Time-Specific Encryption with Constant-Size Secret-Keys Secure under Standard Assumption

In Time-Specific Encryption (TSE) [Paterson and Quaglia, SCN\u2710] system, each secret-key (resp. ciphertext) is associated with a time period t s.t. 0<=t<=T-1 (resp. a time interval [L,R] s.t. 0<=L<=R<=T-1. A ciphertext under [L,R] is correctly decrypted by any secret-key for any time t included in the interval, i.e., L<=t<=R. TSE\u27s generic construction from identity-based encryption (IBE) (resp. hierarchical IBE (HIBE)) from which we obtain a concrete TSE scheme with secret-keys of O(log T)|g| (resp. O(log^2 T)|g|) and ciphertexts of size O(log T)|g| (resp. O(1)|g|) has been proposed in [Paterson and Quaglia, SCN\u2710] (resp. [Kasamatsu et al., SCN\u2712]), where |g| denotes bit length of an element in a bilinear group G. In this paper, we propose another TSE\u27s generic construction from wildcarded identity-based encryption (WIBE). Differently from the original WIBE ([Abdalla et al., ICALP\u2706]), we consider WIBE w/o (hierarchical) key-delegatability. By instantiating the TSE\u27s generic construction, we obtain the first concrete scheme with constant-size secret-keys secure under a standard (static) assumption. Specifically, it has secret-keys of size O(1)|g| and ciphertexts of size O(log^2 T)|g|, and achieves security under the decisional bilinear Diffie-Hellman (DBDH) assumption

Downgradable Identity-Based Signatures and Trapdoor Sanitizable Signatures from Downgradable Affine MACs

Affine message authentication code (AMAC) (CRYPTO\u2714) is a group-based MAC with a specific algebraic structure. Downgradable AMAC (DAMAC) (CT-RSA\u2719) is an AMAC with a functionality that we can downgrade a message with an authentication tag while retaining validity of the tag. In this paper, we revisit DAMAC for two independent applications, namely downgradable identity-based signatures (DIBS) and trapdoor sanitizable signatures (TSS) (ACNS\u2708). DIBS are the digital signature analogue of downgradable identity-based encryption (CT-RSA\u2719), which allow us to downgrade an identity associated with a secret-key. In TSS, an entity given a trapdoor for a signed-message can partially modify the message while keeping validity of the signature. We show that DIBS can be generically constructed from DAMAC, and DIBS can be transformed into (wildcarded) hierarchical/wicked IBS. We also show that TSS can be generically constructed from DIBS. By instantiating them, we obtain the first wildcarded hierarchical/wicked IBS and the first invisible and/or unlinkable TSS. Moreover, we prove that DIBS are equivalent to not only TSS, but also their naive combination, named downgradable identity-based trapdoor sanitizable signatures

Detecting Machine-Translated Text using Back Translation

Machine-translated text plays a crucial role in the communication of people using different languages. However, adversaries can use such text for malicious purposes such as plagiarism and fake review. The existing methods detected a machine-translated text only using the text's intrinsic content, but they are unsuitable for classifying the machine-translated and human-written texts with the same meanings. We have proposed a method to extract features used to distinguish machine/human text based on the similarity between the intrinsic text and its back-translation. The evaluation of detecting translated sentences with French shows that our method achieves 75.0% of both accuracy and F-score. It outperforms the existing methods whose the best accuracy is 62.8% and the F-score is 62.7%. The proposed method even detects more efficiently the back-translated text with 83.4% of accuracy, which is higher than 66.7% of the best previous accuracy. We also achieve similar results not only with F-score but also with similar experiments related to Japanese. Moreover, we prove that our detector can recognize both machine-translated and machine-back-translated texts without the language information which is used to generate these machine texts. It demonstrates the persistence of our method in various applications in both low- and rich-resource languages.Comment: INLG 2019, 9 page

VoteTRANS: Detecting Adversarial Text without Training by Voting on Hard Labels of Transformations

Adversarial attacks reveal serious flaws in deep learning models. More dangerously, these attacks preserve the original meaning and escape human recognition. Existing methods for detecting these attacks need to be trained using original/adversarial data. In this paper, we propose detection without training by voting on hard labels from predictions of transformations, namely, VoteTRANS. Specifically, VoteTRANS detects adversarial text by comparing the hard labels of input text and its transformation. The evaluation demonstrates that VoteTRANS effectively detects adversarial text across various state-of-the-art attacks, models, and datasets.Comment: Findings of ACL 2023 (long paper

Spherical Gaussian Leftover Hash Lemma via the Rényi Divergence

Agrawal et al. (Asiacrypt 2013) proved the discrete Gaussian leftover hash lemma, which states that the linear transformation of the discrete spherical Gaussian is statistically close to the discrete ellipsoid Gaussian. Showing that it is statistically close to the discrete spherical Gaussian, which we call the discrete spherical Gaussian leftover hash lemma (SGLHL), is an open problem posed by Agrawal et al. In this paper, we solve the problem in a weak sense: we show that the distribution of the linear transformation of the discrete spherical Gaussian and the discrete spherical Gaussian are close with respect to the Rényi divergence (RD), which we call the weak SGLHL (wSGLHL). As an application of wSGLHL, we construct a sharper self-reduction of the learning with errors problem (LWE) problem. Applebaum et al. (CRYPTO 2009) showed that linear sums of LWE samples are statistically close to (plain) LWE samples with some unknown error parameter. In contrast, we show that linear sums of LWE samples and (plain) LWE samples with a known error parameter are close with respect to RD. As another application, we weaken the independence heuristic required for the fully homomorphic encryption scheme TFHE

A New (k,n)(k,n)-Threshold Secret Sharing Scheme and Its Extension

In Shamir\u27s $(k,n)$-threshold secret sharing scheme (threshold scheme), a heavy computational cost is required to make $n$ shares and recover the secret. As a solution to this problem, several fast threshold schemes have been proposed. This paper proposes a new (k,n)$-threshold scheme. For the purpose to realize high performance, the proposed scheme uses just EXCLUSIVE-OR(XOR) operations to make shares and recover the secret. We prove that the proposed scheme is a {\it perfect} secret sharing scheme, every combination of$k$or more participants can recover the secret, but every group of less than$k$participants cannot obtain any information about the secret. Moreover, we show that the proposed scheme is an {\it ideal} secret sharing scheme similar to Shamir\u27s scheme, which is a {\it perfect} scheme such that every bit-size of shares equals that of the secret. We also evaluate the efficiency of the scheme, and show that our scheme realizes operations that are much faster than Shamir\u27s. Furthermore, from the aspect of both computational cost and storage usage, we also introduce how to extend the proposed scheme to a new$(k,L,n)$-threshold {\it ramp} scheme similar to the existing {\it ramp} scheme based on Shamir\u27s scheme

Evaluation of Code-based Signature Schemes

Code-based cryptographic schemes recently raised to prominence as quantum-safe alternatives to the currently employed number-theoretic constructions, which do not resist quantum attacks. In this article, we discuss the Courtois-Finiasz-Sendrier signature scheme and derive code-based signature schemes using the Fiat-Shamir transformation from code-based zero-knowledge identification schemes, namely the Stern scheme, the Jain-Krenn-Pietrzak-Tentes scheme, and the Cayrel-Veron-El Yousfi scheme. We analyze the security of these code-based signature schemes and derive the security parameters to achieve the 80-bit and 128-bit level of classical security. To derive the secure parameters, we have studied the hardness of Syndrome Decoding Problem. Furthermore, we implement the signature schemes, based on the Fiat-Shamir transform, which were mentioned above, and compare their performance on a PC

Re-Evaluating Internet Users’ Information Privacy Concerns: The Case in Japan

To expand the understanding of privacy concerns in the digital sphere, this paper makes use of the Internet Users’ Information Privacy Concerns (IUIPC) model by Malhotra et al. (2004). The lack of empirical studies conducted in East-Asian societies makes it difficult, if not impossible, to shed light on multi-cultural differences in information privacy concerns of internet users. Therefore, we collected data of more than 9,000 Japanese respondents to conduct a conceptual replication of the IUIPC model. For our research goal, we re-assess the validity and reliability of the IUIPC model for Japan and compare the results with internet users\u27 privacy concerns in the USA. Our results indicate that the second-order IUIPC construct, measured reflectively through the constructs awareness, collection, and control, is reliable and valid. Furthermore, three out of the five structural paths of the IUIPC model were confirmed for our Japanese sample. In contrast to the original study, the impact of IUIPC on trusting beliefs, as well as that of trusting beliefs on risk beliefs was negligible. Statistically significant differences in the IUIPC could only be found for the covariate gender