Your search keyword '"Takaaki Mizuki"' showing total 41 results

1. Coin-based Secure Computations

Author

Yuichi Komano and Takaaki Mizuki

Subjects

Computer Networks and Communications, Safety, Risk, Reliability and Quality, Software, Information Systems

Abstract

In the history of cryptography, many cryptographic protocols have relied on random coin tosses to prove their security. Although flipping coins is indispensable in this manner, the coins themselves have never been in the spotlight. Therefore, we would like to make physical coins rise to the level of cryptography, just as a deck of physical playing cards has been used to perform a secure multi-party computation. Such a card-based protocol is known to be helpful both to perform a secure computation without any black-box computers and to understand the principles of secure protocols. In this paper, we propose a new framework of secure multi-party computation using physical coins, named a coin-based protocol. One advantage of the use of coins is that they are more ubiquitous than cards. Whereas a face-down card can conceal the information about its face side, one side of a coin reveals the information of its other side. Hence, more careful design is required for a secure coin-based protocol than for a card-based one. We formalize a computational model of the coin-based protocol and explicitly give protocols for NOT, AND, COPY, OR, and XOR computations. We also discuss the composability of the extended protocols and how to implement them in practice.

Published

2022

2. Actively revealing card attack on card-based protocols

Author

Takaaki Mizuki, Daiki Miyahara, Ken Takashima, and Hideaki Sone

Subjects

Shuffling, Computer science, business.industry, Cheating, media_common.quotation_subject, Cryptography, 0102 computer and information sciences, 02 engineering and technology, Adversary, Computer security, computer.software_genre, 01 natural sciences, Computer Science Applications, 010201 computation theory & mathematics, Covert, 0202 electrical engineering, electronic engineering, information engineering, Secure multi-party computation, 020201 artificial intelligence & image processing, Function (engineering), business, computer, Protocol (object-oriented programming), media_common

Abstract

In 1989, den Boer presented the first card-based protocol, called the “five-card trick,” that securely computes the AND function using a deck of physical cards via a series of actions such as shuffling and turning over cards. This protocol enables a couple to confirm their mutual love without revealing their individual feelings. During such a secure computation protocol, it is important to keep any information about the inputs secret. Almost all existing card-based protocols are secure under the assumption that all players participating in a protocol are semi-honest or covert, i.e., they do not deviate from the protocol if there is a chance that they will be caught when cheating. In this paper, we consider a more malicious attack in which a player as an active adversary can reveal cards illegally without any hesitation. Against such an actively revealing card attack, we define the t-secureness, meaning that no information about the inputs leaks even if at most t cards are revealed illegally. We then actually design t-secure AND protocols. Thus, our contribution is the construction of the first formal framework to handle actively revealing card attacks as well as their countermeasures.

Published

2021

3. Five-Card AND Computations in Committed Format Using Only Uniform Cyclic Shuffles

Author

Hideaki Sone, Yuta Abe, Yu-ichi Hayashi, and Takaaki Mizuki

Subjects

021110 strategic, defence & security studies, Computer Networks and Communications, business.industry, Computer science, Deck of cards, Computation, Card-based cryptography, 0211 other engineering and technologies, Field (mathematics), Cryptography, 02 engineering and technology, Theoretical Computer Science, Standard 52-card deck, Hardware and Architecture, Secure multiparty computation, 0202 electrical engineering, electronic engineering, information engineering, Secure multi-party computation, 020201 artificial intelligence & image processing, Arithmetic, business, Protocol (object-oriented programming), Software

Abstract

In card-based cryptography, designing AND protocols in committed format is a major research topic. The state-of-the-art AND protocol proposed by Koch, Walzer, and Härtel in ASIACRYPT 2015 uses only four cards, which is the minimum permissible number. The minimality of their protocol relies on somewhat complicated shuffles having non-uniform probabilities of possible outcomes. Restricting the allowed shuffles to uniform closed ones entails that, to the best of our knowledge, six cards are sufficient: the six-card AND protocol proposed by Mizuki and Sone in 2009 utilizes the random bisection cut, which is a uniform and cyclic (and hence, closed) shuffle. Thus, a question has arisen: “Can we improve upon this six-card protocol using only uniform closed shuffles?” In other words, the existence or otherwise of a five-card AND protocol in committed format using only uniform closed shuffles has been one of the most important open questions in this field. In this paper, we answer the question affirmatively by designing five-card committed-format AND protocols using only uniform cyclic shuffles. The shuffles that our protocols use are the random cut and random bisection cut, both of which are uniform cyclic shuffles and can be easily implemented by humans.

Published

2021

4. Card-based protocols for secure ranking computations

Author

Kazumasa Shinagawa, Yuta Abe, Ken Takashima, Takaaki Mizuki, Daiki Miyahara, Hideaki Sone, and Tatsuya Sasaki

Subjects

Protocol (science), Scheme (programming language), Theoretical computer science, General Computer Science, Computer science, Computation, Rank (computer programming), 0102 computer and information sciences, 02 engineering and technology, 01 natural sciences, Theoretical Computer Science, Ranking (information retrieval), Task (computing), 010201 computation theory & mathematics, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, 020201 artificial intelligence & image processing, computer, computer.programming_language

Abstract

Consider a group of people who want to know the “rich list” among them, namely the ranking in terms of their total assets, without revealing any information about the actual value of their assets. This can be achieved by a “secure ranking computation,” which was first considered by Jiang and Gong (2006) [2] ; they constructed a secure ranking computation protocol based on a public-key cryptosystem. In this paper, instead of using a public-key cryptosystem, we use a deck of physical cards to provide secure ranking computation protocols. Therefore, our card-based protocols do not rely on computers, and they are simple and easy for humans to implement. Specifically, we design four protocols considering tradeoffs between the number of cards and the number of shuffles required to execute the protocols. We also present a guide to choose an appropriate protocol according to the number of people participating in the protocol and the size of the input range. To be precise, whereas our protocols make all players know the rich list, the Jiang–Gong scheme makes each player know his/her rank only; to achieve the same task (as the Jiang–Gong scheme) using a deck of cards is an intriguing open problem.

Published

2020

5. Evaluating card-based protocols in terms of execution time

Author

Daiki Miyahara, Itaru Ueda, Yu-ichi Hayashi, Hideaki Sone, and Takaaki Mizuki

Subjects

Protocol (science), 021110 strategic, defence & security studies, SIMPLE (military communications protocol), Computer Networks and Communications, Computer science, business.industry, Computation, 0211 other engineering and technologies, Cryptography, 02 engineering and technology, Execution time, Secure computing, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Safety, Risk, Reliability and Quality, business, Computer communication networks, Software, Information Systems, Computer network

Abstract

Card-based cryptography is an attractive and unconventional computation model; it provides secure computing methods using a deck of physical cards. It is noteworthy that a card-based protocol can be easily executed by non-experts such as high school students without the use of any electric device. One of the main goals in this discipline is to develop efficient protocols. The efficiency has been evaluated by the number of required cards, the number of colors, and the average number of protocol trials. Although these evaluation metrics are simple and reasonable, it is difficult to estimate the total number of operations or execution time of protocols based only on these three metrics. Therefore, in this paper, we consider adding other metrics to estimate the execution time of protocols more precisely. Furthermore, we actually evaluate some of the important existing protocols using our new criteria.

Published

2020

6. Efficient card-based zero-knowledge proof for Sudoku

Author

Daiki Miyahara, Hideaki Sone, Takaaki Mizuki, and Tatsuya Sasaki

Subjects

Theoretical computer science, General Computer Science, Computer science, Proof of knowledge, Zero-knowledge proof, Theoretical Computer Science

Abstract

In 2009, Gradwohl, Naor, Pinkas, and Rothblum proposed physical zero-knowledge proof protocols for Sudoku. That is, for a puzzle instance of Sudoku, their excellent protocols allow a prover to convince a verifier that there is a solution to the Sudoku puzzle and the prover knows it, without revealing any information about the solution. The possible drawback is that the existing protocols have an extractability error with a non-zero probability, or need special cards (such as scratch-off cards). Thus, in this study, we propose new protocols to perform zero-knowledge proof of knowledge for Sudoku using a normal deck of playing cards with no extractability error. Our protocols can be easily implemented by humans with a reasonable number of playing cards.

Published

2020

7. Practical card-based implementations of Yao's millionaire protocol

Author

Hideaki Sone, Takaaki Mizuki, Daiki Miyahara, and Yu-ichi Hayashi

Subjects

Scheme (programming language), General Computer Science, Shuffling, Computer science, 0102 computer and information sciences, 02 engineering and technology, Computer security, computer.software_genre, 01 natural sciences, Theoretical Computer Science, Alice and Bob, 010201 computation theory & mathematics, Secrecy, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, 020201 artificial intelligence & image processing, computer, Protocol (object-oriented programming), computer.programming_language

Abstract

Yao's millionaire protocol enables Alice and Bob to know whether or not Bob is richer than Alice by using a public-key cryptosystem without revealing the actual amounts of their properties. In this paper, we present simple and practical implementations of Yao's millionaire protocol using a physical deck of playing cards; we straightforwardly implement the idea behind Yao's millionaire protocol so that even non-experts can easily understand their correctness and secrecy. Our implementations are based partially on the previous card-based scheme proposed by Nakai, Tokushige, Misawa, Iwamoto, and Ohta; their scheme admits players' private actions on a sequence of cards called Private Permutation (PP), implying that a malicious player could make an active attack (for example, he/she could exchange some of the cards stealthily when doing such a private action). By contrast, our implementations rely on a familiar shuffling operation called a random cut, and hence, they can be conducted completely publicly so as to avoid any active attack. More specifically, we present two card-based implementations of Yao's millionaire protocol; one uses a two-colored deck of cards (which consists of black and red cards), and the other uses a standard deck of playing cards. Furthermore, we also provide card-based protocols that rely on a logical circuit representing the comparison.

Published

2020

8. Physical Zero-Knowledge Proof and NP-completeness Proof of Suguru Puzzle ⋆

Author

Léo Robert, Daiki Miyahara, Pascal Lafourcade, Luc Libralesso, Takaaki Mizuki, Laboratoire d'Informatique, de Modélisation et d'Optimisation des Systèmes (LIMOS), Ecole Nationale Supérieure des Mines de St Etienne (ENSM ST-ETIENNE)-Centre National de la Recherche Scientifique (CNRS)-Université Clermont Auvergne (UCA)-Institut national polytechnique Clermont Auvergne (INP Clermont Auvergne), Université Clermont Auvergne (UCA)-Université Clermont Auvergne (UCA), University of Electro-Communications [Tokyo] (UEC), National Institute of Advanced Industrial Science and Technology (AIST), Cyberscience Center, Tohoku University, ANR-16-IDEX-0001,CAP 20-25,CAP 20-25(2016), ANR-18-CE39-0007,DeCrypt,Langage Déclaratif pour la cryptographie symétrique(2018), ANR-18-CE39-0019,MobiS5,La sécurité et la privacy dans les réseaux 5G(2018), and ANR-20-CE39-0009,SEVERITAS,Systèmes de tests et evaluations sûrs et vérifiables(2020)

Subjects

Completeness, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Computational Theory and Mathematics, Suguru, Security, Zero-knowledge, Physical zero-knowledge proof, Extractability, Computer Science Applications, Information Systems, Theoretical Computer Science

Abstract

International audience; Suguru is a paper and pencil puzzle invented by Naoki Inaba. The goal of the game is to fill a grid with numbers between 1 and 5 while respecting three simple constraints. We first prove the NP-completeness of Suguru puzzle. For this we design gadgets to encode the PLANAR-CIRCUIT-SAT in a Suguru grid. We then design a physical Zero-Knowledge Proof (ZKP) protocol for Suguru. This ZKP protocol allows a prover to prove that he knows a solution of a Suguru grid to a verifier without leaking any information on the solution. To construct such a physical ZKP protocol, we only rely on a few physical cards and adapted encoding. For a Suguru grid with n cells, we only use 5n + 5 cards. Moreover, we prove the three classical security properties of a ZKP: completeness, extractability, and zero-knowledge.

Published

2022

9. Secure Computations Through Checking Suits of Playing Cards

Author

Daiki Miyahara and Takaaki Mizuki

Abstract

Card-based cryptography started with the “five-card trick” designed by Den Boer (EUROCRYPT 1989); it enables Alice and Bob to securely evaluate the AND value of their private bits using a physical deck of five cards. It was then shown that the same task can be done with only four cards, i.e., Mizuki et al. proposed a four-card AND protocol (ASIACRYPT 2012). These two AND protocols are simple and easy even for non-experts, such as high school students, to execute. Their only common drawback is the need to prepare a customized deck consisting of red and black cards such that all cards of the same color must be identical. Fortunately, several existing protocols are based on a standard deck of playing cards (commercially available). Among them, the state-of-the-art AND protocol was constructed by Koch et al. (ASIACRYPT 2019); it uses four playing cards (such as ‘A, J, Q, K’) to securely evaluate the AND value. The protocol is elaborate, while its possible drawback is the need to repeat a shuffling operation six times (in expectation), which makes it less practical.This paper aims to provide the first practical protocol working on a standard deck of playing cards. We present an extremely simple AND protocol that terminates after only one shuffle using only four cards; our proposed protocol relies on a new operation, called the “half-open” action, whereby players can check only the suit of a face-down card without revealing the number on it. We believe that this new operation is easy-to-implement, and hence, our four-card AND protocol working on a standard deck is practical. We formalize the half-open action to present a formal description of our proposed protocol. Moreover, we discuss what is theoretically implied by introducing the half-open action and show that it can be applied to efficiently solving Yao’s Millionaires’ problem with a standard deck of cards.

Published

2022

10. Card-Based ZKP for Connectivity: Applications to Nurikabe, Hitori, and Heyawake

Author

Léo Robert, Daiki Miyahara, Pascal Lafourcade, Takaaki Mizuki, Robert, Léo, Laboratoire d'Informatique, de Modélisation et d'Optimisation des Systèmes (LIMOS), Ecole Nationale Supérieure des Mines de St Etienne (ENSM ST-ETIENNE)-Centre National de la Recherche Scientifique (CNRS)-Université Clermont Auvergne (UCA)-Institut national polytechnique Clermont Auvergne (INP Clermont Auvergne), Université Clermont Auvergne (UCA)-Université Clermont Auvergne (UCA), National Institute of Advanced Industrial Science and Technology (AIST), University of Electro-Communications [Tokyo] (UEC), and Cyberscience Center, Tohoku University

Subjects

Connectivity, Puzzle, Computer Networks and Communications, MathematicsofComputing_GENERAL, Nurikabe, Card-based secure two-party protocols, Hitori, Theoretical Computer Science, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Hardware and Architecture, Heyawake, Zero-knowledge proofs, Software, [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR]

Abstract

During the last years, several card-based Zero-Knowledge Proof (ZKP) protocols for Nikoli’s puzzles have been designed. Although there are relatively simple card-based ZKP protocols for a number of puzzles, such as Sudoku and Kakuro, some puzzles face difficulties in designing simple protocols. For example, Slitherlink requires novel and elaborate techniques to construct a protocol. In this study, we focus on three Nikoli puzzles: Nurikabe, Hitori, and Heyawake. To date, no card-based ZKP protocol for these puzzles has been developed, partially because they have a relatively tricky rule that colored cells should form a connected area (namely a polyomino); this rule, sometimes referred to as “Bundan-kin” (in Japanese), complicates the puzzles, as well as facilitating difficulties in designing card-based ZKP protocols. We address this challenging task and propose a method for verifying the connectivity of hidden colored cells in a ZKP manner, such that we construct card-based ZKP protocols for the three puzzles.

Published

2022

11. Card-Based Physical Zero-Knowledge Proof for Kakuro

Author

Daiki Miyahara, Hideaki Sone, Takaaki Mizuki, and Tatsuya Sasaki

Subjects

business.industry, Computer science, Applied Mathematics, Signal Processing, Calculus, Cryptography, Zero-knowledge proof, Electrical and Electronic Engineering, business, Computer Graphics and Computer-Aided Design

Published

2019

12. Interactive Physical Zero-Knowledge Proof for Norinori

Author

Jean, Guillaume Dumas, Pascal, Lafourcade, Daiki, Miyahara, Takaaki, Mizuki, Tatsuya, Sasaki, and Hideaki, Sone

Published

2019

13. How to construct physical zero-knowledge proofs for puzzles with a 'single loop' condition

Author

Léo Robert, Hideaki Sone, Pascal Lafourcade, Daiki Miyahara, Tatsuya Sasaki, Takaaki Mizuki, Laboratoire d'Informatique, de Modélisation et d'Optimisation des Systèmes (LIMOS), Ecole Nationale Supérieure des Mines de St Etienne-Centre National de la Recherche Scientifique (CNRS)-Université Clermont Auvergne (UCA)-Institut national polytechnique Clermont Auvergne (INP Clermont Auvergne), Université Clermont Auvergne (UCA)-Université Clermont Auvergne (UCA), Tohoku University [Sendai], Ecole Nationale Supérieure des Mines de St Etienne (ENSM ST-ETIENNE)-Centre National de la Recherche Scientifique (CNRS)-Université Clermont Auvergne (UCA)-Institut national polytechnique Clermont Auvergne (INP Clermont Auvergne), ANR-18-CE39-0007,DeCrypt,Langage Déclaratif pour la cryptographie symétrique(2018), ANR-18-CE39-0019,MobiS5,La sécurité et la privacy dans les réseaux 5G(2018), and ANR-20-CE39-0009,SEVERITAS,Systèmes de tests et evaluations sûrs et vérifiables(2020)

Subjects

Property (philosophy), General Computer Science, Computer science, business.industry, Cryptography, 0102 computer and information sciences, 02 engineering and technology, Construct (python library), 01 natural sciences, Theoretical Computer Science, Loop (topology), [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], 010201 computation theory & mathematics, Simple (abstract algebra), 0202 electrical engineering, electronic engineering, information engineering, Calculus, Feature (machine learning), 020201 artificial intelligence & image processing, Zero-knowledge proof, business, Single loop

Abstract

International audience; We propose a technique to construct physical Zero-Knowledge Proof (ZKP) protocols for puzzles that require a single loop draw feature. Our approach is based on the observation that a loop has only one hole and this property remains stable by some simple transformations. Using this trick, we can transform a simple big loop, which is visible to anyone, into the solution loop by using transformations that do not disclose any information about the solution. We illustrate our technique by applying it to construct physical ZKP protocols for two Nikoli puzzles: Slitherlink and Masyu.

Published

2021

14. Interactive Physical ZKP for Connectivity: Applications to Nurikabe and Hitori

Author

Daiki Miyahara, Takaaki Mizuki, Léo Robert, and Pascal Lafourcade

Subjects

Theoretical computer science, Computer science, Novelty, Zero-knowledge proof

Abstract

During the last years, many Physical Zero-knowledge Proof (ZKP) protocols for Nikoli’s puzzles have been designed. In this paper, we propose two ZKP protocols for the two Nikoli’s puzzles called Nurikabe and Hitori. These two puzzles have some similarities, since in their rules at least one condition requires that some cells are connected to each other, horizontally or vertically. The novelty in this paper is to propose two techniques that allow us to prove such connectivity without leaking any information about a solution.

Published

2021

15. Information leakage due to operative errors in card-based protocols

Author

Takaaki Mizuki and Yuichi Komano

Subjects

Computational Theory and Mathematics, Computer Science Applications, Information Systems, Theoretical Computer Science

Published

2022

16. Physical Zero-Knowledge Proof for Suguru Puzzle

Author

Léo Robert, Daiki Miyahara, pascal lafourcade, Takaaki Mizuki, Laboratoire d'Informatique, de Modélisation et d'Optimisation des Systèmes (LIMOS), Ecole Nationale Supérieure des Mines de St Etienne (ENSM ST-ETIENNE)-Université Clermont Auvergne [2017-2020] (UCA [2017-2020])-Centre National de la Recherche Scientifique (CNRS), Tohoku University [Sendai], Lafourcade, Pascal, Ecole Nationale Supérieure des Mines de St Etienne-Centre National de la Recherche Scientifique (CNRS)-Université Clermont Auvergne [2017-2020] (UCA [2017-2020]), and Ecole Nationale Supérieure des Mines de St Etienne-Université Clermont Auvergne [2017-2020] (UCA [2017-2020])-Centre National de la Recherche Scientifique (CNRS)

Subjects

Completeness, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Suguru, Security, Physical zero-knowledge proof, Extractability, Zero-knowledge proof, [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR]

Abstract

International audience; Suguru is a paper and pencil puzzle invented by Naoki Inaba. The goal of the game is to fulfil a grid with numbers between 1 and 5 and to respect three simple constraints. In this paper we design a physical Zero-Knowledge Proof (ZKP) protocol for Suguru. A ZKP protocol allows a prover (P) to prove that he knows a solution of a Suguru grid to a verifier (V) without leaking any information on the solution. For constructing such a physical ZKP protocol, we only rely on a small number of physical cards and an adapted encoding. For a grid of Suguru with n cells, we only use 5n + 5 cards. Moreover, we prove the three classical security properties of a ZKP: completeness, extractability, and zero-knowledge.

Published

2020

17. Card-Based ZKP Protocols for Takuzu and Juosan

Author

Daiki Miyahara and Léo Robert and Pascal Lafourcade and So Takeshige and Takaaki Mizuki and Kazumasa Shinagawa and Atsuki Nagao and Hideaki Sone, Miyahara, Daiki, Robert, Léo, Lafourcade, Pascal, Takeshige, So, Mizuki, Takaaki, Shinagawa, Kazumasa, Nagao, Atsuki, Sone, Hideaki, Daiki Miyahara and Léo Robert and Pascal Lafourcade and So Takeshige and Takaaki Mizuki and Kazumasa Shinagawa and Atsuki Nagao and Hideaki Sone, Miyahara, Daiki, Robert, Léo, Lafourcade, Pascal, Takeshige, So, Mizuki, Takaaki, Shinagawa, Kazumasa, Nagao, Atsuki, and Sone, Hideaki

Abstract

Takuzu and Juosan are logical Nikoli games in the spirit of Sudoku. In Takuzu, a grid must be filled with 0’s and 1’s under specific constraints. In Juosan, the grid must be filled with vertical and horizontal dashes with specific constraints. We give physical algorithms using cards to realize zero-knowledge proofs for those games. The goal is to allow a player to show that he/she has the solution without revealing it. Previous work on Takuzu showed a protocol with multiple instances needed. We propose two improvements: only one instance needed and a soundness proof. We also propose a similar proof for Juosan game.

Published

2020

18. Pile-Shifting Scramble for Card-Based Protocols

Author

Yu-ichi Hayashi, Hideaki Sone, Takaaki Mizuki, and Akihiro Nishimura

Subjects

business.industry, Computer science, Applied Mathematics, 0102 computer and information sciences, 02 engineering and technology, Structural engineering, 01 natural sciences, Computer Graphics and Computer-Aided Design, 010201 computation theory & mathematics, Signal Processing, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, business, Pile

Published

2018

19. Preface: Special Issue on Card-Based Cryptography

Author

Takaaki Mizuki

Subjects

Multimedia, Computer Networks and Communications, Hardware and Architecture, Computer science, business.industry, Cryptography, computer.software_genre, business, computer, Software, Theoretical Computer Science

Published

2021

20. Information Leakage Threats for Cryptographic Devices Using IEMI and EM Emission

Author

Hideaki Sone, Ko Nakamura, Takaaki Mizuki, and Yu-ichi Hayashi

Subjects

Computer science, microprocessor chips, intentional electromagnetic interference (IEMI), EM leakage, Encryption, Cryptography, Hardware_PERFORMANCEANDRELIABILITY, 02 engineering and technology, injection timing estimation method, Electromagnetic interference, Transient analysis, fault analysis method, intentional electromagnetic interference, 0202 electrical engineering, electronic engineering, information engineering, Electronic engineering, characteristic fluctuation detection, realistic secret information analysis method, Fault analysis, Timing, Electrical and Electronic Engineering, fault-injection timing, Leakage (electronics), Clocks, cryptography, Differential fault analysis, information leakage threat, business.industry, fault analysis, Circuit faults, 020206 networking & telecommunications, Fault injection, fault diagnosis, Condensed Matter Physics, on-chip fault-injection circuit, cryptographic devices, electromagnetic interference, Atomic and Molecular Physics, and Optics, IEMI, Information leakage, secret key analysis, Electromagnetic (EM) information leakage, business, Estimation

Abstract

In this paper, we present a new information leakage threat combining intentional electromagnetic interference (IEMI) and observations of EM leakage. In previous studies, the analysis of secret key information in cryptographic modules using fault injection has led to methods whereby faults can be injected via low-voltage IEMI. However, the timing of fault injections cannot be controlled with this approach, and it is difficult to obtain faulty ciphertexts for use in secret key analysis by differential fault analysis (DFA). To overcome this problem, we propose a method for estimating the fault-injection timing by detecting characteristic fluctuations in the EM leakage from the device. As a result, it may be possible to implement a realistic secret information analysis method applicable to a wide range of devices. First, to show the feasibility of the proposed method, we describe an experiment using an on-chip fault-injection circuit that can control the injection timing. Furthermore, we apply a fault analysis method that combines the injection timing estimation method and fault injection by IEMI in a practical experimental environment. We select useful faulty ciphertexts using the proposed method, and then perform secret key analysis by DFA. Experimental results demonstrate that the secret key can be successfully analyzed.

Published

2017

21. Card-Based Protocols Using Regular Polygon Cards

Author

Kazumasa Shinagawa, Eiji Okamoto, Naoki Kanayama, Jacob C. N. Schuldt, Takaaki Mizuki, Takashi Nishide, Goichiro Hanaoka, and Koji Nuida

Subjects

Discrete mathematics, Computer science, Applied Mathematics, Regular polygon, 0102 computer and information sciences, 02 engineering and technology, 01 natural sciences, Computer Graphics and Computer-Aided Design, 010201 computation theory & mathematics, Signal Processing, Computer Science::Networking and Internet Architecture, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, Computer Science::Cryptography and Security

Published

2017

22. Interactive Physical Zero-Knowledge Proof for Norinori

Author

Jean-Guillaume Dumas, Daiki Miyahara, Takaaki Mizuki, Pascal Lafourcade, Hideaki Sone, Tatsuya Sasaki, Calcul Algébrique et Symbolique, Sécurité, Systèmes Complexes, Codes et Cryptologie (CASC), Laboratoire Jean Kuntzmann (LJK ), Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019])-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), Laboratoire d'Informatique, de Modélisation et d'Optimisation des Systèmes (LIMOS), Ecole Nationale Supérieure des Mines de St Etienne-Centre National de la Recherche Scientifique (CNRS)-Université Clermont Auvergne [2017-2020] (UCA [2017-2020]), Tohoku University [Sendai], and Ecole Nationale Supérieure des Mines de St Etienne (ENSM ST-ETIENNE)-Université Clermont Auvergne [2017-2020] (UCA [2017-2020])-Centre National de la Recherche Scientifique (CNRS)

Subjects

Theoretical computer science, Puzzle, Computer science, Value (computer science), Proof of knowledge, 020206 networking & telecommunications, Card-based secure two-party protocols, 02 engineering and technology, Grid, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Position (vector), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Enhanced Data Rates for GSM Evolution, Zero-knowledge proof, Element (category theory), Zero-knowledge proofs, Norinori

Abstract

International audience; Norinori is a logic game similar to Sudoku. In Norinori, a grid of cells has to be filled with either black or white cells so that the given areas contain exactly two black cells, and every black cell shares an edge with exactly one other black cell. We propose a secure interactive physical algorithm, relying only on cards, to realize a zero-knowledge proof of knowledge for Norinori. It allows a player to show that he or she knows a solution without revealing it. For this, we show in particular that it is possible to physically prove that a particular element is present in a list, without revealing any other value in the list, and without revealing the actual position of that element in the list.

Published

2019

23. Secure Computation Protocols Using Polarizing Cards

Author

Takaaki Mizuki, Koji Nuida, Kazumasa Shinagawa, Naoki Kanayama, Takashi Nishide, Jacob C. N. Schuldt, Goichiro Hanaoka, and Eiji Okamoto

Subjects

021110 strategic, defence & security studies, Computer science, Applied Mathematics, Boolean circuit, Signal Processing, 0211 other engineering and technologies, 0202 electrical engineering, electronic engineering, information engineering, Secure multi-party computation, 020206 networking & telecommunications, 02 engineering and technology, Parallel computing, Electrical and Electronic Engineering, Computer Graphics and Computer-Aided Design

Published

2016

24. Card-based protocols for securely computing the conjunction of multiple variables

Author

Takaaki Mizuki

Subjects

021110 strategic, defence & security studies, OpenPGP card, General Computer Science, Computer science, Computation, 0211 other engineering and technologies, Value (computer science), 02 engineering and technology, Computer security, computer.software_genre, Theoretical Computer Science, Conjunction (grammar), Bit (horse), Order (business), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Arithmetic, computer

Abstract

Consider a deck of real cards with faces that are either black or red and backs that are all identical. Then, using two cards of different colors, we can commit a secret bit to a pair of face-down cards so that its order (i.e., black to red, or red to black) represents the value of the bit. Given such two commitments (consisting of four face-down cards in total) together with one additional black card, the "five-card trick" invented in 1989 by den Boer securely computes the conjunction of the two secret bits. In 2012, it was shown that such a two-variable secure AND computation can be done with no additional card. In this paper, we generalize this result to an arbitrary number of variables: we show that, given any number of commitments, their conjunction can be securely computed with no additional card.

Published

2016

25. Secure Multi-Party Computations Using a Deck of Cards

Author

Takaaki Mizuki

Subjects

021110 strategic, defence & security studies, Computer science, 0211 other engineering and technologies, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, 02 engineering and technology

Published

2016

26. Physical Zero-Knowledge Proof for Makaro

Author

Kazumasa Shinagawa, Tatsuya Sasaki, Jannik Dreier, Hideaki Sone, Takaaki Mizuki, Xavier Bultel, Jean-Guillaume Dumas, Pascal Lafourcade, Atsuki Nagao, Daiki Miyahara, Laboratoire d'Informatique, de Modélisation et d'optimisation des Systèmes (LIMOS), Université Blaise Pascal - Clermont-Ferrand 2 (UBP)-Université d'Auvergne - Clermont-Ferrand I (UdA)-SIGMA Clermont (SIGMA Clermont)-Ecole Nationale Supérieure des Mines de St Etienne (ENSM ST-ETIENNE)-Centre National de la Recherche Scientifique (CNRS), Proof techniques for security protocols (PESTO), Inria Nancy - Grand Est, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Department of Formal Methods (LORIA - FM), Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS)-Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Calculs Algébriques et Systèmes Dynamiques (CASYS), Laboratoire Jean Kuntzmann (LJK ), Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019])-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), VERIMAG (VERIMAG - IMAG), Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), Tohoku University [Sendai], National Institute of Advanced Industrial Science and Technology (AIST), Ochanomizu University, Tokyo Institute of Technology [Tokyo] (TITECH), ANR-16-IDEX-0001,CAP 20-25,CAP 20-25(2016), and SIGMA Clermont (SIGMA Clermont)-Université d'Auvergne - Clermont-Ferrand I (UdA)-Ecole Nationale Supérieure des Mines de St Etienne-Centre National de la Recherche Scientifique (CNRS)-Université Blaise Pascal - Clermont-Ferrand 2 (UBP)

Subjects

Discrete mathematics, Puzzle, Computer science, Proof of knowledge, Card-based secure two-party protocols, 0102 computer and information sciences, 02 engineering and technology, Grid, 01 natural sciences, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], 010201 computation theory & mathematics, Privacy, Makaro, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Zero-knowledge proof, Zero-knowledge proofs

Abstract

International audience; Makaro is a logic game similar to Sudoku. In Makaro, a grid has to be filled with numbers such that: given areas contain all the numbers up to the number of cells in the area, no adjacent numbers are equal and some cells provide restrictions on the largest adjacent number. We propose a proven secure physical algorithm, only relying on cards, to realize a zero-knowledge proof of knowledge for Makaro. It allows a player to show that he knows a solution without revealing it.

Published

2018

27. Card-Based Zero-Knowledge Proof for Sudoku

Author

Tatsuya Sasaki and Takaaki Mizuki and Hideaki Sone, Sasaki, Tatsuya, Mizuki, Takaaki, Sone, Hideaki, Tatsuya Sasaki and Takaaki Mizuki and Hideaki Sone, Sasaki, Tatsuya, Mizuki, Takaaki, and Sone, Hideaki

Abstract

In 2009, Gradwohl, Naor, Pinkas, and Rothblum proposed physical zero-knowledge proof protocols for Sudoku. That is, for a puzzle instance of Sudoku, their excellent protocols allow a prover to convince a verifier that there is a solution to the Sudoku puzzle and that he/she knows it, without revealing any information about the solution. The possible drawback is that the existing protocols have a soundness error with a non-zero probability or need special cards (such as scratch-off cards). Thus, in this study, we propose new protocols to perform zero-knowledge proof for Sudoku that use a normal deck of playing cards and have no soundness error. Our protocols can be easily implemented by humans with a reasonable number of playing cards.

Published

2018

28. Card-based Protocols Using Triangle Cards

Author

Kazumasa Shinagawa and Takaaki Mizuki, Shinagawa, Kazumasa, Mizuki, Takaaki, Kazumasa Shinagawa and Takaaki Mizuki, Shinagawa, Kazumasa, and Mizuki, Takaaki

Abstract

Suppose that three boys and three girls attend a party. Each boy and girl have a crush on exactly one of the three girls and three boys, respectively. The following dilemma arises: On one hand, each person thinks that if there is a mutual affection between a girl and boy, the couple should go on a date the next day. On the other hand, everyone wants to avoid the possible embarrassing situation in which their heart is broken "publicly." In this paper, we solve the dilemma using novel cards called triangle cards. The number of cards required is only six, which is minimal in the case where each player commits their input at the beginning of the protocol. We also construct multiplication and addition protocols based on triangle cards. Combining these protocols, we can securely compute any function f: {0,1,2}^n --> {0,1,2}.

Published

2018

29. Minimizing ESCT forms for two-variable multiple-valued input binary output functions

Author

Hideaki Sone, Takaaki Mizuki, and Daizo Mikami

Subjects

Efficient algorithm, Applied Mathematics, Canonical normal form, Discrete Mathematics and Combinatorics, Binary number, Logical matrix, Extension (predicate logic), Minification, ExOR, Algorithm, Mathematics, Variable (mathematics)

Abstract

As EXOR (Exclusive-OR) expansions of binary output functions, the ESOP (EXOR Sum of Products) form and its extension, the ESCT (EXOR Sum of Complex Terms) form, have been studied extensively in the literature. An efficient algorithm for minimizing ESOP forms is known for two-variable multiple-valued input functions. On the other hand, no ESCT minimization algorithm is known for such functions. In this paper, we give an efficient algorithm for minimizing ESCT forms of two-variable multiple-valued input functions, showing that the number of terms can be reduced by at most one.

Published

2014

30. FOREWORD

Author

Hirotaka Ono, Kazuhide Fukushima, and Takaaki Mizuki

Subjects

Applied Mathematics, Signal Processing, Electrical and Electronic Engineering, Computer Graphics and Computer-Aided Design

Published

2019

31. Efficient Evaluation of EM Radiation Associated With Information Leakage From Cryptographic Devices

Author

Hideaki Sone, Takafumi Aoki, Haruki Shimada, Yu-ichi Hayashi, Naofumi Homma, Laurent Sauvage, Takaaki Mizuki, and Jean Luc Danger

Subjects

Signal processing, Engineering, Relation (database), business.industry, Cryptography, Condensed Matter Physics, Electromagnetic radiation, Atomic and Molecular Physics, and Optics, Printed circuit board, Information leakage, Electronic engineering, Electrical and Electronic Engineering, business, Field-programmable gate array, Intensity (heat transfer)

Abstract

This paper presents an efficient map generation technique for evaluating the intensity of electromagnetic (EM) radiation associated with information leakage for cryptographic devices at the printed circuit board level. First, we investigate the relation between the intensity of the overall EM radiation and the intensity of EM information leakage on a cryptographic device. For this purpose, we prepare a map of the magnetic field on the device by using an EM scanning system, after which we perform correlation electromagnetic analysis (CEMA) at all measurement points on the device, including points above the cryptographic module. The examined device is a standard evaluation board for cryptographic modules (side-channel attack standard evaluation board), where a cryptographic circuit is implemented on one of the field-programmable gate arrays on the board. With this experiment, we demonstrate that both an EM radiation map and an information leakage map can be generated simultaneously by scanning the board only once. We also confirm that the generated map is in good agreement with the corresponding map obtained from exhaustive CEMAs.

Published

2013

32. Analysis of Electromagnetic Information Leakage From Cryptographic Devices With Different Physical Structures

Author

Hideaki Sone, Takaaki Mizuki, Laurent Sauvage, Yu-ichi Hayashi, Naofumi Homma, Jean-Luc Danger, Takafumi Aoki, Secure and Safe Hardware (SSH), Laboratoire Traitement et Communication de l'Information (LTCI), Institut Mines-Télécom [Paris] (IMT)-Télécom Paris-Institut Mines-Télécom [Paris] (IMT)-Télécom Paris, Département Communications & Electronique (COMELEC), Télécom ParisTech, and HAL, TelecomParis

Subjects

Engineering, Signal processing, business.industry, 020208 electrical & electronic engineering, ComputerApplications_COMPUTERSINOTHERSYSTEMS, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Condensed Matter Physics, Electromagnetic radiation, [SPI.TRON] Engineering Sciences [physics]/Electronics, Atomic and Molecular Physics, and Optics, Electromagnetic interference, [SPI.TRON]Engineering Sciences [physics]/Electronics, Power consumption, EMI, Information leakage, 0202 electrical engineering, electronic engineering, information engineering, Electronic engineering, Side channel attack, Electrical and Electronic Engineering, business, ComputingMilieux_MISCELLANEOUS

Abstract

This paper presents a novel analysis of electromagnetic (EM) information leakage from cryptographic devices, based on the electromagnetic interference (EMI) theory. In recent years, side-channel attack using side-channel information (e.g., power consumption and EM radiation) is of major concern for designers of cryptographic devices. However, few studies have been conducted to investigate how EM information leakage changes according to device's physical parameters. In this paper, we introduce a cryptographic device model to analyze EM information leakage based on the EMI theory in a systematic manner. This device model makes it possible to acquire the frequency characteristics of EM radiation depending on physical parameters, such as board size and power-line length, accurately. The analysis results show that EM information leakage can be explained by the major EMI parameters such as board size and cable length attached to the board. In addition, we demonstrate that the intensity of EM information leakage from a generic device is also explained by board size and cable length.

Published

2013

33. Transient IEMI Threats for Cryptographic Devices

Author

Yu-ichi Hayashi, Naofumi Homma, Hideaki Sone, Takaaki Mizuki, and Takafumi Aoki

Subjects

Engineering, business.industry, Advanced Encryption Standard, Cryptography, Fault injection, Condensed Matter Physics, Atomic and Molecular Physics, and Optics, Electromagnetic interference, Secure communication, Embedded system, Information leakage, Transient (computer programming), Electrical and Electronic Engineering, business, Block cipher

Abstract

This paper presents a new type of intentional electromagnetic interference (IEMI) which causes information leakage in electric devices without disrupting their functions or damaging their components. Such IEMI could pose a severe threat to a large number of electric devices with cryptographic modules since it can be used for performing fault injection attacks, which in turn allows for obtaining faulty outputs (i.e., ciphertexts) from cryptographic modules and exploiting them to reveal information about secret keys. Such faulty outputs are usually generated by inducing faults into target modules through modification or invasion of the modules themselves. In contrast, IEMI-based fault injection can be performed on the target modules from a distance by using an off-the-shelf injection probe, without leaving any hard evidence of the attack. We demonstrate the impact of the aforementioned IEMI through experiments using the Advanced Encryption Standard, which is one of the ISO/IEC 18033 block ciphers, implemented as a module on a standard evaluation board. The experimental results indicate that generating exploitable faults is feasible and, therefore, such IEMI presents a tangible threat to various existing electric devices and systems that use cryptographic modules for secure communication and transactions.

Published

2013

34. AN APPLICATION OF ESOP EXPRESSIONS TO SECURE COMPUTATIONS

Author

Takaaki Mizuki, Taro Otagiri, and Hideaki Sone

Subjects

Minimal model, Theoretical computer science, Hardware and Architecture, Computer science, Computation, General Medicine, Function (mathematics), Electrical and Electronic Engineering, Cryptographic protocol, Communication complexity, Protocol (object-oriented programming), Expression (mathematics)

Abstract

This paper gives an application of exclusive-or sum-of-products (ESOP) expressions to designing cryptographic protocols. That is, this paper deals with secure computations in a minimal model, and gives a protocol which securely computes every function by means of the techniques of ESOP expressions. The communication complexity of our protocol is proportional to the size of an obtained multiple-valued-input ESOP expression. Since the historical research on minimizing ESOP expressions is now still active, our protocol will "automatically" turn to an efficient one as this research progresses. Thus, we hope that the existence of our cryptographic protocol would motivate further research on minimizing ESOP expressions.

Published

2007

35. The Five-Card Trick Can Be Done with Four Cards

Author

Michihito Kumamoto, Hideaki Sone, and Takaaki Mizuki

Subjects

Alice and Bob, Computer science, media_common.quotation_subject, Secure multi-party computation, Computer security, computer.software_genre, Function (engineering), Protocol (object-oriented programming), computer, media_common

Abstract

The "five-card trick" invented by Boer allows Alice and Bob to securely compute the AND function of their secret inputs using five cards--three black cards and two red cards--with identical backs. This paper shows that such a secure computation can be done with only four cards. Specifically, we give a protocol to achieve a secure computation of AND using only four cards--two black and two red. Our protocol is optimal in the sense that the number of required cards is minimum.

Published

2012

36. Necessary and Sufficient Numbers of Cards for Sharing Secret Keys on Hierarchical Groups

Author

Takaaki Mizuki and Takao Nishizeki

Subjects

Set (abstract data type), Group (mathematics), Computer science, business.industry, Cryptography, Computer security, computer.software_genre, business, computer, Protocol (object-oriented programming), Game theory

Abstract

Suppose that there are players in two hierarchical groups and a computationally unlimited eavesdropper. Using a random deal of cards, a player in the higher group wishes to send a one-bit message information-theoretically securely either to all the players in her group or to all the players in the two groups. This can be done by the socalled 2-level key set protocol. In this paper we give a necessary and su.cient condition for the 2-level key set protocol to succeed.

Published

2001

37. Characterization of Optimal Key Set Protocols

Author

Takaaki Mizuki, Takao Nishizeki, and Hiroki Shizuya

Subjects

Set (abstract data type), Computer science, Key (cryptography), Key distribution, Pre-shared key, Characterization (mathematics), Computer security, computer.software_genre, Protocol (object-oriented programming), computer, Key authentication

Abstract

Using a random deal of cards to players and a computationally unlimited eavesdropper, all players wish to share a common one-bit secret key which is information-theoretically secure from the eavesdropper. This can be done by the so-called key set protocol. In this paper we give a necessary and sufficient condition for a key set protocol to be "optimal," that is, to succeed always in sharing a one-bit secret key.

Published

2000

38. Dealing Necessary and Sufficient Numbers of Cards for Sharing a One-Bit Secret Key (Extended Abstract)

Author

Takao Nishizeki, Hiroki Shizuya, and Takaaki Mizuki

Subjects

TheoryofComputation_MISCELLANEOUS, Homomorphic secret sharing, Proactive secret sharing, Computer science, Secure multi-party computation, Key distribution, Verifiable secret sharing, Computer security, computer.software_genre, Secret sharing, Protocol (object-oriented programming), computer

Abstract

Using a random deal of cards to players and a computationally unlimited eavesdropper, all players wish to share a one-bit secret key which is information-theoretically secure from the eavesdropper. This can be done by a protocol to make several pairs of players share one-bit secret keys so that all these pairs form a spanning tree over players. In this paper we obtain a necessary and sufficient condition on the number of cards for the existence of such a protocol. Our condition immediately yields an efficient linear-time algorithm to determine whether there exists a protocol to achieve such a secret key sharing.

Published

1999

39. ABSOLUTELY SECURE MESSAGE TRANSMISSION USING A KEY SHARING GRAPH

Author

Yoshihiro Indo, Takaaki Mizuki, and Takao Nishizeki

Subjects

TheoryofComputation_MISCELLANEOUS, Key sharing, Vertex (graph theory), Secure multicast, Multicast, business.industry, ComputingMilieux_PERSONALCOMPUTING, Data_CODINGANDINFORMATIONTHEORY, Shared secret, Graph, Discrete Mathematics and Combinatorics, Communication source, Unicast, business, Mathematics, Computer network

Abstract

Assume that there are players and an eavesdropper Eve of unlimited computational power and that several pairs of players have shared secret keys beforehand. In a key sharing graph, each vertex corresponds to a player, and each edge corresponds to a secret key shared by the two players corresponding to the ends of the edge. Given a key sharing graph, a player wishes to send a message to another player so that the eavesdropper Eve and any other player can get no information on the message. In this paper, we first give a necessary and sufficient condition on a key sharing graph for the existence of such a unicast protocol. We then extend the condition to the case where a multiple number of players other than the sender and receiver passively collude. We finally give a sufficient condition for the existence of a secure multicast protocol.

Published

2012

40. Characterization of optimal key set protocols

Author

Takaaki Mizuki, Takao Nishizeki, and Hiroki Shizuya

Subjects

Protocol (science), Applied Mathematics, Key distribution, Graph theory, Computer security, computer.software_genre, Set (abstract data type), Secret key exchange, Key exchange graph, Card game, Key (cryptography), Discrete Mathematics and Combinatorics, Pre-shared key, Communications protocol, Game theory, computer, Tree, Mathematics, Key set protocol

Abstract

Using a random deal of cards to players and a computationally unlimited eavesdropper, all players wish to share a common one-bit secret key which is information-theoretically secure from the eavesdropper. This can be done by the so-called key set protocols. In this paper, we give a necessary and sufficient condition for a key set protocol to be “optimal”, that is, to succeed always in sharing a one-bit secret key.

41. Interactive Physical ZKP for Connectivity: Applications to Nurikabe and Hitori

Author

Léo Robert, Daiki Miyahara, pascal lafourcade, Takaaki Mizuki, Robert, Léo, Laboratoire d'Informatique, de Modélisation et d'Optimisation des Systèmes (LIMOS), Ecole Nationale Supérieure des Mines de St Etienne-Centre National de la Recherche Scientifique (CNRS)-Université Clermont Auvergne (UCA)-Institut national polytechnique Clermont Auvergne (INP Clermont Auvergne), Université Clermont Auvergne (UCA)-Université Clermont Auvergne (UCA), Graduate School of Information Sciences [Sendaï], Tohoku University [Sendai], National Institute of Advanced Industrial Science and Technology (AIST), Cyberscience Center, Tohoku University, and Ecole Nationale Supérieure des Mines de St Etienne (ENSM ST-ETIENNE)-Centre National de la Recherche Scientifique (CNRS)-Université Clermont Auvergne (UCA)-Institut national polytechnique Clermont Auvergne (INP Clermont Auvergne)

Subjects

[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Puzzle, Nurikabe, Card-based secure two-party protocols, Zero-knowledge proofs, Hitori, [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR]

Abstract

International audience; During the last years, many Physical Zero-knowledge Proof (ZKP) protocols for Nikoli's puzzles ‡ have been designed. In this paper, we propose two ZKP protocols for the two Nikoli's puzzles called Nurikabe and Hitori. These two puzzles have some similarities, since in their rules at least one condition requires that some cells are connected to each other, horizontally or vertically. The novelty in this paper is to propose two techniques that allow us to prove such connectivity without leaking any information about a solution.