We propose a novel framework for integrating beginners' machine operational experiences with those of experts' to obtain a detailed task model. Beginners can provide valuable information for operation guidance and task design; for example, from the operations that are easy or difficult for them, the mistakes they make, and the strategy they tend to choose. However, beginners' experiences often vary widely and are difficult to integrate directly. Thus, we consider an operational experience as a sequence of hand-machine interactions at hotspots. Then, a few experts' experiences and a sufficient number of beginners' experiences are unified using two aggregation steps that align and integrate sequences of interactions. We applied our method to more than 40 experiences of a sewing task. The results demonstrate good potential for modeling and obtaining important properties of the task.

The aim of this study is to calculate optimal walking routes in real space for users partaking in immersive virtual reality (VR) games without compromising their immersion. To this end, we propose a navigation system to automatically determine the route to be taken by a VR user to avoid collisions with surrounding obstacles. The proposed method is evaluated by simulating a real environment. It is verified to be capable of calculating and displaying walking routes to safely guide users to their destinations without compromising their VR immersion. In addition, while walking in real space while experiencing VR content, users can choose between 6-DoF (six degrees of freedom) and 3-DoF (three degrees of freedom). However, we expect users to prefer 3-DoF conditions, as they tend to walk longer while using VR content. In dynamic situations, when two pedestrians are added to a designated computer-generated real environment, it is necessary to calculate the walking route using moving body prediction and display the moving body in virtual space to preserve immersion.

This paper proposes a salient chromagram by removing local trend to improve cover song identification accuracy. The proposed salient chromagram emphasizes tonal contents of music, which are well-preserved between an original song and its cover version, while reducing the effects of timber difference. We apply the proposed salient chromagram to the sequence-alignment based cover song identification. Experiments on two cover song datasets confirm that the proposed salient chromagram improves the cover song identification accuracy.

This paper investigates the security of KCipher-2 against differential attacks. We utilize an MILP-based method to evaluate the minimum number of active S-boxes in each round. We try to construct an accurate model to describe the 8-bit truncated difference propagation through the modular addition operation and the linear transformation of KCipher-2, respectively, which were omitted or simplified in the previous evaluation by Preneel et al. In our constructed model, the difference characteristics neglected in Preneel et al.'s evaluation can be taken into account and all valid differential characteristics can be covered. As a result, we reveal that the minimal number of active S-boxes is 25 over 15 rounds in the related IV setting and it is 17 over 24 rounds in the related IV-key setting. Therefore, this paper shows for the first time that KCipher-2 is secure against the related IV differential attack.

The hardness in solving the shortest vector problem (SVP) is a fundamental assumption for the security of lattice-based cryptographic algorithms. In 2010, Micciancio and Voulgaris proposed an algorithm named the Gauss Sieve, which is a fast and heuristic algorithm for solving the SVP. Schneider presented another algorithm named the Ideal Gauss Sieve in 2011, which is applicable to a special class of lattices, called ideal lattices. The Ideal Gauss Sieve speeds up the Gauss Sieve by using some properties of the ideal lattices. However, the algorithm is applicable only if the dimension of the ideal lattice n is a power of two or n+1 is a prime. Ishiguro et al. proposed an extension to the Ideal Gauss Sieve algorithm in 2014, which is applicable only if the prime factor of n is 2 or 3. In this paper, we first generalize the dimensions that can be applied to the ideal lattice properties to when the prime factor of n is derived from 2, p or q for two primes p and q. To the best of our knowledge, no algorithm using ideal lattice properties has been proposed so far with dimensions such as: 20, 44, 80, 84, and 92. Then we present an algorithm that speeds up the Gauss Sieve for these dimensions. Our experiments show that our proposed algorithm is 10 times faster than the original Gauss Sieve in solving an 80-dimensional SVP problem. Moreover, we propose a rotation-based Gauss Sieve that is approximately 1.5 times faster than the Ideal Gauss Sieve.

This paper presents an image super-resolution technique using a convolutional neural network (CNN) and multi-task learning for multiple image categories. The image categories include natural, manga, and text images. Their features differ from each other. However, several CNNs for super-resolution are trained with a single category. If the input image category is different from that of the training images, the performance of super-resolution is degraded. There are two possible solutions to manage multi-categories with conventional CNNs. The first involves the preparation of the CNNs for every category. This solution, however, requires a category classifier to select an appropriate CNN. The second is to learn all categories with a single CNN. In this solution, the CNN cannot optimize its internal behavior for each category. Therefore, this paper presents a super-resolution CNN architecture for multiple image categories. The proposed CNN has two parallel outputs for a high-resolution image and a category label. The main CNN for the high-resolution image is a normal three convolutional layer-architecture, and the sub neural network for the category label is branched out from its middle layer and consists of two fully-connected layers. This architecture can simultaneously learn the high-resolution image and its category using multi-task learning. The category information is used for optimizing the super-resolution. In an applied setting, the proposed CNN can automatically estimate the input image category and change the internal behavior. Experimental results of 2× image magnification have shown that the average peak signal-to-noise ratio for the proposed method is approximately 0.22 dB higher than that for the conventional super-resolution with no difference in processing time and parameters. We have ensured that the proposed method is useful when the input image category is varying.

This paper presents a conformal retrodirective metagrating with multi-azimuthal-angle operating ability. First, a flat metagrating composed of a periodic array of single rectangular patch elements, two-layer stacked substrates, and a ground plane is implemented to achieve one-directional retroreflection at a specific angle. The elevation angle of the retroreflection is manipulated by precisely tuning the value of the period. To control the energy coupling to the retrodirective mode, the dimensions of the length and width of the rectangular patch are investigated under the effect of changing the substrate thickness. Three values of the length, width, and thickness are then chosen to obtain a high retroreflection power efficiency. Next, to create a conformal design operating simultaneously at multiple azimuthal angles, the rectangular patch array using a flexible ultra-thin guiding layer is conformed to a dielectric cylindrical substrate backed by a perfect electric conductor ground plane. Furthermore, to further optimize the retroreflection efficiency, two circular metallic plates are added at the two ends of the cylindrical substrate to eliminate the specular reflection inside the space of the cylinder. The measured radar cross-section shows a power efficiency of the retrodirective metagrating of approximately 91% and 93% for 30° retrodirected elevation angle at the azimuthal angles of 0° and 90°, respectively, at 5.8GHz.

A method is presented for increasing wireless LAN (WLAN) capacity in high-density environments with IEEE 802.11ax systems. We propose using coordinated scheduling of trigger frames based on our mobile cooperative control concept. High-density WLAN systems are managed by a management server, which gathers wireless environmental information from user equipment through cellular access. Hierarchical clustering of basic service sets is used to form synchronized clusters to reduce interference and increase throughput of high-density WLAN systems based on mobile cooperative control. This method increases uplink capacity by up to 19.4% and by up to 11.3% in total when WLAN access points are deployed close together. This control method is potentially effective for IEEE 802.11ax WLAN systems utilized as 5G mobile network components.

A model extraction attack is a security issue in deep neural networks (DNNs). Information on a trained DNN model is an attractive target for an adversary not only in terms of intellectual property but also of security. Thus, an adversary tries to reveal the sensitive information contained in the trained DNN model from machine-learning services. Previous studies on model extraction attacks assumed that the victim provides a machine-learning cloud service and the adversary accesses the service through formal queries. However, when a DNN model is implemented on an edge device, adversaries can physically access the device and try to reveal the sensitive information contained in the implemented DNN model. We call these physical model extraction attacks model reverse-engineering (MRE) attacks to distinguish them from attacks on cloud services. Power side-channel analyses are often used in MRE attacks to reveal the internal operation from power consumption or electromagnetic leakage. Previous studies, including ours, evaluated MRE attacks against several types of DNN processors with power side-channel analyses. In this paper, information leakage from a systolic array which is used for the matrix multiplication unit in the DNN processors is evaluated. We utilized correlation power analysis (CPA) for the MRE attack and reveal weight parameters of a DNN model from the systolic array. Two types of the systolic array were implemented on field-programmable gate array (FPGA) to demonstrate that CPA reveals weight parameters from those systolic arrays. In addition, we applied an extended analysis approach called “chain CPA” for robust CPA analysis against the systolic arrays. Our experimental results indicate that an adversary can reveal trained model parameters from a DNN accelerator even if the DNN model parameters in the off-chip bus are protected with data encryption. Countermeasures against side-channel leaks will be important for implementing a DNN accelerator on a FPGA or application-specific integrated circuit (ASIC).

Replayable chosen ciphertext (RCCA) security was introduced by Canetti, Krawczyk, and Nielsen (CRYPTO'03) in order to handle an encryption scheme that is “non-malleable except tampering which preserves the plaintext.” RCCA security is a relaxation of CCA security and a useful security notion for many practical applications such as authentication and key exchange. Canetti et al. defined non-malleability against RCCA (NM-RCCA), indistinguishability against RCCA (IND-RCCA), and universal composability against RCCA (UC-RCCA). Moreover, they proved that these three security notions are equivalent when considering a PKE scheme whose plaintext space is super-polynomially large. Among these three security notions, NM-RCCA seems to play the central role since RCCA security was introduced in order to capture “non-malleability except tampering which preserves the plaintext.” However, their definition of NM-RCCA is not a natural extension of that of original non-malleability, and it is not clear whether their NM-RCCA captures the requirement of original non-malleability. In this paper, we propose definitions of indistinguishability-based and simulation-based non-malleability against RCCA by extending definitions of original non-malleability. We then prove that these two notions of non-malleability and IND-RCCA are equivalent regardless of the size of plaintext space of PKE schemes.

The membership check of a group is an important operation to implement discrete logarithm-based cryptography in practice securely. Since this check requires costly scalar multiplication or exponentiation operation, several efficient methods have been investigated. In the case of pairing-based cryptography, this is an extended research area of discrete logarithm-based cryptography, Barreto et al. (LATINCRYPT 2015) proposed a parameter choice called subgroup-secure elliptic curves. They also claimed that, in some schemes, if an elliptic curve is subgroup-secure, costly scalar multiplication or exponentiation operation can be omitted from the membership check of bilinear groups, which results in faster schemes than the original ones. They also noticed that some schemes would not maintain security with this omission. However, they did not show the explicit condition of what schemes become insecure with the omission. In this paper, we show a concrete example of insecurity in the sense of subgroup security to help developers understand what subgroup security is and what properties are preserved. In our conclusion, we recommend that the developers use the original membership check because it is a general and straightforward method to implement schemes securely. If the developers want to use the subgroup-secure elliptic curves and to omit the costly operation in a scheme for performance reasons, it is critical to carefully analyze again that correctness and security are preserved with the omission.

This paper reports our new communication components and downlink tests for realizing 2.65Gbps by utilizing two circular polarizations. We have developed an on-board X-band transmitter, an on-board dual circularly polarized-wave antenna, and a ground station. In the on-board transmitter, we optimized the bias conditions of GaN High Power Amplifier (HPA) to linearize AM-AM performance. We have also designed and fabricated a dual circularly polarized-wave antenna for low-crosstalk polarization multiplexing. The antenna is composed of a corrugated horn antenna and a septum-type polarizer. The antenna achieves Cross Polarization Discrimination (XPD) of 37-43dB in the target X-band. We also modify an existing 10m ground station antenna by replacing its primary radiator and adding a polarizer. We put the polarizer and Low Noise Amplifiers (LNAs) in a cryogenic chamber to reduce thermal noise. Total system noise temperature of the antenna is 58K (maximum) for 18K physical temperature when the angle of elevation is 90° on a fine winter day. The dual circularly polarized-wave ground station antenna has 39.0dB/K of Gain - system-noise Temperature ratio (G/T) and an XPD higher than 37dB. The downlinked signals are stored in a data recorder at the antenna site. Afterwards, we decoded the signals by using our non-real-time software demodulator. Our system has high frequency efficiency with a roll-off factor α=0.05 and polarization multiplexing of 64APSK. The communication bits per hertz corresponds to 8.41bit/Hz (2.65Gbit/315MHz). The system is demonstrated in orbit on board the RAPid Innovative payload demonstration Satellite (RAPIS-1). RAPIS-1 was launched from Uchinoura Space Center on January 19th, 2019. We decoded 1010 bits of downlinked R- and L-channel signals and found that the downlinked binary data was error free. Consequently, we have achieved 2.65Gbps communication speed in the X-band for earth observation satellites at 300 Mega symbols per second (Msps) and polarization multiplexing of 64APSK (coding rate: 4/5) for right- and left-hand circular polarizations.

Multivariate public key cryptosystem (MPKC) is one of the major post quantum cryptosystems (PQC), and the National Institute of Standards and Technology (NIST) recently selected four MPKCs as candidates of their PQC. The security of MPKC depends on the hardness of solving systems of algebraic equations over finite fields. In particular, the multivariate quadratic (MQ) problem is that of solving such a system consisting of quadratic polynomials and is regarded as an important research subject in cryptography. In the Fukuoka MQ challenge project, the hardness of the MQ problem is discussed, and algorithms for solving the MQ problem and the computational results obtained by these algorithms are reported. Algorithms for computing Gröbner basis are used as the main tools for solving the MQ problem. For example, the F4 algorithm and M4GB algorithm have succeeded in solving many instances of the MQ problem provided by the project. In this paper, based on the F4-style algorithm, we present an efficient algorithm to solve the MQ problems with dense polynomials generated in the Fukuoka MQ challenge project. We experimentally show that our algorithm requires less computational time and memory for these MQ problems than the F4 algorithm and M4GB algorithm. We succeeded in solving Type II and III problems of Fukuoka MQ challenge using our algorithm when the number of variables was 37 in both problems.

Web-based social engineering (SE) attacks manipulate users to perform specific actions, such as downloading malware and exposing personal information. Aiming to effectively lure users, some SE attacks, which we call multi-step SE attacks, constitute a sequence of web pages starting from a landing page and require browser interactions at each web page. Also, different browser interactions executed on a web page often branch to multiple sequences to redirect users to different SE attacks. Although common systems analyze only landing pages or conduct browser interactions limited to a specific attack, little effort has been made to follow such sequences of web pages to collect multi-step SE attacks. We propose STRAYSHEEP, a system to automatically crawl a sequence of web pages and detect diverse multi-step SE attacks. We evaluate the effectiveness of STRAYSHEEP's three modules (landing-page-collection, web-crawling, and SE-detection) in terms of the rate of collected landing pages leading to SE attacks, efficiency of web crawling to reach more SE attacks, and accuracy in detecting the attacks. Our experimental results indicate that STRAYSHEEP can lead to 20% more SE attacks than Alexa top sites and search results of trend words, crawl five times more efficiently than a simple crawling module, and detect SE attacks with 95.5% accuracy. We demonstrate that STRAYSHEEP can collect various SE attacks, not limited to a specific attack. We also clarify attackers' techniques for tricking users and browser interactions, redirecting users to attacks.

Artificial intelligence (AI), especially deep learning (DL), has been remarkable and applied to various industries. However, adversarial examples (AE), which add small perturbations to input data of deep neural networks (DNNs) for misclassification, are attracting attention. In this paper, we propose a novel black-box attack to craft AE using only processing time which is side-channel information of DNNs, without using training data, model architecture and parameters, substitute models or output probability. While, several existing black-box attacks use output probability, our attack exploits a relationship between the number of activated nodes and the processing time of DNNs. The perturbations for AE are decided by the differential processing time according to input data in our attack. We show experimental results in which our attack's AE increase the number of activated nodes and cause misclassification to one of the incorrect labels effectively. In addition, the experimental results highlight that our attack can evade gradient masking countermeasures which mask output probability to prevent crafting AE against several black-box attacks.

A fully homomorphic encryption (FHE) would be the important cryptosystem as the basic scheme for the cloud computing. Since Gentry discovered in 2009 the first fully homomorphic encryption scheme, some fully homomorphic encryption schemes were proposed. In the systems proposed until now the bootstrapping process is the main bottleneck and the large complexity for computing the ciphertext is required. In 2011 Zvika Brakerski et al. proposed a leveled FHE without bootstrapping. But circuit of arbitrary level cannot be evaluated in their scheme while in our scheme circuit of any level can be evaluated. The existence of an efficient fully homomorphic cryptosystem would have great practical implications in the outsourcing of private computations, for instance, in the field of the cloud computing. In this paper, IND-CCA1secure FHE based on the difficulty of prime factorization is proposed which does not need the bootstrapping and it is thought that our scheme is more efficient than the previous schemes. In particular the computational overhead for homomorphic evaluation is O(1).

Multimodal embedding is a crucial research topic for cross-modal understanding, data mining, and translation. Many studies have attempted to extract representations from given entities and align them in a shared embedding space. However, because entities in different modalities exhibit different abstraction levels and modality-specific information, it is insufficient to embed related entities close to each other. In this study, we propose the Target-Oriented Deformation Network (TOD-Net), a novel module that continuously deforms the embedding space into a new space under a given condition, thereby providing conditional similarities between entities. Unlike methods based on cross-modal attention applied to words and cropped images, TOD-Net is a post-process applied to the embedding space learned by existing embedding systems and improves their performances of retrieval. In particular, when combined with cutting-edge models, TOD-Net gains the state-of-the-art image-caption retrieval model associated with the MS COCO and Flickr30k datasets. Qualitative analysis reveals that TOD-Net successfully emphasizes entity-specific concepts and retrieves diverse targets via handling higher levels of diversity than existing models.

To be suitable in practice, pairings are typically carried out by two steps, which consist of the Miller loop and final exponentiation. To improve the final exponentiation step of a pairing on the BLS family of pairing-friendly elliptic curves with embedding degree 15, the authors provide a new representation of the exponent. The proposal can achieve a more reduction of the calculation cost of the final exponentiation than the previous method by Fouotsa et al.

This letter proposes a load balance and power transfer scheme among small cell base stations (SBSs) to maximize the sum rate of small cell network. In the proposed scheme, small cell users (SUEs) are firstly associated with their nearest SBSs, then the overloaded SBSs can be determined. Further, the methods, i.e., Case 1: SUEs of overloaded SBSs are offloaded to their neighbor underloaded SBSs or Case 2: SUEs of overloaded SBSs are served by their original associated SBSs through obtaining power from their nearby SBSs that can provide higher data rate is selected. Finally, numerical simulations demonstrate that the proposed scheme has better performance.

This paper proposes a transparent glass quartz antenna for 5G-millimeter-wave-connected vehicles and clarifies the characteristics of signal reception when the glass antennas are placed on the windows of a vehicle traveling in an urban environment. Synthetic fused quartz is a material particularly suited for millimeter-wave devices owing to its excellent low transmission loss. Realizing synthetic fused quartz devices requires accurate micromachining technology specialized for the material coupled with the material technology. This paper presents a transparent antenna comprising a thin mesh pattern on a quartz substrate for installation on a vehicle window. A comparison of distributed transparent antennas and an omnidirectional antenna shows that the relative received power of the distributed antenna system is higher than that of the omnidirectional antenna. In addition, results show that the power received is similar when using vertically and horizontally polarized antennas. The design is verified in a field test using transparent antennas on the windows of a real vehicle.