For mission-critical and safety-critical systems such as medical, financial, or administrative information systems, a secure and reliable storage system is indispensable. The main purpose of our research is to develop a highly secure and highly reliable storage system. We have proposed a storage system that utilizes a secret sharing scheme. The storage system is called the Secret Sharing Storage System. So far, we have developed a prototype of the storage system. In this paper, we propose an automatic repair mechanism, and an interval decision method for this system.

Authenticated Key Establishment (AKE) protocols enable two entities, say a client (or a user) and a server, to share common session keys in an authentic way. In this paper, we review the previous AKE protocols, all of which turn out to be insecure, under the following realistic assumptions: (1) High-entropy secrets that should be stored on devices may leak out due to accidents such as bugs or mis-configureations of the system; (2) The size of human-memorable secret, i.e. password, is short enough to memorize, but large enough to avoid on-line exhaustive search; (3) TRM (Tamper-Resistant Modules) used to store secrets are not perfectly free from bugs and mis-configurations; (4) A client remembers only one password, even if he/she communicates with several different servers. Then, we propose a simple leakage-resilient AKE protocol (cf.[41]) which is described as follows: the client keeps one password in mind and stores one secret value on devices, both of which are used to establish an authenticated session key with the server. The advantages of leakage-resilient AKEs to the previous AKEs are that the former is secure against active adversaries under the above-mentioned assumptions and has immunity to the leakage of stored secrets from a client and a server (or servers), respectively. In addition, the advantage of the proposed protocol to is the reduction of memory size of the client's secrets. And we extend our protocol to be possible for updating secret values registered in server(s) or password remembered by a client. Some applications and the formal security proof in the standard model of our protocol are also provided.

In this paper, we propose an efficient protocol for proving the correctness of shuffling and an efficient protocol for simultaneously proving the correctness of both shuffling and decryption. The former protocol is the most efficient in computational and communication complexity among 3-move honest verifier perfect zero-knowledge protocols for proving a shuffling of ElGamal cipher-texts. The latter protocol is the most efficient in computational, communication, and round complexity, as a whole, in proving the correctness of both shuffling and decryption of ElGamal cipher-texts. The proposed protocols will be a building block of an efficient, universally verifiable mix-net, whose application to voting systems is prominent.

We propose efficient secret sharing schemes realizing general access structures. Our proposed schemes are perfect secret sharing schemes and include Shamir's (k, n)-threshold schemes as a special case. Furthermore, we show that a verifiable secret sharing scheme for general access structures is realized by one of the proposed schemes.

In 1987, Ito, Saito and Nishizeki proposed a secret sharing scheme realizing general access structures, called the multiple assignment secret sharing scheme (MASSS). In this paper, we propose new MASSS's which are perfect secret sharing schemes and include Shamir's (k,n)-threshold schemes as a special case. Furthermore, the proposed schemes are more efficient than the original MASSS from the viewpoint of the number of shares distributed to each participant.

This letter deals with the common randomness problem formulated by Ahlswede and Csiszar. Especially, we consider their source-type models without wiretapper for ergodic sources, and clarify the secret key-capacity by using the bin coding technique proposed by Cover.

We propose a method for reducing the size of a share in visual secret sharing schemes. The proposed method does not cause the leakage and the loss of the original image. The quality of the recovered image is almost same as that of previous schemes.

Combinatorial designs are normally used to construct visual cryptographic schemes. For such schemes two parameters are very important viz. pixel expansion and contrast. Optimizing both is a very hard problem. The schemes having optimal contrast tend to use a high pixel expansion. The focus of the paper is to construct schemes for which pixel expansion is modest and the contrast is close to optimality. Here the tool is latin squares that haven't been used earlier for this purpose.

Electron cyclotron resonance (ECR) plasma oxidation of AlN thin films was studied to form the AlON high-κ gate insulator. The leakage current was found to be decreased, and also the surface roughness was improved with the ECR plasma oxidation of AlN thin films. The leakage current was further decreased after 1000 RTA in N2 with little increase of equivalent oxide thickness (EOT) because of the high quality interfacial layer formation.

We propose a public-key primitive modulo pkq based on the RSA primitive. The decryption process of the proposed scheme is faster than those of two variants of PKCS #1 version 2.1, namely the RSA cryptosystem using Chinese remainder theorem (CRT) and the Multi-Prime RSA. The message M of the proposed scheme is decrypted from M mod pk and M mod q using the CRT, where we apply the Hensel lifting to calculate M mod pk from M mod p that requires only quadratic complexity ((log2p)2). Moreover, we propose a trick that avoids modular inversions used for the Hensel lifting, and thus the proposed algorithm can be computed without modular inversion. We implemented in software both the proposed scheme with 1024-bit modulus p2q and the 1024-bit Multi-Prime RSA for modulus p1p2p3, where p,q,p1,p2,p3 are 342 bits. The improvements of the proposed scheme over the Multi-Prime RSA are as follows: The key generation is about 49% faster, the decryption time is about 42% faster, and the total secret key size is 33% smaller.

The auction is a popular way of trading. Despite of the popularity of the auction, only a small number of papers have addressed the protocol which realize the double auction. In this paper, we propose a new method of double auction which improves the algorithm of the existing double auction protocol. Our new method is based on the idea of number comparison which is realized by homomorphic encryption. The new method solves the problem of the privacy of losing bids found in the existing algorithm. The buyers and the sellers can embed a random number in their bidding information by the use of the homomorphic encryption. The players in an auction cannot get anyone else's bidding information. The new method is more efficient than the existing ones. Our new method satisfies the criteria for the auction protocol.

In this paper, a new method is proposed to construct a visual secret sharing scheme with a general access structure for plural secret images. Although the proposed scheme can be considered as an extension of Droste's method that can encode only black-white images, it can encode plural gray-scale and/or color secret images.

A reactive sputtering method using an Electron-Cyclotron-Resonance (ECR) microwave plasma was used to deposit Ni-Zn ferrite thin-films for a soft magnetic backlayer of Co-containing spinel ferrite thin-film perpendicular magnetic recording (PMR) media. The Ni-Zn spinel ferrite thin-films with a preferential orientation of (100) and a relatively low coercivity of 15 Oe were obtained at a high deposition rate of 14 nm/min and at a temperature below 200 degrees C. Although post-annealing treatment in air at 200 degrees C was effective to decrease the coercivity of the Ni-Zn ferrite thin-films, the saturation magnetization and initial permeability decreased and the surface smoothness was deteriorated simultaneously. The Ni-Zn ferrite thin-films prepared by ECR sputtering are promising as the backlayer of the perpendicular magnetic recording medium, but further improvement is required in terms of the soft magnetic properties, the grain size and the surface roughness.

A t-out-of-n audio cryptography is a secret sharing scheme that can be used to hide a digital message into n sounds and human being's ears can perceive the message from any t of the n sounds playing simultaneously. In 1998, Desmedt et al. proposed the first audio cryptography scheme (ACS or AC scheme) by using the characteristics of the wave interference, i.e., in phase or out of phase. However, their scheme can generate 2-out-of-n ACS with log2(n) cover sounds only. In this paper, a new t-out-of-n ACS is proposed. The proposed scheme is to hide a secret message by a specified cadence of which each is played at either different or the same time in n music. The secret message can be perceived according to the number of the specified cadences by any t of the n music playing simultaneously. It can achieve any t-out-of-n scheme theoretically with only one cover sound. Furthermore, we show that there exists a transformation between a general VSS scheme and the proposed AC scheme. Any Boolean Matrices, which can be used to construct a VSS scheme, can also be transformed to construct the ACS, and vice versa.

It is found that the supercontinuum spectrum is generated from cross-phase modulated soliton pulses which are propagated through a dispersion-flattened/decreasing fiber with low birefringence. The cross-phase modulation is achieved by exciting two orthogonally polarized modes in a birefringent fiber and the effect of input azimuth of linearly polarized pulses is discussed theoretically and numerically.

In this letter we propose a new visual secret sharing scheme (VSSS) applicable to color images containing many colors such as photographs. In the proposed VSSS we can perceive a concealed secret image appearing on a reproduced image, which is obtained by stacking certain shares, according to the principle called the meanvalue-color mixing (MCM). First, we mathematically formulate the MCM and define a new parameter that determines the minimum quality of the reproduced secret image. Then, we explicitly construct the VSSS based on the MCM under general access structures. The construction is proved to be realistic by experiment under the (2,2)-threshold access structure.

Co-containing ferrite thin-film media deposited by a reactive-ECR-sputtering at a low substrate temperature of 150 degree Celsius were oxidized by ECR plasma. The magnetic properties and recording characteristics of the media were improved by the oxidation with maintaining a smooth surface. The media showed high D50 of 203 kFRPI in MIG head recording and reproduction. The Co-containing ferrite thin-film is feasible to be used as a protective overcoat layer.

In this paper, a method is proposed to construct an n-out-of-n visual secret sharing scheme for gray-scale images, for short an (n,n)-VSS-GS scheme, which is optimal in the sense of contrast and pixel expansion, i.e., resolution. It is shown that any (n,n)-VSS-GS scheme can be constructed based on the so-called polynomial representation of basis matrices treated in [15],[16]. Furthermore, it is proved that such construction can attain the optimal (n,n)-VSS-GS scheme.

A visual secret sharing scheme (VSSS) is one of secret sharing schemes for images. Droste showed the method for constructing VSSS based on basis matrices whose contrast was high. Koga, Iwamoto, and Yamamoto also proposed the method for constructing a lattice-based VSSS and its polynomial representation. It is known that many good VSSSs are not in the class of lattice-based VSSSs. In this paper, we show the well-defined polynomial representation of a VSSS based on permuting different matrices for black-white images. The necessary and sufficient condition of the existence of a VSSS based on permuting different matrices can be obtained from the proposed polynomial representation. This condition is useful for constructing a good VSSS. We also point out that without additional data, it is possible to achieve member verification by using a VSSS. Using the proposed polynomial representation, the probability of detecting a cheater is analyzed.

We present a simple solution to secretly sharing a factoring witness (for given N) in a publicly-verifiable manner. Compared to the previous PVSS schemes to secretly sharing a factoring witness, the scheme enjoys the following properties: (1) the formal proofs of security can be given; (2) it is designed to be conceptually simpler; (3) it needs fewer communicated bits and, if not-so low exponent RSA (e.g., e > 219+1) is used in the previous schemes, fewer computations; (4) no general multi-party computation is required in the preparation phase.