KAKEI Shohei

写真a

Affiliation Department etc.

Department of Computer Science
Department of Computer Science
Cyber Security Center

Title

Assistant Professor

Mail Address

E-mail address

Graduate School

  • 2014.10
    -
    2019.03

    Kobe University  Graduate School, Division of Engineering  Department of Electrical and Electronic EngineeringDoctor's Course  Completed

Field of expertise (Grants-in-aid for Scientific Research classification)

  • Information security

 

Papers

  • Prevention of Data Leakage due to Implicit Information Flows in Android Applications

    Hiroki Inayoshi, Shohei Kakei, Eiji Takimoto, Koichi Mouri, Shoichi Saito

    2019 14th Asia Joint Conference on Information Security (AsiaJCIS)     103 - 110   2019.09  [Refereed]

    Research paper (international conference proceedings)   Multiple Authorship

    Dynamic Taint Analysis (DTA) technique has been developed for analysis and understanding behavior of Android applications and privacy policy enforcement. Meanwhile, implicit information flows (IIFs) are major concern of security researchers because IIFs can evade DTA technique easily and give attackers an advantage over the researchers. Some researchers suggested approaches to the issue and developed analysis systems supporting privacy policy enforcement against IIF-accompanied attacks; however, there is still no effective technique of comprehensive analysis and privacy policy enforcement against IIF-accompanied attacks. In this paper, we propose an IIF detection technique to enforce privacy policy against IIF-accompanied attacks in Android applications. We developed a new analysis tool, called Smalien, that can discover data leakage caused by IIF-contained information flows as well as explicit information flows. We demonstrated practicability of Smalien by applying it to 16 IIF tricks from ScrubDroid and two IIF tricks from DroidBench. Smalien enforced privacy policy successfully against all the tricks except one trick because the trick loads code dynamically from a remote server at runtime, and Smalien cannot analyze any code outside of a target application. The results show that our approach can be a solution to the current attacker-superior situation.

  • Designing Authentication and Authorization System with Blockchain

    Yuki Ezawa, Makoto Takita, Yoshiaki Shiraishi, Shohei Kakei, Masanori Hirotomo, Youji Fukuta, Masami Mohri, Masakatu Morii

    2019 14th Asia Joint Conference on Information Security (AsiaJCIS)     111 - 118   2019.09  [Refereed]

    Research paper (international conference proceedings)   Multiple Authorship

    Data is accumulated daily in a society where the Internet has infiltrated. In order to further develop the industry, it is effective to establish a framework that can share and use data resources widely. If the IoT devices and various services trade data without human intervention, they will be able to provide new services that enrich our lives. If an authentication and authorization system that can openly confirm the data owners and give authority to them is constructed, various services, not limited to a single service, can authenticate and authorize the devices, and the data sharing will be promoted. In this paper, we propose a system that uses blockchain as a database for storing credentials and authority information and allows users and services to perform authentication and authorization based on that information.

  • SSL Client Authentication with TPM

    Shohei KAKEI, Masami MOHRI, Yoshiaki SHIRAISHI, Masakatu MORII

    IEICE Transactions on Information and Systems   E99.D ( 4 ) 1052 - 1061   2016.04  [Refereed]

    Research paper (scientific journal)   Multiple Authorship

    TPM-embedded devices can be used as authentication to-kens by issuing certificates to signing keys generated by TPM. TPM gen-erates Attestation Identity Key (AIK) and Binding Key (BK) that are RSAkeys. AIK is used to identify TPM. BK is used to encrypt data so that spe-cific TPM can decrypt it. TPM can use for device authentication by linkinga SSL client certificate to TPM. This paper proposes a method of an AIKcertificate issuance with OpenID and a method of the SSL client certifi-cate issuance to specific TPM using AIK and BK. In addition, the papershows how to implement device authentication system using the SSL clientcertificate related to TPM.

  • Offline Time-Stamping System: Its Design and Implementation

    Shohei Kakei, Masami Mohri, Yoshiaki Shiraishi, Ryoji Noguchi

    2012 IEEE International Conference on Control System, Computing and Engineering ( IEEE )    404 - 409   2013.03  [Refereed]

    Research paper (international conference proceedings)   Multiple Authorship

    Some time-stamping services are on business for protection of a document. A user can get the time-stamp just by connecting a terminal to the internet. However, if the user cannot connect to the internet, the document cannot be protected. Without regard to the internet access, if the user can get the time-stamp anywhere, time-stamping can use in many other situations. This paper proposes an offline time-stamping scheme. The scheme generates the time-stamp in a user's terminal using TPM. TPM is a security chip. In this scheme, TPM is used for preventing a terminal user from generating a time-stamp containing falsified time. This paper shows an example of a design and an implementation of an offline time-stamping system based on the scheme. The system is designed in the REST -over-HTTP style. By using HTTP, the development is simplified because it is not necessary to build an interface, API, or others for each system a developer need to build. The implemented system can issue a time-stamp about 1,140ms under the experimental environment.

  • Offline time-stamping using TPM and its Java library

    Shohei Kakei, Masami Mohri, Yoshiaki Shiraishi, Ryoji Noguchi

    2012 International Symposium on Computer Applications and Industrial Electronics (ISCAIE) ( IEEE )    64 - 69   2013.03  [Refereed]

    Research paper (international conference proceedings)   Multiple Authorship

    Digital time-stamp is a component for making a digital evidence of data. It proves that there has been a data since a particular time, and the data has not been falsified after time-stamping. A PKI-based time-stamping scheme is standardized in RFC3161. In the scheme, Time Stamping Authority (TSA), which is a trusted third party, issues a digital time-stamp and a client cannot requests time-stamp to TSA without internet access. This paper proposes an offline time-stamping scheme using TPM. TPM is a security chip equipped with a terminal and provides an extra layer of security to the terminal. The proposed scheme can make time-stamp that is detectable with falsification and forgery. The implementation of the proposed scheme requires the knowledge of TPM. This paper shows the Java library for easy development of the offline time-stamping using TPM.

  • Offline TimeStamp Using TPM

    Shohei Kakei,Tomohiko Wakita,Masami Mohri,Yoshiaki Shiraishi,Ryoji Noguchi

    IPSJ Journal ( Information Processing Society of Japan )  53 ( 9 ) 2117 - 2129   2012.09  [Refereed]

    Research paper (scientific journal)   Multiple Authorship

    Public Key Infrastructure Time-Stamp Protocol (PKI TSP) is standardized in RFC3161. In the PKI TSP, a TSA (Time Stamping Authority), which is a trusted third party, authenticates the time-stamp. In this model, the time-stamp authentication depends on the TSA, and a client must be in online status. This paper proposes an offline time-stamp scheme. The proposed scheme authenticates the time-stamp, even when a client cannot communicate with the TSA. The TSA delegates the authority of time-stamp authentication to a client which has been authenticated by a certification authority (CA) using a TPM (Trusted Platform Module). Then a client authenticates the time-stamp using the TPM. The paper also shows that the proposed scheme using the TPM can detect the falsification and forgery of the time.

Presentations

  • The Concept of Meta-PKI: A Decentralized Trust Model Using Smart Contract for Internet of Things

    Shohei KAKEI, Yoshiaki SHIRAISHI, Masami MOHRI, Toru NAKAMURA, Masayuki HASHIMOTO, Hiroyuki YOKOYAMA, Shoichi SAITO

    The 14th Asia Joint Conference on Information Security (AsiaJCIS2019)  (神戸大学統合研究拠点)  2019.08  -  2019.08 

  • Designing Authentication and Authorization System with Blockchain

    Yuki Ezawa, Makoto Takita, Yoshiaki Shiraishi, Shohei Kakei, Masanori Hirotomo, Youji Fukuta, Masami Mohri, Masakatu Morii

    The 14th Asia Joint Conference on Information Security (AsiaJCIS2019)  (神戸大学統合研究拠点)  2019.08  -  2019.08 

  • Prevention of Data Leakage due to Implicit Information Flows in Android Applications

    Hiroki Inayoshi, Shohei Kakei, Eiji Takimoto, Koichi Mouri, Shoichi Saito

    The 14th Asia Joint Conference on Information Security (AsiaJCIS2019)  (神戸大学統合研究拠点)  2019.08  -  2019.08