Secret sharing (SS) has been extensively studied as for both secure data storage and a fundamental building block for multiparty computation (MPC). Recently, Kikuchi et al. proposed a passively and unconditionally secure conversion protocol that converts from a share of a ramp scheme to another of homomorphic SS scheme. The share-size of the ramp scheme is small, and the homomorphic SS scheme is a class of SS schemes that includes Shamir's and replicated SS schemes, which are convenient for MPC. Therefore, their protocol is a conversion from an SS scheme whose share-size is small to MPC-friendly SS schemes, and can be applied to reduce the amount of data storage while maintaining extendibility to MPC. We propose five unconditionally and actively secure protocols in the honest majority. In this paper, we consider a privacy and correctness as security requirement and does not consider a robustness: A cheat caused by an active adversary must be detected. These protocols consist of two conversion protocols, two reveal protocols and a protocol generating specific randomness. Main protocols among them are two conversion protocols for bilateral conversion between a ramp scheme and linear SS scheme, and the others are building blocks of the main protocols. Linear SS scheme is a subset of homomorphic SS scheme but includes both Shamir's and replicated SS schemes. Therefore, these main protocols are conversions between an SS scheme whose share-size is small to MPC-friendly SS schemes. These main protocols are unconditionally and actively secure so if MPC protocols used after the conversion are actively secure, the whole system involving SS scheme, conversion, and MPC protocols can be unconditionally and actively secure by using our main protocols. One of our two main protocols is the first to convert from MPC-friendly SS schemes to the ramp scheme. This enhances applications, such as secure backup, of the conversion protocol. Other than the two main protocols, we propose a protocol for generating specific randomnesses and two reveal protocols as building blocks. The latter two reveal protocols are actively and unconditionally secure in the honest majority and requires O(n||F||)-bit communication per revealing, and we believe that it is independently interest.

Rainbow is one of signature schemes based on the problem solving a set of multivariate quadratic equations. While its signature generation and verification are fast and the security is presently sufficient under suitable parameter selections, the key size is relatively large. Recently, Quaternion Rainbow — Rainbow over a quaternion ring — was proposed by Yasuda, Sakurai and Takagi (CT-RSA'12) to reduce the key size of Rainbow without impairing the security. However, a new vulnerability emerges from the structure of quaternion ring; in fact, Thomae (SCN'12) found that Quaternion Rainbow is less secure than the same-size original Rainbow. In the present paper, we further study the structure of Quaternion Rainbow and show that Quaternion Rainbow is one of sparse versions of the Rainbow. Its sparse structure causes a vulnerability of Quaternion Rainbow. Especially, we find that Quaternion Rainbow over even characteristic field, whose security level is estimated as about the original Rainbow of at most 3/4 by Thomae's analysis, is almost as secure as the original Rainbow of at most 1/4-size.

Password-protected secret sharing (PPSS, for short) schemes were proposed by Bagherzandi, Jarecki, Saxena and Lu. In this paper, we consider another attack for PPSS schemes which is based on public parameters and documents. We show that the protocol proposed by Bagherzandi et al. is broken with the attack. We then propose an enhanced protocol which is secure against the attack.

Feedback with carry shift registers (FCSRs) implemented using Galois representation have been found to have a weakness called LFSRization. It leads to powerful attacks against the stream ciphers based on them. A new representation called ring representation has been proposed to avoid the attacks. It was considered to circumvent the weaknesses of Galois FCSRs. This correspondence presents a class of ring FCSRs, which meet the implementation criteria, but are still possible to maintain linear behavior for several clock cycles. Their LFSRization probability and how to improve their security are also mentioned.

A threshold secret sharing scheme protects content by dividing it into many pieces and distributing them among different servers. This scheme can also be utilized for the reliable delivery of important content. Thanks to this scheme, the receiver can still reconstruct the original content even if several pieces are lost during delivery due to a multiple-link failure. Nevertheless, the receiver cannot reconstruct the original content unless it receives pieces more than or equal to the threshold. This paper aims to obtain reliable delivery routes for the pieces, as this will minimize the probability that the receiver cannot reconstruct the original content. Although such a route optimization problem can be formulated using an integer linear programming (ILP) model, computation of globally optimum delivery routes based on the ILP model requires large amounts of computational resources. Thus, this paper proposes a lightweight method for computing suboptimum delivery routes. The proposed greedy method computes each of the delivery routes successively by using the conventional shortest route algorithm repeatedly. The link distances are adjusted iteratively on the basis of the given probability of failure on each link and they are utilized for the calculation of each shortest route. The results of a performance evaluation show that the proposed method can compute sub-optimum delivery routes efficiently thanks to the precise adjustment of the link distances, even in backbone networks on a real-world scale.

Subcarrier pairing (SP) and power allocation (PA) can improve the channel capacity of the OFDM multi-hop relay system. Due to limitations of processing complexity and energy consumption, symbol-level relaying, which only regenerates the constellation symbols at relay nodes, is more practical than code-level relaying that requires full decoding and encoding. By modeling multi-hop symbol-level relaying as a multi-staged parallel binary symmetric channel, this paper introduces a jointly optimal SP and PA scheme which maximizes the end to end data rate. Analytical arguments are given to reveal the structures and properties of the optimal solution, and simulation results are presented to illustrate and justify the optimality.

The Hierarchical Memory Machine (HMM) is a theoretical parallel computing model that captures the essence of computing on CUDA-enabled GPUs. The approximate string matching (ASM) for two strings X and Y of length m and n is a task to find a substring of Y most similar to X. The main contribution of this paper is to show an optimal parallel algorithm for the approximate string matching on the HMM and implement it on GeForce GTX 580 GPU. Our algorithm runs in $O({nover w}+{mnover dw}+{nLover p}+{mnlover p})$ time units on the HMM with p threads, d streaming processors, memory band width w, global memory access latency L, and shared memory access latency l. We also show that the lower bound of the computing time is $Omega({nover w}+{mnover dw}+{nLover p}+{mnlover p})$ time units. Thus, our algorithm for the approximate string matching is time optimal. Further, we implemented our algorithm on GeForce GTX 580 GPU and evaluated the performance. The experimental results show that the ASM of two strings of 1024 and 4M (=222) characters can be done in 419.6ms, while the sequential algorithm can compute it in 27720ms. Thus, our implementation on the GPU attains a speedup factor of 66.1 over the single CPU implementation.

The reliability of electromagnetic relay (EMR) which contains a permanent magnet (PM) can be improved by a robust design method. In this parameter design process, the calculation of electromagnetic system is very important. In analytical calculation, PM is often equivalent to a lumped parameter model of one magnetic resistance and one magnetic potential, but significant error is often caused; in order to increase the accuracy, a distributed parameter calculation model (DPM) of PM bar is established; solution procedure as well as verification condition of this model is given; by a case study of the single PM bar, magnetic field lines division method is adopted to build the DPM, the starting point and section magnetic flux of each segment are solved, a comparison is made with finite element method (FEM) and measured data; the accuracy of this magnetic field line based distributed parameter model (MFDPM) in PM bar is verified; this model is applied to the electromagnetic system of a certain type EMR, electromagnetic system calculation model is established based on MFDPM, and the static force is calculated under different rotation angles; compared with traditional lumped parameter model and FEM, it proves to be of acceptable calculation accuracy and high calculation speed which fit the requirement of robust design.

Mobile ad hoc networks (MANETs) consist of mobile terminals that directly connect with one another to communicate without a network infrastructure, such as base stations and/or access points of wireless local area networks (LANs) connected to wired backbone networks. Large-scale disasters such as tsunamis and earthquakes can cause serious damage to life, property as well as any network infrastructure. However, MANETs can function even after severe disasters have destroyed regular network infrastructure. We have proposed an autonomous decentralized structure formation technology based on local interaction, and have applied it to implement autonomous decentralized clustering on MANETs. This method is known to configure clusters that reflect the network condition, such as residual battery power and the degree of each node. However, the effect of clusters that reflect the network condition has not been evaluated. In this study, we configure clusters using our method, the back-diffusion method, and a bio-inspired method, which is a kind of autonomous decentralized clustering that cannot reflect the network condition. We also clarify the importance of clustering that reflects the network condition, with regard to power consumption and data transfer efficiency.

This paper proposes a consistency maintenance scheme for P2P file sharing systems. The basic idea of the proposed scheme is to construct a static tree for each shared file to efficiently propagate the update information to all replica peers. The link to the root of the trees is acquired by referring to a Chord ring which stores the mapping from the set of shared files to the set of tree roots. The performance of the scheme is evaluated by simulation. The simulation result indicates that: 1) it reduces the number of messages in the Li's scheme by 54%, 2) it reduces the propagation delay of the scheme by more than 10%, and 3) the increase of the delay due to peer churns is effectively bounded provided that the percentage of leaving peers is less than 40%.

This paper presents an adaptive feedback canceller (AFC) based on a pseudo affine projection (PAP) algorithm that can provide fast and stable adaptation to the time-varying environment. The proposed algorithm utilizes the adaptive linear prediction (LP) to obtain the LP coefficients of input signal model and the inverse gain filter (IGF) to alleviate the effect of compensation gain. As a result, when the input is model as an AR signal, the proposed algorithm satisfies the condition for having an almost unbiased estimatie of the feedback path and then its performance is relatively independent of the gain setting of hearing aids. Simulation results showed that the proposed algorithm is capable of obtaining unbaised feedback path estimates and high speech quality.

This image sharing method is a secure way of protecting the security of the secret images. In 2011, Wang et al. proposed an image sharing method with verification. The idea of the method is to embed the secret and the watermark images into two shares by two equations to achieve the goal of the secret sharing. However, the constructed shares are meaningless images which are difficult to manage. Authors utilize the algorithm of the torus automorphism to increase the security of the shares. However, the algorithm of the torus automorphism must take much time to encrypt and decrypt an image. This paper proposes a friendly image sharing method to improve the above problem. Experimental results show the significant efficiency of the proposed method.

With the shorter time-to-market and the rising cost in SoC development, the demand for post-silicon programmability has been increasing. Recently, programmable accelerators have attracted more attention as an enabling solution for post-silicon engineering change. However, programmable accelerators suffers from 5∼10X less energy efficiency than fixed-function accelerators mainly due to their extensive use of memories. This paper proposes a highly energy-efficient accelerator which enables post-silicon engineering change by a control patching mechanism. Then, we propose a patch compilation method from a given pair of an original design and a modified design. We also propose a design method to add redundant wires in advance to decrease the necessary amount of patch memory for post-silicon engineering change. Experimental results demonstrate that the proposed accelerators offer high energy efficiency competitive to fixed-function accelerators and can achieve about 5X higher efficiency than the existing programmable accelerators. We also show the trade-off between redundant wires and the necessary amount of patch memory.

In anonymous reputation systems, where after an interaction between anonymous users, one of the users evaluates the peer by giving a rating. Ratings for a user are accumulated, which becomes the reputation of the user. By using the reputation, we can know the reliability of an anonymous user. Previously, anonymous reputation systems have been proposed, using an anonymous e-cash scheme. However, in the e-cash-based systems, the bank grasps the accumulated reputations for all users, and the fluctuation of reputations. These are private information for users. Furthermore, the timing attack using the deposit times is possible, which makes the anonymity weak. In this paper, we propose an anonymous reputation system, where the reputations of users are secret for even the reputation manager such as the bank. Our approach is to adopt an anonymous credential certifying the accumulated reputation of a user. Initially a user registers with the reputation manager, and is issued an initial certificate. After each interaction with a rater, the user as the ratee obtains an updated certificate certifying the previous reputation summed up by the current rating. The update protocol is based on the zero-knowledge proofs, and thus the reputations are secret for the reputation manager. On the other hand, due to the certificate, the user cannot maliciously alter his reputation.

The mobile cloud computing (MCC) paradigm is aimed at integrating mobile devices with cloud computing. In the client-server architecture of MCC, mobile devices offload tasks to the cloud to utilize the computation and storage resources of data centers. However, due to the rapid increase in the traffic demand and complexity of mobile applications, service providers have to continuously upgrade their infrastructures at great expense. At the same time, modern mobile devices have greater resources (communication, computation, and sensing), and these resources are not always fully utilized by device users. Therefore, mobile devices, from time to time, encounter other devices that could provide resources to them. Because the amount of such resources has increased with the number of mobile devices, researchers have begun to consider making use of these resources, located at the “edge” of mobile networks, to increase the scalability of future information networks. This has led to a cooperation based architecture of MCC. This paper reports the concept and design of an resource sharing mechanism that utilize resources in mobile devices through opportunistic contacts between them. Theoretical models and formal definitions of problems are presented. The efficiency of the proposed mechanism is validated through formal proofs and extensive simulation.

An orthogonal ray graph is an intersection graph of horizontal and vertical rays (closed half-lines) in the plane. Such a graph is 3-directional if every vertical ray has the same direction, and 2-directional if every vertical ray has the same direction and every horizontal ray has the same direction. We derive some structural properties of orthogonal ray graphs, and based on these properties, we introduce polynomial-time algorithms that solve the dominating set problem, the induced matching problem, and the strong edge coloring problem for these graphs. We show that for 2-directional orthogonal ray graphs, the dominating set problem can be solved in O(n2 log5 n) time, the weighted dominating set problem can be solved in O(n4 log n) time, and the number of dominating sets of a fixed size can be computed in O(n6 log n) time, where n is the number of vertices in the graph. We also show that for 2-directional orthogonal ray graphs, the weighted induced matching problem and the strong edge coloring problem can be solved in O(n2+m log n) time, where m is the number of edges in the graph. Moreover, we show that for 3-directional orthogonal ray graphs, the induced matching problem can be solved in O(m2) time, the weighted induced matching problem can be solved in O(m4) time, and the strong edge coloring problem can be solved in O(m3) time. We finally show that the weighted induced matching problem can be solved in O(m6) time for orthogonal ray graphs.

In this letter, we formally present the definition of KDM-CCA1 security in public key setting, which falls in between the existing KDM-CPA and KDM-CCA2 security. We also prove that if a public key encryption scheme is CCA1 secure and has the properties of secret-key multiplication (or addition) homomorphism, and conditioned plaintext-restorability, then it is KDM-CCA1 secure w.r.t. two ensembles of functions that had been used in [15],[17], respectively. For concrete scheme, we show that the (tailored) Damgård's Elgamal scheme achieves this KDM-CCA1 security based on different assumptions.

We applied a roll-to-sheet imprinting process to a large-scale substrate. Patterned ruthenium oxide (RuO$_{2}$) electrodes were fabricated on both glass and flexible substrates. The resistivity of the electrodes on a glass substrate was $3.5 imes 10^{-5} Omega $ cm, which indicates that this technique is useful for the fabrication of thin-film transistor (TFT) electrodes.

We propose a temperature sensor employing a ring oscillator composed of poly-Si thin-film transistors (TFTs). Particularly in this research, we compare temperature sensors using TFTs with lightly-doped drain structure (LDD TFTs) and TFTs with offset drain structure (offset TFTs). First, temperature dependences of transistor characteristics are compared between the LDD and offset TFTs. It is confirmed that the offset TFTs have larger temperature dependence of the on current. Next, temperature dependences of oscillation frequencies are compared between ring oscillators using the LDD and offset TFTs. It is clarified that the ring oscillator using the offset TFTs is suitable to detect the temperature. We think that this kind of temperature sensor is available as a digital device.

Amplification characteristics of the signal and the noise in the semiconductor optical amplifier (SOA), without facet mirrors for the intensity modulated light, are theoretically analyzed and experimentally confirmed. We have found that the amplification factor of the temporarily varying intensity component is smaller than that of the continuous wave (CW) component, but increases up to that of the CW component in the high frequency region in the SOA. These properties are very peculiar in the SOA, which is not shown in conventional electronic devices and semiconductor lasers. Therefore, the relative intensity noise (RIN), which is defined as ratio of the square value of the intensity fluctuation to that of the CW power can be improved by the amplification by the SOA. On the other hand, the signal to the noise ratio (S/N ratio) defined for ratio of the square value of the modulated signal power to that of the intensity fluctuation have both cases of the degradation and the improvement by the amplification depending on combination of the modulation and the noise frequencies. Experimental confirmations of these peculiar characteristics are also demonstrated.