RC4 stream cipher, designed by Rivest in 1987, is widely used in various standard protocols and commercial applications. After the disclosure of RC4 algorithm in 1994, many cryptanalytic results on RC4 have been reported. In 1996, Jenkins discovered correlations between a keystream byte and an internal state variable. This is known as the Glimpse theorem. In 2013, Maitra and Sen Gupta proved the Glimpse theorem and showed other correlations between two consecutive keystream bytes and an internal state variable. This is called the long-term Glimpse. These correlations provide only cases with positive biases, and hold generally on any round. In this paper, we refine known Glimpse correlations from two aspects. One is to find new positive or negative biases on all values in addition to a known value. The other is to provide precise biases on specific rounds. As a result, we can discover 6 cases with several new biases, and prove these cases theoretically. From the first refinement, combining our new biases with known one, the long-term Glimpse with positive biases is integrated into a whole. From the second refinement, we can successfully find that two correlations on specific rounds become an impossible condition.

HMAC is the most widely used hash based MAC scheme. Recently, several generic attacks have been presented against HMAC with a complexity between 2n/2 and 2n, where n is the output size of an underlying hash function. In this paper, we investigate the security of strengthened HMAC instantiated with a Merkle-Damgård hash function in which the key is used to process underlying compression functions. With such a modification, the attacker is unable to precompute the property of the compression function offline, and thus previous generic attacks are prevented. In this paper, we show that keying the compression function in all blocks is necessary to prevent a generic internal state recovery attack with a complexity less than 2n. In other words, only with a single keyless compression function, the internal state is recovered faster than 2n. To validate the claim, we present a generic attack against the strengthened HMAC instantiated with a Merkle-Damgård hash function in which only one block is keyless, thus pre-computable offline. Our attack uses the previous generic attack by Naito et al. as a base. We improve it so that the attack can be applied only with a single keyless compression function while the attack complexity remains unchanged from the previous work.

Recently, many neural networks have been proposed for radar sea clutter suppression. However, they have poor performance under the condition of low signal to interference plus noise ratio (SINR). In this letter, we put forward a novel method to detect a small target embedded in sea clutter based on an optimal filter. The proposed method keeps the energy in the frequency cell under test (FCUT) invariant, at the same time, it minimizes other frequency signals. Finally, detect target by judging the output SINR of every frequency cell. Compared with the neural networks, the algorithm proposed can detect under lower SINR. Using real-life radar data, we show that our method can detect the target effectively when the SINR is higher than -39dB which is 23dB lower than that needed by the neural networks.

We herein describe an autonomous peer discovery scheme for Device-to-Device (D2D) communications. With the increasing popularity of D2D communications, an efficient means of finding the neighboring node, i.e., peer discovery, is required. To this end, we propose a new autonomous peer discovery scheme that uses azimuth spread (AS), delay spread (DS), and shadow fading of the uplink pilot from each mobile station (MS). Given that AS, DS, and shadow fading are spatially correlated, nodes that have similar values must be neighbors. The proposed scheme filters out the MSs that are unlikely to be neighbors and uses the Kolmogorov-Smirnov (K-S) test to improve the accuracy of neighbor discovery. Unlike previous peer discovery schemes that incur additional signaling overheads, our proposal finds neighboring nodes by using the existing uplink pilot transmission from MSs such that neighboring peers can be found autonomously. Through analysis and simulation, we show that neighboring MSs can be found accurately with low latency.

We present a new cryptanalysis approach to analyze the security of a class of authenticated encryption schemes, which shares similarity with the previous length extension attack against hash-function-based MACs. Hence we name our approach by message extension attack. For an authenticated encryption from the target class, it consists of three phases; initialization with nonce and key as input, state update function with associated data and message as input and tag generation with updated state as input. We will show how to mount a forgery attack in the nonce-repeating model under the chosen-plaintext scenario, when both state update function and tag generation is built based on the same function. To demonstrate the effectiveness of our message extension attack approach, we apply it to a dedicated authenticated encryption called PANDA, which is a candidate of the ongoing CAESAR cryptographic competition. We successfully found an existential forgery attack on PANDA with 25 chosen plaintexts, 264 computations, and a negligible memory, and it breaks the claimed 128-bit security for the nonce-repeating model. We note that this is the first result that breaks the security claim of PANDA, which makes it withdrawn from the CAESAR competition by its designer.

In 2000, Dimitrov, Jullien, and Miller proposed an efficient and simple double-exponentiation algorithm based on a signed-digit recoding algorithm. The average joint Hamming ratio (AJHR) was reduced from 0.556 to 0.534 by using the recoding algorithm. In this paper, the DJM recoding algorithm was extended to three types: the 3-digit sliding window, the 1-digit right-to-left sliding window, and the 1-digit left-to-right sliding window. The average joint Hamming ratios of the three cases were 0.521, 0.515, and 0.511, respectively.

This paper proposes a novel cooperative scheme combining distributed space-time block code (STBC) at physical layer, multiple access protocol at medium access control (MAC) layer and opportunistic routing without complicated routing algorithm for achieving high reliability for vehicle-to-vehicle (V2V) communications. The proposed scheme can reduce interference and collision, and achieve reducing redundant broadcast of safety-related messages for multi-hop vehicular communications on highway. In particular, we propose a novel algorithm of relay selection based-on position, speed and direction of movement to select intermediate vehicle stations (VS) with high contribution according to the transmission direction. Furthermore, in order to reduce interference and collision, we install a new timer to select a master relay vehicle station (MVS) which manages a packet transmission of whole network to trigger and synchronize transmitting timing of relay VSs (RVSs) in each hop. From the results of simulations, we can confirm that the proposed method can achieve reducing the redundant broadcast safety-related messages with keeping the packet loss probability by limiting the retransmission at each VS.

Explicit evaluation of the rate-distortion function has rarely been achieved when it is strictly greater than its Shannon lower bound since it requires to identify the support of the optimal reconstruction distribution. In this paper, we consider the rate-distortion function for the distortion measure defined by an ε-insensitive loss function. We first present the Shannon lower bound applicable to any source distribution with finite differential entropy. Then, focusing on the Laplacian and Gaussian sources, we prove that the rate-distortion functions of these sources are strictly greater than their Shannon lower bounds and obtain upper bounds for the rate-distortion functions. Small distortion limit and numerical evaluation of the bounds suggest that the Shannon lower bound provides a good approximation to the rate-distortion function for the ε-insensitive distortion measure. By using the derived bounds, we examine the performance of a scalar quantizer. Furthermore, we discuss variants and extensions of the ε-insensitive distortion measure and obtain lower and upper bounds for the rate-distortion function.

Autonomous driving is not only required to detect pedestrians around vehicles, but also expected to understand the behaviors of pedestrians. Pedestrian body orientation and head orientation are the relevant indicators of the pedestrian intention. This paper proposes an accurate estimation system to recognize the pedestrian body orientation and the pedestrian head orientation from on-board camera and inertial sensors. The proposed system discretizes the body orientation and the head orientation into 16 directions. In order to achieve the accurate orientation estimation, a novel training database is established, which includes strongly labeled data and weakly labeled data. Semi-Supervised Learning method is employed to annotate the weakly labeled data, and to generate the accurate classifier based on the proposed training database. In addition, the temporal constraint and the human physical model constraint are considered in orientation estimation, which are beneficial to the reasonable and stable result of orientation estimation for the pedestrian in image sequences. This estimated result is the orientation in camera space. The comprehension of the pedestrian behavior needs to be conducted in the real world space. Therefore, this paper proposes to model the motion of the host vehicle using inertial sensor, then transforms the estimated orientation from camera space to the real world space by considering the vehicle and pedestrian motion. The represented orientation indicates the behavior of the pedestrian more directly. Finally, a series of experiments demonstrate the effectiveness of the proposed pedestrian orientation system.

Determination of wordlength is essential for designing digital circuits because the wordlength affects system performance, hardware size, and power consumption. Variable wordlength methods that a system dynamically and effectively changes the wordlength depending on surrounding environments have been studied for power reduction in wireless systems. The conventional variable wordlength methods induce communication performance degradation when compared with a floating-point representation in time-varying fading channels. This paper discusses rapid wordlength control on packet basis and proposes a new method based on monitoring subcarrier SNRs in an OFDM receiver. The proposed method can estimate signal quality accurately and can decrease the wordlength decision errors. The simulation results have indicated that the proposed method shows better PER performance compared with the conventional methods.

This paper investigates the consensus problem of heterogeneous uncertain multi-agent systems with jointly connected topology, where the considered systems are composed of linear first-order, second-order dynamics and nonlinear Euler-Lagrange (EL) dynamics. The consensus protocol is designed to converge the position and velocity states of the linear and nonlinear heterogeneous multi-agent systems under joint connected topology, and then the adaptive consensus protocol is also proposed for heterogeneous multi-agent systems with unknown parameters in the EL dynamics under jointly connected topology. Stability analysis for piecewise continuous functions induced by the jointly connection is presented based on Lyapunov function and Cauchy's convergence criteria. Finally, some simulation results are provided to verify the effectiveness of the proposed methods.

Time synchronization is of paramount importance in wireless sensor networks (WSNs) due to the inherent distributed characteristics of WSNs. Border surveillance WSNs, especially, require a highly secure and accurate time synchronization scheme to detect and track intruders. In this paper, we propose a Secure and Efficient Time synchronization scheme for Border surveillance WSNs (SETB) which meets the requirements of border surveillance WSNs while minimizing the resource usage. To accomplish this goal, we first define the performance and security requirements for time synchronization in border surveillance WSNs in detail. Then, we build our time synchronization scheme optimized for these requirements. By utilizing both heterogeneous WSNs and one-way key chains, SETB satisfies the requirements with much less overhead than existing schemes. Additionally, we introduce on-demand time synchronization, which implies that time synchronization is conducted only when an intruder enters the WSN, in order to reduce energy consumption. Finally, we propose a method of deploying time-source nodes to keep the synchronization error within the requirement. Our analysis shows that SETB not only satisfies the performance and security requirements, but also is highly efficient in terms of communication and computation overhead, thus minimizing energy consumption.

Multiple-input multiple-output (MIMO) technology is a useful means of achieving the higher data rates needed in the latest wireless devices. However, weighting calculations for MIMO transmission become complicated when there are a large number of antennas. Thus, developing a simpler way to transmit and receive multiple streams is an idea worth considering. With this in mind, we propose a spatial division method using orthogonal directivities formed by using higher order modes of rectangular microstrip antennas. Each of them is formed by one antenna element so that channels are orthogonalized only by antennas. We verify antenna radiation characteristics by using higher order mode microstrip antennas and confirm that orthogonal directivities are obtained with them. Measurement of two stream transmission reveals that the method achieves almost the same channel capacity as that of an eigenmode-beamforming method because of the high multiplexing gain it achieves.

An analog-beamforming-based eigenmode transmission technique is proposed that employs a network of interconnected 180-degree hybrid couplers at both transmitting and receiving sides of a plane-symmetrically configured short-range MIMO system. This technique can orthogonalize MIMO channels regardless of array parameters such as antenna spacing and Tx-Rx distance, provided the MIMO array is symmetric. For verifying the effectiveness of the proposed technique in channel orthogonalization, an experiment is conducted using a 4×4 MIMO array consisting of microstrip antennas and cascade-connected rat-race hybrid couplers. The results indicate a reduction in interference by approximately -28.3dB on average compared to desired signal power, and the ability to realize four-stream parallel MIMO transmission by using only analog passive networks. The proposed technique can achieve channel capacity almost equivalent to that of eigenbeam space division multiplexing with ideal digital beamforming.

This paper proposes Fast Fourier Transform (FFT) based orthogonal beam selection method at the user terminals (UTs) to reduce the number of nulls for the other users except an intended user by the Block Diagonalization (BD) algorithm in multiuser MIMO (MU-MIMO) sytems. The BD algorithm has been proposed in order to realize MU-MIMO broadcast transmission with a realistic signal processing burden. The BD algorithm cancels inter-user interference by creating the weights so that the channel matrixes for the other users are set to be zero matrixes. However, when the number of transmit antennas is equals to the total number of received antennas, the transmission rate by the BD algorithm is decreased. The proposed method realizes the performance improvement compared to the conventional BD algorithm without the burden on the UTs. It is verified via bit error rate (BER) evaluation that the proposed method is effective compared to the conventional BD algorithm and antenna selection method. Moreover, the effectiveness of proposed method is verified by the performance evaluation considering medium access control (MAC) layer in a comparison with the conventional BD algorithm which needs the channel state information (CSI) feedback. Because the proposed method can be easily applied to beamforming without the CSI feedback (implicit beamforming), it is shown that the propose method is effective from a point of view on the transmission efficiency in MU-MIMO system.

Recent emerging mobile and wearable technologies make it easy to collect personal spatiotemporal data such as activity trajectories in daily life. Publishing real-time statistics over trajectory streams produced by crowds of people is expected to be valuable for both academia and business, answering questions such as “How many people are in Kyoto Station now?” However, analyzing these raw data will entail risks of compromising individual privacy. ε-Differential Privacy has emerged as a well-known standard for private statistics publishing because of its guarantee of being rigorous and mathematically provable. However, since user trajectories will be generated infinitely, it is difficult to protect every trajectory under ε-differential privacy. On the other hand, in real life, not all users require the same level of privacy. To this end, we propose a flexible privacy model of l-trajectory privacy to ensure every desired length of trajectory under protection of ε-differential privacy. We also design an algorithmic framework to publish l-trajectory private data in real time. Experiments using four real-life datasets show that our proposed algorithms are effective and efficient.

In recent years, much work has been devoted to developing protocols and architectures for supporting the growing trend of data-oriented services. One drawback of many of these proposals is the need to upgrade or replace all the routers in order for the new systems to work. Among the few systems that allow for gradual deployment is the recently-proposed Breadcrumbs technique for distributed coordination among caches in a cache network. Breadcrumbs uses information collected locally at each cache during past downloads to support in-network guiding of current requests to desired content. Specifically, during content download a series of short-term pointers, called breadcrumbs, is set up along the download path. Future requests for this content are initially routed towards the server which holds (a copy of) this content. However, if this route leads the request to a Breadcrumbs-supporting router, this router re-directs the request in the direction of the latest downloaded, using the aforementioned pointers. Thus, content requests are initially forwarded by a location ID (e.g., IP address), but encountering a breadcrumb entry can cause a shift over to content-based routing. This property enables the Breadcrumbs system to be deployed gradually, since it only enhances the existing location-based routing mechanism (i.e. IP-based routing). In this paper we evaluate the performance of a network where Breadcrumbs is only partially deployed. Our simulation results show Breadcrumbs performs poorly when sparsely deployed. However, if an overlay of Breadcrumbs-supporting routers is set-up, system performance is greatly improved. We believe that the reduced load on servers achieved with even a limited deployment of Breadcrumbs-supporting routers, combined with the flexibility of being able to deploy the system gradually, should motivate further investigation and eventual deployment of Breadcrumbs. In the paper, we also evaluate more coarse level than router level, i.e. ISP-level Breadcrumbs deployment issues. Our evaluation results show that Higher-layer first deployment approach obtains great improvement caused by Breadcrumbs redirections because of traffic aggregation in higher layer ISP.

We construct the first fully homomorphic encryption (FHE) scheme that encrypts matrices and supports homomorphic matrix addition and multiplication. This is a natural extension of packed FHE and thus supports more complicated homomorphic operations. We optimize the bootstrapping procedure of Alperin-Sheriff and Peikert (CRYPTO 2014) by applying our scheme. Our optimization decreases the lattice approximation factor from Õ(n3) to Õ(n2.5). By taking a lattice dimension as a larger polynomial in a security parameter, we can also obtain the same approximation factor as the best known one of standard lattice-based public-key encryption without successive dimension-modulus reduction, which was essential for achieving the best factor in prior works on bootstrapping of standard lattice-based FHE.

The characteristic basis function method using improved primary characteristic basis functions (IP-CBFM) has been proposed as a technique for high-precision analysis of monostatic radar cross section (RCS) of a scattering field in a specific coordinate plane. IP-CBFM is a method which reduces the number of CBF necessary to express a current distribution by combining secondary CBF calculated for each block of the scatterer with the primary CBF to form a single improved primary CBF (IP-CBF). When the proposed technique was evaluated by calculating the monostatic RCS of a perfect electric conductor plate and cylinder, it was found that solutions corresponding well with analysis results from conventional CBFM can be obtained from small-scale matrix equations.

Microwave systems have a number of promising applications in surveillance and monitoring systems. The main advantage of microwave systems is their ability to detect targets at distance under adverse conditions such as dim, smoky, and humid environments. Specifically, the wide bandwidth of ultra-wideband radar enables high range resolution. In a previous study, we proposed an accurate shape estimation algorithm for multiple targets using multiple ultra-wideband Doppler interferometers. However, this algorithm produces false image artifacts under conditions with severe interference. The present paper proposes a technique to suppress such false images by detecting inconsistent combinations of the radial velocity and time derivative of image positions. We study the performance of the proposed method through numerical simulations of a two-dimensional section of a moving human body, and demonstrate the remarkable performance of the proposed method in suppressing false image artifacts in many scenarios.