In recent years, concerns about location privacy are increasing with the spread of location-based services (LBSs). Many methods to protect location privacy have been proposed in the past decades. Especially, perturbation methods based on Geo-Indistinguishability (GeoI), which randomly perturb a true location to a pseudolocation, are getting attention due to its strong privacy guarantee inherited from differential privacy. However, GeoI is based on the Euclidean plane even though many LBSs are based on road networks (e.g. ride-sharing services). This causes unnecessary noise and thus an insufficient tradeoff between utility and privacy for LBSs on road networks. To address this issue, we propose a new privacy notion, Geo-Graph-Indistinguishability (GeoGI), for locations on a road network to achieve a better tradeoff. We propose Graph-Exponential Mechanism (GEM), which satisfies GeoGI. Moreover, we formalize the optimization problem to find the optimal GEM in terms of the tradeoff. However, the computational complexity of a naive method to find the optimal solution is prohibitive, so we propose a greedy algorithm to find an approximate solution in an acceptable amount of time. Finally, our experiments show that our proposed mechanism outperforms GeoI mechanisms, including optimal GeoI mechanism, with respect to the tradeoff.

After the work of Impagliazzo and Rudich (STOC, 1989), the black box framework has become one of the main research domain of cryptography. However black box techniques say nothing about non-black box techniques such as making use of zero-knowledge proofs. Brakerski et al. introduced a new black box framework named augmented black box framework, in which they gave a zero-knowledge proof oracle in addition to a base primitive oracle (TCC, 2011). They showed a construction of a non-interactive zero knowledge proof system based on a witness indistinguishable proof system oracle. They presented augmented black box construction of chosen ciphertext secure public key encryption scheme based on chosen plaintext secure public key encryption scheme and augmented black box separation between one-way function and key agreement. In this paper we simplify the work of Brakerski et al. by introducing a proof system oracle without witness indistinguishability, named coin-free proof system oracle, that aims to give the same construction and separation results of previous work. As a result, the augmented black box framework becomes easier to handle. Since our oracle is not witness indistinguishable, our result encompasses the result of previous work.

Multilinear maps have lots of cryptographic applications including multipartite key exchange and indistinguishability obfuscations. Since the concept of multilinear map was suggested, three kinds of candidate multilinear maps are constructed. However, the security of multilinear maps suffers from various attacks. In this paper, we overview suggested multilinear maps and cryptanalysis of them in diverse cases.

This paper proposes secure regenerating codes that are composed of non-secure regenerating codes and a new all-or-nothing transform. Unlike the previous analysis of secure regenerating codes, the security of the proposed codes is analyzed in the sense of the indistinguishability. The advantage of the proposed codes is that the overhead caused by the security against eavesdropping is much less than that of previous secure regenerating codes. The security of the proposed codes against eavesdropping mainly depends on the new all-or-nothing transform.

In a proxy re-signatures (PRS) scheme, a semi-trusted proxy is given some information which allows it to translate a user i's signature on a message m into another user j's signature on the same message m. However, the proxy cannot, on it own, compute signatures for either i or j. This notion introduced by Blaze et a. at EUROCRYPT 1998, and then revisited by Ateniese and Hohenberger at CCS 2005. The existence of multi-use unidirectional PRS scheme is an open problem left by AH05. Whereafter, at CCS 2008, Libert and Vergnaud constructed the first multi-use unidirectional PRS scheme. However, there is a major drawback in the LV08 scheme that the size of the signatures is linear in the number of translations. Hence, Libert and Vergnaud said that a more challenging task would be to find out implementations of such primitives where the size of signatures and the verification cost do not grow linearly with the number of translations. In this work we resolve this task by constructing a such PRS scheme in the standard model by using indistinguishability obfuscation. A shortcoming of our construction is that the security is selective but not full.

In this paper, we first prove beyond-birthyday-bound security for the Misty structure. Specifically, we show that an r-round Misty structure is secure against CCA attacks up to $O(2^{rac{rn}{r+7}})$ query complexity, where n is the size of each round permutation. So for any ε>0, a sufficient number of rounds would guarantee the security of the Misty structure up to 2n(1-ε) query complexity.

We introduce a refined definition of semantic security. The new definition is valid against not only chosen-plaintext attacks but also chosen-ciphertext attacks whereas the original one is defined against only chosen-plaintext attacks. We show that semantic security formalized by the new definition is equivalent to indistinguishability, due to Goldwasser and Micali for each of chosen-plaintext attacks, non-adaptive chosen-ciphertext attack, and adaptive chosen-ciphertext attack.

This paper presents a simple and generic conversion from a public-key encryption scheme that is indistinguishable against chosen-plaintext attacks into a public-key encryption scheme that is indistinguishable against adaptive chosen-ciphertext attacks in the random oracle model. The scheme obtained by the conversion is as efficient as the original encryption scheme and the security reduction is very tight in the exact security manner.