SANTOSO BAGUS
| 情報・ネットワーク工学専攻 | 准教授 |
| Ⅱ類(融合系) | 准教授 |
研究者情報
経歴
研究活動情報
受賞
論文
- 5パス本人確認方式の健全性の再考察
黒木 大悟; 竹牟禮 薫; サントソ バグス
ラスト(シニア)オーサー, 信学技報, 123巻, 424号, 掲載ページ 44-51, 出版日 2024年03月
研究論文(研究会,シンポジウム資料等), 日本語 - 新しいNP困難なテンソルベースの問題に基づいた公開鍵本人確認方式
横田 明卓; サントソ バグス
ラスト(シニア)オーサー, 信学技報, 123巻, 424号, 掲載ページ 94-101, 出版日 2024年03月
研究論文(研究会,シンポジウム資料等), 日本語 - BKWアルゴリズムの精度の向上案
高 優斗; サントソ バグス
ラスト(シニア)オーサー, 信学技報, IT2023-41, 123巻, 338号, 掲載ページ 62-67, 出版日 2024年01月
研究論文(研究会,シンポジウム資料等), 日本語 - More Efficient Two-Round Multi-Signature Scheme with Provably Secure Parameters for Standardized Elliptic Curves
Kaoru TAKEMURE; Yusuke SAKAI; Bagus SANTOSO; Goichiro HANAOKA; Kazuo OHTA
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Institute of Electronics, Information and Communications Engineers (IEICE), 出版日 2023年10月, 査読付
研究論文(学術雑誌), 英語 - A Framework for Shannon Ciphers under Side-Channel Attacks: a Strong Converse and More
Yasutada Oohama; Bagus Santoso
IEEE International Symposium on Information Theory, ISIT 2022, IEEE, CFP22SIF-ART巻, 1号, 掲載ページ 862-867, 出版日 2022年06月26日, 査読付, In this paper, we propose a general framework of source encryption with a symmetric key under the side-channel attacks, which applies to any source encryption with a symmetric key and any kind of side-channel attacks targeting the secret key. We also propose a new security criterion for strong secrecy under side-channel attacks, which is a natural extension of mutual information, i.e., the maximum conditional mutual information between the plaintext and the ciphertext given the adversarial key leakage, where the maximum is taken over all possible plaintext distribution. Under this new criterion, we successfully formulate the rate region, which serves as both necessary and sufficient conditions to have secure transmission even under side-channel attacks.
研究論文(国際会議プロシーディングス), 英語 - New Post-Quantum Digital Signature Scheme based on MinRank Problem
Bagus Santoso; Yasuhiko Ikematsu; Shuhei Nakamura; Takanori Yasuda
2022 Symposium on Cryptography and Information Security (SCIS 2022), 2022巻, 2A5-1号, 掲載ページ 1-8, 出版日 2022年01月18日, In Asiacrypt 2001, Courtois proposed the first
three-pass zero-knowledge identification (ID) scheme
based on the MinRank problem. However, in Courtois’basic ID scheme, the cheating probability, i.e., the
success probability of cheating prover, is 2/3, which is
larger than half. Based on our modification [3] of Curtois’ ID scheme into a three-pass ID scheme with cheating probability of 1/2, we propose a new digital signature scheme based on MinRank problem. Our scheme
is constructed based on the Fiat-Shamir paradigm for
post-quantum lossy ID scheme which are proposed by
Kiltz et al. at Eurocrypt 2018. Therefore, our scheme
also inherits the provable security under chosen message attacks against quantum adversaries.
研究論文(研究会,シンポジウム資料等), 英語 - MinRank Based Three-Pass Identification Scheme with Half Cheating Probability
Bagus Santoso; Yasuhiko Ikematsu; Shuhei Nakamura; Takanori Yasuda
Computer Security Symposium 2021 (CSS 2021), 2021巻, 3E2-3号, 掲載ページ 1-8, 出版日 2021年10月26日, In Asiacrypt 2001, Courtois proposed the first three-pass zero-knowledge identification (ID)
scheme based on the MinRank problem. However, in Courtois’ basic ID scheme, the cheating probabil-
ity, i.e., the success probability of cheating prover, is 2/3, which is larger than half. Although Courtois
also proposed a variant scheme which is claimed to have half cheating probability, the security of the variant
scheme is not formally proven and it requires another hardness assumption on a specific one-way function and
also an additional assumption that verifier always generates challenges according to a specific distribution.
In this paper, we propose the first three-pass zero-knowledge ID scheme based on the MinRank problem with
the cheating probability of exactly half even with only two-bit challenge space, without any additional as-
sumption. Our proposed ID scheme reduces the necessary number of rounds in order to achieve the targeted
security level against impersonation.
研究論文(研究会,シンポジウム資料等), 英語 - Strong Converse for Distributed Source Coding with Encryption Using Correlated Keys
Yasutada Oohama; Bagus Santoso
2021 IEEE Information Theory Workshop (ITW), Institute of Electrical and Electronics Engineers (IEEE), ITW巻, 2021号, 掲載ページ 1-6, 出版日 2021年10月17日, 査読付, We pose and investigate the distributed secure source coding based on the common key cryptosystem. This cryptosystem includes the secrecy amplification problem for distributed encrypted sources with correlated keys using post-encryption-compression, which was previously studied by Santoso and Oohama. In this paper we propose another new security criterion which is generally more strict compared with the commonly used security criterion based on the upper bound of mutual information between the plaintext and the ciphertext. Under this criterion, we establish the necessary and sufficient conditions for the secure transmission of correlated sources.
研究論文(国際会議プロシーディングス), 英語 - Achieving Pairing-Free Aggregate Signatures using Pre-Communication between Signers
Kaoru Takemure; Yusuke Sakai; Bagus Santoso; Goichiro Hanaoka; Kazuo Ohta
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Institute of Electronics, Information and Communication Engineers, E104-A巻, 9号, 掲載ページ 65-84, 出版日 2021年09月, 査読付, In this paper, we introduce a new paradigm of aggregate signatures, i.e., aggregate signatures with an additional pre-communication stage. In the pre-communication stage, each signer interacts with the aggregator to agree on a specific random value before deciding messages to be signed. We also discover that the
impossibility results of Drijvers et al. take effect if the adversary can decide the whole randomness part of any individual signature. Based on the new paradigm and our discovery of the applicability of the impossibility
result, we propose a pairing-free aggregate signature scheme such that any individual signature includes a random nonce which can be freely generated by the signer. We prove the security of our scheme based on the hardness of
the standard DL problem. As a trade-off, in contrast to the plain public-key model, which Zhao’s scheme uses, we employ a more restricted key setup model, i.e., the knowledge of secret-key model.
研究論文(学術雑誌), 英語 - Security Analysis on an El-Gamal-like Multivariate Encryption Scheme Based on Isomorphism of Polynomials
Yasuhiko Ikematsu; Shuhei Nakamura; Bagus Santoso; Takanori Yasuda
Information Security and Cryptology, 17th International Conference, Inscrypt 2021, Springer International Publishing, LNCS 13007巻, 1号, 掲載ページ 235-250, 出版日 2021年08月11日, 査読付, At PQC 2020, Santoso proposed a problem originated from IP2S, which is called block isomorphism of polynomials with circulant matrices (BIPC) problem. The BIPC problem is obtained by linearizing IP2S and restricting secret linear maps to linear maps represented by circulant matrices. Using the commutativity of products of circulant matrices, Santoso also proposed an El-Gamal-like encryption scheme based on the BIPC problem. In this paper, we give a new security analysis on the El-Gamal-like encryption scheme. In particular, we introduce a new attack (called linear stack attack) which finds an equivalent key of the El-Gamal-like encryption scheme by using the linearity of the BIPC problem.
研究論文(国際会議プロシーディングス), 英語 - Achieving Pairing-Free Aggregate Signatures using Pre-Communication between Signers.
Kaoru Takemure; Yusuke Sakai 0001; Bagus Santoso; Goichiro Hanaoka; Kazuo Ohta
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 104-A巻, 9号, 掲載ページ 1188-1205, 出版日 2021年
研究論文(学術雑誌) - LWE暗号におけるIND-CPA安全性の再評価
荒井嵩博; バグス サントソ; 竹牟禮 薫
信学技報, 電子情報通信学会, 120巻, 320号, 掲載ページ 271-276, 出版日 2021年01月, 本研究は平文$1$ビットにおけるIND-CPA安全性と等価性を持つ
より単純な安全性定義を提案し、それに基づいて
新たなLWE暗号のIND-CPA安全性を攻撃する手法を構成した。
新たな攻撃法はCT-RSA'18でBootleらによって提案された
Compact-LWEへの攻撃をLWE暗号に拡張したものである。
また計算機実験では、$30$ビット安全性を保証可能と想定されたパラメータにおけるLWE暗号に対して提案攻撃法を適用した。格子簡約アルゴリズムの計算量を$T$とすれば、提案攻撃法の計算量は$O(2^{23})times T$になることが判明した。
研究論文(研究会,シンポジウム資料等), 日本語 - An Introduction to Provable Secure Post-Quantum Cryptography
Bagus Santoso
Technical Report of IEICE, IEICE, QIT巻, 掲載ページ 1-6, 出版日 2020年12月, Public key cryptographic schemes are essential to guarantee the security of network communication over an untrusted communication channel. However, it has been proven theoretically that quantum computers have the ability to efficiently break all current standard public-key cryptographic schemes. Moreover, the research on developing practical quantum computers has been gaining momentum in recent years. Therefore, there is an urging demand to construct or discover post-quantum public-key cryptographic schemes, i.e., public key cryptographic schemes which are still secure even in the presence of quantum computers.
In this presentation, we explain the general paradigm for constructing post-quantum public-key cryptographic schemes. As a concrete example, we show how to construct a public-key digital signature scheme based on a computational problem called isomorphism of polynomials with two secrets (IP2S) and explain how to prove the security of the scheme against quantum adversaries.
研究論文(研究会,シンポジウム資料等), 英語 - Generalization of Isomorphism of Polynomials with Two Secrets and Its Application to Public Key Encryption
Bagus Santoso
Post-Quantum Cryptography - 11th International Conference, PQCrypto 2020, Springer, LNCS巻, 12100号, 掲載ページ 340-359, 出版日 2020年04月15日, 査読付, Most of the public key encryption (PKE) schemes based on multivariate quadratic polynomials rely on Hidden Field Equation (HFE) paradigm. However, most of HFE based schemes have been broken in only several years just after their introduction. In this paper, we propose an alternative paradigm for constructing PKE based on multivariate quadratic polynomials. At the heart of our proposal is a new family of computational problems based on the generalization of Isomorphism of Polynomials with Two Secrets (IP2S) problem. The main computational problem in the new family is proven as hard as the original IP2S problem and is more robust, in the sense that we can associate it with circulant matrices as solutions without degrading its computational hardness too much, in contrast to the original IP2S problem which immediately becomes easy as soon as it is associated with circulant matrices. By associating it to circulant matrices, we obtain a Diffie-Hellman like structure which allows us to have an El-Gamal like PKE scheme.
研究論文(国際会議プロシーディングス), 英語 - Secrecy Amplification of Distributed Encrypted Sources With Correlated Keys Using Post-Encryption-Compression
Bagus Santoso; Yasutada Oohama
IEEE Transactions on Information Forensics and Security, IEEE, 14巻, 11号, 掲載ページ 3042-3056, 出版日 2019年11月, 査読付
研究論文(学術雑誌), 英語 - Information Theoretic Security for Broadcasting of Two Encrypted Sources under Side-Channel Attacks
Bagus Santoso; Yasutada Oohama
Entropy, MDPI, 21巻, 8号, 掲載ページ 781, 出版日 2019年08月, 査読付
研究論文(学術雑誌), 英語 - Secure Broadcasting of Two Encrypted Sources under Side-Channel Attacks
Bagus Santoso; Yasutada Oohama
IEEE International Symposium on Information Theory, ISIT 2019, IEEE, 2019巻, 掲載ページ 305-309, 出版日 2019年07月07日, 査読付
研究論文(国際会議プロシーディングス), 英語 - Information Theoretic Security for Shannon Cipher System under Side-Channel Attacks
Bagus Santoso; Yasutada Oohama
Entropy, MDPI, 21巻, 5号, 掲載ページ 469, 出版日 2019年05月, 査読付
研究論文(学術雑誌), 英語 - A New Family of Isomorphism of Polynomials and Its Application to Public Key Encryption Scheme
BAGUS SANTOSO
信学技報, 電子情報通信学会, 118巻, 478号, 掲載ページ 33-38, 出版日 2019年03月07日
研究論文(研究会,シンポジウム資料等), 英語 - 任意の環におけるイデアル格子問題に基づいた本人確認方式
竹牟禮 薫; バグス サントソ
信学技報, 信学技報, 118巻, 478号, 掲載ページ 39-44, 出版日 2019年03月, イデアル格子問題に基づいた本人確認方式は、多くの方式がRing-SIS問題やRing-LWE問題を基にして構築されている。これらの方式のほとんどは、構築時に扱う多項式環$mathbb{Z}_q[{bf x}]/langle {bf f} rangle$について、用いるモニック既約多項式${bf f}$を明確に示す必要がある。この場合、安全性は具体的に設定した${bf f}$ただ一つについてしか証明されない。2016年にLyubashevskyによって提案された電子署名方式は、安全性が${bf f}$の次数のみに依存し、構築時に具体的な${bf f}$を設定する必要がなく、安全性を複数の${bf f}$で保障できる。本研究では、Lyubashevskyの方式をベースに新たな本人確認方式を提案した。また、concurrent active attack上のなりすましに対して安全と証明するために、安全性証明の根拠となる困難性の仮定として、既存研究でLyubashevskyが導入した多項式環$mathbb{Z}_q[{bf x}]$上のRing-SIS問題を参考に、多項式環$mathbb{Z}_q[{bf x}]$上の衝突問題を導入した。
研究論文(研究会,シンポジウム資料等), 日本語 - Measuring Security of Symmetric Encryption Schemes Against On-the-Fly Side-Channel Key-Recovery Attacks
Bagus Santoso; Yasutada Oohama; Chunhua Su
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 11928 LNCS巻, 掲載ページ 3-17, 出版日 2019年, 査読付, © 2019, Springer Nature Switzerland AG. In this paper, we propose a framework to analyze the security of symmetric encryption schemes against an adversary which attempts to recover the secret key by mounting side-channel attacks. In our adversarial side-channel model, the adversary is allowed to eavesdrop the public communication channel to obtain the ciphertexts and to collect on-the-fly some information about the secret keys of the scheme via measurement of certain physical phenomenon induced by the physical device, when the device is running the encryption process. Based on our framework, we derive the maximum success probability of the adversary to recover the secret keys. Our analysis does not assume any computation or storage limitation on the adversary and uses the bandwidths of the public communication channel and side-channel as the parameters. Hence, our results apply even in the case of quantum adversaries. Though in our framework the adversary does not have full control of the physical device, our framework is entirely independent of the type of physical phenomenon observed by the adversary and also of the method used by the adversary, which is interesting in its own right.
研究論文(国際会議プロシーディングス) - A New Identification Scheme based on Syndrome Decoding Problem with Provable Security against Quantum Adversaries.
Bagus Santoso; Chunhua Su
J. UCS, 25巻, 3号, 掲載ページ 294-308, 出版日 2019年, 査読付
研究論文(学術雑誌), 英語 - A New Three-Pass Code-based Zero-Knowledge Identification Scheme with Cheating Probability of Exactly Half
Bagus Santoso
International Symposium on Information Theory and Its Applications (ISITA), ISITA2018巻, Tu-PM-1-2号, 掲載ページ 2-2, 出版日 2018年10月28日, 査読付
研究論文(国際会議プロシーディングス), 英語 - Post Encryption Compression with Affine Encoders for Secrecy Amplification in Distributed Source Encryption with Correlated Keys
Bagus Santoso; Yasutada Oohama
International Symposium on Information Theory and Its Applications (ISITA), ISITA2018巻, We-PM-2-4号, 掲載ページ 1-1, 出版日 2018年10月28日, 査読付
研究論文(国際会議プロシーディングス), 英語 - Entanglement Between Hash Encodings and Signatures from ID Schemes with Non-binary Challenges: A Case Study on Lightweight Code-Based Signatures
Bagus Santoso; Taiyo Yamaguchi; Tomoyuki Ohkubo
Information Security Practice and Experience - 14th International Conference, ISPEC 2018, Springer, LNCS巻, 11125号, 掲載ページ 248-262, 出版日 2018年09月25日, 査読付
研究論文(国際会議プロシーディングス), 英語 - Extension of Easy-to-Understand Structure for Chosen-Ciphertext-Attack Security from Decisional Diffie-Hellman Assumption
Daisuke Ueda; Bagus Santoso
信学技報, 電子情報通信学会, IEICE-ISEC2018-59巻, IEICE-118号, 掲載ページ 43-50, 出版日 2018年09月07日
研究論文(研究会,シンポジウム資料等), 英語 - Reviving identification scheme based on isomorphism of polynomials with two secrets: A refined theoretical and practical analysis
Bagus Santoso
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Institute of Electronics, Information and Communication, Engineers, IEICE, E101A巻, 5号, 掲載ページ 787-798, 出版日 2018年05月01日, 査読付, The isomorphism of polynomials with two secret (IP2S) problem is one candidate of computational assumptions for post-quantum cryptography. The idea of identification scheme based on IP2S is firstly introduced in 1996 by Patarin. However, the scheme was not described concretely enough and no more details are provided on how to transcribe the idea into a real-world implementation. Moreover, the security of the scheme has not been formally proven and the originally proposed security parameters are no longer secure based on the most recent research. In this paper, we propose a concrete identification scheme based on IP2S with the idea of Patarin as the starting point. We provide formal security proof of the proposed scheme against impersonation under passive attack, sequential active attack, and concurrent active attack. We also propose techniques to reduce the implementation cost such that we are able to cut the storage cost and average communication cost to an extent that under parameters for the standard 80-bit security, the scheme is implementable even on the lightweight devices in the current market. key words: post-quantum cryptography, Isomorphism of Polynomials, multivariate cryptography, identification scheme, zero knowledge proof.
研究論文(学術雑誌), 英語 - Provably Secure Code-Based Signature Schemes via Fiat-Shamir Transform with Theoretical and Practical Analysis on Hash Encodings
Taiyo Yamaguchi; Bagus Santoso
IEICE Technical Report, IEICE, IEICE-117巻, 202号, 掲載ページ 35-42, 出版日 2017年09月04日
研究論文(研究会,シンポジウム資料等), 英語 - 2進数体上の符号と多変数多項式による公開鍵暗号方式の新たな構成法
大久保智之; バグス サントソ
信学技報, IEICE, IEICE-117巻, no.202号, 掲載ページ 29-33, 出版日 2017年08月28日
研究論文(研究会,シンポジウム資料等), 日本語 - Privacy Amplification of Distributed Encrypted Sources with Correlated Keys
Bagus Santoso; Yasutada Oohama
IEEE International Symposium on Information Theory, IEEE, 掲載ページ 1-5, 出版日 2017年06月26日, 査読付
研究論文(国際会議プロシーディングス), 英語 - Provable Secure Signature Scheme against Quantum Adversaries based on Decisional Isomorphism of Polynomials with Two Secrets
Bagus Santoso
TECHNICAL REPORT OF IEICE, 信学技報, 116巻, 505号, 掲載ページ 149-154, 出版日 2017年03月02日
研究論文(研究会,シンポジウム資料等), 英語 - Universally Composable RFID Mutual Authentication
Chunhua Su; Bagus Santoso; Yingjiu Li; Robert H. Deng; Xinyi Huang
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, IEEE COMPUTER SOC, 14巻, 1号, 掲載ページ 83-94, 出版日 2017年01月, 査読付, Universally Composable (UC) framework provides the strongest security notion for designing fully trusted cryptographic protocols, and it is very challenging on applying UC security in the design of RFID mutual authentication protocols. In this paper, we formulate the necessary conditions for achieving UC secure RFID mutual authentication protocols which can be fully trusted in arbitrary environment, and indicate the inadequacy of some existing schemes under the UC framework. We define the ideal functionality for RFID mutual authentication and propose the first UC secure RFID mutual authentication protocol based on public key encryption and certain trusted third parties which can be modeled as functionalities. We prove the security of our protocol under the strongest adversary model assuming both the tags' and readers' corruptions. We also present two (public) key update protocols for the cases of multiple readers: one uses Message Authentication Code (MAC) and the other uses trusted certificates in Public Key Infrastructure (PKI). Furthermore, we address the relations between our UC framework and the zero- knowledge privacy model proposed by Deng et al. [1].
研究論文(学術雑誌), 英語 - Provable secure post-quantum signature scheme based on isomorphism of polynomials in quantum random oracle model
Bagus Santoso; Chunhua Su
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Lecture Notes in Computer Science, 10592 LNCS巻, 掲載ページ 271-284, 出版日 2017年, 査読付, © 2017, Springer International Publishing AG. Since a quantum adversary is supposed to be able to perform hash computation with superposition of the quantum bits, it is natural that in random oracle model, the reduction algorithm for security proof should allow the quantum adversary to query random oracle in superposition of quantum bits. However, due to physical nature of quantum states, any observation on a superposition of quantum bits will be noticed by quantum adversaries. Hence, to simulate the true random oracle, the reduction algorithm has to answer the queries without observing their content. This makes the classical reduction algorithms fail to properly perform rewinding and random oracle programming against quantum adversaries and it has been shown recently that several signature schemes generated by Fiat-Shamir transformation might be insecure against quantum adversaries although they have been proven secure in classical setting against classical adversaries. In this paper, we propose a method to construct reduction algorithm without rewinding of quantum adversary and such that the random oracle programming is unnoticeable by the quantum adversary except with negligible probability. We show the feasibility of our method by applying it on signature scheme generated via Fiat-Shamir transformation of an identification scheme whose security is based on the decisional problem of isomorphism of polynomials with two secrets.
研究論文(国際会議プロシーディングス), 英語 - Refining identification scheme based on isomorphism of polynomials with two secrets: A new theoretical and practical analysis
Bagus Santoso
AsiaPKC 2016 - Proceedings of the 3rd ACM International Workshop on ASIA Public-Key Cryptography, Co-located with Asia CCS 2016, Association for Computing Machinery, Inc, ASIAPKC巻, 掲載ページ 31-38, 出版日 2016年05月30日, 査読付, The isomorphism of polynomials with two secret (IP2S) problem is one candidate of computational assumptions for postquantum cryptography. The only identification scheme based on IP2S is introduced in 1996 by Patarin. However, the security of the scheme has not been formally proven and we discover that the originally proposed parameters are no longer secure based on the most recent research. In this paper, we present the first formal security proof of identification scheme based on IP2S against impersonation under passive attack, sequential active attack, and concurrent active attack. We propose new secure parameters and methods to reduce the implementation cost. Using the proposed methods, we are able to cut the storage cost and average communication cost in a drastic way that the scheme is implementable even on the lightweight devices in the current market.
研究論文(国際会議プロシーディングス), 英語 - Revisiting Isomorphism of Polynomials with Two Secrets
Bagus Santoso
信学技報, The Institute of Electronics, Information and Communication Engineers, 115巻, 501号, 掲載ページ 67-74, 出版日 2016年03月03日, The isomorphism of polynomials with two secret (IP2S) problem is one candidate of computational assumptions for post-quantum cryptography. In 1996, Patarin introduced the identification scheme based on IP2S problem
in the form of interactive zero-knowledge proof. However, the security of the scheme is not entirely clear since the
scheme has not been formally proven secure against adversarial scenarios towards identification scheme.
In this paper, we propose a new identification scheme which is essentially a generalization of the Patarin’s identification
scheme. In the new scheme, the prover may have a secret key with a public restricted format. In order to accommodate this new scheme, we extend the IP2S problem into a more general problem and prove the security of the new
scheme against impersonation under passive, sequential active, and concurrent active attacks. We propose new secure
parameters and several methods to reduce the implementation cost. Using the proposed methods, we successfully
obtain huge cuts on the storage cost and average communication cost which opens the possibility of implementation
of the proposed scheme on lightweight devices.
研究論文(研究会,シンポジウム資料等), 英語 - Revisiting Isomorphism of Polynomials with Two Secrets: towards a Shorter Zero Knowledge Protocol
Bagus Santoso
2016 Symposium on Cryptography and Information Security, 1D1-4号, 掲載ページ 1-6, 出版日 2016年01月19日
研究論文(研究会,シンポジウム資料等), 英語 - An Efficient Authentication for Lightweight Devices by Perfectiong Zero-Knwoledgeness
Bagus Santoso; Kazuo Ohta; Kazuo Sakiyama; Goichiro Hanaoka
IEICE Trans. Fundamentals, E94-A巻, 1号, 掲載ページ 92-103, 出版日 2011年01月
研究論文(学術雑誌), 英語 - Improving Efficiency of An 'On the Fly' Identification Scheme by Perfecting Zero-Knowledgenes
Bagus Santoso; Kazuo Ohta; Kazuo Sakiyama; Goichiro Hanaoka
Proc. RSA Conference 2010, LNCS巻, 5985号, 掲載ページ 284-301, 出版日 2010年03月
研究論文(国際会議プロシーディングス), 英語
講演・口頭発表等
- 部分ラテン方陣完成問題に基づいたカードベース対話証明プロトコル
谷口 太一; サントソ バグス; 横田 明卓
口頭発表(一般), 日本語, 2024年 暗号と情報セキュリティシンポジウム
発表日 2024年01月25日
開催期間 2024年01月23日- 2024年01月26日 - 新たなNP困難な Morphism of Polynomials 問題に基づいた本人確認方式
横田 明卓; 竹牟禮 薫; Bagus Santoso
口頭発表(一般), 2023年 暗号と情報セキュリティシンポジウム
発表日 2023年01月25日
開催期間 2023年01月24日- 2023年01月27日 - New Post-Quantum Digital Signature Scheme based on MinRank Problem
Bagus Santoso; Yasuhiko Ikematsu; Shuhei Nakamura; Takanori Yasuda
口頭発表(一般), 英語, 2022 Symposium on Cryptography and Information Security (SCIS 2022), 国内会議
発表日 2022年01月18日 - MinRank Based Three-Pass Identification Scheme with Half Cheating Probability
Bagus Santoso; Yasuhiko Ikematsu; Shuhei Nakamura; Takanori Yasuda
口頭発表(一般), 英語, Computer Security Symposium 2021 (CSS 2021), In Asiacrypt 2001, Courtois proposed the first three-pass zero-knowledge identification (ID)
scheme based on the MinRank problem. However, in Courtois’ basic ID scheme, the cheating probabil-
ity, i.e., the success probability of cheating prover, is 2/3, which is larger than half. Although Courtois
also proposed a variant scheme which is claimed to have half cheating probability, the security of the variant
scheme is not formally proven and it requires another hardness assumption on a specific one-way function and
also an additional assumption that verifier always generates challenges according to a specific distribution.
In this paper, we propose the first three-pass zero-knowledge ID scheme based on the MinRank problem with
the cheating probability of exactly half even with only two-bit challenge space, without any additional as-
sumption. Our proposed ID scheme reduces the necessary number of rounds in order to achieve the targeted
security level against impersonation., 国内会議
発表日 2021年10月26日 - Shannonワンタイムパッド暗号に置ける秘匿性の必要十分条件の再考察
和田一生; バグス サントソ
口頭発表(一般), 日本語, 2020 暗号と情報セキュリティシンポジウム, 国内会議
発表日 2020年01月31日 - 事前通信モデルにおけるペアリングを用いない集約署名
竹牟禮 薫; 坂井 祐介; Bagus Santoso; 花岡 悟一郎; 太田 和夫
口頭発表(一般), 日本語, 2020 暗号と情報セキュリティシンポジウム, 国内会議
発表日 2020年01月29日 - 単純な構造をもった公開鍵暗号方式の単純化
上田 大輔; バグス サントソ
口頭発表(一般), 日本語, 2020 暗号と情報セキュリティシンポジウム, 国内会議
発表日 2020年01月28日 - Concurrently Secure Identification Schemes Based on the Hardness of Ideal Lattice Problems in all Rings and a General Simulatable Sampling
Kaoru Takemure; Bagus Santoso
ポスター発表, 英語, SYMPOSIUM ON INFORMATION THEORY AND ITS APPLICATIONS (SITA) 2019, 国内会議
発表日 2019年12月26日 - Post-Quantum Cryptography for Internet of Things (IoT): Next Generation Cryptography for Next Generation Network
Bagus Santoso
口頭発表(招待・特別), 英語, ECTI-UEC Workshop, 招待, 国際会議
発表日 2019年09月06日 - LWE暗号の計算機における安全性評価
荒井嵩博; バグス サントソ
ポスター発表, 日本語, 情報理論とその応用シンポジウム 2019, 国際会議
発表日 2019年01月24日 - A New Family of Isomorphism of Polynomials and Its Applications to Public Key Encryption Scheme
BAGUS SANTOSO
口頭発表(一般), 英語, 2019 Symposium on Cryptography and Information Security, In this paper, we propose a new family of computational problems based on a generalization of Isomorphism of Polynomials with Two Secrets (IP2S) problem. Our generalized problem is as hard as the original IP2S problem and provides more freedom on setting the structure and the size of the solutions. Since IP2S problem is supposed to be hard against quantum adversaries, our generalized problem is also supposed to be hard against quantum adversaries. Furthermore, we develop several new computational problems derived from the generalized problem and based on these derived problems, we propose a new paradigm to construct public key cryptographic scheme and identification scheme by making use the commutative property of circulant matrices. The robustness of our proposed problems allows us to use them with circulant matrices without degrading the hardness of the problems too much, in contrast to the original IP2S problem which becomes easy when it is used with circulant matrices., 国内会議
発表日 2019年01月24日 - Another Look at One-More Discrete Logarithm Problem in Generic Model
BAGUS SANTOSO
口頭発表(一般), 英語, 2019 Symposium on Cryptography and Information Security, 国内会議
発表日 2019年01月23日 - 符号ベース暗号方式と多変数多項式ベース暗号方式を組み合わせた暗号方式の構築法
大久保 智之; バグス サントソ
口頭発表(一般), 日本語, 2019暗号と情報セキュリティシンポジウム, ICICS 2015で安田らは多変数多項式ベース暗号方式SRPを提案した。暗号方式SRPは、多変数多項式ベース暗号方式Squareを、多変数多項式ベース署名方式Rainbowを暗号方式に応用したRainbow-Plus(RP)構造と組み合わせたものである。しかし、暗号方式SRPは、SAC 2017でPerlnerらが提案したMin-Q-Rank攻撃によって破られた。PQCrypto 2018で池松らは多変数多項式べース暗号HFEをRP構造と組み合わせた暗号方式HFERPを提案した。単体の暗号方式HFEはMin-Q-Rankによって破られているにも関わらず、暗号方式HFERPは実験でMin-Q-Rank攻撃に対して安全であると示された。本研究は、RP構造を暗号方式の安全性強化手法とみなし、符号ベース暗号方式McElieceとRP構造を組み合わせた新たな暗号方式McEliece-RPを提案した。提案方式に対してグレブナー基底攻撃を行い、攻撃時間とグレブナー基底の計算におけるDegree of Regularityを計測し、グレブナー基底攻撃に対する安全性を評価した。, 国内会議
発表日 2019年01月22日 - 任意の環におけるイデアル格子問題に基づいた本人確認方式
竹牟禮 薫; バグス サントソ; 荒井 嵩博
口頭発表(一般), 日本語, 2019年暗号と情報セキュリティシンポジウム, イデアル格子問題を基にした方式には,主に Ring-SIS 問題や Ring-LWE 問題が用いられる が,これらは多項式環 Zq[x]/f 上で扱われる.また,これらの問題の難しさは f-SVP 問題の難しさに よって保証されているが,多項式環の設定時に選ぶ多項式 f によってその難しさは変動する.多くの多 項式 f によって方式の安全が保証されていれば便利であり,2016 年に Lyubashevsky は任意の環におけ るイデアル格子問題を基にした電子署名方式を提案した.本研究では,Lyubashevsky の方式をベースに 新たな本人確認方式を提案した.ただし,本研究では安全性証明の効率を向上するために,安全性証明 における困難性の仮定として,既存研究で Lyubashevsky が導入した任意の環上の Ring-SIS 問題の代わ りに,任意の環のイデアル格子の衝突問題を使用した.提案方式は,concurrent active attack 上のなり すましに対して安全と証明された, 国内会議
発表日 2019年01月22日 - Code-based Identification Scheme with Security against Quantum Adversaries under Fully Concurrent Active Attacks
BAGUS SANTOSO
口頭発表(一般), 英語, SYMPOSIUM ON INFORMATION THEORY AND ITS APPLICATIONS (SITA) 2018, 国内会議
発表日 2018年12月19日 - 量子通信、量子コンピュータ、と暗号技術
バグス サントソ
公開講演,セミナー,チュートリアル,講習,講義等, 日本語, 第14回本庄国際小学財団ワークショップ, 招待, 本庄国際財団, 東京, 科学の進歩がもたらした情報化社会において、私たちは日常的に膨大な量の情報を収集し、配布し、処理している。一方、最近の物理学の進歩により、量子レベルで物事をコントロールできるようになり、この能力は新たな技術を生み出した。量子コンピュータと量子通信である。
さらに研究者たちは新たな発見を発表した。新しい量子技術が、情報処理と通信の質を向上させる反面、情報の安全性とプライバシーに脅威をもたらしている。一言で言えば、私たちのセキュリティとプライバシーを保護する
ほぼすべての標準技術は、量子コンピュータによって効率的に破壊される可能性があある。
この講演では、これらの新しい量子技術の二面性、情報通信のための新しい量子技術によってもたらされる利点とセキュリティの脅威について説明します。さらに、情報技術の進歩と情報セキュリティとの密接な関係、また講演者の専門である耐量子暗号についても簡単に紹介します。
発表日 2018年11月10日 - Distributed Privacy Amplification of Encrypted Multiple Sources with Correlated Keys
Yasutada Oohama; Bagus Santoso
口頭発表(一般), 英語, 第39回情報理論とその応用シンポジウム, 電子情報通信学会, 国内会議
発表日 2016年12月14日 - Revisiting Isomorphism of Polynomials with Two Secrets: towards a Shorter Zero Knowledge Protocol
BAGUS SANTOSO
口頭発表(一般), 英語, 国内会議
発表日 2016年01月19日
担当経験のある科目_授業
所属学協会
共同研究・競争的資金等の研究課題
- IoT社会の高度化に必要な多端子情報理論と暗号理論を柱とした安全通信理論の構築
大濱 靖匡
日本学術振興会, 科学研究費助成事業, 電気通信大学, 基盤研究(B), IoTの急速な進歩により,悪意を持った第三者(以後敵と記す)のハードウェア攻撃とよばれる暗号系への物理的アクセスが高度化かつ多様化し,秘密情報漏えいの危険性が著しく増大している.本研究は,この問題の根本的解決に挑む.具体的には多端子情報理論と暗号理論を基盤として IoT 環境下での情報漏えいの理論的モデルを構築する.このモデルに基づき,敵から想定される最大級の攻撃を受けた場合も,既存暗号系を変更せずに秘密情報の漏れを防止し,安全通信を維持できるための理論的条件と維持の具体的方法とを与える.理論結果の導出では,研究代表者が開発した独自の手法を更に発展させた手法を用いる.また,理論の検証と実用化への見通しを目的として,IoT 環境下における暗号通信系を実システムあるいは計算機上の仮想システムとして実現して通信実験を行う., 18H01438
研究期間 2018年04月01日 - 2023年03月31日 - New Paradigm to Construct Public Key Cryptographic Schemes for Lightweight Devices with Provable Security against Quantum Attackers
バグス サントソ
日本学術振興会, 科学研究費助成事業, 電気通信大学, 基盤研究(C), Public Key Cryptographic (PKC) schemes are an essential technology to build secure communication in networks. However, it has been proven that quantum computers can break all current standard PKC schemes, and moreover, the research on developing practical quantum computers has been gaining momentum in recent years. The main goal of this proposed research is to develop a new paradigm based on (1) computational problems in the binary field which are hard even for quantum computers, and (2) a new framework for proving security against quantum computers, to overcome those flaws and then use it to construct new PKC schemes which require small costs for implementation and are equipped with concrete security proof against quantum computers. As application target, we expect that the results of this project can be applied to secure communication between lightweight devices against quantum computers in networks comprising a large variety of devices such as the Internet of Things (IoT)., 18K11292
研究期間 2018年04月01日 - 2022年03月31日