発表文献
2025年4月現在
Year 2025
国内会議
-
張一凡,松浦 幹太.
2者間ECDSAアダプター署名を用いたオフチェーン分散台帳処理,
2025年暗号と情報セキュリティシンポジウム
(SCIS2025)予稿集,
2025
-
廣澤佑亮,
松浦幹太.
Karatsuba's Algorithm を用いた Ring-LWE における多項式乗算の並列計算,
2025年暗号と情報セキュリティシンポジウム
(SCIS2025)予稿集,
2025
Year 2024
国際誌(LNCSを含む)
-
Ryu Ishii,
Kyosuke Yamashita,
Zihao Song,
Yusuke Sakai,
Tadanori Teruya,
Takahiro Matsuda,
Goichiro Hanaoka,
Kanta Matsuura,
Tsutomu Matsumoto.
Constraints and Evaluations on Signature Transmission Interval for Aggregate Signatures with Interactive Tracing Functionality,
IEICE Transactons on Fundamentals of Electronics,
Communications and Computer Sciences,
Vol.E107-A,
No.4,
pp.619-633,
2024
[detail]
abstract
Fault-tolerant aggregate signature (FT-AS) is a special type of aggregate signature
that is equipped with the functionality for tracing signers who generated invalid signatures
in the case an aggregate signature is detected as invalid.
In existing FT-AS schemes (whose tracing functionality requires multi-rounds),
a verifier needs to send a feedback to an aggregator for efficiently tracing the invalid signer(s).
However, in practice, if this feedback is not responded to the aggregator
in a sufficiently fast and timely manner, the tracing process will fail.
Therefore, it is important to estimate whether this feedback can be responded and
received in time on a real system.
In this work, we measure the total processing time required for the feedback
by implementing an existing FT-AS scheme, and evaluate whether the scheme works
without problems in real systems. Our experimental results show that the time
required for the feedback is 605.3 ms for a typical parameter setting,
which indicates that if the acceptable feedback time is significantly larger than a few hundred ms,
the existing FT-AS scheme would effectively work in such systems.
However, there are situations where such feedback time is not acceptable,
in which case the existing FT-AS scheme cannot be used. Therefore,
we further propose a novel FT-AS scheme that does not require any feedback.
We also implement our new scheme and show that a feedback in this scheme is completely eliminated
but the size of its aggregate signature (affecting the communication cost
from the aggregator to the verifier) is 144.9 times larger than that of the existing FT-AS scheme
(with feedbacks) for a typical parameter setting,
and thus has a trade-off between the feedback waiting time and the communication cost
from the verifier to the aggregator with the existing FT-AS scheme.
-
Yuichi Tanishita,
Ryuya Hayashi,
Ryu Ishii,
Takahiro Matsuda,
Kanta Matsuura.
On the Implications from Updatable Encryption to Public-Key Cryptographic Primitives,
Lecture Notes in Computer Science (Information Security and Privacy,
The 29th Australasian Conference on Information Security and Privacy: ACISP2024),
Vol.14895,
No.1,
pp.303-323,
2024
[detail]
abstract
Updatable encryption (UE) is a special type of symmetric-key encryption (SKE) that allows a third party to update ciphertexts while protecting plaintexts.
Alamati et al. (CRYPTO 2019) showed a curious connection between UE and public-key encryption (PKE) that PKE can be constructed from UE.
This implication result is somewhat surprising since it is well-known that PKE cannot be constructed from (ordinary) SKE in a black-box manner.
In this paper, we continue to study the relationships between UE and other cryptographic primitives to obtain further insights into the existence and power of UE, and assumptions required for it.
More specifically, we introduce some security properties that are natural to consider for UE (and are indeed satisfied by some existing UE schemes), and then investigate what types of public-key cryptographic primitives can be constructed from UE with the additional properties. Specifically, we show the following results:
- 2-round oblivious transfer (OT) can be constructed from UE that satisfies the \emph{oblivious samplability (OS)} of original ciphertexts (i.e. those generated by the ordinary encryption algorithm, as opposed to those generated by the ciphertext-update algorithm) and the OS of update tokens (that are used for updating ciphertexts).
- 3-round OT can be constructed from UE with OS of updated ciphertexts (i.e. those generated by the ciphertext-update algorithm).
- Lossy encryption and PKE secure against selective-opening attacks can be constructed from UE if it satisfies what we call \emph{statistical confidentiality of original ciphertexts}.
-
Yuichi Tanishita,
Ryuya Hayashi,
Ryu Ishii,
Takahiro Matsuda,
Kanta Matsuura.
Updatable Encryption Secure Against Randomness Compromise,
Lecture Notes in Computer Science (Cryptology and Network Security,
23rd International Conference,
CANS 2024),
Vol.14906,
No.1,
pp.47-69,
2024
[detail]
abstract
Updatable encryption (UE) allows a third-party server to update outsourced encrypted data without exposing keys and plaintexts.
The server can update ciphertexts to ones under a new key using an update token provided by the client.
UE can realize efficient key rotation and is effective against key compromise.
The standard security notions of UE capture the property that even if keys or update tokens are compromised, the confidentiality of messages is maintained by the key update and ciphertext update.
In general, the randomnesses used in the encryption and ciphertext update algorithms must be kept secret in the same way as the keys.
On the other hand, while key compromise is considered in existing security notions, randomness compromise is not.
In this paper, we define a new security notion for UE, IND-UE-R security, that is resilient to the compromise of randomnesses used to generate or update ciphertexts.
Furthermore, we prove that the UE construction RISE (EUROCRYPT'18) satisfies our proposed security notion.
国際会議
-
Taichi Igarashi,
Kanta Matsuura.
Scam Token Detection Based on Static Analysis Before Contract Deployment,
The 28th International Conference on Financial Cryptography and Data Security: FC2024,
8th Workshop on Trusted Smart Contracts: WTSC24
,
2024
[detail]
abstract
In recent years, the number of crimes using smart contracts
has increased. In particular, fraud using tokens, such as rug-pull,
has become an ignorable issue in the field of decentralized finance because a lot
of users have been scammed. Therefore, constructing a detection system
for scam tokens is an urgent need. Existing methods are based on machine
learning, and they use transaction and liquidity data as features.
However, they cannot completely remove the risk of being scammed because
these features can be extracted after scam tokens are deployed
to blockchain. In this paper, we propose a scam token detection system
based on static analysis. In order to detect scam tokens before deployment,
we utilize code-based data, such as bytecodes and opcodes, because they can
be obtained before contract deployment. Since N-gram
includes information regarding the order of code sequences and scam tokens
have the specific order of code-based data, we adopt N-gram of them
as features. Furthermore, for the purpose of achieving a high detection
performance, each feature is categorized into a scam-oriented feature or
benign-oriented one to make differences in the values of feature vectors
between scam and benign token. Our results show the effectiveness of
code-based data for detection by achieving a higher F1-score compared
to the methods of another field of fraud detection in Ethereum based
on code-based data. In addition, we also confirmed that the position of
effective code for detection is near the start position of runtime code in
our experiments.
-
Iifan Tyou,
Shigenori Ohashi,
Justin Yu,
Takayuki Miura,
Takuro Hosoi,
Kanta Matsuura.
Leveraging Timestamps to Create Secure and Feeless Evidence Management,
IEEE International Conference on Blockchain,
Vol.7th,
2024
-
Shinsaku Naito,
Kanta Matsuura.
Fast and Secure Consensus Protocol for Ethereum 2.0,
Proceedings of 2024 Annual Computer Security Applications Conference Workshops (Workshop Encouraging Building Better Blockchain Security,
WEB3SEC 2024),
pp.280-287,
2024
国内誌
-
松浦幹太.
ブロックチェーンと循環型社会―正の側面と負の側面をどう考えるか,
システム制御情報学会誌,
Vol.68,
No.10,
pp.392-398,
2024
国内会議
-
谷下友一,
林リウヤ,
石井龍,
松田隆宏,
松浦幹太.
暗号文の生成・更新に用いる乱数の漏洩に耐性を持つ更新可能暗号,
Updatable Encryption Resilient to Encryption/Update Randomness Leakage,
2024年 暗号と情報セキュリティシンポジウム (SCIS2024) 予稿集,
2024
-
細井琢朗,
松浦幹太.
Proof-of-Verification の実装負荷評価その1: Transaction の署名検証,
電子情報通信学会総合大会2024,
2024
-
廣澤佑亮,
松浦幹太.
Ring-LWE における NTT の並列計算の高速化手法,
2024年コンピュータセキュリティシンポジウム(CSS2024)予稿集,
pp.1377-1384,
2024
-
内藤晋作,
松浦幹太.
Ethereum 2.0における安全かつ高速なコンセンサスプロトコルの提案,
2024年コンピュータセキュリティシンポジウム(CSS2024)予稿集,
pp.1807-1814,
2024
-
張一凡,林 リウヤ,松浦 幹太.
外部トラストアンカーを必要としないPermissioned分散台帳間の相互接続,
コンピュータセキュリティシンポジウム(CSS2024)予稿集,
2024
Year 2023
国際誌(LNCSを含む)
-
Ryuya Hayashi,
Taiki Asano,
Junichiro Hayata,
Takahiro Matsuda,
Shota Yamada,
Shuichi Katsumata,
Yusuke Sakai,
Tadanori Teruya,
Jacob C.
N.
Schuldt,
Nuttapong Attrapadung,
Goichiro Hanakoka,
Kanta Matsuura,
Tsutomu Matsumoto..
Signature for Objects: Formalizing How to Authenticate Physical Data and More.,
Lecture Notes in Computer Science (The 27th International Conference on Financial Cryptography and Data Security: FC2023),
Vol.13950,
pp.182-199,
2023
[detail]
abstract
While the integrity of digital data can be ensured via digital signatures,
ensuring the integrity of physical data,
i.e., objects, is a more challenging task.
For example, constructing a digital signature on data extracted
from an object does not necessarily guarantee that an adversary
has not tampered with the object or replaced this
with a cleverly constructed counterfeit.
This paper proposes a new concept called signatures for objects
to guarantee the integrity of objects cryptographically.
We first need to consider a mechanism that allows us to mathematically
treat objects which exist in the physical world.
Thus, we define a model called an object setting in which
we define physical actions, such as a way to extract data
from objects and test whether two objects are identical.
Modeling these physical actions via oracle access enables
us to naturally enhance probabilistic polynomial-time algorithms
to algorithms having access to objects - we denote
these physically enhanced algorithms (PEAs).
Based on the above formalization, we introduce two security definitions
for adversaries modeled as PEAs.
The first is unforgeability, which is the natural extension
of EUF-CMA security, meaning that any adversary
cannot forge a signature for objects.
The second is confidentiality, which is a privacy notion,
meaning that signatures do not leak any information about signed objects.
With these definitions in hand,
we show two generic constructions: one satisfies unforgeability
by signing extracted data from objects; the other satisfies unforgeability
and confidentiality by combining a digital signature with obfuscation.
-
Junichiro Hayata,
Jacob C.
N.
Schuldt,
Goichiro Hanaoka,
Kanta Matsuura.
On Private Information Retrieval Supporting Range Queries,
International Journal of Information Security (2023),
No.,
pp. 1-19,
2023
[detail]
abstract
Private information retrieval (PIR) allows a client to retrieve data from a database
without the database server learning what data are being retrieved.
Although many PIR schemes have been proposed in the literature,
almost all of these focus on retrieval of a single database element,
and do not consider more flexible retrieval queries such as basic range queries.
Furthermore, while practically-oriented database schemes aiming at providing flexible
and privacy-preserving queries have been proposed, to the best of our knowledge,
no formal treatment of range queries has been considered for these.
In this paper, we firstly highlight that a simple extension of the standard PIR security notion
to range queries is insufficient in many usage scenarios,
and propose a stronger security notion aimed at addressing this.
We then show a simple generic construction of a PIR scheme meeting our stronger security notion,
and propose a more efficient direct construction based on function secret sharing while the former
has a round complexity logarithmic in the size of the database,
the round complexity of the latter is constant.
After that, we report on the practical performance of our direct construction.
Finally, we extend the results to the case of multi-dimensional databases
and show the construction of PIR scheme supporting multi-dimensional range queries.
The communication round complexity of our scheme is O(klogn) in worst case,
where n is the size of database and k is the number of elements retrieved by the query.
-
Kyosuke Yamashita,
Ryu Ishii,
Yusuke Sakai,
Tadanori Teruya,
Takahiro Matsuda,
Goichiro Hanaoka,
Kanta Matsuura,
Tsutomu Matsumoto.
Fault-Tolerant Aggregate Signature Schemes against Bandwidth Consumption Attack,
IEICE Transactons on Fundamentals of Electronics,
Communications and Computer Sciences,
Vol.E106-A,
No.9,
pp.1177-1188,
2023
[detail]
abstract
A fault-tolerant aggregate signature (FT-AS) scheme is
a variant of an aggregate signature scheme with the additional functionality
to trace signers that create invalid signatures in case an aggregate signature is invalid.
Several FT-AS schemes have been proposed so far,
and some of them trace such rogue signers in multi-rounds,
i.e., the setting where the signers repeatedly send their individual signatures.
However, it has been overlooked that there exists a potential attack on the efficiency
of bandwidth consumption in a multi-round FT-AS scheme.
Since one of the merits of aggregate signature schemes is the efficiency of bandwidth consumption,
such an attack might be critical for multi-round FT-AS schemes.
In this paper, we propose a new multi-round FT-AS scheme that is tolerant of such an attack.
We implement our scheme and experimentally show that it is more efficient
than the existing multi-round FT-AS scheme if rogue signers randomly create invalid signatures
with low probability, which for example captures spontaneous failures of devices in IoT systems.
国際会議
-
Taichi Igarashi,
Kanta Matsuura.
A Refined Classification of Malicious Smart Contract,
Financial Cryptography and Data Security 2023 (FC23),
2023
[detail]
abstract
With the rapid growth of blockchain, smart contract,
which is the computer program executed on blockchain systems,
has played an important role especially in the trade of cryptcurrency.
However, smart contracts are utilized to commit some crimes or attacks
because they often hold a large amount of cryptcurrency.
Thus, to enhance the security of smart contract is an urgent need.
There exists three types of crimes regarding smart contract, namely,
attack using vulnerabilities,
trade between criminals, and fraud.
Some researchers reported that many smart contracts have vulnerabilities,
and attackers exploit them to steal cryptcurrency or attack system itself
like DoS attack.
Another type of crime is to trade criminal information for rewards
between criminals using smart contracts.
Especially in recent years, fraud acts including phishing have become
a big problem on blockchain, and smart contracts are utilized to support them.
These crimes have occured due to the presense of Malicious Smart Contract
(MSC).
Thus, the systems which detect MSC are needed to prevent these crimes.
Though MSC is a smart contract which shows malicious activities,
there does not exist a clear definition.
As a result, the word "malicious" is used in different ways among researchers.
In this situation, it is difficult to detect whole MSCs.
This is because different types of MSC have different malicious activities,
meaning that detection systems corresponded to each type of MSC are needed.
Therefore, the classification of MSC is required.
Some researchers classify MSC into
two types: Vulnerable Smart Contract (VSC) related to vulnerability
and Criminal Smart Contract (CSC) related to trade between criminals.
In this classification model, however,
there does not exist a type of MSC corresponded to fraud activities.
To overcome this problem,
we propose a new standpoint that MSC should be classified into VSC,
CSC and Fraudulent Smart Contract (FSC),
which supports frauds. By introducing this standpoint,
to detect whole MSCs will be realized by constructing detection systems
of each MSC simultaneously.
While there exists a lot of works of detecting VSC and a few CSC works
have also proposed, a field of FSC detection has not developed.
Some researchers proposed detection systems of malicious accounts.
In this field, "malicious" means fraud activities.
Thus, we consider that these kinds of works are similar to detection
of FSC and can be applied.
These studies mainly use machine learning to detect malicious accounts.
However, their models only consider graph-based features constructed
from external transaction and address data,
and not focus on other features.
Therefore, as a future work,
considering internal transaction and smart contract code-based feature
like opcode is worth working.
-
Taichi Igarashi,
Hiroya Kato,
Iwao Sasase,
Kanta Matsuura.
A Realtime IoT Malware Classification System Based on Pending Samples,
2023 IEEE International Conference on Communications (ICC): Communication and Information System Security Symposium (ICC 2023),
pp.4380-4385,
2023
[detail]
abstract
With the rapid growth of Internet of Things (IoT) devices,
a lot of IoT malware has been created,
and the security against IoT malware,
especially the family classification, has become a more important issue.
There exist three requirements which classification systems
must achieve: detection of new families,
precise classification for sequential inputs,
and being independent of computer architectures.
However, existing methods do not satisfy them simultaneously.
In this paper, we propose a realtime IoT malware classification system
based on pending samples.
In order to detect new families and to classify sequential inputs precisely,
we introduce the concept of "pending samples".
This concept is useful when heterogeneous inputs which are difficult
to classify instantly come into the system.
This is because the system can postpone classifying them until
similar samples come.
Once similar samples are gathered, we regard these samples
as a new cluster, meaning that detecting new families is achieved.
Moreover, we use printable strings to satisfy the requirement
of being independent of architectures
because strings are common among different architectures.
Our results show the ability to detect new families demonstrated
by finding new clusters after applying our algorithm to
the initial clusters.
Furthermore, our new clustering algorithms achieves a 0.130 higher
V-measure compared to the k-means algorithm,
which is the representative clustering algorithm.
国内研究会
-
大橋盛徳,
張一凡,
細井琢朗,
松浦幹太.
DAGベース分散タイムスタンプ手法の検討,
第194回マルチメディア通信と分散処理・第100回コンピュータセキュリティ合同研究発表会,
pp.online,
2023
国内会議
-
島田要,
松浦幹太.
Tor Hidden Serviceに対するTraffic Confirmation攻撃のためのオーバーレイ通信システム,
An Overlay Communication System for Traffic Confirmation Attack Against Tor Hidden Services,
2023年暗号と情報セキュリティシンポジウム (SCIS2023) 予稿集,
2023
-
五十嵐太一、松浦幹太.
スマートコントラクトにおけるセキュリティに関する調査,
2023年暗号と情報セキュリティシンポジウム
(SCIS2023)予稿集,
Vol.E107-A,
pp.619-633,
2023
-
林リウヤ、勝又秀一、坂井祐介、松浦幹太.
Anonymous Reputation Systemの簡潔で自然なモデルとその効率的な一般的構成法,
2023年暗号と情報セキュリティシンポジウム
(SCIS2023)予稿集,
2023
-
五十嵐太一,
松浦幹太.
バイト列に着目した詐欺トークンコントラクトの検知,
2023年コンピュータセキュリティシンポジウム(CSS2023)予稿集,
pp.735-742,
2023
-
谷下友一,
林リウヤ,
松田隆宏,
松浦幹太.
更新可能暗号と公開鍵系の暗号要素技術の関係について,
On the Implication from Updatable Encryption to Public-Key Cryptographic Primitives,
2023年コンピュータセキュリティシンポジウム(CSS2023)予稿集,
pp.447-454,
2023
Year 2022
国際誌(LNCSを含む)
-
Kittiphop Phalakarn,
Nuttapong Attrapadung,
Kanta Matsuura.
Efficient Oblivious Evaluation Protocol
and Conditional Disclosure of Secrets
for DFA,
Lecture Notes in Computer Science (Applied Cryptography and Network Security - ACNS 2022 - 20th International Conference on Applied Cryptography and Network Security),
Vol.13269,
No.,
pp.605-625,
2022
[detail]
abstract
In oblivious finite automata evaluation, one party holds a private automaton,
and the other party holds a private string of characters. The objective is
to let the parties know whether the string is accepted by the automaton or not,
while keeping their inputs secret. The applications include DNA searching,
pattern matching, and more. Most of the previous works are based on asymmetric
cryptographic primitives, such as homomorphic encryption and oblivious transfer.
These primitives are significantly slower than symmetric ones. Moreover,
some protocols also require several rounds of interaction. As our main contribution,
we propose an oblivious finite automata evaluation protocol via conditional disclosure
of secrets (CDS), using one (potentially malicious) outsourcing server.
This results in a constant-round protocol, and no heavy asymmetric-key primitives
are needed. Our protocol is based on a building block called "an oblivious CDS scheme
for deterministic finite automata" which we also propose in this paper. In addition,
we propose a standard CDS scheme for deterministic finite automata as an independent interest.
-
Takeshi Miyamae,
Kanta Matsuura.
Coin Transfer Unlinkability Under
the Counterparty Adversary Model,
Ledger,
Vol.7,
pp.17-34,
2022
[detail]
abstract
Unlinkability is a crucial property of cryptocurrencies that protects users from deanonymization attacks.
However, currently, even anonymous cryptocurrencies do not necessarily attain unlinkability under specific
conditions. For example, Mimblewimble, which is considered to attain coin unlinkability using its
transaction kernel offset technique, is vulnerable under the assumption that privacy adversaries can
send their coins to or receive coins from the challengers. This paper first illustrates the privacy
issue in Mimblewimble that could allow two colluded adversaries to merge a person's two independent
chunks of personally identifiable information (PII) into a single PII. To analyze the privacy issue,
we formulate unlinkability between two sets of objects and a privacy adversary model in cryptocurrencies
called the counterparty adversary model. On these theoretical bases, we define an abstract model of
blockchain-based cryptocurrency transaction protocols called the coin transfer system, and unlinkability
over it called coin transfer unlinkability (CT-unlinkability). Furthermore, we introduce zero-knowledgeness
for the coin transfer systems to propose a method to easily prove the CT-unlinkability of cryptocurrency
transaction protocols. Finally, we prove that Zerocash is CT-unlinkable by using our proving method to demonstrate its effectiveness.
-
Ryu Ishii,
Kyosuke Yamashita,
Zihao Song,
Yusuke Sakai,
Tadanori Teruya,
Goichiro Hanaoka,
Kanta Matsuura,
and Tsutomu Matsumoto.
Constraints and Evaluations on Signature Transmission Interval for Aggregate Signatures with Interactive Tracing Functionality,
Lecture Notes in Computer Science (Attacks and Defenses for the Internet-of-Things 5th International Workshop,
ADIoT 2022),
Vol.13745,
pp.51-71,
2022
[detail]
abstract
Fault-tolerant aggregate signature (FT-AS) is a special type of
aggregate signature that is equipped with the functionality for
tracing signers who generated invalid signatures in the case an
aggregate signature is detected as invalid. In existing FT-AS
schemes (whose tracing functionality requires multi-rounds), a
verifier needs to send a feedback to an aggregator for efficiently
tracing the invalid signer(s). However, in practice, if this feedback
is not responded to the aggregator in a sufficiently fast and timely
manner, the tracing process will fail. Therefore, it is important to
estimate whether this feedback can be responded and received in time on a real system.
In this work, we measure the total processing time required for the
feedback by implementing an existing FT-AS scheme, and evaluate
whether the scheme works without problems in real systems.
Our experimental results show that the time required for the feedback
is 605.3 ms for a typical parameter setting, which indicates that
if the acceptable feedback time is significantly larger than a few hundred ms,
the existing FT-AS scheme would effectively work in such systems. However,
there are situations where such feedback time is not acceptable,
in which case the existing FT-AS scheme cannot be used. Therefore,
we further propose a novel FT-AS scheme that does not require any feedback.
We also implement our new scheme and show that a feedback in this scheme
is completely eliminated but the size of its aggregate signature
(affecting the communication cost from the aggregator to the verifier)
is 144.9 times larger than that of the existing FT-AS scheme (with feedbacks)
for a typical parameter setting, and thus has a trade-off between the feedback
waiting time and the communication cost from the verifier to the aggregator
with the existing FT-AS scheme.
-
Ryu Ishii,
Kyosuke Yamashita,
Yusuke Sakai,
Tadanori Teruya,
Takahiro Matsuda,
Goichiro Hanaoka,
Kanta Matsuura,
Tsutomu Matsumoto.
Aggregate Signature Schemes with Traceability of Devices Dynamically Generating Invalid Signatures,
IEICE Transactons on Information and Systems,
Vol.E105-D,
No.11,
pp.1845-1856,
2022
[detail]
abstract
Aggregate signature schemes enable us to aggregate multiple signatures
into a single short signature. One of its typical applications is sensor networks,
where a large number of users and devices measure their environments,
create signatures to ensure the integrity of the measurements,
and transmit their signed data. However, if an invalid signature is
mixed into aggregation, the aggregate signature becomes invalid,
thus if an aggregate signature is invalid, it is necessary to identify
the invalid signature. Furthermore, we need to deal with a situation
where an invalid sensor generates invalid signatures probabilistically.
In this paper, we introduce a model of aggregate signature schemes with
interactive tracing functionality that captures such a situation, and
define its functional and security requirements and propose aggregate
signature schemes that can identify all rogue sensors. More concretely,
based on the idea of Dynamic Traitor Tracing, we can trace rogue sensors
dynamically and incrementally, and eventually identify all rogue sensors
of generating invalid signatures even if the rogue sensors adaptively collude.
In addition, the efficiency of our proposed method is also sufficiently practical.
国際会議
-
Toshinori Usui,
Yuto Otsuki,
Yuhei Kawakoya,
Makoto Iwamura,
Kanta Matsuura.
Script Tainting Was Doomed From The Start (By Type Conversion): Converting Script Engines into Dynamic Taint Analysis Frameworks,
Proceedings of the 25th International Symposium on Research in Attacks,
Intrusions and Defenses (RAID 2022),
pp.380-394,
2022
[detail]
abstract
Data flow analysis is an essential technique for understanding the complicated behavior of malicious scripts.
For tracking the data flow in scripts, dynamic taint analysis has been widely adopted by existing studies.
However, the existing taint analysis techniques have a problem that each script engine needs to be separately
designed and implemented. Given the diversity of script languages that attackers can choose for their malicious
scripts, it is unrealistic to prepare taint analysis tools for the various script languages and engines.
In this paper, we propose an approach that automatically builds a taint analysis framework for scripts on top
of the framework designed for native binaries. We first conducted experiments to reveal that the semantic gaps
in data types between binaries and scripts disturb our approach by causing under-tainting. To address this problem,
our approach detects such gaps and bridges them by generating force propagation rules, which can eliminate the
under-tainting. We implemented a prototype system with our approach called STAGER T. We built taint analysis
frameworks for Python and VBScript with STAGER T and found that they could effectively analyze the data flow
of real-world malicious scripts.
国内誌
-
宮前 剛,
松浦 幹太.
ゼロ知識性の概念を応用したブロックチェーン匿名通貨のプライバシー解析,
日本セキュリティ・マネジメント学会(JSSM) 第35回全国大会,
2022
国内会議
-
久野朔、松浦幹太.
深層強化学習によるWebアプリケーションのペネトレーションテストの自動化に向けて,
2022年暗号と情報セキュリティシンポジウム
(SCIS2022)予稿集,
2022
-
石井龍,
山下恭佑,
宋子豪,
照屋唯紀,
坂井祐介,
花岡悟一郎,
松浦幹太,
松本勉.
対話的追跡機能付き集約署名における署名送信間隔に関する制約と評価,
2022年暗号と情報セキュリティシンポジウム
(SCIS2022)予稿集,
2022
-
山下恭佑,
石井龍,
照屋唯紀,
坂井祐介,
花岡悟一郎,
松浦幹太,
松本勉.
追跡可能集約署名に対する潜在的な攻撃とその対処法に関する考察,
2022年暗号と情報セキュリティシンポジウム
(SCIS2022)予稿集,
2022
-
林リウヤ,
浅野泰輝,
林田淳一郎,
松田隆宏,
山田翔太,
勝又秀一,
坂井祐介,
照屋唯紀,
シュルツヤコブ,
アッタラパドゥンナッタポン,
花岡悟一郎,
松浦幹太,
松本勉.
モノの秘匿性を考慮した「モノの電子署名」.
"Signature ofr Objects" with Object Privacy,
2022年暗号と情報セキュリティシンポジウム (SCIS2022) 予稿集,
2022
-
浅野泰輝,
林リウヤ,
林田淳一郎,
松田隆宏,
山田翔太,
勝又秀一,
坂井祐介,
照屋唯紀,
シュルツヤコブ,
アッタラパドゥンナッタポン,
花岡悟一郎,
松浦幹太,
松本勉.
「モノの電子署名」の複数物体への拡張,
Extension of "Signature for Objects" to Multiple Objects,
2022年暗号と情報セキュリティシンポジウム (SCIS2022) 予稿集,
2022
-
碓井 利宣,
大月 勇人,
川古谷 裕平,
岩村 誠,
松浦 幹太.
スクリプト実行環境に対する動的バイトコード計装機能の自動付与手法,
2022年コンピュータセキュリティシンポジウム(CSS2022)予稿集,
Vol.E106-A,
No.9,
pp.1055-1062,
2022
Year 2021
国際誌(LNCSを含む)
-
Junichiro Hayata,
Fuyuki Kitagawa,
Yusuke Sakai,
Goichiro Hanaoka,
Kanta Matsuura.
Equivalence between Non-Malleability against Replayable CCA and Other RCCA-Security Notions,
IEICE Transactions on Fundamentals of Electronics,
Communications and Computer Sciences,
Vol.E104-A,
No.1,
pp.89-103,
2021
[detail]
abstract
Replayable chosen ciphertext (RCCA) security was introduced by Canetti,
Krawczyk, and Nielsen (CRYPTO'03) in order to handle an encryption scheme
that is "non-malleable except tampering which pre- serves the plaintext."
RCCA security is a relaxation of CCA security and a useful security notion
for many practical applications such as authentication and key exchange.
Canetti et al. defined non-malleability against RCCA (NM-RCCA),
indistinguishability against RCCA (IND-RCCA), and universal composability
against RCCA (UC-RCCA). Moreover, they proved that these three security
notions are equivalent when considering a PKE scheme whose plaintext space
is super-polynomially large. Among these three security notions, NM-RCCA
seems to play the central role since RCCA security was introduced in order
to capture "non-malleability except tampering which preserves the plaintext."
However, their definition of NM-RCCA is not a natural extension of that of
original non-malleability, and it is not clear whether their NM-RCCA captures
the requirement of original non- malleability. In this paper, we propose
definitions of indistinguishability- based and simulation-based non-malleability
against RCCA by extending definitions of original non-malleability. We then
prove that these two notions of non-malleability and IND-RCCA are equivalent
regardless of the size of plaintext space of PKE schemes.
-
Toshinori Usui,
Yuto Otsuki,
Tomonori Ikuse,
Yuhei Kawakoya,
Makoto Iwamura,
Jun Miyoshi,
Kanta Matsuura.
Automatic Reverse Engineering of Script Engine Binaries for Building Script API Tracers,
Digital Threats: Research and Practice,
Vol.2,
No.1,
pp.1-31,
2021
[detail]
abstract
Script languages are designed to be easy-to-use and require low learning costs.
These features provide attackers options to choose a script language for developing
their malicious scripts. This diversity of choice in the attacker side unexpectedly
imposes a significant cost on the preparation for analysis tools in the defense side.
That is, we have to prepare for multiple script languages to analyze malicious scripts
written in them. We call this unbalanced cost for script languages asymmetry problem.
To solve this problem, we propose a method for automatically detecting the hook and
tap points in a script engine binary that is essential for building a script Application
Programming Interface (API) tracer. Our method allows us to reduce the cost of reverse
engineering of a script engine binary, which is the largest portion of the development
of a script API tracer, and build a script API tracer for a script language with minimum
manual intervention. This advantage results in solving the asymmetry problem.
The experimental results showed that our method generated the script API tracers for
the three script languages popular among attackers (Visual Basic for Applications (VBA),
Microsoft Visual Basic Scripting Edition (VBScript), and PowerShell). The results also
demonstrated that these script API tracers successfully analyzed real-world malicious scripts.
-
Ryu Ishii,
Kyosuke Yamashita,
Yusuke Sakai,
Takahiro Matsuda,
Tadanori Teruya,
Goichiro Hanaoka,
Kanta Matsuura,
and Tsutomu Matsumoto.
Aggregate Signature with Traceability of Devices Dynamically Generating Invalid Signatures,
Lecture Notes in Computer Science (2nd ACNS Workshop on Secure Cryptographic Implementation: 2nd ACNS SCI Workshop),
Vol.12809,
pp.378-396,
2021
[detail]
abstract
Aggregate signature schemes enable us to aggregate multiple signatures into a single short signature.
One of its typical applications is sensor networks, where a large number of users and devices measure their environments,
create signatures to ensure the integrity of the measurements, and transmit their signed data.
However, if an invalid signature is mixed into aggregation, the aggregate signature becomes invalid,
thus if an aggregate signature is invalid, it is necessary to identify the invalid signature.
Furthermore, we need to deal with a situation where an invalid sensor generates invalid signatures probabilistically.
In this paper, we introduce a model of aggregate signature schemes with interactive tracing functionality that captures such a situation,
and define its functional and security requirements and propose aggregate signature schemes that can identify all rogue sensors.
More concretely, based on the idea of Dynamic Traitor Tracing, we can trace rogue sensors dynamically and incrementally,
and eventually identify all rogue sensors of generating invalid signatures even if the rogue sensors adaptively collude.
In addition, the efficiency of our proposed method is also sufficiently practical.
-
Kittiphop Phalakarn,
Vorapong Suppakitpaisarn,
Nuttapong Attrapadung,
Kanta Matsuura.
Evolving Homomorphic Secret Sharing for Hierarchical Access Structures,
Lecture Notes in Computer Science (Advances in Information and Computer Security - IWSEC 2021 - 16th International Workshop on Security),
Vol.12835,
pp.77-96,
2021
[detail]
abstract
Secret sharing is a cryptographic primitive that divides a
secret into several shares, and allows only some combinations of shares
to recover the secret. As it can also be used in secure multi-party computation
protocol with outsourcing servers, several variations of secret sharing
are devised for this purpose. Most of the existing protocols require
the number of computing servers to be determined in advance. However,
in some situations we may want the system to be "evolving". We may
want to increase the number of servers and strengthen the security guarantee
later in order to improve availability and security of the system.
Although evolving secret sharing schemes are available, they do not support
computing on shares. On the other hand, "homomorphic" secret
sharing allows computing on shares with small communication, but they
are not evolving. As the contribution of our work, we give the definition of
"evolving homomorphic" secret sharing supporting both properties. We
propose two schemes, one with hierarchical access structure supporting
multiplication, and the other with partially hierarchical access structure
supporting computation of low degree polynomials. Comparing to the
work with similar functionality of Choudhuri et al. (IACR ePrint 2020),
our schemes have smaller communication costs.
国際会議
-
Daisuke Sumita,
Kanta Matsuura.
Identifying Crypto API Usages in Android Apps using a Static Analysis Framework,
First DFRWS APAC Conference (poster presentation),
2021
[detail]
abstract
Forensic analysis of mobile devices is essential work for digital forensic investigators.
While there are various data stored in smartphones, some of the data is encrypted by applications.
Data encryption is one of the major issues of digital forensics, preventing investigators from analyzing the data quickly.
In this work, we develop a tool to automatically analyze crypto API usages in Android apps.
There are many Android apps which encrypt their data in smartphones using standard crypto APIs.
In such cases, we can identify the cryptographic algorithms and parameters via application analysis,
which helps us to analyze encrypted data. Most existing studies focus on single app, and rely on manual analysis,
which requires a certain amount of skill and knowledge about reverse engineering. For this reason,
we develop our tool which can analyze apps automatically, therefore we can easily identify crypto API usages in new apps.
For developing analysis tool, we select and categorize typical 41 Android APIs which is used
for derivation of crypto APIs parameters. Then we build our tool which can identify what API is used for crypto APIs parameters.
We conduct experimental tests analyzing 139 real-world apps using our tool. As a result,
we found 378 crypto API calls for the data decryption and identify 212 parameters of the API calls.
-
Hajime Kuno,
Kanta Matsuura.
Towards Automation of Penetration Testing for Web Applications by Deep Reinforcement Learning,
Proceedings of the 37th Annual Computer Security Applications Conference (ACSAC '21),
2021
[detail]
abstract
Penetration testing (PT) that assesses vulnerabilities by considering and executing all possible attacks
is important in security engineering but very expensive due to the need of experienced professionals.
As a countermeasure, there are attempts to partially automate and improve the efficiency of PT.
Their common feature is the use of existing PT tools (e.g. Metasploit) and machine learning (ML).
Such approaches do not embed ML in PT tools, and would not improve the tools themselves.
In this work, we use deep reinforcement learning to automate search and exploit executions for various vulnerabilities
existing in Web applications so that a wide variety of PT tools can be integrated in an effective manner with such embedded ML.
This poster will show two preliminary experiments in this direction.
国内会議
-
Junichiro Hayata,
Jacob C.
N.
Schuldt,
Goichiro Hanaoka,
Kanta Matsuura.
On Private Information Retrieval Supporting Multi-dimensional Range Queries,
2021年暗号と情報セキュリティシンポジウム(SCIS2021)予稿集,
2021
[detail]
abstract
Private information retrieval (PIR) allows a client to retrieve data from
a database without the database server learning what data is being retrieved.
Most of the existing PIR schemes consider searching simple one-dimensional
databases and the supported query types are often limited to index queries
only, which retrieve a single element from the databases. However, most
real-world applications require more complex databases and query types.
In this paper, we build upon the notion of query indistinguishability by
Hayata et al. (ESORICS2020), and formalize query indistinguishability for
multi-dimensional range queries. We then give a construction of a secure
multi-server scheme based on function secret sharing. This is the first
instantiation of a PIR scheme supporting multi-dimensional range queries
while being capable of hiding the type of query being made and, in the case
of multi-dimensional range queries, the number of elements retrieved in each
query, when considering a stream of queries.
-
石井 龍,
照屋 唯紀,
坂井 祐介,
松田 隆宏,
花岡 悟一郎,
松浦 幹太,
松本 勉.
動的に不正署名を生成するデバイスを追跡可能な集約署名,
2021年暗号と情報セキュリティシンポジウム(SCIS2021)予稿集,
2021
-
林リウヤ,
浅野泰輝,
林田淳一郎,
松田隆宏,
山田翔太,
勝又秀一,
坂井祐介,
照屋唯紀,
シュルツヤコブ,
アッタラパドゥンナッタポン,
花岡悟一郎,
松浦幹太,
松本勉.
モノの電子署名:物体に署名するための一検討,
Signature for Objects: Formalization,
Security Definition,
and Provably Secure Constructions,
2021年コンピュータセキュリティシンポジウム(CSS2021)予稿集,
pp.740-747,
2021
-
碓井利宣,
幾世知範,
川古谷裕平,
岩村誠,
松浦幹太.
スクリプト実行環境に対する実行遅延・実行停止を回避する機能の自動付与手法,
Automatically Appending Execution Stall/Stop Prevention to Vanilla Script Engines,
2021年コンピュータセキュリティシンポジウム (CSS2021) 予稿集,
pp.794-801,
2021
Year 2020
国際誌(LNCSを含む)
-
Junichiro Hayata,
Masahito Ishizaka,
Yusuke Sakai,
Goichiro Hanaoka,
Kanta Matsuura.
Generic Construction of Adaptively Secure Anonymous Key-Policy Attribute-Based Encryption from Public-Key Searchable Encryption,
IEICE TRANSACTIONS on Fundamentals of Electronics,
Communications and Computer Sciences,
Vol.E103-A,
No.1,
pp.107-113,
2020
[detail]
abstract
Public-key encryption with keyword search (PEKS) is a cryptographic primitive that allows us to search for particular keywords over ciphertexts without recovering plaintexts.
By using PEKS in cloud services, users can outsource their data in encrypted form without sacrificing search functionality.
Concerning PEKS that can specify logical disjunctions and logical conjunctions as a search condition, it is known that such PEKS can be (generically) constructed from anonymous attribute-based encryption (ABE).
However, it is not clear whether it is possible to construct this types of PEKS without using ABE which may require large computational/communication costs and strong mathematical assumptions.
In this paper, we show that ABE is crucial for constructing PEKS with the above functionality.
More specifically, we give a generic construction of anonymous key-policy ABE from PEKS whose search condition is specified by logical disjunctions and logical conjunctions.
Our result implies such PEKS always requires large computational/communication costs and strong mathematical assumptions corresponding to those of ABE.
-
Takahiro Nagamine,
Kanta Matsuura.
A New Protocol for Fair Addition of a Transaction Fee When Closing a Payment Channel Uncooperatively,
24th International Conference on Financial Cryptography and Data Security (FC'20),
Poster presentation,
2020
[detail]
abstract
A technique called transaction replacement using timelocks is used in payment
channels for Bitcoin. When closing a payment channel uncooperatively, the latest
time-locked transaction is broadcasted to the Bitcoin network. However, if the
Bitcoin network is crowded, the latest one with a lower fee might not be added
to a block preferentially, and hence the transaction replacement might fail.
This problem can be solved by adding a fee to the latest one (e.g. using
SIGHASH_ANYONECANPAY). However, it is difficult to divide the additional fee
cooperatively because this scenario happens in the uncooperative case.
We propose a protocol that allows the transaction fee added by a single party
to be divided equally between two parties. In this protocol, each party deposits
funds for the additional fee to the payment channel in advance. A party can add
the transaction fee alone by creating a child transaction referring to the funds
(Child Pays for Parent). Then, the remains of the funds are returned to each
party on two outputs of the child transaction. Regarding these two outputs, one
party decides the values of outputs, and the other has a right to choose either
output. As a result, a party who decides the values is motivated to specify the same value.
-
Yuya Senzaki,
Satsuya Ohata,
Kanta Matsuura.
Simple Black-box Adversarial Examples Generation with Very Few Queries,
IEICE Transactions on Information and Systems,
Vol.E103-D,
No.2,
pp.212-221,
2020
[detail]
abstract
Research on adversarial examples for machine learning has received much
attention in recent years. Most of previous approaches are white-box attacks;
this means the attacker needs to obtain before-hand internal parameters of a
target classifier to generate adversarial examples for it. This condition is
hard to satisfy in practice. There is also research on black-box attacks, in
which the attacker can only obtain partial information about target classifiers;
however, it seems we can prevent these attacks, since they need to issue many
suspicious queries to the target classifier. In this paper, we show that a naive
defense strategy based on surveillance of number query will not suffice. More
concretely, we propose to generate not pixel-wise but block-wise adversarial
perturbations to reduce the num ber of queries. Our experiments show that such
rough perturbations can confuse the target classifier. We succeed in reducing
the number of queries to generate adversarial examples in most cases. Our simple
method is an untargeted attack and may have low success rates compared to previous
results of other black-box attacks, but needs in average fewer queries.
Surprisingly, the minimum number of queries (one and three in MNIST and CIFAR-10
dataset, respectively) is enough to generate adversarial examples in some cases.
Moreover, based on these results, we propose a detailed classification for
black-box attackers and discuss countermeasures against the above attacks.
-
Toshinori Usui,
Tomonori Ikuse,
Yuto Otsuki,
Yuhei Kawakoya,
Makoto Iwamura,
Jun Miyoshi,
Kanta Matsuura.
ROPminer: Learning-based Static Detection of ROP Chain Considering Linkability of ROP Gadgets,
IEICE Transactions on Information and Systems,
Vol.E103-D,
No.7,
pp.1-17,
2020
[detail]
abstract
Return-oriented programming (ROP) has been crucial for attackers to evade
the security mechanisms of recent operating systems. Although existing ROP
detection approaches mainly focus on host-based intrusion detection systems
(HIDSes), network-based intrusion detection systems (NIDSes) are also
desired to protect various hosts including IoT devices on the network.
However, existing approaches are not enough for network-level protection
due to two problems: (1) Dynamic approaches take the time with second- or
minute-order on average for inspection. For applying to NIDSes,
millisecond-order is required to achieve near real time detection.
(2) Static approaches generates false positives because they use heuristic
patterns. For applying to NIDSes, false positives should be minimized to
suppress false alarms. In this paper, we propose a method for statically
detecting ROP chains in malicious data by learning the target libraries
(i.e., the libraries that are used for ROP gadgets). Our method accelerates
its inspection by exhaustively collecting feasible ROP gadgets in the target
libraries and learning them separated from the inspection step. In addition,
we reduce false positives inevitable for existing static inspection by
statically verifying whether a suspicious byte sequence can link properly
when they are executed as a ROP chain. Experimental results showed that our
method has achieved millisecond-order ROP chain detection with high precision.
-
Junichiro Hayata,
Jacob C.
N.
Schuldt,
Goichiro Hanaoka,
Kanta Matsuura.
On Private Information Retrieval Supporting Range Queries,
Lecture Notes in Computer Science (Computer Security - ESORICS 2020 - 25th European Symposium on Research in Computer Security,
Proceedings,
Part II),
Vol.12309,
pp.674-694,
2020
[detail]
abstract
Private information retrieval (PIR) allows a client to retrieve data from a
database without the database server learning what data is being retrieved.
Although many PIR schemes have been proposed in the literature, almost all of
these focus on retrieval of a single database element, and do not consider more
flexible retrieval queries such as basic range queries. Furthermore, while
practically-oriented database schemes aiming at providing flexible and
privacy-preserving queries have been proposed, to the best of our knowledge,
no formal treatment of range queries has been considered for these.
In this paper, we firstly highlight that a simple extension of the standard PIR
security notion to range queries, is insufficient in many usage scenarios, and
propose a stronger security notion aimed at addressing this.
We then show a simple generic construction of a PIR scheme meeting our stronger
security notion, and propose a more efficient direct construction based on
function secret sharing - while the former has a round complexity logarithmic
in the size of the database, the round complexity of the latter is constant.
Finally, we report on the practical performance of our direct construction.
-
Kittiphop Phalakarn,
Vorapong Suppakitpaisarn,
Nuttapong Attrapadung,
Kanta Matsuura.
Constructive t-secure Homomorphic Secret Sharing for Low Degree Polynomials,
Lecture Notes in Computer Science (Progress in Cryptology - INDOCRYPT 2020 - 21st International Conference on Cryptology in India),
Vol.12578,
pp.763-785,
2020
[detail]
abstract
This paper proposes t-secure homomorphic secret sharing
schemes for low degree polynomials. Homomorphic secret sharing is a
cryptographic technique to outsource the computation to a set of servers
while restricting some subsets of servers from learning the secret inputs.
Prior to our work, at Asiacrypt 2018, Lai, Malavolta, and Schroder proposed
a 1-secure scheme for computing polynomial functions. They also
alluded to t-secure schemes without giving explicit constructions; constructing
such schemes would require solving set cover problems, which
are generally NP-hard. Moreover, the resulting implicit schemes would
require a large number of servers. In this paper, we provide a constructive
solution for threshold-t structures by combining homomorphic encryption
with the classic secret sharing scheme for general access structure
by Ito, Saito, and Nishizeki. Our scheme also quantitatively improves the
number of required servers from O(t^2) to O(t), compared to the implicit
scheme of Lai et al. We also suggest several ideas for future research
directions.
国内会議
-
林田淳一郎,
Jacob C.
N.
Schuldt,
花岡悟一郎,
松浦幹太.
A Private Information Retrieval Scheme Supporting Range Queries,
2020年暗号と情報セキュリティシンポジウム(SCIS2020)予稿集,
2020
[detail]
abstract
Private information retrieval (PIR) allows a client to retrieve data from a database
without the database server learning what data is being retrieved.
Although many PIR schemes have been proposed in the literature, almost all of these
focus on retrieval of a single database element, and do not consider more exible
retrieval queries such as basic range queries.
In addition to this, to the best of our knowledge, all PIR schemes that do support
range queries, are not formally shown secure.
In this paper, we formalize a security model for PIR schemes that support range
queries and construct a secure multi-server scheme based on function secret sharing.
-
宮前剛,松浦幹太.
ブロックチェーンを応用した暗号資産の匿名性に関する一考察,
2020年暗号と情報セキュリティシンポジウム(SCIS2020)予稿集,
2020
-
長嶺隆寛,松浦幹太.
非協力的なペイメントチャネル終了時の公平な手数料追加プロトコル,
2020年暗号と情報セキュリティシンポジウム(SCIS2020)予稿集,
pp.オンライン,
2020
-
Ke Huang,
Satsuya Ohata,
Kanta Matsuura.
An Approximate Privacy Preserving Top-k Algorithm with Reduced
Communication Rounds,
2020年暗号と情報セキュリティシンポジウム(SCIS2020)予稿集,
2020
[detail]
abstract
The top-k algorithm is to search for k smallest(largest) numbers in the given dataset.
In some situations, the dataset is distributed to two or more parties to keep the privacy of the data.
In previous research, privacy preserving algorithms are considered in low-latency networks, and the computation cost of the algorithms are more important than the communication cost in data transmission between different parties.
In high-latency networks, both time complexity and round complexity should be taken into consideration.
In this paper, we focus on privacy preserving algorithm in high-latency network such as wireless network.
We proposed a kind of approximate method for privacy preserving top-k algorithm based on secure multi-party computation.
This method has lower communication rounds than the previous methods and has better performance in high-latency networks.
-
宮里俊太郎,
松浦幹太.
内部のバイトコード実行を悪用したスマートコントラクトへの攻撃の早期検知,
2020年コンピュータセキュリティシンポジウム (CSS2020) 予稿集,
pp.478-485,
2020
-
角田大輔, 松浦幹太.
Androidアプリケーションにおける静的解析を使用した暗号化API利用の特定,
Identifying Crypto API Usages in Android Apps using a Static Analysis Framework,
2020年コンピュータセキュリティシンポジウム (CSS2020) 予稿集,
pp.80-87,
2020
-
碓井利宣,
幾世知範,
川古谷裕平,
岩村誠,
三好潤,
松浦幹太.
『スクリプト実行環境に対するテイント解析機能の自動付与手法』,
2020年コンピュータセキュリティシンポジウム (CSS2020) 予稿集,
pp.932-939,
2020
Year 2019
著書等
-
松浦幹太.
情報セキュリティ基礎講義,
電子通信情報系コアテキストシリーズ C-2,
2019
国際誌(LNCSを含む)
-
Kensuke Tamura,
Kanta Matsuura.
Improvement of Anomaly Detection Performance using Packet Flow Regularity in Industrial Control Networks,
IEICE Transactions on Fundamentals of Electronics,
Communications and Computer Sciences,
Vol.E102-A,
No.1,
pp.65-73,
2019
[detail]
abstract
Since cyber attacks such as cyberterrorism against Industrial
Control Systems (ICSs) and cyber espionage against companies managing
them have increased, the techniques to detect anomalies in early
stages are required. To achieve the purpose, several studies have developed
anomaly detection methods for ICSs. In particular, some techniques
using packet flow regularity in industrial control networks have achieved
high-accuracy detection of attacks disrupting the regularity, i.e. normal
behavior, of ICSs. However, these methods cannot identify scanning attacks
employed in cyber espionage because the probing packets assimilate
into a number of normal ones. For example, the malware called Havex is
customized to clandestinely acquire information from targeting ICSs using
general request packets. The techniques to detect such scanning attacks
using widespread packets await further investigation. Therefore, the goal of
this study was to examine high performance methods to identify anomalies
even if elaborate packets to avoid alert systems were employed for attacks
against industrial control networks. In this paper, a novel detection model
for anomalous packets concealing behind normal traffic in industrial control
networks was proposed. For the proposal of the sophisticated detection
method, we took particular note of packet flow regularity and employed the
Markov-chain model to detect anomalies. Moreover, we regarded not only
original packets but similar ones to them as normal packets to reduce false
alerts because it was indicated that an anomaly detection model using the
Markov-chain suffers from the ample false positives affected by a number
of normal, irregular packets, namely noise. To calculate the similarity between
packets based on the packet flow regularity, a vector representation
tool called word2vec was employed. Whilst word2vec is utilized for the
calculation of word similarity in natural language processing tasks, we applied
the technique to packets in ICSs to calculate packet similarity. As a
result, the Markov-chain with word2vec model identified scanning packets
assimilating into normal packets in higher performance than the conventional
Markov-chain model. In conclusion, employing both packet flow
regularity and packet similarity in industrial control networks contributes
to improving the performance of anomaly detection in ICSs.
-
Kanta Matsuura.
Token Model and Interpretation Function for Blockchain-Based FinTech Applications,
IEICE Transactions on Fundamentals of Electronics,
Communications and Computer Sciences,
Vol.E102-A,
No.1,
pp.3-10,
2019
[detail]
abstract
Financial Technology (FinTech) is considered a taxonomy
that describes a wide range of ICT (information and communications technology)
associated with financial transactions and related operations. Improvement
of service quality is the main issue addressed in this taxonomy,
and there are a large number of emerging technologies including blockchain-based
cryptocurrencies and smart contracts. Due to its innovative nature
in accounting, blockchain can also be used in lots of other FinTech contexts
where token models play an important role for financial engineering.
This paper revisits some of the key concepts accumulated behind this trend,
and shows a generalized understanding of the technology using an adapted
stochastic process. With a focus on financial instruments using blockchain,
research directions toward stable applications are identified with the help
of a newly proposed stabilizer: interpretation function of token valuation.
The idea of adapted stochastic process is essential for the stabilizer, too.
-
Junichiro Hayata,
Fuyuki Kitagawa,
Yusuke Sakai,
Goichiro Hanaoka,
Kanta Matsuura.
Equivalence Between Non-malleability Against Replayable CCA and Other RCCA-Security Notions,
Lecture Notes in Computer Science (Advances in Information and Computer Security,
The 14th International Workshop on Security: IWSEC2019),
Vol.11689,
pp.253-272,
2019
[detail]
abstract
Replayable chosen ciphertext (RCCA) security was introduced by Canetti, Krawczyk,
and Nielsen (CRYPTO 03) in order to handle an encryption scheme that is "non-malleable
except tampering which preserves the plaintext". RCCA security is a relaxation of
CCA security and a useful security notion for many practical applications such as
authentication and key exchange. Canetti et al. defined non-malleability against
RCCA (NM-RCCA), indistinguishability against RCCA (IND-RCCA), and universal
composability against RCCA (UC-RCCA). Moreover, they proved that these three security
notions are equivalent when considering a PKE scheme whose plaintext space is
super-polynomially large. Among these three security notions, NM-RCCA seems to play
the central role since RCCA security was introduced in order to capture
"non-malleability except tampering which preserves the plaintext." However, their
definition of NM-RCCA is not a natural extension of that of classical
non-malleability, and it is not clear whether their NM-RCCA captures the requirement
of classical non-malleability. In this paper, we propose definitions of
indistinguishability-based and simulation-based non-malleability against RCCA by
extending definitions of classical non-malleability. We then prove that these two
notions of non-malleability and IND-RCCA are equivalent regardless of the size of
plaintext space of PKE schemes.
-
Kanta Matsuura.
Security Evaluation Methods in Trust Infrastructure Based on Engineering and Economics,
Impact,
Vol.2019,
No.10,
pp.24-26,
2019
[detail]
国際会議
-
Kanta Matsuura.
Proof-of-Verification for Proof-of-Work: Miners Must Verify the Signatures on Bitcoin Transactions,
Scaling Bitcoin Workshop 2019,
2019
[detail]
-
Toshinori Usui,
Yuto Otsuki,
Yuhei Kawakoya,
Makoto Iwamura,
Jun Miyoshi,
Kanta Matsuura.
My Script Engines Know What You Did In The Dark: Converting Engines into Script API Tracers,
Proceedings of the 35th Annual Computer Security Applications Conference (ACSAC '19),
pp.466-477,
2019
[detail]
abstract
Malicious scripts have been crucial attack vectors in recent attacks such as
malware spam (malspam) and fileless malware. Since malicious scripts are generally
obfuscated, statically analyzing them is difficult due to reflections. Therefore,
dynamic analysis, which is not affected by obfuscation, is used for malicious
script analysis. However, despite its wide adoption, some problems remain unsolved.
Current designs of script analysis tools do not fulfill the following three
requirements important for malicious script analysis. (1) Universally applicable
to various script languages, (2) capable of outputting analysis logs that can
precisely recover the behavior of malicious scripts, and (3) applicable to
proprietary script engines. In this paper, we propose a method for automatically
generating script API tracer by analyzing the target script engine binaries. The
method mine the knowledge of script engine internals that are required to append
behavior analysis capability. This enables the addition of analysis functionalities
to arbitrary script engines and generation of script API tracers that can fulfill
the above requirements. Experimental results showed that we can apply this method
for building malicious script analysis tools.
国内会議
-
石坂理人,松浦幹太.
DLIN仮定下で強偽造困難性及び多項式的逆変換困難漏洩耐性を持つ電子署名,
2019年暗号と情報セキュリティシンポジウム(SCIS2019)予稿集,
USBメモリ,
2019
-
林田淳一郎,
北川冬航,
坂井祐介,
花岡悟一郎,
松浦幹太.
公開鍵暗号のReplayable CCA環境下での安全性概念間の等価性について,
Relations among Notions of Security under Replayable CCA
Environment for Public-Key Encryption,
2019年暗号と情報セキュリティシンポジウム(SCIS2019)予稿集,
2019
-
碓井利宣,
古川和祈,
大月勇人,
幾世知範,
川古谷裕平,
岩村誠,
三好潤,
松浦幹太.
スクリプト実行環境に対するマルチパス実行機能の自動付与手法,
2019年コンピュータセキュリティシンポジウム(CSS2019)予稿集,
pp.961-968,
2019
-
角田大輔, 松浦幹太.
Androidアプリケーションにおける暗号化API利用に関する静的解析手法の考察,
A Study on Analysis Methods of Crypto API Usages on Android Apps using a Static Analysis Framework,
2019年コンピュータセキュリティシンポジウム(CSS2019)予稿集,
pp.Online,
2019
-
Ke Huang,
Satsuya Ohata,
Kanta Matsuura.
Privacy-Preserving Approximate Nearest Neighbor Search: A Construction and Experimental Results,
2019年コンピュータセキュリティシンポジウム(CSS2019)予稿集,
pp.online,
2019
[detail]
abstract
Secure multi-party computation (MPC) allows a set of parties to jointly
compute a function, while keeping their inputs private. MPC has many
applications, and we focus on privacy-preserving nearest neighbor search
(NNS) in this paper. The purpose of the NNS is to find the closest vector
to a query from a given database, and NNS arises in many fields of
applications such as computer vision. Recently, some approximation methods
of NNS have been proposed for speeding up the search. In this paper, we
consider the combination between approximate NNS based on "short code"
(searching with quantization) and MPC. We implement a short code-based
privacy-preserving approximate NNS on secret sharing-based secure two-party
computation and report some experimental results. These results help us to
explore more efficient privacy-preserving approximate NNS in the future.
-
長嶺隆寛,松浦幹太.
ビットコインにおける手数料を考慮したオフチェーントランザクションの管理,
2019年コンピュータセキュリティシンポジウム(CSS2019)予稿集,
pp.オンライン,
2019
-
宮前剛,松浦幹太.
MWmessage: 追跡困難メッセージングを実現するためのMimblewimbleの拡張,
2019年コンピュータセキュリティシンポジウム(CSS2019)予稿集,
pp.WEB,
2019
Year 2018
国際誌(LNCSを含む)
-
Masahito Ishizaka,
Kanta Matsuura.
Strongly Unforgeable Signature Resilient to Polynomially Hard-to-Invert Leakage under Standard Assumptions,
Lecture Notes in Computer Science (The 21st Information Security Conference),
Vol.11060,
pp.422-441,
2018
[detail]
abstract
A signature scheme is said to be weakly unforgeable, if it is hard to forge a
signature on a message not signed before. A signature scheme is said to be
strongly unforgeable, if it is hard to forge a signature on any message. In
some applications, the weak unforgeability is not enough and the strong
unforgeability is required, e.g., the Canetti, Halevi and Katz transformation.
Leakage-resilience is a property which guarantees that even if secret information
such as the secret-key is partially leaked, the security is maintained. Some
security models with leakage-resilience have been proposed. The auxiliary (input)
leakage model, or hard-to-invert leakage model, proposed by Dodis et al. in
STOC'09 is especially meaningful one, since the leakage caused by a function
which information-theoretically reveals the secret-key, e.g., one-way permutation,
is considered. In this work, we propose a generic construction of a signature
scheme strongly unforgeable and resilient to polynomially hard-to-invert leakage
which can be instantiated under standard assumptions such as the decisional
linear assumption. We emphasize that our signature scheme is not only the first
one resilient to polynomially hard-to-invert leakage under standard assumptions,
but also the first one which is strongly unforgeable and has hard-to-invert leakage-resilience.
-
Masahito Ishizaka,
Kanta Matsuura.
Identity-Based Encryption Resilient to Auxiliary Leakage under the Decisional Linear Assumption,
Lecture Notes in Computer Science (The 17th International Conference on Cryptology and Network Security: CANS2018),
Vol.11124,
pp.417-439,
2018
[detail]
abstract
Leakage-resilience guarantees that even if some information about the secret
key is partially leaked, the security is maintained. Several security models
considering leakage-resilience have been proposed. Among them, auxiliary
leakage model proposed by Dodis et al. in STOC'09 is especially important,
since it can deal with a leakage caused by a function which information-theoretically
reveals the secret key, e.g., one-way permutation.
Contribution of this work is two-fold. Firstly, we propose an identity based
encryption (IBE) scheme and prove that it is fully secure and resilient to the
auxiliary leakage under the decisional linear assumption in the standard model.
Secondly, although the IBE scheme proposed by Yuen et al. in Eurocrypt'12 has
been considered to be the only IBE scheme resilient to auxiliary leakage, we
prove that the security proof for the IBE scheme is defective. We insist that
our IBE scheme is the only IBE scheme resilient to auxiliary leakage.
-
Satsuya Ohata,
Takahiro Matsuda,
Goichiro Hanaoka,
Kanta Matsuura.
More Constructions of Re-Splittable Threshold Public Key Encryption,
IEICE Transactions on Fundamentals of Electronics,
Communications and Computer Sciences,
Vol.E101-A,
No.9,
pp.1473-1483,
2018
[detail]
abstract
The concept of threshold public key encryption (TPKE) with the special property
called key re-splittability (re-splittable TPKE, for short) was introduced by
Hanaoka et al. (CT-RSA 2012), and used as one of the building blocks for
constructing their proxy re-encryption scheme. In a re-splittable TPKE scheme,
a secret key can be split into a set of secret key shares not only once, but
also multiple times, and the security of the TPKE scheme is guaranteed as long
as the number of corrupted secret key shares under the same splitting is smaller
than the threshold. In this paper, we show several new constructions of
re-splittable TPKE scheme by extending the previous (ordinary) TPKE schemes.
国際会議
-
Satsuya Ohata,
Takahiro Matsuda,
Kanta Matsuura.
Provably Secure Password Reset Protocol: Model,
Definition,
and Construction,
The 17th IEEE International Conference On Trust,
Security And Privacy In Computing And Communications (IEEE TrustCom-18),
pp.774-782,
2018
[detail]
abstract
Many online services adopt a password-based user authentication system because of
its usability. However, several problems have been pointed out on it, and one of
the well-known problems is that a user forgets his/her password and cannot login
the services. To solve this problem, most online services support a backup
authentication mechanism with which a user can reset a password. However, negative
facts about security have been reported for a popular backup authentication
mechanism. In this paper, we consider a provable security treatment for a password
reset protocol. First, we formalize a model and security definitions. We consider
security against active adversaries that can mount man-in-the-middle attacks and
concurrent attacks. Then we propose a generic construction of a password reset
protocol secure under our definitions based on pseudorandom functions and public
key encryption. In addition, we implement a prototype of our protocol to evaluate
its efficiency.
-
Junichiro Hayata,
Masahito Ishizaka,
Yusuke Sakai,
Goichiro Hanaoka,
Kanta Matsuura.
Generic Construction of Adaptively Secure Anonymous Key-Policy Attribute-Based Encryption from Public-Key Searchable Encryption,
Proceeding of the 2018 International Symposium on Information Theory and its Applications (ISITA2018),
pp.739-743,
2018
[detail]
abstract
Public-key encryption with keyword search (PEKS) is a cryptographic primitive
that allows us to search encrypted data for those of including particular keywords
without decrypting them. PEKS is expected to be used for enhancing security of
cloud storages. It is known that PEKS can be constructed from anonymous
identity-based encryption (IBE), anonymous attribute-based encryption (ABE) and so on.
It is believed that it is difficult to construct PEKS schemes that can specify a
flexible search condition such as logical disjunctions and logical conjunctions
from weaker cryptographic tools than ABE. However, this intuition has not been
rigorously justified. In this paper, we formally prove it by constructing key-policy
ABE from PEKS for monotone boolean formulas.
国内研究会
-
細井琢朗,
松浦幹太.
POW型ブロックチェーン安全性証明の明示的定式化,
第174回マルチメディア通信と分散処理・第80回コンピュータセキュリティ合同研究発表会,
Vol.80,
No.8,
pp.online,
2018
国内会議
-
田村研輔,
松浦幹太.
制御システムにおける通信の規則性を利用した異常検知,
2018年暗号と情報セキュリティシンポジウム(SCIS2018)予稿集,
USB,
2018
-
先崎佑弥,大畑幸矢,松浦幹太.
深層学習に対する効率的なAdversarial Examples生成によるブラックボックス攻撃とその対策,
2018年暗号と情報セキュリティシンポジウム(SCIS2018)予稿集,
USBメモリ,
2018
-
今田丈雅,
松浦幹太.
仮想通貨を用いたワンショット型の公平なストレージサービス,
2018年暗号と情報セキュリティシンポジウム(SCIS2018)予稿集,
USBメモリ,
2018
-
林田淳一郎,
石坂理人,
坂井祐介,
花岡悟一郎,
松浦幹太.
公開鍵型検索可能暗号を用いた適応的安全な匿名鍵ポリシー型属性ベース暗号の一般的構成,
Generic Construction of Adaptively Secure Anonymous Key-Policy Attribute-Based Encryption from Public-Key Searchable Encryption,
2018年暗号と情報セキュリティシンポジウム(SCIS2018)予稿集,
USBメモリ,
2018
-
Masahito Ishizaka,
Kanta Matsuura.
Identity/Attribute-Based Signature Resilient to Hard-to-Invert Leakage under Standard Assumptions,
2018年コンピュータセキュリティシンポジウム(CSS2018)予稿集,
USBメモリ,
2018
Year 2017
国内研究会
-
竹之内玲,
松浦幹太.
学習データに加えられた偽装トラフィックがTor秘匿サービスへの攻撃に与える影響について,
第22回セキュリティ心理学とトラスト研究発表会,
2017
国内会議
-
竹之内玲,
松浦幹太.
Tor秘匿サービスへの攻撃に対抗する偽装トラフィック生成,
2017年暗号と情報セキュリティシンポジウム(SCIS2017)予稿集,
USBメモリ,
2017
-
石坂理人,松浦幹太.
IDベース暗号方式(黒澤・Phong,
ACNS'13)の補助漏洩耐性の証明,
2017年暗号と情報セキュリティシンポジウム(SCIS2017)予稿集,
USBメモリ,
2017
-
先崎佑弥,
松浦幹太.
深層学習に対し意図的に誤判定を起こさせる入力の検知手法,
2017年暗号と情報セキュリティシンポジウム(SCIS2017)予稿集,
USBメモリ,
2017
-
林昌吾,松浦幹太.
スクリプト言語によるオブジェクト指向のWEBアプリケーションにおけるXSS攻撃脆弱性に対するクラスキャッシュを用いた静的解析,
2017年暗号と情報セキュリティシンポジウム(SCIS2017)予稿集,
CD-ROM,
2017
-
林昌吾,松浦幹太.
ソースコード中のXSS攻撃脆弱性に関する評価指標の提案と実装,
2017年暗号と情報セキュリティシンポジウム(SCIS2017)予稿集,
CD-ROM,
2017
-
今田丈雅,
松浦幹太.
ブロックチェーンと秘密分散法を用いた情報ライフサイクル制御,
2017年コンピュータセキュリティシンポジウム(CSS2017)予稿集,
CD-ROM,
2017
-
石坂理人,松浦幹太.
Continual Auxiliary Leakageに耐性を持つ適応的安全な述語署名,
2017年コンピュータセキュリティシンポジウム(CSS2017)予稿集,
USBメモリ,
2017
-
先崎佑弥,大畑幸矢,松浦幹太.
深層学習におけるAdversarial Trainingによる副作用とその緩和策,
2017年コンピュータセキュリティシンポジウム(CSS2017)予稿集,
CD-ROM,
2017
Year 2016
国際誌(LNCSを含む)
-
Shiori Shinoda,
Kanta Matsuura.
Empriical Investigation of Threats to Loyalty Programs by Using Models Inspired by the Gordon-Loeb Formulation of Security Investment,
Journal of Information Security (JIS),
Vol.7,
No.2,
pp.29-48,
2016
[detail]
abstract
Loyalty program (LP) is a popular marketing activity of enterprises.
As a result of firms' effort to increase customers' loyalty, point exchange
or redemption services are now available worldwide. These services attract not
only customers but also attackers. In pioneering research, which first focused
on this LP security problem, an empirical analysis based on Japanese data is
shown to see the effects of LP-point liquidity on damages caused by security
incidents. We revisit the empirical models in which the choice of variables is
inspired by the Gordon-Loeb formulation of security in-vestment: damage,
investment, vulnerability, and threat. The liquidity of LP points corresponds
to the threat in the formulation and plays an important role in the empirical
study because it particu-larly captures the feature of LP networks. However,
the actual proxy used in the former study is ar-tificial. In this paper, we
reconsider the liquidity definition based on a further observation of LP security
incidents. By using newly defined proxies corresponding to the threat as well as
other re-fined proxies, we test hypotheses to derive more implications that help
LP operators to manage partnerships; the implications are consistent with recent
changes in the LP network. Thus we can see the impacts of security investment
models include a wider range of empirical studies.
-
Miodrag J.
Mihaljevic,
Aleksandar Kavcic,
Kanta Matsuura.
An Encryption Technique for Provably Secure Transmission from a High Performance Computing Entity to a Tiny One,
Mathematical Problems in Engineering,
Vol.2016,
pp.10 pages,
2016
[detail]
abstract
An encryption/decryption approach is proposed dedicated to one-way communication
between a transmitter which is a computationally powerful party and a receiver
with limited computational capabilities. The proposed encryption technique
combines traditional stream ciphering and simulation of a binary channel which
degrades channel input by inserting random bits. A statistical model of the
proposed encryption is analyzed from the information-theoretic point of view.
In the addressed model, an attacker faces the problem implied by observing the
messages through a channel with random bits insertion. The paper points out a
number of security related implications of the considered channel. These
implications have been addressed by estimation of the mutual information between
the channel input and output and estimation of the number of candidate channel
inputs for a given channel output. It is shown that deliberate and secret key
controlled insertion of random bits into the basic ciphertext provides security
enhancement of the resulting encryption scheme.
-
Masahito Ishizaka,
Satsuya Ohata,
Kanta Matsuura.
Generic Construction of Ciphertext-Policy Attribute-Based Signcryption Secure in the Adaptive Predicate Model,
IPSI Transactions on Advanced Research,
Special issue - "Advances in Cryptology and Information Security",
Vol.12,
No.2,
pp.16-26,
2016
[detail]
abstract
Ciphertext-policy attribute-based signcryption (CP-ABSC) is a cryptographic
primitive which performs simultaneously both the functionalities of
ciphertext-policy attribute-based encryption and signature-policy attribute-based
signature. CP-ABSC guarantees both message confidentiality and authenticity and
is considered to be a useful tool for fine-grained data access control in
attribute-based environments such as a cloud service. In this paper, we provide
a generic construction of CP-ABSC which achieves ciphertext indistinguishability
under adaptively chosen ciphertext attacks in the adaptive predicate model
(AP-IND-CCA), strongly existentially unforgeability of signcryptext under adaptively
chosen message attacks in the adaptive predicate model (AP-sEUF-CMA) and perfect
privacy. Our generic construction uses as building blocks, ciphertext-policy
attribute-based key encapsulation mechanism, signature-policy attribute-based
signature and data encapsulation mechanism.
国際会議
-
Andreas Gutmann,
Karen Renaud,
Joseph Maguire,
Peter Mayer,
Melanie Volkamer,
Kanta Matsuura,
Joern Mueller-Quade.
ZeTA --- Zero-Trust Authentication: Relying on Innate Human Ability,
not Technology,
Proceedings of the 1st IEEE European Symposium on Security and Privacy,
pp.357-371,
2016
[detail]
abstract
Reliable authentication requires the devices and channels involved
in the process to be trustworthy; otherwise, authentication secrets
can easily be compromised. Given the unceasing efforts of attackers
worldwide such trustworthiness is increasingly not a given. A variety
of technical solutions, such as utilising multiple devices/channels and
verification protocols, has the potential to mitigate the threat of
untrusted communications to a certain extent. Yet such technical
solutions make two assumptions: (1) users have access to multiple
devices and (2) attackers will not resort to hacking the human, using
social engineering techniques. In this paper, we propose and explore the
potential of using human-based computation instead of solely technical
solutions to mitigate the threat of untrusted devices and channels.
ZeTA (Zero Trust Authentication on untrusted channels) has the potential
to allow people to authenticate despite compromised channels or communications
and easily observed usage. Our contributions are threefold: (1) We propose
the ZeTA protocol with a formal definition and security analysis that utilises
semantics and human-based computation to ameliorate the problem of untrusted
devices and channels. (2) We outline a security analysis to assess the
envisaged performance of the proposed authentication protocol. (3) We report
on a usability study that explores the viability of relying on human
computation in this context.
国内研究会
-
林昌吾,
松浦幹太.
オブジェクト指向のWebアプリケーションに対するXSS攻撃脆弱性の静的解析,
コンピュータ・セキュリティ研究会2016 (CSEC2016),
2016
-
松本晋一,
松浦幹太.
第一回IEEE European Symposium on Security and Privacy参加報告,
第74回コンピュータセキュリティ・第19回セキュリティ心理学とトラスト合同研究発表会,
pp.1-8,
2016
国内会議
-
田村研輔,
松浦幹太.
産業用制御システムにおけるネットワークのグラフ構造を利用した事案対処手法の提案,
2016年暗号と情報セキュリティシンポジウム(SCIS2016)予稿集,
CD-ROM,
2016
-
中田謙二郎, 松浦幹太.
匿名通信システムTorに対する指紋攻撃の判定評価の拡張,
2016年暗号と情報セキュリティシンポジウム(SCIS2016)予稿集,
USBメモリ,
2016
-
大畑幸矢,
松田隆宏,
松浦幹太.
パスワード再発行プロトコルの安全性について,
2016年暗号と情報セキュリティシンポジウム(SCIS2016)予稿集,
USBメモリ,
2016
-
石坂理人,大畑幸矢,松浦幹太.
適応的述語安全な暗号文ポリシー型属性ベースSigncryptionの一般的構成法,
2016年暗号と情報セキュリティシンポジウム(SCIS2016)予稿集,
USBメモリ,
2016
-
Miodrag J.
Mihaljevic,
Kanta Matsuura.
Lightweight Authentication Protocols Based on the LPN Problem and Random Selection,
2016年暗号と情報セキュリティシンポジウム(SCIS2016)予稿集,
USBメモリ,
2016
[detail]
abstract
Lightweight and provably secure authentication protocols are of high importance
for securing machine-to-machine communications and Internet of Things. In a number
of scenarios, an entity with very limited capabilities (a tag for example) should
perform authentication to a more powerful entity (a reader for example).
Accordingly, we discuss certain issues regarding authentication protocol with
asymmetric implementation complexity which fits into the capabilities of the
parties involved. The discussed authentication approach is based on the LPN
problem and a paradigm of random selection in order to provide desired level of
authentication security as well as implementation complexity. We discuss the
background for security evaluation of the approach in the active attacking
scenario as well as certain implications regarding the man-in-the-middle attack
evaluation scenario.
-
竹之内玲,
松浦幹太.
ダミーパケット挿入がTor秘匿サービスの匿名性に与える影響について,
2016年コンピュータセキュリティシンポジウム(CSS2016)予稿集,
CD-ROM,
2016
Year 2015
著書等
-
松浦幹太.
サイバーリスクの脅威に備える ―私たちに求められるセキュリティ三原則―,
DOJIN選書 68,
2015
国際誌(LNCSを含む)
-
Kanta Matsuura,
Takurou Hosoi.
Mechanism Design of Data Sharing for Cybersecurity Research,
IPSI Transactions on Advanced Research,
Vol.11,
No.1,
pp.35-40,
2015
[detail]
abstract
If we want to realize a scientific approach to cybersecurity, we need objective
and reproducible evaluation of security. Although some of cryptographic
technologies have rigorous security proofs, a lot of cybersecurity technologies
rely on experimental evaluation which needs good datasets. One may expect that
sharing such datasets would help at least the reproducibility of the evaluation.
At the same time, one may be afraid that effective mechanism design is difficult
because there have been a lot of studies on disincentive problems
(e.g. free-riding) associated with information sharing in cybersecurity.
However, the requirements and typical solutions for data sharing would be
different from those for information sharing. In this paper, we comprehensively
discuss the features of "data sharing for cybersecurity research" based on a
systematic comparison with "information sharing for cybersecurity practice". We
also report a Japanese case in the field of malware analysis.
One important finding is that considering human resource development is an
important factor in the activities associated with data sharing.
-
Satsuya Ohata,
Yutaka Kawai,
Takahiro Matsuda,
Goichiro Hanaoka,
Kanta Matsuura.
Re-encryption Verifiability: How to Detect Malicious Activities of a Proxy in Proxy Re-encryption,
Lecture Notes in Computer Science (Topics in Cryptology: CT-RSA2015),
Vol.9048,
pp.410-428,
2015
国際会議
-
Satsuya Ohata,
Takahiro Matsuda,
Kanta Matsuura.
On Rigorous Security of Password Recovery Protocols,
The Tenth International Workshop on Security (IWSEC2015),
Poster Session,
2015
[detail]
abstract
Many online services adopt a password-based user authentication system because
of its usability. However, several problems have been pointed out on it, and
one of the well-known problems is that a user forgets his/her password and
cannot login the services. To solve this problem, most online services support
a mechanism with which a user can recover a password. In this poster, we discuss
rigorous security for a password recovery protocol.
-
Aleksandar Kavcic,
Miodrag Mihaljevic,
Kanta Matsuura.
Light-Weight Secrecy System Using Channels with Insertion Errors: Cryptographic Implications,
Proceedings of the 2015 IEEE Information Theory Workshop -- Fall (ITW2015),
pp.257-261,
2015
[detail]
abstract
A model of an encryption approach is analyzed from an information-theoretic
point of view. In the model, an attacker faces the problem of observing messages
through a concatenation of a binary symmetric channel and a channel with
randomly inserted bits. The paper points out a number of security related
implications resulting from employing an insertion channel. It is shown that
deliberate and secret-key-controlled insertions of random bits into the basic
ciphertext provide a security enhancement of the resulting encryption scheme.
国内誌
-
Bongkot Jenjarrussakul,
Kanta Matsuura.
Japanese Loyalty Program: An Empirical Analysis on their Liquidity,
Security Efforts,
and Actual Security Levels,
日本セキュリティ・マネジメント学会誌,
Vol.28,
No.3,
pp.17-32,
2015
-
村山優子,
松浦幹太,
西垣正勝.
セキュリティ技術の人間的側面に関する研究領域の紹介,
ヒューマンインタフェース学会誌,
Vol.17,
No.3,
pp.188-193,
2015
-
馮菲,
松浦幹太.
Stronger Bridge Mechanisms of Tor Considering
Exhaustive Adversarial Models,
情報処理学会 論文誌,
Vol.59,
No.9,
pp.電子版のみ,
2015
[detail]
abstract
Tor is the most popular anonymous communication tool in the world. Its anonymity,
however, has not been thoroughly evaluated. For example, it is possible for an
adversary to restrict access to the Tor network by blocking all the publicly listed
relays. In response, Tor utilizes bridges, which are unlisted relays, as alternative
entry points. However, the vulnerabilities of the current bridge mechanism have not
been thoroughly investigated yet. We first investigate the vulnerabilities of the
current bridge mechanism under different adversarial models. Then we compare the
current bridge mechanism with our two proposals and discuss their effects on the
security and performance of Tor.
国内研究会
-
中田謙二郎,松浦幹太.
匿名通信システムTorにおけるウルフウェブサイトの提案,
第70回コンピュータセキュリティ・第14回セキュリティ心理学とトラスト合同研究発表会,
pp.電子版のみ,
2015
[detail]
abstract
A model of an encryption approach is analyzed from an information-theoretic
point of view. In the model, an attacker faces the problem of observing messages
through a concatenation of a binary symmetric channel and a channel with randomly
inserted bits. The paper points out to a number of security related implications
resulting from employing an insertion channel. It is shown that deliberate and
secret-key-controlled insertions of random bits into the basic ciphertext provide
a security enhancement of the resulting encryption scheme.
国内会議
-
馮菲,
松浦幹太.
Evaluation of Anti-enumeration Defenses for Tor Bridges,
2015年暗号と情報セキュリティシンポジウム(SCIS2015)予稿集,
CD-ROM,
2015
-
Miodrag Mihaljevic,
Kanta Matsuura.
Evaluation of an Approach for Security Enhancement of Certain Lightweight Stream Ciphers,
2015年暗号と情報セキュリティシンポジウム(SCIS2015)予稿集,
pp.1-8 (CD-ROM),
2015
-
大畑幸矢,
松浦幹太.
識別不可性難読化に基づく復号の速い代理再暗号化について,
2015年暗号と情報セキュリティシンポジウム(SCIS2015)予稿集,
CD-ROM,
2015
-
Bongkot Jenjarrussakul,
Kanta Matsuura.
Impact from Security Incidents and Partnership in Japanese Loyalty Program (日本のロイヤルティ・プログラムにおける企業間連携とそのセキュリティインシデントによるインパクト),
2015年暗号と情報セキュリティシンポジウム(SCIS2015)予稿集,
CD-ROM,
2015
-
篠田詩織,松浦幹太.
ロイヤルティプログラムのセキュリティインシデントインパクト分析に向けたポイント流動性の定義に対する考察,
2015年暗号と情報セキュリティシンポジウム(SCIS2015)予稿集,
CD-ROM,
2015
-
碓井利宣,松浦幹太.
マルウェア検知および分類に向けたコンパイラ再最適化,
2015年暗号と情報セキュリティシンポジウム(SCIS2015)予稿集,
CD-ROM,
2015
-
包含,碓井利宣,松浦幹太.
特徴選択によるマルウェアの最適化レベル推定精度向上,
2015年暗号と情報セキュリティシンポジウム(SCIS2015)予稿集,
CD-ROM,
2015
-
田村研輔,
松浦幹太.
制御システムにおけるライブフォレンジックの適用可能性に関する実験的評価,
2015年暗号と情報セキュリティシンポジウム(SCIS2015)予稿集,
CD-ROM,
2015
-
篠田詩織,
松浦幹太.
ロイヤルティプログラムのセキュリティインシデントに関する実証分析および制度設計の検討,
日本セキュリティ・マネジメント学会 第29回全国大会発表予稿集,
pp.51-58,
2015
-
篠田詩織,
松浦幹太.
ロイヤルティプログラムのセキュリティに対するネットワーク分析指標に着目した考察,
2015年コンピュータセキュリティシンポジウム(CSS2015)予稿集,
CD-ROM,
2015
-
大畑幸矢,
松田隆宏,
松浦幹太.
証明可能安全なパスワード再発行プロトコル・改,
2015年コンピュータセキュリティシンポジウム(CSS2015)予稿集,
pp.1313-1320,
2015
Year 2014
国際誌(LNCSを含む)
-
Takao Murakami,
Kenta Takahashi,
Kanta Matsuura.
Toward Optimal Fusion Algorithms with Security against Wolves and Lambs in Biometrics,
IEEE Transactions on Information Forensics and Security (IEEE TIFS),
Vol.9,
No.2,
pp.259-271,
2014
[detail]
abstract
It is known that different users have different degrees of accuracy in biometric authentication,
and claimants and enrollees who cause false accepts against many others are referred to as
wolves and lambs, respectively. The aim of this paper is to develop a fusion algorithm, which
has security against both of the animals while minimizing the number of query samples a
genuine claimant has to input. To achieve our aim, we first introduce a taxonomy of wolves
and lambs, and propose a minimum log-likelihood ratio-based sequential fusion scheme (MLR scheme).
We prove that this scheme keeps wolf attack probability and lamb accept probability,
the maximum of the claimant-specific false accept probability (FAP), and the enrolleespecific
FAP, less than a desired value if log-likelihood ratios are perfectly estimated, except in
the case of adaptive spoofing wolves. We also prove that this scheme is optimal with regard to
false reject probability (FRP), and asymptotically optimal with respect to the average number
of inputs (ANIs) under some conditions. We further propose an input order decision scheme based
on the Kullback.Leibler (KL) divergence, which maximizes the expectation of a genuine
log-likelihood ratio, to further reduce ANI of the MLR scheme in the case where the KL
divergence differs from one modality to another. The results of the experimental evaluation
using a virtual multimodal (one face and eight fingerprints) data set showed the effectiveness
of our schemes.
-
Takao Murakami,
Kenta Takahashi,
Kanta Matsuura.
A General Framework and Algorithms for Score Level Indexing and Fusion in Biometric Identification,
IEICE Transactions on Information and Systems,
Vol.E97-D,
No.3,
pp.510-523,
2014
[detail]
abstract
Biometric identification has recently attracted attention because of its convenience:
it does not require a user ID nor a smart card. However, both the identification error
rate and response time increase as the number of enrollees increases. In this paper,
we combine a score level fusion scheme and a metric space indexing scheme to improve
the accuracy and response time in biometric identification, using only scores as
information sources. We firstly propose a score level indexing and fusion framework
which can be constructed from the following three schemes: (I) a pseudo-score based
indexing scheme, (II) a multi-biometric search scheme, and (III) a score level fusion
scheme which handles missing scores. A multi-biometric search scheme can be newly
obtained by applying a pseudo-score based indexing scheme to multi-biometric identification.
We secondly propose the NBS (Naive Bayes search) scheme as a multi-biometric search
scheme and discuss its optimality with respect to the retrieval error rate.
We evaluated our proposal using the datasets of multiple fingerprints and face scores
from multiple matchers. The results showed that our proposal significantly improved the
accuracy of the unimodal biometrics while reducing the average number of score
computations in both the datasets.
-
Satsuya Ohata,
Takahiro Matsuda,
Goichiro Hanaoka,
Kanta Matsuura.
More Constructions of Re-splittable Threshold Public Key Encryption,
Lecture Notes in Computer Science (Advances in Information and Computer Security,
The 9th International Workshop on Security: IWSEC2014),
Vol.8639,
pp.109-118,
2014
[detail]
abstract
The concept of threshold public key encryption (TPKE) with the special
property called key re-splittability (re-splittable TPKE, for short) was
introduced by Hanaoka et al.(CT-RSA 2012), and used as one of the building
blocks for constructing their proxy re-encryption scheme.
In a re-splittable TPKE scheme, a secret key can be split into a set of
secret key shares not only once, but also multiple times, and the security
of the TPKE scheme is guaranteed as long as the number of corrupted secret
key shares under the same splitting is smaller than the threshold. In this
paper, we show several new constructions of re-splittable TPKE scheme by
extending the previous (ordinary) TPKE schemes. Our results suggest that
key re-splittability is a very natural property for TPKE.
-
David S.
L.
Wei,
Siani Pearson,
Kanta Matsuura,
Patrick P.
C.
Lee,
Kshirasagar Naik.
Guest Editorial: Cloud Security,
IEEE Transactions on Cloud Computing,
Vol.2,
No.4,
pp.377-379,
2014
国際会議
-
Bongkot Jenjarrussakul,
Kanta Matsuura.
Analysis of Japanese Loyalty Programs Considering Liquidity,
Security Efforts,
and Actual Security Levels,
13th Workshop on the Economics of Information Security (WEIS2014),
on web,
2014
[detail]
abstract
Virtual currency is an important medium of exchange in cyber space,
and loyalty program (LP) can be considered as a type of virtual currency.
In the U.S., according to a report in COLLOQUY talk[5], the total number
of LP memberships is more than 2.6 billion in 2012 after 26.7% growth from 2010.
In addition, the number of LPs is also reported to show a clear increasing trend.
LPs are very popular in Japan, too; there are more than 200 LPs in Japan and
the use of them is widespread among Japanese people. People collect their LP
points and redeem them to obtain goods and enjoy services. In addition, many LP
points can be converted into points of different LPs. LPs in Japan are thus
increasing redemption options, and getting more and more popular and liquid
virtual currencies. This situation can motivate malicious people to abuse such
increasingly useful LPs for crimes, and in fact, there are some reports of such
crimes. However, the security issues of LPs have not been well studied.
In this paper, we investigate Japanese LPs with focuses on their liquidity,
their operating firms' security efforts, and the LP systems' actual security levels.
国内誌
-
村上隆夫,高橋健太,松浦幹太.
IDレス生体認証における最適な逐次融合判定に向けて—ゆう度比判定方式の最適性の証明と実験的評価—,
電子情報通信学会和文論文誌A,
Vol.J97-A,
No.12,
pp.710-725,
2014
国内会議
-
大畑幸矢,
松田隆宏,
花岡悟一郎,
松浦幹太.
閾値公開鍵暗号の鍵再分割可能性について,
2014年暗号と情報セキュリティシンポジウム(SCIS2014)予稿集,
CD-ROM,
2014
-
馮菲,
松浦幹太.
Towards Better Parameters of Tor's Entry Guard Mechanism,
2014年暗号と情報セキュリティシンポジウム(SCIS2014)予稿集,
CD-ROM,
2014
-
碓井利宣,松浦幹太.
機械語命令列の差異によるマルウェア対策技術への影響の削減を目的とした隠れマルコフモデルに基づくコンパイラ推定手法,
2014年暗号と情報セキュリティシンポジウム(SCIS2014)予稿集,
CD-ROM,
2014
-
北條孝佳,
松浦幹太.
標的型攻撃における攻撃者のグルーピング手法,
2014年暗号と情報セキュリティシンポジウム(SCIS2014)予稿集,
CD-ROM,
2014
-
大畑幸矢,
松田隆宏,
松浦幹太.
証明可能安全なパスワード再発行プロトコルについて,
2014年コンピュータセキュリティシンポジウム(CSS2014)予稿集,
CD-ROM,
2014
-
細井琢朗,
松浦幹太.
TCP再送タイマ管理の変更による低量DoS攻撃被害緩和の実験評価,
2014年コンピュータセキュリティシンポジウム(CSS2014)予稿集,
CD-ROM,
2014
-
北條孝佳,
松浦幹太.
文字列類似性を考慮した標的型攻撃のグループ化手法,
2014年 CSS/MWS
(CSS/MWS2014)予稿集,
CD-ROM,
2014
-
碓井利宣,
松浦幹太.
コンパイラ変更に対して頑強なマルウェア分類手法,
2014年コンピュータセキュリティシンポジウム(CSS2014)予稿集,
CD-ROM,
2014
-
馮菲,
松浦幹太.
網羅的な攻撃者モデルを考慮したTorブリッジ機構の強化,
Stronger Bridge Mechanisms of Tor Considering Exhaustive Adversarial Models,
2014年コンピュータセキュリティシンポジウム(CSS2014)予稿集,
CD-ROM,
2014
Year 2013
編纂書籍の章
-
Bongkot Jenjarrussakul,
Hideyuki Tanaka,
Kanta Matsuura.
Sectoral and Regional Interdependency of Japanese Firms Under the Influence of Information Security Risks,
The Economics of Information Security and Privacy,
pp.115-134,
2013
[detail]
abstract
Although there are some studies on inter-sectoral information security
interdependency, the lack of regional interdependency analysis is one of their
limitations. In this empirical study, we used an inter-regional input-output table in
order to analyze both sectoral and regional interdependencies under the influence of
information technology and the information security of Japanese firms. Our analysis
showed that the economic scale of a region has a great influence on the characteristics
of the interdependency. Furthermore,we found that the demand-side sectors can
be classified into five classes based on the characteristics. Among them, the groups
with high self-dependency get more benefits from simultaneous understanding of
regional characteristics; for the sectors in these classes, investment advice obtained
from sectoral characteristics only is very limited, whereas they can obtain much
more from regional characteristics. Since these classes include a majority of the
sectors, we can recognize the importance of regional interdependency analysis. In
the above basic study, what we see is the situation before the Great East Japan
Earthquake on March 11, 2011.
As an extended study, we estimated the impact of the earthquake on the
interdependency. Our main finding from the regional perspective is that the interdependency
characteristics of the most damaged region (Tohoku) and of the
economically largest region (Kanto) are impacted most significantly. This feature
is not changed by the limitation of damage through prior security investment.
Both in the basic study and in the extended study, we can see that considering
not only sectoral but also regional characteristics is an effective approach to the task of empirically deriving implications related to the interdependency. There are many
possibilities of more extended studies based on our methodology.
国際誌(LNCSを含む)
-
Shaojing Fu,
Chao Li,
Kanta Matsuura,
Longjiang Qu.
Construction of Even-
variable Rotation Symmetric Boolean Functions with Maximum Algebraic Immunity,
SCIENCE CHINA Information Sciences,
Vol.56,
No.3,
pp.1-9,
2013
[detail]
abstract
Rotation symmetric Boolean functions (RSBFs) have been used as components of different cryptosystems.
In this paper, we investigate n-variable (n even and n >= 12) RSBFs to achieve maximum algebraic
immunity (AI), and provide a construction of RSBFs with maximum AI and nonlinearity. These functions have
higher nonlinearity than the previously known nonlinearity of RSBFs with maximum AI. We also prove that
our construction provides high algebraic degree in some case.
keywords
Boolean function, rotation symmetry, algebraic immunity, nonlinearity
国際会議
-
Kanta Matsuura,
Takurou Hosoi.
Data Sharing for Cybersecurity Research: A Comparison with Information Sharing for Cybersecurity Practice,
Ninth Annual Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective,
2013
-
Naveen Kumar,
Anish Matsuria,
Maniklal Das,
Kanta Matsuura.
Improving Security and Efficiency of Time-Bound Access to Outsourced Data,
The 6th ACM India Computing Convention (Compute2013),
2013
-
Takurou Hosoi,
Kanta Matsuura.
Effectiveness of a Change in TCP Retransmission Timer Management for Low-rate DoS Attack Mitigation and Attack Variants,
The 8th International Workshop on Security (IWSEC2013),
2013
[detail]
abstract
The mechanism of TCP retransmission timeout
is essential to the Internet congestion control.
But existing research pointed out
that this mechanism allows DoS attack
with low-rate mean traffic.
We proposed a change in TCP retransmission timeout management,
in which
length of TCP retransmission timer is increased
not to precisely twice of the prior timer length
in successive timeout waiting.
We investigate its effectiveness
in DoS attack mitigation analytically,
and some attack variants under this countermeasure.
-
Kanta Matsuura,
Takurou Hosoi.
Data Sharing for Cybersecurity Research and Information Sharing for Cybersecurity Practice,
The 8th International Workshop on Security (IWSEC2013),
2013
[detail]
abstract
When we want to realize a scientific approach to cybersecurity,
we need objective and reproducible evaluation of security properties.
Although some of cryptographic technologies have rigorous security proofs,
a lot of cybersecurity technologies rely on experimental security evaluation
which needs good datasets. One may expect that sharing such datasets would help
at least the reproducibility of the evaluation. At the same time, one may be afraid
that effective mechanism design is not trivial because there have been a lot of
studies on disincentive problems (e.g. free-riding) associated with information
sharing for cybersecurity practice. However, the requirements and typical solutions
for data sharing would be different from those for information sharing. In this poster,
we comprehensively discuss the features of data sharing for cybersecurity research
based on a systematic comparison with information sharing for cybersecurity practice.
We also identify some intrinsic limitations of the data sharing approach.
国内誌
-
村上隆夫,高橋健太,松浦幹太.
大規模IDレス生体認証に向けた逐次索引融合判定の提案,
電子情報通信学会和文論文誌A,
Vol.J96-A,
No.12,
pp.801-814,
2013
国内研究会
-
細井琢朗,
松浦幹太.
待ち行列推定に基づくパケットロス攻撃検知の輻輳強度依存性,
情報処理学会コンピュータセキュリティ研究会
(情報処理学会研究報告コンピュータセキュリティ(CSEC)),
Vol.60,
No.28,
pp.1-5,
2013
-
細井琢朗,
松浦幹太.
低量DoS攻撃を緩和するTCP再送信タイマ管理の一検討,
情報処理学会コンピュータセキュリティ研究会
(研究報告コンピュータセキュリティ(CSEC)),
Vol.62,
No.51,
pp.1-5,
2013
-
村上隆夫,高橋健太,松浦幹太.
IDレス生体認証における最適な逐次融合判定について,
バイオメトリクス研究会(BioX研究会),
pp.34-39,
2013
国内会議
-
大畑幸矢,
松田隆宏,
花岡悟一郎,
松浦幹太.
検証可能代理人再暗号化方式の安全性について,
2013年暗号と情報セキュリティシンポジウム(SCIS2013)予稿集,
CD-ROM,
2013
-
Bongkot Jenjarrussakul,
Kanta Matsuura.
Another class of function for the productivity space of information security investment,
2013年暗号と情報セキュリティシンポジウム(SCIS2013)予稿集,
CD-ROM,
2013
[detail]
abstract
One of the concerns in economics of information security is about optimal investment
in information security. In Gordon-Loeb's model, the general economic model which determines
the optimal amount to invest in order to protect a given set of information security is
introduced. Here they focus on optimal investment regarding reduction of vulnerability.
An extension work by Matsuura shows productivity space of information security by considering
productivity regarding threat and vulnerability reduction according to class-II of security
breach probability function in Gordon-Loeb's model. Here we try to work on a gap by considering
productivity regarding both threat and vulnerability reductions with a focus on class-I of
security breach probability function stated in Gordon-Loeb's model. As a result, we found that
when consider security breach probability function and security threat probability function
which form as class-I of Gordon-Loeb's model, the optimal level of information security
investment equals zero until a specific value of v, and then this optimal level of the
investment increases at a decreasing rate.
keywords
Information security investment, optimal investment model, threat reduction, vulnerability reduction
-
北條孝佳,
松浦幹太.
挙動類似性に着目したボット端末判定手法,
2013年暗号と情報セキュリティシンポジウム(SCIS2013)予稿集,
CD-ROM,
2013
-
松浦幹太.
暗号技術からディフェンダー・ムーブメントへの道,
第30回情報通信学会大会,
2013
-
細井琢朗,
松浦幹太.
TCP再送信タイマ管理の変更による低量DoS攻撃被害の緩和効果,
コンピュータセキュリティシンポジウム2013 (CSS2013),
CD-ROM,
2013
-
Andreas Gutmann,
Kanta Matsuura.
The use of linguistics in cryptography and its application to improve the HB protocol,
コンピュータセキュリティシンポジウム2013 (CSS2013),
CD-ROM,
2013
-
碓井利宣,松浦幹太.
マルウェア対策技術の精度向上を目的としたコンパイラおよび最適化レベルの推定手法,
マルウェア対策研究人材育成ワークショップ 2013 (MWS 2013),
CD-ROM,
2013
-
馮菲,
松浦幹太.
Torネットワークに対する戦略的攻撃とその脅威の検証,
Towards an Analysis of a Strategic Attack against the Tor Network,
コンピュータセキュリティシンポジウム 2013 論文集,
CD-ROM,
2013
-
高木哲平 松浦幹太.
DoS攻撃検知に向けたパケット単位コルモゴロフ複雑性差分の特性分析,
コンピュータセキュリティシンポジウム2013 (CSS2013),
2013
Year 2012
国際誌(LNCSを含む)
-
Shaojing Fu,
Kanta Matsuura,
Chao Li,
Longjiang Qu.
Construction of highly nonlinear resilient S-boxes with given degree,
Designs,
Codes and Cryptography,
Vol.64,
No.3,
pp.241-253,
2012
[detail]
abstract
We provide two new construction methods for nonlinear resilient S-boxes with
given degree. The first method is based on the use of linear error correcting codes together
with highly nonlinear S-boxes. Given a [u,m, t+1] linear code where u = n-d-1, d > m,
we showthat it is possible to construct (n,m, t, d) resilient S-boxes which have currently best
known nonlinearity. Our second construction provides highly nonlinear (n,m, t, d) resilient
S-boxes which do not have linear structure, then an improved version of this construction is
given.
keywords
Cryptography, Linear code, Resiliency, Linear structure, Nonlinearity
-
Takahiro Matsuda,
Goichiro Hanaoka,
Kanta Matsuura.
Relations between Constrained and Bounded Chosen Ciphertext Security for Key Encapsulation Mechanisms,
Lecture Notes in Computer Science (Public Key Cryptography - PKC 2012,
15th International Conference on Practice and Theory in Public Key Cryptography: PKC 2012),
Vol.7293,
pp.576-594,
2012
国際会議
-
Bongkot Jenjarrussakul,
Hideyuki Tanaka,
Kanta Matsuura.
Impact on Information Security from the Great East Japan Earthquake on March 11,
2011,
Eighth Annual Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective,
2012
[detail]
abstract
The Great East Japan Earthquake on March 11, 2011 introduced vast impact on supply-chain
in Tohoku region. Although there are some reports regarding impact in economic viewpoint as well as information,
communication, and telecommunication (ICT) viewpoint, non of them shows possibility about
impact on information security. Here we simulate the possible effect from the impact of the earthquake. The
methodology is applied to predict impact from the earthquake. With this concept, Japanese offcial statistical
economic data as well as offcial data regarding information technology and information security are used.
The results show that limited effect from the loss in IT-related capital stock due to the Great East Japan
Earthquake likely affects some regions and industrial sectors such as other manufacturing(6) and services(12).
-
Bongkot Jenjarrussakul,
Hideyuki Tanaka,
Kanta Matsuura.
Sectoral and Regional Interdependency of Japanese Firms under the Influence of Information Security Risks,
11th Workshop on the Economics of Information Security (WEIS2012),
on web,
2012
-
Takao Murakami,
Kenta Takahashi,
Kanta Matsuura.
Towards Optimal Countermeasures against Wolves and Lambs in Biometrics,
Proceedings of the IEEE Fifth International Conference on Biometrics: Theory,
Applications and Systems (BTAS 2012),
2012
国内誌
-
Anil Mundra,
Anish Mathuria,
Naveen Kumar,
Takahiro Matsuda,
Kanta Matsuura.
Two Views on Hierarchical Key Assignment Schemes,
日本セキュリティ・マネジメント学会誌,
Vol.25,
No.3,
pp.40-51,
2012
[detail]
abstract
A hierarchical key assignment scheme is a cryptographic mechanism for enforcing access control
in hierarchies. Its role is fundamentally important in some computer security applications
but its provable security is hard to achieve in the case of dynamic schemes. Therefore, in
order to alleviate problems resulting from solely heuristic approaches, we need systematic
views regarding design and implementation both from technical viewpoints and from managerial
viewpoints. In this commentary, we aim at providing those views in the following manner.
The first one is from technical viewpoints: we describe a progressive construction of
hierarchical key assignment schemes to make design issues as systematic as possible.
The constructed schemes are basically from existing literatures but with some refinements
for security reasons and/or to make the construction more instructive. The second one is from
managerial viewpoints: based on security economics, we suggest the importance of deterrents to
attacks in system implementations. Our discussions include the applications in which a large
hierarchy is required like secure outsourcing of data on cloud.
-
市川顕,
松浦幹太.
実行プロセス分離によるJITシェルコード実行防止,
情報処理学会論文誌,
Vol.53,
No.9,
pp.2302-2312,
2012
国内研究会
-
細井琢朗,
松浦幹太.
情報セキュリティ研究向けネットワークデータの配布における技術的課題の現状調査,
情報処理学会コンピュータセキュリティ研究会,
Vol.2012-CSEC-56,
No.04,
pp.1-6,
2012
-
飛鋪亮太,
Bongkot Jenjarrussakul,
田中秀幸,
松浦幹太,
今井秀樹.
日本における情報セキュリティの相互依存性の分析,
電子情報通信学会情報セキュリティ研究会 (電子情報通信学会技術研究報告),
Vol.111,
No.455,
pp.23-29,
2012
-
村上隆夫,高橋健太,松浦幹太.
WolfとLambに対する安全性と最適性を持つ融合判定の理論的考察,
第1回バイオメトリクス研究会(BioX研究会),
2012
-
松浦幹太,
細井琢朗.
セキュリティ評価基盤と周辺制度および活動に関する考察,
第59回情報処理学会コンピュータセキュリティ研究会,
Vol.2012-CSEC-59,
2012
国内会議
-
Bongkot Jenjarrussakul,
Hideyuki Tanaka,
Kanta Matsuura.
Information Security and the Impact from the Great East Japan Earthquake,
2012年暗号と情報セキュリティシンポジウム(SCIS2012)予稿集,
CD-ROM,
2012
[detail]
abstract
The Great East Japan Earthquake on March 11, 2011 introduced vast impact on supply
chain in Tohoku region. Although there are some reports regarding impact in economic
viewpoint as well as information, communication and telecommunication (ICT) viewpoint,
non of them shows relation to information security (IS). The methodology in here is
applied to simulate the possible outcome with impact from the earthquake. We observe
impacts that relate to information technology(IT) and IS. In addition, assumption that
investment in IS helps reducing impact from the earthquake is also applied. With this concept,
Japanese official statistical economic data, offcial data regarding IT and IS are used.
The results show that limited effect from the loss in IT-related capital stock due to the
earthquake likely affects some regions and industrial sectors such as sector of other
manufacturing and services.
keywords
The Great East Japan Earthquake, Information Security, Regional and Sectoral Impact
-
市川顕,
松浦幹太.
実行プロセス分離によるJITシェルコード実行防止とその実装・評価,
2012年暗号と情報セキュリティシンポジウム(SCIS2012)予稿集,
CD-ROM,
2012
-
横手 健一,
松浦 幹太 .
匿名通信システムTorの安全性を低下させるトラフィック逆加工,
コンピュータセキュリティシンポジウム2012論文集,
Vol.2012,
No.3,
pp.624-631,
2012
-
細井琢朗,
松浦幹太.
待ち行列推定に基づくパケットロス攻撃検知方式のパラメータ依存性について,
コンピュータセキュリティシンポジウム2012 (CSS2012),
Vol.2012,
No.3,
pp.1-5 (CD-ROM),
2012
Year 2011
著書等
-
日本セキュリティ・マネジメント学会(監修),
松浦幹太(編著).
セキュリティマネジメント学 ---理論と事例---,
2011
国際誌(LNCSを含む)
-
Jacob Schuldt,
Kanta Matsuura.
Efficient Convertible Undeniable Signatures with Delegatable Verification,
IEICE Transactions on Fundamentals of Electronics,
Communications and Computer Sciences,
Vol.94-A,
No.1,
pp.71-83,
2011
-
Takahiro Matsuda,
Kanta Matsuura.
Parallel Decryption Queries in Bounded Chosen Ciphertext Attacks,
Lecture Notes in Computer Science (Public Key Cryptography - PKC 2011,
14th International Conference on Practice and Theory in Public Key Cryptography: PKC 2011),
Vol.6571,
pp.246-264,
2011
-
Takahiro Matsuda,
Kanta Matsuura.
On Black-Box Separations among Injective One-Way Functions,
Lecture Notes in Computer Science (Theory of Cryptography,
8th Theory of Cryptography Conference: TCC 2011),
Vol.6597,
pp.597-614,
2011
-
Jacob C.N.
Schuldt,
Kanta Matsuura.
On-line Non-transferable Signatures Revisited,
Lecture Notes in Computer Science (Public Key Cryptography - PKC 2011,
14th International Conference on Practice and Theory in Public Key Cryptography: PKC 2011),
Vol.6571,
pp.369-386,
2011
[detail]
abstract
Undeniable signatures, introduced by Chaum and van Antwerpen, and designated confirmer signatures, introduced by Chaum, allow a signer to control the verifiability of his signatures by requiring a verifier to interact with the signer to verify a signature. An important security requirement for these types of signature schemes is nontransferability which informally guarantees that even though a verifier has confirmed the validity of a signature by interacting with the signer, he cannot prove this knowledge to a third party. Recently Liskov and Micali pointed out that the commonly used notion of non-transferability only guarantees security against an off-line attacker which cannot influence the verifier while he interacts with the signer, and that almost all previous schemes relying on interactive protocols are vulnerable to online attacks. To address this, Liskov and Micali formalized on-line nontransferable signatures which are resistant to on-line attacks, and proposed a generic construction based on a standard signature scheme and an encryption scheme.
In this paper, we revisit on-line non-transferable signatures.
Firstly, we extend the security model of Liskov and Micali to cover not only the sign protocol, but also the confirm and disavow protocols executed by the confirmer. Our security model furthermore considers the use of multiple (potentially corrupted or malicious) confirmers, and guarantees security against attacks related to the use of signer specific confirmer keys.
We then present a new approach to the construction of on-line non-transferable signatures, and propose a new concrete construction which is provably secure in the standard model. Unlike the construction by Liskov and Micali, our construction does not require the signer to issue ``fake'' signatures to maintain security, and allows the confirmer to both confirm and disavow signatures.
Lastly, our construction provides noticeably shorter signatures than the construction by Liskov and Micali.
links
-
Daiki Chiba,
Takahiro Matsuda,
Jacob C.N.
Schuldt,
Kanta Matsuura.
Efficient Generic Constructions of Signcryption with Insider Security in the Multi-user Setting,
Lecture Notes in Computer Science (9th International Conference on Applied Cryptography and Network Security: ACNS 2011),
Vol.6715,
pp.220-237,
2011
-
Shaojing Fu,
Chao Li,
Kanta Matsuura,
Longjiang Qu..
Construction of Odd-
variable Resilient Boolean Functions with Optimal Degree,
IEICE Transactions on Fundamentals of Electronics,
Communications and Computer Sciences,
Vol.VE94-A,
pp.265-267,
2011
[detail]
abstract
Constructing degree-optimized resilient Boolean functions with high nonlinearity
is a significant study area in Boolean function.
In this letter, we provide a construction of degree-optimized n-variable (n odd and n>=35)
resilient Boolean functions, and it is shown that the resultant functions achieve
the currently best known nonlinearity.
keywords
stream cipher, boolean function, resiliency, nonlinearity
-
Shaojing Fu,
Chao Li,
Kanta Matsuura,
Longjiang Qu.
Blanced 2p-variable
Rotation Symmetric Boolean Functions with Maximum Algebraic Immunity,
Applied
mathematical Letters,
Vol.24,
No.12,
pp.2093-2096,
2011
[detail]
abstract
In this paper, we study the construction of Rotation Symmetric Boolean Functions (RSBFs)
which achieve a maximum algebraic immunity (AI). For the first time, a construction of
balanced 2p-variable (p is an odd prime) RSBFs with maximum AI was provided, and the
nonlinearity of the constructed RSBFs is not less than 2^(2p-1)-(2p-1)C(p)+(p-2)(p-3)+2;
this nonlinearity result is significantly higher than the previously best known nonlinearity
of RSBFs with maximum AI.
keywords
Stream cipher, Rotation symmetry, Boolean function, Algebraic immunity
国際会議
-
Bongkot Jenjarrussakul,
Hideyuki Tanaka,
Kanta Matsuura.
Empirical Study on Interdependency of Information Security Between Industrial Sectors and Regions,
Seventh Annual Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective,
2011
[detail]
abstract
This paper broadens the concept of measurement methodology of information security interdependency
in industrial sectoral perspective into industrial regional perspective to analyze inter-regional and
inter-sectoral interdependency between specific industrial sectors and regions on demand-side perspective.
Previous study of cross-sectoral information security interdependency demonstrated that different industrial
sectors is one of the factors that affect interdependency in information security. Nevertheless, regional
interdependency analysis was one of their limitations. In our implementation, we apply methodology to the
statistical economic data of Japanese industrial sectors separated into regions in order to show their
information security interdependency influenced by information technology and the level of information security
measure.
-
Kanta Matsuura.
Passive and Active Measurements of Cybersecurity Risk Parameters,
The 12th International Workshop on Information Security Applications (WISA2011),
2011
-
Ken Ichikawa,
Kanta Matsuura.
Preventing execution of JIT shellcode by isolating running process,
Annual Computer Security Applications Conference 2011,
2011
国内誌
-
Bongkot Jenjarrussakul,
Kanta Matsuura.
A Survey on Information Security Economics,
日本セキュリティ・マネジメント学会誌,
Vol.24,
No.3,
pp.53-60,
2011
[detail]
abstract
Information security plays a significant role in information systems due to their higher adoption
rate in basic infrastructures. This widespread usage of information technology brings higher probability of
risks and attacks to information systems. Moreover, higher number of firms and organizations concern more
about expenditure on information security. From this fact, just understanding technologies is insufficient for
appropriate adoption of information security. Hence understanding other aspects such as economics is also
required. This paper introduces existing studies on information security economics and discusses some future
directions; existing analyses based on economics theories have successfully explained a number of problems
related to information security, and future steps would need more synthesis-oriented approaches as well as
empirical studies.
国内会議
-
松田隆宏,
松浦幹太.
単写の一方向関数のブラックボックス構成の不可能性について,
2011年暗号と情報セキュリティシンポジウム(SCIS2011)予稿集,
CD-ROM,
2011
-
松田隆宏,
松浦幹太.
単一型と並行型の復号クエリを考慮した回数制限付き選択暗号文攻撃に対する安全性定義間の関係,
2011年暗号と情報セキュリティシンポジウム(SCIS2011)予稿集,
CD-ROM,
2011
-
松田隆宏,
花岡悟一郎,
松浦幹太.
KEMのConstrained CCA安全性と回数制限付きCCA安全性の関係,
2011年暗号と情報セキュリティシンポジウム(SCIS2011)予稿集,
CD-ROM,
2011
-
Bongkot Jenjarrussakul,
Hideyuki Tanaka,
Kanta Matsuura.
Empirical study on Interdependency of Information Security between Industrial Sectors and Regions,
2011年暗号と情報セキュリティシンポジウム(SCIS2011)予稿集,
CD-ROM,
2011
[detail]
abstract
This paper broadens the concept of measurement methodology of information security interdependency
in industrial sectoral perspective into industrial regional perspective to analyze inter-regional and
inter-sectoral interdependency in specific industrial sectors and regions on demand-side perspective.
Previous study of cross-sectoral information security interdependency showed that industrial sector
is one of the factors that affect interdependency in
information security. Nevertheless, regional interdependency analysis was one of their limitations. In our
implementation, we apply methodology to the statistical economic data of Japanese industrial sectors
separated into regions in order to show their information security interdependency influenced by information
technology and the level of information security measure.
-
千葉大輝,
松田隆宏,
シュルツ・ヤコブ,
松浦幹太.
多人数モデルで内部者安全なSigncryptionの一般的構成法,
2011年暗号と情報セキュリティシンポジウム(SCIS2011)予稿集,
CD-ROM,
2011
-
Jacob Schuldt,
Kanta Matsuura.
On-line Non-transferable Signatures Revisited,
2011年暗号と情報セキュリティシンポジウム(SCIS2011)予稿集,
CD-ROM,
2011
-
市川顕,
松浦幹太.
実行監視によるJIT Spraying攻撃検知,
第52回情報処理学会コンピュータセキュリティ研究会
(CSEC52)(情報処理学会研究報告),
Vol.2011,
No.46,
pp.download,
2011
-
細井琢朗,
松浦幹太.
情報セキュリティ研究用ハニーポット通信データの一般頒布に向けた技術的要件の調査,
マルウェア対策研究人材育成ワークショップ2011 (MWS2011),
CD-ROM,
2011
-
市川顕,
松浦幹太.
実行プロセス分離によるJITシェルコード実行防止,
Computer Security Symposium2011 (CSS2011),
CD-ROM,
2011
その他
-
松浦幹太.
セキュリティマネジメント学と経済学的アプローチ,
日本セキュリティ・マネジメント学会第24回学術講演会,
2011
Year 2010
国際誌(LNCSを含む)
-
Shaojing Fu,
Chao Li,
Kanta Matsuura,
Longjiang Qu.
Enumeration of Balanced Symmetric Functions over GF(p),
Information Processing Letters,
Vol.110,
pp.544-548,
2010
-
Jacob C.
N.
Schuldt,
Kanta Matsuura.
An Efficient Convertible Undeniable Signature Scheme with Delegatable Verification,
Lecture Notes in Computer Science (6th International Conference on Information Security Practice and Experience: ISPEC2010),
Vol.6047,
pp.276-293,
2010
-
Takurou HOSOI,
Kanta Matsuura.
Evaluation of the Common Dataset Used in Anti-Malware Engineering Workshop 2009,
Lecture Notes in Computer Science (Recent Advances in Intrusion Detection,
13th International Symposium on Recent Advances in Intrusion Detection: RAID 2010),
Vol.6307,
pp.496-497,
2010
-
Takahiro Matsuda,
Yasumasa Nakai,
Kanta Matsuura.
Efficient Generic Constructions of Timed-Release Encryption with Pre-open Capability,
Lecture Notes in Computer Science (Pairing-Based Cryptography,
4th International Conference on Pairing-Based Cryptography: Pairing 2010),
Vol.6487,
pp.225-245,
2010
国際会議
-
Kanta Matsuura.
Economic Implications of Light-Weight Security Mechanisms,
The 2010 Workshop on RFID Security (RFIDsec'10 Asia),
2010
-
Peng Yang,
Kanta Matsuura.
An Introduction of A Users' Guideline to Japan Cryptographic Module Validation Program,
ASIACCS 2010 (5th ACM Symposium on Information,
Computer and Communications Security),
2010
-
Toshihiko Takemura,
Hideyuki Tanaka,
Kanta Matsuura.
Awareness Gaps on Effects of Information Security Measure between Managers and Employees: An Empirical Study Using Micro Data Collected from Web-Based Survey,
Short Paper Proceedings of the Fourth IFIP WG11.11 International Conference on Trust Management (IFIPTM 2010),
pp.25-32,
2010
-
Kanta Matsuura.
Impacts of Information-Security Evaluation,
The 11th CTINS (Cybercrime Technology Information Network System) Annual Conference,
2010
-
Kanta Matsuura.
A Guideline for Product-Validation Systems Regarding Security Modules,
Computer Security Institute Annual Conference (CSI 2010),
2010
-
Kanta Matsuura.
Security Economics and Cryptographic Industry,
2010 Japan-Taiwan Joint Research Symposium on Cryptography and Information Technology toward Next IT-society,
2010
国内研究会
-
松浦幹太,
楊鵬.
セキュリティ投資モデルとTrust-but-verifyアプローチによるモジュール選択,
情報処理学会コンピュータセキュリティ研究会(情報処理学会研究報告),
Vol.2010,
No.50,
2010
-
松浦幹太.
情報セキュリティ経済学の概要と最近の動向,
日本セキュリティマネジメント学会2010年度第2回ITリスク学研究会,
2010
国内会議
-
松田隆宏,
松浦幹太.
公開鍵暗号の回数制限付き選択暗号文攻撃に対する安全性,
2010年暗号と情報セキュリティシンポジウム(SCIS2010)予稿集,
CD-ROM,
2010
-
松田隆宏,
松浦幹太.
Mixed CCA安全性: より強い安全性を持つ公開鍵暗号方式のCPA安全な方式のみを用いた構成,
2010年暗号と情報セキュリティシンポジウム(SCIS2010)予稿集,
CD-ROM,
2010
-
Shaojing Fu,
Kanta Matsuura,
Chao Li.
Construction of High Nonlinearity Resilient S-Boxes with Given Degree,
2010年暗号と情報セキュリティシンポジウム(SCIS2010)予稿集,
CD-ROM,
2010
-
千葉大輝,松田隆宏,
松浦幹太.
タグベースKEMの選択的タグ安全性から適応的タグ安全性へのカメレオンハッシュを用いた強化手法とSigncryption への応用,
2010年暗号と情報セキュリティシンポジウム(SCIS2010)予稿集,
CD-ROM,
2010
-
小田哲,
永井彰,
山本剛,
小林鉄太郎,
冨士仁,
中井泰雅,
松田隆宏,
松浦幹太.
汎用IBE向けシステムの構成法とその実装,
2010年暗号と情報セキュリティシンポジウム(SCIS2010)予稿集,
CD-ROM,
2010
-
中井泰雅、松田隆宏、松浦幹太.
時間前復号機能付き時限式暗号の効率的な一般的構成法,
2010年暗号と情報セキュリティシンポジウム(SCIS2010)予稿集,
CD-ROM,
2010
-
Jacob C.N.
Schuldt,
Kanta Matsuura.
A Convertible Undeniable Signature Scheme with Delegatable Verification,
2010年暗号と情報セキュリティシンポジウム(SCIS2010)予稿集,
CD-ROM,
2010
-
楊鵬,
松浦幹太.
JCMVPに関するユーザ向けガイドライン試作,
第72回情報処理学会全国大会,
2010
-
施屹,
松浦幹太.
A Collusion Threat Model for Fingerprinting Attack on the Tor,
2010年暗号と情報セキュリティシンポジウム(SCIS2010)予稿集,
CD-ROM,
2010
[detail]
abstract
Tor is a state-of-art low-latency anonymous communication system and provides TCP services
for applications on the Internet. It involves several techniques to defend the attacks. We have presented a
paper to introduce the fingerprinting attack on the Tor system. In this paper, we present a modified threat
model towards the leaky pipe technique which Tor used, to achieve higher success rate. In this model, the
malicious attacker could collude with a malicious onion router. If this onion router is not an exit router, we
may still achieve higher success rate by fingerprinting attack. We also make some discussions towards the
defending methods.
-
施屹,
松浦幹太.
Extended Fingerprinting Attack on Tor with Time Characteristics and Defense Mechanism,
情報処理学会コンピュータセキュリティシンポジウム2010(CSS2010),
Vol.2,
pp.819-824,
2010
-
松田隆宏,
松浦幹太.
開封時刻の秘匿性を持つ事前開封機能付きタイムリリース暗号の一般的な構成法,
情報処理学会コンピュータセキュリティシンポジウム2010(CSS2010),
pp.681-686,
2010
その他
-
Kanta Matsuura.
Product-Validation Systems and the Economics of Information Security,
The Ninth Workshop on the Economics of Information Security (WEIS 2010),
2010
Year 2009
編纂書籍の章
-
Kanta Matsuura.
Productivity Space of Information Security in an
Extension of the Gordon-Loeb's Investment Model
,
Managing Information Risk and the Economics of Security,
pp.99-119,
2009
[detail]
abstract
Information security engineers provide some countermeasures so that attacks will fail. This is
vulnerability reduction. In addition, they provide other countermeasures so that attacks will not occur. This
is threat reduction. In order to study how the optimal investment for information security is influenced by
these reductions, this chapter introduces a productivity space of information security. In the same manner
as in the Gordon-Loeb model, where vulnerability reduction is only considered, I suppose a productivity
of information security characterizes economic effects of information security investment. In particular, I
consider a productivity regarding threat reduction as well as a productivity regarding vulnerability reduction,
and investigate a two-dimensional space formed by the two productivities. The investigation shows
that the productivity space is divided into three areas: the no-investment area where both the productivities
are low, the mid-vulnerability intensive area where the vulnerability reduction productivity is high but the
threat reduction productivity is low, and the high-vulnerability intensive area where the threat reduction
productivity is high.
国際誌(LNCSを含む)
-
Takahiro Matsuda,
Goichiro Hanaoka,
Kanta Matsuura,
Hideki Imai.
An Efficient Encapsulation Scheme from Near Collision Resistant Pseudorandom Generators and Its Application to IBE-to-PKE Transformations,
Lecture Notes in Computer Science (Topics in Cryptology: CT-RSA2009),
Vol.5473,
pp.16-31,
2009
[detail]
abstract
In [BK05], Boneh and Katz introduced a primitive
called encapsulation scheme,
which is a special kind of commitment scheme.
Using the encapsulation scheme,
they improved the generic transformation
by Canetti, Halevi, and Katz[CHK04]
which transforms any semantically secure
identity-based encryption (IBE) scheme into
a chosen-ciphertext secure public key encryption (PKE) scheme
(we call the BK transformation).
The ciphertext size of the transformed PKE scheme directly
depends on the parameter sizes of the underlying encapsulation scheme.
In this paper,
by designing a size-efficient encapsulation scheme,
we further improve the BK transformation.
With our proposed encapsulation scheme,
the ciphertext overhead of a transformed PKE scheme
via the BK transformation can be that
of the underlying IBE scheme plus 384-bit,
while the original BK scheme yields that of the underlying IBE scheme plus at least 704-bit,
for 128-bit security.
Our encapsulation scheme is constructed from
a pseudorandom generator (PRG) that has a special property
called near collision resistance,
which is a fairly weak primitive.
As evidence of it,
we also address how to generically
construct a PRG with such a property
from any one-way permutation.
-
Peng Yang,
Rui Zhang,
Kanta Matsuura,
Hideki Imai.
Generic Construction of Stateful Identity Based Encryption,
Lecture Notes in Computer Science (Information Security,
12th International Conference: ISC2009),
Vol.5735,
pp.338-346,
2009
-
Yasumasa Nakai,
Takahiro Matsuda,
Wataru Kitada,
Kanta Matsuura.
A Generic Construction of Timed-Release Encryption with Pre-open Capability,
Lecture Notes in Computer Science (Advances in Information and Computer Security,
The 4th International Workshop on Security: IWSEC2009),
Vol.5824,
pp.53-70,
2009
[detail]
abstract
In 2005, Hwang et al. proposed a concept of timed-release
encryption with pre-open capability (TRE-PC), where a receiver can decrypt
a ciphertext not only by using a time-release key which is provided
after its release-time, but also using a secret information called a preopen
key provided from a sender even before the release-time. Though
there are several concrete constructions of TRE-PC proposed so far, no
generic construction has been known. In this paper, we show a generic
construciton of TRE-PC. Specifically, we construct a TRE-PC scheme
from a chosen-ciphertext secure public key encryption scheme (PKE),
a chosen plaintext secure identity-based encryption (IBE) scheme with
specific property that we call target collision resistance for randomness,
and a one-time signature scheme.
Interestingly, our proposed construction of TRE-PC is essentially the
same as the generic construciton of (normal) TRE based on multiple
encryption of IBE and PKE. As one of the consequences of our result,
we can build a TRE-PC scheme secure in the standard model based on
weaker assumptions than the ones used by the existing standard model
TRE-PC scheme.
-
Takahiro Matsuda,
Kanta Matsuura,
Jacob C.
N.
Schuldt.
Efficient Constructions of Signcryption Schemes and Signcryption Composability,
Lecture Notes in Computer Science (Progress in Cryptology,
10th International Conference on Cryptology in India: INDOCRYPT 2009),
Vol.5922,
pp.321-342,
2009
-
Shaojing Fu,
Kanta Matsuura,
Chao Li,
Longjiang Qu.
Construction of Rotation Symmetric Boolean Functions with Maximum Algebraic Immunity,
Lecture Notes in Computer Science (The 8th International Conference on Cryptology and Network Security: CANS 2009),
Vol.5888,
pp.402-412,
2009
-
Yi Shi,
Kanta Matsuura.
Fingerprinting Attack on the Tor Anonymity System,
Lecture Notes in Computer Science (11th International Conference on Information and Communications Security: ICICS 2009),
Vol.5927,
pp.425-438,
2009
[detail]
abstract
We present a novel way to implement a fingerprinting attack against Onion Routing anonymity
systems such as Tor. Our attack is a realistic threat in the sense that it can be mounted by nothing but
controller of entrance routers; the required resource is very small. However, the conventional fingerprinting
attack based on incoming traffic does not work straightforwardly against Tor due to its multiplex and quantized
nature of traffic. By contrast, our novel attack can degrade this Tor's anonymity by a metric based on
both incoming and outgoing packets. In addition, our method keeps the fingerprinting attack's advantage
of being realistic in terms of the required small resource. Regarding more evaluation, the effectiveness of
our method is discussed in a comprehensive manner: experimentally and theoretically. In order to enhance
further studies and show the significance of our idea, we also discuss methods for defending against our attack
and other applications of our idea.
国際会議
-
Kanta Matsuura.
Economics of provable security and probable security,
4th International Workshop on Mathematical Cryptology,
2009
-
Hitoshi Tanuma,
Akira Otsuka,
Hideki Imai,
Kanta Matsuura.
A Consideration to the Attacker's Prospect on Security Patch Management,
Sixth Annual Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective,
2009
国内誌
-
渡邉悠,
松浦幹太.
ホワイトリストコーディングによるSQLインジェクション攻撃耐性保証方法と実装,
情報処理学会論文誌,
Vol.50,
No.9,
pp.2048-2061,
2009
-
田沼均,大塚玲,松浦幹太,今井秀樹.
Gordon-Loeb-Lucyshynモデルを拡張した情報セキュリティ情報共有のインセンティブ分析,
日本セキュリティ・マネジメント学会誌,
Vol.23,
No.2,
pp.3-16,
2009
-
田沼均,大塚玲,松浦幹太,今井秀樹.
情報セキュリティ事故における説明責任とインセンティブについての考察,
日本セキュリティ・マネジメント学会誌,
Vol.23,
No.3,
pp.3-16,
2009
国内研究会
-
細井琢朗, 松浦幹太.
公開ネットワークログデータセットの調査とワーム検知数の変遷調査,
情報処理学会コンピュータセキュリティ研究会(情報処理学会研究報告),
Vol.2009,
No.20,
pp.181-186,
2009
-
Kanta Matsuura.
海外のトラスト研究の動向,
トラストに関する研究集会,
2009
-
Peng Yang,
Rui Zhang,
Kanta Matsuura,
Hideki Imai.
Stateful Key Encapsulation Mechanism,
情報処理学会コンピュータセキュリティ研究会,
Vol.2009-CSEC-046,
No.43,
pp.e-proceeding,
2009
国内会議
-
松浦幹太.
情報セキュリティの生産性空間分析,
2009年暗号と情報セキュリティシンポジウム(SCIS2009)予稿集,
CD-ROM,
2009
-
石黒正揮,村瀬一郎,松浦幹太,田中秀幸.
情報セキュリティ対策による企業価値向上に関する影響分析,
2009年暗号と情報セキュリティシンポジウム(SCIS2009)予稿集,
CD-ROM,
2009
-
Jacob C.
N.
Schuldt,
Kanta Matsuura.
On Identity-based Proxy Signatures and Hierarchical Signature Aggregation,
2009年暗号と情報セキュリティシンポジウム(SCIS2009)予稿集,
CD-ROM,
2009
-
田沼均,大塚玲,松浦幹太,今井秀樹.
情報セキュリティ事故における説明責任とインセンティブについての考察,
2009年暗号と情報セキュリティシンポジウム(SCIS2009)予稿集,
CD-ROM,
2009
-
松田隆宏,
花岡悟一郎,
松浦幹太,
今井秀樹.
効率の良いEncapsulation方式とIBE-to-PKE変換への応用,
2009年暗号と情報セキュリティシンポジウム(SCIS2009)予稿集,
CD-ROM,
2009
-
渡邉悠,
松浦幹太.
ホワイトリストコーディングによるSQLインジェクション攻撃耐性保証方法と実装,
2009年暗号と情報セキュリティシンポジウム(SCIS2009)予稿集,
CD-ROM,
2009
-
中井泰雅,
松田隆宏,
北田亘,
松浦幹太.
時間前開封機能付き時限式暗号の一般的構成法,
2009年暗号と情報セキュリティシンポジウム(SCIS2009)予稿集,
CD-ROM,
2009
-
Peng Yang,
Rui Zhang,
Kanta Matsuura,
Hideki Imai.
Generic Construction of Stateful Identity Based Encryption,
2009年暗号と情報セキュリティシンポジウム(SCIS2009)予稿集,
CD-ROM,
2009
-
松浦幹太.
情報セキュリティに関わるインセンティブ分析への期待,
情報処理学会第71回全国大会,
2009
-
松田隆宏,
シュルツ ヤコブ,
松浦幹太.
多人数環境を考慮したSigncryptionの簡潔な一般的構成法,
情報処理学会コンピュータセキュリティシンポジウム2009(CSS2009)論文集,
pp.283-288,
2009
-
Peng Yang,
Takashi Kitagawa,
Goichiro Hanaoka,
Rui Zhang,
Hajime Watanabe,
Kanta Matsuura,
Hideki Imai.
A new approach to evaluate Fujisaki-Okamoto conversions in identity based encryption,
Proceeding of the 32th Symposium on Information Theory and Its Application (SITA'09),
pp.e-proceeding,
2009
-
施屹,
松浦幹太.
匿名通信システムTorに対する指紋攻撃,
情報処理学会コンピュータセキュリティシンポジウム2009(CSS2009),
2009
その他
-
Kanta Matsuura.
The Broader View,
and Interactions,
The Eighth Workshop on the Economics of Information Security (WEIS 2009),
2009
Year 2008
国際誌(LNCSを含む)
-
Jacob C.
N.
Schuldt,
Kanta Matsuura,
Kenneth G.
Paterson.
Proxy Signatures Secure Against Proxy Key Exposure,
Lecture Notes in Computer Science (11th International Workshop on Practice and Theory in Public Key Cryptography : PKC'08),
Vol.4939,
pp.141-161,
2008
[detail]
abstract
We provide an enhanced security model for proxy signatures
that captures a more realistic set of attacks than previous models of Boldyreva et al. and of Malkin et al.
Our model is motivated by concrete attacks on existing schemes in scenarios
in which proxy signatures are likely to be used.
We provide a generic construction for proxy signatures secure in our enhanced model
using sequential aggregate signatures;
our construction provides a benchmark by which future specific constructions may be judged.
Finally, we consider the extension of our model and constructions to the identity-based setting.
-
Takahiro Matsuda,
Nuttapong Attrapadung,
Goichiro Hanaoka,
Kanta Matsuura,
Hideki Imai.
A Strongly Unforgeable Signature under the CDH Assumption without Collision Resistant Hash Functions,
IEICE Transactions on Information and Systems,
Vol.E91-D,
No.5,
pp.1466-1476,
2008
[detail]
abstract
Unforgeability of digital signatures is closely related to
the security of hash functions since hashing messages,
such as hash-and-sign paradigm, is necessary
in order to sign (arbitrarily) long messages.
Recent successful collision finding attacks against practical hash functions
would indicate that constructing practical collision resistant hash functions
is difficult to achieve.
Thus, it is worth considering to relax the requirement of collision resistance for
hash functions that is used to hash messages in signature schemes.
Currently, the most efficient strongly unforgeable signature scheme
in the standard model which is based on the CDH assumption (in bilinear groups)
is the Boneh-Shen-Waters (BSW) signature proposed in 2006.
In their scheme, however, a collision resistant hash function
is necessary to prove its security.
In this paper, we construct a signature scheme
which has the same properties as the BSW scheme
but does not rely on collision resistant hash functions.
Instead, we use a target collision resistant hash function,
which is a strictly weaker primitive than a collision resistant hash function.
Our scheme is, in terms of the signature size and the computational cost,
as efficient as the BSW scheme.
-
Yang Cui,
Kazukuni Kobara,
Kanta Matsuura,
Hideki Imai.
Lightweight Privacy-Preserving Authentication Protocols Secure against Active Attack in an Asymmetric Way,
IEICE Transactions on Information and Systems,
Vol.E91-D,
No.5,
pp.1457-1465,
2008
-
Takahiro Matsuda,
Goichiro Hanaoka,
Kanta Matsuura,
Hideki Imai.
Simple CCA-Secure Public Key Encryption from Any Non-Malleable Identity-Based Encryption,
Lecture Notes in Computer Science (The 11th International Conference on Information Security and Cryptology: ICISC2008),
Vol.5461,
pp.1-19,
2008
[detail]
abstract
In this paper, we present a simple and generic method for constructing
public key encryption (PKE) secure against chosen ciphertext attacks (CCA)
from identity-based encryption (IBE).
Specifically, we show that a CCA-secure PKE scheme can be generically obtained by encrypting (m||r)
under identity ``f(r)'' with the encryption algorithm of the given IBE scheme,
assuming that the IBE scheme is non-malleable and f is one-way.
In contrast to the previous generic methods (such as Canetti-Halevi-Katz),
our method requires stronger security for the underlying IBE schemes, non-malleability,
and thus cannot be seen as a direct improvement of the previous methods.
However, once we have an IBE scheme which is proved (or can be assumed) to be
non-malleable, we will have a PKE scheme via our simple method,
and we believe that the simpleness of our proposed transformation itself
is theoretically interesting.
Our proof technique for security of the proposed scheme is also novel.
In the security proof, we show how to deal with certain types of decryption queries
which cannot be handled by straightforwardly using conventional techniques.
国際会議
-
Kanta Matsuura.
Productivity Space of Information Security in an
Extension of the Gordon-Loeb's Investment Model
,
Workshop on the Economics of Information Security 2008 (WEIS2008),
2008
-
Vadim Jefte Zendejas Samano,
Takuro Hosoi,
Kanta Matsuura.
Time Categorization in a Social-Network-Analysis Spam Filter,
Workshop on Information Security Applications (WISA2008),
CD-ROM,
2008
[detail]
abstract
In this article, the introduction of a new method of language-
independent e-mail classification using Social Network Analysis (SNA)
for spam filtering is proposed. Our approach uses a time categorization of
different instances of the e-mail to improve the classification of the filter.
The proposal reduced the complexity of the classification and increases
the accuracy of the filter. Although the naive SNA suffers from a high
unclassification rate, our proposal decreases the number of unclassified
e-mails.
-
Peng Yang,
Kanta Matsuura.
A Forward Secure Identity Based Encryption Scheme with Master Key Update,
Proceedings of 2008 International Symposium on Information Theory and its Applications (ISITA2008),
CD-ROM,
2008
[detail]
abstract
We propose an identity based encryption scheme with forward security.
Especially in our scheme, the top secret, called the master key, evolves through time.
Our scheme is provably secure in the sense of FS-IND-ID-CPA based on DBDH assumption in standard model.
keywords
Foward Security, identity based encryption, master key update.
-
Peng Yang,
Kanta Matsuura.
Stateful Public Key Encryption: How to Remove Gap Assumptions and Maintaining Tight Reductions,
Proceedings of 2008 International Symposium on Information Theory and its Applications (ISITA2008),
CD-ROM,
2008
[detail]
abstract
Stateful public key encryption schemes are introduced recently with much efficiency improvement
over traditional stateless schemes. However, previous proposals are either based on strong assumptions, or
admitting loose security reductions (a barrier for the proofs being practically-meaningful). In this paper, we
present a stateful public key encryption scheme with tight security reduction to the computational Diffie
Hellman assumption (cf. gap Diffie-Hellman), as well as a stateful identity based encryption scheme with
tighter security reduction to the computational bilinear Diffie-Hellman problem.
keywords
Stateful public key encryption, security reduction.
-
Kanta Matsuura.
Impacts of Optimal Investment Models on Cybersecurity Risk Management,
The Institute for Operations Research and the Management Sciences (INFORMS) Annual Meeting 2008,
2008
国内会議
-
Vadim Jefte Zendejas Samano,
Kanta Matsuura.
Social Network Analysis Spam Filtering using Time Categorization,
2008年暗号と情報セキュリティ・シンポジウム(SCIS2008)予稿集,
CD-ROM,
2008
-
北田亘, 松浦幹太.
ブラインド属性ベース暗号
,
2008年暗号と情報セキュリティ・シンポジウム(SCIS2008)予稿集,
CD-ROM,
2008
-
松田隆宏, 花岡悟一郎, 松浦幹太, 今井秀樹.
任意の頑強なIDベース暗号に基づくCCA安全な公開鍵暗号の効率的構成方法,
2008年暗号と情報セキュリティ・シンポジウム(SCIS2008)予稿集,
CD-ROM,
2008
-
細井琢朗, 松浦幹太.
IPトレースバック技術に於ける誤探知率の扱いについて,
2008年暗号と情報セキュリティ・シンポジウム(SCIS2008)予稿集,
CD-ROM,
2008
-
Peng Yang,
Goichiro Hanaoka,
Kanta Matsuura,
Hideki Imai.
Security Notions and Proof of A Bit-wise Sanitizable Signature Scheme from Any One-way Permutation,
2008年暗号と情報セキュリティ・シンポジウム(SCIS2008)予稿集,
CD-ROM,
2008
-
渡邉悠,
松浦幹太.
インジェクション系脆弱性を持つコードの記述が不可能なフレームワーク,
2008年暗号と情報セキュリティ・シンポジウム(SCIS2008)予稿集,
CD-ROM,
2008
-
岡田智明, 松浦幹太.
インターネット上の脅威の劣化速度推定による発生源の分類手法について,
2008年暗号と情報セキュリティ・シンポジウム(SCIS2008)予稿集,
CD-ROM,
2008
-
田沼均, 大塚玲, 松浦幹太, 今井秀樹.
Gordon-Loeb-Lucyshyのモデルを利用したセキュリティ情報共有インセンティブの考察,
2008年暗号と情報セキュリティ・シンポジウム(SCIS2008)予稿集,
CD-ROM,
2008
-
松浦幹太.
情報セキュリティ投資モデルと三者インセンティブ,
SPT Simposium(セキュリティ心理学とトラストに関するシンポジウム)講演資料,
pp.35-47,
2008
-
北田亘, 松浦幹太.
フォワードセキュア属性ベース暗号に関する一考察,
The 31st Symposium on Information Theory and its Applications (SITA2008),
CD-ROM,
2008
-
楊 鵬, 松浦幹太.
A Forward Secure Identity Based Encryption Scheme with Master Key Update,
The 31st Symposium on Information Theory and its Applications (SITA2008),
CD-ROM,
2008
[detail]
abstract
We propose an identity based encryption scheme with forward security. Especially in our scheme,
the top secret, called the master key, evolves through time. Our scheme is provably secure in the sense of
FS-IND-ID-CPA based on DBDH assumption in standard model.
keywords
Foward Security, identity based encryption, master key update.
-
渡邉悠,
松浦幹太.
SQLインジェクション攻撃を防止するためのプログラミング方法とデータベース拡張,
Computer Security Symposium2008 (CSS2008),
2008
その他
-
Peng Yang,
Kanta Matsuura.
A Forward Secure Identity Based Encryption Scheme with Master Key Update,
生産研究,
Vol.60,
No.5,
pp.115-117,
2008
-
松浦幹太.
パネルディスカッション「評価型ワークショップを用いたマルウェア対策研究」,
マルウェア対策研究人材育成ワークショップ 2008 (MWS 2008),
2008
Year 2007
国際誌(LNCSを含む)
-
Wataru Kitada,
Goichiro Hanaoka,
Kanta Matsuura,
Hideki Imai.
Unconditionally Secure Chaffing-and-Winnowing for Multiple Use,
Lecture Notes in Computer Science (International Conference on Information Theoretic Security: ICITS 2007),
Vol.4883,
pp.133-145,
2007
[detail]
abstract
Chaffing-and-winnowing is a cryptographic technique which does not require encryption but instead use a message authentication code (MAC) to provide the same function as encryption.
Hanaoka et al. showed that an unconditionally secure chaffing-and-winnowing with one-time security can be constructed from any authentication code (A-code) (with one-time security).
In this paper, we show a construction of unconditionally secure chaffing-and-winnowing for multiple use and prove the security of perfect secrecy and non-malleability.
Additionally, we investigate a relation between encryption and authentication in more detail.
Particularly, we show through chaffing-and-winnowing that a fully secure A-code with a specific property can be converted to a non-malleable one-time pad with a short ciphertext size.
Interestingly, when applying this method to a known A-code, this becomes a known construction of a non-malleable one-time pad.
This fact implies that the notions of authentication and encryption can be seamlessly connected by chaffing-and-winnowing mechanism.
-
Takahiro Matsuda,
Goichiro Hanaoka,
Kanta Matsuura,
Hideki Imai.
A Practical Provider Authentication System for Bidirectional Broadcast Service,
Lecture Notes in Computer Science (11th International Conference on Knowledge-Based and Intelligent Information & Engineering Systems:KES 2007),
Vol.4694,
pp.967-974,
2007
[detail]
abstract
Several content distribution services via the Internet have been developed,
and a number of bidirectional broadcasting services will be provided in the near future.
Since such bidirectional broadcasting treats personal information of the users,
provider authentication is necessary.
Taking the currently existing broadcasting system using CAS cards into account,
Ohtake et al. recently proposed the provider authentication system which utilizes
key-insulated signature (KIS) schemes.
However, the authors did not refer to details of what kind of KIS should be used.
In this paper we supplement their works in terms of KIS specification.
We carefully identify what kind of KIS should be used and propose concrete KIS schemes
which realize both the reliability and the robustness required for the bidirectional broadcasting service.
links
-
Kazuto Ogawa,
Goichiro Hanaoka,
Kazukuni Kobara,
Kanta Matsuura,
Hideki Imai.
Anonymous Pay-TV System with Secure Revenue Sharing,
Lecture Notes in Computer Science (11th International Conference on Knowledge-Based and Intelligent Information & Engineering Systems:KES 2007),
Vol.4694,
pp.984-991,
2007
-
Thi Lan Anh Phan,
Goichiro Hanaoka,
Kanta Matsuura,
Hideki Imai.
Key-Insulated Public Key Encryption with Auxiliary Helper Key: Model,
Construcrtions and Formal Security Proofs,
IEICE Transactions on Fundamentals of Electronics,
Communications and Computer Sciences,
Vol.E90-A,
No.9,
pp.1814-1829,
2007
-
Takahiro Matsuda,
Nuttapong Attrapadung,
Goichiro Hanaoka,
Kanta Matsuura,
Hideki Imai.
A CDH-Based Strongly Unforgeable Signature Without Collision Resistant Hash Function,
Lecture Notes in Computer Science (Provable Security-First International Conference: ProvSec 2007),
Vol.4784,
pp.68-84,
2007
[detail]
abstract
Unforgeability of digital signatures is closely related to the
security of hash functions since hashing messages, such as hash-and-sign
paradigm, is necessary in order to sign (arbitrarily) long messages. Recent
successful collision finding attacks against practical hash functions
would indicate that constructing practical collision resistant hash functions
is difficult to achieve. Thus, it is worth considering to relax the
requirement of collision resistance for hash functions that is used to hash
messages in signature schemes. Currently, the most efficient strongly unforgeable
signature scheme in the standard model which is based on the
CDH assumption (in bilinear groups) is the Boneh-Shen-Waters (BSW)
signature proposed in 2006. In their scheme, however, a collision resistant hash
function is necessary to prove its security. In this paper, we
construct a signature scheme which has the same properties as the BSW
scheme but does not rely on collision resistant hash functions. Instead,
we use a target collision resistant hash function, which is a strictly weaker
primitive than a collision resistant hash function. Our scheme is, in terms
of the signature size and the computational cost, as efficient as the BSW
scheme.
links
国際会議
-
Yang Cui,
Kazukuni Kobara,
Kanta Matsuura,
Hideki Imai.
Lightweight Asymmetric Privacy-Preserving Authentication Protocols Secure against Active Attack,
Fourth IEEE International Workshop on Pervasive Computing and Communication Security (PerCom 2007),
2007
-
Kanta Matsuura.
Attack-Discouragement and Its Economic Implications,
DST-JST Joint Workshop for Awareness of Funding Opportunities under Bilateral Cooperation in Field of ICT,
pp.29,
2007
-
Takuro Hosoi,
Kanta Matsuura,
Hideki Imai.
IP Trace Back by Packet Marking Method with Bloom Filters,
Proceedings of the 2007 IEEE International Carnahan Conference on Security Technology (2007 ICCST) 41st Annual Conference,
pp.255-263,
2007
国内誌
-
Wei Liu,
Hideyuki Tanaka,
Kanta Matsuura.
Empirical-Analysis Methodology for Information-
Security Investment and Its Application to
Reliable Survey of Japanese Firms,
情報処理学会論文誌,
Vol.48,
No.9,
pp.3204-3218,
2007
国内研究会
-
Vadim Jefte Zendejas Samano,
Kanta Matsuura.
Using time to classify spam,
第39回情報処理学会コンピュータセキュリティ研究会(情報処理学会研究報告),
Vol.2007,
No.126,
pp.19-24,
2007
国内会議
-
大畑真生,
松浦幹太.
BB84量子鍵配送プロトコルの為の任意LDPC符号を用いたCSS符号構成法,
2007年暗号と情報セキュリティシンポジウム(SCIS2007)予稿集,
2007
-
Makoto Sugita,
Mitsuru Kawazoe,
Kanta Matsuura,
Hideki Imai.
Grobner Basis Based Cryptanalysis of SHA-1,
Proceedings of The 2007 Symposium on Cryptography and Information Security (SCIS2007),
2007
-
Marc P.C.
Fossorier,
Miodrag J.
Mihaljevic,
今井秀樹,
崔洋,
松浦幹太.
LPN問題を解決する新たなアルゴリズムとHBプロトコルの安全性評価への応用,
A Novel Algorithm for Solving the LPN Problem and its Application to Security Evaluation of HB Protocol for RFID Authentication,
Proceedings of The 2007 Symposium on Cryptography and Information Security (SCIS2007),
2007
-
細井琢朗,
松浦幹太.
ランダムグラフを用いたIPトレースバックの誤探知率の評価について,
2007年暗号と情報セキュリティシンポジウム(SCIS2007)予稿集,
2007
-
Thi Lan Anh Phan,
Goichiro Hanaoka,
Kanta Matsuura,
Hideki Imai.
Formal Security Proofs of Key-Insulated Public Key Encryption with Auxiliary Helper Key,
Proceedings of The 2007 Symposium on Cryptography and Information Security (SCIS2007),
2007
-
Nuttapong Attrapadung,
Jun Furukawa,
Hideki Imai,
Kanta Matsuura.
Forward-Secure Broadcast Encryption with Short Ciphertexts and Private Keys,
Proceedings of The 2007 Symposium on Cryptography and Information Security (SCIS2007),
2007
-
松崎孝大,
張鋭,
花岡悟一郎,
松浦幹太,
今井秀樹.
IDベース暗号に基づくClient PuzzleおよびDoS攻撃対策への応用,
2007年暗号と情報セキュリティシンポジウム(SCIS2007)予稿集,
2007
-
Kazuto Ogawa,
Goichiro Hanaoka,
Kazukuni Kobara,
Kanta Matsuura,
Hideki Imai.
Secure Revenue Sharing Scheme for Anonymous Pay-TV System Part.2,
Proceedings of The 2007 Symposium on Cryptography and Information Security (SCIS2007),
2007
-
松田隆宏,
アッタラパドゥン ナッタポン,
花岡悟一郎,
松浦幹太,
今井秀樹.
スタンダードモデルでのCDH仮定に基づく衝突困難ハッシュ関数を用いない強偽造不可能性を持つ署名方式,
2007年暗号と情報セキュリティシンポジウム(SCIS2007)予稿集,
2007
-
北田亘、Nuttapong Attrapadung、花岡悟一郎、松浦幹太、今井秀樹.
IBE-PKE変換の広がりの限界への更なる考察,
2007年暗号と情報セキュリティシンポジウム(SCIS2007)予稿集,
2007
-
Takashi Kitagawa,
Peng Yang,
Goichiro Hanaoka,
Rui Zhang,
Hajime Watanabe,
Kanta Matsuura,
Hideki Imai.
Means of Security Enhancement and Their Evaluation for Identity Based Encryption,
Proceedings of The 2007 Symposium on Cryptography and Information Security (SCIS2007) 予稿集,
2007
-
小川一人, 花岡悟一郎, 古原和邦, 松浦幹太, 今井秀樹.
プロバイダへの公正な利益分配が可能な匿名課金放送システム その2,
2007年暗号と情報セキュリティシンポジウム(SCIS2007)予稿集,
2007
-
Zhen Li,
Leping Huang,
Kanta Matsuura.
An Analysis of The Security in Collaborative Honeypot for Anti-spam Filtering,
Proceedings of The 2007 Symposium on Cryptography and Information Security (SCIS2007),
2007
-
渡邉悠,
松浦幹太.
SQLの条件節が動的に構成されることを考慮したデータベース接続APIの設計,
コンピュータセキュリティシンポジウム(CSS2007),
pp.571-576,
2007
-
北田亘, 松浦幹太.
柔軟な識別子評価可能な暗号化方式,
第30回情報理論とその応用シンポジウム(SITA2007),
2007
[detail]
abstract
In identity based encryption (IBE), each entity has one identity to specify one entity.
In IBE, a sender picks an identity of one entity which he wants to send to and a receiver has one entity which specifies himself.
IBE works if the two identities are evaluated to be equal.
In this paper, we show an encryption scheme that allows not only equal relation but more general relations.
In particular, our scheme allows any bitwise operations which can be expressed in combinational circuit when we evaluate labels, generalized notions of identities.
-
松浦幹太.
情報セキュリティのための最も効果的な投資方法の追求,
社会技術シンポジウム:高度情報社会の脆弱性の解明と解決・「情報と社会」研究開発領域,
2007
Year 2006
国際誌(LNCSを含む)
-
Peng Yang,
Takashi Kitagawa,
Goichiro Hanaoka,
Rui Zhang,
Kanta Matsuura,
Hideki Imai.
Applying Fujisaki-Okamoto to Identity-Based Encryption,
Lecture Notes in Computer Science (Applied Algebra,
Algebraic Algorithms and Error-Correcting Codes: 16th International Symposium: AAECC-16),
Vol.3857,
pp.183-192,
2006
[detail]
abstract
The Fujisaki-Okamoto (FO) conversion is widely known to be able to generically convert a weak public key encryption scheme,
say one-way against chosen plaintext attacks (OW-CPA), to a strong one, namely, indistinguishable against adaptive chosen ciphertext attacks (IND-CCA).
It is not known that if the same holds for identity-based encryption (IBE) schemes,
though many IBE and variant schemes are in fact specifically using the FO conversion.
In this paper, we investigate this issue and confirm that the FO conversion is generically effective also in the IBE case.
However, straightforward application of the FO conversion only leads to an IBE scheme with a loose (but polynomial) reduction.
We then propose a simple modification to the FO conversion, which results in considerably more efficient security reduction.
keywords
Fujisaki-Okamoto, identity based encryption, security enhancement.
-
Nuttapong Attrapadung,
Yang Cui,
David Galindo,
Goichiro Hanaoka,
Ichiro Hasuo,
Hideki Imai,
Kanta Matsuura,
Peng Yang,
Rui Zhang.
Relations among Notions of Security for Identity Based Encryption Schemes,
Lecture Notes in Computer Science (LATIN 2006: Theoretical Informatics: 7th Latin American Symposium),
Vol.3887,
pp.130-141,
2006
[detail]
abstract
This paper shows that the standard security notion for iden-
tity based encryption schemes (IBE), that is IND-ID-CCA2, captures the
essence of security for all IBE schemes. To achieve this intention, we first
describe formal definitions of the notions of security for IBE, and then
present the relations among OW, IND, SS and NM in IBE, along with
rigorous proofs. With the aim of comprehensiveness, notions of security
for IBE in the context of encryption of multiple messages and/or to mul-
tiple receivers are finally presented. All of these results are proposed with
the consideration of the particular attack in IBE, namely the adaptive
chosen identity attack.
keywords
Identity based encryption, security notions.
-
Leping Huang,
Hiroshi Yamane,
Kanta Matsuura,
Kaoru Sezaki.
Silent Cascade: Enhancing Location Privacy without Communication QoS Degradation,
Lecture Notes in Computer Science (Security in Pervasive Computing: Third International Conference: SPC 2006),
Vol.3934,
pp.165-180,
2006
-
Takashi Kitagawa,
Peng Yang,
Goichro Hanaoka,
Rui Zhang,
Hajime Watanabe,
Kanta Matsuura,
Hideki Imai.
Generic Transforms to Acquire CCA-Security for Identity Based Encryptions: The Cases of FOpkc and REACT,
Lecture Notes in Computer Science (11th Australasian Conference on Information Security and Provacy: ACISP 2006),
Vol.4058,
pp.348-359,
2006
[detail]
abstract
Fujisaki-Okamoto (FOpkc) conversion [13] and REACT[17] are widely known to be able to generically convert a weak public key encryption scheme to a strong encryption scheme.
In this paper, we discuss applications of FOpkc conversion and REACT to Identity Based Encryptions (IBE).
It has not been formally verified yet that whether these conversions are generic in the IBE setting.
Our results show that both conversions are effective in the IBE case:
plain REACT already achieves a good security reduction while the plain FOpkc conversion results in bad running time of the simulator.
We further propose a simple modification to the plain FOpkc that solves this problem.
Finally, we choose some concrete parameters to explain (visually) the effect of how the modified FOpkc substantially improves reduction cost regarding the plain conversion.
keywords
Fujisaki-Okamoto, identity based encryption, security enhancement.
-
Thi Lan Anh Phan,
Yumiko Hanaoka,
Goichiro Hanaoka,
Kanta Matsuura,
Hideki Imai.
Reducing the Spread of Damage of Key Exposure in Key Insulated Encryption,
Lecture Notes in Computer Science (First International Conference on Cryptology in Vietnam: VietCrypt 2006),
Vol.4341,
pp.366-384,
2006
-
Marc P.C.
Fossorier,
Miodrag J.
Mihaljevic,
Hideki Imai,
Yang Cui,
Kanta Matsuura.
An Algorithm for Solving the LPN Problem and Its Application to Security Evaluation of the HB Protocol for RFID Authentication,
Lecture Notes in Computer Science (7th International Conference on Cryptology in India: Indocrypt'06),
Vol.4329,
pp.48-62,
2006
国際会議
-
Wei Liu,
Hideyuki Tanaka,
Kanta Matsuura.
An Empirical Analysis of Security Investment in Countermeasures Based on an Enterprise Survey in Japan,
Workshop on the Economics of Information Security 2006 (WEIS2006),
2006
-
Masaki Ishiguro,
Hideyuki Tanaka,
Kanta Matsuura,
Ichiro Murase.
The Effect of Information Security Incidents on Corporate Values in the Japanese Stock Market,
The Workshop on the Economics of Securing the Information Infrastructure,
2006
-
Peng Yang,
Takashi Kitagawa,
Goichiro Hanaoka,
Rui Zhang,
Hajime Watanabe,
Kanta Matsuura,
Hideki Imai.
A Simple Approach to Evaluate Fujisaki-Okamoto Conversion in Identity Based Encryption,
Proceedings of the 2006 International Symposium on Information Theory and Its Applications (ISITA'06),
pp.507-512,
2006
[detail]
abstract
The Fujisaki-Okamoto (FO) conversion is a very powerful security enhancement method in public key encryption (PKE) schemes.
The generality of the plain FO in identity based encryption (IBE) schemes was verified, and a slightly different version, the modified FO, was proposed.
Both of the plain FO and the modified FO could achieve the goal of
converting a weak IBE scheme, i.e., one-way against adaptive chosen identity and chosen plaintext attacks ({\sf OW-ID-CPA}),
to the strongest one, namely, indistinguishability against adaptive chosen identity and adaptive chosen ciphertext attacks (\textsf{IND-ID-CCA}).
This work aims to evaluate the plain FO and the modified FO by substituting proper concrete values.
By mainly focusing on the time costs of security reductions, we show the modified FO is better than the plain one.
keywords
Fujisaki-Okamoto, identity based encryption, security enhancement.
-
Kanta Matsuura.
Security Securities: How to Measure the Market View on Information-Security Risks,
6th Japan-America Frontiers of Engineering Symposium,
2006
国内誌
-
Peng Yang,
Goichiro Hanaoka,
Yang Cui,
Rui Zhang,
Nuttapong Attrapadung,
Kanta Matsuura,
Hideki Imai.
Relations among Notions of Security for Identity Based Encryption Schemes,
情報処理学会論文誌,
Vol.47,
No.8,
pp.2417-2429,
2006
[detail]
abstract
Identity based encryption (IBE) schemes have been flourishing since the very
beginning of this century. In IBE it is widely believed that proving the security
of a scheme in the sense of IND-ID-CCA2 is sufficient to claim the scheme is also
secure in the senses of both SS-ID-CCA2 and NM-ID-CCA2. The justification for
this belief is the relations among indistinguishability (IND), semantic security
(SS) and non-malleability (NM). But these relations are proved only for conventional
public key encryption (PKE) schemes in previous works. The fact is
that between IBE and PKE, there exists a difference of special importance, i.e.
only in IBE the adversaries can perform a particular attack, namely the chosen
identity attack.
This paper shows that security proved in the sense of IND-ID-CCA2 is validly
sufficient for implying security in any other sense in IBE. This is to say the security
notion, IND-ID-CCA2, captures the essence of security for all IBE schemes.
To achieve this intention, we first describe formal definitions of the notions of
security for IBE, and then present the relations among IND, SS and NM in
IBE, along with rigorous proofs. All of these results are proposed with the
consideration of the chosen identity attack.
keywords
Identity based encryption, security notions.
-
大福泰樹,
松浦幹太.
ベイジアンフィルタと社会ネットワーク手法を統合した迷惑メールフィルタリングとその最適統合法,
情報処理学会論文誌,
Vol.47,
No.8,
pp.2548-2555,
2006
-
松浦幹太.
暗号化技術の変遷,
電気学会誌,
Vol.126,
No.10,
pp.678-681,
2006
国内研究会
-
山口高康,
青野博,
本郷節之,
松浦幹太.
分類された情報セキュリティ対策に依存する脅威発生率を導入したリスクアセスメントモデル,
情報処理学会コンピュータセキュリティ研究会(情報処理学会研究報告),
Vol.2006,
No.43,
pp.7-12,
2006
-
李陳,
黄楽平,
松浦幹太.
社会ネットワークを利用したスパムメール対策におけるデータ共有の手法とその効用について,
情報処理学会コンピュータセキュリティ研究会(情報処理学会研究報告),
Vol.2006,
No.129,
pp.69-72,
2006
国内会議
-
Kanta Matsuura.
University-Industry Collaboration in SCIS Compared to the IEEE Symposium on Security and Privacy,
Proceedings of the 2006 Symposium on Cryptography and Information Security (SCIS2006)(CD-ROM),
2006
-
大畑真生,
萩原学,
松浦幹太,
今井秀樹.
BB84量子鍵配送プロトコルの為の非正則LDPC符号と双対符号の符号後解析,
2006年暗号と情報セキュリティ・シンポジウム(SCIS2006)予稿集(CD-ROM),
2006
-
細井琢朗,
松浦幹太,
今井秀樹.
暗号要素技術を用いない決定論的パケットマーキング法による単一パケットIPトレースバックについて,
2006年暗号と情報セキュリティ・シンポジウム(SCIS2006)予稿集(CD-ROM),
2006
-
大福泰樹,
松浦幹太.
ベイジアンフィルタによる日本語を含むメールのフィルタリングについての考察,
2006年暗号と情報セキュリティ・シンポジウム(SCIS2006)予稿集(CD-ROM),
2006
-
山根弘,
黄楽平,
松浦幹太,
瀬崎薫.
Silent periodを用いたRFIDロケーションプライバシー保護手法の提案,
2006年暗号と情報セキュリティ・シンポジウム(SCIS2006)予稿集(CD-ROM),
2006
-
Xiaoyi Yu,
Kanta Matsuura.
Steganography with Hashing,
Proceedings of the 2006 Symposium on Cryptography and Information Security (SCIS2006)(CD-ROM),
2006
-
Wei Liu,
Hideyuki Tanaka,
Kanta Matsuura.
Information Security Incidents and Countermeasures: An Empirical Analysis Based on an Enterprise Survey in Japan,
Proceedings of the 2006 Symposium on Cryptography and Information Security (SCIS2006)(CD-ROM),
2006
-
北川隆,
楊鵬,
花岡悟一郎,
張鋭,
松浦幹太,
今井秀樹.
藤崎・岡本変換とREACTのIDベース暗号への適用,
2006年暗号と情報セキュリティ・シンポジウム(SCIS2006)予稿集(CD-ROM),
2006
-
Peng Yang,
Kanta Matsuura.
Towards Higher-level Root Private Key Generator Construction for Identity Based Encryption,
コンピュータセキュリティシンポジウム2006(CSS2006)論文集,
Vol.2006,
No.11,
pp.251-256,
2006
-
Yang Cui,
Kazukuni Kobara,
Kanta Matsuura,
Hideki Imai.
Asymmetric RFID System Secure against Active Attack,
Proceeding of the 29th Symposium on Information Theory and Its Application (SITA'06),
Vol.2,
pp.661-664,
2006
-
Nuttapong Attrapadung,
Jun Furukawa,
Hideki Imai,
Kanta Matsuura.
Searchable Public-Key Broadcast Encryption,
Proceeding of the 29th Symposium on Information Theory and Its Application (SITA'06),
Vol.1,
pp.307-310,
2006
-
北田亘,
花岡悟一郎,
Nuttapong Attrapadung,
張鋭,
松浦幹太,
今井秀樹.
BDDH仮定とSquare BDDH仮定の関係の考察,
第29回情報理論とその応用シンポジウム (SITA2006) 予稿集,
Vol.1,
pp.299-302,
2006
[detail]
abstract
At Eurocrypt'04, Canetti, Halevi, and Katz (CHK) proposed a generic transformation that converts any selectively secure identity-based encryption (IBE) scheme
to a chosen-ciphertext secure public-key encryption scheme (PKE) scheme.
At PKC'06, Kiltz showed the limitation of this transformation.
He showed that when applying the CHK conversion (together with some equivalent simplification) to two different IBE schemes both proposed by Boneh and Boyen,
the resulting schemes are nearly the same in their structures, not two completely different PKE as expected.
Nevertheless, the two PKE schemes are different in their underlying assumptions.
One is based on Bilinear Decision Diffie-Hellman (BDDH) assumption, while the other is based on Square Bilinear Decision Diffie-Hellman (sBDDH) assumption.
To emphasize the limitation in a stronger sense, it is desirable to show the similarity of not only their structures, but also their underlying assumptions.
We argues that the BDDH and the sBDDH assumptions are related in essential way by showing the equivalence of their computational versions.
-
大畑真生,
松浦幹太.
BB84量子鍵配送プロトコルの為のLDPC符号を用いたCSS符号構成法,
第29回情報理論とその応用シンポジウム (SITA2006) 予稿集,
Vol.2,
pp.675-678,
2006
-
Peng Yang,
Takashi Kitagawa,
Goichiro Hanaoka,
Rui Zhang,
Hajime Watanabe,
Kanta Matsuura,
Hideki Imai.
Security Tightness Evaluation of Fujisaki-Okamoto Conversion in Identity Based Encryption,
Proceeding of the 29th Symposium on Information Theory and Its Application (SITA'06),
Vol.2,
pp.469-472,
2006
-
Thi Lan Anh Phan,
Goichiro Hanaoka,
Kanta Matsuura,
Hideki Imai.
A New Key-Insulated Public Key Encryption Scheme with Auxiliary Helper Key,
Proceeding of the 29th Symposium on Information Theory and Its Application (SITA'06),
Vol.2,
pp.477-480,
2006
その他
-
松浦幹太.
内容を隠すだけではない暗号技術と安全性評価,
@police・第17回セキュリティ解説,
2006
Year 2005
国際誌(LNCSを含む)
-
Hideyuki Tanaka,
Kanta Matsuura,
Osamu Sudo.
Vulnerability and information security investment: An empirical analysis of e-local government in Japan,
The Journal of Accounting and Public Policy,
Vol.24,
No.Issue.
1,
pp.37-59,
2005
-
Leping Huang,
Hiroshi Yamane,
Kanta Matsuura,
Kaoru Sezaki.
Towards Modeling Wireless Location Privacy,
Lecture Notes in Computer Science (5th International Workshop on Privacy Enhancing Technologies: PET 2005),
Vol.3856,
pp.59-77,
2005
-
Takayuki Furuya,
Takahiro Matsuzaki,
Kanta Matsuura.
Detection of Unknown DoS Attacks by Kolmogorov-Complexity Fluctuation,
Lecture Notes in Computer Science (Information Security and Cryptology: First SKLOIS Conference: CISC 2005),
Vol.3822,
pp.395-406,
2005
国際会議
-
Leping Huang,
Kanta Matsuura,
Hiroshi Yamane,
Kaoru Sezaki.
Enhancing Wireless Location Privacy Using Silent Periods,
Proceedings of IEEE Wireless Communications and Networking Conference 2005,
Vol.2,
pp.1187-1192,
2005
-
Kanta Matsuura.
Cross-Sector Collaboration in Japanese Information-Security Industry,
and the Shock of Personal Information Protection Laws,
Proceedings of the 11th International Conference on Industrial Engineering and Engineering Management,
pp.1178-1181,
2005
-
Hideyuki Tanaka,
Kanta Matsuura.
Vulnerability and Effects of Information Security Investment: A Firm Level Empirical Analysis of Japan,
International Forum of Financial Information Systems and Cybersecurity: A Public Policy Perspective,
2005
-
Leping Huang,
Hiroshi Yamane,
Kanta Matsuura,
Kaoru Sezaki.
Protecting Location Privacy for Wireless Network,
ARO workshop on Localization in Wireless Sensor Networks,
2005
-
Kanta Matsuura.
University-Industry Collaboration in the Information Security Field: An International Comparison,
Proceedings of the 2005 IEEE International Engineering Management Conference (IEMC 2005),
Vol.1,
pp.95-98,
2005
-
Atsuhiro Yamagishi,
Kanta Matsuura,
Hideki Imai.
Cryptographic Module Validation Program in Japan,
Proceedings of the 2005 IEEE International Engineering Management Conference (IEMC 2005),
Vol.2,
pp.485-489,
2005
-
Krishna Sampigethaya,
Leping Huang,
Mingyan Li,
Radha Poovendran,
Kanta Matsuura,
Kaoru Sezaki.
CARAVAN: Providing Location Privacy for VANET,
Embedded Security in Cars 2005 (ESCAR 2005),
2005
国内誌
-
岡本栄司,
松浦幹太,
冨高政治,
猪俣敦夫.
暗号における脆弱性について,
情報処理,
Vol.46,
No.6,
pp.625-629,
2005
-
田中秀幸,
松浦幹太.
情報ネットワーク・システムの脆弱性とセキュリティ投資に関する実証分析,
社会・経済システム(社会・経済システム学会誌),
No.26,
pp.97-101,
2005
国内研究会
-
松崎孝大,
松浦幹太.
署名鍵漏洩対策におけるMACを付与した電子署名の実装方式,
情報処理学会コンピュータセキュリティ研究会(情報処理学会研究報告),
Vol.2005,
No.33,
pp.369-373,
2005
-
山根弘,
黄楽平,
松浦幹太,
瀬崎薫.
QoSを考慮した位置情報プライバシー保護手法の検討,
電子情報通信学会情報セキュリティ研究会 (電子情報通信学会技術研究報告),
Vol.105,
No.194,
pp.203-210,
2005
-
Peng Yang,
Goichiro Hanaoka,
Yang Cui,
Rui Zhang,
Nuttapong Attrapadung,
Kanta Matsuura,
Hideki Imai.
Relations among Notions of Security for Identity Based Encryption Schemes,
電子情報通信学会情報セキュリティ研究会 (電子情報通信学会技術研究報告),
Vol.105,
No.194,
pp.25-32,
2005
国内会議
-
大福泰樹,
松浦幹太.
ベイジアンフィルタを用いた迷惑メールフィルタリングの最適化,
2005年暗号と情報セキュリティ・シンポジウム(SCIS2005)予稿集,
Vol.1,
pp.199-204,
2005
-
黄楽平,
松浦幹太,
山根弘,
瀬崎薫.
無線環境における位置情報プライバシーのモデルに関する提案,
2005年暗号と情報セキュリティ・シンポジウム(SCIS2005)予稿集,
Vol.1,
pp.265-270,
2005
-
黄興華,
松浦幹太.
リアルタイムビデオセキュリティ,
2005年暗号と情報セキュリティ・シンポジウム(SCIS2005)予稿集,
Vol.Ⅲ,
pp.991-996,
2005
-
Jose Luis Lacson,
Kanta Matsuura.
Maximizing Election Security through the Efficient Use of Technology,
2005年暗号と情報セキュリティ・シンポジウム(SCIS2005)予稿集,
Vol.Ⅲ,
pp.1171-1174,
2005
-
古谷隆行,
松浦幹太.
動的サンプリングと情報理論的複雑度変動を利用したサービス妨害攻撃検知システムの最適化,
2005年暗号と情報セキュリティ・シンポジウム(SCIS2005)予稿集,
Vol.Ⅲ,
pp.1363-1368,
2005
-
田村研輔,
松浦幹太,
今井秀樹.
定点観測システム収集データを利用したインターネット空間補間手法の提案と早期異常検知への適用,
2005年暗号と情報セキュリティ・シンポジウム(SCIS2005)予稿集,
Vol.Ⅲ,
pp.1381-1386,
2005
-
細井琢朗,
松浦幹太,
今井秀樹.
Bloomフィルタを用いたパケットマーキング法によるIPトレースバックの擬陽性確率について,
2005年暗号と情報セキュリティ・シンポジウム(SCIS2005)予稿集,
Vol.Ⅲ,
pp.1555-1560,
2005
-
山根弘,
黄楽平,
松浦幹太,
瀬崎薫.
Quantitative evaluation of privacy protection using silent period,
電子情報通信学会総合大会,
2005
-
細井琢朗,
松浦幹太,
今井秀樹.
Bloomフィルタを用いたパケットマーキング法によるIPトレースバックでの複数パケット利用追跡について,
コンピュータセキュリティシンポジウム(CSS)2005論文集,
情報処理学会シンポジウムシリーズ,
Vol.2005-I,
No.13,
pp.91-96,
2005
-
黄楽平,
山根弘,
松浦幹太,
瀬崎薫.
WLANのトラフィック特性を考慮した位置情報プライバシー保護モデル,
コンピュータセキュリティシンポジウム(CSS)2005論文集,
情報処理学会 シンポジウムシリーズ,
Vol.2005-I,
No.13,
pp.181-186,
2005
-
大福泰樹,
松浦幹太.
ベイジアンフィルタと社会ネットワーク手法を統合した迷惑メールフィルタリング,
コンピュータセキュリティシンポジウム(CSS)2005論文集,
情報処理学会シンポジウムシリーズ,
Vol.2005-I,
No.13,
pp.325-330,
2005
-
山岸篤弘,
松浦幹太,
今井秀樹.
暗号モジュールへの脅威の定式化に関する一考察,
コンピュータセキュリティシンポジウム(CSS)2005論文集,
情報処理学会シンポジウムシリーズ,
Vol.2005-II,
No.13,
pp.579-584,
2005
-
Peng Yang,
Takashi Kitagawa,
Goichiro Hanaoka,
Rui Zhang,
Kanta Matsuura,
Hideki Imai.
Towards Security Enhancement with Efficient Reduction for Identity Based Encryption,
Proceedings of the 28th Symposium on Information Theory and Its Applications (SITA2005),
Vol.1,
pp.163-166,
2005
-
大畑真生,
萩原学,
松浦幹太,
今井秀樹.
BB84量子鍵配送プロトコルの為の双対符号を含むLDPC符号構成法,
Proceedings of the 28th Symposium on Information Theory and Its Applications (SITA2005),
Vol.1,
pp.411-414,
2005
その他
-
Kanta Matsuura.
Activity of Imai and Matsuura Laboratories,
and Inter-Sector Collaboration There,
University of Tokyo/Royal Holloway Information Security Workshop,
2005
-
田村裕子,
宇根正志,
岩下直行,
松本 勉,
松浦幹太,
佐々木良一.
デジタル署名の長期利用について,
金融研究,
Vol.24,
pp.121-176,
2005
-
松浦幹太.
認証技術の利用に伴うセキュリティ問題,
2005年度第1回Webサービスイニシアティブ・ワークショップ,
2005
|