Chronic liver disease is a major worldwide health problem. Diagnosis and staging of chronic liver diseases is an important issue. In this paper, we propose a quantitative method of analyzing local morphological changes for accurate and practical computer-aided diagnosis of cirrhosis. Our method is based on sparse and low-rank matrix decomposition, since the matrix of the liver shapes can be decomposed into two parts: a low-rank matrix, which can be considered similar to that of a normal liver, and a sparse error term that represents the local deformation. Compared with the previous global morphological analysis strategy based on the statistical shape model (SSM), our proposed method improves the accuracy of both normal and abnormal classifications. We also propose using the norm of the sparse error term as a simple measure for classification as normal or abnormal. The experimental results of the proposed method are better than those of the state-of-the-art SSM-based methods.

The energy consumption of the Internet has a huge impact on the world economy and it is likely to increase every year. In present backbone networks, pairs of nodes are connected by “bundles” of multiple physical cables that form one logical link and energy saving can be achieved by shutting down unused network resources. The hose model can support traffic demand variations among node pairs in different time periods because it accommodates multiple traffic matrices unlike the pipe model which supports only one traffic matrix. This paper proposes an OSPF (Open Shortest Path First) link weight optimization scheme to reduce the network resources used for the hose model considering single link failures. The proposed scheme employs a heuristic algorithm based on simulated annealing to determine a suitable set of link weights to reduce the worst-case total network resources used, and considering any single link failure preemptively. It efficiently selects the worst-case performance link-failure topology and searches for a link weight set that reduces the worst-case total network resources used. Numerical results show that the proposed scheme is more effective in the reduction of worst-case total network resources used than the conventional schemes, Start-time Optimization and minimum hop routing.

New HEu$_{1-x}$Gd$_{x}$(MoO$_4$)$_2$ nanophosphors were synthesized by a simple one-step ion-exchange method. These nanophosphors have rod-like particle morphology with 0.5--15,$mu$ m in length and outer diameters in the range of 50--500,nm. By optimization of the composition, the highest emission intensity was obtained for the samples with $x = 0.50$ for both KEu$_{1-x}$Gd$_{x}$(MoO$_{4}$)$_{2}$ and HEu$_{1-x}$Gd$_{x}$(MoO$_{4}$)$_{2}$.

In this letter, we formally present the definition of KDM-CCA1 security in public key setting, which falls in between the existing KDM-CPA and KDM-CCA2 security. We also prove that if a public key encryption scheme is CCA1 secure and has the properties of secret-key multiplication (or addition) homomorphism, and conditioned plaintext-restorability, then it is KDM-CCA1 secure w.r.t. two ensembles of functions that had been used in [15],[17], respectively. For concrete scheme, we show that the (tailored) Damgård's Elgamal scheme achieves this KDM-CCA1 security based on different assumptions.

We study non-malleability of multiple public-key encryption (ME) schemes. The main difference of ME from the threshold public-key encryption schemes is that there is no dealer to share a secret among users; each user can independently choose their own public-keys; and a sender can encrypt a message under ad-hoc multiple public keys of his choice. In this paper we tackle non-malleability of ME. We note that the prior works only consider confidentiality of messages and treat the case that all public keys are chosen by honest users. In the multiple public-key setting, however, some application naturally requires non-malleability of ciphertexts under multiple public keys including malicious users'. Therefore, we study the case and have obtained the following results:·We present three definitions of non-malleability of ME, simulation-based, comparison-based, and indistinguishability-based ones. These definitions can be seen as an analogue of those of non-malleable public-key encryption (PKE) schemes. Interestingly, our definitions are all equivalent even for the “invalid-allowing” relations. We note that the counterparts of PKE are not equivalent for the relations.·The previous strongest security notion for ME, “indistinguishability against strong chosen-ciphertext attacks (sMCCA)” [1], does not imply our notion of non-malleability against chosen-plaintext attacks.·Non-malleability of ME guarantees that the single message indistinguishability-based notion is equivalent to the multiple-message simulation-based notion, which provides designers a fundamental benefit.·We define new, stronger decryption robustness for ME. A non-malleable ME scheme is meaningful in practice if it also has the decryption robustness.·We present a constant ciphertext-size ME scheme (meaning that the length of a ciphertext is independent of the number of public-keys) that is secure in our strongest security notion of non-malleability. Indeed, the ciphertext overhead (i.e., the length of a ciphertext minus that of a plaintext) is the combined length of two group elements plus one hash value, regardless of the number of public keys. Then, the length of the partial decryption of one user consists of only two group elements, regardless of the length of the plaintext.

A ghost reduction algorithm for multiple angle sensors tracking objects under dual hypotheses is proposed. When multiple sensors and multiple objects exist on the same plane, the conventional method is unable to distinguish the real objects and ghosts from all possible pairs of measurement angle vectors. In order to resolve the issue stated above, the proposed algorithm utilizes tracking process considering dual hypotheses of real objects and ghosts behaviors. The proposed algorithm predicts dynamics of all the intersections of measurement angle vector pairs with the hypotheses of real objects and ghosts. Each hypothesis is evaluated by the residuals between prediction data and intersection. The appropriate hypothesis is extracted trough several data sampling. Representative simulation results demonstrate the effectiveness of the proposed algorithm.

Ultra-high luminance lamps emitting white light with a well-scattered blue spectrum from InGaN/GaN laser diodes and a phosphor-converted yellow spectrum show speckle contrast values as low as LED. Spectral behavior of the laser diodes is analyzed to find the reason why such low values are obtained. As a result, the PWM-driven, multi-longitudinal mode with dynamically broadened line-width is found to have a great effect on reducing speckle contrast. Despite using the lasers, such speckle-free lamps are considered to be very suitable for high-luminance and other various lighting applications.

There is a relentless push for cost and size reduction in optical transmitters and receivers for fiber-optic links. Monolithically integrated optical chips in InP and Si may be a way to leap ahead of this trend. We discuss uses of integration technology to accomplish various telecommunications functions.

We consider the problem of constructing public-key encryption (PKE) schemes that are resilient to a-posteriori chosen-ciphertext and key-leakage attacks (LR-CCA2). In CTYPTO'09, Naor and Segev proved that the Naor-Yung generic construction of PKE which is secure against chosen-ciphertext attack (CCA2) is also secure against key-leakage attacks. They also presented a variant of the Cramer-Shoup cryptosystem, and showed that this PKE scheme is LR-CCA2-secure under the decisional Diffie-Hellman assumption. In this paper, we apply the generic construction of “Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption” (EUROCRYPT'02) to generalize the above work of Naor-Segev. In comparing to the first construction of Naor-Segev, ours is more efficient because of not using simulation-sound NIZK. We also extend it to stateful PKE schemes. Concretely, we present the notion of LR-CCA2 attack in the case of stateful PKE, and a generic construction of stateful PKE that is secure against this attack.

Smart OSPF (S-OSPF), a load balancing, shortest-path-based routing scheme, was introduced to improve the routing performances of networks running on OSPF assuming that exact traffic demands are known. S-OSPF distributes traffic from a source node to neighbor nodes, and after reaching the neighbor nodes, traffic is routed according to the OSPF protocol. However, in practice, exact traffic demands are difficult to obtain, and the distribution of unequal traffic to multiple neighbor nodes requires complex functionalities at the source. This paper investigates non-split S-OSPF with the hose model, in which only the total amount of traffic that each node injects into the network and the total amount of traffic each node receives from the network are known, for the first time, with the goal of minimizing the network congestion ratio (maximum link utilization over all links). In non-split S-OSPF, traffic from a source node to a destination node is not split over multiple routes, in other words, it goes via only one neighbor node to the destination node. The routing decision with the hose model is formulated as an integer linear programming (ILP) problem. Since the ILP problem is difficult to solve in a practical time, this paper proposes a heuristic algorithm. In the routing decision process, the proposed algorithm gives the highest priority to the node pair that has the highest product of the total amount of injected traffic by one node and total amount of received traffic by the other node in the pair, where both traffic volumes are specified in the hose model, and enables a source node to select the neighbor node that minimizes network congestion ratio for the worst case traffic condition specified by the hose model. The non-split S-OSPF scheme's network congestion ratios are compared with those of the split S-OSPF and classical shortest path routing (SPR) schemes. Numerical results show that the non-split S-OSPF scheme offers lower network congestion ratios than the classical SPR scheme, and achieves network congestion ratios comparable to the split S-OSPF scheme for larger networks. To validate the non-split S-OSPF scheme, using a testbed network experimentally, we develop prototypes of the non-split S-OSPF path computation server and the non-split S-OSPF router. The functionalities of these prototypes are demonstrated in a non-split S-OSPF network.

The cryptographic algorithm called INCrypt32 is a MAC algorithm to authenticate participants, RFID cards and readers, in HID Global's iCLASS systems. HID's iCLASS cards are widely used contactless smart cards for physical access control. Although INCrypt32 is a heart of the security of HID's iCLASS systems, its security has not been evaluated yet since the specification has not been open to public. In this paper, we reveal the specification of INCrypt32 by reverse-engineering iCLASS cards and investigate the security of INCrypt32 with respect to the cryptographic sense. This result is the first work to describe the details of INCrypt32 and the possibility of a secret key (64-bit) recovery in our attack environments. 242 MAC queries are required in the real environment using secure communication protocols. But the required number of MAC queries decreases to 218 if MAC quires for chosen messages with arbitrary length can be requested.

This paper shows a known-key distinguisher on the internal block cipher of tweaked Lesamnta reduced to 31 (out of 32) rounds, which is one of the hash functions submitted to the SHA-3 competition. Moreover, the paper presents a distinguisher for full internal block cipher of Lesamnta with stronger assumption. For its tweaked version, all previous cryptanalysis can work no more than 24 rounds. We search for a new integral characteristic for the internal block cipher, and discover a 19-round integral characteristic for forward direction. We then search for an integral characteristic for backward direction, and the characteristics can be combined to full rounds with some assumption. The distinguisher for the internal block cipher of Lesamnta-256 requires 2192 query complexity and negligible memory. This is the best attack on Lesamnta compression function and its internal block cipher after the tweak.

In this paper, we present a framework to construct message recovery signature schemes from Sigma-protocols. The key technique of our construction is the redundancy function that adds some redundancy to the message only legitimately signed and recovered message can have. We provide a characterization of the redundancy functions that make the resulting message recovery signature scheme proven secure. Our framework includes known schemes when the building blocks are given concrete implementations, i.e., random oracles and ideal ciphers, hence presents insightful explanation to their structure.

In NGN standards, End Host, also referred to as Terminal Equipment (TE), holds an important place in end-to-end path performance. However, most researchers neglect TE performance when considering performance of end-to-end paths. As far as the authors' knowledge goes, no previous study has proposed a model for TE performance. This paper proposes a method for measuring performance of TE and model extraction based on measurement data. The measurement was made possible with the use of a special NPU (Network Processing Unit) implemented as a programmable NIC. Along with the probing itself, a framework for removing the skew between the NPU and OS is developed in this paper. The multidimensional analysis includes method of probing, packet size and background traffic volume, and studies their effect on TE performance. A method for extracting a generic TE model is proposed. The outcome of this research can be used for modelling TE in simulations and in modelling end-to-end performance when considering QoS in NGN.

In this paper, we fabricated a gate-all-around bandgap-engineered (BE) silicon-oxide-nitride-oxide-silicon (SONOS) and silicon-oxide-high-k-oxide-silicon (SOHOS) flash memory device with a vertical silicon pillar type structure for a potential solution to scaling down. Silicon nitride (Si3N4) and hafnium oxide (HfO2) were used as trapping layers in the SONOS and SOHOS devices, respectively. The BE-SOHOS device has better electrical characteristics such as a lower threshold voltage (VTH) of 0.16 V, a higher gm.max of 0.593 µA/V and on/off current ratio of 5.76108, than the BE-SONOS device. The memory characteristics of the BE-SONOS device, such as program/erase speed (P/E speed), endurance, and data retention, were compared with those of the BE-SOHOS device. The measured data show that the BE-SONOS device has good memory characteristics, such as program speed and data retention. Compared with the BE-SONOS device, the erase speed is enhanced about five times in BE-SOHOS, while the program speed and data retention characteristic are slightly worse, which can be explained via the many interface traps between the trapping layer and the tunneling oxide.

We designed and synthesized alkoxyphenyl group containing starburst host materials 1. Using 1 as a host material, efficient phosphorescent OLEDs with the power efficiencies of 32 lm W-1 for blue, and 85 lm W-1 for green at 100 cd m-2 were developed.

Well-crystallized Ba2SiO4:Eu2+ powders were grown on a substrate by the vapor phase reaction between a mixed powder (barium carbonate and europium oxide) and SiO gas. The vaporization of SiO occurs at 1400–1600 from the SiO2 source (or SiO powder) in a reducing atmosphere. The formed SiO gas was transported by 95 vol% Ar - 5 vol% H2 gas and reacted with the raw material powders. The emission intensity of the Ba2SiO4:Eu2 + phosphor synthesized by the new vapor phase technique is about 2.6 times higher than that of a conventional solid-state reaction sample.

This paper shows a simple methodology for shortening a ciphertext of reproducible key encapsulation mechanisms. Specifically, it transforms a key encapsulation mechanism having OW-CCCA security and reproducibility into that of IND-CCA secure in the random oracle model whose ciphertext is shorter. Various existing chosen-ciphertext secure key encapsulation mechanisms (in the standard model) are reproducible, and thus their ciphertext can be shortened by the proposed transformation. The transformed scheme requires only one additional hashing for encryption. This property enables us to implement both the original scheme and the transformed scheme into a single chip simultaneously with small gate-size overhead. Using this chip, a sender can flexibly switch schemes to encrypt a message in a message-by-message manner. Such a use of schemes is also analyzed.

Owing to the concerns about electromagnetic interference (EMI) from wireless local area networks (WLAN), an investigation into its impact on medical equipment is carried out. The results indicate that there is no evidence of 802.11 Wireless LAN systems being unsafe for installation inside hospital premises and only one piece of equipment was found to be susceptible to IEEE 802.11b standard.

In this paper, we propose two new chosen-ciphertext (CCA) secure schemes from the computational Diffie-Hellman (CDH) and bilinear computational Diffie-Hellman (BCDH) assumptions. Our first scheme from the CDH assumption is constructed by extending Cash-Kiltz-Shoup scheme. This scheme yields the same ciphertext as that of Hanaoka-Kurosawa scheme (and thus Cramer-Shoup scheme) with cheaper computational cost for encryption. However, key size is still the same as that of Hanaoka-Kurosawa scheme. Our second scheme from the BCDH assumption is constructed by extending Boyen-Mei-Waters scheme. Though this scheme requires a stronger underlying assumption than the CDH assumption, it yields significantly shorter key size for both public and secret keys. Furthermore, ciphertext length of our second scheme is the same as that of the original Boyen-Mei-Waters scheme.