Masahiro Mambo
Research topics: Information Security and Cryptology
We study several topics on information security, in particular,
construction and evaluation of communication and authentication protocols.
Study of secure communication protocols:
-
Constructing secure protocols in communication networks is a
complicated task because electronic data can easily be copied.
Furthermore, there are protocols which themselves are difficult to
construct. For instance in election schemes, votes being tallied must
be kept secret and frauds of attackers and participants prevented.
Meanwhile, such protocols are inevitable in our society and some of
them are necessary for communication networks. Today, much more
activities are played in communication networks than before. It is
highly likely that such a tendency continues for at least a few
decades. Then we will not be able to avoid to implement secure
protocols and to solve problems related to them. In such a highly
computer-oriented society, anonymity might be one of the biggest
concerns. As enlightened by the key escrow debate, a well-equipped
computer system has a capability to violate user privacy. Therefore,
we study different types of protocols from the aspects of protecting
user rights and privacy.
Authentication:
-
Authentication is the act of verifying messages or identifying users,
promising the faithfulness of the messages or users. Outside of
communication networks, authentication is performed with the use of
inimitable physical objects such as handwritten signatures and credit
cards. The former verifies the correctness of messages and the latter
the identity of users. An electronic alternative to the physical
object is desired for use in communication networks. A promising
alternative to the handwritten signature is provided by digital
signature schemes. Basically, digital signature imitates handwritten
signature or seal. So, many different functionalities should be added
into digital signatures. For example, in a proxy signature scheme,
one can give other the power to sign message for him, without giving
his secret. Moreover, if possible, we should find a new property
originated from digital information. On the other hand, a promising
alternative to the credit card is provided by zero-knowledge
interactive proof systems (ZKIP). ZKIP provides very high security.
Then other properties, e.g. computational work and communicated bits,
should also achieve the high level. We study secure, fast and
flexible authentication methods in general, including ZKIP.
Security criteria, database access control and protocol
verification:
-
Security criteria are standards which promise a certain level of
security to communication systems that follow them. They recommend
actual algorithms or provide guidelines. The more events security
criteria cover, the more reliable they become. We create new security
criteria which cover many possible events. Subjects related to
security criteria are database access control and protocol
verification. We study access models and protocol verification methods
which can deal with a change of time.
Publications:
- Communication Protocols with Untraceability of Sender and Receiver,
Masahiro Mambo, Hirotsugu Kinoshita, Shigeo Tsujii,
Trans. of IEICE, Vol.J74-D-I, No.7, pp.429-434 (1991). [in Japanese]
- A Secure Broadcast Communication Method with Short Messages,
Masahiro Mambo, Akinori Nishikawa, Eiji Okamoto and Shigeo Tsujii,
Trans. of IEICE, Fundamentals, Vol.E77-A, No.8, pp. 1319-1327 (1993).
- Proxy Signatures: Delegation of the Power to Sign Messages,
Masahiro Mambo, Keisuke Usuda and Eiji Okamoto,
IEICE Trans. on Fundamentals, Vol.E79-A, No.9, pp.1338-1354 (1996).
- How to Utilize the Transformability of Digital Signatures for
Solving the Oracle Problem, Masahiro Mambo, Koichi Sakurai and Eiji
Okamoto, Advances in Cryptology -- Asiacrypt'96, Lecture Notes in
Computer Science 1163, Springer-Verlag, pp.322-333 (1996).
- Proxy Cryptosystem: Delegation of the Power to Decrypt
Cihpertexts, Masahiro Mambo and Eiji Okamoto, IEICE Trans. on
Fundamentals, Vol.E80-A, No.1 pp.54-63(1997).