Polynomials are called permutation polynomials if they induce bijective functions. This paper investigates algebraic properties of permutation polynomials over a finite field, especially properties associated with permutation cycles. A permutation polynomial has a simple structure but good randomness properties suitable for applications. The cycle structure of permutations are considered to be related to randomness. We investigate the algebraic structure from the viewpoint of randomness. First we show the relationship between polynomials and permutations using a matrix equation. Then, we give a general form of a permutation polynomial corresponding to a product C1C2Ck of pairwise disjoint cycles. Finally, permutation polynomials with fixed points -or with 2, 3 and 4-cycles -and their compositions are given together with distribution of degree of the permutation polynomials.

In this paper, we investigate two receiver structures for spatially multiplexed transmission on MIMO frequency selective fading channels. Those receivers compensate the IAI (Inter-Antenna Interference) and ISI (Inter-Symbol Interference) in the time domain. We first propose the MIMO sequential equalizer in which the block of several receives symbols is processed symbol by symbol by MLD (Maximum Likelihood Detection). Next we investigate the MIMO MLSE (Maximum Likelihood Sequence Estimation) receiver in which the terminated block trellis is decoded by the Viterbi algorithm. The bit error rates of two time domain receivers are examined through computer simulations and we also compare their BER characteristics to those of the conventional MIMO SC-FDE.

In indoor localization using sensor networks, performance improvements are required for non-line-of-sight (NLOS) environments in which the estimation error is high. NLOS mitigation schemes involve the detection and elimination of the NLOS measurements. The iterative minimum residual (IMR) scheme, which is often applied to the localization scheme using the time of arrival (TOA), is commonly employed for this purpose. The IMR scheme is a low-complexity scheme and its NLOS detection performance is relatively high. However, when there are many NLOS nodes in a sensor field, the NLOS detection error of the IMR scheme increases and the estimation accuracy deteriorates. Therefore, we propose a new scheme that exploits coarse NLOS detection based on stochastic characteristics prior to the application of the IMR scheme to improve the localization accuracy. Improved performances were confirmed in two NLOS channel models by performing numerical simulations.

In the fifth-generation mobile communications system (5G), it is critical to ensure wireless security as well as large-capacity and high-speed communication. To achieve this, a chaos modulation method as an encrypted and channel-coded modulation method in the physical layer is proposed. However, in the conventional chaos modulation method, the decoding complexity increases exponentially with respect to the modulation order. To solve this problem, in this study, a hybrid modulation method that applies quadrature amplitude modulation (QAM) and chaos to reduce the amount of decoding complexity, in which some transmission bits are allocated to QAM while maintaining the encryption for all bits is proposed. In the proposed method, a low-complexity decoding method is constructed by ordering chaos and QAM symbols based on the theory of index modulation. Numerical results show that the proposed method maintains good error-rate performance with reduced decoding complexity and ensures wireless security.

With the increasing demand for services provided by communication networks, quality and reliability of such services as well as confidentiality of data transfer are becoming ones of the highest concerns. At the same time, because of growing hacker's activities, quality of provided content and reliability of its continuous delivery strongly depend on integrity of data transmission and availability of communication infrastructure, thus on information security of a given IT landscape. But, the amount of resources allocated to provide information security (like security staff, technical countermeasures and etc.) must be reasonable from the economic point of view. This fact, in turn, leads to the need to employ a forecasting technique in order to make planning of IT budget and short-term planning of potential bottlenecks. In this paper we present an approach to make such a forecasting for a wide class of information security related incidents (ISRI) -- unambiguously detectable ISRI. This approach is based on different auto regression models which are widely used in financial time series analysis but can not be directly applied to ISRI time series due to specifics related to information security. We investigate and address this specifics by proposing rules (special conditions) of collection and storage of ISRI time series, adherence to which improves forecasting in this subject field. We present an application of our approach to one type of unambiguously detectable ISRI -- amount of spam messages which, if not mitigated properly, could create additional load on communication infrastructure and consume significant amounts of network capacity. Finally we evaluate our approach by simulation and actual measurement.

By using Password-based Authenticated Key Exchange (PAKE), a server can authenticate a user who has only the same password shared with the server in advance and establish a session key with the user simultaneously. However, in the real applications, we may have a situation where a user needs to share a session key with server A, but the authentication needs to be done by a different server B that shares the password with the user. Further, to achieve higher security on the server side, it may be required to make PAKE tolerant of a server breach by having multiple authentication servers. To deal with such a situation, Abdalla et al. proposed a variant of PAKE called Gateway Threshold PAKE (GTPAKE) where a gateway corresponds to the aforementioned server A being an on-line service provider and also a potential adversary that may try to guess the passwords. However, the schemes of Abdalla et al. turned out to be vulnerable to Undetectable On-line Dictionary Attack (UDonDA). In this paper, we propose the first GTPAKE provably secure against UDonDA, and in the security analysis, we prove that our GTPAKE is secure even if an adversary breaks into parts of multiple authentication servers.

A permutation cipher scheme using polynomials over a field is presented. A permutation as well as substitution plays a major role in almost all conventional cryptosystems. But the security of the permutation depends on how symbols are permuted. This paper proposes the use of polynomials for the permutation and show that the scheme satisfies the following security criteria. (1) There are enough encryption keys to defend exhaustive attacks. (2) The permutation moves almost all samples into places which are different from the original places. (3) Most samples are shifted differently by different permutations. The permutation cipher scheme could be regarded as a scheme based on Reed-Solomon codes. The information symbols of the codes compose a key of the permutation cipher scheme.

Orthogonal frequency division multiple access (OFDMA) is adopted as a multiuser access scheme in recent cellular systems such as long term evolution (LTE) and WiMAX. In those systems, the performance improvement on cell-edge users is crucial to provide high-speed services. We propose a new resource allocation scheme based on multiple input multiple output – orthogonal frequency division multiple access – code division multiplexing (MIMO-OFDMA-CDM) to achieve performance improvements in terms of cell-edge user throughput, bit error rate, and fairness among users. The proposed scheme adopts code division multiplexing for MIMO-OFDMA and a modified proportional fairness algorithm for CDM, which enables the fairness among users and a higher throughput. The performance improvements are clarified by theoretical analysis and simulations.

In this paper, we propose a fast signature scheme which realizes short transmissions and minimal on-line computation. Our scheme requires a modular exponentiation as preprocessing (i.e., off-line computation). However, we need to acknowledge the existance of the following remarkable properties: neither multiplication nor modular reduction is used in the actual signature generation (i.e., on-line computation). Our scheme requires only two operations: hashing and addition. Although some fast signature schemes with small on-line computation have been proposed so far, those schemes require multiplication or modular reduction in the on-line phase. This leads to a large amount of work compared to that of addition. As far as we know, this is the first approach to obtain the fast signature without those two calculus methods.

We observe a natural generalisation of the ate and twisted ate pairings, which allow for performance improvements in non standard applications of pairings to cryptography like composite group orders. We also give a performance comparison of our pairings and the Tate, ate and twisted ate pairings for certain polynomial families based on operation count estimations and on an implementation, showing that our pairings can achieve a speedup of a factor of up to two over the other pairings.

Many Ziv-Lempel algorithms have a similar property, that is, slow encoding and fast decoding. This paper proposes a simple improved Ziv-Lempel algorithm to encode a large amount of data quickly as well as compactly by using multiple-processor system.

Methods that precisely compensate for propagation distortion using pilot symbols are widely used in mobile communications. We describe such a pilot-symbol-assisted technique for precise compensation of flat fading and frequency offset. This technique provides a wide range of offset compensation. Conventional methods using fast Fourier transform (FFT) compensate for both slow and fast fading, but their tolerable range of frequency offset is very limited. By composing a system with an approximate frequency estimator, we can estimate and compensate for fading and a large frequency offset at the same time. The estimation and compensation are carried out by periodic pilot symbols and no other index sequences are needed. This method enables high-data-rate transmission. We describe the method and provide a theoretical analysis for the compensable range of fading and frequency offset for a transmission frame structure with pilot symbols. Then, we evaluate the method by computer simulation.

In this paper authorization-limited transformation-free proxy cryptosystems (AL-TFP systems) are studied. It is a modification of the original proxy cryptosystem introduced by Mambo et al.[8] in which a ciphertext transformation by the original decryptor is necessary, and also a modification of the delegated decryption system proposed by Mu et al.[10]. In both systems proposed in [8] and [10], the original decryptors have to trust their proxies completely. The AL-TFP system allows the proxy decryptor to do decryption directly without any ciphertext transformation from the original decryptor, so that it can release the original decryptor more efficiently from a large amount of decrypting operations. Moreover, the original decryptor's privacy can be protected efficiently because the authority of proxy decryptor is limited to his duty and valid period. An active identity-based and a directory-based AL-TFP systems from pairings are proposed. Furthermore, an application of directory-based AL-TFP system to electronic commerce is also described. The securities of our schemes introduced are based on the BDH assumption.

Computer viruses, hackers, intrusions and ther computer crimes have recently become a serious security problem in information systems. Digital signatures are useful to defend against these threats, especially against computer viruses. This is because a modification of a file can be detected by checking the consistency of the originai file with its accompanying digital signature. But an executable program might have been infected with the viruses before the signature was created. In this case, the infection cannot be detected by signature verification and the origin of the infection cannot be specified either. In this paper, we propose a signature scheme in which one can sign right after the creation of an executable program. That is, when a user compiles a source program, the compiler automatically creates both the executable program and its signature. Thus viruses cannot infect the executable programs without detection. Moreover, we can specify the creator of contaminated executable programs. In our signature scheme, a signature is created from a set of secret integers stored in a compiler, which is calculated from a compiler-maker's secret key. Each compiler is possessed by only one user and it is used only when a secret value is fed into it. In this way a signature of an executable program and the compiler-owner are linked to each other. Despite these measures, an executable program could run abnormally because of an infection in prepro-cessing step, e.g. an infection of library files or included files. An infection of these files is detected by ordinary digital signatures. The proposed signature scheme together with digital signature against infection in the preprocessing step enables us to specify the origin of the infection. The name of the signature creator is not necessary for detecting an infection. So, an owner's public value is not searched in our scheme, and only a public value of a compiler-maker is required for signature verification. Furthermore, no one can use a compiler owned by another to create a proper signature.

In this paper a new type of public-key cryptosystem, proxy cryptosystem, is studied. The proxy cryptosystem allows an original decryptor to transform its ciphertext to a ciphertext for a designated decryptor, proxy decryptor. Once the ciphertext transformation is executed, the proxy decryptor can compute a plaintext in place of the original decryptor. Such a cryptosystem is very useful when an entity has to deal with large amount of decrypting operation. The entity can actually speed-up the decrypting operation by authorizing multiple proxy decyptors. Concrete proxy cryptosystems are constructed for the ElGamal cryptosystem and the RSA cryptosystem. A straightforward construction of the proxy cryptosystem is given as follows. The original decryptor decrypts its ciphertext and re-encrypts an obtained plaintext under a designated proxy decryptor's public key. Then the designated proxy decryptor can read the plaintext. Our constructions are more efficient than such consecutive execution of decryption and re-encryption. Especially, the computational work done by the original decryptor is reduced in the proxy cryptosystems.

Sensor networks, in which many small terminals are wirelessly connected, have recently received considerable interest according to the development of wireless technology and electronic circuit. To provide advanced applications and services by the sensor networks, data collection including node location is essential. Hence the location estimation is important and many localization schemes have been proposed. Time of arrival (TOA) localization is one of the popular schemes because of its high estimation accuracy in ultra wide-band (UWB) sensor networks. However, a non-line-of-sight (NLOS) environment between the target and the anchor nodes causes a serious estimation error because the time is delayed more than its true one. Thus, the NLOS nodes should be detected and eliminated for estimation. As a well-known NLOS detection scheme, an iterative minimum residual (IMR) scheme which has low calculation complexity is used for detection. However, the detection error exists in IMR scheme due to the measurement error. Therefore, in this paper, we propose a new IMR-based NLOS detection scheme and show its performance improvement by computer simulations.

In recent years, there has been significant interest in information-theoretic security techniques that encrypt physical layer signals. We have proposed chaos modulation, which has both physical layer security and channel coding gain, as one such technique. In the chaos modulation method, the channel coding gain can be increased using a turbo mechanism that exchanges the log-likelihood ratio (LLR) with an external concatenated code using the max-log approximation. However, chaos modulation, which is a type of Gaussian modulation, does not use fixed mapping, and the distance between signal points is not constant; therefore, the accuracy of the max-log approximated LLR degrades under poor channel conditions. As a result, conventional methods suffer from performance degradation owing to error propagation in turbo decoding. Therefore, in this paper, we propose a new LLR clipping method that can be optimally applied to chaos modulation by limiting the confidence level of LLR and suppressing error propagation. For effective clipping on chaos modulation that does not have fixed mappings, the average confidence value is obtained from the extrinsic LLR calculated from the demodulator and decoder, and clipping is performed based on this value, either in the demodulator or the decoder. Numerical results indicated that the proposed method achieves the same performance as the one using the exact LLR, which requires complicated calculations. Furthermore, the security feature of the proposed system is evaluated, and we observe that sufficient security is provided.

We propose a novel channel model of satellite-to-ground optical transmission to achieve a global-scale high-capacity communication network. In addition, we compose an effective channel coding scheme based on low-density generator matrix (LDGM) code suitable for that channel. Because the first successful optical satellite communication demonstrations are quite recent, no practical channel model has been introduced. We analyze the results of optical transmission experiments between ground station and the Optical Inter-orbit Communications Engineering Test Satellite (OICETS) performed by NICT and JAXA in 2008 and propose a new Markov-based practical channel model. Furthermore, using this model we design an effective long erasure code (LEC) based on LDGM to achieve high-quality wireless optical transmissions.

Broadcasting with secrecy of messages is important in a situation such as pay television. In pay television only a broadcasting station broadcasts a message. On the other hand, broadcast communication is also important. Broadcast communication means any user in a whole group can broadcast a message to any subset of the group. In this paper the efficiency of secure broadcast communication is discussed in terms of the length of messages sent and the encryption speed. We prove that the length of the broadcast messages is not kept less than O(n), where n is the number of receivers, when a broadcast system has a form of a single system which is defined as the generalized form of an individual key method and a master key method. In contrast, the proposed secure broadcast communication method, a multi-dimension method, keeps the length of messages sent O(mmn), where m is the number of the dimension used in the multi-dimension method. At the same time the encryption speed was reduced from O(n(log(n+C2)+C3)) of the master key method to O(mn(logmn+C1)) of the multi-dimension method.

Cryptographic protocols enable participating parties to compute any function of their inputs without leaking any information beyond the output. A card-based protocol is a cryptographic protocol implemented by physical cards. In this paper, for constructing protocols with small numbers of shuffles, we introduce a new type of cards, regular polygon cards, and a new protocol, oblivious conversion. Using our cards, we construct an addition protocol on non-binary inputs with only one shuffle and two cards. Furthermore, using our oblivious conversion protocol, we construct the first protocol for general functions in which the number of shuffles is linear in the number of inputs.