分散型SNSプロトコルNostrの安全性評価

木村 隼人; 五十部 孝典

Presentation	2023-07-25 Security Analysis on Nostr protocol for decentralized SNS Hayato Kimura, Takanori Isobe,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	Nostr is a protocol for distributed social networking services (SNS) characterized by being Simple, Resilient, and Verifiable. In this paper, we analyze the specification of the Nostr protocol from a cryptographic point of view and find vulnerabilities. For the first contribution, we report (1) block list bypassing, (2) impersonation using similar IDs (user public keys), (3, 4) breaking profiles, and contact list integrity, and (5) sniffing DM and tampering it. As a second contribution, we report potential problems in (i) the Nostr ecosystem, (ii) potential DM tampering issues, and (iii) lack of censorship resistance.
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	Nostr / Decentralized SNS / E2EE / cryptographic-protocol
Paper #	ISEC2023-51,SITE2023-45,BioX2023-54,HWS2023-51,ICSS2023-48,EMM2023-51
Date of Issue	2023-07-17 (ISEC, SITE, BioX, HWS, ICSS, EMM)

Conference Information
Committee	EMM / BioX / ISEC / SITE / ICSS / HWS / IPSJ-CSEC / IPSJ-SPT
Conference Date	2023/7/24(2days)
Place (in Japanese)	(See Japanese page)
Place (in English)	Hokkaido Jichiro Kaikan
Topics (in Japanese)	(See Japanese page)
Topics (in English)
Chair	Michiharu Niimi(Kyushu Inst. of Tech.) / hironobu Takano(Toyama Prefectural Univ.) / Goichiro Hanaoka(AIST) / Takushi Otani(Kibi International Univ.) / Daisuke Inoue(NICT) / Daisuke Suzuki(Mitsubishi Electric)
Vice Chair	Kotaro Sonoda(Nagasaki Univ.) / Hyunho Kang(NIT, Tokyo) / Norihiro Okui(KDDI Research) / Emiko Sano(Kubota) / Junji Shikata(Yokohama National Univ.) / Shinsaku Kiyomoto(KDDI Research) / Soichiro Morishita(Cyber Agent) / Takeo Tatsumi(Open Univ. of Japan) / Akira Yamada(Kobe Univ.) / Toshihiro Yamauchi(Okayama Univ.) / Yuichi Hayashi(NAIST) / Toru Akishita(Sony Semiconductor Solutions)
Secretary	Kotaro Sonoda(Hiroshima City Univ.) / Hyunho Kang(Osaka Inst. of Tech.) / Norihiro Okui(NEC) / Emiko Sano(Gunma Univ) / Junji Shikata(AIST) / Shinsaku Kiyomoto(Toshiba) / Soichiro Morishita(NRI-Secure) / Takeo Tatsumi(Fukuoka Inst. of Tech.) / Akira Yamada(Mitsubishi Electric) / Toshihiro Yamauchi(Univ. of Electro-Comm.) / Yuichi Hayashi(Sony Semiconductor Solutions) / Toru Akishita(AIST)
Assistant	Naofumi Aoki(Hokkaido Univ.) / Kazuaki Nakamura(Tokyo Univ. of Science) / Tomokazu Kawahara(Toshiba) / Shinichi Shirakawa(Yokohama National Univ.) / Hiroki Okada(KDDI Research) / Yusuke Kaneko(Japan Research Institute) / Yo Kanemoto(NTT) / Masaya Sato(Okayama Prefectural Univ.)

Paper Information
Registration To	Technical Committee on Enriched MultiMedia / Technical Committee on Biometrics / Technical Committee on Information Security / Technical Committee on Social Implications of Technology and Information Ethics / Technical Committee on Information and Communication System Security / Technical Committee on Hardware Security / Special Interest Group on Computer Security / Special Interest Group on Security Psychology and Trust
Language	JPN
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	Security Analysis on Nostr protocol for decentralized SNS
Sub Title (in English)
Keyword(1)	Nostr
Keyword(2)	Decentralized SNS
Keyword(3)	E2EE
Keyword(4)	cryptographic-protocol
1st Author's Name	Hayato Kimura
1st Author's Affiliation	University of Hyogo(Univ. Hyogo)
2nd Author's Name	Takanori Isobe
2nd Author's Affiliation	University of Hyogo(Univ. Hyogo)
Date	2023-07-25
Paper #	ISEC2023-51,SITE2023-45,BioX2023-54,HWS2023-51,ICSS2023-48,EMM2023-51
Volume (vol)	vol.123
Number (no)	ISEC-129,SITE-130,BioX-131,HWS-132,ICSS-133,EMM-134
Page	pp.pp.239-246(ISEC), pp.239-246(SITE), pp.239-246(BioX), pp.239-246(HWS), pp.239-246(ICSS), pp.239-246(EMM),
#Pages	8
Date of Issue	2023-07-17 (ISEC, SITE, BioX, HWS, ICSS, EMM)