At CT-RSA 2022, Bossert et al. proposed Pholkos family, an efficient large-state tweakable block cipher. In order to evaluate the security of differential attacks on Pholkos, they obtained the lower bounds for the number of active S-boxes for Pholkos using MILP (Mixed Integer Linear Programming) tools. Based on it, they claimed that Pholkos family is secure against differential attacks. However, they only gave rough security bounds in both of related-tweak and related-tweakey settings. To be more precise, they estimated the lower bounds of the number of active S-boxes for relatively-large number of steps by just summing those in the small number of steps. In this paper, we utilize efficient search methods based on MILP to obtain tighter lower bounds for the number of active S-boxes in a larger number of steps. For the first time, we derive the exact minimum number of active S-boxes of each variant up to the steps where the security against differential attacks can be ensured in related-tweak and related-tweakey settings. Our results indicate that Pholkos-256-128/256-256/512/1024 is secure after 4/5/3/4 steps in the related-tweak setting, and after 5/6/3/4 steps in the related-tweakey setting, respectively. Our results enable reducing the required number of steps to be secure against differential attacks of Pholkos-256-256 in related-tweak setting, and Pholkos-256-128/256 and Pholkos-1024 in the related-tweakey setting by one step, respectively.

In this letter, we investigate the application of the subgradient method to design efficient algorithm for linear programming (LP) decoding of binary linear codes. A major drawback of the original formulation of LP decoding is that the description complexity of the feasible region is exponential in the check node degrees of the code. In order to tackle the problem, we propose a processing technique for LP decoding with the subgradient method, whose complexity is linear in the check node degrees. Consequently, a message-passing type decoding algorithm can be obtained, whose per-iteration complexity is extremely low. Moreover, if the algorithm converges to a valid codeword, it is guaranteed to be a maximum likelihood codeword. Simulation results on several binary linear codes with short lengths suggest that the performances of LP decoding based on the subgradient method and the state-of-art LP decoding implementation approach are comparable.

This paper presents MDX-Mixer, which improves music demixing (MDX) performance by leveraging source signals separated by multiple existing MDX models. Deep-learning-based MDX models have improved their separation performances year by year for four kinds of sound sources: “vocals,” “drums,” “bass,” and “other”. Our research question is whether mixing (i.e., weighted sum) the signals separated by state-of-the-art MDX models can obtain either the best of everything or higher separation performance. Previously, in singing voice separation and MDX, there have been studies in which separated signals of the same sound source are mixed with each other using time-invariant or time-varying positive mixing weights. In contrast to those, this study is novel in that it allows for negative weights as well and performs time-varying mixing using all of the separated source signals and the music acoustic signal before separation. The time-varying weights are estimated by modeling the music acoustic signals and their separated signals by dividing them into short segments. In this paper we propose two new systems: one that estimates time-invariant weights using 1×1 convolution, and one that estimates time-varying weights by applying the MLP-Mixer layer proposed in the computer vision field to each segment. The latter model is called MDX-Mixer. Their performances were evaluated based on the source-to-distortion ratio (SDR) using the well-known MUSDB18-HQ dataset. The results show that the MDX-Mixer achieved higher SDR than the separated signals given by three state-of-the-art MDX models.

Modulated signal detection has been rapidly advancing in various wireless communication systems as it's a core technology of spectrum sensing. To address the non-Gaussian statistical of noise in radio channels, especially its pulse characteristics in the time/frequency domain, this paper proposes a method based on Information Geometric Difference Mapping (IGDM) to solve the signal detection problem under Alpha-stable distribution (α-stable) noise and improve performance under low Generalized Signal-to-Noise Ratio (GSNR). Scale Mixtures of Gaussians is used to approximate the probability density function (PDF) of signals and model the statistical moments of observed data. Drawing on the principles of information geometry, we map the PDF of different types of data into manifold space. Through the application of statistical moment models, the signal is projected as coordinate points within the manifold structure. We then design a dual-threshold mechanism based on the geometric mean and use Kullback-Leibler divergence (KLD) to measure the information distance between coordinates. Numerical simulations and experiments were conducted to prove the superiority of IGDM for detecting multiple modulated signals in non-Gaussian noise, the results show that IGDM has adaptability and effectiveness under extremely low GSNR.

In this paper, we propose a hybrid crystal oscillator which achieves both quick startup and low steady-state power consumption. At startup, a large negative resistance is realized by configuring a Pierce oscillating circuit with a multi-stage inverter amplifier, resulting in high-speed startup. During steady-state oscillation, the oscillator is reconfigured as a class-C complementary Colpitts circuit for low power consumption and low phase noise. Prototype chips were fabricated in 65nm CMOS process technology. With Pierce-type configuration, the measured startup time and startup energy of the oscillator are reduced to 1/11 and 1/5, respectively, compared with the one without Pierce-type configuration. The power consumption during steady oscillation is 30 µW.

Event detection and recognition are important for environmental monitoring in the Internet of things and cyber-physical systems. Low power wide area (LPWA) networks are one of the most powerful wireless sensor networks to support data gathering; however, they do not afford peak wireless access from sensors that detect significant changes in sensing data. Various data gathering schemes for event detection and recognition have been proposed. However, these do not satisfy the requirement for the three functions for the detection of the occurrence of an event, the recognition of the position of an event, and the recognition of spillover of impact from an event. This study proposes a three-stage data gathering scheme for LPWA. In the first stage, the access limitation based on the comparison between the detected sensing data and the high-level threshold is effective in reducing the simultaneous accessing sensors; thus, high-speed recognition of the starting event is achieved. In the second stage, the data centre station designates the sensor to inform the sensing data to achieve high accuracy of the position estimation of the event. In the third stage, all the sensors, except for the accessing sensors in the early stage, access the data centre. Owing to the exhaustive gathering of sensing data, the spillover of impact from the event can be recognised with high accuracy. We implement the proposed data gathering scheme for the actual wireless sensor system of the LPWA. From the computer simulation and experimental evaluation, we show the advantage of the proposed scheme compared to the conventional scheme.

In order to improve crop production and efficiency of farming operations, an IoT (Internet of Things) system for remote monitoring has been attracting a lot of attention. The existing studies have proposed agricultural sensing systems such that environmental information is collected from many sensor nodes installed in farmland through wireless communications (e.g., Wi-Fi, ZigBee). Especially, Low-Power Wide-Area (LPWA) is a focus as a candidate for wireless communication that enables the support of vast farmland for a long time. However, it is difficult to achieve long distance communication even when using the LPWA because a clear line of sight is difficult to keep due to many obstacles such as crops and agricultural machinery in the farmland. In addition, a sensor node cannot run permanently on batteries because the battery capacity is not infinite. On the other hand, an Unmanned Aerial Vehicle (UAV) that can move freely and stably in the sky has been leveraged for agricultural sensor network systems. By utilizing a UAV as the gateway of the sensor network, the gateway can move to the appropriate location to ensure a clear line of sight from the sensor nodes. In addition, the coverage area of the sensor network can be expanded as the UAV travels over a wide area even when short-range and ultra-low-power wireless communication (e.g., Bluetooth Low Energy (BLE)) is adopted. Furthermore, various wireless technologies (e.g., wireless power transfer, wireless positioning) that have the possibility to improve the coverage area and the lifetime of the sensor network have become available. Therefore, in this study, we propose and develop two kinds of new agricultural sensing systems utilizing a UAV and various wireless technologies. The objective of the proposed system is to provide the solution for achieving the wide-area and long-term sensing for the vast farmland. Depending on which problem is in a priority, the proposed system chooses one of two designs. The first design of the system attempts to achieve the wide-area sensing, and so it is based on the LPWA for wireless communication. In the system, to efficiently collect the environmental information, the UAV autonomously travels to search for the locations to maintain the good communication properties of the LPWA to the sensor nodes dispersed over a wide area of farmland. In addition, the second design attempts to achieve the long-term sensing, so it is based on BLE, a typical short-range and ultra-low-power wireless communication technology. In this design, the UAV autonomously flies to the location of sensor nodes and supplies power to them using a wireless power transfer technology for achieving a battery-less sensor node. Through experimental evaluations using a prototype system, it is confirmed that the combination of the UAV and various wireless technologies has the possibility to achieve a wide-area and long-term sensing system for monitoring vast farmland.

Authenticated-Encryption with Associated-Data (AEAD) plays an important role in guaranteeing confidentiality, integrity, and authenticity in network communications. To meet the requirements of high-performance applications, several AEADs make use of AES New Instructions (AES-NI), which can conduct operations of AES encryption and decryption dramatically fast by hardware accelerations. At SAC 2013, Wu and Preneel proposed an AES-based AEAD scheme called AEGIS-128/128L/256, to achieve high-speed software implementation. At FSE 2016, Jean and Nikolić generalized the construction of AEGIS and proposed more efficient round functions. At ToSC 2021, Sakamoto et al. further improved the constructions of Jean and Nikolić, and proposed an AEAD scheme called Rocca for beyond 5G. In this study, we first evaluate the security of the initialization phases of Rocca and AEGIS family against differential and integral attacks using MILP (Mixed Integer Linear Programming) tools. Specifically, according to the evaluation based on the lower bounds for the number of active S-boxes, the initialization phases of AEGIS-128/128L/256 are secure against differential attacks after 4/3/6 rounds, respectively. Regarding integral attacks, we present the integral distinguisher on 6 rounds and 6/5/7 rounds in the initialization phases of Rocca and AEGIS-128/128L/256, respectively. Besides, we evaluate the round function of Rocca and those of Jean and Nikolić as cryptographic permutations against differential, impossible differential, and integral attacks. Our results indicate that, for differential attacks, the growth rate of increasing the number of active S-boxes in Rocca is faster than those of Jean and Nikolić. For impossible differential and integral attacks, we show that the round function of Rocca achieves the sufficient level of the security against these attacks in smaller number of rounds than those of Jean and Nikolić.

Industrial networks need to provide reliable communication services, usually in a redundant transmission (RT) manner. In the past few years, several device-redundancy-based, layer 2 solutions have been proposed. However, with the evolution of industrial networks to the Industrial Internet, these methods can no longer work properly in the non-redundancy, layer 3 environments. In this paper, an SDN-based reliable communication framework is proposed for the Industrial Internet. It can provide reliable communication guarantees for mission-critical applications while servicing non-critical applications in a best-effort transmission manner. Specifically, it first implements an RT-based reliable communication method using the Industrial Internet's link-redundancy feature. Next, it presents a redundant synchronization mechanism to prevent end systems from receiving duplicate data. Finally, to maximize the number of critical flows in it (an NP-hard problem), two ILP-based routing & scheduling algorithms are also put forward. These two algorithms are optimal (Scheduling with Unconstrained Routing, SUR) and suboptimal (Scheduling with Minimum length Routing, SMR). Numerous simulations are conducted to evaluate its effectiveness. The results show that it can provide reliable, duplicate-free services to end systems. Its reliable communication method performs better than the conventional best-effort transmission method in terms of packet delivery success ratio in layer 3 networks. In addition, its scheduling algorithm, SMR, performs well on the experimental topologies (with average quality of 93% when compared to SUR), and the time overhead is acceptable.

AlphaSeq is a new paradigm to design sequencess with desired properties based on deep reinforcement learning (DRL). In this work, we propose a new metric function and a new reward function, to design an improved version of AlphaSeq. We show analytically and also through numerical simulations that the proposed algorithm can discover sequence sets with preferable properties faster than that of the previous algorithm.

Binary code similarity comparison methods are mainly used to find bugs in software, to detect software plagiarism, and to reduce the workload during malware analysis. In this paper, we propose a method to compare the binary code similarity of each function by using a combination of Control Flow Graphs (CFGs) and disassembled instruction sequences contained in each function, and to detect a function with high similarity to a specified function. One of the challenges in performing similarity comparisons is that different compile-time optimizations and different architectures produce different binary code. The main units for comparing code are instructions, basic blocks and functions. The challenge of functions is that they have a graph structure in which basic blocks are combined, making it relatively difficult to derive similarity. However, analysis tools such as IDA, display the disassembled instruction sequence in function units. Detecting similarity on a function basis has the advantage of facilitating simplified understanding by analysts. To solve the aforementioned challenges, we use machine learning methods in the field of natural language processing. In this field, there is a Transformer model, as of 2017, that updates each record for various language processing tasks, and as of 2021, Transformer is the basis for BERT, which updates each record for language processing tasks. There is also a method called node2vec, which uses machine learning techniques to capture the features of each node from the graph structure. In this paper, we propose SIBYL, a combination of Transformer and node2vec. In SIBYL, a method called Triplet-Loss is used during learning so that similar items are brought closer and dissimilar items are moved away. To evaluate SIBYL, we created a new dataset using open-source software widely used in the real world, and conducted training and evaluation experiments using the dataset. In the evaluation experiments, we evaluated the similarity of binary codes across different architectures using evaluation indices such as Rank1 and MRR. The experimental results showed that SIBYL outperforms existing research. We believe that this is due to the fact that machine learning has been able to capture the features of the graph structure and the order of instructions on a function-by-function basis. The results of these experiments are presented in detail, followed by a discussion and conclusion.

In spite of the research for a linear layer of Type-2 Generalized Feistel Network (Type-2 GFN) over more than 10 years, finding a good 32-branch permutation for Type-2 GFN is still a very hard task due to a huge search space. In terms of the diffusion property, Suzaki and Minematsu investigated the required number of rounds to achieve the full diffusion when the branch number is up to 16. After that, Derbez et al. presented a class of 32-branch permutations that achieves the 9-round full diffusion and they prove that this is optimal. However, this class is not suitable to be used in Type-2 GFN because it requires a large number of rounds to ensure a sufficient number of active S-boxes. In this paper, we present how to find a good class of 32-branch permutations for Type-2 GFN. To achieve this goal, we convert Type-2 GFN into a LBlock-like structure, and then we evaluate the diffusion property and the resistance against major attacks, such as differential, linear, impossible differential and integral attacks by an MILP. As a result, we present a good class of 32-branch permutations that achieves the 10-round full diffusion, ensures differentially/linearly active S-boxes of 66 at 19 round, and has the 18/20-round impossible differential/integral distinguisher, respectively. The 32-branch permutation used in WARP was chosen among this class.

In this paper, we explore the security against integral attacks on well-known stream ciphers SNOW 3G and KCipher-2. SNOW 3G is the core of the 3GPP confidentiality and integrity algorithms UEA2 and UIA2, and KCipher-2 is a standard algorithm of ISO/IEC 18033-4 and CRYPTREC. Specifically, we investigate the propagation of the division property inside SNOW 3G and KCipher-2 by the Mixed-Integer Linear Programming to efficiently find an integral distinguisher. As a result, we present a 7-round integral distinguisher with 23 chosen IVs for KCipher-2. As far as we know, this is the first attack on a reduced variant of KCipher-2 by the third party. In addition, we present a 13-round integral distinguisher with 27 chosen IVs for SNOW 3G, whose time/data complexity is half of the previous best attack by Biryukov et al.

We revisit the design of Lesamnta-LW, which is one of the three lightweight hash functions specified in ISO/IEC 29192-5:2016. Firstly, we present some updates on the bounds of the number of active S-boxes for the underlying 64-round block cipher. While the designers showed that the Viterbi algorithm ensured 24 active S-boxes after 24 rounds, our tool based on Mixed Integer Linear Programming (MILP) in the framework of Mouha et al. ensures the same number of active S-boxes only after 18 rounds. The tool completely evaluates the tight bound of the number of active S-boxes, and it shows that the bound is 103 for full (64) rounds. We also analyze security of the Shuffle operation in the round function and resistance against linear cryptanalysis. Secondly, we present a new mode for a pseudorandom function (PRF) based on Lesamnta-LW. It is twice as efficient as the previous PRF modes based on Lesamnta-LW. We prove its security both in the standard model and the ideal cipher model.

LIME is a method for low-light image enhancement. Though LIME significantly enhances the contrast in dark regions, the effect of contrast enhancement tends to be insufficient in bright regions. In this letter, we propose an improved method of LIME. In the proposed method, the contrast in bright regions are improved while maintaining the contrast enhancement effect in dark regions.

In array signal processing, many methods of handling cases of impulsive noise with an alpha-stable distribution have been studied. By introducing correntropy with a robust statistical property, this paper proposes a novel fractional lower order correntropy (FLOCR) method. The FLOCR-based estimator for array outputs is defined and applied with multiple signal classification (MUSIC) to estimate the direction of arrival (DOA) in alpha-stable distributed noise environments. Comprehensive Monte Carlo simulation results demonstrate that FLOCR-MUSIC outperforms existing algorithms in terms of root mean square error (RMSE) and the probability of resolution, especially in the presence of highly impulsive noise.

This paper investigates the security of KCipher-2 against differential attacks. We utilize an MILP-based method to evaluate the minimum number of active S-boxes in each round. We try to construct an accurate model to describe the 8-bit truncated difference propagation through the modular addition operation and the linear transformation of KCipher-2, respectively, which were omitted or simplified in the previous evaluation by Preneel et al. In our constructed model, the difference characteristics neglected in Preneel et al.'s evaluation can be taken into account and all valid differential characteristics can be covered. As a result, we reveal that the minimal number of active S-boxes is 25 over 15 rounds in the related IV setting and it is 17 over 24 rounds in the related IV-key setting. Therefore, this paper shows for the first time that KCipher-2 is secure against the related IV differential attack.

Tweakable block cipher (TBC) is an extension of conventional block cipher. We study how to build a TBC based on generalized Feistel structure (GFS), a classical block cipher construction. While known dedicated TBC proposals are based on substitution-permutation network (SPN), GFS has not been used for building TBC. In particular, we take 64-bit GFS block cipher TWINE and try to make it tweakable with a minimum change. To find a best one from a large number of candidates, we performed a comprehensive search with a help of mixed integer linear programming (MILP) solver. As a result, our proposal TWINE is quite efficient, has the same number of rounds as TWINE with extremely simple tweak schedule.

Troika is a recently proposed sponge-based hash function for IOTA's ternary architecture and platform, which is developed by CYBERCRYPT and is now used in IOTA's blockchain. In this paper, we introduce the preimage attack on 2/3 rounds of Troika with a divide-and-conquer approach. Firstly, we propose the equivalent conditions to determine whether a message is the preimage with an algebraic method. As a result, for the preimage attack on two-round Troika, we can search the preimage only in a valid smaller space and efficiently enumerate the messages which can satisfy most of the equivalent conditions with a guess-and-determine technique. Our experiments show that the time complexity of the preimage attack on 2-round Troika can be improved to 379 from 3243. For the preimage attack on 3-round Troika, the MILP-based method is applied to achieve the optimal time complexity, which is 327 times faster than brute force.

In this letter, the structural analysis of nonbinary cyclic and quasi-cyclic (QC) low-density parity-check (LDPC) codes with α-multiplied parity-check matrices (PCMs) is concerned. Using analytical methods, several structural parameters of nonbinary cyclic and QC LDPC codes with α-multiplied PCMs are determined. In particular, some classes of nonbinary LDPC codes constructed from finite fields and finite geometries are shown to have good minimum and stopping distances properties, which may explain to some extent their wonderful decoding performances.