Kyushu University Academic Staff Educational and Research Activities Database
Search by Keyword How ro search
Keyword
Search Criteria
 
Detailed Search

List of Reports
Kouichi Sakurai Last modified date:2023.11.27

Professor / Mathematical Informatics / Department of Informatics / Faculty of Information Science and Electrical Engineering


Reports
1. Proposal of Certified E-mail in consideration of Authentication and Scalability
The business through the network is being expanded with the spread of the Internet in recent years. However, the Internet is not equipped with the function s required for business or fair contracts. These functions require some characteristics such as authentication, confidentiality, integrity, non-repudiation, fairness and efficiency. Then, Certified E-mail is considered as a system which realizes such characteristics. Various systems and commercialization as Certified E-mail are proposed. Especially, Abadi's proposal system [AGHP02] requires small number of times of communication and also has few amounts of transmission to TTP. However, sender is authenticated by password shared with receiver, so the burden of preparation and management of passwords becomes large for both users when dealings partners increase in number. Then, in this paper, we modify the authentication method of Abadi's system. The modification is that the sender also makes pre-registration of a password with TTP. This modification realizes the system with which a user side should just prepare only one password when there are many partners..
2. Risks for Raw-key Masking : the Security of 2-key XCBC MAC-generation scheme
Two-key XCBC proposed by Moriai and Imai is a CBCMAC-based method to generate a message authentication code. This method is optimal from several aspects, the number of PRP invocations, key setups, and key materials. This mode is alsp proven the security as a MAC. In this paper, we discuss how masking a secret key for a plaintext block effects to its security. Concerning that the PRP is limited to the special permutations, we show the two-key XCBC is forgeable if one uses Even-Mansour constructions. In case of using DESX construction for two-key XCBC, the necessary complexity to attack the scheme is below that what is proven for DESX. We also study the security of AES and Camellia when they are used in two-key XCBC mode from another aspect, rather than the context of the provable security..
3. Secure Anonymous Buyer-Seller Watermarking Protocol Against Conspiracy Attack
Copyright marking schemes are techniques applied to protect the copyright on digital contents. They are the embedding of marks into digital contents that can later be detected to identify owners (watermarking) or recipients (fingerprinting) of the content. Anonymous buyer-seller watermarking protocol allows the buyers to purchase watermarked contents anonymously. However, on illegal redistribution the anonymity can be revoked. In this paper we show serious shortcomings of recent proposals on anonymous buyer-seller watermarking protocol. The problem is that it allows the seller to cheat honest buyers. Thus, if another copy with specific watermark turns up, one cannot assign responsibility to one of the buyer and the seller. In this paper, we present secure buyer-seller watermarking protocol using commutative cryptosystems, which prevents the buyer from cheating honest buyers..
4. Security Verification of One-time ID System with Third Party by Modal Logic
In CSS2003, we propose a three-party Diffie-Hellman-based key exchange protocol in pre-shared key model. It uses "One-time ID" to protect user's identity, and introduces trusted third party to achieve a system which has high scalability. In this paper, we analyze the protocol of [1] by SVO Logic, which is one of formal verification methods based on modal logic. Moreover, we consider some existing One-time ID generation methods..
5. A Software Fingerprinting Scheme for JAVA Using Classfiles Obfuscation
It is effective that embedding the personal identifier as watermarking to a program to prevent theft of JAVA class files. Monden et al. [14] proposed watermarking scheme for embedding arbiter character sequence to target JAVA class files. But the scheme can be used to embed only the same watermarking to all the programs. For this reason, if we apply the scheme to embed personal identifier, the watermark can be specified by comparing two or more users' program. In this paper, we solve the problem by using the obfuscation scheme [16]. Moreover we try to raise the security of class files..
6. A Framework of Remote Biometric Authentication with Assuring Validity of Personal Repository
Biometric authentication is remarkable with respect to identification of legitimate users. Biometric authentication is hopeful of services on the internet as reinforcement for conventional authentication such as ID and password, however, biometric information -acquisition raw data and template data- is unrenewable even though the data is compromised. We propose a framework of online biometric authentication with verification of validity of user's personal repository based on PKI. In this framework, information of biometrics authentication (certificate of templates) is related to not information of ownership but personal repository. This framework achieves anonymity during biometric authentication process by verifying validity of the user's personal repository..
7. A Framework of Remote Biometric Authentication with Assuring Validity or Personal Repository
Biometric authentication is remarkable with respect to identification of legitimate users. Biometric authentication is hopeful of services on the internet as reinforcement for conventional authentication such as ID and password, however, biometric information -acquisition raw data and template data- is unrenewable even though the data is compromised. We propose a framework of online biometric authentication with verification of validity of user's personal repository based on PKI. In this framework, information of biometrics authentication (certificate of templates) is related to not information of ownership but personal repository. This framework achieves anonymity during biometric authentication process by verifying validity of the user's personal repository..
8. Design and Security Verification of One-time ID Key-Exchange Protocol by Modal Logic
In order to conceal user's identity from eavesdroppers and construct a system with high scalability, we propose a three-party Diffie-Hellman-based key exchange protocol using "One-time ID". In this paper, we analyze the proposed protocol by SVO Logic [1], [2], which is one of formal verification methods based on modal logic. Moreover, we consider some existing One-time ID generation methods..
9. 蘇 春華, 櫻井 幸一, プライバシー保護したK-meansクラスタリング対話型プロトコル, 電子情報通信学会技術研究報告, Vol.105, No.290, pp.53-60, 2005.09, K-means clustering is a powerful and frequently used technique of Data mining, the traditional techniques which require access to precise information in individual records will cause privacy problem. For this concern, privacy-preserving k-means technique is needed. In this paper, we consider a scenario in which two parties owning confidential databases wish to run a k-means clustering algorithm to do data mining task on the union of their databases, without revealing any unnecessary information under the semi-honest model. We focus on the problem of k-means clustering algorithm and give out a proposal which can deal with both numeric data and non-numeric data to execute the k-means clustering algorithm while preserving the privacy. The former research results often employ either Trust Third Party or cryptographic methods with too much complexity and cannot process the non-numeric attributes. Our solution is using the secure multi-party computation techniques to construct privacy-preserving k-means clustering protocols with less communication and computational complexity, and we show our solution can process the non-numeric attributes over two parties' databases..
10. 蘇 春華, 櫻井 幸一, M-004 Preserving-preserving Multi-party Statistical Computation, 情報科学技術フォーラム一般講演論文集, Vol.4, No.4, pp.223-224, 2005.08, The rapid development of Internet provides us tremendous opportunities for cooperative computations. As a new technology, Data Mining can extract valuable knowledge from large among of data. And statistical computation is a major tool used in data mining. However, the collected data may contain the sensitive Information or privacy of individual or company. This privacy concern may prevent them to share their data for the cooperation. In paper, we proposed some protocols for privacy-preserving statistical computation over the distributed databases in the network environment. Our protocols are based on the data perturbation and cryptographic techniques..
11. A Report on Information Security Conference (ISC)/International Workshop for Applied PKI (IWAP)/Secure Mobile Ad-hoc Networks and Sensors (MADNES)
This paper reports Information Security Conference (ISC), International Workshop for Applied PKI (IWAP), and Secure Mobile Ad-hoc Networks and Sensors (MADNES) held on September 20-23, 2005 at Sentosa, Singapore..
12. 蘇 春華, 周 建英, 鮑 豊, 櫻井 幸一, プライバシー保護した分散的ドキュメントクラスタリング, 電子情報通信学会技術研究報告. ISEC, 情報セキュリティ, Vol.106, No.176, pp.123-130, 2006.07, Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment, it may involve the users' privacy of their own document. In this paper, we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties. each having their private documents, want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties..
13. 蘇春華, 周建英, 鮠豊, 櫻井 幸一, プライバシー保護した分散的Fキュメントクラスタリング, 情報処理学会研究報告コンピュータセキュリティ(CSEC), Vol.2006, No.81, pp.353-360, 2006.07, Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment it may involve the users' privacy of their own document. In this paper we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties each having their private documents want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties.Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment, it may involve the users' privacy of their own document. In this paper, we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties, each having their private documents, want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties..
14. Amril Syalim, Toshihiro Tabata, Kouichi Sakurai, ネットワークセキュリティ, 情報処理学会論文誌, Vol.47, No.2, pp.621-626, 2006.02, A database service provider (DSP) is a provider of an Internet service for maintaining data so that users can access their data any time and anywhere via the Internet. The DSP model involves several challenges including the issue of data confidentiality.A database service provider (DSP) is a provider of an Internet service for maintaining data so that users can access their data any time and anywhere via the Internet. The DSP model involves several challenges, including the issue of data confidentiality..
15. SU Chunhua, BAO Feng, ZHOU Jianying, SAKURAI Kouichi, Private Data Clustering based on Secure Approximation, 情報理論とその応用シンポジウム予稿集 = The proceedings of the Symposium on Information Theory and Its Applications, Vol.29, No.2, pp.839-842, 2006.11.
16. A Proposal of Secret Key Management Using Anonymous Biometrics in Public Key Infrastructure
We propose the scheme that stores protected secret key which is made by combination of biometrics and secret key in the smartcard in PKI. In our proposal, the user encrypts the secret key using biometrics information extracted from owner of that secret key and stores it as protected secret key in smartcard which has fingerprint reading function. The user can restore the secret key form protected secret key by presenting his fingerprint to smartcard that has protected secret key and helper data. In our scheme, the template is not need for authentication. So, the problem of the leaks of the template which arise in traditional biometric authentication won ' t arise in our scheme..
17. 蘇 春華, 周 建英, 鮑 豊, 高木 剛, 櫻井 幸一, プライバシー保護した相関ルールマイニングに関する再考, 電子情報通信学会技術研究報告. ISEC, 情報セキュリティ, Vol.107, No.140, pp.133-138, 2007.07, Assocaition Rules Mining is a frequently used technique which finds interesting associations and correlation relationships among large set of data items that occur frequently together in varieties of social and bussiness area. For the coopertional distributed assocaition rules mining, privacy-preserving techniques are strongly needed. In this paper, we employ frequent-pattern tree (FP-tree) structure storing compressed, crucial information about frequent patterns, and develop an efficient and secure FP-treebased mining method. We show that our protocol is collusion resistant, which means that even if all dishonest respondents collude with a dishonest data minerin an attempt to learn the associations between honest respondents and their responses, they will be unable to do so..
18. 蘇春華, 周建英, 鉋豊, 高木 剛, 櫻井 幸一, プライバシー保護した相関ルールマイニングに関する再考, 情報処理学会研究報告コンピュータセキュリティ(CSEC), Vol.2007, No.71, pp.133-138, 2007.07, Assocaition Rules Mining is a frequently used technique which finds interesting associations and correlation relationships among large set of data items that occur frequently together in varieties of social and bussiness area. For the coopertional distributed assocaition rules mining privacy-preserving techniques are strongly needed. In this paper we employ frequent-pattern tree (FP-tree) structure storing compressed crucial information about frequent patterns and develop an efficient and secure FP-treebased mining method. We show that our protocol is collusion resistant which means that even if all dishonest respondents collude with a dishonest data minerin an attempt to learn the associations between honest respondents and their responses they will be unable to do so. Key words association rule mining privacy-preserving data mining FP-tree attributes-based encryptionAssocaition Rules Mining is a frequently used technique which finds interesting associations and correlation relationships among large set of data items that occur frequently together in varieties of social and bussiness area. For the coopertional distributed assocaition rules mining, privacy-preserving techniques are strongly needed. In this paper, we employ frequent-pattern tree (FP-tree) structure storing compressed, crucial information about frequent patterns, and develop an efficient and secure FP-treebased mining method. We show that our protocol is collusion resistant, which means that even if all dishonest respondents collude with a dishonest data minerin an attempt to learn the associations between honest respondents and their responses, they will be unable to do so. Key words association rule mining, privacy-preserving data mining, FP-tree, attributes-based encryption.
19. A-7-24 Privacy-Preserving Density Estimation-based Clustering via Random Data Perturbation.
20. 蘇春華, 櫻井 幸一, 頻出パータン木を利用した安全な相関ルール発見手法, 情報処理学会研究報告コンピュータセキュリティ(CSEC), Vol.2008, No.71, pp.311-315, 2008.07, Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment it may involve the users' privacy of their own document. In this paper we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties each having their private documents want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties.Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment, it may involve the users' privacy of their own document. In this paper, we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties, each having their private documents, want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties..
21. 蘇 春華, 櫻井 幸一, 頻出パータン木を利用した安全な相関ルール発見手法, 電子情報通信学会技術研究報告. ISEC, 情報セキュリティ, Vol.108, No.162, pp.177-181, 2008.07, Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment, it may involve the users' privacy of their own document. In this paper, we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties, each having their private documents, want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties..
22. 王戦, 堀 良彰, 櫻井 幸一, テキストと画像情報用いた画像スパムフィルタリングの設計と評価, 情報処理学会研究報告マルチメディア通信と分散処理(DPS), Vol.2008, No.21, pp.279-284, 2008.03, 近年,インターネットの発展と電子メールの普及に伴い,迷惑メールが増加している。それに対する技術的対策も研究され,その中でもテキスト分類技術を利用するフィルタリングが広く用いられている.しかし,その回避策として,迷惑メール本文を画像に入れて,フィルタを通過する画像スパムが急増している.本論文では,画像スパムを光学式文字認識(OCR)を用いてデータに変換し、さらに添付画像の情報を学習データに加え、フィルタリングを行う方式を提案する.また,筆者収集した画像スパムと SpamArchive のデータセットを用いて評価を行うことで提案手法の有効性を明らかにする.Spam have received much attention on Internet users and the amount of the spam increases. The number of technical approaches to the spam is increasing in recent years and text categorisation techniques have been investigated by researchers for the filter of the semantic content of e-mails. However, one of the spam construction techniques involves embedding test messages into images, which usually called "image spam" has been successful in bypassing text-based spam filters. In this paper, we propose an approach to anti-spam filtering. Our approach combines standard OCR and text categorization techniques, and distinctive properties of spam images to detect image spam. The effectiveness of the proposed approach is experimentally evaluated on personal corpus and SpamArchive corpus..
23. A Methodology for Evaluating Each Measure in the Integrated Evaluation of the Security Measures in a System
For covering various requirements for the evaluations of security measures for a system with good coordination among the solutions of different evaluations, it is required to establish a methodology for integrated evaluation of security measures for a system which can satisfy such requirement In this paper we show the positions of the evaluations for individual security measures in the integrated evaluation and propose a practical approach to evaluate a basic unit of security measures which will link total evaluation of all security measures in a system with the issues to be solved for making proposed approach practical and being widely used..
24. 蘇 春華, 鮑 峰, 周 建英, 高木 剛, 櫻井 幸一, A-7-25 Security Problems in Existing Privacy-preserving K-means Clustering Schemes, 電子情報通信学会総合大会講演論文集, Vol.2008, p.197, 2008.03.
25. A-7-11 Botnet Detection Using Random Forest.
26. Yuji Suga, Kouichi Sakurai, Xuhua Ding, Kazue Sako, ASIA CCS '22: ACM Asia Conference on Computer and Communications Security, ACM , ISBN 978-1-4503-9140-5, 2022.04, [URL].
27. A Software Fingerprinting Scheme for Java Using Class Structure Transformation
Embedding personal identifiers as watermarks to software is effective in order to protect copyright of them. Monden et al. proposed program watermarking scheme for embedding arbiter character sequence to target Java class files. But their scheme can be used to embed only the same watermarking to all the programs. Thus, if we apply their scheme to embed users' personal identifiers, the watermark can be specified by comparing two or more users' program. This paper improve the problem by using a class structure transformation..
28. Yaokai Feng, Yoshiaki Hori, Kouichi Sakurai, Jun'ichi Takeuchi, A Behavior-based Method for Detecting Distributed Scan Attacks in Darknets, 情報処理学会論文誌, Vol.54, No.6, 2013.06, The technologies used by attackers in the Internet environment are becoming more and more sophisticated. Of the many kinds of attacks, distributed scan attacks have become one of the most serious problems. In this study, we propose a novel method based on normal behavior modes of traffic to detect distributed scan attacks in darknet environments. In our proposed method, all the possible destination TCP and UDP ports are monitored, and when a port is attacked by a distributed scan, an alert is given. Moreover, the alert can have several levels reflecting the relative scale of the attack. To accelerate learning and updating the normal behavior modes and to realize rapid detection, an index is introduced, which is proved to be very efficient. The efficiency of our proposal is verified using real darknet traffic data. Although our proposal focuses on darknets, the idea can also be applied to ordinary networks.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.21(2013) No.3 (online)DOI http://dx.doi.org/10.2197/ipsjjip.21.527------------------------------The technologies used by attackers in the Internet environment are becoming more and more sophisticated. Of the many kinds of attacks, distributed scan attacks have become one of the most serious problems. In this study, we propose a novel method based on normal behavior modes of traffic to detect distributed scan attacks in darknet environments. In our proposed method, all the possible destination TCP and UDP ports are monitored, and when a port is attacked by a distributed scan, an alert is given. Moreover, the alert can have several levels reflecting the relative scale of the attack. To accelerate learning and updating the normal behavior modes and to realize rapid detection, an index is introduced, which is proved to be very efficient. The efficiency of our proposal is verified using real darknet traffic data. Although our proposal focuses on darknets, the idea can also be applied to ordinary networks.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.21(2013) No.3 (online)DOI http://dx.doi.org/10.2197/ipsjjip.21.527------------------------------.
29. A Proposal on Method to Visualizing Web Browsing History for Digital Forensics
Mobile devices accumulates much private information of the user. This is due to the carried by user and utilized for communication. Therefore, digital forensics that targets mobile devices will be deemed to be more effective. Mobile terminals, especially smartphones is transforming a HTML5 platform. This is what the application execution environment that supports HTML5 Web browser. One of the significant feature of HTML5 is WebStorage. It is intended to enable the storage feature that is easy to handle and large capacity to Web browser. This feature will be deemed to be important in the digital forensics. In this research, we propose the method to acquire this storage area offline and structuralize and graphically visualize it..
30. A Proposal on Method to Visualizing Web Browsing History for Digital Forensics
Mobile devices accumulates much private information of the user. This is due to the carried by user and utilized for communication. Therefore, digital forensics that targets mobile devices will be deemed to be more effective. Mobile terminals, especially smartphones is transforming a HTML5 platform. This is what the application execution environment that supports HTML5 Web browser. One of the significant feature of HTML5 is WebStorage. It is intended to enable the storage feature that is easy to handle and large capacity to Web browser. This feature will be deemed to be important in the digital forensics. In this research, we propose the method to acquire this storage area offline and structuralize and graphically visualize it..
31. 穴田 啓晃, 有田 正剛, 櫻井 幸一, Attribute-Based Two-Tier Signatures (マルチメディア情報ハイディング・エンリッチメント), 電子情報通信学会技術研究報告 = IEICE technical report : 信学技報, Vol.115, No.122, pp.1-8, 2015.07.
32. 穴田 啓晃, 有田 正剛, 櫻井 幸一, Attribute-Based Two-Tier Signatures (情報通信システムセキュリティ), 電子情報通信学会技術研究報告 = IEICE technical report : 信学技報, Vol.115, No.121, pp.1-8, 2015.07.
33. 田中 哲士, 鄭 振牟, 安田 貴徳, 櫻井 幸一, Accelerating QUAD Stream Cipher using Optimal Extension Field on GPU (情報セキュリティ), 電子情報通信学会技術研究報告 = IEICE technical report : 信学技報, Vol.114, No.471, pp.1-4, 2015.03, 鍵ストリームの生成に多変数二次多項式の付値を用いるQUADストリーム暗号において,有限体上の乗算はコアな計算である.その為,QUADストリーム暗号の高速化には効率的な有限体上の乗算が必要となる.実装上の効率的な乗算として,Optimal Extension Field(OEF)による乗算が知られている.本発表ではOEFを有限体として用いた,QUADストリーム暗号のGraphics Processing Unit上における実装結果について報告する.GF(2^-5)上の32変数64多項式のQUADはGF(2^)のものよりもGPU上で9倍高速であった..
34. 田中 哲士, 鄭 振牟, 安田 貴徳, 櫻井 幸一, Accelerating QUAD Stream Cipher using Optimal Extension Field on GPU (ワイドバンドシステム), 電子情報通信学会技術研究報告 = IEICE technical report : 信学技報, Vol.114, No.472, pp.1-4, 2015.03, 鍵ストリームの生成に多変数二次多項式の付値を用いるQUADストリーム暗号において,有限体上の乗算はコアな計算である.その為,QUADストリーム暗号の高速化には効率的な有限体上の乗算が必要となる.実装上の効率的な乗算として,Optimal Extension Field(OEF)による乗算が知られている.本発表ではOEFを有限体として用いた,QUADストリーム暗号のGraphics Processing Unit上における実装結果について報告する.GF(2^-5)上の32変数64多項式のQUADはGF(2^)のものよりもGPU上で9倍高速であった..
35. Chen Chunlu, Anada Hiroaki, Kawamoto Junpei, Sakurai Kouichi, Sakurai Koichi, A Hybrid Encryption Scheme with Key-cloning Protection: User / Terminal Double Authentication via Attributes and Fingerprints, Journal of Internet Services and Information Security, Vol.6, No.2, pp.23-36, 2016.05.
36. Evaluation of Host Independent and Distributed Detection System of the Network Attack by Using OpenFlow.
37. Vargas Danilo Vasconcellos, Sakurai Kouichi, A Brief Review on Anomaly Detection and its Applications to Cybersecurity (情報通信システムセキュリティ), 電子情報通信学会技術研究報告 = IEICE technical report : 信学技報, Vol.116, No.522, pp.37-42, 2017.03.
38. Jeong Ok Kwon, Ik Rae Jeong, Kouichi Sakurai, Dong Hoon Lee, Efficient verifier-based password-authenticated key exchange in the three-party setting, Computer Standards and Interfaces, 10.1016/j.csi.2006.12.002, Vol.29, No.5, pp.513-520, 2007.07, In the last few years, researchers have extensively studied the password-authenticated key exchange (PAKE) in the three-party setting. The fundamental security goal of PAKE is security against dictionary attacks. The protocols for verifier-based PAKE are additionally required to be secure against server compromise. Some verifier-based PAKE schemes in the three-party setting have been suggested to solve the server compromise problem. Unfortunately, the protocols are vulnerable to an off-line dictionary attack. In this paper, we present an efficient verifier-based PAKE protocol for three-parties that is secure against known-key attacks and provides forward secrecy. To the best of our knowledge, the proposed protocol is the first secure three-party verifier-based PAKE protocol in the literature. © 2006 Elsevier B.V. All rights reserved..
39. Mojtaba Alizadeh, Mazdak Zamani, Sabariah Baharun, Azizah Abdul Manaf, Kouichi Sakurai, Hiroaki Anada, Hassan Keshavarz, Shehzad Ashraf Chaudhry, Muhammad Khurram Khan, Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks" (vol 10, e0142716, 2015), PLOS ONE, 10.1371/journal.pone.0145975, Vol.10, No.12, 2015.12.
40. Mojtaba Alizadeh, Saeid Abolfazli, Mazdak Zamani, Sabariah Baharun, Kouichi Sakurai, Authentication in mobile cloud computing: A survey, JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 10.1016/j.jnca.2015.10.005, Vol.61, pp.59-80, 2016.02, Mobile cloud computing (MCC) is the state-of-the-art mobile distributed computing model that incorporates multitude of heterogeneous cloud-based resources to augment computational capabilities of the plethora of resource-constraint mobile devices. In MCC, execution time and energy consumption are significantly improved by transferring execution of resource-intensive tasks such as image processing, 3D rendering, and voice recognition from the hosting mobile to the cloud-based resources. However, accessing and exploiting remote cloud-based resources is associated with numerous security and privacy implications, including user authentication and authorization. User authentication in MCC is a critical requirement in securing cloud-based computations and communications. Despite its critical role, there is a gap for a comprehensive study of the authentication approaches in MCC which can provide a deep insight into the state-of-the-art research. This paper presents a comprehensive study of authentication methods in MCC to describe MCC authentication and compare it with that of cloud computing. The taxonomy of the state-of-the-art authentication methods is devised and the most credible efforts are critically reviewed. Moreover, we present a comparison of the state-of-the-art MCC authentication methods considering five evaluation metrics. The results suggest the need for futuristic authentication methods that are designed based on capabilities and limitations of MCC environment. Finally, the design factors deemed could lead to effective authentication mechanisms are presented, and open challenges are highlighted based on the weaknesses and strengths of existing authentication methods. (C) 2015 Elsevier Ltd. All rights reserved..


Unauthorized reprint of the contents of this database is prohibited.

Copyright © 2006, Kyushu University. All rights reserved.