Delivery Authority because users access Delivery Authority only in case a problem occurs, however, send-and-forget is unrealizable. Each protocol may be inconvenient depending on the situation. In the conventional system, however, a sender selects which protocol to use depending on a sender’s convenience. In this paper, we propose the new system having both our proposed on-line protocol and optimistic protocol a receiver can choose freely. By this mechanism, a receiver can choose the usage of Delivery Authority freely according to that time after taking the necessity and the situation of Delivery Authority and the sender into consideration..
174. Yasuyuki Sakai, Kouichi Sakurai, Algorithms for efficient simultaneous elliptic scalar multiplication with reduced joint hamming weight representation of scalars, 5th International Conference on Information Security, ISC 2002, 2002.01, The computational performance of cryptographic protocols using an elliptic curve strongly depends on the efficiency of the scalar multiplication. Some elliptic curve based cryptographic protocols, such as signature verification, require computation of multi scalar multiplications of kP + lQ, where P and Q are points on an elliptic curve. An efficient way to compute kP + lQ is to compute two scalar multiplications simultaneously, rather than computing each scalar multiplication separately. We introduce new efficient algorithms for simultaneous scalar multiplication on an elliptic curve. We also give a detailed analysis of the computational efficiency of our proposed algorithms..
175. Johannes Buchmann, Kouichi Sakurai, Tsuyoshi Takagi, An IND-CCA2 public-key cryptosystem with fast decryption, 4th International Conference on Information Security and Cryptology, ICISC 2001, 2002.01, We propose an IND-CCA2 public-key cryptosystem with fast decryption, called the NICE-X cryptosystem. Its decryption time is the polynomial time of degree 2 by the bit-length of a public-key D, i.e., O((log |D|)2), and the cost of two hash functions. The NICE-X is an enhancement of the NICE cryptosystem, which is constructed over the quadratic class group Cl(D). We first show that the one-wayness of the encryption of the NICE cryptosystem is as intractable as the Smallest Kernel Equivalent Problem (SKEP). We also prove that the NICE cryptosystem is IND-CPA under the Decisional Kernel Problem (DKP). Then we prove that the NICE-X cryptosystem is IND-CCA2 under the SKEP in the random oracle model. Indeed, the overhead of the decryption of the NICE-X from the NICE is only the cost of one ideal multiplication and two hash functions. Our conversion technique from the NICE to the NICE-X is based on the REACT. However we modify it to be suitable for the NICE. A message of the NICE-X is encrypted with the random mask of the encryption function of the NICE, instead of the encrypted key. Then the reduced security problem of the NICE-X is enhanced from the Gap-SKEP to the SKEP..
176. Mototsugu Nishioka, Hisayoshi Satoh, Kouichi Sakurai, Design and analysis of fast provably secure public-key cryptosystems based on a modular squaring, 4th International Conference on Information Security and Cryptology, ICISC 2001, 2002.01, We design a provably secure public-key encryption scheme based on modular squaring (Rabin’s public-key encryption scheme [28]) over ZN, where N = pdq (p and q are prime integers, and d > 1), and we show that this scheme is extremely faster than the existing provably secure schemes. Security of our scheme is enhanced by the original OAEP padding scheme [3]. While Boneh presents two padding schemes that are simplified OAEP, and applies them to design provably secure Rabin-based schemes (Rabin-SAEP, Rabin-SAEP+), no previous works explores Rabin-OAEP. We gives the exact argument of security of our OAEP-based scheme. For speeding up our scheme, we develop a new technique of fast decryption, which is a modification of Takagi’s method for RSA-type scheme with N = pdq [31]. Takagi’s method uses Chinese Remainder Theorem (CRT), whereas our decryption requires no CRTlike computation. We also compare our scheme to existing factoringbased schemes including RSA-OAEP, Rabin-SAEP and Rabin-SAEP+. Furthermore, we consider the (future) hardness of the integer-factoring: N = pdq vs. N = pq for large size of N..
177. Kouichi Sakurai, Tsuyoshi Takagi, New semantically secure public-key cryptosystems from the rsa-primitive, 5th International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2002, 2002.01, We analyze the security of the simplified Paillier (S-Paillier) cryptosystem, which was proposed by Catalano et al. We prove that the one-wayness of the S-Paillier scheme is as intractable as the standard RSA problem. We also prove that an adversary, which breaks the semantic security, can compute the least significant bits of the nonce. This observation is interesting, because the least significant bit of the nonce is the hard core bit of the encryption function. Moreover, we proposed a novel semantically secure cryptosystem, based on the one-way function fe,n MSBZ ( l ) (r) = (r−MSBl(r))emod n, where (e, n) is the RSA public-key and r −MSBl(r) means that the l most significant bits of r are zeroed. We proved that the one-wayness of the proposed scheme is as intractable as the standard RSA problem. An adversary, which breaks the semantic security of the proposed scheme, can break the least significant bits of the nonce. These security results of the proposed scheme are similar to those of the S-Paillier cryptosystem. However, the proposed scheme is more efficient than the S-Paillier cryptosystem..
178. Soichi Furuya, Kouichi Sakurai, Risks with raw-key masking – The security evaluation of 2-key XCBC, 4th International Conference on Information and Communications Security, ICICS 2002, 2002.01, There are extensive researches on how CBC-MAC can be modified in order to efficiently deal with messages of arbitrary lengths. Based on the three-key construction of XCBC by Black and Rogaway, Moriai and Imai improved the scheme and proposed an optimally efficient CBC-MAC variants with two key materials, that is called 2-key XCBC. They give a proof of the security in the same manner as 3-key XCBC. In this paper, we study 2-key XCBC, and discuss the security of 2-key XCBC used with real replacement to an ideal PRP. We show (1) a forgery based on the raw-key masking technique used in 2-key XCBC for a particular instance where Even-Mansour PRP construction is used, and (2) an attack that violates the provable security of DESX construction. Therefore, the raw-key masking technique, which is the core improvement of 2-key CBC, must be avoided unless an overall implementation is considered in detail. Moreover, we discuss 2-key XCBC with two promising real block ciphers AES and Camellia and note important security consideration concerning their uses with 2-key XCBC..
179. Katsuyuki Okeya, Kunihiko Miyazaki, Kouichi Sakurai, A fast scalar multiplication method with randomized projective coordinates on a Montgomery-form elliptic curve secure against side channel attacks, 4th International Conference on Information Security and Cryptology, ICISC 2001, 2002, In this paper, we propose a scalar multiplication method that does not incur a higher computational cost for randomized projective coordinates of the Montgomery form of elliptic curves. A randomized projective coordinates method is a countermeasure against side channel attacks on an elliptic curve cryptosystem in which an attacker cannot predict the appearance of a specific value because the coordinates have been randomized. However, because of this randomization, we cannot assume the Z-coordinate to be 1. Thus, the computational cost increases by multiplications of Z-coordinates, 10%. Our results clarify the advantages of cryptographic usage of Montgomery-form elliptic curves in constrained environments such as mobile devices and smart cards..
180. Katsuyuki Okeya, Kouichi Sakurai, A second-order DPA attack breaks a window-method based countermeasure against side channel attacks, 5th International Conference on Information Security, ISC 2002, 2002, Möller proposed a countermeasure using window method against side channel attacks. However, its immunity to side channel attacks is still controversial. In this paper, we show Möller’s countermeasure is vulnerable to a second-order differential power analysis attack. A side channel attackis an attackthat takes advantage of information leaked during execution of a cryptographic procedure. An nth-order differential power analysis attackis the side channel attackwhic h uses n different leaked data that correspond to n different intermediate values during the execution. Our proposed attackagainst Möller’s countermeasure finds out the use of same elliptic points, and restricts candidates of the secret scalar value. In these circumstances, the attackcompletely detects the scalar value using Baby-Step-Giant-Step method as a directcomputational attack. For a 160-bit scalar value, the proposed attack restricts the number of candidates of the scalar to a 45-bit integer, and the direct-computational attackcan actually detect the scalar value. Besides, we improve Möller’s countermeasure to prevent the proposed attack. We compare the original method and improved countermeasure in terms of the computational intractability and the computational cost of the scalar multiplication..
181. Katsuyuki Okeya, Kouichi Sakurai, On insecurity of the side channel attack countermeasure using addition-subtraction chains under distinguishability between addition and doubling, 7th Australasian Conference on Information Security and Privacy, ACISP 2002, 2002, We show that a randomized addition-subtraction chains countermeasure against side channel attacks is vulnerable to SPA attack, a kind of side channel attack, under distinguishability between addition and doubling. A side channel attackis an attackthat takes advantage of information leaked during execution of a cryptographic procedure. The randomized addition-subtraction chains countermeasure has been proposed by Oswald-Aigner, and is a random decision inserted into computations. However, its immunity to side channel attacks is still controversial. As for timing attack, a kind of side channel attack, the randomized addition-subtraction chains countermeasure is also vulnerable. Moreover, compared with other countermeasures against side channel attacks, the randomized addition-subtraction chains countermeasure, after being improved to prevent side channel attacks, is much slower..
182. Kouichi Sakurai, Tsuyoshi Takagi, On the security of a modified paillier public-key primitive, 7th Australasian Conference on Information Security and Privacy, ACISP 2002, 2002, Choi et al. proposed the modified Paillier cryptosystem (M-Paillier cryptosystem). They use a special public-key g ∈ ZZ/nZZ such that gϕ(n) = 1+n mod n2, where n is the RSA modulus. The distribution of the public key g is different from that of the original one. In this paper, we study the security of the usage of the public key. Firstly, we prove that the one-wayness of the M-Paillier cryptosystem is as intractable as factoring the modulus n, if the public key g can be generated only by the public modulus n. Secondly, we prove that the oracle that can generate the public-key factors the modulus n. Thus the public keys cannot be generated without knowing the factoring of n. The Paillier cryptosystem can use the public key g = 1+n, which is generated only from the public modulus n. Thirdly, we propose a chosen ciphertext attack against the M-Paillier cryptosystem. Our attack can factor the modulus n by only one query to the decryption oracle. This type of total breaking attack has not been reported for the original Paillier cryptosystem. Finally, we discuss the relationship between the M-Paillier cryptosystem and the Okamoto-Uchiyama scheme..
183. Katsuyuki Okeya, Kouichi Sakurai, Efficient elliptic curve cryptosystems from a scalar multiplication algorithm with recovery of the y-coordinate on a montgomery-form elliptic curve, 3rd International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2001, 2001, We present a scalar multiplication algorithm with recovery of the y-coordinate on a Montgomery form elliptic curve over any nonbinary field. The previous algorithms for scalar multiplication on a Montgomery form do not consider how to recover the y-coordinate. So although they can be applicable to certain restricted schemes (e.g. ECDH and ECDSA-S), some schemes (e.g. ECDSA-V and MQV) require scalar multiplication with recovery of the y-coordinate. We compare our proposed scalar multiplication algorithm with the traditional scalar multiplication algorithms (including Window-methods in Weierstrass form), and discuss the Montgomery form versus the Weierstrass form in the performance of implementations with several techniques of elliptic curve cryptosystems (including ECES, ECDSA, and ECMQV). Our results clarify the advantage of the cryptographic usage of Montgomery-form elliptic curves in constrained environments such as mobile devices and smart cards..
184. Yasuyuki Sakai, Kouichi Sakurai, On the power of multidoubling in speeding up elliptic scalar multiplication, 8th Annual International Workshop on Selected Areas in Cryptography, SAC 2001, 2001, We discuss multidoubling methods for efficient elliptic scalar multiplication. The methods allows computation of 2kP directly from P without computing the intermediate points, where P denotes a randomly selected point on an elliptic curve. We introduce algorithms for elliptic curves with Montgomery form and Weierstrass form defined over finite fields with characteristic greater than 3 in terms of affine coordinates. These algorithms are faster than k repeated doublings. Moreover, we apply the algorithms to scalar multiplication on elliptic curves and analyze computational complexity. As a result of our implementation with respect to the Montgomery and Weierstrass forms in terms of affine coordinates, we achieved running time reduced by 28% and 31%, respectively, in the scalar multiplication of an elliptic curve of size 160-bit over finite fields with characteristic greater than 3..
185. Giovanni Di Crescenzo, Kouichi Sakurai, Moti Yung, On zero-knowledge proofs
"From membership to decision" (extended abstract), 32nd Annual ACM Symposium on Theory of Computing, STOC 2000, 2000.12, "Zero-knowledge proofs of membership" are methods for proving that a string x is in a language L without revealing any additional information. This is a fundamental notion that has proven to be useful and applicable in many settings. Two main variants have been considered in the literature. The first, "zero-knowledge proofs of decision power", consists of methods for proving the knowledge of whether a string x is in a language L or not without revealing any additional information. The second, "result- indistinguishable zero-knowledge proofs of decision", consists of methods for transfering whether a string x is in a language L or not without revealing any additional information. Due to the quite stringent definitions of these two variants, it seemed that the class of languages having zero-knowledge proofs of membership was not as large as any of the classes of languages having zero-knowledge protocols in these two models. In this paper we give strong indications that this may not be the case. Our main result is that any language having what we call "meet-the challenge" game as a perfect (statistical) zk proof of membership, has also such a perfect (statistical) zk proof in the two "decision proof" models. This can be extended to prove, among other things, that honest-verifier statistical zk proof of membership for a language implies a honest-verifier statistical zk protocol in the two "decision" models. Technically, we introduce new protocol techniques, such as "language-based coin flipping protocols" that may have other applications..
186. Tetsuya Tamura, Kouichi Sakurai, Tsutomu Matsumoto, A hardware-oriented algorithm for computing in Jacobians and its implementation for hyperelliptic curve cryptosystems, 2nd International Conference on Information Security and Cryptology, ICISC 1999, 2000.01, In this paper, we present algorithms, suitable for hardware implementation, for computation in the Jacobian of a hyperelliptic curve defined over GF(2n). We take curves of genus 3 and 6, designed by using 0.27- um CMOS gate array technology, and estimate the number of multiplication operations and the size and speed of hardware based on the proposed algorithm. It is shown that hardware for genus 6 curves computes an addition (resp. doubling) operation in 100 (resp. 29) clock cycles and can work at clock frequencies of up to 83 MHz We also compare a hyperelliptic curve cryptosystem with RSA and elliptic curve cryptosystems from the viewpoint of hardware implementation..
187. Kouichi Sakurai, Shingo Miyazaki, An anonymous electronic bidding protocol Based on a new convertible group signature scheme-on the importance of hiding the winner’s identity against bid-rigging-, 5th Australasian Conference on Information Security and Privacy, ACISP 2000, 2000.01, We propose an electronic auction scheme satisfying that (i) a group of colluding bidders cannot control the contract price arbitrarily, (ii) all prices of bidders except the winner are never revealed to anyone (even to the auction house), and (iii) only the auction house recognizes the winner’s identity, while the other losers can verify the fact that the winner belongs to the advanced registered group. Our scheme does not rely on an anonymous channel nor a trusted third center. Our system can be implemented only with the public-key technology and cryptographic hash functions and all bidders can verify the validity of process for determining a winner via a public bulletin board. To achieve stronger anonymity of the winner, we develop a new variant of convertible undeniable group signatures. In our designed signature scheme, the convertibility has two phases: one is convertible from online to off-line in verification-stage, and the other is convertible from individual to group..
188. Yasuyuki Sakai, Kouichi Sakurai, Efficient scalar multiplications on elliptic curves without repeated doublings and their practical performance, 5th Australasian Conference on Information Security and Privacy, ACISP 2000, 2000.01, We introduce efficient algorithms for scalar multiplication on elliptic curves defined over 1Fp. The algorithms compute 2fc P directly from P, where P is a random point on an elliptic curve, without computing the intermediate points, which is faster than k repeated doublings. Moreover, we apply the algorithms to scalar multiplication on elliptic curves, and analyze their computational complexity. As a result of their implementation with respect to affine (resp. weighted projective) coordinates, we achieved an increased performance factor of 1.45 (45%) (resp. 1.15 (15%)) in the scalar multiplication of the elliptic curve of size 160bit..
189. Toru Inoue, Kouichi Sakurai, Making hash functions from block ciphers secure and efficient by using convolutional codes, 3rd International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2000, 2000.01, We improve Knudsen-Preneel's constructions for cryptographic hash functions based on block ciphers with error correcting codes. We first modify to extend original constructions, which are effective only for non-binary codes, to the case with binary codes (e.g. BCH codes). We also revise the original method by introducing convolutional codes, whereas the previous adapts only block codes. This reduces the circuit complexity of the hardware-implementation 1/N times in terms of the number of (Davies-Meyer's) module functions than that based block error correcting codes..
190. Shingo Miyazaki, Kouichi Sakurai, Moti Yung, On threshold RSA-signing with no dealer, 2nd International Conference on Information Security and Cryptology, ICISC 1999, 2000.01, We consider methods for threshold RSA decryption among distributed agencies without any dealer or trusted party. We present two methods: One is based on the previous two techniques by [FMY98] and [FGMY97]. It demonstrates the feasibility of combining the distributed key generation and the RSA secure function application. The other method [MS99] is newly developed technique based on [FMY98] and further inspired by Simmons’ protocol-failure of RSA (we believe that it is very interesting that a “protocol failure attack” be turned into a constructive method!). The latter requires less “distributed computation” as the key is being set up and it can be more smoothly incorporated into the existing distributed key generation techniques..
191. Yasuyuki Sakai, Kouichi Sakurai, Over Fp vs. Over F2n and on pentium vs. on alpha in software implementation of hyperelliptic curve cryptosystems, 2nd International Conference on Information Security and Cryptology, ICISC 1999, 2000.01, We consider the performance of hyperelliptic curve cryptosystems over the fields Fp vs. F2n. We analyze the complexity of the group law of the Jacobians JC(Fp) and JC(F2n) and compare their performance taking into consideration the effiectiveness of the word size (32- bit or 64-bit) of the applied CPU (Alpha and Pentium) on the arithmetic of the definition field. Our experimental results show that JC(F2n) is faster than JC(Fp) on an Alpha, whereas JC(Fp) is faster than JC(F2n) on a Pentium. Moreover, we investigate the algorithm of the Jacobian and the definition-field arithmetic to clarify our results from a practical point of view, with theoretical analysis..
192. Katsuyuki Okeya, Kouichi Sakurai, Power analysis breaks elliptic curve cryptosystems even secure against the timing attack, 1st International Conference in Cryptology in India, INDOCRYPT 2000, 2000.01, We apply power analysis on known elliptic curve cryptosystems, and consider an exact implementation of scalar multiplication on elliptic curves for resisting against power attacks. Our proposed algorithm does not decrease the computational performance compared to the conventional scalar multiplication algorithm, whereas previous methods did cost the performance or fail to protect against power analysis attacks..
193. Katsuyuki Okeya, Hiroyuki Kurumatani, Kouichi Sakurai, Elliptic curves with the montgomery-form and their cryptographic applications, 3rd International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2000, 2000, We show that the elliptic curve cryptosystems based on the Montgomery-form EM: BY2 = X3+ AX2 +X are immune to the timing-attacks by using our technique of randomized projective coordinates, while Montgomery originally introduced this type of curves for speeding up the Pollard and Elliptic Curve Methods of integer factorization [Math. Comp. Vol.48, No.177, (1987) pp.243-264]. However, it should be noted that not all the elliptic curves have the Montgomery-form, because the order of any elliptic curve with the Montgomery-form is divisible by “4”. Whereas recent ECC-standards [NIST,SEC-1] recommend that the cofactor of elliptic curve should be no greater than 4 for cryptographic applications. Therefore, we present an efficient algorithm for generating Montgomery-form elliptic curve whose cofactor is exactly “4”. Finally, we give the exact consition on the elliptic curves whether they can be represented as a Montgomery-form or not. We consider divisibility by “8” for Montgomery-form elliptic curves. We implement the proposed algorithm and give some numerical examples obtained by this..
194. Shingo Miyazaki, Ikuko Kuroda, Kouichi Sakurai, Toward fair international key escrow
An attempt by distributed trusted third agencies with threshold cryptography, 2nd International Workshop on Practice and Theory in Public Key Cryptography, PKC 1999, 1999, We consider key escrow system for international communication between multiple domains with different policies. In intercepting international communications between two domains serious problems on unfairness may arise when one government has not authorized the message interception in legal. We solve this problem by incorporating a mechanism that allows message interception by law enforcement parties subject to the consent of both governments involved in the communication. That mechanism involves the establishment of an independent International Trusted Third Party (ITTP) that has the ultimate authority to check of the security policies of each country and permit or deny the interception of international messages. We present a scheme with multiple Diffie-Hellman type key distribution protocoland the ITTP copes with only the secret-key corresponding to its own public-key. We can also make the ITTP “multiple”, and we apply recent developed techniques on distributed (threshold) cryptography to our multiple ITTPs. Thus, the establishment and control of an international trusted third party can done with incorporating by each governments..
195. Giovanni Di Crescenzo, Kouichi Sakurai, Moti Yung, Checking programs discreetly
Demonstrating result-correctness efficiently while concealing it, 9th Annual International Symposium on Algorithms and Computation, ISAAC'98, 1998.12, We formalize and investigate a model for zero-knowledge proofs of "program result-correctness", which naturally extends Blum's theory of program checking by adding zero-knowledge requirements. The zero-knowledge requirements are universal for yes and no instances alike..
196. Giovanni Di Crescenzo, Kouichi Sakurai, Moti Yung, Result-indistinguishable zero-knowledge proofs
Increased power and constant-round protocols, 15th Annual Symposium on Theoretical Aspects of Computer Science, STACS 98, 1998.12, We investigate result-indistinguishable perfect zero-knowledge proof systems [8] for "transferring the decision of whether the membership of an input in a language is true or not". Previously only a single number-theoretic language was known to have such a proof system and possible extensions were left as an open question. We show that all known random self-reducible languages (e.g., graph isomorphism, quadratic residuosity, discrete log) and compositions over them have such systems. We also consider techniques for constant-round protocols for these languages in this model, and obtain a 5 round protocol scheme..
197. Shingo Miyazaki, Kouichi Sakurai, A more efficient untraceable e-cash system with partially blind signatures based on the discrete logarithm problem, 2nd International Conference on Financial Cryptography, FC 1998, 1998.01, We propose a new untraceable electronic money system based on the discrete logarithm problem. Our system improves the efficiency of Yacobi's E-money system by making the applied blind signature partial. We compare our system to the previous e-money systems which use the E1Gamal-type scheme in their tracing a double-spender. We also remark a double-registration problem on a digital cash system, recently presented in [Nguyen-Mu-Varadharajan, in Information Security Workshop'97], based on the blind Nyberg-Rueppel signature..
198. Yasuyuki Sakai, Kouichi Sakurai, Design of hyperelliptic cryptosystems in small characteristic and a software implementation over F2n, 4th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 1998, 1998.01, We investigate the discrete logarithm problem over jacobians of hyperelliptic curves suitable for public-key cryptosystems. We focus on the case when the definition field has small characteristic 2, 3, 5 and 7, then we present hyperelliptic cryptosystems that resist against all known attacks. We further implement our designed hyperelliptic cryptosystems over finite fields F2n in software on Alpha and Pentium-II computers. Our results indicate that if we choose curves carefully, hyperelliptic cryp-tosystems do have practical performance..
199. Yasuyuki Sakai, Kouichi Sakurai, Hirokazu Ishizuka, Secure hyperelliptic cryptosystems and their performance, 1st International Workshop on Practice and Theory in Public Key Cryptography, PKC 1998, 1998.01, We investigate the discrete logarithm problem over jacobian varieties of hypereUiptic curves suitable for public-key cryptosysterns, and clarify practical advantages of hyperelliptic cryptosystems compared to the elliptic cryptosystems and to RSA. We focus on the curves defined over the ground field of characteristic 2, and we present hyperelliptic cryptosystems from the jacobian associated with curves[Formula Presented]of genus g=3 and 11, which are secure against the known attacks. We further discuss the efficiency in implementation of such secure hyperelliptic cryptosystems..
200. Michael W. David, Kouichi Sakurai, Security issues for contactless smart cards, 1st International Workshop on Practice and Theory in Public Key Cryptography, PKC 1998, 1998.01, We review the current technologies of contactless smart cards and compare them with contact cards. We discuss the problems of implementing encryption in contactless cards, and consider how to solve the problems. We also report the state of standardization of contactless smart card..
201. Kouichi Sakurai, Souichi Furuya, Improving linear cryptanalysis of LOKI91 by probabilistic counting method, 4th International Workshop on Fast Software Encryption, FSE 1997, 1997.01, We improve linear cryptanalysis by introducing a technique of probabilistic counting into the maximum likelihood stage. In the original linear cryptanalysis based on maximum likelihood method with deterministic counting, the number of effective key and text bits is a multiple of the number of bit involved in the input to some S-box. Then, when larger S-boxes are used, 2R-method and even the 1R-methods can become impractical just because the number of effective text and key bits become excessive. Though 2R-method is practical for attacking DES, existing examples of ciphers where 2R-method is impractical include LOKI91. We overcome this problem by selecting a part of the effective key bits and investigating the probabilistic behavior of the remained effective key bits. The previous attacks discusses deterministic evaluation of the given approximated formula only when all values of the effective text/key bits are known, while we compute the probability that the approximated formula with unknown inputs equals to zero. This extension of linear cryptanalysis make useful for 2R-attack on LOKI91, then improves the performance of previous attacks. Furthermore, we implemented some experiments of attacks on 4-round LOKI91, and confirmed the effectiveness of our method..
202. Eisuke Dannoura, Kouichi Sakurai, On-line versus off-line in money-making strategies with brokerage, 8th Annual International Symposium on Algorithms and Computation, ISAAC 1997, 1997.01, We investigate on-line strategies for money-making trading with brokerage, while competitive algorithms without considering the costs of exchanging are investigated in [R.E1-Yaniv, A.Fiat, R.Karp, and G.Turpin, Proc. of FOCS, (1992)]. We first give the optimal off-line algorithm for the (bidirectional) conversion problem with brokerage. Next, we design an on-line algorithm, which is a combination of the EFKT-Mgorithm with our decided off-line algorithm. Furthermore, we analyze the competitive performance of our proposed on-line algorithm, and discuss lower bounds of the competitive ratio for the problem with brokerage..
203. Masahiro Mambo, Eiji Okamoto, Kouichi Sakurai, Protection of data and delegated keys in digital distribution, 2nd Australasian Conference on Information Security and Privacy, ACISP 1997, 1997.01, A cryptography is quite effective in protecting digital information from unauthorized access. But if a receiver of information is determined after the encryption of the information, e.g. a posted encrypted news is withdrawn by an arbitrary user in open networks, we need an additional mechanism for converting the encrypted information into a form accessible only to an admissible user. Even though such a transformation is done by the consecutive execution of decryption of a ciphertext and re-encryption of a recovered plaintext, an intermediary plaintext may be stolen during the re-encryption. In this paper we examine secure digital distribution systems, information storage system and information provider system, in which encrypted information is directly transformed into a ciphertext of an admissible user. We show that the technique of a proxy cryptosystem is useful for establishing these distribution systems. Proposed protocols can be constructed base on the EIGamal cryptosystem or the RSA cryptosystem. Meanwhile, a blind decryption protocol provides privacy protection with respect to the selection of a ciphertext to be decrypted. In terms of digital distribution it also provides a secure information delivery. An information provider system using a blind decryption protocol possesses a problem such that a decrypting person computes exponentiation for a message freely selected by a requesting person. For such an oracle problem, a solution is known with use of a transformable signature. In this paper we show another measure prohibiting the abuse of the blind decryption protocol..
204. Kouichi Sakurai, A hidden cryptographic assumption in no-transferable indentification schemes, International Conference on the Theory and Applications of Cryptology and Information Security, ASIACRYPT 1996, 1996.01, A 4-move perfect zero-knowledge argument for quadratic residuosity is discussed and the identification scheme based on this protocol is shown to be no-transferable. Note that the soundness of all known previous no-transferable protocols require no computational assumption, while our proposed protocol assumes a restriction of the power of cheating provers. Furthermore, a new notion of practical soundness is introduced and the relationship between practical soundness and no-transferable is investigated. An important consequence is that perfect zero-knowledge arguments does not always satisfy no-transferable nor practical soundness..
205. Mike Burmester, Yvo G. Desraedt, Toshiya Itoh, Kouichi Sakurai, Hiroki Shizuya, Moti Yung, A progress report on subliminal-free channels, 1st International Workshop on Information Hiding, 1996, 1996.01, Subliminal channels are closely related to covert channelsand are used to hide secret information. They abuse the communications resource. Subliminal channels can be introduced in many cryptographicsystems, and exploit the inherent randomness of the systems. For example, secret information can be hidden in the randomness of the authenticators of an authentication system. Similarly secret information can be hidden in the randomness (of the prover or verifier) of both zeroknowledge proof systems and signature systems. To establish a subliminal channel the cryptosystem is abused, that is, used in a different way and for a different purpose than intended by its designer. A particularly obnoxious type of subliminal channel may be activated by abortive halting. For state-of-the-art security, it may be desirable to detect, and if possible prevent, subliminal channels. In this paper we address the problem of whether it is possible to develop (and if so, how) appropriate techniquesfor detecting or preventing the use of such channels. Several such techniques have already been proposed in the literature, and are suitable for many systems. We review these. We also consider recent developments, in particular with regards to the formal security requirements and their impact on research..
206. Kouichi Sakurai, Yoshinori Yamane, Blind decoding, blind undeniable signatures, and their applications to privacy protection, 1st International Workshop on Information Hiding, 1996, 1996.01, A cryptographic concept, blind decoding is discussed: a client has a message encrypted with a server's public key and the client asks the server to decode the message without revealing what is the decoded plaintext nor learning the server's secret key. Blind decoding is a useful tool for protecting user's privacy in on-line shopping over the Internet. The RSA-based blind decoding is easily converted from the similar protocol as the Chaum's blind signature scheme, and a blind decoding protocol for the E1Gama] encryption scheme is newly proposed. Moreover, the practical gap between the known RSA-based blind decoding and our E1Gamal-based scheme is discussed in the application to protecting copyright matter of electronic documents. In blind decoding scheme, undeteetability of the decrypted message has both negative and positive aspects: a negative aspect is considered as the problem of spotting the oracle and a positive aspect is applicable to making undeniable signatures blind against the signer..
207. Kouichi Sakurai, Yuliang Zheng, Cryptographic weaknesses in the round transformation used in a block cipher with provable immunity against linear cryptanalysis, 7th International Symposium on Algorithms and Computation, ISAAC 1996, 1996.01, MISTY is a data encryption algorithm recently proposed by M. Matsui from Mitsubishi Electric Corporation. This paper focuses on cryptographic roles of the transform used in the MISTY cipher. Our research reveals that when used for constructing pseudorandom permutations, the transform employed by the MISTY cipher is inferior to the transform in DES, though the former is superior to the latter in terms of strength against linear and differential attacks. More specifically, we show that a 3-round (4-round, respectively) concatenation of transforms used in the MISTY cipher is not a pseudorandom (super pseudorandom, respectively) permutation. For comparison, we note that with three (four, respectively) rounds, transforms used in DES yield a pseudorandom (super pseudorandom, respectively) permutation. Another contribution of this paper is to show that a 3-round concatenation of transforms used in (the preliminary version of) the MISTY cipher has an algebraic property, which may open a door for various cryptanalytic attacks..
208. Masahiro Mambo, Kouichi Sakurai, Eiji Okamoto, How to utilize the transformability of digital signatures for solving the oracle problem, International Conference on the Theory and Applications of Cryptology and Information Security, ASIACRYPT 1996, 1996.01, Transformability is a property of a digital signature such that one valid signature can be transformed into another valid signature of the same signature scheme. Usually digital signatures should not be forged so that the transformability is regarded as an unfavorable property. Contrarily we show that the transformability can be positively utilized for solving the oracle problem. The oracle problem is the following problem existing in some cryptographic protocols. An entity following a protocol receives a message from an adversary, and returns a certain value computed by a procedure specified in the protocol. In this process the adversary may obtain useful information by interacting with the oracle entity. The blind signature scheme and the blind decoding scheme are examples of such a protocol. Since these blinding techniques are very important in cryptographic applications, e.g. electronic money and digital pay magazine, a method to prevent illegal information leakage should be found. In this paper an oracle problem in the blind decoding scheme based on the ElGamal cryptosystem is solved with the use of a transformable digital signature. As in the original blind decoding scheme, the proposed blind decoding protocol offers users perfect untraceability. We also discuss the relevance of the transformable signature to the blind signature, the divertible zeroknowledge interactive proof and other schemes..
209. Akio Yanbe, Kouichi Sakurai, On the complexity of computational problems associated with simple stochastic games
Extended abstract of COCOON'96, 2nd Annual International Conference on Computing and Combinatorics, COCOON 1996, 1996.01, We investigate simple stochastic games (SSGs): a kind of two-person games under uncertainty, the original model of which was introduced in [L.S. Shapley, Proc. Nat. Acad. Sci. U.S.A. 39 (1953) 1095–1100]. We consider the computational complexity of 1. deciding whether a given SSG is stopping (discounted) or not, 2. counting the number of all the optimal strategies of SSGs, 3. finding an optimal strategy against the player who takes random strategies..
210. Kouichi Sakurai, On separating proofs of knowledge from proofs of membership of languages and its application to secure identification schemes, 1st Annual International Computing and Combinatorics Conference, COCOON 1995, 1995.01, A four-move protocol for quadratic residuosity is proposed and the security is discussed. An application of the proposed protocol to a cryptographic identification scheme introduces a new notion of practical soundness. Our basic approach is to separate proofs of knowledge from proofs of membership of languages. Previous works deal with proofs of knowledge as an additional property of proofs of membership..
211. Takeshi Saito, Kaoru Kurosawa, Kouichi Sakurai, 4 move perfect ZKIP of knowledge with no assumption, 1st International Conference on the Theory and Application of Cryptology, ASIACRYPT 1991, 1993.01, This paper presents a 4-move perfect ZKIP of knowledge with no cryptographic assumption for the random self reducible problems [TW87] whose domain is NP∩BPP. The certified discrete log problem is such an example. (Finding a witness is more difficult than the language membership problem.) A largely simplified 4-move ZKIP for the Hamilton Circuit problem is also shown. In our ZKIP, a trapdoor coin flipping protocol is introduced to generate a challenge bit. P and V cooperatively generate a random bit in a coin flipping protocol. In a trapdoor coin flipping protocol, V who knows the trapdoor can create the view which he can later reveal in two possible ways: both as head and as tail..
212. Toshiya Itoh, Kouichi Sakurai, Hiroki Shizuya, Any language in IP has a divertible ZKIP, 1st International Conference on the Theory and Application of Cryptology, ASIACRYPT 1991, 1993.01, A notion of “divertible” zero-knowledge interactive proof systems was introduced by Okamoto and Ohta, and they showed that for any commutative random self-reducible relation, there exists a divertible (perfect) zero-knowledge interactive proof system of possession of information. In addition, Burmester and Desmedt proved that for any language L ∈ NP, there exists a divertible zero-knowledge interactive proof system for the language L under the assumption that probabilistic encryption homomorphisms exist. In this paper, we classify the notion of divertible into three types, i.e., perfectly divertible, almost perfectly divertible, and computationally divertible, and investigate which complexity class of languages has a perfectly (almost perfectly) (computationally) divertible zero-knowledge interactive proof system. The main results in this paper are: (1) there exists a perfectly divertible perfect zero-knowledge interactive proof system for graph non-isomorphism (GNI) without any unproven assumption; and (2) for any language L having an interactive proof system, there exists a computationally divertible computational zero-knowledge interactive proof system for the language L under the assumption that probabilistic encryption homomorphisms exist..
213. Tatsuaki Okamoto, Kouichi Sakurai, Hiroki Shizuya, How intractable is the discrete logarithm for a general finite group?, Workshop on the Theory and Application of Cryptographic Technique, EUROCRYPT 1992, 1993.01, GDL is the discrete logarithm problem for a general finitc group G. This paper gives a characterization for the intractability of GDL from the viewpoint of computational complexity theory. It is shown that GDL ∈ NP ∩ co-AM, assuming that G is in NP ∩ co-NP, and that the group law operation of G can be exccuted in a polynomial time of the element size. Furthermore, as a natural probabilistic extension, the complexity of GDL is investigated under the assumption that the group law operation is executed in an expected polynomial time of the element size. In this case, it is shown that GDL ∈ MA ∩ co-AM if G ∈ NP ∩ co-NP. Finally, we show that GDL is less intractable than NP-complete problems unless the polynomial time hierarchy collapses to the second level..
214. Kouichi Sakurai, Toshiya Itoh, On bit correlations among preimages of “many to one” one-way functions
— A new approach to study on randomness and hardness of one-way functions —, Workshop on the Theory and Application of Cryptographic Techniques, AUSCRYPT 1992, 1993.01, This paper presents a new measure of the complexity of many to one functions. We study bit correlations among the preimages of an element of the range of many to one one-way functions. Especially, we investigate the correlation among the least significant bit of the preimages of 2 to 1 one-way functions based on algebraic problems such as the factorization and the discrete logarithm..
215. Toshiya Itoh, Kouichi Sakurai, On the complexity of constant round ZKIP of possession of knowledge, 1st International Conference on the Theory and Application of Cryptology, ASIACRYPT 1991, 1993.01, In this paper, we show that if a relation R has a three move blackbox simulation zero-knowledge interactive proof system of possession of knowledge, then there exists a probabilistic polynomial time algorithm that on input x ∈ {0,1}*, outputs y such that (x, y) ∈ R with overwhelming probability if x ∈ dom R, and outputs “⊥” with probability 1 if x ∉ dom R. In the present paper, we also show that without any unproven assumption, there exists a four move blackbox simulation perfect zero-knowledge interactive proof system of possession of the prime factorization, which is optimal in the light of the round complexity..
216. Kouichi Sakurai, Toshiya Itoh, On the discrepancy between serial and parallel of zero-knowledge protocols, 12th Annual International Cryptology Conference, CRYPTO 1992, 1993.01, In this paper, we investigate the discrepancy between a serìal version and a parallel version of zero-knowledge protocols, and clarify the information “leaked” in the parallel version, which is not zero-knowledge unlike the case of the serial version. We consider two sides: one negative and the other positive in the parallel version of zero-knowledge protocols, especially of the Fiat-Sbamir scheme..
217. Kouichi Sakurai, Toshiya Itoh, Subliminal channels for signature transfer and their application to signature distribution schemes, Workshop on the Theory and Application of Cryptographic Techniques, AUSCRYPT 1992, 1993.01, In this paper, we consider the subliminal channel, hidden in an identification scheme, for signature transfer. We point out that the direct parallelization of the Fiat-Shamir identification scheme has a subliminal channel for the transmission of the digital signature, which does not exist in the serial (zero-knowledge) version. We apply this subliminal channel to a multi-verifier interactive protocol and propose a distributed verification signature that cannot be verified without all verifiers' corporation. Our proposed protocol is the first implementation of the distributed verification signature without secure channels, and the basic idea of our construction suggests the novel primitive with which a signature transfer secure against adversary can be constructed using only one-way function (without trapdoor)..
218. Tatsuaki Okamoto, Kouichi Sakurai, Efficient algorithms for the construction of hyperelliptic cryptosystems, 11th Confrence on Advances in Cryptology, CRYPTO 1991, 1992.01, The jacobian of hyperelliptic curves, including elliptic curves as a special case, offers a good primitive for cryptosystems, since cryptosystems (discrete logarithms) based on the jacobians seem to be more intractable than those based on conventional multiplicative groups. In this paper, we show that the problem to determine the group structure of the jacobian can be characterized to be in NP ∩ co-NP, when the jacobian is a non-degenerate type (“non-half-degenerate”). We also show that the hyperelliptic discrete logarithm can be characterized to be in NP ∩ co-NP, when the group structure is non-half-degenerate. Moreover, we imply the reducibility of the hyperelliptic discrete logarithm to a multiplicative discrete logarithm. The extended Weil pairing over the jacobian is the key tool for these algorithms..
219. Hiroki Shizuya, Toshiya Itoh, Kouichi Sakurai, On the complexity of hyperelliptic discrete logarithm problem, Workshop on the Theory and Application of Cryptographic Techniques, EUROCRYPT 1991, 1991.01, We give a characterization for the intractability of hyperelliptic discrete logarithm problem from a viewpoint of computational complexity theory. It is shown that the language of which complexity is equivalent to that of the hyperelliptic discrete logarithm problem is in NP ∩ co-AM, and that especially for elliptic curves, the corresponding language is in NP ∩ co-NP. It should be noted here that the language of which complexity is equivalent to that of the discrete logarithm problem defined over the multiplicative group of a finite field is also characterized as in NP ∩ co-NP..