Two classes of 3rd order correlation immune symmetric Boolean functions have been constructed respectively in [1] and [2], in which some interesting phenomena of the algebraic degree have been observed as well. However, a good explanation has not been given. In this paper, we obtain the formulas for the degree of these functions, which can well explain the behavior of their degree.

In this paper, the authors present a CAM-based Information Detection Hardware System for fast, exact and approximate image matching on 2-D data, using FPGA. The proposed system can be potentially applied to fast image matching with various required search patterns, without using search principles. In designing the system, we take advantage of Content Addressable Memory (CAM) which has parallel multi-match mode capability and has been designed, using dual-port RAM blocks. The system has a simple structure, and does not employ any Central Processor Unit (CPU) or complicated computations.

We implemented a scalar multiplication method over elliptic curves using division polynomials. We adapt an algorithm for computing elliptic nets proposed by Stange. According to our experimental results, the scalar multiplication method using division polynomials is faster than the binary method in an affine coordinate system.

In this letter, we propose an improvement on a knapsack probabilistic encryption scheme [B. Wang, Q. Wu, Y. Hu, Information Sciences 177 (2007)], which was shown vulnerable to attacks due to Youssef [A.M. Youssef, Information Sciences 179 (2009)] and Lee [M.S. Lee, Information Sciences 222 (2013)], respectively. The modified encryption scheme is secure against Youssef's and Lee's attacks only at the costs of slightly compromising the efficiency of the original proposal.

Coupled with the discrete wavelet transform, SPIHT (set partitioning in hierarchical trees) is a highly efficient image compression technique that allows for progressive transmission. One problem, however, is that its decoding can be extremely sensitive to bit errors in the code sequence. In this paper, we address the issue of transmitting SPIHT-encoded images via noisy channels, wherein errors are inevitable. The communication scenario assumed in this paper is that the transmitter cannot get any acknowledgement from the receiver. In our scheme, the original SPIHT code sequence is first segmented into packets. Each packet is classified as either a CP (critical packet) or an RP (refinement packet). For error control, cyclic redundancy check (CRC) is incorporated into each packet. By checking the CRC check sum, the receiver is able to tell whether a packet is correctly received or not. In this way, the noisy channel can be effectively modeled as an erasure channel. For unequal error protection (UEP), each of those packets are repeatedly transmitted for a few times, as determined by a process called diversity allocation (DA). Two DA algorithms are proposed. The first algorithm produces a nearly optimal decoded image (as measured in the expected signal-to-noise ratio). However, its computation cost is extremely high. The second algorithm works in a progressive fashion and is naturally compatible with progressive transmission. Its computation complexity is extremely low. Nonetheless, its decoded image is nearly as good. Experimental results show that the proposed scheme significantly improves the decoded images. They also show that making distinction between CP and RP results in wiser diversity allocation to packets and thus produces higher quality in the decoded images.

To improve immunity against process gradients, a common centroid constraint, in which every pair of capacitors should be placed symmetrically with respect to a common center point, is widely used. The pair of capacitors are derived by dividing some original capacitors into two halves. Xiao et al. proposed a method to obtain a placement which satisfies the common centroid constraints, but this method has a defect. In this paper, we propose a decoding algorithm to obtain a placement which satisfies common centroid constraints.

Most peer-to-peer (P2P) systems build their own overlay networks for implementing peer selection strategies without taking into account the locality on the underlay network. As a result, a large quantity of traffic crossing internet service providers (ISPs) or autonomous systems (ASes) is generated on the Internet. Controlling the P2P traffic is therefore becoming a big challenge for the ISPs. To control the cost of the cross-ISP/AS traffic, ISPs often throttle and/or even block P2P applications in their networks. In this paper, we propose a router-aided approach for localizing the P2P traffic hierarchically; it features the insertion of additional delay into each P2P packet based on geographical location of its destination. Compared to the existing approaches that solve the problem on the application layer, our proposed method does not require dedicated servers, cooperation between ISPs and P2P users, or modification of existing P2P application software. Therefore, the proposal can be easily utilized by all types of P2P applications. Experiments on P2P streaming applications indicate that our hierarchical traffic localization method not only reduces significantly the inter-domain traffic but also maintains a good performance of P2P applications.

PEiD is a packer identification tool widely used for malware analysis but its accuracy is becoming lower and lower recently. There exist two major reasons for that. The first is that PEiD does not provide a way to create signatures, though it adopts a signature-based approach. We need to create signatures manually, and it is difficult to catch up with packers created or upgraded rapidly. The second is that PEiD utilizes exact matching. If a signature contains any error, PEiD cannot identify the packer that corresponds to the signature. In this paper, we propose a new automated packer identification method to overcome the limitations of PEiD and report the results of our numerical study. Our method applies string-kernel-based support vector machine (SVM): it can measure the similarity between packed programs without our operations such as manually creating signature and it provides some error tolerant mechanism that can significantly reduce detection failure caused by minor signature violations. In addition, we use the byte sequence starting from the entry point of a packed program as a packer's feature given to SVM. That is, our method combines the advantages from signature-based approach and machine learning (ML) based approach. The numerical results on 3902 samples with 26 packer classes and 3 unpacked (not-packed) classes shows that our method achieves a high accuracy of 99.46% outperforming PEiD and an existing ML-based method that Sun et al. have proposed.

In this paper, we investigate how to achieve call admission control (CAC) for guaranteeing call dropping probability QoS which is caused by handoff timeout in cognitive radio (CR) networks. When primary user (PU) appears, spectrum handoff should be initiated to maintain secondary user (SU)'s link. We propose a novel virtual queuing (VQ) scheme to schedule spectrum handoff requests sent by multiple SUs. Unlike the conventional first-come-first-served (FCFS) scheduling, resuming transmission in the original channel has higher priority than switching to another channel. It costs less because it avoids the cost of signaling frequent spectrum switches. We characterize the handoff delay on the effect of PU's behavior and the number of SUs in CR networks. And user capacity under certain QoS requirement is derived as a guideline for CAC. The analytical results show that call dropping performance can be greatly improved by CAC when a large amount of SUs arrives fast as well as the VQ scheme is verified to reduce handoff cost compared to existing methods.

In this letter, an estimation technique for multiple CFOs is proposed that uses the properties of the Zadoff-Chu (ZC) sequence. After initial estimation of multiple CFOs by using the properties of the ZC sequence, accurate estimates are obtained in the proposed technique by an iterative procedure. The proposed technique can be applied to LTE-based CoMP systems where ZC sequences are used to generate synchronization signals in downlink and random access preambles in uplink.

An amplitude shift keying transmitter and receiver chipset with low power consumption using 40nm CMOS technology for wireless communication systems is described, in which a maximum data rate of 10Gbps and power consumption of 98.4mW are obtained with a carrier frequency of 135GHz. A simple circuit and a modulation method to reduce power consumption are selected for the chipsets. To realize multi-gigabit wireless communication, the receiver is designed considering the group delay optimization. In the receiver design, the low-noise amplifier and detector are designed considering the total optimization of the gain and group delay in the millimeter-wave modulated signal region.

CLEFIA is a 128-bit block cipher proposed by Shirai et al. at FSE2007. It has been reported that CLEFIA has a 9-round saturation characteristic, in which 32bits of the output of 9-th round 112-th order differential equals to zero. By using this characteristic, a 14-round CLEFIA with 256-bit secret key is attacked with 2113 blocks of chosen plaintext and 2244.5 times of data encryption. In this paper, we focused on a higher order differential of CLEFIA. This paper introduces two new concepts for higher order differential which are control transform for the input and observation transform for the output. With these concepts, we found a new 6-round saturation characteristic, in which 24bits of the output of 6-th round 9-th order differential equals to zero. We also show a new 9-round saturation characteristic using 105-th order differential which is a 3-round extension of the 6-round one. If we use it, instead of 112-th order differential, using the meet-in-the-middle attack technique for higher order differential table, the data and computational complexity for the attack to 14-round CLEFIA can be reduced to around 2-5, 2-34 of the conventional attack, respectively.

This paper presents frequency diversity effects of localized transmission, clustered transmission, and intra-subframe frequency hopping (FH) using a frequency domain equalizer (FDE) for discrete Fourier transform (DFT)-precoded Orthogonal Frequency Division Multiple Access (OFDMA). In the evaluations, we employ the normalized frequency mean square covariance (NFMSV) as a measure of the frequency diversity effect, i.e., randomization level of the frequency domain interleaving associated with turbo coding. Link-level computer simulation results show that frequency diversity is very effective in decreasing the required average received signal-to-noise power ratio (SNR) at the target average block error rate (BLER) using a linear minimum mean-square error (LMMSE) based FDE according to the increase in the entire transmission bandwidth for DFT-precoded OFDMA. Moreover, we show that the NFMSV is an accurate measure of the frequency diversity effect for the 3 transmission schemes for DFT-precoded OFDMA. We also clarify the frequency diversity effects of the 3 transmission schemes from the viewpoint of the required average received SNR satisfying the target average BLER for the various key radio parameters for DFT-precoded OFDMA in frequency-selective Rayleigh fading channels.

Recently nonlinear feedback shift registers (NFSRs) have frequently been used as basic building blocks for stream ciphers. A major problem concerning NFSRs is to construct NFSRs which generate de Bruijn sequences, namely maximum period sequences. In this paper, we present a new necessary condition for NFSRs to generate de Bruijn sequences. The new condition can not be deduced from the previously proposed necessary conditions. It is shown that the number of NFSRs whose feedback functions satisfy all the previous necessary conditions but not the new one is very large.

This paper presents two types of cryptanalysis on a Merkle-Damgård hash based MAC, which computes a MAC value of a message M by Hash(K||l||M) with a shared key K and the message length l. This construction is often called LPMAC. Firstly, we present a distinguishing-H attack against LPMAC instantiated with any narrow-pipe Merkle-Damgård hash function with O(2n/2) queries, which indicates the incorrectness of the widely believed assumption that LPMAC instantiated with a secure hash function should resist the distinguishing-H attack up to 2n queries. In fact, all of the previous distinguishing-H attacks considered dedicated attacks depending on the underlying hash algorithm, and most of the cases, reduced rounds were attacked with a complexity between 2n/2 and 2n. Because it works in generic, our attack updates these results, namely full rounds are attacked with O(2n/2) complexity. Secondly, we show that an even stronger attack, which is a powerful form of an almost universal forgery attack, can be performed on LPMAC. In this setting, attackers can modify the first several message-blocks of a given message and aim to recover an internal state and forge the MAC value. For any narrow-pipe Merkle-Damgård hash function, our attack can be performed with O(2n/2) queries. These results show that the length prepending scheme is not enough to achieve a secure MAC.

Recently, there have been many studies on constructing cryptographic primitives that are secure even if some secret information leaks. In this paper, we consider the problem of constructing public-key encryption schemes that are resilient to leaking the randomness used in the encryption algorithm. In particular, we consider the case in which public-key encryption schemes are constructed from the KEM/DEM framework, and the leakage of randomness in the encryption algorithms of KEM and DEM occurs independently. For this purpose, we define a new security notion for KEM. Then we provide a generic construction of a public-key encryption scheme that is resilient to randomness leakage from any KEM scheme satisfying this security. Also we construct a KEM scheme that satisfies the security from hash proof systems.

We present the relationship between privacy definitions for Radio Frequency Identification (RFID) authentication protocols. The security model is necessary for ensuring security or privacy, but many researchers present different privacy concepts for RFID authentication and the technical relationship among them is unclear. We reconsider the zero-knowledge based privacy proposed by Deng et al. at ESORICS 2010 and show that this privacy is equivalent to indistinguishability based privacy proposed by Juels and Weis. We also provide the implication and separation between these privacy definitions and the simulation based privacy proposed by Paise and Vaudenay at AsiaCCS 2008 based on the public verifiability of the communication message.

CLEFIA is a 128-bit block cipher proposed by Shirai et al. at FSE 2007, and it was selected as several standards. CLEFIA adopts a generalized Feistel structure with the switching diffusion mechanism, which realizes a compact hardware implementation for CLEFIA, and it seems one of the promising candidates to be used for restricted environments, which require that a cryptographic primitive is versatile. It means that we need to evaluate the security of CLEFIA even for unusual scenario such as known-key scenario. As Knudsen and Rijmen did for 7-round AES at Asiacrypt 2007, we construct 17-round known-key distinguisher using two integral characteristics. To combine the 17-round known-key distinguisher with the standard subkey recovery technique for a secret-key scenario, we can construct a known-key distinguisher for full CLEFIA-128 from a random permutation under the framework of middletext distinguisher proposed by Minier et al. at Africacrypt 2009. The known-key distinguisher requires query of 2112 texts, time complexity of 2112, and memory complexity of 23 blocks, with the advantage of e-1, where e is the base of the natural logarithm. Note that there is no practical impact on the security of CLEFIA-128 for the current usages, since the result can only work under the known-key setting and data used by the adversary are enormous and needs a special form.

Recently, return-oriented programming (ROP) attacks have been rapidly increasing. In this letter, we introduce a fast and space-efficient defense technique, called zero-sum defender, that can respond against general ROP attacks. Our technique generates additional codes, at compile time, just before return instructions to check whether the execution has been abused by ROP attacks. We achieve very low runtime overhead with very small increase in file size. In our experimental results, performance overhead is 1.7%, and file size overhead is 4.5%.