MOHRI MasamiDepartment of Informatics Professor |
In the case of drive-by download attacks, most malicious web sites identify the software environment of the clients and change their behavior. Then we cannot always obtain sufficient information appropriate to the client organization by automatic dynamic analysis in open services. It is required to prepare for expected incidents caused by re-accessing same malicious web sites from the other client in the organization. To authors' knowledge, there is no study of utilizing analysis results of malicious web sites for digital forensic on the incident and hedging the risk of expected incident in the organization. In this paper, we propose a system for evaluating the impact of accessing malicious web sites by using the results of multi-environment analysis. Furthermore, we report the results of evaluating malicious web sites by the multi-environment analysis system, and show how to utilize analysis results for forensic analysis and risk hedge based on actual cases of analyzing malicious web sites.
The application of Intelligent Transport Systems (ITS) transmits data with road-to-vehicle communication (RVC) and inter-vehicle communication (IVC). Digital signature is essential to provide security for RVC and IVC. The public key certificate is used to verify that a public key belongs to an individual prover such as user or terminal. A certificate revocation list (CRL) is used for verifying validity of the public key certificate. A certificate authority (CA) publishes a CRL and distributes it to vehicles. CRL distribution traffic disturbs ITS application traffic because of sharing wireless channel between them. To distribute it on low bit rate will help to ease the disturbance. Although multiplex transmitting is effective in reliable communication, a duplication of received packets is waste of bandwidth as a consequence. This paper proposes a CRL distribution scheme based on random network coding which can reduce duplicate packets. The simulation results show that the number of duplicate packets of the proposed scheme is less than that of a simple error correction (EC)-based scheme and the proposed one can distribute CRL to more vehicles than EC-based ones.
Internet of Things (IoT) has been widely applied in various fields. IoT data can also be put to cloud, but there are still concerns regarding security and privacy. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is attracted attention in cloud storage as a suitable encryption scheme for confidential data share and transmission. In CP-ABE, the secret key of a user is associated with a set of attributes; when attributes satisfy the access structure, the ciphertext is able to be decrypted. It is necessary that multiple authorities issue and manage secret keys independently. Authorities that generate the secret key can be regarded as managing the attributes of a user in CP-ABE. CP-ABE schemes that have multiple authorities have been proposed. The other hand, it should consider that a user's operation at the terminals is not necessary when a user drop an attribute and key is updated and the design of the communication system is a simple. In this paper, we propose CP-ABE scheme that have multiple key authorities and can revoke attribute immediately with no updating user's secret key for attribute revocation. In addition, the length of ciphertext is fixed. The proposed scheme is IND-CPA secure in DBDH assumption under the standard model. We compare the proposed scheme and the other CP-ABE schemes and show that the proposed scheme is more suitable for cloud storage.
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is suitable for data access control on cloud storage systems. In ABE, to revoke users' attributes, it is necessary to make them unable to decrypt ciphertexts. Some CP-ABE schemes for efficient attribute revocation have been proposed. However, they have not been given a formal security proof against a revoked user, that is, whether they satisfy forward secrecy has not been shown or they just do not achieve fine-grained access control of shared data. We propose an attribute revocable attribute-based encryption with the forward secrecy for fine-grained access control of shared data. The proposed scheme can use both "AND" and "OR" policy and is IND-CPA secure under the Decisional Parallel Bilinear Diffie-Hellman Exponent assumption in the standard model.
によってF_<2^m>が構成できることを示している.しかしながら,その同形写像は与えられておらず,F_<2^m>のmビット表現をF_2[X]/
による多項式環表現に変換することはできない.本論文では,重根をもたない多項式だけでなく,一般の多項式P(X)に対してF_2[XI/
を用いてF_<2^m>が構成できることを示す.更に,そのP(X)を法とする多項式環F_2[X]/
とF_<2^m>の同形写像を陽に与える.この同形写像によってF_<2^m>の元をF_2[X]/
の多項式に変換,し表現することが可能になる.また本論文では,F_2[X]/
による多項式環表現の応用として,F_2[X]/
で設計するF_<2^m>の並列乗算回路の性能を評価し,DroletやKattiらが与えている多項式環表現の乗算回路より性能の良い乗算回路が多項式環表現によって構成できることを示す.