Ken Naganuma

Symmetric inner-product predicate encryption based on three groups

This paper presents the first symmetric-key inner-product predicate encryption scheme based on three groups. The performance of predicate encryption schemes based on hidden subgroup problems depends on the number of hidden subgroups and this number should be optimized. The scheme presented here satisfies the selective security model under a non-interactive assumption where the number of terms does not depend on the number of adversarial queries. It is therefore as secure as the symmetric predicate scheme proposed by Shen et al., which is based on four groups, under a simpler assumption. Using three hidden groups instead of four, it has a message space more than 33% wider and is more resistant to integer factoring attacks with moderate security parameters. The available techniques for converting encryption schemes using composite-order bilinear groups into schemes using prime-order groups are applicable to our scheme. Compared with the previous scheme using the conversion techniques, our prime-order group instantiation is asymptotically more than 33% faster and has ciphertexts and tokens that are asymptotically 25% smaller.

Symmetric Searchable Encryption for Database Applications

This paper proposes an efficient symmetric searchable encryption to achieve indistinguishability of indexes and trapdoors. Previous symmetric searchable encryptions are either insecure because their trapdoor generation algorithms are not probabilistic or inefficient because of the heavy cost due to pairing-based computation. Our searchable encryption is the first that satisfies both requirements of efficiency and indistinguishablity (security). Furthermore, we introduce a limitation of the latest definition of indistinguishability for searchable encryption when each cell in the database is encrypted. We hereby define a new game for database usage and show that our scheme is provably secure in this new game.

Inference Attacks on Encrypted Databases Based on Order Preserving Assignment Problem

In ACM CCS 2015, Naveed et al. proposed attacks using plaintext auxiliary data for databases encrypted by ordered preserving encryption or more general property preserving encryptions. Their attacks are based on the Hungarian algorithm for solving the linear sum assignment problem (LSAP). In this work, we define a new assignment optimization problem with an additional condition of order structure and propose a search algorithm for finding its exact solution. We apply the new algorithm to attack an encrypted database in the same situation as Naveed et al. and found that our proposed method improves the success probability of the attacks compared with the attacks of Naveed et al.

A Secure and Practical Signature Scheme for Blockchain Based on Biometrics

In a blockchain system, a blockchain transaction is protected against forgery by adding a digital signature. By digital signature verification, we can confirm that a creator of a transaction has a correct private key. However, in some critical fields, we need to prove that a creator of a transaction is a proper user. In such a case, the conventional digital signature verification cannot achieve sufficient security. Furthermore, a system that combines blockchain and IoT has been proposed. However, since an IoT device in this system automatically generates a blockchain transaction, reliable creator verification is challenging issue. To achieve reliable creator verification in the IoT blockchain system, we propose a new signature scheme for blockchain. Our contributions are as follows: (1) We propose a new secure and practical signature scheme. (2) We implement our signature scheme for an IoT blockchain system and evaluate the security and the practicality of our scheme.

How to Evaluate Contents Popularity over Oblivious Transfer

We consider the question of how to evaluate popularity of digital contents or goods over a distribution service using Oblivious Transfer (OT) protocol. The popularity of served content is the most important marketing data for data mining and analysis, but the idea of oblivious transfer is too privacy-protecting because the service provider cannot obtain any information about a users queries. In this paper, our goal is to construct an OT protocol that 1) allows a user to purchase digital content from the service provider without the provider finding out what content the user is buying, 2) prevents the user find out about any information of other contents that s/he does not ask about, and 3) enables the provider to evaluate the popularity of each piece of content. In this paper, the popularity of each piece of content is defined as the number of users who retrieve it.