## Design and Evaluation of More Secure Cryptography

Practical cryptography must achieve a high level of security, one which remains secure even with the best information processing technology available today. The security of a cryptographic protocol is built on top of a hard mathematical problem believed to be unsolvable, and a "security proof" for cryptography consists of a mathematical proof which asserts that "If a cryptographic protocol can be broken, then the hard mathematical problem can be solved." Thus, assuming the hard mathematical problem is indeed unsolvable, then security of the cryptographic protocol is established. Providing such security proof is the cornerstone of modern practical cryptography such as encryption, digital signature, authentication, and so on.

In recent years, there is an increasing need for cryptography with higher security, which are not only secure against conventional classical computers, but also against "quantum" computers, which are expected to be put to practical use in the future. In fact, it is known that cryptography that are secure against classical computers can be broken by quantum computers; in the above context, this means the mathematical problem is unsolvable by classical computers but solvable by quantum computers. Thus, the design and security evaluation of quantum-resistant cryptography is an important and pressing issue for the future.

Our research team has state-of-the-art knowledge in both classical and quantum cryptography, and one of our missions is to design various highly secure cryptographic primitives and protocols. Since quantum-safe cryptography tends to be less efficient than classical counterparts, a deep understanding of quantum-resistant mathematical tools and a good handle on cryptography is vital to design cryptography with the same functionality as classical cryptography without sacrificing efficiency.

#### Selected Publications

- Shuichi Katsumata: A New Simple Technique to Bootstrap Various Lattice Zero-Knowledge Proofs to QROM Secure NIZKs. CRYPTO (2), pp 580-610, 2021.
- Keitaro Hashimoto, Shuichi Katsumata, Kris Kwiatkowski, Thomas Prest: An Efficient and Generic Construction for Signal's Handshake (X3DH): Post-Quantum, State Leakage Secure, and Deniable. Public Key Cryptography (2) 2021: 410-440
- Yuyu Wang, Takahiro Matsuda, Goichiro Hanaoka, Keisuke Tanaka: Impossibility on Tamper-Resilient Cryptography with Uniqueness Properties. Public Key Cryptography (1) 2021: 389-420
- Shuichi Katsumata, Ryo Nishimaki, Shota Yamada, Takashi Yamakawa: Round-Optimal Blind Signatures in the Plain Model from Classical and Quantum Standard Assumptions. EUROCRYPT (1) 2021: 404-434
- Shuichi Katsumata, Ryo Nishimaki, Shota Yamada, Takashi Yamakawa: Adaptively Secure Inner Product Encryption from LWE. ASIACRYPT (3) 2020: 375-404
- Ward Beullens, Shuichi Katsumata, Federico Pintore: Calamari and Falafl: Logarithmic (Linkable) Ring Signatures from Isogenies and Lattices. ASIACRYPT (2) 2020: 464-492
- Shuichi Katsumata, Kris Kwiatkowski, Federico Pintore, Thomas Prest: Scalable Ciphertext Compression Techniques for Post-quantum KEMs and Their Applications. ASIACRYPT (1) 2020: 289-320
- Fuyuki Kitagawa, Takahiro Matsuda: Circular Security Is Complete for KDM Security. ASIACRYPT (1) 2020: 253-285
- Shweta Agrawal, Daniel Wichs, Shota Yamada: Optimal Broadcast Encryption from LWE and Pairings in the Standard Model. TCC (1) 2020: 149-178
- Ali El Kaafarani, Shuichi Katsumata, Federico Pintore: Lossy CSI-FiSh: Efficient Signature Scheme with Tight Reduction to Decisional CSIDH-512. Public Key Cryptography (2) 2020: 157-186
- Fuyuki Kitagawa, Takahiro Matsuda, Keisuke Tanaka: Simple and Efficient KDM-CCA Secure Public Key Encryption. ASIACRYPT (3) 2019: 97-127
- Fuyuki Kitagawa, Takahiro Matsuda: CPA-to-CCA Transformation for KDM Security. TCC (2) 2019: 118-148
- Shweta Agrawal, Monosij Maitra, Shota Yamada: Attribute Based Encryption for Deterministic Finite Automata from DLIN. TCC (2) 2019: 91-117
- Fuyuki Kitagawa, Takahiro Matsuda, Keisuke Tanaka: CCA Security and Trapdoor Functions via Key-Dependent-Message Security. CRYPTO (3) 2019: 33-64
- Shuichi Katsumata, Takahiro Matsuda, Atsushi Takayasu: Lattice-Based Revocable (Hierarchical) IBE with Decryption Key Exposure Resistance. Public Key Cryptography (2) 2019: 441-471
- Shuichi Katsumata, Shota Yamada: Non-zero Inner Product Encryption Schemes from Various Assumptions: LWE, DDH and DCR. Public Key Cryptography (2) 2019: 158-188
- Shuichi Katsumata, Shota Yamada, Takashi Yamakawa: Tighter Security Proofs for GPV-IBE in the Quantum Random Oracle Model. ASIACRYPT (2) 2018: 253-282
- Yuyu Wang, Takahiro Matsuda, Goichiro Hanaoka, Keisuke Tanaka: Memory Lower Bounds of Reductions Revisited. EUROCRYPT (1) 2018: 61-90
- Ali El Kaafarani, Shuichi Katsumata: Attribute-Based Signatures for Unbounded Circuits in the ROM and Efficient Instantiations from Lattices. Public Key Cryptography (2) 2018: 89-119
- Takahiro Matsuda, Jacob C. N. Schuldt: Related Randomness Security for Public Key Encryption, Revisited. Public Key Cryptography (1) 2018: 280-311
- Keisuke Hara, Fuyuki Kitagawa, Takahiro Matsuda, Goichiro Hanaoka, Keisuke Tanaka: Simulation-Based Receiver Selective Opening CCA Secure PKE from Standard Computational Assumptions. SCN 2018: 140-159