Designing a protocol to exchange a secret key is one of the most fundamental subjects in cryptography. Using a random deal of cards, pairs of card players (agents) can share secret keys that are information-theoretically secure against an eavesdropper. A key set protocol, which uses a random deal of cards, can perform an Eulerian secret key exchange, in which the pairs of players sharing secret keys form an Eulerian circuit passing through all players. Along the Eulerian circuit any designated player can send a message to the rest of players and the message can be finally sent back to the sender. Checking the returned message with the original one, the sender can know whether the message circulation has not been influenced by a possible single transmission error or false alteration. It has been known that any Eulerian circuit formed by the protocol has length at most 3/2k, where k is the number of players. Note that the length corresponds to the time required to send the message to all players and acknowledge the secure receipt. In this paper, we show that the average length of Eulerian circuits is approximately k+ln k.

This paper presents a possibility of Electromagnetic (EM) analysis against cryptographic modules outside their security boundaries. The mechanism behind the information leakage is explained from the view point of Electromagnetic Compatibility: electric fluctuation released from cryptographic modules can conduct to peripheral circuits based on ground bounce, resulting in radiation. We demonstrate the consequence of the mechanism through experiments where the ISO/IEC standard block cipher AES (Advanced Encryption Standard) is implemented on an FPGA board and EM radiations from power and communication cables are measured. Correlation Electromagnetic Analysis (CEMA) is conducted in order to evaluate the information leakage. The experimental results show that secret keys are revealed even though there are various disturbing factors such as voltage regulators and AC/DC converters between the target module and the measurement points. We also discuss information-suppression techniques as electrical-level countermeasures against such CEMAs.

A loosened connector between interconnected electric devices causes an increase in electromagnetic radiation when the devices operate in high-frequency bands. To develop a high-frequency circuit equivalent to a connector with contact failure, we previously investigated the parasitic elements caused by failure at the contact boundary. From the results of that study, the inductance and resistance at a connection contact boundary are increased by the loosening of a connector. Furthermore, the increase in inductance is the dominant factor in increasing the intensity of the electromagnetic radiation. In this paper, to suppress electromagnetic radiation resulting from a loose contact, we formulate the contact performance requirement needed to maintain a good contact condition when a small loosening has occurred at the interconnection. To this end, we investigate the mechanism of increase in the inductance by loosening the connector.

When contact failure occurs in a connector in a coaxial high-frequency (HF) signal transmission line, it is well known that common-mode (CM) radiation occurs on the line. We focus on contact conditions in a connector causing such CM radiation. Experiments and simulations verify that CM radiation increases as the contact resistance increases. While the CM current strongly depends on the distribution pattern of contact resistances at a low resistance, the CM current does not depend on these pattern at a high resistance. Our results indicate that it is important to maintain a symmetrical distribution of contact spots whenever the number of such spots is four or more.

It is known that, using just a deck of cards, an arbitrary number of parties with private inputs can securely compute the output of any function of their inputs. In 2009, Mizuki and Sone constructed a six-card COPY protocol, a four-card XOR protocol, and a six-card AND protocol, based on a commonly used encoding scheme in which each input bit is encoded using two cards. However, up until now, there are no known results to construct a set of COPY, XOR, and AND protocols based on a two-card-per-bit encoding scheme, which all can be implemented using only four cards. In this paper, we show that it is possible to construct four-card COPY, XOR, and AND protocols using polarizing plates as cards and a corresponding two-card-per-bit encoding scheme. Our protocols use a minimum number of cards in the setting of two-card-per-bit encoding schemes since four cards are always required to encode the inputs. Moreover, we show that it is possible to construct two-card COPY, two-card XOR, and three-card AND protocols based on a one-card-per-bit encoding scheme using a common reference polarizer which is a polarizing material accessible to all parties.

Fingerprinting is one of the digital watermarking techniques, and is becoming more important as a copyright protection technique. Fingerprinting must resist collusion attacks. As a security index, "c-secureness" has been proposed, but it has been known that there is indeed no c-secure code. In this paper, we introduce a new index to measure the resilience of fingerprinting for collusion attacks and obtain some upper bounds and a lower bound on the index.

Card-based protocols enable us to easily perform cryptographic tasks such as secure multiparty computation using a deck of physical cards. Since the first card-based protocol appeared in 1989, many protocols have been designed. A protocol is usually described with a series of somewhat intuitive and verbal descriptions, such as “turn over this card,” “shuffle these two cards,” “apply a random cut to these five cards,” and so on. On the other hand, a formal computational model of card-based protocols via abstract machine was constructed in 2014. By virtue of the formalization, card-based protocols can be treated more rigorously; for example, it enables one to discuss the lower bounds on the number of cards required for secure computations. In this paper, an overview of the computational model with its applications to designing protocols and a survey of the recent progress in card-based protocols are presented.

Recently, for electronic devices operating at high frequencies, the suppression of a high-frequency electromagnetic field of 1 GHz or more has become necessary. We focus on a loose connector between a pair of electrical devices operating in the high-frequency band. Many electronic devices are used in living spaces, most of which are connected to one another. When a user connects two devices, achieving good contact only by finger tightening can be difficult. Accordingly, in this paper, considering the case where the tightening torque of a coaxial connector is insufficient, we analyze the effect of loose contact on electromagnetic field radiation from a transmission line.

Suppose that there are players in two hierarchical groups and a computationally unlimited eavesdropper. Using a random deal of cards, a player in the higher group wishes to send a one-bit message information-theoretically securely either to all the players in her group or to all the players in the two groups. This can be done by the so-called 2-level key set protocol. In this paper we give a necessary and sufficient condition for the 2-level key set protocol to succeed.

Cryptographic protocols enable participating parties to compute any function of their inputs without leaking any information beyond the output. A card-based protocol is a cryptographic protocol implemented by physical cards. In this paper, for constructing protocols with small numbers of shuffles, we introduce a new type of cards, regular polygon cards, and a new protocol, oblivious conversion. Using our cards, we construct an addition protocol on non-binary inputs with only one shuffle and two cards. Furthermore, using our oblivious conversion protocol, we construct the first protocol for general functions in which the number of shuffles is linear in the number of inputs.

The contact surface of a loose connector has both contact resistance and low inductance, and the inductance depends on the distribution of the true contacts. The contact resistance and inductance were measured by time-domain reflectometry (TDR) for seven contact distribution models. The resistance was approximately constant, while the maximum inductance varied more than twofold depending on the distribution model.

Card-based cryptographic protocols provide secure multi-party computations using a deck of physical cards. The most important primitive of those protocols is the shuffling operation, and most of the existing protocols rely on uniform cyclic shuffles (such as the random cut and random bisection cut) in which each possible outcome is equally likely and all possible outcomes constitute a cyclic subgroup. However, a couple of protocols with non-uniform and/or non-cyclic shuffles were proposed by Koch, Walzer, and Härtel at Asiacrypt 2015. Compared to the previous protocols, their protocols require fewer cards to securely produce a hidden AND value, although to implement of such unconventional shuffles appearing in their protocols remains an open problem. This paper introduces “pile-shifting scramble,” which can be a secure implementation of those shuffles. To implement such unconventional shuffles, we utilize physical cases that can store piles of cards, such as boxes and envelopes. Therefore, humans are able to perform the shuffles using these everyday objects. Furthermore, we show that a certain class of non-uniform and/or non-cyclic shuffles having two possible outcomes can be implemented by the pile-shifting scramble. This also implies that we can improve upon the known COPY protocol using three card cases so that the number of cases required can be reduced to two.

Kakuro is a popular logic puzzle, in which a player fills in all empty squares with digits from 1 to 9 so that the sum of digits in each (horizontal or vertical) line is equal to a given number, called a clue, and digits in each line are all different. In 2016, Bultel, Dreier, Dumas, and Lafourcade proposed a physical zero-knowledge proof protocol for Kakuro using a deck of cards; their proposed protocol enables a prover to convince a verifier that the prover knows the solution of a Kakuro puzzle without revealing any information about the solution. One possible drawback of their protocol would be that the protocol is not perfectly extractable, implying that a prover who does not know the solution can convince a verifier with a small probability; therefore, one has to repeat the protocol to make such an error become negligible. In this paper, to overcome this, we design zero-knowledge proof protocols for Kakuro having perfect extractability property. Our improvement relies on the ideas behind the copy protocols in the field of card-based cryptography. By executing our protocols with a real deck of physical playing cards, humans can practically perform an efficient zero-knowledge proof of knowledge for Kakuro.

Assume that Alice, Bob, and Carol, each of whom privately holds a one-bit input, want to learn the output of some Boolean function, say the majority function, of their inputs without revealing more of their own secret inputs than necessary. In this paper, we show that such a secure three-input function evaluation can be performed with a deck of real cards; specifically, the three players can learn only the output of the function using eight physical cards — four black and four red cards — with identical backs.

Recently, it has been shown that electromagnetic radiation from electrical devices leaks internal information. Some investigations have shown that information leaks through the clock frequency and higher harmonic waves. Thus, previous studies have focused on the information leakage from information processing circuits. However, there has been little discussion about information leaks from peripheral circuits. In this paper, we focus on the oscillation frequency of the integrated RC oscillators. In this paper, we use a keyboard as a device that includes a RC oscillator. Then experiments observed information leaks caused by key inputs. Our experiments show that frequency fluctuations cause information leakages and clarify what information can be acquired from the fluctuation. Then, we investigate the possibility of information leaking from peripheral circuits through modulated signals which are radiated by the peripheral circuits.

Increased inductance values and contact resistance in connector contact surfaces due to degradation of connector contact performance have been reported. In particular, inductance increases while degradation remains minimal. We focus on slight loosening in which increased inductance values are observed without increased resistance values, and investigate the effect of loose connectors on transmission line coupling noise under such circumstances. We find a proportional relation between coupled noise current and frequency. Moreover, we find a proportional relation between the increased inductance value, which depends on the change in connector contact distribution, and the coupled noise current in the transmission line.

Digital watermarking used for fingerprinting may receive a collusion attack; two or more users collude, compare their data, find a part of embedded watermarks, and make an unauthorized copy by masking their identities. In this paper, assuming that at most c users collude, we give a characterization of the fingerprinting codes that have the best security index in a sense of "(c,p/q)-secureness" proposed by Orihara et al. The characterization is expressed in terms of intersecting families of sets. Using a block design, we also show that a distributor of data can only find asymptotically a set of c users including at least one culprit, no matter how good fingerprinting code is used.