scispace - formally typeset
Search or ask a question
Author

Atsuko Miyaji

Bio: Atsuko Miyaji is an academic researcher from Osaka University. The author has contributed to research in topics: Encryption & Elliptic curve point multiplication. The author has an hindex of 30, co-authored 281 publications receiving 4511 citations. Previous affiliations of Atsuko Miyaji include Panasonic & Japan Advanced Institute of Science and Technology.


Papers
More filters
Journal Article
TL;DR: The aim is to characterizing elliptic curve traces by FR-reduction and investigate explicit conditions of traces vulnerable or secure against FR- reduction, and to show new explicit Conditions of elliptic Curve traces for FRreduction.
Abstract: Elliptic curve cryptosystems([19],[25]) are based on the elliptic curve discrete logarithm problem(ECDLP). If elliptic curve cryptosystems avoid FRreduction([11],[17]) and anomalous elliptic curve over Fq ([3], [33], [35]), then with current knowledge we can construct elliptic curve cryptosystems over a smaller definition field. ECDLP has an interesting property that the security deeply depends on elliptic curve traces rather than definition fields, which does not occur in the case of the discrete logarithm problem(DLP). Therefore it is important to characterize elliptic curve traces explicitly from the security point of view. As for FR-reduction, supersingular elliptic curves or elliptic curve E/Fq with trace 2 have been reported to be vulnerable. However unfortunately these have been only results that characterize elliptic curve traces explicitly for FRand MOV-reductions. More importantly, the secure trace against FR-reduction has not been reported at all. Elliptic curves with the secure trace means that the reduced extension degree is always higher than a certain level. In this paper, we aim at characterizing elliptic curve traces by FR-reduction and investigate explicit conditions of traces vulnerable or secure against FR-reduction. We show new explicit conditions of elliptic curve traces for FRreduction. We also present algorithms to construct such elliptic curves, which have relation to famous number theory problems. key words: elliptic curve cryptosystems, trace, FRreduction

623 citations

Journal Article
TL;DR: A new coordinate system and a new mixed coordinates strategy are proposed, which significantly improves on the number of basic operations needed for elliptic curve exponentiation.
Abstract: Elliptic curve cryptosystems, proposed by Koblitz ([12]) and Miller ([16]), can be constructed over a smaller field of definition than the ElGamal cryptosystems ([6]) or the RSA cryptosystems ([20]) This is why elliptic curve cryptosystems have begun to attract notice In this paper, we investigate efficient elliptic curve exponentiation We propose a new coordinate system and a new mixed coordinates strategy, which significantly improves on the number of basic operations needed for elliptic curve exponentiation

487 citations

Book ChapterDOI
18 Oct 1998
TL;DR: In this paper, a new coordinate system and a new mixed coordinates strategy are proposed to improve the number of basic operations needed for elliptic curve exponentiation, which significantly reduces the number required for the RSA cryptosystem.
Abstract: Elliptic curve cryptosystems, proposed by Koblitz ([12]) and Miller ([16]), can be constructed over a smaller field of definition than the ElGamal cryptosystems ([6]) or the RSA cryptosystems ([20]). This is why elliptic curve cryptosystems have begun to attract notice. In this paper, we investigate efficient elliptic curve exponentiation. We propose a new coordinate system and a new mixed coordinates strategy, which significantly improves on the number of basic operations needed for elliptic curve exponentiation.

237 citations

Journal Article
TL;DR: In this article, a new Ciphertext-Policy Attribute-Based Encryption (CP-ABE) with constant ciphertext length was proposed, and the number of pairing computations was also constant.
Abstract: An Attribute-Based Encryption (ABE) is an encryption scheme, where users with some attributes can decrypt ciphertexts associated with these attributes. However, the length of the ciphertext depends on the number of attributes in previous ABE schemes. In this paper, we propose a new Ciphertext-Policy Attribute-Based Encryption (CP-ABE) with constant ciphertext length. Moreover, the number of pairing computations is also constant.

230 citations

Book ChapterDOI
02 Apr 2009
TL;DR: A new Ciphertext-Policy Attribute-Based Encryption (CP-ABE) with constant ciphertext length and the number of pairing computations is also constant.
Abstract: An Attribute-Based Encryption (ABE) is an encryption scheme, where users with some attributes can decrypt ciphertexts associated with these attributes. However, the length of the ciphertext depends on the number of attributes in previous ABE schemes. In this paper, we propose a new Ciphertext-Policy Attribute-Based Encryption (CP-ABE) with constant ciphertext length. Moreover, the number of pairing computations is also constant.

128 citations


Cited by
More filters
Book ChapterDOI
09 Dec 2001
TL;DR: A short signature scheme based on the Computational Diffie-Hellman assumption on certain elliptic and hyperelliptic curves is introduced, designed for systems where signatures are typed in by a human or signatures are sent over a low-bandwidth channel.
Abstract: We introduce a short signature scheme based on the Computational Diffie-Hellman assumption on certain elliptic and hyperelliptic curves. The signature length is half the size of a DSA signature for a similar level of security. Our short signature scheme is designed for systems where signatures are typed in by a human or signatures are sent over a low-bandwidth channel.

3,697 citations

Book
01 Jan 2004
TL;DR: This guide explains the basic mathematics, describes state-of-the-art implementation methods, and presents standardized protocols for public-key encryption, digital signatures, and key establishment, as well as side-channel attacks and countermeasures.
Abstract: After two decades of research and development, elliptic curve cryptography now has widespread exposure and acceptance. Industry, banking, and government standards are in place to facilitate extensive deployment of this efficient public-key mechanism. Anchored by a comprehensive treatment of the practical aspects of elliptic curve cryptography (ECC), this guide explains the basic mathematics, describes state-of-the-art implementation methods, and presents standardized protocols for public-key encryption, digital signatures, and key establishment. In addition, the book addresses some issues that arise in software and hardware implementation, as well as side-channel attacks and countermeasures. Readers receive the theoretical fundamentals as an underpinning for a wealth of practical and accessible knowledge about efficient application. Features & Benefits: * Breadth of coverage and unified, integrated approach to elliptic curve cryptosystems * Describes important industry and government protocols, such as the FIPS 186-2 standard from the U.S. National Institute for Standards and Technology * Provides full exposition on techniques for efficiently implementing finite-field and elliptic curve arithmetic* Distills complex mathematics and algorithms for easy understanding* Includes useful literature references, a list of algorithms, and appendices on sample parameters, ECC standards, and software toolsThis comprehensive, highly focused reference is a useful and indispensable resource for practitioners, professionals, or researchers in computer science, computer engineering, network design, and network data security.

2,893 citations

Book ChapterDOI
15 Aug 2004
TL;DR: In this article, the authors proposed a group signature scheme based on the Strong Diffie-Hellman assumption and a new assumption in bilinear groups called the Decision Linear assumption.
Abstract: We construct a short group signature scheme. Signatures in our scheme are approximately the size of a standard RSA signature with the same security. Security of our group signature is based on the Strong Diffie-Hellman assumption and a new assumption in bilinear groups called the Decision Linear assumption. We prove security of our system, in the random oracle model, using a variant of the security definition for group signatures recently given by Bellare, Micciancio, and Warinschi.

1,956 citations

Book ChapterDOI
04 May 2003
TL;DR: In this article, Boneh, Lynn, and Shacham introduced the concept of an aggregate signature, presented security models for such signatures, and gave several applications for aggregate signatures.
Abstract: An aggregate signature scheme is a digital signature that supports aggregation: Given n signatures on n distinct messages from n distinct users, it is possible to aggregate all these signatures into a single short signature. This single signature (and the n original messages) will convince the verifier that the n users did indeed sign the n original messages (i.e., user i signed message Mi for i = 1, . . . , n). In this paper we introduce the concept of an aggregate signature, present security models for such signatures, and give several applications for aggregate signatures. We construct an efficient aggregate signature from a recent short signature scheme based on bilinear maps due to Boneh, Lynn, and Shacham. Aggregate signatures are useful for reducing the size of certificate chains (by aggregating all signatures in the chain) and for reducing message size in secure routing protocols such as SBGP. We also show that aggregate signatures give rise to verifiably encrypted signatures. Such signatures enable the verifier to test that a given ciphertext C is the encryption of a signature on a given message M. Verifiably encrypted signatures are used in contract-signing protocols. Finally, we show that similar ideas can be used to extend the short signature scheme to give simple ring signatures.

1,859 citations

Journal ArticleDOI
TL;DR: Performance measurements of the experimental file system demonstrate the usefulness of proxy re-encryption as a method of adding access control to a secure file system and present new re-Encryption schemes that realize a stronger notion of security.
Abstract: In 1998, Blaze, Bleumer, and Strauss (BBS) proposed an application called atomic proxy re-encryption, in which a semitrusted proxy converts a ciphertext for Alice into a ciphertext for Bob without seeing the underlying plaintext. We predict that fast and secure re-encryption will become increasingly popular as a method for managing encrypted file systems. Although efficiently computable, the wide-spread adoption of BBS re-encryption has been hindered by considerable security risks. Following recent work of Dodis and Ivan, we present new re-encryption schemes that realize a stronger notion of security and demonstrate the usefulness of proxy re-encryption as a method of adding access control to a secure file system. Performance measurements of our experimental file system demonstrate that proxy re-encryption can work effectively in practice.

1,598 citations