We propose an untraceable electronic money system. Our system uses the partially blind signature based on the discrete logarithm problem, and applies secret key certificates to the payment protocol.

We report on progress in the development of high current density NbN/AlN/NbN tunnel junctions for application as submillimeter wave SIS mixers. A ultra-high current density up to 120 kA/cm2, roughly two orders of magnitude larger than any reported results for all-NbN tunnel junctions, was achieved in the junctions. The magnetic field dependence and temperature dependence of critical supercurrents were measured to investigate the Josephson tunneling behaviour of critical supercurrents in the high-Jc junctions. We have developed a low-noise quasi-optical SIS mixer with the high-current density NbN/AlN/NbN junctions and two-junction tuning circuits which employ Al/SiO/NbN microstriplines. The tuning characteristics of the mixer were investigated by measuring the response in the direct detection mode by using the Fourier Transform Spectrometer (FTS) and measuring the response in the heterodyne detection mode with the standard Y-factor method at frequencies from 670 to 1082 GHz. An uncorrected double sideband receiver noise temperature of 457 K (12hν/kB) was obtained at 783 GHz.

Interpolation attack was presented by Jakobsen and Knudsen at FSE'97. Interpolation attack is effective against ciphers that have a certain algebraic structure like the PURE cipher which is a prototype cipher, but it is difficult to apply the attack to real-world ciphers. This difficulty is due to the difficulty of deriving a low degree polynomial relation between ciphertexts and plaintexts. In other words, it is difficult to evaluate the security against interpolation attack. This paper generalizes the interpolation attack. The generalization makes easier to evaluate the security against interpolation attack. We call the generalized interpolation attack linear sum attack. We present an algorithm that evaluates the security of byte-oriented ciphers against linear sum attack. Moreover, we show the relationship between linear sum attack and higher order differential attack. In addition, we show the security of CRYPTON, E2, and RIJNDAEL against linear sum attack using the algorithm.

Super-anomalous elliptic curves over a ring Z/nZ ;(n=Πi=1k piei) are defined by extending anomalous elliptic curves over a prime filed Fp. They have n points over a ring Z/nZ and pi points over Fpi for all pi. We generalize Satoh-Araki-Smart algorithm and Ruck algorithm, which solve a discrete logarithm problem over anomalous elliptic curves. We prove that a "discrete logarithm problem over super-anomalous elliptic curves" can be solved in deterministic polynomial time without knowing prime factors of n.

The MOV and FR algorithms, which are representative attacks on elliptic curve cryptosystems, reduce the elliptic curve discrete logarithm problem (ECDLP) to the discrete logarithm problem in a finite field. This paper studies these algorithms and introduces the following three results. First, we show an explicit condition under which the MOV algorithm can be applied to non-supersingular elliptic curves. Next, by comparing the effectiveness of the MOV algorithm to that of the FR algorithm, it is explicitly shown that the condition needed for the MOV algorithm to be subexponential is the same as that for the FR algorithm except for elliptic curves of trace two. Finally, a new explicit reduction algorithm is proposed for the ECDLP over elliptic curves of trace two. This algorithm differs from a simple realization of the FR algorithm. Furthermore, we show, by experimental results, that the running time of the proposed algorithm is shorter than that of the original FR algorithm.

We report on the fabrication and operation of all-NbN single flux quantum (SFQ) circuits with resistively shunted NbN/AlN/NbN tunnel junctions fabricated on silicon substrates. The critical current varied by about 5% in 400 NbN/AlN/NbN junction arrays, where the junction area was 88 µm2. Critical current densities of the NbN/AlN/NbN tunnel junctions showed exponential dependence on the deposition time of the AlN barrier. By using the 12-nm-thick Cu film as shunted resistors, non-hysteretic current-voltage characteristics were achieved. From dc-SQUID measurements, the sheet inductance of our NbN stripline was estimated to be around 1.2 pH at 4.2 K. We designed and fabricated circuits consisting of dc/SFQ converters, Josephson transmission lines, and T flip-flop-based SFQ/dc converters. The circuits demonstrated correct operation with a bias margin of more than 15% at 4.2 K.

This paper describes the design principles, the specification, and evaluations of a new 128-bit block cipher E2, which was proposed to the AES (Advanced Encryption Standard) candidates. This algorithm supports 128-bit, 192-bit, and 256-bit secret keys. The design philosophy of E2 is highly conservative; the structure uses 12-round Feistel as its main function whose round function is constructed with 2-round SPN structure, and initial/final transformational functions. E2 has practical security against differential attack, linear attack, cryptanalysis with impossible differential, truncated differential attack, and so on. Furthermore, E2 can be implemented efficiently and flexibly on various platforms because the primitive operations involve byte length processing.

The abilities of fuzzy inference methods in modeling of complicated systems are implemented to electromagnetics for the first time. The very popular and well known monopole antenna is chosen as a general example and a fast, simple and accurate fuzzy model for its input impedance is made by introducing a new point of view to impedance basic parameters. It is established that a surprisingly little number of input data points is sufficient to make a full model and also the system behavior (dominant rules) are saved as simple membership functions. The validity of the derived rules is confirmed through applying them to the case of thin-angled monopole antenna and comparing the results with the measured. Finally using the spatial membership function context, input impedance of thick-angled monopole antenna is predicted and a novel view point to conventional electromagnetic parameters is discussed to generalize the modeling method.

This paper reports the design and characteristics of an aerial optical drop cable incorporating electric power wires, which was developed for a new π-system. The new system is called the power supply HUB π-system, in which commercial AC electric power is received at a central location of several optical network units (ONUs), and is distributed to each ONU by the aerial optical/electric drop cable. We describe the requirements for the cable, which guarantee a 20-year lifetime. We designed the cross-sectional structure of the cable, based on system requirements and operation requirements, and determined the strength wire type and diameter, based on the optical fiber failure prediction theory and a cable strain requirement. We confirmed that the cables, manufactured as a trial, have stable characteristics, which satisfy the above requirements. The optical/electric drop cables will be introduced in autumn 1999.

Carbon-doped base InP/InGaAs heterojunction bipolar transistor (HBT) technology for millimeter-wave application is presented. Ultra-high carbon doping of InGaAs layers lattice-matched to InP with hole concentrations in excess of 1 1020 /cm3 has been achieved using a chemical beam epitaxy (CBE). Heavily carbon-doped base InP/InGaAs HBT epi structures were grown and small area, self-aligned HBTs with 1.5 µm emitter finger width were fabricated using triple mesa etching and polyimide planarization techniques. The fabricated small area transistors showed a common-emitter current gain cut-off frequency (fT) as high as 200 GHz. Preliminary device reliability test results showed the potential of the heavily carbon-doped base InP/InGaAs HBT for high performance microwave and millimeter-wave applications. Applications of the InP/InGaAs single heterojunction bipolar transistor (SHBT) and double heterojunction bipolar transistor (DHBT) to a direct-coupled feedback amplifier and a power transistor, respectively, are presented.

This paper surveys recent progress in the investigation of the underlying discrete proximity structures of geometric clustering with respect to the divergence in information geometry. Geometric clustering with respect to the divergence provides powerful unsupervised learning algorithms, and can be applied to classifying and obtaining generalizations of complex objects represented in the feature space. The proximity relation, defined by the Voronoi diagram by the divergence, plays an important role in the design and analysis of such algorithms.

This paper presents a simulated annealing (SA)-based algorithm for fast and robust block motion estimation. To reduce computational complexity, the existing fast search algorithms move iteratively toward the winning point based only on a finite set of checking points in every stage. Despite the efficiency of these algorithms, the search process is easily trapped into local minima, especially for high activity image sequences. To overcome this difficulty, the new algorithm uses two sets of checking points in every search stage and invokes the SA to choose the appropriate one. The employment of the SA provides the search a mechanism of being able to move out of local minima so that the new algorithm is less susceptible to such a dilemma. In addition, two schemes are employed to further enhance the performance of the algorithm. First, a set of initial checking points which exploit high correlations among the motion vectors of the temporally and spatially adjacent blocks are used. Second, an alternating search strategy is addressed to visit more points without increasing computations. Simulation results show that the new algorithm offers superior performance with lower computational complexity compared to previous works in various scenarios.

A new efficient two-dimensional warping algorithm is presented, in which sub-optimal warping is attained by iterating DP-based local optimization of warp on partially overlapping subplane sequence. From an experimental comparison with a conventional approximation algorithm based on beam search DP, relative superiority of the proposed algorithm is established.

With the advent of digital video and digital broadcasting, copyright protection of video data has been one of the most important issues. We present in this paper a novel method of digital watermark for video data based on the discrete wavelet transform. In this method, we embed the watermark in the lowest frequency components of each frame in the uncoded video by using a controlled quantization process. The watermark can be extracted directly from the decoded video without access to the original video. Experimental results show that the proposed method gives the watermarked image of better quality and is robust against MPEG coding and re-encoding. Furthermore, we discuss multiple watermarking with regard to the generational copy control for video contents.

Generating conditions of the optical feedback noise in self-pulsing lasers were experimentally examined. The noise charcteristics were determined by changing the operating power, the feedback distance and the feedback ratio for several types of self-pulsing lasers. The idea of the effective modulation index was introduced to evaluate the generating conditions in an uniform manner based on the mode competition theory. Validity of the idea was experimentally confirmed for generation of noise.

This paper proposes a new maximal ratio combining (MRC) frequency diversity automatic-repeat-request (ARQ) scheme suitable for high-speed orthogonal frequency division multiplexing (OFDM) systems that is based on the conventional packet combining ARQ scheme. The proposed scheme regularly changes the previously prepared subcarrier assignment pattern at each retransmission according to the number of retransmissions. This scheme sharply reduces the number of ARQ retransmissions and much improves the throughput performance in slow fading environments by virtue of the frequency diversity effect while it requires no complex adaptive operations. Computer simulation results show that the proposed scheme reduces the required number of retransmissions to about 3 at the accumulative correct packet reception rate (ACPRR) of 0.9.

This paper proposes an adaptive list-output Viterbi equalizer (LVE) with fast compare-select operation, in order to achieve a good trade-off between bit error rate (BER) performance and processing speed. An LVE, which keeps several survivors for each state, has good BER performance in the presence of wide-spread intersymbol interference. However, the LVE suffers from large processing delay due to its sorting-based compare-select operation. The proposed adaptive LVE greatly reduces its processing delay, because it simplifies compare-select operation. In addition, computer simulation shows that the proposed LVE causes only slight BER performance degradation due to its simplification of compare-select operation. Thus, the proposed LVE achieves better BER performance than decision-feedback sequence estimation (DFSE) without an increase in processing delay.

The design of array processors for solving linear systems using two-step division-free Gaussian elimination method is considered. The two-step method can be used to improve the systems based on the one-step method in terms of numerical stability as well as the requirements for high-precision. In spite of the rather complicated computations needed at each iteration of the two-step method, we develop an innovative parallel algorithm whose data dependency graph meets the requirements for regularity and locality. Then we derive two-dimensional array processors by adopting a systematic approach to investigate the set of all admissible solutions and obtain the optimal array processors under linear time-space scheduling. The array processors is optimal in terms of the number of processing elements used.

This paper proposes a new vector error measurement scheme for orthogonal frequency division multiplexing (OFDM) systems that is used to define transmit modulation accuracy. The transmit modulation accuracy is defined to guarantee inter-operability among wireless terminals. In OFDM systems, the transmit modulation accuracy measured by the conventional vector error measurement scheme can not guarantee inter-operability due to the effect of phase noise. To overcome this problem, the proposed vector error measurement scheme utilizes pilot signals in multiple OFDM symbols to compensate the phase rotation caused by the phase noise. Computer simulation results show that the vector error measured by the proposed scheme uniquely corresponds to the C/N degradation in packet error rate even if phase noise exists in the OFDM signals. This means that the proposed vector error measurement scheme makes it possible to define the transmit modulation accuracy and so guarantee inter-operability among wireless terminals.

The explicit formula for the coefficients of maximally linear digital differentiators is derived by the use of Taylor series. A modification in the formula is proposed to extend the effective passband of the differentiator with the same number of coefficients.