scispace - formally typeset
Search or ask a question
Author

Takeshi Shimoyama

Bio: Takeshi Shimoyama is an academic researcher from Fujitsu. The author has contributed to research in topics: Encryption & Block cipher. The author has an hindex of 19, co-authored 119 publications receiving 1396 citations.


Papers
More filters
Journal ArticleDOI
TL;DR: A new method for primary decomposition of a polynomial ideal, not necessarily zero-dimensional, is proposed and a detailed study for its practical implementation is reported on.

131 citations

Proceedings ArticleDOI
08 Nov 2013
TL;DR: This paper makes use of the somewhat homomorphic encryption scheme presented by Lauter, Naehrig and Vaikuntanathan (ACM CCSW 2011), which supports a limited number of both additions and multiplications on encrypted data and proposes a new packing method suitable for an efficient computation of multiple Hamming distance values onencrypted data.
Abstract: The basic pattern matching problem is to find the locations where a pattern occurs in a text. Recently, secure pattern matching has been received much attention in various areas, including privacy-preserving DNA matching and secure biometric authentication. The aim of this paper is to give a practical solution for this problem using homomorphic encryption, which is public key encryption supporting some operations on encrypted data.In this paper, we make use of the somewhat homomorphic encryption scheme presented by Lauter, Naehrig and Vaikuntanathan (ACM CCSW 2011), which supports a limited number of both additions and multiplications on encrypted data. In their work, some message encoding techniques are also presented for enabling us to efficiently compute sums and products over the integers. Based on their techniques, we propose a new packing method suitable for an efficient computation of multiple Hamming distance values on encrypted data. Our main extension gives two types of packed ciphertexts, and a linear computation over packed ciphertexts gives our desired results. We implemented the scheme with our packing method.Our experiments ran in an Intel Xeon at 3.07 GHz with our software library using inline assembly language in C programs. Our optimized implementation shows that the packed encryption of a text or a pattern, the computation of multiple Hamming distance values over packed ciphertexts, and the decryption respectively take about 3.65 milliseconds (ms), 5.31 ms, and 3.47 ms for secure exact and approximate pattern matching of a binary text of length 2048. The total time is about 12.43 ms, which would give the practical performance in real life. Our method gives both faster performance and lower communication than the state-of-the-art work for a binary text of several thousand bits in length.

130 citations

Book ChapterDOI
02 Sep 2013
TL;DR: This paper proposes an efficient method to compute the Hamming distance on encrypted data using the homomorphic encryption based on ideal lattices, and proposes a privacy-preserving biometric authentication protocol using this method, and compares it with related protocols.
Abstract: Among many approaches for privacy-preserving biometric authentication, we focus on the approach with homomorphic encryption, which is public key encryption supporting some operations on encrypted data. In biometric authentication, the Hamming distance is often used as a metric to compare two biometric feature vectors. In this paper, we propose an efficient method to compute the Hamming distance on encrypted data using the homomorphic encryption based on ideal lattices. In our implementation of secure Hamming distance of 2048-bit binary vectors with a lattice of 4096 dimension, encryption of a vector, secure Hamming distance, and decryption respectively take about 19.89, 18.10, and 9.08 milliseconds (ms) on an Intel Xeon X3480 at 3.07 GHz. We also propose a privacy-preserving biometric authentication protocol using our method, and compare it with related protocols. Our protocol has faster performance and shorter ciphertext size than the state-of-the-art prior work using homomorphic encryption.

75 citations

Book ChapterDOI
23 Aug 1998
TL;DR: An improved algorithm is described that can reduce the number of required plaintexts and ciphertexts pairs to 25/34 (73.5 %) of those number of pairs required in the linear attack by Matsui.
Abstract: In this paper, we derive 7 quadratic relations over GF(2) from the input and output bits of the S-boxes of DES. We apply one of those to an improved linear attack of full round DES. We describe an improved algorithm by combining the non-linear approximation method proposed by Knudsen and Robshaw, and the multiple approximation method proposed by Kaliski and Robshaw. This improvement can reduce the number of required plaintexts and ciphertexts pairs to 25/34 (73.5 %) of those number of pairs 243 required in the linear attack by Matsui.

60 citations

Book ChapterDOI
12 Sep 2013
TL;DR: This paper focuses on the scheme proposed by Lauter, Naehrig and Vaikuntanathan (ACM CCSW 2011), and presents two types of packed ciphertexts based on their packing technique, giving practical size and performance for wider computations such as statistical analysis and distances.
Abstract: Somewhat homomorphic encryption is public key encryption supporting a limited number of both additions and multiplications on encrypted data, which is useful for performing fundamental computations with protecting the data confidentiality. In this paper, we focus on the scheme proposed by Lauter, Naehrig and Vaikuntanathan (ACM CCSW 2011), and present two types of packed ciphertexts based on their packing technique. Combinations of two types of our packing method give practical size and performance for wider computations such as statistical analysis and distances. To demonstrate its efficiency, we implemented the scheme with our packing method for secure Hamming distance, which is often used in privacy-preserving biometrics. For secure Hamming distance between two binary vekoshiba@mail.saitama-u.ac.jpctors of 2048-bit, it takes 5.31ams on an Intel Xeon X3480 at 3.07aGHz. This gives the best performance in the state-of-the-art work using homomorphic encryption.

59 citations


Cited by
More filters
Book
12 Aug 2008
TL;DR: A singular introduction to commutative algebra as mentioned in this paper is one of the most widely used works in algebraic geometry, with a broad coverage of theoretical topics in the portions of the algebra closest to algebraic geometrical geometry.
Abstract: From the reviews of the first edition: "It is certainly no exaggeration to say that A Singular Introduction to Commutative Algebra aims to lead a further stage in the computational revolution in commutative algebra . Among the great strengths and most distinctive features is a new, completely unified treatment of the global and local theories. making it one of the most flexible and most efficient systems of its type....another strength of Greuel and Pfister's book is its breadth of coverage of theoretical topics in the portions of commutative algebra closest to algebraic geometry, with algorithmic treatments of almost every topic....Greuel and Pfister have written a distinctive and highly useful book that should be in the library of every commutative algebraist and algebraic geometer, expert and novice alike." J.B. Little, MAA, March 2004 The second edition is substantially enlarged by a chapter on Groebner bases in non-commtative rings, a chapter on characteristic and triangular sets with applications to primary decomposition and polynomial solving and an appendix on polynomial factorization including factorization over algebraic field extensions and absolute factorization, in the uni- and multivariate case.

869 citations

Book
01 Jan 2006
TL;DR: In this paper, the authors define the integral closure of rings and define a table of basic properties including separation, separationability, separation of rings, and normal homomorphisms, and the Briancon-Skoda theorem.
Abstract: Table of basic properties Notation and basic definitions Preface 1. What is the integral closure 2. Integral closure of rings 3. Separability 4. Noetherian rings 5. Rees algebras 6. Valuations 7. Derivations 8. Reductions 9. Analytically unramified rings 10. Rees valuations 11. Multiplicity and integral closure 12. The conductor 13. The Briancon-Skoda theorem 14. Two-dimensional regular local rings 15. Computing the integral closure 16. Integral dependence of modules 17. Joint reductions 18. Adjoints of ideals 19. Normal homomorphisms Appendix A. Some background material Appendix B. Height and dimension formulas References Index.

826 citations

Book ChapterDOI
01 Jun 2010
TL;DR: To appear as a chapter of the volume " Boolean Methods and Models " , this chapter describes the construction of Boolean models and some examples show how to model Boolean functions using LaSalle's inequality.
Abstract: To appear as a chapter of the volume " Boolean Methods and Models " ,

468 citations

BookDOI
01 Jan 1997
TL;DR: The author covers a wide range, from showing how to obtain deep heuristics in a computation of a ring, a module or a morphism, to developing means of solving nonlinear systems of equations - highlighting the use of advanced techniques to bring down the cost of computation.
Abstract: This ACM volume deals with tackling problems that can be represented by data structures which are essentially matrices with polynomial entries, mediated by the disciplines of commutative algebra and algebraic geometry. The discoveries stem from an interdisciplinary branch of research which has been growing steadily over the past decade. The author covers a wide range, from showing how to obtain deep heuristics in a computation of a ring, a module or a morphism, to developing means of solving nonlinear systems of equations - highlighting the use of advanced techniques to bring down the cost of computation. Although intended for advanced students and researchers with interests both in algebra and computation, many parts may be read by anyone with a basic abstract algebra course.

411 citations

01 Jan 1998
TL;DR: The design of both the round function and the key schedule permits a wide variety of tradeoffs between speed, software size, key setup time, gate count, and memory.
Abstract: Twofish is a 128-bit block cipher that accepts a variable-length key up to 256 bits. The cipher is a 16-round Feistel network with a bijective F function made up of four key-dependent 8-by-8-bit S-boxes, a fixed 4-by-4 maximum distance separable matrix over GF(2), a pseudo-Hadamard transform, bitwise rotations, and a carefully designed key schedule. A fully optimized implementation of Twofish encrypts on a Pentium Pro at 17.8 clock cycles per byte, and an 8-bit smart card implementation encrypts at 1660 clock cycles per byte. Twofish can be implemented in hardware in 14000 gates. The design of both the round function and the key schedule permits a wide variety of tradeoffs between speed, software size, key setup time, gate count, and memory. We have extensively cryptanalyzed Twofish; our best attack breaks 5 rounds with 2 chosen plaintexts and 2 effort.

403 citations