Showing papers by "Keita Emura published in 2023"
TL;DR: In this paper , a generic IBEETIA without resorting to rich algebraic structures was proposed, in which the only building blocks of the proposed construction are symmetric key encryption and pseudo-random permutations in the standard model.
Abstract: Identity-based encryption with equality test (IBEET) is a generalization of the traditional identity-based encryption (IBE) and public key searchable encryption, where trapdoors enable users to check whether two ciphertexts of distinct identities are encryptions of the same plaintext. By definition, IBEET cannot achieve indistinguishability security against insiders, i.e., users who have trapdoors. To address this issue, IBEET against insider attacks (IBEETIA) was later introduced as a dual primitive. While all users of IBEETIA are able to check whether two ciphertexts are encryptions of the same plaintext, only users who have tokens are able to encrypt plaintexts. Hence, IBEETIA is able to achieve indistinguishability security. On the other hand, the definition of IBEETIA weakens the notion of IBE due to its encryption inability. Nevertheless, known schemes of IBEETIA made use of rich algebraic structures such as bilinear groups and lattices. In this paper, we propose a generic construction of IBEETIA without resorting to rich algebraic structures. In particular, the only building blocks of the proposed construction are symmetric key encryption and pseudo-random permutations in the standard model. If a symmetric key encryption scheme satisfies CCA security, our proposed IBEETIA scheme also satisfies CCA security.
3 citations
Journal Article•
TL;DR: In this paper , the authors propose a solution to solve the problem of the problem: this paper ] of "uniformity" and "uncertainty" of the solution.
Abstract: ,
1 citations
TL;DR: In this article , a ratcheting digital signature scheme is proposed for secure group messaging (SGM) protocols. But the scheme requires the group members to have different authorities and is not suitable for one-to-many SGM applications.
Abstract: Secure messaging (SM) protocols allow users to communicate se-curely over an untrusted infrastructure. Alwen et al. formally de-fined the key agreement protocol used in secure group messaging (SGM) as continuous group key agreement (CGKA) at CRYPTO 2020. In their CGKA protocol, all of the group members have the same rights and a trusted third party is needed. On the other hand, some SGM applications may have a user in the group who has the role of an administrator. When the administrator as the group manager (GM) is distinguished from other group members, i.e., in a one-to-many setting, it would be better for the GM and the other group members to have different authorities. We achieve this flex-ible authorization by incorporating a ratcheting digital signature scheme (Cremers et al. at USENIX Security 2021) into the existing CGKA protocol and demonstrate that such a simple modification allows us to provide flexible authorization. In Alwen et al.'s CGKA protocol, an external public key infrastructure (PKI) functionality as a trusted third party manages the confidential information of users, and the PKI can read all messages until all users update their own keys. In contrast, the GM in our protocol has the same role as the PKI functionality in the group, so no third party outside the group handles confidential information of users and thus no one except group members can read messages regardless of key updates. Our proposed protocol is useful in the creation of new applications such as broadcasting services.
1 citations
TL;DR: In this article , the authors proposed a cyberattackdetectable encrypted control system and validated its effectiveness using a proportional integration derivative (PID) position-control system for an industrial motor.
Abstract: Encrypted control systems are secure control methods that use the cryptographic properties of a specific homomorphic encryption scheme. This study proposes a cyberattack-detectable encrypted control system and validates its effectiveness using a proportional integration derivative (PID) position-control system for an industrial motor. The proposed encrypted control system uses a keyed-homomorphic public-key encryption scheme for real-time detection of cyberattacks, such as signal and control parameter falsification. Additionally, a novel quantizer is presented to reduce the computation cost and quantization-error effects on control performance. The quantizer demonstrated a significant improvement, reducing the computation time by 47.3 % compared to using our previous quantizer, and decreasing the quantization-error effect by 30.6 % compared to a widely-used gain-multiplying quantizer. Moreover, this study establishes conditions through a theorem to avoid an overflow in the proposed control system. Experimental validation confirms that the proposed control system effectively conceals the control operation, and the presented theorem aids in designing the quantization gains to prevent overflows. Notably, the results of falsification attack tests highlight that the proposed control system enables real-time detection of attacked components within control parameters and signals, representing a significant advantage of this study.
22 Feb 2023
TL;DR: In this article , the authors proposed a scalable access control protocol to cache-22, which requires a communication cost of O(log T √ log √ √ max) where √ is the maximum time period.
Abstract: Due to the increasing use of encrypted communication, such as Transport Layer Security (TLS), encrypted cache systems are a promising approach for providing communication efficiency and privacy. Cache-22 is an encrypted cache system (Emura et al. ISITA 2020) that makes it possible to significantly reduce communication between a cache server and a service provider. In the final procedure of Cache-22, the service provider sends the corresponding decryption key to the user via TLS and this procedure allows the service provider to control which users can access the contents. For example, if a user has downloaded ciphertexts of several episodes of a show, the service provider can decide to provide some of the contents (e.g., the first episode) available for free while requiring a fee for the remaining contents. However, no concrete access control method has been implemented in the original Cache-22 system. In this paper, we add a scalable access control protocol to Cache-22. Specifically, we propose a time-dependent access control that requires a communication cost of $O(\log T_{\sf max})$ where $T_{\sf max}$ is the maximum time period. Although the protocol is stateful, we can provide time-dependent access control with scalability at the expense of this key management. We present experimental results and demonstrate that the modified system is effective for controlling access rights. We also observe a relationship between cache capacity and network traffic because the number of duplicated contents is higher than that in the original Cache-22 system, due to time-dependent access control.
Journal Article•
TL;DR: In this paper , the authors propose a solution to solve the problem of the problem: this paper ] of "uniformity" and "uncertainty" of the solution.
Abstract: ,
Journal Article•
TL;DR: In this paper , the authors propose a solution to solve the problem of the problem: this paper ] of "uniformity" and "uncertainty" of the solution.
Abstract: ,
Journal Article•
TL;DR: In this article , the authors propose a solution to solve the problem of the problem: this article ] of "uniformity" and "uncertainty" of the solution.
Abstract: ,
TL;DR: In this article , the authors propose a solution to solve the problem of the problem: this article ] of "uniformity" and "uncertainty" of the solution.
Abstract: ,