非理想的実装をも想定した暗号システムの設計と安全性評価

2014 Fiscal Year Annual Research Report

• Project/Area Number: 14F04205
• Research Institution: National Institute of Advanced Industrial Science and Technology
• Principal Investigator: 花岡 悟一郎 独立行政法人産業技術総合研究所, 情報技術研究部門, 研究グループ長 (30415731)
• Co-Investigator(Kenkyū-buntansha): ZHANG ZONGYANG 独立行政法人産業技術総合研究所, 情報技術研究部門, 外国人特別研究員
• Project Period (FY): 2014-04-25 – 2016-03-31
• Keywords: side-channel attack / public key encryption / cryptographic problem / security reduction

Outline of Annual Research Achievements

We followed the plan in the original application. Overall, we published several papers on international cryptographic conferences and journals, including the flag-ship cryptographic conference ASIACRYPT 2014, and famous security conference SCN 2014. We also attend several conferences and presented our paper. Our main research achievements can be categorized in the following two aspects.
1.We analyzed the security of public key encryption under the side-channel attacks and proposed a stronger security model, i.e., chosen-ciphertext security under post-challenge attacks. We then gave a generic construction to satisfy the security.
2.We analyzed the security of very basic cryptographic problems, called one-more cryptographic problems. We compared their hardness with existing well-known cryptographic problems, and presented black-box separations.
Through the above research, we explore factors affecting perfect implementations, including bad randomness usage and new attacks, find possible approaches to overcome them, and design more secure and efficient cryptographic protocols that are very useful in the design of advanced security systems and are easy to be implemented in practice.

Current Status of Research Progress

2: Research has progressed on the whole more than it was originally planned.

Reason

We did research just as the plans in the application. The main reasons are as follows. 1) We already analyzed the security of public key encryption under side channel attacks, and presented stronger security models. This exactly achieved the research purpose. This also laid a good foundation for the further research in this fiscal year. In the meantime, we did some joint research with several researchers from abroad, which will help to complete our research project. 2) In order to collect enough research information and trace the most updated research in our field, Zhang also attended several famous conferences including workshop for real-world crypto. Zhang also had classes in a summer-school to learn updated knowledge about cryptography.

Strategy for Future Research Activity

The problems of imperfect randomness and side channel attacks also have great influence on real-world cryptographic protocols in existing security infrastructure. To achieve the above objective (b), I intend to analyze globally deployed cryptographic protocols such as SSL/TLS, the IEEE wireless communication standards (WPA, WPA2) and SSH, disk encryption (including BitLocker, TrueCrypt, and FileVault). I plan to provide a formal analysis of these cryptographic protocols in an appropriate security model, highlight potential weaknesses (especially with respect to weak randomness and side-channel attacks), develop improved protocol specifications supported by formal security arguments, and securely implement them in the real world. This research is an extension and application of the research in previous year. I intend to further apply the above research results to real-world applications, e.g., privacy-preserving database search, which is closely related to a project applied by my host researcher. I plan to design cryptographic protocols that on one hand achieve advanced functionalities for database search, and on the other hand, satisfy higher security guarantees even against imperfect randomness and side-channel attacks. In addition, I will analyze the main bottleneck that affects efficiency and find appropriate techniques to bypass the bottleneck.

Research Products

• [Journal Article] Post-Challenge Leakage in Public-Key Encryption (2015)
  • Author(s): Zongyang Zhang, Sherman S.M. Chow and Zhenfu Cao
  • Journal Title: Theoretical Computer Science Volume: 572 Pages: 25-49
  • DOI: 10.1016/j.tcs.2015.01.010
  • Peer Reviewed / Open Access / Acknowledgement Compliant
• [Journal Article] Sakai-Ohgishi-Kasahara Identity-Based Non-Interactive Key Exchange Revisited and More (2015)
  • Author(s): Yu Chen, Qiong Huang and Zongyang Zhang
  • Journal Title: International Journal of Information Security Volume: なし
  • DOI: 10.1007/s10207-015-0274-0
  • Peer Reviewed / Open Access / Acknowledgement Compliant
• [Journal Article] Publicly Evaluable Pseudorandom Functions and Its Applications (2014)
  • Author(s): Yu Chen and Zongyang Zhang
  • Journal Title: Lecture Notes in Computer Science Volume: 8632 Pages: 115-134
  • DOI: 10.1007/978-3-319-10879-7_8
  • Peer Reviewed / Open Access / Acknowledgement Compliant
• [Journal Article] All-but-One Dual Projective Hashing and Its Applications (2014)
  • Author(s): Zongyang Zhang, Yu Chen , Sherman S.M. Chow, Goichiro Hanaoka, Zhenfu Cao, and Yunlei Zhao
  • Journal Title: Lecture Notes in Computer Science Volume Volume: 8479 Pages: 181-198
  • DOI: 10.1007/978-3-319-07536-5_12
  • Peer Reviewed / Open Access / Acknowledgement Compliant
• [Journal Article] Constant-Round Adaptive Zero-Knowledge Proofs for NP (2014)
  • Author(s): Zongyang Zhang, Zhenfu Cao and Haojin Zhu
  • Journal Title: Information Science Volume: 261 Pages: 219-236
  • DOI: doi:10.1016/j.ins.2013.07.037
  • Peer Reviewed / Open Access / Acknowledgement Compliant
• [Journal Article] Black-Box Separations for One-More (Static) CDH and Its Generalization (2014)
  • Author(s): Jiang Zhang, Zhenfeng Zhang, Yu Chen , Yanfei Guo and Zongyang Zhang
  • Journal Title: Lecture Notes in Computer Science Volume Volume: 8874 Pages: 366-385
  • DOI: 10.1007/978-3-662-45608-8_20
  • Peer Reviewed / Open Access / Acknowledgement Compliant
• [Journal Article] Sakai-Ohgishi-Kasahara Identity-Based Non-Interactive Key Exchange Scheme, Revisited (2014)
  • Author(s): Yu Chen, Qiong Huang, Zongyang Zhang
  • Journal Title: Lecture Notes in Computer Science Volume: 8544 Pages: 274-289
  • DOI: 10.1007/978-3-319-08344-5_18
  • Peer Reviewed / Open Access / Acknowledgement Compliant
• [Presentation] Black-Box Separations for One-More (Static) CDH and Its Generalization (2015)
  • Author(s): Jiang Zhang, Zhenfeng Zhang, Yu Chen , Yanfei Guo and Zongyang Zhang
  • Organizer: 情報セキュリティ研究会 (ISEC)
  • Place of Presentation: 機械振興会館・東京
  • Year and Date: 2015-05-15 – 2015-05-15
  • Invited
• [Presentation] Black-Box Separations for One-More (Static) CDH and Its Generalization (2015)
  • Author(s): Jiang Zhang, Zhenfeng Zhang, Yu Chen , Yanfei Guo and Zongyang Zhang
  • Organizer: 第8回公開鍵暗号の安全な構成とその応用ワークショップ
  • Place of Presentation: 産業技術総合研究所 臨海副都心センター 別館(バイオ・IT融合研究棟) ・東京
  • Year and Date: 2015-02-20 – 2015-02-20
  • Invited
• [Presentation] Black-Box Separations in the Non-Programmable Random Oracle Model: The Cases of Hash-and-Sign Signatures (2015)
  • Author(s): Zongyang Zhang, Yu Chen , Sherman S.M. Chow, Goichiro Hanaoka, Zhenfu Cao, and Yunlei Zhao
  • Organizer: SCIS2015 暗号と情報セキュリティシンポジウム
  • Place of Presentation: リーガロイヤルホテル小倉・福岡県北九州市小倉北区
  • Year and Date: 2015-01-20 – 2015-01-23
  • Invited
• [Presentation] Black-Box Separations for One-More (Static) CDH and Its Generalization (2014)
  • Author(s): Jiang Zhang, Zhenfeng Zhang, Yu Chen , Yanfei Guo and Zongyang Zhang
  • Organizer: The 20th Annual International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2014)
  • Place of Presentation: The Ambassador Hotel Kaohsiung・Kaoshiung ・Taiwan
  • Year and Date: 2014-12-07 – 2014-12-11
• [Presentation] Publicly Evaluable Pseudorandom Functions and Its Applications (2014)
  • Author(s): Yu Chen and Zongyang Zhang
  • Organizer: The 9th Conference on Security and Cryptography for Networks (SCN 2014)
  • Place of Presentation: Hotel La Bussola・Amalfi・ Italy
  • Year and Date: 2014-09-03 – 2014-09-05
• [Presentation] Sakai-Ohgishi-Kasahara Identity-Based Non-Interactive Key Exchange Revisited and More (2014)
  • Author(s): Yu Chen, Qiong Huang, Zongyang Zhang
  • Organizer: The 19th Australasian Conference on Information Security and Privacy (ACISP 2014)
  • Place of Presentation: University of Wollongong (Building 20 Lecture Theatre 3)・Wollongong・Australia
  • Year and Date: 2014-07-07 – 2014-07-09
• [Presentation] All-but-One Dual Projective Hashing and Its Applications (2014)
  • Author(s): Zongyang Zhang, Yu Chen , Sherman S.M. Chow, Goichiro Hanaoka, Zhenfu Cao, and Yunlei Zhao
  • Organizer: The 12th International Conference on Applied Cryptography and Network Security (ACNS 2014)
  • Place of Presentation: SwissTech Convention Center・Lausanne・ Switzerland
  • Year and Date: 2014-06-10 – 2014-06-13