Card-based cryptographic protocols provide secure multi-party computations using a deck of physical cards. The most important primitive of those protocols is the shuffling operation, and most of the existing protocols rely on uniform cyclic shuffles (such as the random cut and random bisection cut) in which each possible outcome is equally likely and all possible outcomes constitute a cyclic subgroup. However, a couple of protocols with non-uniform and/or non-cyclic shuffles were proposed by Koch, Walzer, and Härtel at Asiacrypt 2015. Compared to the previous protocols, their protocols require fewer cards to securely produce a hidden AND value, although to implement of such unconventional shuffles appearing in their protocols remains an open problem. This paper introduces “pile-shifting scramble,” which can be a secure implementation of those shuffles. To implement such unconventional shuffles, we utilize physical cases that can store piles of cards, such as boxes and envelopes. Therefore, humans are able to perform the shuffles using these everyday objects. Furthermore, we show that a certain class of non-uniform and/or non-cyclic shuffles having two possible outcomes can be implemented by the pile-shifting scramble. This also implies that we can improve upon the known COPY protocol using three card cases so that the number of cases required can be reduced to two.

In the research area of card-based secure computation, one of the long-standing open problems is a problem proposed by Crépeau and Kilian at CRYPTO 1993. This is to develop an efficient protocol using a deck of physical cards that generates uniformly at random a permutation with no fixed points (called a derangement), where the resulting permutation must be secret against the parties in the protocol. All the existing protocols for the problem have a common issue of lacking a guarantee to halt within a finite number of steps. In this paper, we investigate feasibility and infeasibility for the problem where both a uniformly random output and a finite runtime is required. First, we propose a way of reducing the original problem, which is to sample a uniform distribution over an inefficiently large set of the derangements, to another problem of sampling a non-uniform distribution but with a significantly smaller underlying set. This result will be a base of a new approach to the problem. On the other hand, we also give (assuming the abc conjecture), under a certain formal model, an asymptotic lower bound of the number of cards for protocols solving the problem using uniform shuffles only. This result would give a supporting evidence for the necessity of dealing with non-uniform distributions such as in the aforementioned first part of our result.

We consider a problem, which we call secure grouping, of dividing a number of parties into some subsets (groups) in the following manner: Each party has to know the other members of his/her group, while he/she may not know anything about how the remaining parties are divided (except for certain public predetermined constraints, such as the number of parties in each group). In this paper, we construct an information-theoretically secure protocol using a deck of physical cards to solve the problem, which is jointly executable by the parties themselves without a trusted third party. Despite the non-triviality and the potential usefulness of the secure grouping, our proposed protocol is fairly simple to describe and execute. Our protocol is based on algebraic properties of conjugate permutations. A key ingredient of our protocol is our new techniques to apply multiplication and inverse operations to hidden permutations (i.e., those encoded by using face-down cards), which would be of independent interest and would have various potential applications.

Kreyvium is a NLFSR-based stream cipher which is oriented to homomorphic-ciphertext compression. This is a variant of Trivium with 128-bit security. Designers have evaluated the security of Kreyvium and concluded that the resistance of Kreyvium to the conditional differential cryptanalysis is at least the resistance of Trivium, and even better. However, we consider that this attack is effective for reduced Kreyvium due to the structure of it. This paper shows the conditional differential cryptanalysis for Kreyvium, and we propose distinguishing and key recovery attacks. We show how to arrange differences and conditions to obtain good higher-order conditional differential characteristics. We use two types of higher-order conditional differential characteristics to find a distinguisher, e.g. the bias of higher-order conditional differential characteristics of a keystream and the probabilistic bias of them. In the first one, we obtain the distinguisher on Kreyvium with 730 rounds from 20-th order characteristics. In the second one, we obtain the distinguisher on Kreyvium with 899 rounds from 25-th order conditional differential characteristics. Moreover, we show the key recovery attack on Kreyvium with 736 rounds from 20-th order characteristics. We experimentally confirm all our attacks. The second distinguisher shows that we can obtain the distinguisher on Kreyvium with more rounds than the distinguisher on Trivium. Therefore, Kreyvium has a smaller security margin than Trivium for the conditional differential cryptanalysis.

Image quality assessment (IQA) is an inherent problem in the field of image processing. Recently, deep learning-based image quality assessment has attracted increased attention, owing to its high prediction accuracy. In this paper, we propose a fully-blind and fast image quality predictor (FFIQP) using convolutional neural networks including two strategies. First, we propose a distortion clustering strategy based on the distribution function of intermediate-layer results in the convolutional neural network (CNN) to make IQA fully blind. Second, by analyzing the relationship between image saliency information and CNN prediction error, we utilize a pre-saliency map to skip the non-salient patches for IQA acceleration. Experimental results verify that our method can achieve the high accuracy (0.978) with subjective quality scores, outperforming existing IQA methods. Moreover, the proposed method is highly computationally appealing, achieving flexible complexity performance by assigning different thresholds in the saliency map.

Electrical contacts are separated at constant speed and break arcs are generated in nitrogen or air in a 200V-450VDC/10A resistive circuit. The break arcs are extinguished by magnetic blow-out. Arc duration for the silver and copper contact pairs is investigated for each supply voltage. Following results are shown. The arc duration for Cu contacts in nitrogen is the shortest. For Cu contacts, the arc dwell time in air was considerably longer than that of nitrogen. For Ag contacts, the arc duration in nitrogen was almost the same as that in air.

In a local region of a color image, the color distribution often takes the form of a linear line in the RGB space. This property is called “Color Line” and we propose a denoising method based on this property. When a noise is added on an image, its color distribution spreads from the Color Line. The denoising is achieved by reducing the spread. In conventional methods, Color Line is assumed to be only a single line, but actual distribution takes various shapes such as a single line, two lines, and a plane and so on. In our method, we estimate the distribution in more detail using plane approximation and denoise each patch by reducing the spread depending on the Color Line types. In this way, we can achieve better denoising results than a conventional method.

In small-aperture high frequency surface wave radar, the main-lobe clutter all can be seen as a more severe space spread clutter under the influence of the smaller array aperture. It compromises the detection performance of moving vessels, especially when the target is submerged in the clutter. To tackle this issue, an improved spread clutter estimated canceller, combining spread clutter estimated canceller, adaptive selection strategy of the optimal training samples and rotating spatial beam method, is presented to suppress main-lobe clutter in both angle domain and range domain. According to the experimental results, the proposed algorithm is shown to have far superior clutter suppression performance based on the real data.

The output feedback consensus problem of nonlinear multi-agent systems under a directed network with a time varying communication delay is studied. In order to deal with this problem, the dynamic output feedback controller with an additional low gain parameter that compensates for the effect of nonlinearity and a communication delay is proposed. Also, it is shown that under some assumptions, the proposed controller can always solve the output feedback consensus problem even in the presence of an arbitrarily large communication delay.

Generalized approximate message passing (GAMP) can be applied to compressive phase retrieval (CPR) with excellent phase-transition behavior. In this paper, we introduced the cartoon-texture model into the denoising-based phase retrieval GAMP(D-prGAMP), and proposed a cartoon-texture model based D-prGAMP (C-T D-prGAMP) algorithm. Then, based on experiments and analyses on the variations of the performance of D-PrGAMP algorithms with iterations, we proposed a 2-stage D-prGAMP algorithm, which makes tradeoffs between the C-T D-prGAMP algorithm and general D-prGAMP algorithms. Finally, facing the non-convergence issues of D-prGAMP, we incorporated adaptive damping to 2-stage D-prGAMP, and proposed the adaptively damped 2-stage D-prGAMP (2-stage ADD-prGAMP) algorithm. Simulation results show that, runtime of 2-stage D-prGAMP is relatively equivalent to that of BM3D-prGAMP, but 2-stage D-prGAMP can achieve higher image reconstruction quality than BM3D-prGAMP. 2-stage ADD-prGAMP spends more reconstruction time than 2-stage D-prGAMP and BM3D-prGAMP. But, 2-stage ADD-prGAMP can achieve PSNRs 0.2∼3dB higher than those of 2-stage D-prGAMP and 0.3∼3.1dB higher than those of BM3D-prGAMP.

High-performance Network Over Coax, or HINOC for short, is a broadband access technology that can achieve bidirectional transmission for high-speed Internet service through a coaxial medium. In HINOC access networks, buffer management scheme can improve the fairness of buffer usage among different output ports and the overall loss performance. To provide different services to multiple priority classes while reducing the overall packet loss rate and ensuring fairness among the output ports, this study proposes a QoS optimization method for access networks. A backpressure-based queue threshold control scheme is used to minimize the weighted average packet loss rate among multiple priorities. A theoretical analysis is performed to examine the performance of the proposed scheme, and optimal system parameters are provided. Software simulation shows that the proposed method can improve the average packet loss rate by about 20% to 40% compared with existing buffer management schemes. Besides, FPGA evaluation reveals that the proposed method can be implemented in practical hardware and performs well in access networks.

We consider a device-to-device (D2D) underlaid cellular network where D2D communications are allowed to share the same radio spectrum with cellular uplink communications for improving spectral efficiency. However, to protect the cellular uplink communications, the interference level received at a base station (BS) from the D2D communications needs to be carefully maintained below a certain threshold, and thus the BS coordinates the transmit power of the D2D links. In this paper, we investigate on-off power control for the D2D links, which is known as a simple but effective technique due to its low signaling overhead. We first investigate the optimal on-off power control algorithm to maximize the sum-rate of the D2D links, while satisfying the interference constraint imposed by the BS. The computational complexity of the optimal algorithm drastically increases with D2D link number. Thus, we also propose an on-off power control algorithm to significantly reduce the computational complexity, compared to the optimal on-off power control algorithm. Extensive simulations validate that the proposed algorithm significantly reduces the computational complexity with a marginal sum-rate offset from the optimal algorithm.

Managing SaaS systems requires administrators to monitor and analyze diverse types of log data collected from a variety of components such as applications and IT resources. Integrated monitoring systems, enabled with datastore capable of storing and query-based processing of semi-structured data (e.g., NOSQL - some specific document database), is a promising solution that can store and query any type of log data with a single unified set of management panes. However, due to the increasing scale of SaaS systems and their long service lives, integrated monitoring systems have faced the problems in response times of log analysis and storage consumption for logs. In this present work, we solve the problems by developing an efficient log management method for SaaS systems. Our empirical observation is that the problems are primarily derived from the unselective log processing of datastore, whereas there should be heterogeneities in log data that we can take advantage of for efficient log management. Based on this observation, we first confirm this insight by investigating the usage patterns of log data in a quantitative manner with an actual dataset of log access histories obtained from a SaaS system serving tens of thousands of enterprise users over the course of more than 1.5 years. We show that there are heterogeneities in required retention period of logs, response time of log analysis, and amount of data, and the heterogeneities depend on log data category and its analysis scenario. Armed with the evidence of the heterogeneities in log data and the usage patterns found from the investigation, we design a methodology of context-aware log data management, key features of which are to speculatively pre-cache the result of log analysis and to proactively archive log data, depending on log data category and analysis scenario. Evaluation with a prototype implementation shows that the proposed method reduces the response time by 47% compared to a conventional method and the storage consumption by approximately 40% compared to the original log data.

This paper presents a meta-structured circular polarized array antenna with wide scan angle. In order to widen the scanning angle of array antennas, this paper investigates unit antenna beamwidth and the coupling effects between array elements, both of which directly affect the steering performance. As a result, the optimal array distance, the mode configuration, and the antenna structure are elucidated. By using the features of the miniaturized mu-zero resonance (MZR) antenna, it is possible to design the antenna at optimum array distance for wide beamwidth. In addition, by modifying via position and gap configuration of the antenna, it is possible to optimize the mode configuration for optimal isolation. Finally, the 3dB steerable angle of 66° is successfully demonstrated using a 1x8 MZR CP antenna array without any additional decoupling structure. The measured beam patterns at a scan angle of 0°, 22°, 44°, and 66°agree well with the simulated beam patterns.

For general multiple-input multiple-output (MIMO) interference networks, determining the feasibility conditions of interference alignment (IA) to achieve the maximum degree of freedom (DoF), is tantamount to accessing the maximum spatial resource of MIMO systems. In this paper, from the view of antenna configuration, we first explore the IA feasibility in the K-user MIMO interference channel (IC), G-cell MIMO interference broadcast channel (IBC) and interference multiple access channel (IMAC). We first give the concept of the equalized antenna, and all antenna configurations are divided into two categories, equalized antennas and non-equalized ones. The feasibility conditions of IA system with equalized antennas are derived, and the feasible and infeasible regions are provided. Furthermore, we study the correlations among IC, IBC and IMAC. Interestingly, the G-cell MIMO IBC and IMAC are two special ICs, and a systemic work on IA feasibility for these three interference channels is provided.

The micro-mechanism of molten pool and metal droplet sputtering are significant to the material erosion caused by breaking or making arcs especially for high-power switching devices. In this paper, based on Navier-Stokes equations for incompressible viscous fluid and potential equation for electric field, a 2D axially symmetric simplified hydrodynamic model was built to describe the formation of the molten metal droplet sputtering and molten pool under arc spot near electrode region. The melting process was considered by the relationship between melting metal volumetric percentage and temperature, a free surface of liquid metal deformation was solved by coupling moving mesh and the automatic re-meshing. The simulated metal droplet sputtering and molten pool behaviors are presented by the temperature and velocity distribution sequences. The influence mechanism of pressure distribution and heat flux on the formation of molten pool and metal droplet sputtering has been analyzed according to the temperature distribution and sputtering angles. Based on the simulation results, we can distinguish two different models of the molten metal droplet sputtering process: edge ejection and center ejection. Moreover, a new explanation is proposed based on calculated results with arc spot pressure distribution in the form of both unimodal and bimodal. It shows that the arc spot pressure distribution plays an important role in the metal droplet ejected from molten pool, the angle of the molten jet drop can be decreased along with the increment of the arc spot pressure.

An equivalent circuit of Yee's cells is proposed for mixed electromagnetic and circuit simulations. Using the equivalent circuit, a mixed electromagnetic and circuit simulator can be developed, in which the electromagnetic field and circuit responses are simultaneously analyzed. Representing the electromagnetic system as a circuit, active and passive device models in a circuit simulator can be used for the mixed simulations without any modifications. Hence, the propose method is very useful for designing various electronic systems. To evaluate the mixed simulations with the equivalent circuit, two implementations with shared or distributed memory computer system are presented. In the numerical examples, we evaluate the performances of the prototype simulators to demonstrate the effectiveness.

The authors have proposed a multi-value sequence called an NTU sequence which is generated by a trace function and the Legendre symbol over a finite field. Most of the properties for NTU sequence such as period, linear complexity, autocorrelation, and cross-correlation have been theoretically shown in our previous work. However, the distribution of digit patterns, which is one of the most important features for security applications, has not been shown yet. In this paper, the distribution has been formulated with a theoretic proof by focusing on the number of 0's contained in the digit pattern.

Vignetting is a common type of image degradation that makes peripheral parts of an image darker than the central part. Single-image devignetting aims to remove undesirable vignetting from an image without resorting to calibration, thereby providing high-quality images required for a wide range of applications. Previous studies into single-image devignetting have focused on the estimation of vignetting functions under the assumption that degradation other than vignetting is negligible. However, noise in real-world observations remains unremoved after inversion of vignetting, and prevents stable estimation of vignetting functions, thereby resulting in low quality of restored images. In this paper, we introduce a methodology of image restoration based on variational Bayes (VB) to devignetting, aiming at high-quality devignetting in the presence of noise. Through VB inference, we jointly estimate a vignetting function and a latent image free from both vignetting and noise, using a general image prior for noise removal. Compared with state-of-the-art methods, the proposed VB approach to single-image devignetting maintains effectiveness in the presence of noise, as we demonstrate experimentally.

Attribute-Based Encryption (ABE) is an advanced form of public-key encryption where access control mechanisms based on attributes and policies are possible. In conventional ABE, attributes are specified as strings. However, there are certain applications where it is useful to specify attributes as numerical values and consider a predicate that determines if a certain numerical range would include a certain value. Examples of these types of attributes include time, position coordinate, person's age, rank, identity, and so on. In this paper, we introduce ABE for boolean formulae over Range Membership (ABE-RM). We show generic methods to convert conventional ABE to ABE-RM. Our generic conversions are efficient as they introduce only logarithmic overheads (in key and ciphertext sizes), as opposed to trivial methods, which would pose linear overheads. By applying our conversion to previous ABE schemes, we obtain new efficient and expressive ABE-RM schemes. Previous works that considered ABE with range attributes are specific and can only deal with either a single relation of range membership (Paterson and Quaglia at SCN'10, and Kasamatsu et al. at SCN'12), or limited classes of policies, namely, only AND-gates of range attributes (Shi et al. at IEEE S&P'07, and some subsequent work). Our schemes are generic and can deal with expressive boolean formulae.