Nam-Su Jho

Quantum messages with signatures forgeable in arbitrated quantum signature schemes

Even though a method to perfectly sign quantum messages has not been known, the arbitrated quantum signature scheme has been considered as one of the good candidates. However, its forgery problem has been an obstacle to the scheme becoming a successful method. In this paper, we consider one situation, which is slightly different from the forgery problem, that we use to check whether at least one quantum message with signature can be forged in a given scheme, although all the messages cannot be forged. If there are only a finite number of forgeable quantum messages in the scheme, then the scheme can be secured against the forgery attack by not sending forgeable quantum messages, and so our situation does not directly imply that we check whether the scheme is secure against the attack. However, if users run a given scheme without any consideration of forgeable quantum messages, then a sender might transmit such forgeable messages to a receiver and in such a case an attacker can forge the messages if the attacker knows them. Thus it is important and necessary to look into forgeable quantum messages. We show here that there always exists such a forgeable quantum message-signature pair for every known scheme with quantum encryption and rotation, and numerically show that there are no forgeable quantum message-signature pairs that exist in an arbitrated quantum signature scheme.

Symmetric searchable encryption with efficient range query using multi-layered linked chains

Searchable encryption is an encryption system which provides confidentiality of stored documents and usability of document search at the same time. Remote cloud storage is the most typical application for searchable encryption. By applying searchable encryption, inside attacks can be prevented fundamentally. Designing searchable encryption which supports various queries—for example, range query, conjunctive keyword query, etc.—is also important for convenience. In this paper, we focus on range query problem. Up to now, only a few results have been proposed, in which the main functions are constructed using public key cryptosystems. Therefore, the amount of computations for encryption and search is large. Furthermore, search time depends on the size of the entire database. We propose a new searchable encryption protocol which is based on a symmetric key encryption and linked chain structure instead of public key-based techniques. The main contribution of the protocol is reducing the computation cost for search remarkably. In reality, the amount of computations depends on the number of documents that are matched to a query instead of the size of the entire database.

Design of additive homomorphic encryption with multiple message spaces for secure and practical storage services over encrypted data

Homomorphic encryption scheme is one of the useful tools for handling encrypted information in storage services. However, most of existing schemes have not been used in practical applications due to their inefficiency or lack of functionalities. For example, fully homomorphic encryption, which can provide arbitrary operations, is inefficient. On the other hand, other homomorphic encryptions, including additive homomorphic encryptions, which are efficient enough to be used in practice, are limited in operations for practical applications. In this paper, we devise a message-encoding technique which can split a message space of an additive homomorphic encryption into multiple sub-spaces for different messages. Our technique guarantees that we can deal with multiple sets of data (each data set is assigned to each sub-space), so that multiple data can be computed at once in an additive manner. Using our new technique, we construct two additive homomorphic encryptions with valuable properties. The first one is an additive homomorphic encryption scheme which can be used for evaluating some statistical information, such as the mean and the variance. To give a concrete scheme, we apply our technique to Paillier’s scheme which supports the additive homomorphism. Note that our scheme is the first additive homomorphic encryption which supports the evaluation of both the mean and the variance of encrypted data. We also give two modifications of the first application to improve its practicality. As the second application of our technique, we propose an additive homomorphic encryption scheme which can support the functionality of error detection in homomorphic operations. The second scheme is also designed based on Paillier’s scheme. Note that one of the remarkable advantages of our technique is that it can be applied to any additive homomorphic encryption for supporting the above-mentioned functionalities.

Bucket Index Ordering Problem in Range Queries

In this paper, we first point out a weakness in range queries, which we have named the index ordering problem, where an adversary can recover actual randomized bucket indexes. At first, we define the index ordering problem and examine the security of existing bucket-based encrypted DB management techniques for range queries. We also provide simple countermeasures that enhance the security of bucketing techniques against the bucket index ordering problem.