| 研究課題/領域番号 |
18K11292
|
|---|
| 研究機関 | 電気通信大学 |
|---|
研究代表者 |
SANTOSO BAGUS 電気通信大学, 大学院情報理工学研究科, 助教 (40571956)
|
|---|
| 研究分担者 |
太田 和夫 電気通信大学, 大学院情報理工学研究科, 教授 (80333491)
|
|---|
| 研究期間 (年度) |
2018-04-01 – 2022-03-31
|
| キーワード | Quantum Adversary / Unbounded Adversary / Encryption |
|---|
| 研究実績の概要 |
As preparation for constructing a new framework to prove the security against quantum adversaries, in FY 2019 we investigated methods to prove the security of cryptographic protocols against an unbounded adversary since the security proof against an unbounded adversary will be automatically a security proof against a quantum adversary. Our results include new techniques to prove the security of cryptographic protocols against unbounded adversaries in different settings: (1) distributed Shannon encryption in the binary field with secrecy amplification, (2) Shannon encryption with secrecy amplification in the presence of an adversary with side-channel information, (3) any symmetric key encryption protocol in the presence of an adversary with side-channel information which tries to extract the plaintext.
For (1), we successfully prove that we can construct suitable affine encoders for the secrecy amplification based on the transmission rates only, without knowing the value of the distribution of sources or keys.
For (2), we successfully prove that for any distribution of the secret keys and any measurement device used for collecting the physical information, we can derive an achievable rate region for reliability and security.
For (3) we prove the upper-bound of the success probability that an adversary can correctly extract the plaintext data from the ciphertext and the encoded data derived from probed physical phenomenon generated by the encryption device during the encryption process.
|
| 現在までの達成度 (区分) |
現在までの達成度 (区分)
2: おおむね順調に進展している
理由
We have successfully proven that we can construct suitable affine encoders for the secrecy amplification based on the transmission rates only, without knowing the value of the distribution of sources or keys. We also derive explicit lower bounds on the achievable reliability and secrecy exponents. We published our proof in IEEE Transactions in Information Forensics and Security.
We also have successfully proven that for any distribution of the secret keys and any measurement device used for collecting the physical information, we can derive the achievable rate region for reliability and security. If we compress the ciphertexts using an affine encoder with a rate within the achievable rate region, then anyone with the secret key can decrypt the ciphertexts correctly. On the other hand, an adversary who obtains the ciphertext and also the side physical information will not get any information as long as the leaked physical information is encoded with a rate within the rate region. We published our proof in two articles in journal Entropy.
Moreover, we also successfully derived the maximum success probability of an adversary which tries to extract the hidden plaintext data in the following scenario. The plaintext is encrypted by a symmetric key encryption scheme, whereas the adversary is allowed to obtain ciphertexts in the public communication channel and the encoded physical data which is derived from probed physical phenomenon generated by the encryption device. We published our proof in an international peer-reviewed conference, i.e., NSS 2019.
|
| 今後の研究の推進方策 |
At the end of the previous financial year (FY2019), we have successfully formulated a computational problem based on multivariate polynomials in the binary field. The computational problem is suitable for constructing public-key encryption schemes and key exchange schemes which are secure against even adversaries with quantum computers. In FY2020, we plan to apply this computational problem for building various public-key cryptographic schemes which we list as follows.
First, we will construct a public-key encryption scheme which is provable secure against the quantum adversaries which launch attacks in IND-CCA scenario in the random oracle model.
Second, we will construct an identification scheme which is provable secure against the quantum adversaries which launch impersonation under concurrent active attacks. Then, we will convert the identification scheme into a signature scheme using Fiat-Shamir transformation.
Thirdly, we will construct another public-key encryption scheme which is provable secure against the quantum adversaries which launch attacks in IND-CCA scenario, but in the random oracle model.
And finally, we will construct a key-exchange scheme which is provable secure against the quantum adversaries.
|
| 次年度使用額が生じた理由 |
We planned to buy one electronic device for machine experiment, but the device was out of stock and we need to wait until we can order it again.
|
