34th CSEC Group Meeting

Date

July 20, 2006

Location

Okayama University (Okayama)

Transportation

34th CSEC Group Meeting Program

(1) A Translation Matrix between Two Isomorphic Extension Fields via Optimal Normal Basis Representation

Ryo NAMBA (Natural Science and Technology, The Graduate School of Okayama University,)
Yasuyuki NOGAMI (Natural Science and Technology, The Graduate School of Okayama University,)
Yoshitaka MORIKAWA (Natural Science and Technology, The Graduate School of Okayama University,)

Some extension fields efficient for fast implementation have been proposed. Such extension fields adopt unique modular polynomial and basis. Therefore, an element can have some different vector representations in the isomorphic extension fields. This paper proposes a method for generating a basis translation matrix between two isomorphic extension fields. First, this paper shows that the translation matrix can be obtained via Typel Optimal Normal Basis (ONB). Typel ONB plays key role since it has the following properties; Typel ONB is a set of conjugate elements and of course a normal basis, these conjugates have the same order, they are zeros of a certain irreducible all one polynomial. Then, some examples of translation matrix are shown. Prom the experimental result,it is shown that the proposed method is enough practical.

(3) Pairing Computation with MNT Curve over All One Polynomial Field

Masataka AKANE (Natural Science and Technology, The Graduate School of Okayama University)
Takumi OKIMOTO (Department of Communication Network Engineering, Faculty of Engineering, Okayama University)
Ysuyuki NOGAMl (Natural Science and Technology, The Graduate School of Okayama University)
Yoshitaka MORIKAWA (Natural Science and Technology, The Graduate School of Okayama University)

In recent years, many cryptographic applications with bilinear-pairing over elliptic curves have been proposed. The well-known MNT curves, that are non-supersingular elliptic curves, provide bilinear-pairings over extension fields of degree 3, 4, and 6. When the embedding degree is equal to 3, MNT curves cannot be defined over optimal extension field (OEF). Even when the embedding degree is equal to 4 or 6, MNT curves cannot be always defined over OEF. For some of such cases, it can be defined over all one polynomial field (AOPF). Since Frobeniusmapping can be fast carried out in the AOPFs, this paper gives considered some improvements for Tate pairing calculation. Then, some examples and simulation results are shown.

(4) Efficient Algorithm for Tate Pairing

Masaaki SHIRASE (Future University-Hakodate School of Systems Information Science)
Tsuyoshi TAKAGi (Future University-Hakodate School of Systems Information Science)
Eiji OKAMOTO (Graduate School of Systems and Information Engineering, University of Tsukuba,)

Duursma-Lee algorithm and its variant (tjt pairing) can efficiently compute Tate pairing over supersingular curves with small characteristic. The algorithms consist of three main steps: (1) computations in a finite field. (2) computations in the extension field of degree 6, (3) exponentiation calculation in the base field. We have to compute relatively slow cube roots in step (3). This paper proposes some novel algorithms for computing rjr pairing without cube root. The proposed algorithms compute 3*-th power for each value in the i-th loop in step (3), and thus the cube roots are removed (but we obtain the pairing value powered by 3fe for some fe). Moreover we propose some efficient algorithms in which two pairings are computed simultaneously and the part of (2) is improved. The proposed algorithms enable to enhance the speed for verifying a Diffie-Hellman pair. We can achieve 30^40% faster computation comparing with the previously known methods.

(5) A Survey on Dedicated Factoring Devices (Sieving Step)

Tetsuya IZlJ (FUJITSU Limited,)
Noboru KUNIHIRO (Dept. of Information and Communication Eng., The University of Electro-Communications,)
Takeshi SHIMOYAMA (FUJITSU Limited,)

Dedicated factoring devices have attracted much attention since it might be a new threat for RSA.Among the Number Field Sieve method of integer factorization, the relation finding step is the most dominant step in both theory and practice. This article surveys hardware designs for this step: TWINKLE, TWIRL, SHARK,DSH and YASD. Experimental results for this step are also reported.

(6) A Proposal to Hi-Tech Pollution Based on the Criterion of "Relationism-First"?A Principle Experiment of EM Environment around VDT and Its Basic Theory?

Yoshifumi FUJITA (Faculty of Economics, Management and Computer Science)
Mitsuo OHTA (Emeritus Professor of Hiroshima University)

It seems that Hi-tech pollution and many other difficult modern problems come up from slighting many kinds of complicated relationship among various environmental factors including even ethical or cultural faces and giving priority to only utility over any other everything. In this report, to solve these problems, we first pay attention to the criterion of "Relationism-First" that once after employing in the first stage of study as many environmental factors as possible at the same time, the mutual correlation among them should be investigated and then our specified interesting cases for engineering application should be considered. As a trial method for mutual intersubjective analysis, by taking care of light and a shade, that is, two factors of risk and utility, the extended correlation analysis for only two environmental factors previously reported is applied. Furthermore, as a principle experiment for the proposed method, by applying it to the contrasted two environmental factors: magnetic field (related to risk) and sound (related to utility) in EM environment around VDT, it is partly confirmed that it is also effective to even an inverse problem of estimating the probability distribution of the original sound fluctuation without attachment of tecnoAO from the depressed magnetic filed with attachment of tecnoAO based on the mutual correlation.

(7) Copyright and Property Protection System of Using Information Filter and Information Capsule

Kota YAMADA (Faculty of Engineering, Kanagawa University)
Hirotsugu KINOSHITA (Faculty of Engineering, Kanagawa University)
Tetsuya MORIZUMI (TOYO NETWORK SYSTEMS CO., LTD.)

This paper describes a system that distributes contents as Information Capsule (Mobile Agent). As a tool managing a copyrighted work in the database side, we focus attention on the Dublin Core, and expand the core element "rights management" for a copyright and authority of the use. System composition to control a copyright and authority of the use is "an agent managing a database by extension the Dublin Core and an Access Control List", "a Capsule of contents with an agent controlling a copyright and authority of the use", and "an agent of the user side". Policy of copyright management is inherited by an agent carrying contents, shows the flame which drop in with an agent of the user side and the database side, and control authority. We can build a distribution system for the digital contents that a copyright and proprietary rights of electronic data were protected by this system.

(8) Balance between Security and Privacy A Case of EU Derivative on Communications Data Retention

Yasutoshi Ishizaki (The 21st Century Center of Excellence Program, Chuo University)

Althogh privacy is one of the fundamental rights in most of democratic societies, sometimes it conflicts other values. Therefore, it is important to find a balance or a compromise among several values. As a case study, the process of making the directive on communications data retention is studied.

(9) A Study on Dynamic Risk Analysis Corresponding to Environmental Changes

Hideaki KAWANISHI (Graduate School of Engineering, Soka University)
Koichi KATO (Graduate School of Engineering, Soka University)
Tatsuaki TAKAHASHI (Graduate School of Engineering, Soka University)
Guillermo Horacio RAMIREZ CACERES (Graduate School of Engineering, Soka University)
Yoshimi TESHIGAWARA (Graduate School of Engineering, Soka University)

A risk changes with an environmental change. If change of the risk by environmental change is not taken into consideration, exact risk analysis cannot be performed. In this paper, the discernment method of the size of generating damage and occurrence probability of clarified in consideration of the parameters, which identifies asset, threat, and vulnerabilities. A new risk assessment model is created based on the size and occurrence probability of damage. In addition, by using this assessment model, the change of the time in an environment is considered. Value of asset changes with progress of time, and the influence to availability of asset changes with differences in a time period. It is shown that value of asset and vulnerabilities recognition affect threat occurrence probability and the relationship between the environment change and the risk change.

(10) Survey and Analysis on Data Delete in PC for Internet Auction

Satsuki Sato (Tokyo Denki University)
Yuki Ashino (Tokyo Denki University)
Uehara and Ryoichi Sasaki (Kyoto University)

The PC recycle law leads increase of selling second hand PCs in Internet auction system. It is dangerous to sell note PCs or HDDs in the Internet auction system without understanding the proper method of deleting data, because there is the possibility of the leakage of individual information etc. We made the survey on the status of deleting data in PC exhibited by a company to sell the second hand PCs in the auction site. In addition, after buying the PCs from the auction site, we confirm actually that it is possible to recover the data from the PCs. Moreover, we proposed auction site manager to give the caution on the necessity to delete the data properly to the PC exhibitor of the auction site.

(11) Development of Internet Watchdog Systems for Children Protection

Tatsumi UEDA (Graduate school of Information Science and Technology, Hokkaido University)
Yoshiaki TAKAI (Information Initiative Center, Hokkaido University)

For today's children, the Internet is one of the most familiar and useful information media. However, the Internet sometimes can provide information harmful to the children. Guardians need to watch their children's use of the Internet to avoid potential risks of contact with harmful information. On the other hand, we have to consider the children's privacy in communication. In this paper, we propose an Internet watchdog system which operates in every child's PC connected to the Internet. The watchdog system always checks the Internet access by Ethernet packet capturing, and samples the words from the downloaded texts such as Web pages. The collected words are immediately compared with the system's dictionaries of different categories, and then children's Internet access tendency is analyzed. This summary of analysis is periodically reported to the guardians via e-mail. We have implemented the Internet watchdog system on the Windows platform, and evaluated the overhead for packet capturing and access tendency analysis.

(12) Secure Exponentiation with High Flexibility

Camille VUILLAUME (Hitachi, Ltd., Systems Development Laboratory, Kawasaki, Japan.)
Katsuyuki OKEYA (Hitachi, Ltd., Systems Development Laboratory, Kawasaki, Japan.)

We present a countermeasure for protecting modular exponentiations against side-channel attacks. Our coiintermeasure is well-suited for tamper-resistant implementations of RSA or DSA, without significant penalty in terms of speed compared to commonly implemented methods. Thanks to its high efficiency and flexibility, our method can be implemented on various platforms, from smartcards with low-end processors to high-performance servers.

(13) Double-Size Montgomery Multiplication of a Crypto-Coprocessor

Masayuki YOSHINO (Hitachi, Ltd., Systems Development Laboratory)
Katsuyuki OKEYA (Hitachi, Ltd., Systems Development Laboratory)
Camille VUILLAUME (Hitachi, Ltd., Systems Development Laboratory)

We present a novel approach for computing 2n-bit Montgomery multiplications with ro-bit hardware Montgomery multipliers. Smartcards are usually equipped with such hardware Montgomery multipliers; however, due to progresses in factoring algorithms, the recommended bit length of public-key schemes such as RSA is steadily increasing, making the hardware quickly obsolete. Thanks to our double-size technique, one can re-use the existing hardware while keeping pace with the latest security requirements. Unlike the other double-size techniques which rely on classical n-bit modular multipliers, our idea is tailored to take advantage of n-bit Montgomery multipliers.Thus, our technique increases the perenniality of existing products without compromises in terms of security.

(14) An Improved Mehtod for the Table Lookup Multiplication Algorithm over GF(2m)

Yoichi HADAMA (Graduate School of Science and Technology, Kobe University)
Daisuke NAKAMURA (Graduate School of Science and Technology, Kobe University)
Masanori HIROTOMO (Hyogo Institute of Information Education Foundation)
Masakatu M0RII (Faculty of Engineering, Kobe University)

As effective arithmetic methods in the finite field GF (2m), M.A Hasan has presented a look up table-based algorithm for GF(2m) multiplication. In Hasan's method, the number of memory access and the table size are depend on the form of the irreducible polynomial which is used in the GF(2m) multiplication. In this paper, we propose a lookup-up table-based algorithm which can be performed as an efficient GF(2m) multiplication using the irreducible polynomial which has m degree and m terms. In this method, the algorithm is performed as the multiplication modulo quadnomial which is obtained by the irreducible polynomial which has m degree and m terms. Using this method, the number of memory access and the table size in the algorithm is smaller than that in Hasan's method, and GF(2m) multiplication is faster than Hasan's method.

(15) Fast Generation of Safe Primes using Deterministic Primality Tests based on Maurer Method

Hidehiro Kumakyu (Advanced IT Laboratory, Toshiba Solutions Corporation)
Akito Niwa (Advanced IT Laboratory, Toshiba Solutions Corporation)

A prime number of the form 2p + 1, where p is also a prime is often used in cryptography.The prime of this form is called "Safe Prime".Safe prime is used by a lot of cryptographic protocols including Diffie4fellman key exchange.To generate the Safe Prime, some methods based on the Miller-Rabin method are known, however these methods can generate prime numbers probabilistically .We analyzed several determinate methods based on the MaurerMethod, and the result was verified experimentally .We deduced the most effective method, whose efficieancy was almost same as the probabilistic methods.

(16) A Method for Generating Elliptic Curves suitable for Implementing an Efficient Group Signature scheme

Norikazu KUBOTERA (NEC Corporation System Platform Software Development Division)
Jun FURUKAWA (NEC Corporation Internet Systems Research Laboratories)
Kazue SAKO (NEC Corporation Internet Systems Research Laboratories)

Furukawa et al. proposed in ACISP2005 an efficient group signature scheme from bilinear maps.The proposed scheme is most efficient among previously knwon group signature schemes in signature length and in computational complexity under q-strong Diffie-Hellman assumption. This group signature scheme requires a pair of elliptic curves of the same order such that one provides efficient bilinear maps but the other has no efficient bilinear map. However, a generation of such a pair has not been reported. In this paper, we generate such pair of elliptic curves for the first time, which demonstrates the feasibility of the efficient group signature scheme.

(17) Batch Processing of Interactive Proofs

Go YAMAMOTO (NTT Corporation)
Koji CHIDA (NTT Corporation)

Suppose one have to process many instances of a single interactive proof. We propose a design principle to configure a protocol that executes many instances. Our principle applies various honest verifier ZK protocols for NP-relations with certain homomorphicity. In addition we also propose an actual protocol for an NP-relation without such a homomorphisity.

(18) Efficient Implementation of Secure Circuit Evaluation Using Batch Processing

Koji CHIDA (NTT Information Sharing Platform Laboratories)
Go YAMAM0T0 (NTT Information Sharing Platform Laboratories)

Reducing computation and communication costs for multiparty secure circuit evaluation (SCE) pro tocols is a critical issue toward the practical use of the protocols. In this paper, we present some valuable batch processing protocols for existing SCE protocols. The proposed protocols reduce computation and communication costs for existing SCE protocols by up to 38% and 31%, respectively.

(19) Inspection of sufficient conditions of MD5

Yuto NAKANO (Graduate School of Science and Technology, Kobe University)
Hidenori KUWAKADO (Fuctory of Engneering, Kobe University)
Masakatu MORII (Fuctory of Engneering, Kobe University)

Sufficient conditions for finding the collision pairs of MD5 are about 600 conditions on internal variables, but the necessity of the conditions has not been studied. We investigate their necessity by a computer simulation, that is, check 1724 pairs of collision messages generated with the collision finding algorithm. As a result, we found that seven conditions are unnecessary. We also show the reason that three conditions of them are unnecessary. The theoretical analysis on the remaining four conditions is a future work.

(20) Possibility of the Key Recovery Attack against Py

Takanori ISOBE (Graduate School of Science and Technology, Kobe University,)
Toshihiro OHIGASHI (Graduate School of Science and Technology, Kobe University,)
Hidenori KUWAKADO (Faculty of Engineering, Kobe University,)
Masakatu MORII (Faculty of Engineering, Kobe University,)

Biham and Seberry have submitted the stream cipher Py to the ECRYPT Stream Cipher Project (eSTREAM). In this paper, we present two useful methods for the key recovery attack against Py. First, we show the method for finding a secret key from a part of the initial state of Py. In this method, the required data size of the initial state is one fifth or less compared with the method proposed by Kogiso, Shimoyama, and Chao. And, the required data size of the initial state by our method is almost equal to that of the secret key. Additionally, we show the relation between the required data size of the initial state and the rate of the recoverable keys by our method. Second, we show the method to guess a part of the initial state from other part of the initial state with high probability. This method can reduce the computational time for reconstructing the initial state from the keystream.

(21) Reconsideration of the security of RC6 against asymmetric chi-square test attack

Takatomi WADA (School of Information Science, Japan Advanced Institute of Science and Technology(JAIST))
Atsuko MIYAJI (School of Information Science, Japan Advanced Institute of Science and Technology(JAIST))
Tomohiko HINOUE (OMRON Corporation)

RC6 is a block cipher proposed by Rivest in 1998, which consistsof the arithmetic operations and bit-shifts. So, it is suitable for the software implementation. x2"attacks are known to be effective for RC6, and many researches on x2-attacks have been proposed. Asymmetcic x2 test attack proposed in SCIS2006 recover the key of RC6 efficiently. However, the theoretical success probability is very higher than the experimental success probability, because the theoretical values are estimated on the assumption that the all distributions of x2-value of wrong-keys are same. We reconsider the assumption of distributions of x2 valus of wrong-keys, and estimate the success probability more strictly.

(22) On the security of Piece In Hand Concept based on Sequential Solution Method

Daisuke ITO (Faculty of Science and Technology, Tokyo University of Science,)
Yoshitomo FUKUSHIMA (Faculty of Science and Technology, Tokyo University of Science,)
Toshinobu KANEKO (Faculty of Science and Technology, Tokyo University of Science,)

In 2003, Tsujii et al. proposed multivariate type public key cryptosystem, named Piece In Hand Concept This cryptosystem is an enhanced multivariate type public key by MOCHIGOMA matrix (PH matrix). They claim that it is difficult to derive the secret key. Because the Piece In Hand Concept is not included all the secret key in the public key. In this paper, we describe the technique of deriving equivalent PH matrix and report the security of Piece In Hand Concept.

(23) Secure Packet Digesting Algorithm in the Interconnected IP Traceback Systems

Seiji NAKANO (Graduate School of Science and Technology, Kobe University)
Hidenori KUWAKADO (Faculty of Engineering, Kobe University)
Masakatu MORII (Faculty of Engineering, Kobe University)

The interconnected IP traceback is a method for identifying the originator of an IP packet. A traceback server sends queries to adjacent traceback servers, and adjacent traceback servers answer information about the packet. Then, confidentiality of communication must be attained. Kadobayashi et al. proposed a scheme such that confidentiality of communication could be attained. However, if the dishonest adjacent traceback server answers that the IP packet passed in spite of the fact that the IP packet did not pass, then the traceback server probably fails to identify the originator. Conversely, a dishonest traceback server may send queries to adjacent traceback servers in spite of the fact that the dishonest traceback server does not have an IP packet. To solve these problems, we propose a verification protocol such that the traceback server can check that each of the adjacent traceback servers has the IP packet, and the adjacent traceback servers can check the traceback server has the IP packet. Unlike a previous verification protocol, the proposed scheme does not allow the adjacent traceback server that does not have the IP packet to transfer the query to other adjacent traceback servers.

(24) Intrusion Detection for Encrypted Web Traffic

Akira YAMADA (KDDI R&D Laboratories Inc.)
Yutaka MIYAKE (KDDI R&D Laboratories Inc.)
Keisuke TAKEMOR (KDDI R&D Laboratories Inc.)

The threat of attacks on web applications, such as SQL injection and cross site scripting, remains a serious problem. Though a Web Application Firewall (WAF) and an Intrusion Detection System (IDS) are part of the solution, they are ineffective for encrypted traffic. These approaches need to check the contents of traffic to detect malicious activities. So we propose a new intrusion detection system for SSL encrypted web accesses. The proposed system distinguishes encrypted pages by temporal ID, extracts certain features related to attacks, and estimates the probability of attacks. Employing sequential analysis, the proposed system can identify web access pages without preparations in advance, and extracts the features with less memory and calculation. We evaluate the accuracy of the distinction and false positive/negative rate using actual traffic of a web site and DARPA IDS evaluation data.

(25) DHT-based VPN Infrastructure for Home Network Users

Ayumu KUBOTA (KDDI R&D Laboratories Inc.)
Akira YAMADA (KDDI R&D Laboratories Inc.)
Yutaka MIYAKE (KDDI R&D Laboratories Inc.)

In this paper, we propose a DHT-based overlay network infrastructure on which any user can dynamically create his or her own VPN server that acts like an Ethernet switch. Each VPN server can provide virtual layer-2 connectivity with broadcast capability for widely distributed but a relatively small number of hosts so that they can use Zeroconf-like technologies to discover the services available among them. We show that the DHT-based architecture and its unique authentication mechanism can achieve great scalability while minimizing the operational cost of the infrastructure nodes.

(26) Performance Improvement of Anomaly Detection System by Simplifying Call Stack Inspection

Katsuhiro SUZUKI (University of Tsukuba.)
Hirotake ABE (Japan Science & Technology Agency.)
Kazuhiko KATO (University of Tsukuba.)
Akira KINNO (NTT DoCoMo, Inc.)
Yuka IKEBE (NTT DoCoMo, Inc.)
Takehiro NAKAYAMA (NTT DoCoMo, Inc.)
Atsushi TAKESHITA (NTT DoCoMo, Inc.)

Recently, the computer is exposed to various attacks from the outside and the inside of the system. We are studying to the anomaly detection system that observes software behaviors by learning, and using information on the stack. There is a problem that increase the overhead of software by observing the pattern. Because to take time to inspect the stack. We proposed at improve the performance by simplifying the stack inspection for this problem.

(27) A Proposal of Response Delay Method for Spam Mail from BOTNET

Tomonari SEKIYAMA (School of Engineering, Tokyo Denki University)
Yoshinori KOBAYASHI (School of Engineering, Tokyo Denki University)
Masakazu TAKAHASHI (Internet Security Systems K.K.)
Ryoichi SASAKI (School of Engineering, Tokyo Denki University)

Recently, increasing spam mails have been becoming causes of many problems. About 80 % of spam mails have been sent from BOTNET. It is difficult to decrease the bad influence caused by the spam mails from BOTNET with existing anti spam system. Therefore, in this paper we propose the method named Response Delay Method to protect from the spam mail from BOTNET. Additionally, we report the evaluated result which shows that the method has an effect on not only a part of network but also the network whole.

(28) A Method of Correction Plan Generation in the Security Configuration Analyzing System

Sumitaka OKAJO (Internet Systems Research Laboratories. NEC Corp.)
Katsushi MATSUDA (Internet Systems Research Laboratories. NEC Corp.)

In order to protect networks against network security threats, many security components with various security functions have been deployed. The configuration and management of those components are highly complex. Therefore, we have developed a security configuration analyzing system which can find security policy conflicts among the configurations of cooperated devices.This paper especially describes a method of correction plan generation for configuration mismatch resolution. The paper also presents a prototype system which can resolve mismatches between firewall and IDS policies. This system automatically finds the mismatches and generates the plans. The system can reduce administrator's load and cost.

(29) On Enforcement of Noninterference

Naoyuki NAGATOU (Department of Computer Science,Graduate School of Information Science and Engineering,)
Takuo WATANABE (Department of Computer Science,Graduate School of Information Science and Engineering,)

We discuss a characterization of security policies to be enforced with a monitor. The monitor is a enforcement mechanism that work by observing a behavior of a program and terminating its execution if it violates a security policy being enforced. Unfortunately, the monitors is able to enforce not all of security policies in order to limit to observe for a finite behavior and not to use future informations. F.B.Schneider show that policies having the trait become to satisfy Lamport's safety property. Also, there exist Biichi automata to recognize the safety properties and he calls them security automata. Therefore we introduce automata using more information and show that these automata can enforce information flow policies with respect to noninterference.

(30) Preventing Buffer Overflow Attacks bypassing NXbit Protection

TakaMro SHINAGAWA (Division of System Information Science, Institute of Symbiotic Science and Technology, Tokyo University ofAgriculture and Technology)

This paper presents a protection scheme to prevent buffer overflow attacks that bypass the NXbit pro tection and execute arbitary binary code. In order to prevent unauthorized change of memory protection attributes by chained return-into-libc attacks, we restrict system calls that may drop the NXbit (execute permission) of mem ory pages. We also restrict system calls that may allow files to be executed or mapped into memory with execute permission to prevent attacks that execute injected binary code by way of files.

(31) Security Enhancement of HTTP-FUSE KNOPPIX Client by Trusted Computing

Megumi NAKAMURA (Tokyo Research Laboratory, IBM Japan Ltd.)
Seiji MUNETOH (Tokyo Research Laboratory, IBM Japan Ltd.)
Kuniyasu SUZAKIl (National Institute of Advanced Industrial Science and Technology)
Kengo IIJIMA (National Institute of Advanced Industrial Science and Technology)
Toshiki YAGI (National Institute of Advanced Industrial Science and Technology)
chiro OSAWA (National Institute of Advanced Industrial Science and Technology)

HTTP-FUSE KNOPPIX starts by getting the root filesystem by way of the Internet. The reliability of this KNOPPIX is greatly controlled by the reliability of the files acquired from the server. The service provider can verify the integrity of the HTTP-FUSE KNOPPIX client by using the technology of Trusted Computing. To construct the secure thin client environment using Trusted Computing, we combine the delivery mechanism of the split-compressed loopback device of HTTP-FUSE-CLOOP and the mechanism of the integrity verification of Trusted Computing, and then, we propose how to record the integrity information in security chip (TPM).

(32) A Study of Partial Disclosure Problem in Ramp Schemes Using Polynomial Function

Keiichi HIROTA (NTT Information Sharing Platform Laboratories)
Kazuo MOGI (NTT Communications Corporation)

Ramp scheme using polynomial function has "Partial Disclosure Problem" which some information about the secret leak partially from fewer shares than threshold. The safety of such situation has been discussed from the viewpoint of entropy and concluded it depends on data length of shares. However, in a ramp scheme, the relationship between the partial information of the secret can be obtained as a simple linear expression over finite field, so that adversary can 1. easily search the possible answer sets with less calculation, and 2. narrow the search range according to the restriction from data syntax and semantics when dealing with the real data. In this paper, we propose "Cascaded Ramp Scheme" in which more than two polynomial functions are cascaded by coefficients and arguments to increase search calculation cost.

(33) Quantum Threshold Scheme Using Two States

Takeshi OKADA (Graduate School of Science and Technology, Kobe University)
Hidenori KUWAKADO (Faculty of Engineering, Kobe University)
Masakatu MORII (Faculty of Engineering, Kobe University)

Cleve, Gottesman, and Lo have shown the (&, n) quantum threshold scheme using several states. However, it is not easy to implement three (or more) states. In this paper, we propose a (A:, n) quantum threshold scheme using only two states. The proposed scheme is the generalization of the (n, n) quantum threshold scheme shown by Hillery, Buzek, and Berthiaume. The proposed scheme requires entangled particles as many as share holders.

(34) Traveling Salesman Problem and Tribonacci Sequence

Kunikatsu KOBAYASHI (Faculty of Engineering, Yamagata University)
Seiichirou KOKUBUN (Faculty of Engineering, Yamagata University)

We consider the relation between the cycle and cycle length of traveling salesman problem using tribonacci sequence. It is shown that the condition which fix the cycle uniquely from the cycle length of traveling salesman problem using tribonacci sequence is obtained. Then, we apply the traveling salesman problem using tribonacci sequence to public key cryptosystem. As the plural constant ƒÀ of aftlne transformation ƒ¿a + ƒÀ are used in key generation, this decoding algorithm becomes to non-deterministic algorithm and the complexity for decoding is exponential order relative to the number of ƒÀ .

(35) Asymptotic Lower Bound on Round Complexity of Bounded Concurrent Black-Box Zero-Knowledge Proof Protocols

Hirofumi MURATANI (Corporate Research & Development Center, Toshiba Corporation)

We derive a lower bound on the round complexity of an m-bounded concurrent black-box zero-knowledge interactive proof protocol. This is an extension of the result of the Canetti-Kilian-Petrank-Rosen to the case of m-bounded concurrency. The resulting bound is a(log log m /log m)- Considering it together with our previous result on an upper bound ƒÖ(log m), we can conclude that the asymptotic order almost logm is optimal.

(36) Privacy-Preserving Scalar Product Comparison Protocol

Jun SAKUMA (Department of Computational Ingelligence and Systems Science,)
Shigenobu KOBAYASHl (Department of Computational Ingelligence and Systems Science,)

In this paper, a private scalar product comparison protocol is sudied. When private vectors x1,x2 and a private vector y is distributed among two parties, the private scalar product protocl compares the magnitude of x1,x2 ofx1,y and x2 ,y privately without revealing any information regarding privte vectors. The security of proposed protocol is shown following the simulation paradigm. As applications of private scalar comparison, we show the protocl to solve private linear discriminant problem and private Euclid distance comparison problem.

(37) Secure optimization of Traveling Salesman Problem using Scalar Product Comparison Protocol

Jun SAKUMA (Department of Computational Ingelligence and Systems Science,)
Shigenobu KOBAYASHI (Department of Computational Ingelligence and Systems Science,)

We propose a secure local search protocol for the distributed combinatorial optimization problem. In the distributed combinatorial optimization problem, information regarding the cost function is distributed among multi parties. In distributed Traveling Salesman Problem (TSP), traveling costs between any two cities and city sets to be visited are distributed and private. Distributed TSP can be securely solved by secure local search based on private scalar product comparision protocol without revealing distributed information. The time complexity of our protocol is O(n2) in preparation phase where n is the number of cities but the computation time is kept 0(1) per one iteration. The waiting time required to complete the optimization is reasonable even when the city-size is more than a thousand and the optimization is processed without sharing the distributed information.

(38) On the Standardization of Information Security?Report on the Madrid Meeting in May, 2006?

Atsuko MIYAJI (JAIST)
Takeshi CHIKAZAWA (Mitsubishi Electric/IPA)
Toshio TATSUTA (IISEC)
Akira OTSUKA (IPA/AIST)
KanYASUDA (NTT)
KengoMORI (NEC Corporation)
Toshiaki SAISHO (TOSHIBA Solutions Corporation)

Secure information systems are absolutely required in the various situations. The international standardization is one of the important factors for the spread of secure systems. The purpose of the ISO/DEC JTC 1/SC 27/WG 2 is giving the international standardization for the technology of information security such as algorithms and protocols. In this report, we explain the present issues of ISO/IEC JTC 1/SC 27/WG 2 and report the recent meeting results held at the Madrid in May, 2006.

(39) Security Requirements for PIN Authentication in Financial Transactions

Yuko TAMURA (Institute for Monetary and Economic Studies, Bank of Japan)
Masashi UNE (National Institute of Advanced Industrial Science and Technology)

Financial institutions authenticate their customers at CD/ATM terminals mainly by using an ATM card and a four-digit personal identification number (PIN). With regard to ATM cards, many Japanese financial institutions are now replacing conventional magnetic stripe cards with IC cards as one of countermeasures against counterfeit of ATM cards. Thus, we have been discussing security requirements for authentication systems using the combination of an IC card and a PIN. We adopt the following approach: we first analyze IC card based authentication systems and PIN based authentication systems separately, and then combine results of these analyses. So far, in [2], we focused on the IC card based authentication systems which confirmed whether the customer to be authenticated had a genuine IC card or not, and clarified necessary conditions required to be secure against an impersonation attack by counterfeiting an IC card. In this paper, we will focus on the PIN based authentication systems as a next target to be discussed. At first, we classify the systems into five types by referring to ISO 9564-1, and describe concrete methods of the impersonation attack. Then, we clarify necessary conditions to be secure against the impersonation attack in each type of the authentication systems. By referring to the results of this paper and [2] simultaneously, we can easily obtain security requirements for the authentication systems using the combination of an IC card and a PIN when assuming the impersonation attack.

(40) Proposal and Evaluation on Epidemiological Approach against Computer Virus

Ryoichi Sasaki (Tokyo Denki University )

Because computer virus has evolved every moment, the range which encounters computer virus is expand ed or damage has turned wicked. In order to prevent expansion of the damage of computer virus, it is thought only as individual measures, such as use of the vaccine by each user, and an emerg ency measure of a security hole. However, it is becoming difficult with such individual measures to prevent the total damage caused by computer virus . Then, to prevent it, we propose to use the approach based on epidemiology which is widely used in the field of medicine or health science . We tried to apply the approach to computer virus. The applied result and related consideration is described.

(41) Macro and Micro Analysis on Vulnerability Scanning Activities via Distributed Observation over the Internet

Naoya FUKUNO (Couse of Information Engineering, Graduate School of Engineering Tokai University)
Tomohiro KOBORI (Couse of Information Engineering, Graduate School of Engineering Tokai University)
Hiroaki KIKUCI (Couse of Information Engineering, Graduate School of Engineering Tokai University)
Masato TERADA (Hitachi, Ltd. Hitachi Incident Response Team (HIRT))
Norihisa DOI (Dept. of Info, and System Engineering, Faculity of Scienece and Engineering, Chuo University)

Computer virus and worms perform randomly spyware and port-scanning to find a vulnerability in the Internet. The fraction of malicious behaviors varies, e.g, some host performs scan contentionally and some host scans uniformly over the IP address blocks. In this paper, First, we analysis a set of source addresses observed by distributed sensors in ISDAS from a "macro" view point. Second, we examine behaviors of from "micro" perspective. Finally, we study a new mathematical model for malicious hosts based on these analysis.

(42) A Study on Security Technologies for Paper Documents

Ryu Ebisawa (Systems Development Laboratory, Hitachi Ltd.)
Yasuhiro Fujii (Systems Development Laboratory, Hitachi Ltd.)
Yoshiyasu Takahashi (Systems Development Laboratory, Hitachi Ltd.)
Satoru Tezuka (Systems Development Laboratory, Hitachi Ltd)

While the administration of the Privacy Law and the expected application of J-SOX (Japanese version of The Sarbanes-Oxley Act of 2002) are drawing much attention, leakage and fraudulent handling of information has become a serious matter. In particular, personal data leakage through paper documents is not to be overlooked as it accounts for 45.9% of all the leakage. There are, as measures against such threats to paper documents, technologies that add special function to the printed matter itself such as copy deterrent characters and digital watermarks, and also digital security measures such as user identification functions for printing machines and print log management in coordination with the identification. In this paper, security measures for paper documents are categorized to clarify their challenges, and the directions to which the technologies must aim are discussed.

(43) Visualization Technologies of nicter Incident Analysis System

Koji NAKAO (National Institute of Information and Communications Technology (NICT))
Fumiko MATSUMOTO (National Institute of Information and Communications Technology (NICT))
Daisuke INOUE (National Institute of Information and Communications Technology (NICT))
Shunsuke BABA (Security Project Dept, Business Development Div., Yokogawa Electric Corporation)
Kazuya SUZUKI (Security Project Dept, Business Development Div., Yokogawa Electric Corporation)
Masashi ETO (National Institute of Information and Communications Technology (NICT))
Katsunari YOSHHOKA (National Institute of Information and Communications Technology (NICT))
Kenji RIKITAKE (Faculty of Information Science and Electrical Engineering, Kyushu University)
YoshiakiHORI ()

The authors have been working on the R&D activities of nicter, an Internet security incident analysis center investigating overall countermeasures against security incidents detected over the wide area Internet. In this paper, focusing on visualization technologies for the purpose of the incident analysis and operation in the nicter, we describe the technologies currently implemented and planned to be developed in the nicter, based on the visualization requirements. Further, some issues for the extended visualization technologies required in the nicter are also mentioned.

(44) Hierarchical Key Assignment for Efficient Public-Key Black-Box Tracing against Self-Defensive Pirates

Tatsuyuki MATSUSHITA (Corporate Research k Development Center, Toshiba Corporation)
Hideki IMAI (Faculty of Science and Engineering, Chuo University/Research Center for information Security, National Institute of Advanced Industrial Science and Technology)

We propose a hierarchical key-assignment method by which the transmission overhead in a public-key black-box tracing scheme presented in [9] can be improved. The previous scheme with our hierarchical key-assignment yields a better balance between the transmission overhead and each receiver's storage than the original one alone. More concretely, the ciphertext size can be reduced from O(�ãn) to O(k+log(n/k)) without a substantial increase in the secret-key size, where k and n denote the maximum number of colluders in a coalition and the total number of receivers respectively. The resulting scheme, as well as the previous one, is black-box traceable (without any secret information) against a self-defensive pirate decoder that escapes from tracing if it detects itself being examined.

(45) Fingerprinting Protocol Equipping Electronic Payment System

Shinya YAMANE (Graduate School of Science and Technology, Kobe University)
Minoru KURIBAYASHI (Faculty of Engineering, Kobe University)
Masakatu MORII (Faculty of Engineering, Kobe University)

On digital contents distribution system fingerprinting protocols enable sellers to trace the buyer who redistributed a copy illegally. However, conventional fingerprinting protocols do not give much consideration to the payment for the charge of the contents. In this paper, we propose fingerprinting protocols which equip the function of digital cash managed by a trusted center for electronic payment. Using the digital cash, buyers can obtain fingerprinted contents and simultaneously pay the charge of the contents.

(46) An Efficient Anonymous Password-Authenticated Key Exchange Protocol

SeongHan SHIN (Research Center for Information Security, AIST,)
Kazukuni KOBARA (Research Center for Information Security, AIST,)
Hideki IMAI (Research Center for Information Security, AIST/Chuo University)

Recently, Viet et aL, [21] have proposed an anonymous password-authenticated key exchange (PAKE) protocol against a passive server, who follows the protocol honestly but it is curious about identity of client. In this paper, we propose an efficient construction for anonymous PAKE protocol (we call it the EAP protocol) which provides semantic security of session keys in the random oracle model, with the reduction to the computational Diffie-Hellman problem, as well as anonymity against a passive server. Specially, the EAP protocol has about 50% reduction (com pared to [21]) in the number of modular exponentiations for both client and server, and its communication bandwidth for the modular size of prime p is independent from the number of clients while [21] is not.

(47) Password-Authenticated Key Exchange for Multi-Party with Different Passwords Using a Constant Number of Rounds

JeongOkKWONT (Graduate School of Information Security CIST, Korea university/Department of Computer Science and Communication Engineering, Kyushu University)
KouichiSAKURAI (Department of Computer Science and Communication Engineering, Kyushu University)
Dong Hoon LEE (Graduate School of Information Security CIST, Korea university)

Multi-party password-authenticated key exchange (PAKE) with different passwords allows the users of a group to agree on a common session key with their different passwords by the help of a server. In this setting, a user shares a password only with the server, but not between the users. In this paper, we present two multi-party PAKE protocols. The suggested protocols are provably-secure in the standard model. Our first protocol is designed to provide forward secrecy and security against known-key attacks. The second protocol is designed to additionally provide key secrecy against the server which means that even the server can not know the session keys of the users of a group. The suggested protocols require a constant number of rounds.

(48) Distributed Privacy-preserving Document Clustering

Chunhua SU (Department of Computer Science and Communication Engineering, Kyushu University.)
Jianying ZHOU (Institute for Infocomm Research (I2R), Singapore)
Feng BAO (Institute for Infocomm Research (I2R), Singapore)
Kouichi SAKURAI (Department of Computer Science and Communication Engineering, Kyushu University.)

Many government organizations and companies want to share their documents in a similar theme to get the joint benefits. Textual document clustering is a powerful data mining technique to analyze the large amount of documents and structure large sets of text or hypertext documents. While doing the document clustering in the distributed environment, it may involve the users' privacy of their own document. In this paper, we propose a framework to do the privacy-preserving text mining among the users under the distributed environment: multiple parties, each having their private documents, want to collaboratively execute agglomerative document clustering without disclosing their private contents to any other parties.

(49) Key-Management Scheme for Secure Multicast based on Network Topology

Kazuhide FUKUSHIMA (KDDI R&D Laboratories Inc.,)
Shinsaku KIYOMOTO (KDDI R&D Laboratories Inc.,)
Toshiaki TANAKA (KDDI R&D Laboratories Inc.,)
Kouichi SAKURAl (Faculty of Information Science and Electrical Engineering, Kyushu University,)

Pay-multicasting services are expected to be a main service for mobile devices and personal computers in near future, and copyright protection is a major issue for the services. The encryption of digital content is one solution to prevent illegal copying and generate income from clients. Thus, we proposed r-key-management scheme which provides flexible lock management according to the capacity of a client was proposed. However, this scheme uses a logical key-management structure, and does not consider a network topology. Some key-management systems for multicast systems have been proposed [1]~ [3]. However, these schemes use simple key-management structure, and sufficient examinations for optimization of them have not been carried out. Then, we proposed the r-key-management scheme which provides system which provides flexible key-management based on computational capacities of clients [4]. Additionally, a key-management scheme based on a network topology is required for further optimization. This paper proposed a key-management suited to a multicast system Then, we show the quantitative computational cost and storage cost on key-management routers using five elements; that is the total number of clients, the average service usage time, the duration of keys update, the degree of key-management tree, and the maximum number of clients in a group. Finally, we discuss optimization of our scheme.

(50) The proposal and evaluation of stream authentication using Merkle Hash Tree and IDA

Yasutaka SHINZAKI (Graduate School of Science and Technology, Keio University)
Takeshi OGINO (Graduate School of Science and Technology, Keio University)
Shintaro UEDA (Graduate School of Science and Technology, Keio University)
Hiroshi SHIGENO (Graduate School of Science and Technology, Keio University)

In this paper, we propose a multipurpose authentication method used for streaming multimedia data. In our method, we generate a digital signature from the authentication information made using the Merkle Hash Tree, and distribute the signature among each sending packet using a FEC technique called IDA. We aim for a higher verification rate than existing methods. Comparative evaluations on verification rate, communication over head, sending and receiving process delay were carried out. The simulation results show our method improves the verification rate, sending process delay and receiving process delay at the maximum 23%, 57%, and 30% respectively compared to SAIDA.

(51) An Implementation of a Privacy Enhancing Questionnaire System for Evaluating Classes

Koji TANIGAWA (Graduate School of Natural Science and Technology, Okayama University,)
Toru NAKANISI (Graduate School of Natural Science and Technology, Okayama University,)
Nobuo FUNABHIKI (Graduate School of Natural Science and Technology, Okayama University,)

Lots of universities execute of the paper-based class evaluation questionnaires, which require lots of time and expenditure. Thus, a WEB-based questionnaire system is required. On the other hand, it is necessary to protect respondents' privacy. Therefore, we adopt a voting protocol using the Paillier cryptosystem which is one of homomorphic cryptosystems, and implement a questionnaire system based on it. The encryption cost has been reduced by Pailllier cryptosystem compared with the previous protocols. In addition, the practicality is shown by the result of the trial experiment.

(52) Proposal on Whistle-blower Protection Technology to Prevent the Exposure of Accuser from an Indictment Document

Masataka TADA (Engineering graduate course information media studies specialty, Tokyo Denki University)
Mitsuyuki TAKATSUKA (Engineering graduate course information media studies specialty, Tokyo Denki University)
Takanobu MASUBUCHI (Engineering graduate course information media studies specialty, Tokyo Denki University)
Ryoichi SASAKI (Engineering graduate course information media studies specialty, Tokyo Denki University)

When the person who knows the fact that the enterprise to which he/she belongs or his/her customer's enterprise do wrong, he /she sometimes would like to whistle-blow it with anonymity. However, if the content of an electronic document with the signature of the illegal person that is the evidence of misbehavior is used to guess who the whistle - blower is, it is difficult to keep the anonymity of the whistle blower. The evidence of an electronic document disappears when he/she sanitizes on an electronic document to prevent the whistle-blower being identified. However, it is not easy to think that the defendant signs again. In this study, we propose the electronic document sanitizing system that keeps in the state that the illegal person's signature can be verified to secure evidence hiding whistle-blower's information secretly by the sanitizing to solve this problem.

(53) 3MN: An Anonymous Communication System Based on Multiple Encryption and Probabilistic Selections of Actions

Naoki MIYAKE (Faculty of Engineering, Osaka University)
Yoshimichi ITO (Faculty of Engineering, Osaka University)
Noboru BABAGUCHl (Faculty of Engineering, Osaka University)

This paper proposes a new anonymous communication system called 3MN (3-Mode Net). The system can be regarded as an extension of the Crowds-based anonymous communication system where each node in the communication path decides its action by probability; whether the node sends a message to the proper recipient, or to another node. In addition to these two actions, 3MN can choose the third action, that is, to encrypt the whole data set and to rewrite the temporal destination. By adding the third action, we can show that 3MN preserves the anonymity of the proper recipient, and reduces the load for encryption and decryption compared to the Onion-based anonymous communication system.

(54) Watermarking Method by Alternative Representation of Document Backgrounds

Takashi HASHIMOTO (OKI Electric Industry Co., Ltd.)
Kurato MAENO (OKI Electric Industry Co., Ltd.)
Hiroyuki HOTA (OKI Electric Industry Co., Ltd.)

When a digital watermark is embedded in a document image, the watermark patterns are interfered with by the background element of the document, resulting in deterioration of the watermark quality. This paper proposes an alternative representation of document backgrounds by a watermark to decrease the deterioration, in which the background element is separated from the document image, and the watermark is embedded to represent the characteristic of the backgrounds. To represent the background element, the dot size of the watermark is changed from the basic dot patterns, preserving the characteristics of the watermark.

(55) A User Authentication using Blind Spot and Papillary Light Reflex (part2)

Yuji OZAWA (Graduate School of Informatics, Shizuoka University)
Daisuke ARAI (Graduate School of Informatics, Shizuoka University)
Masakatsu NISHIGAKI (Graduate School of Science and Technology, Shizuoka University)

Biometrics information could be easily leaked and/or copied. Therefore, biometrics authentication in which biometric information is not required to be secret is desirable. We have proposed a user authentication using a human reflex response as a solution that would solve this problem. It is expected that even if people know somebody's reflex characteristics, it is difficult for anybody to impersonate the somebody, since nobody will basically not able to control his/her own reflex. In a previous paper, we have shown a user authentication using blind spot and papillary light reflex as a prototype system of reflex-response-based authentication. Here this paper, its availability is studied.

(56) An Improvement of User Authentication Using Schema of Visual Memory?An extension of the system using hint?

Takumi Yamamoto (Graduate School of Informatics, Shizuoka University)
Atsushi Harada (Graduate School of Science and Engineering, Shizuoka University)
Takeo Isarida (Faculty of Informatics, Shizuoka University)
Masakatsu Nishigaki (Graduate School of Science and Technology, Shizuoka University)

We have already proposed an user authentication system using "unclear images" as pass-images, in which only the legitimate users can understand their meanings by viewing the original images corresponding to the unclear pass-images. These unclear images are meaningless for illegal users. Hence it is difficult for illegal users to remember the unclear pass-images, even though they observe the legitimate users' authentication trial. In addition, the previous study has shown that it is not easy for illegal users to guess the meaning of the unclear pass-image even if a brief explanation of the pass-image is given with words. However, the system has a drawback that less visibility of unclear images can impede the legitimate users to recognize their pass-images, which will require a longer time for the authentication. Therefore we enhance our authentication system by giving a brief explanation of the pass-image as hint. It is expected that the hint is helpful only for the legitimate user, since illegal users can not understand the hint as confirmed in the previous study. This paper verifies the availability of the modified system through basic experiments.

(57) Extracting Contexts From Keystroke Data

Munetoshi ISHIKAWA (Graduate School of Systems and Information Engineering, University of Tsukuba)
Mizuki 0KA (Graduate School of Systems and Information Engineering, University of Tsukuba/Japan Society for thePromotion of Science)
Kazuhiro KATO (Graduate School of Systems and Information Engineering, University of Tsukuba)

We have implemented a verification system that continuously verify current users using keystroke dy namics. With a privacy protection motive , our system does not use characters associated with keystrokes but only uses timings for verification. For an accurate verification, it is essential for our system to be aware of user's contexts so that the system can compare the same kind of contexts. In this paper, we propose "dt Vectoriz ing" method as a solution to achieve an accurate verification. Our methods looks at different time interval to characterize keystroke sequences. Our experimental results showed an increase in verification rate by 7-13 % on aver age.

(58) Development of IH-ZIP: A Data Compression Tool for Information Hiding

Katsunari YOSHIOKA (National Institute of Information and Communications Technology (NICT))
Kotaro SONODA (National Institute of Information and Communications Technology (NICT))
Osamu TAKIZAWA (National Institute of Information and Communications Technology (NICT))
Koji NAKAO and Tsutomu MATSUMOTO (National Institute of Information and Communications Technology (NICT))

We have previously proposed several methods of information hiding for lossless data compression for LZ77 and Huffman coding, etc. This report focuses on the implementation and performance evaluation of an information hiding tool, called IH-ZIP, which we have developed based on our previous proposal on LZSS encoding. The evaluation showed that IH-ZIP can achieve the same level of performance with the original ZIP algorithm (with straight forward implementation of sliding dictionary) in terms of compression rate and compression speed.

(59) A Proposal of Cancelable Biometircs for Image Matchig based biometrics

Shinji HIRATA (Hitachi, Ltd., Systems Development Laboratory)
Kenta TAKAHASHI (Hitachi, Ltd., Systems Development Laboratory)
Masahiro MIMURA (Hitachi, Ltd., Systems Development Laboratory)

It is important to protect biometric data (template) in biometric authentication systems. The risk due to exposure of biometric data is very high, because biometric data cannot be changed like a password and are kind of personal information. A model of " Cancelable Biometrics " has been proposed for the settlement with this problem. Biometric data is stored and verified in the transformed space in the model. In this paper, we propose a method for cancelable biometrics for image matching based biometrics and show experimentally that there exists no effect on the accuracy of verification . The probability of reproduction of original biometric data is also estimated theoretically. We have found a clue to realize a cancelable biometrics for image matching based biometrics.

(60)

(61) A Design of DRM systems with hardware-based authentication

Hiromi Fukaya (Pastel Co. ,Inc. )
Kouichi Sakurai (aculty of Information Science Electrical Engineering, Kyushu University)

This paper proposes an encryption scheme in which hardware authentication is performed using values generated by a trusted device having unforgeable unique values, after which the ID of the specified recipient and that of the sender are combined for authentication, and then a symmetric-key technique is used to encrypt applicable files and thereby make it available to the specified recipient in a secure manner., It is the method that is able to inspect DRM with only a click to do with the attestation of the devices in this case. A tamper resistant with the unique value that is not able to modify it. This encryption scheme does not require exchange of keys during the entire process. This paper also compares this encryption scheme with PKI/KPS and other existing key delivery schemes. And this paper shows the difference the comparison with the DRM system of established.

(62) A Note on Cryptographic Infrastructures based on a Unique Device with Tamper-Resistant

Kenji IMAM0T0 (Graduate School of Information Science and Electrical Engineering, Kyushu University)
Kouichi SAKURAI (Graduate School of Information Science and Electrical Engineering, Kyushu University / Institute of Systems k Information Technologies/KYUSHU)

Public key infrastructures (PKI) that use certificate of public key and identity-based encryption systems have been designed so far by introducing some assumptions such as computational difficult problems and partic ipation of trusted third party. This paper considers how to construct PKI based on tamper-resistant hardware. Especially, we study an ID-based encryption scheme based on symmetric-key technique with a trusted device (1ST) proposed by Pukaya et al. and compare with several existing schemes.

(63) Interactive Textured Cube Based Network Traffic Visualization for Network Monitoring and Security

Erwan LE MALECOT (Institute of Systems & Information Technologies/KYUSHU)
Masayoshi KOHARA (Graduate School of Information Science and Electrical Engineering,)
Yoshiaki HORI (Graduate School of Information Science and Electrical Engineering,)
Kouichi SAKURAI (Graduate School of Information Science and Electrical Engineering,)

We introduce an original visualization design based on an interactive 3D representation of the traffic between selected computer networks in order to achieve the efficient monitoring and analysis of this traffic. This design is based on a representation of the selected networks by textured cubes. Textures are modified according to the activity of the associated networks. Network traffic is then displayed as links between the cubes, the geometrical and color properties of these links being used to encode various properties of the traffic. We also present a prototype implemented according to this design and tests that were made to evaluate it.

---

[home]