The security level of an internet protocol television (IPTV) digital right management (DRM) system ultimately relies on protection of secret keys. Well known devices for the key protection include smartcards and battery backup SRAMs (BB-SRAMs); however, these devices could be vulnerable to various physical attacks. In this paper, we propose a secure and cost-effective design of a cryptographic system on chip (SoC) that integrates the BB-SRAM with a cell-based design technique. The proposed SoC provides robust safeguard against the physical attacks, and satisfies high-speed and low-price requirements of IPTV set-top boxes. Our implementation results show that the maximum encryption rate of the SoC is 633 Mb/s. In order to verify the data retention capabilities, we made a prototype chip using 0.18 µm standard cell technology. The experimental results show that the integrated BB-SRAM can reliably retain data with a 1.4 µA leakage current.

This paper presents a numerical approach to the time-domain analysis of N-branch-line couplers. The approach is based on the modified central difference (MCD) method combined with internal boundary treatments, which consist of the time-domain scattering matrix for the three-port junction discontinuity. The behavior of the signal propagation including multiple reflections on the N-branch-line coupler with and without line loss is analyzed and demonstrated in the time domain. Additionally, the S-parameters obtained from Gaussian pulse responses of the N-branch-line directional couplers are shown. The simulated results are in good agreement with those of the commercial simulator.

Critical path selection is very important in delay testing. Critical paths found by conventional static timing analysis (STA) tools are inadequate to represent the real timing of the circuit, since neither the testability of paths nor the statistical variation of cell delays caused by process variation is considered. This paper proposed a novel path selection method considering process variation. The circuit is firstly simplified by eliminating non-critical edges under statistical timing model, and then divided into sub-circuits, while each sub-circuit has only one prime input (PI) and one prime output (PO). Critical paths are selected only in critical sub-circuits. The concept of partially critical edges (PCEs) and completely critical edges (CCEs) are introduced to speed up the path selection procedure. Two path selection strategies are also presented to search for a testable critical path set to cover all the critical edges. The experimental results showed that the proposed circuit division approach is efficient in path number reduction, and PCEs and CCEs play an important role as a guideline during path selection.

At-speed scan testing is susceptible to yield loss risk due to power supply noise caused by excessive launch switching activity. This paper proposes a novel two-stage scheme, namely CTX (Clock-Gating-Based Test Relaxation and X-Filling), for reducing switching activity when a test stimulus is launched. Test relaxation and X-filling are conducted (1) to make as many FFs as possible inactive by disabling corresponding clock control signals of clock-gating circuitry in Stage-1 (Clock-Disabling), and (2) to equalize the input and output values in Stage-2 of as many remaining active FFs as possible (FF-Silencing). CTX effectively reduces launch switching activity and thus yield loss risk even when only a small number of don't care (X) bits are present (as in test compression) without any impact on test data volume, fault coverage, performance, or circuit design.

In this paper, multiple-symbol differential detection (MSDD) is applied to the differential unitary space-time-frequency coding (DUSTFC) scheme over frequency selective fading multiple-input multiple-output (MIMO) channels. The motivation of applying MSDD is to compensate for the performance loss of conventional (two-symbol observation) differential detection comparing with coherent detection, by extending the observation interval and considering the fading autocorrelations. Since the differential coding of DUSTFC can be performed in time or frequency domain, both the time-domain and frequency-domain MSDD are investigated. After calculating the frequency-domain fading autocorrelation, the decision metrics of MSDD considering appropriate fading autocorrelations are derived in time and frequency domain respectively. Bit error rate (BER) performances of the two kinds of MSDD are analyzed by computer simulations. Simulation results demonstrate that a considerable performance gain can be got by applying MSDD in both cases, and the transmit diversity gain can also be enhanced by applying MSDD. So that it is proved that full advantage of transmit diversity with DUSTFC can be taken by applying MSDD.

This paper proposes a wide-locking range divide-by-3 injection-locked frequency divider (ILFD) fabricated in the 90 nm 1P9M CMOS technology. The divider consists of an nMOS cross-coupled LC oscillator and two injection MOSFETs in series with the cross-coupled nMOSFETs. The ILFD is formed with two linear mixers which share the same dc current so that a low power ILFD can be designed. At the supply voltage of 0.7 V, the free-running frequency is from 10.18 to 11.56 GHz, the current and power consumption of the divider without buffers are 2.8 mA and 1.96 mW, respectively. At the incident power of 0 dBm, the total operational locking range is 4.94 GHz, from the incident frequency 29.96 to 34.9 GHz.

The theoretical studies conducted mainly by the author are reviewed on (1) derivation of arbitrary order moment equations and solutions of some equations, (2) scattering by many particles and the effective medium constant of random medium, (3) scattering by a conducting body in random media and (4) spatially partially-coherent wave scattering, with application to satellite communications, artificial material development, and sensing and radar technology. The leading research results are described with many references; and also unsolved subjects in the above four studies are touched.

This paper describes an adaptive feature extraction method that exploits category-specific information to overcome both image degradation and deformation in character recognition. When recognizing multiple fonts, geometric features such as directional information of strokes are often used but they are weak against the deformation and degradation that appear in videos or natural scenes. To tackle these problems, the proposed method estimates the degree of deformation and degradation of an input pattern by comparing the input pattern and the template of each category as category-specific information. This estimation enables us to compensate the aspect ratio associated with shape and the degradation in feature values and so obtain higher recognition accuracy. Recognition experiments using characters extracted from videos show that the proposed method is superior to the conventional alternatives in resisting deformation and degradation.

In this paper, we design and analyze some new and practical (selectively) convertible undeniable signature (SCUS) schemes in both random oracle and standard model, which enjoy several merits over existing schemes in the literature. In particular, we design the first practical RSA-based SCUS schemes secure in the standard model. On the path, we also introduce two moduli RSA assumptions, including the strong twin RSA assumption, which is the RSA symmetry of the strong twin Diffie-Hellman assumption (Eurocrypt'08).

This paper presents unconditionally stable and conformal FDTD schemes which are based on the alternating-direction implicit finite difference time domain (ADI-FDTD) method for accurate modeling of perfectly electric conducting (PEC) objects. The proposed schemes are formulated within the framework of the matrix-vector notation of the finite integration technique (FIT), which allows a systematic and consistent extension of finite difference solution of Maxwell's equations on dual grids. As possible choices of second-order convergent conformal method, we apply the partially filled cell (PFC) and the uniformly stable conformal (USC) schemes for the ADI-FDTD method. The unconditional stability and the rates of convergence of the proposed conformal ADI-FDTD (CADI-FDTD) schemes are verified by means of numerical examples of waveguide problems.

A rigorous semi-analytical approach for the scalar field in a microstructured optical fiber, which is formed of layered cylindrical arrays of circular rods symmetrically distributed on each concentric cylindrical layer, is presented. The method uses the T-matrix of a circular rod in isolation and the generalized reflection and transmission matrices of cylindrical arrays. Numerical examples of the mode index for three-layered hexagonal structure of circular air holes are demonstrated and compared with those obtained by a variational method.

An eyegaze interface is one of the key technologies as an input device in the ubiquitous-computing society. In particular, an eyegaze communication system is very important and useful for severely handicapped users such as quadriplegic patients. Most of the conventional eyegaze tracking algorithms require specific light sources, equipment and devices. In this study, a simple eyegaze detection algorithm is proposed using a single monocular video camera. The proposed algorithm works under the condition of fixed head pose, but slight movement of the face is accepted. In our system, we assume that all users have the same eyeball size based on physiological eyeball models. However, we succeed to calibrate the physiologic movement of the eyeball center depending on the gazing direction by approximating it as a change in the eyeball radius. In the gaze detection stage, the iris is extracted from a captured face frame by using the Hough transform. Then, the eyegaze angle is derived by calculating the Euclidean distance of the iris centers between the extracted frame and a reference frame captured in the calibration process. We apply our system to an eyegaze communication interface, and verified the performance through key typing experiments with a visual keyboard on display.

Many existing software reliability models (SRMs) are based on the assumption that fault correction activities take a negligible amount of time and resources, which is often invalid in real-life situations. Consequently, the estimated and predicted software reliability tends to be over-optimistic, which could in turn mislead management in related decision-makings. In this paper, we first make an in-depth analysis of real-life software testing process; then a Markovian SRM considering fault correction process is proposed. Parameter estimation method and software reliability prediction method are established. A numerical example is given which shows that by using the proposed model and methods, the results obtained tend to be more appropriate and realistic.

A method was developed for deriving the approximate global optimum of a nonlinear objective function with multiple local optimums. The objective function is expanded into a linear wave coefficient equation, so the problem of maximizing the objective function is reduced to that of maximizing a quadratic function with respect to the wave coefficients. Because a wave function expressed by the wave coefficients is used in the algorithm for maximizing the quadratic function, the algorithm is equivalent to a full search algorithm, i.e., one that searches in parallel for the global optimum in the whole domain of definition. Therefore, the global optimum is always derived. The method was evaluated for various objective functions, and computer simulation showed that a good approximation of the global optimum for each objective function can always be obtained.

In this paper, the scan chain ordering method for BIST-aided scan test for reducing test data and test application time is proposed. In this work, we utilize the simple LFSR without a phase shifter as PRPG and configure scan chains using the compatible set of flip-flops with considering the correlations among flip-flops in an LFSR. The method can reduce the number of inverter codes required for inverting the bits in PRPG patterns that conflict with ATPG patterns. The experimental results for some benchmark circuits are shown to present the feasibility of our test method.

In this paper, we present practical password recovery attacks against two challenge and response authentication protocols using MD4. For attacks on protocols, the number of queries is one of the most important factors because the opportunity where an attacker can ask queries is very limited in real protocols. When responses are computed as MD4(Password||Challenge), which is called prefix approach, previous work needs to ask 237 queries to recover a password. Asking 237 queries in real protocols is almost impossible. In our attack, to recover up to 8-octet passwords, we only need 1 time the amount of eavesdropping, 17 queries, and 234 MD4 off-line computations. To recover up to 12-octet passwords, we only need 210 times the amount of eavesdropping, 210 queries, and 241 off-line MD4 computations. When responses are computed as MD4(Password||Challenge||Password), which is called hybrid approach, previous work needs to ask 263 queries, while in our attack, up to 8-octet passwords are practically recovered by 28 times the amount of eavesdropping, 28 queries, and 239 off-line MD4 computations. Our idea is guessing a part of passwords so that we can simulate values of intermediate chaining variables from observed hash values. This enables us to use a short local collision that occurs with a very high probability, and thus the number of queries becomes practical.

An efficient multiplier design method for predetermined coefficient groups is presented based on the variation of canonic signed digit (CSD) encoding and partial product sharing. By applications to radix-24 FFT structure and the pulse-shaping filter design used in CDMA, it is shown that the proposed method significantly reduces the area, propagation delay and power consumption compared with previous methods.

This paper considers a new reactive fast handover MIPv6 (FMIPv6) mechanism to minimize packet loss of the existing mechanism. The primary idea of the proposed reactive FMIPv6 mechanism is that the serving access router buffers packets toward the mobile node (MN) as soon as the link layer between MN and serving base station is disconnected. To implement the proposed mechanism, the router discovery message exchanged between MN and serving access router is extended. In addition, the IEEE 802.21 Media Independent Handover Function event service message is defined newly. Through analytic performance evaluation and experiments, the proposed reactive FMIPv6 mechanism can be shown to minimize packet loss much than the existing mechanism.

In this research a new prediction algorithm based on a Fuzzy Mix of Filters (FMF) is developed. The use of a fuzzy mix is a good solution because it makes intuitive the difficult design task of combining several types of filters, so that the outputs of the filters that work closer to their optimal behavior have higher influence in the predicted values. Therefore the FMF adapts, according to the motion of the tracked object or target, the filter weights to reduce the estimation error. The paper develops the theory about the FMF and uses it for applications with hard real-time requirements. The improvement of the proposed FMF is shown in simulation and an implementation on a parallel processor (FPGA) is presented. As a practical application of the FMF, experimental results are provided for a visual servoing task.

We introduce the "split padding" into a current Merkle-Damgård hash function H. The patched hash function satisfies the following properties: (i) is second-preimage-resistant (SPR) if the underlying compression function h satisfies an "SPR-like" property, and (ii) is one-way (OW) if h satisfies an "OW-like" property. The assumptions we make about h are provided with simple definitions and clear relations to other security notions. In particular, they belong to the class whose existence is ensured by that of OW functions, revealing an evident separation from the strong collision-resistance (CR) requirement. Furthermore, we get the full benefit from the patch at almost no expense: The new scheme requires no change in the internals of a hash function, runs as efficiently as the original, and as usual inherits CR from h.