Coron et al. proposed the ES-based scheme PSS-ES which realizes an encryption scheme and a signature scheme with a unique padding technique and key pair. The security of PSS-ES as an encryption scheme is based on the partial-domain one-wayness of the encryption permutation. In this paper, we propose new ES schemes OAEP-ES, OAEP++-ES, and REACT-ES, and prove their security under the assumption of only the one-wayness of encryption permutation. OAEP-ES, OAEP++-ES, and REACT-ES suit practical implementation ...
Tópico(s): Coding theory and cryptography
2003 - Springer Science+Business Media | Lecture notes in computer science
Yuichi Komano, Hideo Shimizu, S. Kawamura,
Correlation power analysis (CPA) is a well-known attack against cryptographic modules with which an attacker evaluates the correlation between the power consumption and the sensitive data candidates calculated from a guessed sub-key and known data such as plaintexts and ciphertexts. This paper enhances CPA to propose a new general power analysis, built-in determined sub-key CPA (BS-CPA), which finds a new sub-key by using the previously determined sub-keys recursively to compute the sensitive data ...
Tópico(s): Coding theory and cryptography
2010 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences
S. Kawamura, Yuichi Komano, Hideo Shimizu, Tomoko Yonemura,
The residue number system (RNS) is a method for representing an integer as an n-tuple of its residues with respect to a given base. Since RNS has inherent parallelism, it is actively researched to implement a faster processing system for public-key cryptography. This paper proposes new RNS Montgomery reduction algorithms, Q-RNSs, the main part of which is twice a matrix multiplication. Letting n be the size of a base set, the number of unit modular multiplications in the proposed algorithms is evaluated ...
Tópico(s): Cryptography and Data Security
2018 - Springer Science+Business Media | Journal of Cryptographic Engineering
Yuichi Komano, Kazuo Ohta, Atsushi Shimbo, S. Kawamura,
Ring signature scheme, proposed by Rivest et al., allows a signer to sign a message anonymously. In the ring signature scheme, the signer who wants to sign a document anonymously first chooses some public keys of entities (signers) and then generates a signature which ensures that one of the signer or entities signs the document. In some situations, however, this scheme allows the signer to shift the blame to victims because of the anonymity. The group signature scheme may be a solution for the problem; ...
Tópico(s): Complexity and Algorithms in Graphs
2005 - Springer Science+Business Media | Lecture notes in computer science
Kohei Matsuda, Sho Tada, Makoto Nagata, Yuichi Komano, Yang Li, Takeshi Sugawara, Mitsugu Iwamoto, Kazuo Ohta, Kazuo Sakiyama, Noriyuki Miura,
Abstract Laser fault injection (LFI) attacks on cryptographic processor ICs are a critical threat to information systems. This paper proposes an IC-level integrated countermeasure employing an information leakage sensor against an LFI attack. Distributed bulk current sensors monitor abnormal bulk current density caused by laser irradiation for LFI. Time-interleaved sensor operation and sensitivity tuning can obtain partial secret key leakage bit information with small layout area penalty. Based on ...
Tópico(s): Cryptographic Implementations and Security
2019 - Institute of Physics | Japanese Journal of Applied Physics
Yuichi Komano, Kazuo Ohta, Atsushi Shimbo, S. Kawamura,
Tópico(s): Chaos-based Image/Signal Encryption
2006 - Springer Science+Business Media | Lecture notes in computer science
Takaaki Mizuki, Yuichi Komano,
Card-based protocols provide secure multi-party computation using a deck of physical cards, via a series of operations such as shuffling and turning over cards, which are supposed to be executed by humans. Although almost all existing protocols have been designed to be perfectly secure, operative errors by humans would cause information leakage. In this paper, we propose a technique for analyzing information leakage due to operative errors in card-based protocols. To be specific, we introduce a ...
Tópico(s): Formal Methods in Verification
2018 - Springer Science+Business Media | Lecture notes in computer science
Takaaki Mizuki, Yuichi Komano,
Card-based protocols provide secure multi-party computation using a deck of physical cards via a series of operations, such as shuffling and turning over cards, that are executed by humans. Although almost all existing protocols have been designed to be perfectly secure, operative errors by humans can lead to information leakage. In this paper, we propose a technique for analyzing information leakage due to operative errors in card-based protocols. In particular, we introduce a concept, which we ...
Tópico(s): Distributed systems and fault tolerance
2022 - Elsevier BV | Information and Computation
Yoshikazu Hanatani, Yuichi Komano, Kazuo Ohta, Noboru Kunihiro,
Tópico(s): Cloud Data Security Solutions
2006 - Springer Science+Business Media | Lecture notes in computer science
Kei Kawauchi, Yuichi Komano, Kazuo Ohta, Mitsuru Tada,
Tópico(s): Algorithms and Data Compression
2004 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences
Yuichi Komano, Shoichi Hirose,
The re-keying scheme is a variant of the symmetric encryption scheme where a sender (respectively, receiver) encrypts (respectively, decrypts) plaintext with a temporal session key derived from a master secret key and publicly-shared randomness. It is one of the system-level countermeasures against the side channel attacks (SCAs), which make attackers unable to collect enough power consumption traces for their analyses by updating the randomness (i.e., session key) frequently. In 2015, Dobraunig et ...
Tópico(s): Cryptography and Data Security
2019 - Multidisciplinary Digital Publishing Institute | Applied Sciences
Yuichi Komano, Takaaki Mizuki,
Assume that, given a sequence of n integers from 1 to n arranged in random order, we want to sort them, provided that the only acceptable operation is a prefix reversal, which means to take any number of integers (sub-sequence) from the left of the sequence, reverse the order of the sub-sequence, and return them to the original sequence. This problem is called "pancake sorting," and sorting an arbitrary sequence with the minimum number of operations restricted in this way is known to be NP-hard. In ...
Tópico(s): Algorithms and Data Compression
2023 - Springer Science+Business Media | Lecture notes in computer science
Yuichi Komano, Takaaki Mizuki,
Suppose that a sequence of n cards, numbered 1 to n, is placed face up in random order. Let k be the number on the first card in the sequence. Then take the first k cards from the sequence, rearrange that subsequence of k cards in reverse order, and return them to the original sequence. Repeat this prefix reversal until the number on the first card in the sequence becomes 1. This is a one-player card game called Topswops. The computational complexity of Topswops has not been thoroughly investigated. ...
Tópico(s): DNA and Biological Computing
2022 - Springer Science+Business Media | Lecture notes in computer science
Yuichi Komano, Kazuo Ohta, Atsushi Shimbo, S. Kawamura,
We first prove that the following three probabilistic multisignature schemes based on a trapdoor permutation have tight security; PFDH (probabilistic full domain hash) based multisignature scheme (PFDH-MSS), PSS (probabilistic signature scheme) based multisignature scheme (PSS-MSS), and short signature PSS based multisignature scheme (S-PSS-MSS). Second, we give an optimal proof (general result) for multisignature schemes, which derives the lower bound for the length of random salt. We also estimate the ...
Tópico(s): Cryptographic Implementations and Security
2005 - Springer Science+Business Media | Lecture notes in computer science
Yang Li, Kazuo Sakiyama, S. Kawamura, Yuichi Komano, Kazuo Ohta,
At CHES 2006, Prouff et al. proposed a novel S-box calculation based on the discrete Fourier transform as a first-order DPA countermeasure. At CHES 2008, Coron et al. showed that the original countermeasure can be broken by first-order DPA due to a biased mask and they proposed an improved algorithm. This paper shows that there is still a flaw in the Coron's S-box algorithm with respect to a practical software implementation. We pre-process the power traces to separate them into two subgroups, each ...
Tópico(s): Physical Unclonable Functions (PUFs) and Hardware Security
2009 - Springer Science+Business Media | Lecture notes in computer science
Yuichi Komano, Kazuo Ohta, Atsushi Shimbo, S. Kawamura,
Ring signature scheme enables a signer to sign a message anonymously. In the ring signature scheme, the signer who wants to sign a document anonymously first chooses some public keys of entities (signers) and then generates a signature which ensures that one of the signer or entities signs the document. In some situations, however, the ring signature scheme allows the signer to shift the blame to victims because of the anonymity. The group signature scheme may be a solution for the problem; however, ...
Tópico(s): Complexity and Algorithms in Graphs
2007 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences
Yuichi Komano, Kazuo Ohta, Kazuo Sakiyama, Mitsugu Iwamoto, Ingrid Verbauwhede,
Paral and Devadas introduced a simple key generation scheme with a physically unclonable function (PUF) that requires no error correction, e.g., by using a fuzzy extractor. Their scheme, called a pattern matching key generation (PMKG) scheme, is based on pattern matching between auxiliary data, assigned at the enrollment in advance, and a substring of PUF output, to reconstruct a key. The PMKG scheme repeats a round operation, including the pattern matching, to derive a key with high entropy. Later, ...
Tópico(s): Cryptographic Implementations and Security
2019 - Hindawi Publishing Corporation | Security and Communication Networks
Yuichi Komano, Takaaki Mizuki,
Abstract In the history of cryptography, many cryptographic protocols have relied on random coin tosses to prove their security. Although flipping coins is indispensable in this manner, the coins themselves have never been in the spotlight. Therefore, we would like to make physical coins rise to the level of cryptography, just as a deck of physical playing cards has been used to perform a secure multi-party computation. Such a card-based protocol is known to be helpful both to perform a secure computation ...
Tópico(s): graph theory and CDMA systems
2022 - Springer Science+Business Media | International Journal of Information Security
Yuichi Komano, Kazuo Ohta, Atsushi Shimbo, S. Kawamura,
We first model the formal security model of multisignature scheme following that of group signature scheme. Second, we prove that the following three probabilistic multisignature schemes based on a trapdoor permutation have tight security; PFDH (probabilistic full domain hash) based multisignature scheme (PFDH-MSS), PSS (probabilistic signature scheme) based multisignature scheme (PSS-MSS), and short signature PSS based multisignature scheme (S-PSS-MSS). Third, we give an optimal proof (general result) ...
Tópico(s): Geometric and Algebraic Topology
2008 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences
Yoshikazu Hanatani, Yuichi Komano, Kazuo Ohta, Noboru Kunihiro,
Although a great deal of research has been done on electronic cash schemes with blind multisignatures to prevent an insider attack, there is no discussion of a formal security model in the literature. Firstly we discussed the security model of e-cash schemes based on the blind multisignature scheme against a (restricted) attack model and proposed a concrete scheme proven to be secure in the model [1]; however, this attack model disallows an attacker from corrupting an issuing bank and shops in the ...
Tópico(s): Chaos-based Image/Signal Encryption
2007 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences
Yuichi Komano, Takaaki Mizuki,
In the history of cryptography, many cryptographic protocols rely on random coin tosses to discuss their provable security. Although flipping coins is indispensable in this manner, the coins themselves have never been in the spotlight. Therefore, we would like to make physical coins go up to the stage of cryptography, as a deck of physical playing cards has been used to perform a secure multi-party computation. Such a card-based protocol is helpful both to perform a secure computation without any ...
Tópico(s): Chaos-based Image/Signal Encryption
2018 - Springer Science+Business Media | Lecture notes in computer science
We first model the variants of OAEP and SAEP by changing a construction and position of a redundancy, and establish a universal proof technique in the random oracle model, the comprehensive event dividing tree. We then make a taxonomical security consideration of the variants of OAEP and SAEP, based on the assumptions of one-wayness and partial-domain one-wayness of the encryption permutation, by applying the tree. Furthermore, we demonstrate the concrete attack procedures against all insecure schemes; ...
Tópico(s): Semantic Web and Ontologies
2006 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences
S. Kawamura, Yuichi Komano, Hideo Shimizu, Saki Osuka, Daisuke Fujimoto, Yu‐ichi Hayashi, Kentaro Imafuku,
The residue number system (RNS) is a method for representing an integer x as an n-tuple of its residues with respect to a given set of moduli. In RNS, addition, subtraction, and multiplication can be carried out by independent operations with respect to each modulus. Therefore, an n-fold speedup can be achieved by parallel processing. The main disadvantage of RNS is that we cannot efficiently compare the magnitude of two integers or determine the sign of an integer. Two general methods of comparison ...
Tópico(s): Numerical Methods and Algorithms
2020 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences
Yuichi Komano, Kazuo Ohta, Hideyuki Miyake, Atsushi Shimbo,
Though Gennaro et al. discussed the algorithmic tamper proof (ATP) devices using the personal identification number (PIN) with less tamper-proof devices, and proposed counter units which count the number of wrong attempts in user authentication; however, as for the counter unit, they only constructed one which counts the total number of wrong attempts. Although large number for the limit of wrong attempts is required for usability, it allows an attacker to search PIN up to the limit and degrades the ...
Tópico(s): Chaos-based Image/Signal Encryption
2009 - Springer Science+Business Media | Lecture notes in computer science
Tsutomu Endo, Yoshinao Koike, Hideaki Miyoshi, Yuichiro Hisada, Ryo Fujita, Ryota Suzuki, Masaru Tanaka, Takeru Tsujimoto, Yukitoshi Shimamura, Yuichi Hasegawa, Masahiro Kanayama, Tomoyuki Hashimoto, Fumihiro Oha, Naoki Noro, Kiyofumi Komano, Misaki Ishii, Yoichi M. Ito, Norimasa Iwasaki, Masahiko Takahata,
Abstract Ossification of the posterior longitudinal ligament (OPLL) of the spine is a disease of unknown etiology occurring frequently in individuals with metabolic disturbances. Obesity has been suggested as a potential risk factor for the severity of OPLL. We aimed to investigate whether non-alcoholic fatty liver disease (NAFLD) is associated with OPLL severity. We assessed the severity of NAFLD by a liver-to-spleen (L/S) ratio on computed tomography (CT) scans of 85 symptomatic OPLL patients at a ...
Tópico(s): Bone and Joint Diseases
2021 - Nature Portfolio | Scientific Reports
Chen et al. introduced a new notion of a concurrent signature scheme for a fair exchange of signatures with two parties. Chen et al. also proposed a concrete scheme and proved its security under the assumption of discrete logarithm problem. Recently, Hiwatari and Tanaka extended the concept of concurrent signature to many-to-one setting. Hiwatari and Tanaka also proposed a concrete scheme; however, it requires some strong assumption to achieve the fair exchange and it is not efficient. This paper ...
Tópico(s): Privacy-Preserving Technologies in Data
2007 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences
Yuichi Komano, Tomoya Shibayama,
Many dam projects and dam constructions are increasingly brought forward in Mekong basin. Deposition of sand in dams will causes change of a cycle balance of sediment discharge. It is necessary to integrate numerical information in relation to dam project and sediment discharge. Sediment discharge was calculated by applying MUSLE model. Data of elevation, climate, soil and landuse of the year 1998 were used for calculation. Most of sediment discharge in the area distributed from the upper basin ...
Tópico(s): Soil erosion and sediment transport
2007 - | Chikyuu Kankyou Shimpojiumu kouen rombunshuu
Yuichi Komano, Tomoya Shibayama,
Nowadays, soil erosion occurs all over the world, and the damage is serious. Soil erosion was calculated by applying RUSLE model and influences on erosion coused by climate change and economical development was discussed. The prediction was performed in Mekong river basin and the basin has various characteristics about climate and topography. Conditions of topography and landuse are important factors to decide amount of soil erosion. Changing of landuse gives bigger influence than climate change. ...
Tópico(s): Hydrology and Watershed Management Studies
2006 - | Chikyuu Kankyou Shimpojiumu kouen rombunshuu
In this paper, we first model the variants of OAEP and SAEP, and establish a systematic proof technique, the comprehensive event dividing tree, and apply the technique to prove the security of the (120) variants of OAEP and SAEP. Moreover, we point out the concrete attack procedures against all insecure schemes; we insist that the security proof failure leads to some attacks. From the security consideration, we find that one of them leads to a scheme without a redundancy; the scheme is not \(\mathcal{ ...
Tópico(s): Cloud Data Security Solutions
2004 - Springer Science+Business Media | Lecture notes in computer science
2004 - Institute of Electronics, Information and Communication Engineers | IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences