Research Team for Security Fundamentals
While the Internet makes the daily life easier, it has been posing new threats, such as information leakage, net fraud, terminal hijacking and so on. Our mission is to contribute to the IT society so that it can be safe, functional and advanced by creating or enhancing security infrastructures. We achieve this goal by securing, evaluating and facilitating their underlying primitive technologies such as cryptography, authentication, key-management and others, where cryptography can be used to protect stored or communicated data, and authentication can ensure the authenticity of data or a communication party. The obtained results can be used by various applications.
Leakage Resilient Authentication and Encryption Schemes
A lot of secure systems have been designed under the assumption that keys and other authentication data are strictly protected and never leak out. In practice, however, they face a risk of leakage due to program bugs, system misconfigurations, devices°« theft or loss coming from users°« carelessness and so on. In this study, we design the systems under the assumption that keys and authentication data may leak out. We consider the structure which is to resist the information leakage and to localize the impact of leakage. Many walls can block the leakage, but the important issue is how effectively they can be arranged without deteriorating users°« convenience. So far, we have proposed concrete schemes for encryption, signature and authentication as well as efficient and powerful key update mechanisms to immunize against information leakage. We also develop their implementation collaborating within AIST (the Research Teams for Software Security and Physical Analysis) and with companies. It is expected that these results can be applied to databases, data storage, authentication tokens and so on.
Content Protection and Digital Right Management
For providing secure contents distribution system, it is important to prevent illegal copying or re-distribution of the contents. Such malicious acts reduce the author's profit. We are engaged in research on collision secure code, broadcast encryption schemes, pirate device detection schemes and revocation schemes and others, which are fundamental techniques for overcoming this problem.
When a user requests some content to a server, the server embeds the user's ID into the content before sending it to the user. When the server finds one of the illegally re-distributed copies, it can detect the malicious user by picking up the embedded user ID from the content. However, even if the fingerprinting method is designed to be secure against removing or modifying the embedded information by only one user, collusion of malicious users might result in erasing the embedded ID or changing the embedded ID to an innocent user's ID by detecting the differences between their contents. Hence our research includes collusion secure fingerprinting schemes to prevent such collusion attacks.
Researches for Privace Protection
The advance of information technology has allowed us to collect and handle enormous amount of information. This has caused various privacy problems, due to leaks in information. Our goal is to solve such privacy problems by allowing on-line services to be provided without the use of privacy information. This goal is achieved by techniques such as refreshable anonymous token schemes, anonymous RFID, and anonymous routing. Anonymous authentication allows the service provider to check if the user has the right to receive a service without identifying the user. Various enhancements could be applied to anonymous authentication,°°for example avoiding the right to be double used, and control the number of the rights to be used.