萩原 学

The code length of Tardos's collusion-secure fingerprint code is of theoretically minimal order with respect to the number of adversarial users (pirates). However, the constant factor should be further reduced for practical implementation. In this article, we improve the tracing algorithm of Tardos's code and propose a 2-secure and short random fingerprint code, which is secure against collusion attacks by two pirates. Our code length is significantly shorter than that of Tardos's code and its tracing error probability is practically small.

In this paper, we give and explain some illustrative examples of research topics where error-correcting codes overlap with cryptography. In some of these examples, error-correcting codes employed in the implementation of secure cryptographic protocols. In the others, the codes are used in attacks against cryptographic schemes. Throughout this paper, we show the interrelation between error-correcting codes and cryptography, as well as point out the common features and the differences between these two fields.

In this paper, we study a key establishment scheme with quasi-cyclic (QC) low-density parity-check (LDPC) codes and universal hushing (UH) protocols. We show probabilities that different keys are shared by our error-correction and a privacy amplification scheme for a given key distribution scheme, and we propose a permutation technique that the probability becomes lower.

Digital watermarking techniques have been used for preventing an illegal copying and re-distributing of contents. A collusion attack is a strong attack against digital watermarking schemes. To prevent such attacks, a collusion secure fingerprint code can be used. Collusion secure fingerprint code have been studied widely and many codes have been proposed. However, a code length of them axe too long to embed it into a content using digital watermarking. In this paper, we propose a very short 3-secure fingerprint code. The code length is 128 bit. The tracing algorithm is based on a group testing algorithm. The feature of the tracing algorithm is that the tracing algorithm is deterministic. We evaluate the performance of the code by a computer simulation. The results of the simulation show that the success probability of the code is about 99.43 % against major three attacks.

These days, quantum secret communication algorithms different from quantum key distribution protocol have been proposed, which are called quantum secure direct communication protocols. These do not aim to have a key agreement between two communicators, but, to send a secret message directly using quantum devices. In this paper, we propose a new quantum secret direct communication protocol which has advantages over the current ones and also discuss its security analysis against the man-in-the-middle attack.

The construction of an infinite number of nonstabilizer codes of Clifford type was given for the first tithe by the authors. However, the method of construction was restricted to encoding from odd prime p-level quantum states to 2p-level states. In this paper, the result is extended to the construction of nonstabilizer-type quantum codes which encode quantum states of arbitrary odd 2j+1-level to quantum states of 2h(2j+1)-level, where h are mutually prime 2j+1. (C) 2006 Wiley Periodicals, Inc.

The notion of key-privacy for encryption schemes was formally defined by Bellare, Boldyreva, Desai and Pointcheval in Asiacrypt 2001. This security notion has the application possibility in circumstances where anonymity is important. In this paper, we investigate the key-privacy issues of McEliece public-key encryption and its significant variants. To our best knowledge, it is the first time to consider key-privacy for such code-based public-key encryption, in the literature. We examine that the key-privacy is not available in the plain McEliece scheme, but can be achieved by some modification, with showing a rigorous proof. We believe that key-privacy confirmation will further magnify the application of McEliece and other code-based cryptography.

We give a tracing algorithm for 2-secure probabilistic fingerprinting codes with the property that it never accuses innocent users when there are up to 2 attackers. Moreover, by using our code and tracing algorithm, innocent users are also unlikely to be accused even if either the number of attackers or attackers' abilities exceed our assumption. Our code is the first example of collusion-secure fingerprinting codes with both of these two properties. Furthermore, our code has shorter length among the preceding 2-secure codes, and possesses further properties desirable in a practical use.

In this paper, a construction of a pair of quasicyclic LDPC codes to construct a quantum error-correcting code is proposed. Our construction method is based on algebraic combinatorics and have lots of variations for length, code rated

In this paper, we propose a variant of Tardos code which is practical for various applications against a small number of pirates. As an example of our results, for c = 5, the code length becomes only 1500log(1/epsilon) bits while the conventional Tardos code requires 2500 log(1/epsilon) bits, where c is a security parameter. Furthermore our codes do not need a continuous distribution which is needed to construct the original Tardos codes. Our codes are based on a simple random variable drawn from a small set. It implies that it makes to implement and to perform a simulation extremely easier than the original one.

A chaffing-and-winnowing is a cryptographic scheme which does not require encryption but instead use a message authentication code (MAC) to provide the same function as encryption. In this paper, we discuss and introduce some new insights in the relationship between unconditionally secure authentication codes (A-code) and unconditionally secure encryption schemes through observing the mechanisms of chaffing-and-winnowing. Particularly, we show through chaffing-and-winnowing that an A-code with a security level considerably low stands equivalently for an encryption scheme with perfect secrecy, and a fully secure authentication scheme implies both perfect secrecy and non-malleability for an encryption scheme in the unconditionally secure setting.

A minuscule heap is a partially ordered set, together with a labeling of its elements by the nodes of a Dynkin diagram, satisfying certain conditions derived by J. Stembridge. This paper classifies the minuscule heaps over the Dynkin diagram of type (A) over tilde.