Masahiro Mambo

Proxy signatures for delegating signing operation

In this paper a new type of digital proxy signature is proposed. The proxy signature allows a designated person, called a proxy signer, to sign on behalf of an original signer. Classification of the proxy signatures is shown from the point of view of the degree of delegation, and conditions of a proposed proxy signature for partial delegation are clarified. The proposed proxy signature scheme is based on the discrete logarithm problem. Compared to the consecutive execution of the ordinary digital signature schemes, it has a direct form, and a verifier does not need a public key of a user other than the original signer in the verification stage. Moreover, it requires less amount of computational work than the consecutive execution of the signature schemes. Due to this efficiency together with the delegation property, an organization, e.g. a software company, can very efficiently create many signatures of its own by delegating its signing operations to multiple employees. Another attractive feature of the proposed schemes is their highapplicability to other ordinary signature schemes based on the discrete logarithm problem. For instance, designated confirmer proxy signatures can be constructed. Furthermore, using a proposed on-line proxy updating protocol, the original signer can revoke proxies of dishonest proxy signers.

Mobile Edge Computing, Fog et al.: A Survey and Analysis of Security Threats and Challenges

Abstract For various reasons, the cloud computing paradigm is unable to meet certain requirements (e.g. low latency and jitter, context awareness, mobility support) that are crucial for several applications (e.g. vehicular networks, augmented reality). To fulfill these requirements, various paradigms, such as fog computing, mobile edge computing, and mobile cloud computing, have emerged in recent years. While these edge paradigms share several features, most of the existing research is compartmentalized; no synergies have been explored. This is especially true in the field of security, where most analyses focus only on one edge paradigm, while ignoring the others. The main goal of this study is to holistically analyze the security threats, challenges, and mechanisms inherent in all edge paradigms, while highlighting potential synergies and venues of collaboration. In our results, we will show that all edge paradigms should consider the advances in other paradigms.

A User Identification System Using Signature Written with Mouse

A user identification system is very important for protecting information from illegal access. There are identification systems using standard devices (keyboard or mouse) and systems using special devices. A user identification system using mouse is proposed in [6]. In their system, users write a simple figure object and the successful verification rate is 87%. However the simple object is too easy to prevent impersonation. In order to realize a more reliable user identification system using mouse, we propose a new system to identify users using a complex figure object, signature. New techniques we utilize in our system are as follows: the normalization of input data, the adoption of new signature-writing-parameters, the evaluation of verification data using geometric average means and the dynamical update of database. We have implemented our user identification system and conducted experiments of the implemented system. The successful verification rate in our system is 93%.

An anonymous on-demand position-based routing in mobile ad hoc networks

Due to the infrastructure-less, dynamic and broadcast nature of radio transmissions, communications in mobile ad hoc networks (MANETs) are susceptible to malicious traffic analysis. After traffic analysis, an attacker determines a target node and conducts an intensive attack against it, called target-oriented attack. The traffic analysis and the target-oriented attacks are known as quite severe problems in MANETs, including position-based routing protocols, with respect to the degradation of both throughput and security of the routing. Also position information of routing nodes is very sensitive data in MANETs where even nodes not knowing either other establish a network temporarily. Therefore we propose a new position-based routing protocol which keeps routing nodes anonymous, thereby preventing possible traffic analysis. To this end, a time variant temporary identifier temp ID is computed from time and position of a node and used for keeping the node anonymous. Only the position of a destination node is required for the route discovery, and temp ID is used for establishing the route for sending data: a receiver hand shake scheme is designed for determining the next hop on-demand with use of the temp ID. We evaluate the level of anonymity and performance of our scheme. The analysis shows that the proposed scheme ensures the anonymity of both route and nodes and the robustness against the target-oriented attack and several others. Also our scheme is applicable to networks with any density of nodes

A tentative approach to constructing tamper-resistant software

So far tamper-resistance has been considered as a property such as information stored in (I device is hard to read or modify by tampering. Such tamper-resistance is quite important in many situations: superdistribution, electronic commerce systems using IC card, pay television systems with decoders containing secret values for descrambling image and so on. Tamper-resistance ensures proper operation of a program and prevents extraction of secret data and abuse of the program. Moreover, tamper-resistance enables a vendor to enforce his own conditions upon users. A new notion of tamper-resistance is stated as follows. Tamper-resistance means a property such as information stored in a device or software is hard to read or

A Structured ElGamal-Type Multisignature Scheme

We propose a structured multisignature scheme which is based on a modified ElGamal signature scheme and analyze its security. The structure takes into account the order of the signers. With serial structures, different signing orders produce different multisignatures. In contrast, with parallel structures the multisignatures are independent of the signing order. Our structured multisignatures can deal with structures which are composed of serial and parallel signing orders. We give reductions for the security of the proposed scheme, and for the specified order of the signers in the serial and mixed cases.

Anonymous secure communication in wireless mobile ad-hoc networks

The main characteristic of a mobile ad-hoc network is its infrastructure-less, highly dynamic topology, which is subject to malicious traffic analysis. Malicious intermediate nodes in wireless mobile ad-hoc networks are a threat concerning security as well as anonymity of exchanged information. To protect anonymity and achieve security of nodes in mobile ad-hoc networks, an anonymous on-demand routing protocol, termed RIOMO, is proposed. For this purpose, pseudo IDs of the nodes are generated considering Pairing-based Cryptography. Nodes can generate their own pseudo IDs independently. As a result RIOMO reduces pseudo IDs maintenance costs. Only trust-worthy nodes are allowed to take part in routing to discover a route. To ensure trustiness each node has to make authentication to its neighbors through an anonymous authentication process. Thus RIOMO safely communicates between nodes without disclosing node identities; it also provides different desirable anonymous properties such as identity privacy, location privacy, route anonymity, and robustness against several attacks.

A certificate-based proxy cryptosystem with revocable proxy decryption power

We present a proxy cryptosystem based on a certificate-based encryption scheme. The proposed scheme inherits the merits of certificate-based encryption systems: no-key-escrow and implicit certification. In addition, the proposed scheme allows the proxys decryption power to be revoked even during the valid period of the proxy key without changing the original decryptors public information. Few proxy schemes have this property, and ours is more efficient than the existing ones. We show that our proposal is IND-CBPd-Rev-CCA secure under the bilinear Diffie-Hellman assumption in the random oracle model.

An Approach to the Objective and Quantitative Evaluation of Tamper-Resistant Software

Tamper-resistant software has been studied as techniques to protect algorithm or secret data. There are many ways to realize tamper-resistant software including the method of making software hard to read. So far, no objective and quantitative method is known for evaluating tamper-resistant software. Most of known evaluation methods require involvement of human being. That means their evaluation results deeply depend on the skill and subjectivity of human. Therefore, it has been expected to devise an objective and quantitative evaluation method in place of subjective evaluation methods. In this paper we propose a new such method to measure how hard to read. The basic idea is to use the parse tree of a compiler for a programming language, and evaluate depth and weights of the tree for a code. We give some experimental results to examine its effectiveness.

On the Security of the RSA-Based Multisignature Scheme for Various Group Structures

When more than one user sign a single message, each signer is in a different position in a signing group and has a different responsibility. In such a case, it is important to verify not only the names of participants but also the order of signers. To meet such a requirement a RSA-based multisignature scheme for various group structures was proposed in [5]. This scheme can deal with a group composed of serial and parallel structures. With serial structures different signing orders produce different multisignature and with parallel structures the multisignatures are independent of the signing order. Since the security proofs given in [5] are not complete, it remains open whether the scheme is secure or not. In this paper, we propose a slight modification of the scheme and prove its security by showing reductions to computationally primitive problems.