Your search keyword '"Hiroaki Anada"' showing total 20 results

1. A Secure Ticket-Based Authentication Mechanism for Proxy Mobile IPv6 Networks in Volunteer Computing

Author

Alireza Jolfaei, Mohammad Hesam Tadayon, Mojtaba Alizadeh, Kouichi Sakurai, and Hiroaki Anada

Subjects

Authentication, 020205 medical informatics, Computer Networks and Communications, Computer science, Network security, business.industry, 02 engineering and technology, 020204 information systems, Ticket, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), The Internet, business, Proxy Mobile IPv6, Mobile device, Mobility management, Computer network

Abstract

Technology advances—such as improving processing power, battery life, and communication functionalities—contribute to making mobile devices an attractive research area. In 2008, in order to manage mobility, the Internet Engineering Task Force (IETF) developed Proxy Mobile IPv6, which is a network-based mobility management protocol to support seamless connectivity of mobile devices. This protocol can play a key role in volunteer computing paradigms as a user can seamlessly access computing resources. The procedure of user authentication is not defined in this standard; thus, many studies have been carried out to propose suitable authentication schemes. However, in the current authentication methods, with reduced latency and packet loss, some security and privacy considerations are neglected. In this study, we propose a secure and anonymous ticket-based authentication (SATA) method to protect mobile nodes against existing security and privacy issues. The proposed method reduces the overhead of handover authentication procedures using the ticket-based concept. We evaluated security and privacy strengths of the proposed method using security theorems and BAN logic.

Published

2021

2. Key-updatable public-key encryption with keyword search (Or: How to realize PEKS with efficient key updates for IoT environments)

Author

Hiroaki Anada, Akira Kanaoka, Yohei Watanabe, and Natsume Matsuzaki

Subjects

Computer Networks and Communications, Computer science, Raspberry Pi, 0211 other engineering and technologies, 02 engineering and technology, Encryption, Computer security, computer.software_genre, Public-key cryptography, Server, Public-key encryption with keyword search, Safety, Risk, Reliability and Quality, Cloud server, 021110 strategic, defence & security studies, SIMPLE (military communications protocol), business.industry, Keyword search, IoT environments, Key updates, Searchable encryption, Internet of Things, business, Mobile device, computer, Software, Information Systems

Abstract

Security and privacy are the key issues for the Internet of Things (IoT) systems. Especially, secure search is an important functionality for cooperation among users' devices and non-trusted servers. Public-key encryption with keyword search (PEKS) enables us to search encrypted data and is expected to be used between a cloud server and users' mobile devices or IoT devices. However, those mobile devices might be lost or stolen. For IoT devices, it might be difficult to store keys in a tamper-proof manner due to prohibitive costs. In this paper, we deal with such a key-exposure problem on PEKS and introduce the concept of PEKS with key-updating functionality, which we call key-updatable PEKS (KU-PEKS). Specifically, we propose two models of KU-PEKS: the key-evolution model and the key-insulation model. In the key-evolution model, a pair of public and secret keys can be updated if needed (e.g., the secret key is exposed). In the key-insulation model, the public key remains fixed while the secret key can be updated if needed. The former model makes a construction simple and more efficient than the latter. On the other hand, the latter model is preferable for practical use since a user never updates their public key. We show constructions in each model in a black-box manner. We also give implementation results on Raspberry Pi 3, which can be regarded as a reasonable platform of IoT devices.

Published

2019

3. RSA public keys with inside structure: Proofs of key generation and identities for web-of-trust

Author

Kouichi Sakurai, Junpei Kawamoto, Hiroaki Anada, Takanori Yasuda, and Jian Weng

Subjects

Key generation, Computer Networks and Communications, business.industry, Computer science, Public key infrastructure, 02 engineering and technology, Flat network, Computer security, computer.software_genre, Public-key cryptography, Identity (mathematics), Web of trust, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Cryptosystem, 020201 artificial intelligence & image processing, Safety, Risk, Reliability and Quality, business, computer, Software

Abstract

We propose a construction of the modulus of the RSA public keys for decentralized public-key trust generation like Web-of-Trust, where the modulus has inside structure. The first function of the structure is that it enables a peer to verify that the owner of the public key certainly generated the corresponding secret key. The second function is to tie up the public key with the owner’s identity as well as her guarantors identities. Our construction is based on the modified version of the Lenstra’s algorithm, by which a related second public key and the identity strings are embedded into the RSA modulus. The second public key is of the elliptic-curve cryptosystem (ECC) which has almost equivalent security level to the RSA cryptosystem. Our construction is applicable to a peer-to-peer network equipped with the blockchain of “consortium” and “trusted” type to yield a flat network that does not depends on PKI of the X.509 type.

Published

2019

4. Approach to Cryptography from Differential Geometry with Example

Author

Hiroaki Anada and Tetsuya Nagano

Subjects

Computer science, business.industry, Quantization (signal processing), Cryptography, Topology, Encryption, Displacement (vector), Public-key cryptography, Differential geometry, Tangent space, Finsler manifold, business, ComputingMethodologies_COMPUTERGRAPHICS, Computer Science::Cryptography and Security, Real number

Abstract

We propose a public-key encryption scheme that arise from a kind of differential geometry called Finsler geometry. Our approach is first to observe a map of a tangent space to another tangent space, and find asymmetricity of linear parallel displacement, which is easy to compute but hard to invert. Then we construct an example of the map over the real numbers. By quantization, we propose a public-key encryption scheme. The scheme is proved to be IND-CCA2 secure under the new assumption of the decisional linear parallel displacement problem.

Published

2021

5. Quantum Security and Implementation Evaluation of Non-adaptive Group-Testing Aggregate Message Authentication Codes

Author

Hiroaki Anada and Daiki Kamibayashi

Subjects

Scheme (programming language), Theoretical computer science, business.industry, Computer science, Aggregate (data warehouse), Implementation evaluation, Group testing, Software, Component (UML), Message authentication code, business, Quantum, computer, computer.programming_language

Abstract

For detecting and identifying forgeries in com-munications, a non-adaptive group-testing aggregate message authentication code (naGT-AMAC) introduced by Hirose and Shikata at ISPEC 2018 is considered to be an efficient way when band-width is limited. In this paper, following the previous work in the classical case, we formalize quantum security of the naGT-AMAC scheme. Then we prove that the generic construction of naGT-AMAC satisfies the quantum security under the quantum security of the component MAC. The proof goes naturally along the way of the classical case. Then, we report the performance of software implementation. A method of constructing d-disjunct matrices is employed, which serves as a concrete example of an naGT-AMAC scheme. It turns out that, in the case that the number of messages is 1000 and d=10, the execution time is less than 0.5 seconds.

Published

2020

6. Generic Construction of Anonymous Deniable Predicate Authentication Scheme with Revocability

Author

Hiroaki Anada and Yoshifumi Ueshige

Subjects

Scheme (programming language), Authentication, Theoretical computer science, Cryptographic primitive, Revocation, business.industry, Computer science, Data_MISCELLANEOUS, 020206 networking & telecommunications, 02 engineering and technology, Predicate (mathematical logic), Encryption, Authentication protocol, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, computer.programming_language, Anonymity

Abstract

We propose a syntax and security definitions of an anonymous deniable predicate authentication scheme with revocability (rADPA). This new cryptographic primitive is to attain revocation function as well as strong privacy guarantee concerning authentication. Anonymity is for privacy in the authentication protocol, while deniability is for anti-forensics after completion of the protocol. Then, we give a generic construction of our rADPA scheme. Our approach is to build-in the revocable attribute-based encryption scheme proposed by K. Yamada et al. (ESORICS2017) into the anonymous deniable predicate authentication scheme proposed by S. Yamada et al. (PKC2012). Finally, we discuss how our rADPA scheme can be instantiated by employing concrete building blocks in our generic construction.

Published

2020

7. Cross-group secret sharing scheme for secure usage of cloud storage over different providers and regions

Author

Hiroaki Anada, Junpei Kawamoto, Kouichi Sakurai, Chenyutao Ke, and Kirill Morozov

Subjects

Homomorphic secret sharing, Proactive secret sharing, Computer science, Cloud computing, 0102 computer and information sciences, 02 engineering and technology, Encryption, Computer security, computer.software_genre, 01 natural sciences, Secret sharing, Theoretical Computer Science, Server, 0202 electrical engineering, electronic engineering, information engineering, business.industry, 020206 networking & telecommunications, 010201 computation theory & mathematics, Hardware and Architecture, Secure multi-party computation, Verifiable secret sharing, business, Cloud storage, computer, Software, Information Systems, Computer network

Abstract

With the spread of the Internet, more and more data are being stored in the cloud. Here the technique of secret sharing can be naturally applied in order to provide both security and availability of the stored data, hereby reducing the risks of data leakage and data loss. The privacy property of secret sharing ensures protection against unauthorized access, while protection against data loss may be attained by distributing shares to the servers located in different regions. However, there is still a problem: If we naively employ the secret sharing technique without regarding to whom the cloud servers belong, a dishonest provider can obtain the secret data by collecting enough shares from its servers. In this scenario, there is a need to distribute shares over cloud services operated by different providers. In this paper, we propose a simple secret sharing technique, a cross-group secret sharing (CGSS), which is suitable for storing the data on cloud storage distributed over different groups—that is, different providers and regions. By combining an $$\ell $$ -out-of-m threshold secret sharing scheme with a k-out-of-n threshold secret sharing scheme using a symmetric-key encryption scheme, we construct the CGSS scheme that forces k shares to be collected from $$\ell $$ groups. Compared with the previous works, our scheme attains the functionality with reasonable computation. We also formalize the problem of allocating shares over different providers and regions as an optimization problem and show the design principles, which one must follow, when applying our proposal in practical settings. An experiment on real IaaS systems shows effectiveness of our proposed scheme, CGSS.

Published

2017

8. Construction and Evaluation of Attribute-Based Challenge-and-Response Authentication on Asymmetric Bilinear Map

Author

Kotaro Chinen and Hiroaki Anada

Subjects

Authentication, Theoretical computer science, Computer science, business.industry, Pairing, Contrast (statistics), Authentication scheme, Bilinear map, Encryption, business, Protocol (object-oriented programming)

Abstract

We propose a construction of an attribute-based authentication scheme (ABAuth). Our ABAuth is a challenge-and-response protocol which uses an attribute-based key-encapsulation mechanisum (ABKEM). The ABKEM is basically the one proposed by Ostrovsky-Sahai-Waters (ACM-CCS 2007), but in contrast to the original ABKEM our ABKEM is based on an asymmetric bilinear map for better computational efficiency. We also give a proof of one-way-CCA security of ABKEM in the asymmetric case, which leads to concurrent man-in-the-middle security of ABAuth. We note that the selective security is often enough for the case of authentication in contrast to the case of encryption. Then we evaluate our ABAuth by implementation as well as by discussion. We use the TEPLA library TEPLA for the asymmetric bilinear map that is Type-3 pairing on the BN curve.

Published

2019

9. Analysis of Variance of Graph-Clique Mining for Scalable Proof of Work

Author

Tomohiro Matsushima, Chunhua Su, Samiran Bag, Weizhi Meng, Hiroaki Anada, Kouichi Sakurai, and Junpei Kawamoto

Subjects

060201 languages & linguistics, Exponential distribution, Theoretical computer science, Computer science, business.industry, Parameterized complexity, Cryptography, 06 humanities and the arts, 02 engineering and technology, Clique (graph theory), Search algorithm, Proof-of-work system, 0602 languages and literature, Scalability, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, Database transaction, MathematicsofComputing_DISCRETEMATHEMATICS

Abstract

Recently, Bitcoin is becoming one of the most popular decentralized cryptographic currency technologies, and Bitcoin mining is a process of adding transaction records to Bitcoin’s public ledger of past transactions or blockchain. To obtain a bitcoin, the mining process involves compiling recent transactions into blocks and trying to solve a computationally difficult puzzle, e.g., proof of work puzzle. A proof of work allows miners the ability to quantify how much work a given proof contains. Basically, the required time for mining is decided in advance, but problems will occur if the value is large for dispersion. In this paper, we first accept that the required time between consecutive blocks follows the exponential distribution. That is, the variance is stable as long as the expected time is fixed. Then, we focus on the graph clique mining technique proposed by the literature, like Tromp (BITCOIN 2015) and Bag-Ruj-Sakurai (Inscrypt 2015), which is based on a computational difficulty problem of searching cliques of undirected graphs, where a clique is a subset of vertices. In particular, when the clique size is two, graph clique mining can be used to gain Bitcoins. The previous work also claimed that if the clique size is parameterized and increased, even if the expected time is fixed, the variance would not be stable. However, no qualitative or quantitative results were given to support their claim. Motivated by this issue, in this work, we propose a simple search algorithm for graph cliques mining, and perform a small scale evaluation on Bitcoin and Graph cliques’s solo mining to investigate the variance issue.

Published

2019

10. Detailed Instantiation of the Decentralized Multi-Authority Anonymous Authentication Scheme and Tighter Reduction for Security

Author

Hiroaki Anada

Subjects

Scheme (programming language), Authentication, Theoretical computer science, Computer science, business.industry, Bilinear interpolation, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Signature (logic), Public-key cryptography, Reduction (complexity), Digital signature, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, computer.programming_language

Abstract

We give the details of the instantiation for the generic scheme of the decentralized multi-authority anonymous authentication (DMA-AAUTH) proposed in IACR Cryptology ePrint Archive. The instantiation is based on bilinear groups. Then, compared with the original security proof for the generic scheme, we give a security proof that is a tighter polynomial-time reduction for the instantiation by using the specific structure based on the bilinear groups. We evaluate the efficiency of the decentralized multi-authority attribute-based signature scheme (DMA-ABS) obtained by applying the Fiat-Shamir transform to our DMA-AAUTH scheme. Compared with the existing schemes, our DMA-ABS scheme attains shorter length of a signature on condition that the number of authorities is less than or equal to four.

Published

2018

11. Key-Updatable Public-Key Encryption with Keyword Search: Models and Generic Constructions

Author

Natsume Matsuzaki, Akira Kanaoka, Yohei Watanabe, and Hiroaki Anada

Subjects

Scheme (programming language), 021110 strategic, defence & security studies, Computer science, business.industry, Keyword search, 0211 other engineering and technologies, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Public-key cryptography, Simple (abstract algebra), 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, Cloud server, computer, computer.programming_language

Abstract

Public-key encryption with keyword search (PEKS) enables us to search over encrypted data, and is expected to be used between a cloud server and users’ devices such as laptops or smartphones. However, those devices might be lost accidentally or be stolen. In this paper, we deal with such a key-exposure problem on PEKS, and introduce a concept of PEKS with key-updating functionality, which we call key-updatable PEKS (KU-PEKS). Specifically, we propose two models of KU-PEKS: The key-evolution model and the key-insulation model. In the key-evolution model, a pair of public and secret keys can be updated if needed (e.g., the secret key is exposed). In the key-insulation model, a public key remains fixed while a secret key can be updated if needed. The former model makes a construction simple and more efficient than the latter model. On the other hand, the latter model is preferable for practical use since a user never updates his/her public key. We show constructions of a KU-PEKS scheme in each model in a black-box manner. We also give an experimental result for the most efficient instantiation, and show our proposal is practical.

Published

2018

12. Short CCA-Secure Ciphertext-Policy Attribute-Based Encryption

Author

Seiko Arita and Hiroaki Anada

Subjects

060201 languages & linguistics, Theoretical computer science, Plaintext-aware encryption, business.industry, Computer science, Data_CODINGANDINFORMATIONTHEORY, 06 humanities and the arts, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Deterministic encryption, Probabilistic encryption, 0602 languages and literature, Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, 40-bit encryption, 56-bit encryption, 020201 artificial intelligence & image processing, Attribute-based encryption, business, computer

Abstract

We propose a technique of individually modifying an attribute-based encryption scheme (ABE) secure against chosen-plaintext attacks (CPA) into an ABE scheme secure against chosen- ciphertext attacks (CCA) in the standard model. We demonstrate the technique in the case of the Waters ciphertext-policy ABE (CP-ABE). Our technique is helpful when a Diffie-Hellman tuple to be verified is in the terminal group of a bilinear map. We utilize the Twin Diffie-Hellman Trapdoor Test of Cash, Kiltz and Shoup, and it results in expansion of secret key length and decryption cost of computation by a factor of four, whereas public key length, ciphertext length and encryption cost of computation remain almost the same. In the case that the size of attribute sets are small, those lengths and costs are smaller than those of the CP-ABE obtained via the generic transformation of Yamada et al. in PKC 2011.

Published

2017

13. Anonymous Authentication Scheme with Decentralized Multi-Authorities

Author

Hiroaki Anada and Seiko Arita

Subjects

060201 languages & linguistics, Scheme (programming language), Authentication, Identification scheme, Computer science, business.industry, 06 humanities and the arts, 02 engineering and technology, Information security, Computer security, computer.software_genre, Public-key cryptography, Discrete logarithm, 0602 languages and literature, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Commitment scheme, business, computer, computer.programming_language, Anonymity

Abstract

We propose an anonymous authentication scheme with a feature that more than one authorities such as license issuers or product providers can admit a single entity by issuing secret keys, and then the entity is able to prove that is has those secret keys associated to its identity, without a central authority. First, we provide the syntax and the security definition of an anonymous authentication scheme with such decentralized multi-authorities. Next, we give a construction of an anonymous authentication scheme in the discrete logarithm setting by using the Okamoto identification scheme and the Pedersen commitment scheme as building blocks. Then we prove that, under the discrete logarithm assumption, our scheme possesses the proving ability of knowing secret keys associated to the single identity, the anonymity, and the security against concurrent attacks of causing misauthentication. The algorithm of our scheme does not need costly pairing computation, and hence our scheme is suitable for devices with less computational resource.

Published

2017

14. Comments and improvements of 'HOTA: Handover optimized ticket-based authentication in network-based mobility management'

Author

Shehzad Ashraf Chaudhry, Mazdak Zamani, Akram M. Zeki, Mohammad Hessam Tadayon, Kouichi Sakurai, Muhammad Khurram Khan, Sabariah Baharun, Hiroaki Anada, and Mojtaba Alizadeh

Subjects

Authentication, business.industry, Denial-of-service attack, Computer security, computer.software_genre, Session hijacking, Geography, Ticket, Challenge–response authentication, Proxy Mobile IPv6, business, Mobility management, computer, Vulnerability (computing), Computer network

Abstract

Nowadays, various mobile devices are being an inseparable part of our normal life. Mobile users tend to be connected to the Internet seamlessly, which is provided by mobility management protocols. One of the latest mobility management protocol is Proxy Mobile IPv6 (PMIPv6), which is a network-based protocol. Authentication mechanism as a critical security procedure is not specified in PMIPv6, hence various authentication methods have been proposed. Lee and Bonin proposed a ticket-based authentication scheme for PMIPv6, which is called HOTA in 2013. Even though, HOTA offers some security protection mechanisms, but is vulnerable to DoS attack. Furthermore, we show other existing drawbacks to the scheme such as vulnerability against de-synchronization attack and Session Hijacking attack. In this paper, we propose an enhancement method to mitigate these security drawbacks. Finally, security and performance of the proposed method are analyzed and compared to HOTA method.

Published

2017

15. Application of NTRU Using Group Rings to Partial Decryption Technique

Author

Takanori Yasuda, Kouichi Sakurai, and Hiroaki Anada

Subjects

Public-key cryptography, Ring (mathematics), Theoretical computer science, NTRU, business.industry, Computer science, Ciphertext, Cryptosystem, Lattice-based cryptography, business, Encryption, Group ring

Abstract

Partial decryption enables a ciphertext to be decrypted partially according to provided secret keys. In this paper, we propose a public key encryption scheme with the functionality of partial decryption. Our strategy is to use the NTRU cryptosystem. Under a design principle of the mathematical structure "group ring", we extend the original NTRU into group ring NTRU GR-NTRU. First, we propose a generic framework of our GR-NTRU. Our GR-NTRU allows partial decryption with a single encryption process using a single public key. Besides, when we execute partial decryption under a secret key of GR-NTRU, we need no information to identify each part in a whole ciphertext. Consequently, management of a public key and a corresponding set of secret keys is rather easier than the naive method. Next, we propose a concrete instantiation of our generic GR-NTRU. A multivariate polynomial ring NTRU scheme is obtained by employing a product of different cyclic groups as the basis of the group ring structure. We will show examples of those new variants of NTRU schemes with concrete parameter values, and explain how we can employ them to use the functionality of partial decryption.

Published

2016

16. Detection of Illegal Players in Massively Multiplayer Online Role Playing Game by Classification Algorithms

Author

Hiroaki Anada, Zhongqqiang Zhang, Junpei Kawamoto, and Kouichi Sakurai

Subjects

Game mechanics, Multimedia, Video game development, Sequential game, business.industry, Role playing game, Computer science, Internet privacy, ComputingMilieux_PERSONALCOMPUTING, Combinatorial game theory, computer.software_genre, Virtual economy, business, Video game design, computer, Avatar

Abstract

Online games have become one of the most popular games in recent years. However, fraud such as real money trading and the use of game bot, has also increased accordingly. In order to maintain a balance in the virtual world, the operators of online games have taken a stern response to the players who conduct fraud. In this study, we have sorted out players' behaviors based on players' game playing time in order to support and find potentially illegal players in the MMORPG. In this paper, we added a topic model to the experiment and used k-means as a major tool to classify the players in the World of War craft Avatar History Dataset and find potentially illegal players.

Published

2015

17. Cryptanalysis and Improvement of 'A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks'

Author

Mojtaba Alizadeh, Shehzad Ashraf Chaudhry, Mazdak Zamani, Hiroaki Anada, Sabariah Baharun, Muhammad Khurram Khan, Hassan Keshavarz, Azizah Abdul Manaf, and Kouichi Sakurai

Subjects

Computer science, computer.internet_protocol, Science, Cryptography, Computer security, computer.software_genre, law.invention, law, Password authentication protocol, Proxy Mobile IPv6, Mobility management, Data Authentication Algorithm, Authentication, Multidisciplinary, Revocation, business.industry, Password cracking, Authentication protocol, Medicine, The Internet, Challenge–response authentication, business, Cryptanalysis, computer, Research Article

Abstract

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes’ participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.’s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.’s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

Published

2015

18. Identity-Embedding Method for Decentralized Public-Key Infrastructure

Author

Hiroaki Anada, Kouichi Sakurai, Junpei Kawamoto, and Jian Weng

Subjects

Identity Management, Authentication, Public Key Infrastructure, Computer science, business.industry, Public key infrastructure, Encryption, Computer security, computer.software_genre, Public-key cryptography, RSA, Elliptic Curve, Decentralized System, Certificate authority, Key (cryptography), Cryptosystem, business, computer, Key size

Abstract

A public key infrastructure PKI is for facilitating the authentication and distribution of public keys. Currently, the most commonly employed approach to PKI is to rely on certificate authorities CAs, but recently there has been arising more need for decentralized peer-to-peer certification like Webs of Trust. In this paper, we propose an identity-embedding method suitable for decentralized PKI. By embedding not only $$\text {ID}$$ of the candidate public-key owner itself but also $$\text {ID}$$s of his guarantors into $$\text {PK}$$, we can construct Web of guarantors on public keys. Here guarantors can be chosen arbitrarily by the candidate public-key owner. Our embedding method uses a combination of two public-key cryptosystems; the first cryptosystem is for PKI directly. Here we employ a technique to embed a string into a public key of the first cryptosystem. As such a string, we choose a concatenation of $$\text {ID}$$ of a candidate public-key owner, $$\text {ID}$$s of his guarantors, and a public key of the second cryptosystem. This embedded public key of the second cryptosystem is used by the candidate public-key owner that he certainly knows the secret key that corresponds to the public key of the first cryptosystem. Then, with an aid of a broadcast mechanism of an updated public-key list on a peer-to-peer network, we can attain the decentralized PKI. Such an embedding method is concretely realized by the RSA encryption with the Lenstra's algorithm, which can be used as the first cryptosystem. As the second cryptosystem, we employ an elliptic curve encryption whose security is equivalent to the security of the RSA encryption, where the former achieves shorter key size than the latter. We write down concrete values of parameters for a realization of the embedding.

Published

2015

19. Correction: Cryptanalysis and Improvement of 'A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks'

Author

Shehzad Ashraf Chaudhry, Hiroaki Anada, Muhammad Khurram Khan, Sabariah Baharun, Hassan Keshavarz, Mojtaba Alizadeh, Mazdak Zamani, Azizah Abdul Manaf, and Kouichi Sakurai

Subjects

Internet, Multidisciplinary, computer.internet_protocol, business.industry, Computer science, lcsh:R, Correction, lcsh:Medicine, Telemedicine, law.invention, Computer Communication Networks, Handover, law, Humans, Password authentication protocol, lcsh:Q, business, Proxy Mobile IPv6, Cryptanalysis, lcsh:Science, computer, Cell Phone, Computer Security, Mechanism (sociology), Computer network

Abstract

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

Published

2015

20. Hybrid Encryption Scheme Using Terminal Fingerprint and Its Application to Attribute-Based Encryption Without Key Misuse

Author

Chunlu Chen, Hiroaki Anada, Kouichi Sakurai, Junpei Kawamoto, Kyushu University [Fukuoka], Institute of Systems, Information Technologies and Nanotechnologies (ISIT), Ismail Khalil, Erich Neuhold, A Min Tjoa, Li Da Xu, Ilsun You, TC 5, TC 8, and WG 8.9

Subjects

Re-encryption, business.industry, Computer science, [SHS.INFO]Humanities and Social Sciences/Library and information sciences, Key misuse, Computer security, computer.software_genre, Encryption, Multiple encryption, Filesystem-level encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, [INFO]Computer Science [cs], Attribute-based encryption, On-the-fly encryption, business, computer, Terminal fingerprint, Computer network

Abstract

Part 9: Cryptography; International audience; Internet services make sharing digital contents faster and easier but raise an issue of illegal copying and distribution of those digital contents at the same time. A lot of public key encryption schemes solve this issue. However, the secret key is not completely protected i.e. these kinds of encryption methods do not prevent illegal copying and distribution of secret keys. In this paper, we propose a hybrid encryption scheme that employ terminal fingerprints. This scheme is a template to avoid such misuse of secret keys, and can be applied to, for example, attribute-based encryption schemes. There terminal fingerprint information is used to create a second encryption key and secret key. Since the terminal fingerprint is assumed to be unchangeable and unknowable, we ensure that our secret keys are valid in the terminal where such secret keys were created.

Published

2015