|
Encryption Scheme
|
|
On the Security Definitions of Sender-Anamorphic Encryption
|
|
If a dictator instructs Alice to send a ciphertext of a forced message to Bob, the sender's freedom to choose a message and a receiver is violated. Even in this scenario, sender-anamorphic encryption allows Alice to choose another message and another receiver, Carol, and to make a ciphertext of the forced message for Bob, which is also a ciphertext of another message for Carol. Therefore, the dictator doesn't realize that Alice transmits another message to Carol through the ciphertext to Bob. Specifically, it is assumed that Alice is forced to use a forced message and a forced public key to encrypt and submit a ciphertext and a randomness to be used by the dictator. Persiano et al. (Eurocrypt 2022) formalized security notions for this scenario. Based on the formalizations, Wang et al. (Asiacrypt 2023) also formalized security notions for l-sender anamorphic encryption. In this work, we revisit the security notions to capture the threat scenario correctly.
|
|
Acceleration of Polynomial Multiplication Used in Ring-LWE
|
|
Post quantum cryptography is attracting attention as a cryptographic system resistant to quantum computer. In post quantum cryptography, mathematical problem called Ring-LWE is often used due to its difficulty. Conducting polynomial multiplication is needed in Ring-LWE, but this can be bottleneck in Ring-LWE. Thus,acceleration of polynomial multiplication is required. In this research, we propose methods that can reduce the times polynomial multiplication is performed by about 50%, mainly by using calculation bandwidth in parallel.
|
|
Attacks on Privacy of Private Information Retrieval (PIR) Schemes and Its Countermeasure
|
|
Private Information Retrieval (PIR) allows clients to search data in a database on some server while keeping the index they want to retrieve hidden from the server. Existing PIR schemes satisfy privacy, i.e., the server cannot learn where clients searched from the received queries as long as the server runs honestly. However, the server does not always run honestly (e.g., network failures may occur). In this work, we revisit the privacy of PIR, especially when we consider that servers do arbitrary actions.
|
|
Signature
|
|
Attribute-Based Signatures for Circuits with Optimal Parameter Size from Standard Assumptions
|
|
Attribute-based signatures (ABS) allow users to simultaneously sign messages and prove their possession of some attributes while hiding the attributes and revealing only the fact that they satisfy a public policy. In this work, we propose a generic construction of ABS for circuits of unbounded depth and size, with optimal parameter size - meaning the lengths of public parameters, keys, and signatures are all constant. Our construction can be instantiated from various standard assumptions, including LWE and DLIN. This substantially improves the state-of-the-art ABS scheme by Boyle, Goldwasser, and Ivan (PKC 2014), which, while achieving optimal parameter size, relies on succinct non-interactive arguments of knowledge that can only be constructed from non-standard assumptions. Our generic construction is based on RAM delegations. At a high level, we leverage the fact that the circuit associated with the signature can be made public and compress it using the power of RAM delegation. This allows us to achieve an overall optimal parameter size while simultaneously hiding the user's policy. |
|
Formal Verification
|
|
Formal Verification for Applications using TEE
|
|
TEE (Trusted Execution Environment) is a technology that creates an isolated execution environment in memory space with the assistance of hardware. It is often used in secure computing where sensitive data is computed in the public cloud environment and the results are obtained while the data remains confidential. Although there are many applications which use TEE, only a few of them are guaranteed to be strictly secure due to the complexity of TEE design. Therefore, in this work, by utilizing formal verification, a method that rigorously guarantees that the designed system satisfies the expected requirements, we aim to model the components of TEE and verify that the applications using TEE meet the intended security properties.
|
|
Cryptocurrency/Blockchain
|
|
Load evaluation of Proof-of-Verification
|
|
Bitcoin, a cryptocurrency on blockchain, maintains its soundness by successive block generation. Block generation offers a reward for success on a first-come-first-served basis. It consumes a huge computational cost, so block generation triers (miners) have an incentive to skip other computations. A block contains many transaction data of coins, whose validity check, especially signature verification needs cryptographic calculations and can be the first skip target. To address this issue, a method called "Proof-of-Verification" (PoV) was proposed, which can indicate signatures in the block have been verified. We introduce the load evaluation of PoV.
|
|
Interoperability between permissioned distributed ledgers without external trust anchor
|
|
The advent of Web3 and permissioned distributed ledgers has led to the implementation of these technologies in enterprise applications, where they offer a cost-effective alternative to permissionless systems. In order to utilize these permissioned distributed ledgers in an efficient manner without isolating them, it is necessary to ensure interoperability. The difficulty lies in the fact that it is challenging to ascertain the veracity of the recorded data in the permissioned distributed ledger from an external perspective. Previous research has proposed methods to ensure verifiability with external trust anchors such as public distributed ledgers, but this incurs additional usage costs. This research aims to achieve a low-cost interoperability method and proposes a formalization of blockchain interoperability that does not assume an external trust anchor. Using the proposed method, the assumption of a trust anchor is not required, and it becomes possible to connect distributed ledgers without paying usage fees.
|
|
Fast and Secure Consensus Protocol for Ethereum 2.0
|
|
There have been many attacks threatening the security of LMD-GHOST, the consensus protocol adopted in Ethereum 2.0. Therefore, a consensus protocol which is provably secure is needed. The existing work "Goldfish" is provably secure but requires 3Δ rounds per slot, with Δ being the maximum network delay. In this study, we propose a provably secure protocol with a structure of 2Δ rounds per slot by parallelizing the block proposal phase and the voting phase in Goldfish. By reducing the number of rounds per slot, transaction processing speed increases, leading to enhancing scalability.
|
|
Network Security
|
|
An Overlay Communication System for Traffic Confirmation Attack Against Tor Hidden Services
|
|
Tor hidden services are services hosted on the Tor network. The IP addresses of theses services are hidden by onion routing. Previous research has shown that traffic confirmation attack methods can reveal IP addresses of hidden services. However, the methods are subject to false positives when multiple entities use the same method. In this research, we propose an overlay communication system on the Tor network to confirm the sender of signals in a traffic confirmation attack.
|
|
Web Security
|
|
A Web Information Proof Method Based on TLS Communication Authenticity Verification
|
|
Recently, ensuring the authenticity of online information has become increasingly important. However, existing methods often require server-side modifications or rely heavily on zero-knowledge proofs, making verification complex. In particular, users have faced challenges in proving information obtained from arbitrary websites to third parties without server cooperation. This study proposes a method to directly issue Verifiable Credentials (VCs) from web information acquired through TLS communication. It also introduces a new Notary node selection mechanism to maintain security even in the presence of malicious actors.
|
|