Cyber Physical Security Research Institute
AIST

Research Group Introduction


Advanced Cryptography Research Group

With the advance of complex information systems, such as large-scale clouds, protecting security and privacy using existing cryptographic techniques becomes increasingly difficult. To address this, we are developing new efficient cryptographic schemes with advanced functionalities, including functional encryption, fully homomorphic encryption, zero-knowledge proofs, and secure computation. These schemes enable fine-grained access control and computation over encrypted data. Furthermore, cryptographic systems deployed in practice require a high level of security to ensure that they cannot be broken via powerful distributed attacks or immediate advances in cryptanalytic techniques. We are working on the security evaluation of several deployed and widely used cryptographic systems, with the aim of either providing mathematical proofs of the security of these, or identifying potential weaknesses which might lead to attacks.


Hardware Security Research Group

The impact of malfunctions is immeasurable if such malfunctions take place in various systems essential to our lives, such as transportation, communication, information, and lifelines. Many attempts have been made to intentionally cause malfunctions to these systems. Security measures against such threats are taken at various layers of the system, but it is always the physical layer (hardware) that ultimately processes information, and reliable hardware must exist as the basis of security measures. Our research group aims to realize hardware that can be the root of trust in cyber-physical systems. Specific research topics include technology to realize devices that are physically difficult to counterfeit or copy, technology to efficiently implement security functions such as encryptions, technology to strengthen the security of circuits implemented on semiconductors, and technology to evaluate the security level of hardware. In collaboration with universities and industry, we will promote research on hardware security and contribute to improving the security of cyber-physical systems.


Secure Platform Research Group

The Internet of things (IoT) attempts to connect physical objects all around users, which will enhance the users' convenience and brings us the quality of the society. Along with the transformation of our societies, the safety/security threat to users and the surroundings has occurred in many places. In order to realize a secure society with the advent of the coming IoT society, a comprehensive rather than ad-hoc, from the entrance stage of manufacturing, commitment to security measures (security by design; SBD) is required. For example, in order to design the function of the required security and safety while maintaining the integrity of the entire system, while reducing the labor of manual analysis, IPS(Infrastructure Protection Security)Research Group is developing the software tools to continually update the system requirements. It is said the physical devices in our surroundings become a few hundred billion within five-ten years, it then must avoid falling into malfunction or loss of functionality due to natural or man-made electromagnetic noise. In the IPS team, we are also developing technologies to support the normal operation of the microcomputers and software.


Security Assurance Scheme Research Group

In our time, the supply chain of devices and systems includes a variety of businesses and many phases, and is globalized. Meanwhile, along with the rapid popularization of IoT, which is expected to provide new services, tampering of products themselves by inserting malicious logic into ICs used in IoT devices, has become threats causing malicious function such as information leakage and denial of service.The security assurance scheme research group aims to quickly and reliably install new security technology in products and systems by improving the technical foundation of security assurance, leading to evaluation certification and international standardization, in cooperation with relevant organizations. Specifically, we aggregate attack types by comprehensively analyzing and evaluating vulnerabilities from the viewpoint of an attacker who exploits a variety of logical / physical interfaces of software / hardware in an advanced manner. In addition, we will consider technical and procedural issues concerning methods of deriving the security requirements that the manufacturer should satisfy and vulnerability assessment methods to be carried out by the evaluation agency. Through these approaches, we are working on research and development of security assurance schemes suitable for various IoT fields involving multiple layers from chip vendors to application suppliers.