Koji Chida

Efficient Sealed-Bid Auctions for Massive Numbers of Bidders with Lump Comparison

A newsc heme for electronic sealed-bid auctions that preserves losing bids is presented. By this scheme, the computational complexity of the opening phase can be reduced to O(log l); previous works required O(N?l) or O(N?log l) where the number of bidders is N and the range of bids is l. The proposed scheme has two technical points. One is that computational complexity is independent of the number of bidders. The other is a newefficien t value-comparing method. These techniques allowour auction scheme to be more than five hundred times faster than previous schemes. Furthermore, our auction scheme can be eleven million times faster than previous schemes if it is assured that auctioneers do not conspire.

Practically efficient multi-party sorting protocols from comparison sort algorithms

Sorting is one of the most important primitives in various systems, for example, database systems, since it is often the dominant operation in the running time of an entire system. Therefore, there is a long list of work on improving its efficiency. It is also true in the context of secure multi-party computation (MPC), and several MPC sorting protocols have been proposed. However, all existing MPC sorting protocols are based on less efficient sorting algorithms, and the resultant protocols are also inefficient. This is because only a method for converting data-oblivious algorithms to corresponding MPC protocols is known, despite the fact that most efficient sorting algorithms such as quicksort and merge sort are not data-oblivious. We propose a simple and general approach of converting non-data-oblivious comparison sort algorithms, which include the above algorithms, into corresponding MPC protocols. We then construct an MPC sorting protocol from the well known efficient sorting algorithm, quicksort, with our approach. The resultant protocol is practically efficient since it significantly improved the running time compared to existing protocols in experiments.

Batch Processing for Proofs of Partial Knowledge and Its Applications

This paper presents batch processing protocols for efficiently proving a great deal of partial knowledge. These protocols reduce the computation and communication costs for a MIX-net and secure circuit evaluation. The efficiency levels of the proposed protocols are estimated based on the implementation results of a secure circuit evaluation with batch processing.

Secure Multiparty Computation for Comparator Networks

We propose a multiparty protocol for comparator networks which are used to compute various functions in statistical analysis, such as the maximum, minimum, median, and quartiles, for example, through sorting and searching. In the protocol, all values which are inputted to a comparator network and all intermediate outputs are kept secret assuming the presence of an honest majority. We also introduce an application of the protocol for a secure (M + 1)-st price auction.

Non-optimistic Secure Circuit Evaluation Based on ElGamal Encryption and Its Applications

We propose a protocol for implementing secure circuit evaluation (SCE) based on the threshold homomorphic ElGamal encryption scheme and present the implementation results of the protocol. To the best of knowledge of the authors, the proposed protocol is more efficient in terms of computational complexity than previously reported protocols. We also introduce applications using SCE and estimate their practicality based on the implementation results.

Practical Password-Based Authentication Protocol for Secret Sharing Based Multiparty Computation

The speed of secret sharing (SS)-based multiparty computation (MPC) has recently increased greatly, and several efforts to implement and use it have been put into practice. Authentication of clients is one critical mechanism for implementing SS-based MPC successfully in practice. We propose a password-based authentication protocol for SS-based MPC. Our protocol is secure in the presence of secure channels, and it is optimized for practical use with SS-based MPC in the following ways.

Secret Sharing Schemes with Conversion Protocol to Achieve Short Share-Size and Extendibility to Multiparty Computation

Secret sharing scheme (SSS) has been extensively studied since SSSs are important not only for secure data storage but also as the fundamental building block for many cryptographic protocols such as multiparty computation (MPC). Although both code efficiency and application of MPC are important for SSSs, it is difficult to satisfy both. There have been many studies about MPC on Shamir’s and replicated SSS while their share size is large, and computationally secure SSS and a ramp scheme have a short share size while there have been few studies concerning their MPC. We propose a new computational SSS, and show how to convert shares of our SSS and a ramp SSS to those of multiparty-friendly SSS such as Shamir’s and replicated SSS. This enables one to secretly-share data compactly and extend secretly-shared data to MPC if needed.

Efficient, non-optimistic secure circuit evaluation based on the elgamal encryption

We propose a protocol for implementing secure function evaluation based on the homomorphic threshold ElGamal encryption scheme. To the best of our knowledge, our solution is more efficient in terms of computational complexity than previous solutions existent in the literature.

DECIDE: a scheme for decentralized identity escrow

Anonymity is one of the most controversial issues related to the Internet. It greatly encourages misdeeds such as piracy, defamation, and fraud. However, anonymity is important to protect the privacy of individuals and to support the freedom of speech. Identity escrow is a potential solution to achieving a balance between anonymity and identity. The basic idea is to utilize a two-tiered identity: the first-tier identity carries the minimal amount of information for normal use, and the second-tier identity bears precise information regarding the individual to be disclosed when necessary. In this paper, we introduce a decentralized identity escrow scheme called DECIDE. It has three identity tiers: anonymity, pseudonymity, and identity, and it has a high decentralization capability. We also present an analysis on three service models - online discussion community, whistleblowing, school networking - to explore the public acceptance of the proposed scheme.

k-Anonymous Microdata Release via Post Randomisation Method

The problem of the release of anonymized microdata is an important topic in the fields of statistical disclosure control SDC and privacy preserving data publishing PPDP, and yet it remains sufficiently unsolved. In these research fields, k-anonymity has been widely studied as an anonymity notion for mainly deterministic anonymization algorithms, and some probabilistic relaxations have been developed. However, they are not sufficient due to their limitations, i.e., being weaker than or incomparable to the original k-anonymity, or requiring strong parametric assumptions. In this paper, we propose Pk-anonymity, a new probabilistic k-anonymity. It is proven that Pk-anonymity is a mathematical extension of k-anonymity rather than a relaxation, and requires no parametric assumptions. These properties have a significant meaning in the viewpoint that it enables us to compare privacy levels of probabilistic microdata release algorithms with deterministic ones. We then apply Pk-anonymity to the post randomization method PRAM, which is an SDC algorithm based on randomization. PRAM is proven to satisfy Pk-anonymity in a controlled way, i.e., one can control PRAMs parameter so that Pk-anonymity is satisfied.