Papers by Yoshifumi Manabe
New generation computing, Jun 15, 2024
Lecture Notes in Computer Science, Dec 31, 2022
Lecture Notes in Computer Science, Dec 31, 2022
Proceedings of the 4th International Conference on Advanced Information Science and System
This paper considers a new type of two-sided matching in which multiple numbers of agents are per... more This paper considers a new type of two-sided matching in which multiple numbers of agents are perfectly matched on both sides. Such matching can be used between multiple major students and laboratories. The many-to-many perfect matching problem cannot be solved by existing many-to-many matching algorithms, since the perfect property, which is a global property, cannot be represented by the participants' preferences, which are local properties. This paper gives a DA(Deferred Acceptance) mechanism to match each student to the given number of different laboratories without a blocking pair by introducing a master list of students to resolve ties between students.
Security, Privacy, and Applied Cryptography Engineering
This paper proposes a cake-cutting protocol using cryptography when the cake is a heterogeneous g... more This paper proposes a cake-cutting protocol using cryptography when the cake is a heterogeneous good that is represented by an interval on a real line. Although the Dubins-Spanier moving-knife pro-tocol with one knife achieves simple fairness, all players must execute the protocol synchronously. Thus, the protocol cannot be executed on asynchronous networks such as the Internet. We show that the moving-knife protocol can be executed asynchronously by a discrete protocol using a se-cure auction protocol. The number of cuts is n − 1 where n is the number of players, which is the minimum. 1
Monitoring and debugging of distributed real-time systems, Mar 1, 1995
Abstract. This paper discusses cake-cutting protocols when the cake is a heterogeneous good that ... more Abstract. This paper discusses cake-cutting protocols when the cake is a heterogeneous good that is represented by an interval in the real line. We propose a new desirable property, the meta-envy-freeness of cake-cutting, which has not been formally considered before. Though envy-freeness was considered to be one of the most important desirable properties, envy-freeness does not prevent envy about role assignment in the protocols. We define meta-envy-freeness that formalizes this kind of envy. We show that current envy-free cake-cutting protocols do not satisfy meta-envy-freeness. Formerly proposed properties such as strong envy-free, exact, and equitable do not directly consider this type of envy and these properties are very difficult to realize. This paper then shows meta-envy-free cake-cutting protocols for two and three party cases. 1
Matching algorithms are most commonly explained using the state of proposals between two groups s... more Matching algorithms are most commonly explained using the state of proposals between two groups such as male and female where each participant creates his/her own preference list by knowing some information regarding the other participant. However, the history of the proposals during the execution of the algorithm is known to everyone, which makes the stable matching algorithm vulnerable to manipulation. Private matching algorithms were proposed to output a matching result without revealing any information and show only the matching result to all participants. Still, in these algorithms, both parties need to know some information regarding participants or reveal some of their own attributes before the matching begins. To resolve the problem, we propose a new private matching algorithm using a predicate encryption, in which each male participant uses his own information and the information demanded from female participants as input, while each female participant uses her condition/de...
New Generation Computing
This paper shows new card-based cryptographic protocols using private operations that are secure ... more This paper shows new card-based cryptographic protocols using private operations that are secure against malicious players. Physical cards are used in card-based cryptographic protocols instead of computers. Operations that a player executes in a place where the other players cannot see are called private operations. Using several private operations, calculations of two variable Boolean functions and copy operations were realized with the minimum number of cards. Though private operations are very powerful in card-based cryptographic protocols, there is a problem that it is very hard to prevent malicious actions during private operations. Though most card-based protocols are discussed in the semi-honest model, there might be cases when the semi-honest model is not enough. Thus, this paper shows new protocols that are secure against malicious players. We show logical XOR, logical AND, n-variable Boolean function, and copy protocols. We can execute any logical computations with a comb...
This paper proposes a cake-cutting protocol using cryptography when the cake is a heterogeneous g... more This paper proposes a cake-cutting protocol using cryptography when the cake is a heterogeneous good that is represented by an interval on a real line. Although the Dubins-Spanier moving-knife protocol with one knife achieves simple fairness, all players must execute the protocol synchronously. Thus, the protocol cannot be executed on asynchronous networks such as the Internet. We show that the moving-knife protocol can be executed asynchronously by a discrete protocol using a secure auction protocol. The number of cuts is n-1 where n is the number of players, which is the minimum.
Abstract. The relationship of three cryptographic channels, secure channels (SC), anonymous chann... more Abstract. The relationship of three cryptographic channels, secure channels (SC), anonymous channels (AC) and direction-indeterminable channels (DIC), was in-vestigated by Okamoto. He showed that the three cryptographic channels are re-ducible to each other, but did not consider communication schedules clearly as well as composable security. This paper refines the relationship of the three chan-nels in the light of communication schedules and composable security. We model parties by the task-probabilistic input/output automata (PIOA) to treat commu-nication schedules, and adopt the universally composable (UC) framework by Canetti to treat composable security. We show that a class of anonymous chan-nels, two-anonymous channels (2AC), and DIC are reducible to each other under any schedule and that DIC and SC are reducible to each other under some types of schedules, in the UC framework with the PIOA model.
Abstract. This paper presents an efficient anonymous credential system that in-cludes two variant... more Abstract. This paper presents an efficient anonymous credential system that in-cludes two variants. One is a system that lacks a credential revoking protocol, but provides perfect anonymity-unlinkability and computational unforgeability under the strong Diffie-Hellman assumption. It is more efficient than existing creden-tial systems with no revocation. The other is a system that provides revocation as well as computational anonymity-unlinkability and unforgeability under the strong Diffie-Hellman and decision linear Diffie-Hellman assumptions. This sys-tem provides two types of revocation simultaneously: one is to blacklist a user who acted wrong so that he can no longer use his credential, and the other is identifying a user who acted wrong from his usage of credential. Both systems are provably secure under the above-mentioned assumptions in the standard model.
A distributed coordinated checkpointing algorithm for distributed mobile systems is presented. A ... more A distributed coordinated checkpointing algorithm for distributed mobile systems is presented. A consistent global checkpoint is a set of states in which no message is recorded as received in one process and as not yet sent in another process. It is used for rollback when process failure oc-curs. A consistent global checkpoint must be obtained for any checkpoint initiation by any process. This paper shows a checkpoint algorithm in which the amount of information piggybacked on program messages does not depend on the number of mobile processes. The number of checkpoints is minimized under two assumptions: ( I) one consistent global checkpoint is taken for concurrent checkpoint initi-ations and (2) a checkpoint is initiated at each handoff by mobile processes. This algorithm is thus optimal among the generalizations of Chandy and Lamport’s distributed snapshot algorithm under the latter assumption. 1.
We present the first general MPC protocol that satisfies the following: (1) the construction is b... more We present the first general MPC protocol that satisfies the following: (1) the construction is black-box, (2) the protocol is universally composable in the plain model, and (3) the number of rounds is constant. The security of our protocol is proven in angel-based UC security under the assumption of the existence of one-way functions that are secure against sub-exponential-time adversaries and constant-round semi-honest oblivious transfer protocols that are secure against quasi-polynomial-time adversaries. We obtain the MPC protocol by constructing a constant-round CCA-secure commitment scheme in a black-box way under the assumption of the existence of one-way functions that are secure against sub-exponential-time adversaries. To justify the use of such a sub-exponential hardness assumption in obtaining our constant-round CCA-secure commitment scheme, we show that if black-box reductions are used, there does not exist any constant-round CCA-secure commitment scheme under any falsif...
Abstract—This paper proposes a new edge-based authen-tication scheme for network coding. Many aut... more Abstract—This paper proposes a new edge-based authen-tication scheme for network coding. Many authentication schemes for random linear network coding have been proposed against pollution attacks. However, random linear network coding is vulnerable to entropy attacks. An adversary can generate messages that are verified as correct messages by the authentication mechanism but obstruct the network coding. Random linear network coding is shown to be efficient in a random failure model, but not in an adversary model. This paper shows a simple solution to tolerate entropy attacks by changing random linear coding to deterministic message combining rule. For an example, this paper shows a modification of RIPPLE, an authentication scheme for random linear network coding. Lastly, we show that the total delay of modified RIPPLE can be reduced by an edge-based authen-tication. RIPPLE and many other authentication schemes are node-based, that is, verification keys and operations are defined for ...
All rights are reserved and copyright of this manuscript belongs to the authors. This manuscript ... more All rights are reserved and copyright of this manuscript belongs to the authors. This manuscript has been published without reviewing and editing as received from the authors: posting the manuscript to SCIS 2006 does not prevent future submissions to any journals or conferences with proceedings.
The rate monotonic scheduling algorithm is a com-monly used task scheduling algorithm for periodi... more The rate monotonic scheduling algorithm is a com-monly used task scheduling algorithm for periodic real-time task systems. This paper discusses feasibility de-cision fo r a given real-time task system b y the rate monotonic scheduling algorithm. It presents a new necessary a n d suficient condition fo r a given task sys-tem to be feasible, and a new feasibility decision algo-rithm based on that condition. The time complexity of this algorithm depends solely on the number of tasks. This algorithm can be applied to the inverse-deadline scheduling algorithm, which is an extension of the rate monotonic scheduling algorithm. 1
Abstract—This paper proposes a new allocation algorithm of indivisible goods. We consider the cas... more Abstract—This paper proposes a new allocation algorithm of indivisible goods. We consider the case when the total value of the whole goods is the same for every participant, which models allocation at divorce or inheritance. The worst participant’s obtained value must be maximized. There are not good allocation algorithms for our rating scale. We show that this problem is NP-complete. Therefore we propose four types of approximation algorithms. Among the four algorithms, the raising standard algorithm has the best ratio that the algorithm outputs the optimal solution by a computer simulation. I.
Uploads
Papers by Yoshifumi Manabe