Goichiro HANAOKA Kaoru KUROSAWA
In this paper, we introduce the intermediate hashed Diffie-Hellman (IHDH) assumption which is weaker than the hashed DH (HDH) assumption (and thus the decisional DH assumption), and is stronger than the computational DH assumption. We then present two public key encryption schemes with short ciphertexts which are both chosen-ciphertext secure under this assumption. The short-message scheme has smaller size of ciphertexts than Kurosawa-Desmedt (KD) scheme, and the long-message scheme is a KD-size scheme (with arbitrary plaintext length) which is based on a weaker assumption than the HDH assumption.
Jae Sub OH Kwang Il CHOI Young Su KIM Min Ho KANG Myeong Ho SONG Sung Kyu LIM Dong Eun YOO Jeong Gyu PARK Hi Deok LEE Ga Won LEE
A HfO2 as the charge-storage layer with the physical thickness thinner than 4 nm in silicon-oxide-high-k oxide-oxide-silicon (SOHOS) flash memory was investigated. Compared to the conventional silicon-oxide-nitride-oxide-silicon (SONOS) flash memory, the SOHOS shows the slow operational speed and exhibits the poorer retention characteristics. These are attributed to the thin physical thickness below 4 nm and the crystallization of the HfO2 to contribute the lateral migration of the trapped charge in the trapping layer during high temperature annealing process.
Jian WENG Min-Rong CHEN Kefei CHEN Robert H. DENG
Hierarchical Identity-Based Encryption (HIBE) is a generalization of identity-based encryption that mirrors an organizational hierarchy, and allows the root Private Key Generator (PKG) to distribute the workload of key generations to lower-level PKGs. In Indocrypt'08, Ren and Gu proposed a new HIBE scheme, and claimed that their scheme is fully chosen-ciphertext secure in the standard model. However, by giving a concrete attack, we show that Ren-Gu's HIBE is even not chosen-plaintext secure.
Masayuki ABE Eike KILTZ Tatsuaki OKAMOTO
Every public-key encryption scheme has to incorporate a certain amount of randomness into its ciphertexts to provide semantic security against chosen ciphertext attacks (IND-CCA). The difference between the length of a ciphertext and the embedded message is called the ciphertext overhead. While a generic brute-force adversary running in 2t steps gives a theoretical lower bound of t bits on the ciphertext overhead for IND-CPA security, the best known IND-CCA secure schemes demand roughly 2t bits even in the random oracle model. Is the t-bit gap essential for achieving IND-CCA security? We close the gap by proposing an IND-CCA secure scheme whose ciphertext overhead matches the generic lower bound up to a small constant. Our scheme uses a variation of a four-round Feistel network in the random oracle model and hence belongs to the family of OAEP-based schemes. Maybe of independent interest is a new efficient method to encrypt long messages exceeding the length of the permutation while retaining the minimal overhead.
Won SEONG June-Sik CHO Seung-Moo NOH Jong-Won PARK
In general, the spleen accompanied by abnormal abdomen is hypertrophied. However, if the spleen size is originally small, it is hard to detect the splenic enlargement due to abnormal abdomen by simply measure the size. On the contrary, the spleen size of a person having a normal abdomen may be large by nature. Therefore, measuring the size of spleen is not a reliable diagnostic measure of its enlargement or the abdomen abnormality. This paper proposes an automatic method to diagnose the splenic enlargement due to abnormality, by examining the boundary pattern of spleen in abdominal CT images.
Toshinari OGIWARA Jun-ichi TAKAHASHI Hitoshi KUMA Yuichiro KAWAMURA Toshihiro IWAKUMA Chishio HOSOKAWA
We carried out degradation analysis of a blue phosphorescent organic light emitting diode by both impedance spectroscopy and transient electroluminescence (EL) spectroscopy. The number of semicircles observed in the Cole-Cole plot of the modulus became three to two after the device was operated for 567 hours. Considering the effective layer thickness of the initial and degraded devices did not change by degradation and combining the analysis of the Bode-plot of the imaginary part of the modulus, the relaxation times of emission layer and hole-blocking with electron transport layers changed to nearly the same value by the increase of the resistance of emission layer. Decay time of transient EL of the initial device was coincident with that of the degraded one. These phenomena suggest that no phosphorescence quenching sites are generated in the degraded device, but the number of the emission sites decrease by degradation.
Sutee SUDPRASERT Asanee KAWTRAKUL Christian BOITET Vincent BERMENT
In this paper, we present a new dependency parsing method for languages which have very small annotated corpus and for which methods of segmentation and morphological analysis producing a unique (automatically disambiguated) result are very unreliable. Our method works on a morphosyntactic lattice factorizing all possible segmentation and part-of-speech tagging results. The quality of the input to syntactic analysis is hence much better than that of an unreliable unique sequence of lemmatized and tagged words. We propose an adaptation of Eisner's algorithm for finding the k-best dependency trees in a morphosyntactic lattice structure encoding multiple results of morphosyntactic analysis. Moreover, we present how to use Dependency Insertion Grammar in order to adjust the scores and filter out invalid trees, the use of language model to rescore the parse trees and the k-best extension of our parsing model. The highest parsing accuracy reported in this paper is 74.32% which represents a 6.31% improvement compared to the model taking the input from the unreliable morphosyntactic analysis tools.
To enable fine-grained delegations for proxy re-encryption systems, in AsiaCCS'09, Weng et al.'s introduced the concept of conditional proxy re-encryption (C-PRE), in which the proxy can convert a ciphertext only if a specified condition is satisfied. Weng et al. also proposed a C-PRE scheme, and claimed that their scheme is secure against chosen-ciphertext attack (CCA). In this paper, we show that their scheme is not CCA-secure under their defined security model.
Yasuhito ASANO Yuya MIYAWAKI Takao NISHIZEKI
Several methods have been proposed for compressing the linkage data of a Web graph. Among them, the method proposed by Boldi and Vigna is known as the most efficient one. In the paper, we propose a new method to compress a Web graph. Our method is more efficient than theirs with respect to the size of the compressed data. For example, our method needs only 1.99 bits per link to compress a Web graph containing 3,216,152 links connecting 325,557 pages, while the method of Boldi and Vigna needs 2.84 bits per link to compress the same Web graph.
Ik Rae JEONG Jeong Ok KWON Dowon HONG Dong Hoon LEE
Searchable encryption has many applications including e-mail systems and storage systems. The usefulness of searchable encryption derives from its support of keyword-testability. Keyword-testability means that a receiver of a ciphertext can test whether the ciphertext contains a specific keyword. Recently, Bellare et al. suggested an efficiently-searchable encryption scheme with keyword-recoverability as well as keyword-testability. Keyword-recoverability means that a receiver can extract the keyword from a ciphertext. All of the previous searchable encryption schemes have provided only keyword-testability. However, as explained by Bellare et al., no efficiently-searchable encryption scheme can provide even security against chosen keyword attacks. That is, Bellare et al.'s scheme assumes that no useful partial information about the keyword is known to the adversaries. In this paper, we suggest an SEKR (searchable encryption with keyword-recoverability) scheme which is secure even if the adversaries have any useful partial information about the keyword. Our scheme provides security against chosen ciphertext attacks which are stronger attacks than chosen keyword attacks. We also suggest an SEKR scheme for multi-keywords.
Tatsunari HAMASAKI Taichiro MORIMUNE Hirotake KAJII Yutaka OHMORI
The characteristics of violet-sensitive organic photodetectors (OPDs) utilizing polyalkylfluorene and triplet materials have been studied as a host and a dopant material, respectively. For the photo absorption layer, poly(9,9-dioctylfluorene) [PFO] and a phosphorescent iridium complex (Iridium (III) bis(2-(4,6-difluorophenyl)pyridinato-N,C2) [FIrpic] or Iridium (III) bis(2-(2'-benzothienyl)pyridinato-N,C3')(acetyl-acetonate) [(btp)2Ir(acac)]) were used as a host and a dopant material, respectively. PFO: (btp)2Ir(acac) device showed less photocurrent than PFO device because (btp)2Ir(acac) enhances recombination of the photo generated carriers in the photo absorption layer. On the other hand, PFO : FIrpic device showed larger photocurrent than PFO device due to triplet energy transfer from FIrpic to PFO. A cutoff frequency of 20 MHz was observed using a sinusoidal modulated violet laser light illumination under the reverse bias of 8 V.
This paper proposes a protocol called vLIN6 which supports both network mobility and host mobility in IPv6. There are several proposals to support network mobility and host mobility. Network Mobility (NEMO) Basic Support Protocol has several problems such as pinball routing, large header overhead due to multiple levels of tunneling, and a single point of failure. Optimized NEMO (ONEMO) and Mobile IP with Address Translation (MAT) are solutions to provide route optimization, but they generate a lot of signaling messages at a handover. In vLIN6, packet relay is required only once regardless of the nested level in network mobility while optimal routing is always provided in host mobility. A fixed-sized extension header is used in network mobility while there is no header overhead in host mobility. vLIN6 is more tolerant of network failure and mobility agent failure than NEMO Basic Support Protocol. It also allows ordinary IPv6 nodes to communicate with mobile nodes and nodes in the mobile network. We implemented vLIN6 on NetBSD 2.0 Release. Our measurement results showed vLIN6 can provide host mobility and network mobility with low overhead.
Atsushi KOBAYASHI Takashi KUNIMOTO Akira YAMANE Koutoku OHMI
Luminescent characteristics of BaGd4Si3O13:Tb phosphor powder including fluorine, which is synthesized at about 1000, have been investigated. This phosphor shows the green emission due to Tb3+ under VUV excitation. By incorporation of F ion based on low-temperature synthesis, the photoluminescence excitation band lying in the wavelength region from 130 to 170 nm increases drastically in comparison to BaGd4Si3O13:Tb phosphor synthesized at 1550. This phosphor is a candidate for a green PDP phosphor for both 147 nm resonance line and 172 nm excimer band of Xe plasma.
Isamu TERANISHI Takuro OYAMA Wakaha OGATA
We say that a signature scheme is strongly existentially unforgeable (SEU) if no adversary, given message/signature pairs adaptively, can generate a signature on a new message or a new signature on a previously signed message. We propose a general and efficient conversion in the standard model that transforms a secure signature scheme to SEU signature scheme. In order to construct that conversion, we use a chameleon commitment scheme. Here a chameleon commitment scheme is a variant of commitment scheme such that one can change the committed value after publishing the commitment if one knows the secret key. We define the chosen message security notion for the chameleon commitment scheme, and show that the signature scheme transformed by our proposed conversion satisfies the SEU property if the chameleon commitment scheme is chosen message secure. By modifying the proposed conversion, we also give a general and efficient conversion in the random oracle model, that transforms a secure signature scheme into a SEU signature scheme. This second conversion also uses a chameleon commitment scheme but only requires the key only attack security for it.
Tetsu IWATA Tohru YAGI Kaoru KUROSAWA
KASUMI is a blockcipher that forms the heart of the 3GPP confidentiality and integrity algorithms. In this paper, we study the security of the five-round KASUMI type permutations, and derive a highly non-trivial security bound against adversaries with adaptive chosen plaintext and chosen ciphertext attacks. To derive our security bound, we heavily use the tools from graph theory. However the result does not show its super-pseudorandomness, this gives us a strong evidence that the design of KASUMI is sound.
Tetsutaro KOBAYASHI Eiichiro FUJISAKI
The ESIGN signature scheme was initially proposed in 1985. Since then, several variants have been proposed, but only a few have been formally supported using the methodology of provable security. In addition, these schemes are different from the ESIGN-PSS signature scheme submitted to ISO/IEC-14888-2 for standardization. It is believed that ESIGN-PSS is secure against the chosen-message attack, however, there has not yet been any report verifying this belief. This paper presents the security proofs of ESIGN-PSS and a variant of this scheme, denoted ESIGN-PSS-R, which is a signature scheme comprising the ESIGN signature mechanism and the PSS-R mechanism.
Jia HOU Moon Ho LEE Kwangjae LEE
In this letter, we define the generalized doubly stochastic processing via Jacket matrices of order-2n and 2n with the integer, n≥2. Different from the Hadamard factorization scheme, we propose a more general case to obtain a set of doubly stochastic matrices according to decomposition of the fundaments of Jacket matrices. From order-2n and order-2n Jacket matrices, we always have the orthostochastoc case, which is the same as that of the Hadamard matrices, if the eigenvalue λ1 = 1, the other ones are zeros. In the case of doubly stochastic, the eigenvalues should lead to nonnegative elements in the probability matrix. The results can be applied to stochastic signal processing, pattern analysis and orthogonal designs.
Yuichi HINO Hirotake KAJII Yutaka OHMORI
We investigated luminescent properties in combination of red emissive europium complex of tris(dibenzoylmethane)-mono(4,7-dimethylphenanthroline)europium(III) [Eu(dbm)3phen] and blue phosphorescent molecule of bis[(4,6-difluorophenyl)-pyridinato-N,C2'] (picolinate) iridium (III) (FIrpic) doped in poly(N-vinyl-carbazole) (PVK). A sharp red emission from Eu(dbm)3phen was observed in photoluminescence (PL) measurement, whereas, in the case of electroluminescence (EL), emission from FIrpic and Eu compound were observed. The difference of the PL and EL spectra indicates that different energy transfer processes between Eu(dbm)3phen and FIrpic are suggested.
Kenji TODA Yoshitaka KAWAKAMI Shin-ichiro KOUSAKA Yutaka ITO Akira KOMENO Kazuyoshi UEMATSU Mineo SATO
We focus on the development of new silicate phosphors for a white LED. In the europium doped silicate system, four LED phosphor candidates-- Li2SrSiO4:Eu2+, Ba9Sc2Si6O24:Eu2+ , Ca3Si2O7:Eu2+ and Ba2MgSi2O7:Eu2+ were found. Luminescent properties under near UV and visible excitation were investigated for the new Eu2+ doped LED silicate phosphors. These new phosphors have a relatively strong absorption band in a long wavelength region.
Ichiro HIROSAWA Tetsuo HONMA Kazuo KATO Naoto KIJIMA Yasuo SHIMOMURA
The sites that doped divalent Eu ions occupy in BaMgAl10O17 were studied by X-ray absorption fine structure (XAFS) measurement. The radial structural function and the Fourier-filtered EXAFS wiggle derived from the observed XAFS spectrum suggested that Eu ions occupy the Beevers-Ross and/or anti-Beevers-Ross sites. Observed XANES spectrum also could be explained by Beevers-Ross site occupation.