Yasuko Fukuzawa

Survey on Risk Management Based on Information Security Psychology

In developing Cyber Physical Systems, such as smart grid and smart cities, risk management technologies play an important role to provide safe and secure services. In this paper, focusing on changes of recent threats represented by Social engineering, a survey shows that the information security psychology is valuable for the risk management of the Cyber Physical Systems. Through surveying, we outline the risk management framework for Cyber Physical Systems.

Incrementally Executable Signcryptions

We present the concept of incrementally executable signcryptions, which is a generalization of traditional on-line/off-line signcryption and facilitates optimizing the sender’s off-line computation. With an incrementally executable signcryption scheme, the sender can activate signcryption process incrementally by its given sequential input: the sender’s key pair, a recipient’s public key, and a plaintext message to be sent to the recipient. Furthermore, we present an efficient generic construction of incrementally executable signcryption scheme. In our construction, the signing process can be done before being given the recipient’s public key as well as the message to be sent. This feature enables us to accelerate the subsequent processes. Moreover, our construction achieves the strongest security notions without relying on random oracles. In addition, it requires a weak assumption for the underlying signature scheme, i.e., the underlying signature scheme is sufficient to be unforgeable under generic chosen message attack. Furthermore, it supports the parallel un-signcryption feature, which allows receivers to perform two potentially expensive computations, i.e., the verification of off-line signature and the key-decapsulation, in parallel.