Showing papers by "Shinsaku Kiyomoto published in 2005"

Design of Self-Delegation for Mobile Terminals

Abstract: In this paper, we propose a new authentication mechanism for the mobile environments, called Self-Delegation. In the mechanism, a user stores information that relates to strict authentication in a tamper-resistant module that can be kept securely at home. Time-limited authority is delegated to the mobile terminal by communicating with the tamper-resistant module on a local basis. After the delegation, a remote service can authenticate the user for a limited time. We propose two self-delegation schemes, and analyze the security of the proposed scheme based on a security model that we define. Furthermore, we have implemented the self-delegation and authentication protocols on a PDA and a Java card, both of which have ISO14443 I/F, and show the feasibility of the implemented protocols.

Experimental Analysis of Guess-and-Determine Attacks on Clock-Controlled Stream Ciphers

Abstract: Guess-and-Determine (GD) attacks have recently been proposed for the effective analysis of word-oriented stream ciphers. This paper discusses GD attacks on clock-controlled stream ciphers, which use irregular clocking for a non-linear function. The main focus is the analysis of irregular clocking for GD attacks. We propose GD attacks on a typical clock-controlled stream cipher AA5, and calculate the process complexity of our proposed GD attacks. In the attacks, we assume that the clocking of linear feedback shift registers (LFSRs) is truly random. An important consideration affecting the practicality of these attacks is the question of whether these assumptions are realistic. Because in practice, the clocking is determined by the internal states. We implement miniature ciphers to evaluate the proposed attacks, and show that they are applicable. We also apply the GD attacks to other clock controlled stream ciphers and compare them. Finally, we discuss some properties of GD attacks on clock-controlled stream ciphers and the effectiveness of the clock controllers. Our research results contain information that are useful in the design of clock-controlled stream ciphers.

Proposal of a Transformation Method for Iris Codes in Iris Scanning Verification

Abstract: In this paper, we propose a transformation function for a user's raw iris data, an "iris code" in iris scanning verification on the server, since the iris code requires to be hidden from even a server administrator. We then show that the user can be properly authenticated on the server, even though the iris code is transformed by the proposed function. The reason is that the function has a characteristic, "The (normalized) Hamming distances between the enrolled iris codes and the verified iris codes are conserved before and after the computation of the function," that is, the normalized Hamming distance in this scheme is equal to that in the existing scheme. We also show that the transformed iris code is sufficiently secure to hide the original iris code, even if a stronger attack model is supposed than the previously described model. That can be explained from the following two reasons. One reason is that nonlinear function, which consists of the three-dimensional rotation about the x-axis and the y-axis with the iris code lengthened bit by bit, and the cyclic shift, does not enable an attacker to conjecture the iris code. The other reason is that the success probabilities for the exhaustive search attack concerning the iris code in the supposed attack models are lower than those of the previously proposed methods and are negligible.