Toru Nakamura’s research while affiliated with KDDI Research and other places

What is this page?


This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.

Publications (100)


A Review on Machine Unlearning
  • Preprint

November 2024

·

10 Reads

·

Toru Nakamura

·

Takamasa Isohara

·

Recently, an increasing number of laws have governed the useability of users' privacy. For example, Article 17 of the General Data Protection Regulation (GDPR), the right to be forgotten, requires machine learning applications to remove a portion of data from a dataset and retrain it if the user makes such a request. Furthermore, from the security perspective, training data for machine learning models, i.e., data that may contain user privacy, should be effectively protected, including appropriate erasure. Therefore, researchers propose various privacy-preserving methods to deal with such issues as machine unlearning. This paper provides an in-depth review of the security and privacy concerns in machine learning models. First, we present how machine learning can use users' private data in daily life and the role that the GDPR plays in this problem. Then, we introduce the concept of machine unlearning by describing the security threats in machine learning models and how to protect users' privacy from being violated using machine learning platforms. As the core content of the paper, we introduce and analyze current machine unlearning approaches and several representative research results and discuss them in the context of the data lineage. Furthermore, we also discuss the future research challenges in this field.



Standard stability checking algorithm
Stability checking algorithm for FHE
Modified Algorithm
An example of preference orders [4]. The table on the left shows the preference orders for men and the table on the right shows the preference orders for women
A blocking pair of the example [4]. Blue cells indicate current matching pairs. Red cells indicate blocking pairs. Here (m1,w2)\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$(m_1, w_2)$$\end{document} is the blocking pair, where m1\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$m_1$$\end{document} prefers w2\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$w_2$$\end{document} to w3\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$w_3$$\end{document} who is the current matching pair of m1\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$m_1$$\end{document} and at the same time w2\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$w_2$$\end{document} prefers m1\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$m_1$$\end{document} to m3\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$m_3$$\end{document} who is the current matching pair of w2\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$w_2$$\end{document}

+5

Private Verification in Multi-stakeholder Environment and its Application to Stable Matching
  • Article
  • Publisher preview available

March 2024

·

13 Reads

SN Computer Science

This paper provides a solution to mitigate mistrust that arises from untransparency in a multi-stakeholder environment. This work is related to a kind of verifiable computation. When considering the multi-stakeholder environment, not only the participants’ requirements but also the assignee’s intention should be respected. That is, the assignee should be given the discretion to select a result that is the best for the assignee among all the choices. However, there is a possibility that if the assignee is malicious, he/she may falsify and provide an inadequate result for participants to maximize his/her benefit by ignoring the participants’ requirements. It is difficult for the participants to detect this if they want to keep their preference orders secret from others. This paper proposes a solution to determine whether the received result is adequate for the participants while keeping their preference orders secret. The proposed solution is based on fully homomorphic encryption (FHE) and assumes the use of a semi-honest third-party server. This paper first describes a general solution that is not limited to specific requirements from participants. Next, this paper shows a way to apply to stable matching problem as a specific implementation. More specifically, a transformation of a standard stability checking algorithm into an algorithm that can be implemented by FHE with the computational complexity O(n2)O(n2)O(n^2). Finally, this paper gives an example of an implementation and its performance with HElib, which is an FHE library that provides BGV.

View access options

Verification Protocol for Stable Matching from Conditional Disclosure of Secrets

March 2024

·

7 Reads

Lecture Notes in Computer Science

Stable matching is an important problem that receives attention from researchers in several fields. In the problem setting, there are two sets with the same number of members. Each member has its matching preference. The goal is to find a one-to-one matching between each member of the two sets such that no pairs want to change the matching result. Since an instance of the stable matching problem may have more than one possible stable matching, Nakamura et al. proposed a multi-stakeholder environment with selectability property, and applied it to the stable matching problem as an example use case. In their setting, the computing server could freely choose to return any stable matching depending on the benefits of the clients and the computing server. Their protocol also offered verifiability, but only against a semi-honest verifying server. To address this issue, we propose a verification protocol for stable matching against a malicious server. Our verification protocol is constructed from CDS schemes for stable matching, which do not require any asymmetric-key cryptographic primitives. From the implementation result, our proposed protocol is 4 to 5 orders of magnitude faster than the previous work.


Hierarchical Local Differential Privacy

December 2023

·

17 Reads

Journal of Information Processing

The local differential privacy metric has attracted attention due to its quantitative nature, and many mechanisms have been studied for satisfying local differential privacy based on data formats and use cases. Local differential privacy mechanisms generally target a certain data space and perturb it sufficiently to provide indistinguishability of the data on that space. Therefore, individual data tends to be greatly disturbed so that even relatively simple tasks require a large amount of data to equalize the noise caused by the mechanism. In this paper, we define hierarchical local differential privacy, which is an extension of local differential privacy, and propose a mechanism to satisfy both local differential privacy and hierarchical local differential privacy. Hierarchical local differential privacy views a data space hierarchically as a set of smaller spaces, and instead of abandoning the privacy of data contained in different spaces, the amount of noise can be reduced. In this paper, we further design a hierarchical local differential privacy framework and achieve a privacy guarantee based on local differential privacy for all the data in the framework. Finally, we experimentally evaluate the proposed framework using image data. The framework allows control over the amount of information that can be disclosed, and furthermore, maintains a higher degree of utility than applying a simple local differential privacy mechanism.





Group Oriented Attribute-Based Encryption Scheme from Lattices with the Employment of Shamir’s Secret Sharing Scheme

August 2023

·

13 Reads

·

1 Citation

Lecture Notes in Computer Science

This paper delivers a post-quantum construction for group-oriented attribute-based encryption (GO-ABE) using lattice-based cryptography. The GO-ABE scheme enables users from the same group to combine their attributes to satisfy a decryption policy without revealing their secret keys. GO-ABE is particularly useful when no single user can fulfill the decryption policy alone, but a group of users can satisfy it together. Li et al. introduced the idea of GO-ABE at NSS 2015, discussing its importance in accessing patient data during emergencies. However, since Li et al.’s scheme uses bilinear mappings, it is not secure against quantum attacks. To ensure security against quantum attacks, we construct the GO-ABE scheme using the post-quantum cryptographic primitive lattices, and employ Shamir’s secret sharing scheme to meet the GO-ABE requirements.Keywordsattribute-based encryptiongroup-oriented systemsprivacylattice-based cryptography


Privacy-Preserving Correlation Coefficient

May 2023

·

87 Reads

IEICE Transactions on Information and Systems

Differential privacy is a confidentiality metric and quantitatively guarantees the confidentiality of individuals. A noise criterion, called sensitivity, must be calculated when constructing a probabilistic disturbance mechanism that satisfies differential privacy. Depending on the statistical process, the sensitivity may be very large or even impossible to compute. As a result, the usefulness of the constructed mechanism may be significantly low; it might even be impossible to directly construct it. In this paper, we first discuss situations in which sensitivity is difficult to calculate, and then propose a differential privacy with additional dummy data as a countermeasure. When the sensitivity in the conventional differential privacy is calculable, a mechanism that satisfies the proposed metric satisfies the conventional differential privacy at the same time, and it is possible to evaluate the relationship between the respective privacy parameters. Next, we derive sensitivity by focusing on correlation coefficients as a case study of a statistical process for which sensitivity is difficult to calculate, and propose a probabilistic disturbing mechanism that satisfies the proposed metric. Finally, we experimentally evaluate the effect of noise on the sensitivity of the proposed and direct methods. Experiments show that privacy-preserving correlation coefficients can be derived with less noise compared to using direct methods.


Citations (46)


... Different PPML methods could be used to implement such a PSI detection application. PSI detection can be accomplished using multi-class or multi-label classification approaches that would classify private data into different categories (e.g., tracking, financial or medical data) [46]. Users' privacy concerns towards this type of privacy-preserving application have been investigated by Bracamonte et al. [12], who found that users have privacy concerns with regard to perceived surveillance and perceived intrusion and secondary use, which motivates the need of PPML in this type of application. ...

Reference:

Which PPML Would a User Choose? A Structured Decision Support Framework for Developers to Rank PPML Techniques Based on User Acceptance Criteria
Systematizing the State of Knowledge in Detecting Privacy Sensitive Information in Unstructured Texts using Machine Learning
  • Citing Conference Paper
  • August 2023

... Furthermore, we show a specific FHE-based verification algorithm for two-sided matching, which checks whether the matching is stable while the users' private inputs are kept secret. This paper is an extended version of the ICEIS paper written by Nakamura et al. [4]. In addition to the above contributions, we provide an implementation and its evaluation result with HElib, which is an open FHE library, in this paper. ...

Achieving Private Verification in Multi-stakeholder Environment and Application to Stable Matching
  • Citing Conference Paper
  • January 2023

... To address these practical concerns, machine unlearning has become a promising approach. Machine unlearning involves the targeted removal of certain training data and its influence from a trained model, ensuring that the revised model operates as though it has never been exposed to that data [15][16][17][18]. The most direct way of unlearning is to restart training on a dataset with that data deleted. ...

A Review on Machine Unlearning

SN Computer Science

... In Ref. [84], Ciampi, Romano, and Schmid's analysis of blockchain-based process authentication through three case studies demonstrates the technology's adaptability in guaranteeing process reliability and integrity. In Ref. [85], the use of a blockchain framework in Perera et al.'s certificate management method for VANETs highlights the crucial role that blockchain plays in improving the security and dependability of vehicular communication networks. In Ref. [86], Nelaturu, Du, and Le's study of blockchain in fintech highlights the technology's disruptive potential in financial services by outlining the taxonomy, difficulties, and future possibilities. ...

Certificate Management Scheme for VANETs Using Blockchain Structure

Cryptography

... However, for example, thresholding the other digital signatures like BLS with applications in IoT [135] and Blockchain [233], Schnorr in Blockchains or Cryptocurrency [205,206] holds equal importance. In the same line, although there have been commendable efforts in surveying exotic signatures (e.g., [53,108,218,232,268]), they usually focus on certain types of application domains (e.g., Blockchain, IoT), and capture some exotic features in isolation. Furthermore, the examination of threshold PQC signatures, encompassing both the NIST-PQC standards and custom design [46], is another gap that has not been addressed fully. ...

A Survey on Group Signatures and Ring Signatures: Traceability vs. Anonymity

Cryptography

... The verifier is not required to do any quantum state comparisons during the signature verification phase. Furthermore, our protocol differs from symmetric quantum signature systems [17]- [23], in which the quantum signatures are signed and verified using the same signing keys. The proposed QDVS is a quantum signature system based on identity. ...

Almost Fully Anonymous Attribute-Based Group Signatures with Verifier-local Revocation and Member Registration from Lattice Assumptions
  • Citing Article
  • September 2021

Theoretical Computer Science

... Recent research has prioritized the development and evaluation of recommender systems, with explainability emerging as a critical component to increasing user trust and understanding-studies such as those by Pai et al. (2022) and Lobner et al. (2021) have shown that explainability improves transparency and system effectiveness by enabling more informed adjustments. This approach resonates with our findings, where integrating explainability techniques, such as LIME and SHAP, has significantly improved our recommender systems' precision and user satisfaction and enhanced the overall system performance. ...

Explainable Machine Learning for Default Privacy Setting Prediction

IEEE Access

... The IUIPC construct has been used in various contexts, such as Internet of Things [51], Internet transactions [39], and mobile apps [59]. Furthermore, it has recently been re-evaluated in several studies [54,55]. But so far it had not been applied to a PET such as an anonymization service. ...

Open Materials Discourse: Re-Evaluating Internet Users' Information Privacy Concerns: The Case in Japan
  • Citing Article
  • November 2020

... This approach adheres to the standard procedure for identity management, which involves the use of a Certification Authority (CA). Hyperledger Fabric features an implementation of the CA Server that provides services for identity registration, enrollment, and certificate management [60]. ...

Cross-Certification Towards Distributed Authentication Infrastructure: A Case of Hyperledger Fabric

IEEE Access