Kenji Imamoto

Reassignment scheme of an RFID tag’s key for owner transfer

A Radio-Frequency-Identification (RFID) tag is a small and cheap device which is combined in IC chip and an antenna for radio communications. The RFID tag is used for management of goods and used as a substitute for a bar code. However, RFID system may infringe on a consumer’s privacy because it has a strong tracing ability. In this paper, we propose a key change scheme which can prevent previous owner from reading the RFID tag after changing its owner. By using our scheme, previous owner cannot read and trace ID information on the RFID tag. Moreover it is possible to combine other privacy protection scheme with our scheme because our scheme uses only symmetric key cryptography.

A design of Diffie-Hellman based key exchange using one-time ID in pre-shared key model

To exchange an important information through the Internet, an authenticated key exchange is required. In this paper, we consider the following attacks as the problems of an authenticated key exchange using shared secret: eavesdropping on identity, DoS attack, replay attack, and impersonation. Besides prevention from all these attacks, efficient key exchange should be realized. In this paper, we propose an authenticated key exchange system based on Diffie-Hellman key exchange with one-time ID, which can be used only once.

An evenhanded certified email system for contract signing

Certified email is a system which enables a sender to prove a receiver’s receipt of email. Such a system can be used for applications related to electronic commerce on the Internet. This paper considers a situation where a sender or a receiver wants to change his/her mind due to the change of mail content value (e.g., stock, auction, gambling) during the transaction. We point out that no traditional certified email systems have been designed for such a case, thus one of the participants can be at a disadvantage. To avoid this problem, we propose an evenhanded certified email system in which each participant can change his/her choice, either cancel or finish the transaction, at any time during the transaction.

Certified e-mail systems using public notice board

When two parties connect via a possibly unreliable network, ensuring fairness becomes a serious problem. To solve this problem, a lot of Certified E-mail systems are proposed. However, users privacy is not considered in almost all of these systems. In this paper, we propose two Certified E-mail systems using an electronic notice board to realize users privacy.

Achieving evenhandedness in certified email system for contract signing

Certified email is a system which enables a sender to prove a receiver’s receipt of email. Such a system can be used for applications related to electronic commerce on the Internet. This paper considers a situation where a sender or a receiver wants to change his/her mind due to the change of mail content value (e.g., stock, auction, gambling) during the transaction. We point out that no traditional certified email systems have been designed for such a case, thus one of the participants can be at a disadvantage. To avoid this problem, we propose an evenhanded certified email system in which each participant can change his/her choice, either cancel or finish the transaction, at any time during the transaction.

Key-exchange protocol using pre-agreed Session-ID

Technical applications for various uses have been proposed in communication technology in recent years. Although especially the Internet and radio communications are used daily it is known that eavesdropping is easy and the related problem has occurred mostly, especially privacy. In this paper, we introduce Pre-Agreed Session ID (PAS) and formalize a key-exchange protocol using it. PAS is a identification which is a disposable unique value used for every session to protect identity from the attacker. The security notion of identity concealment is formulized in this paper. Moreover, we propose a secure key-exchange protocol using PAS under the cryptographic primitives. Furthermore, we argue about the problems which arise when PAS is introduced.

Some remarks on security of receipt-free e-auction

Recently, a receipt-free scheme is rising for a secure e-auction. The goal of a receipt-free scheme in an e-auction is to prevent a bid-rigging. If the bid-rigging happens in the e-auction, the winner can get the bidding item with an unreasonably low price. The first receipt-free scheme for the e-auction was proposed by Abe and Suzuki. Chen, Lee and Kim also proposed the extended receipt-free scheme. In this paper, we point out that the proposed receipt-free schemes do not prevent perfectly the bid-rigging attack. Moreover, we indicate that a bid-collision is a possible cause of an e-auction. In the strict sense, the bid-collusion is different from the bid-rigging. In this paper, we do not present the scheme which can prevent the bid-collision attack. We compare the bid-rigging attack with the bid-collusion attack, and analyze the security of the existed receipt-free schemes in a viewpoint of the bid-rigging attack and the bid-collusion attack.

Enhanced privacy in key-exchange protocols by one-time ID

This paper considers how two parties communicate securely over an adversary-controlled network. We especially focus on the problem of ID protection because of the rapid development of mobile network where any transferred message is easily eavesdropped on. We analyze several existing key exchange protocols and point out their problems: e.g. incompleteness of ID protection and vulnerability to DoS attacks. Then we model the notion of ID protection and construct a protocol with provable security

Off-line verification of one-time ID in distributed environment

A fire or explosion detection arrangement has a housing with first and second adjacent radiation-transmitting windows. The first window includes a filter having a passband corresponding to a narrow predetermined wavelength band. A radiation sensor mounted within the housing receives radiation from a fire or explosion through the first window, the predetermined passband corresponding to a wavelength band within which a fire or explosion to be detected generates radiation. An external source generates testing radiation having wavelengths capable of passing through the second radiation transmitting window but not through the filter. This radiation is directed to the sensor. There, means (either the sensor itself or, for example, an FET which is provided to process the normal output of the sensor) responds to the level of the testing radiation and a circuit determines from this level whether the obscuration of the second window is excessive. This is used to assess whether the obscuration of the first window is above or below a predetermined level.