Yuhei WATANABE Hideki YAMAMOTO Hirotaka YOSHIDA
As Internet-connected service is emerged, there has been a need for use cases where a lightweight cryptographic primitive meets both of a constrained hardware implementation requirement and a constrained embedded software requirement. One of the examples of these use cases is the PKES (Passive Keyless Entry and Start) system in an automotive domain. From the perspective on these use cases, one interesting direction is to investigate how small the memory (RAM/ROM) requirement of ARM-implementations of hardware-oriented stream ciphers can be. In this paper, we propose implementation techniques for memory-optimized implementations of lightweight hardware-oriented stream ciphers including Grain-128a specified in ISO/IEC 29167-13 for RFID protocols. Our techniques include data-dependency analysis to take a close look at how and in which timing certain variables are updated and also the way taking into account the structure of registers on the target micro-controller. In order to minimize RAM size, we reduce the number of general purpose registers for computation of Grain-128a's update and pre-output values. We present results of our memory-optimized implementations of Grain-128a, one of which requires 84 RAM bytes on ARM Cortex-M3.
Junichi SAKAMOTO Daisuke FUJIMOTO Tsutomu MATSUMOTO
To develop countermeasures against fault attacks, it is important to model an attacker's ability. The instruction skip model is a well-studied practical model for fault attacks on software. Contrastingly, few studies have investigated the instruction replacement model, which is a generalization of the instruction skip model, because replacing an instruction with a desired one is considered difficult. Some previous studies have reported successful instruction replacements; however, those studies concluded that such instruction replacements are not practical attacks because the outcomes of the replacements are uncontrollable. This paper proposes the concept of a controllable instruction replacement technique that uses the laser irradiation of flash memory. The feasibility of the proposed technique is demonstrated experimentally using a smartcard-type ARM SC100 microcontroller. Then, practical cryptosystem attacks that exploit the proposed technique are investigated. The targeted cryptosystems employ the AES with software-based anti-fault countermeasures. We demonstrate that an existing anti-instruction-skip countermeasure can be circumvented by replacing a critical instruction, e.g., a branch instruction to detect fault occurrence.
In this paper, we extend the notion of bijective connection graphs to introduce directed bijective connection graphs. We propose algorithms that solve the node-to-set node-disjoint paths problem and the node-to-node node-disjoint paths problem in a directed bijective connection graph. The time complexities of the algorithms are both O(n4), and the maximum path lengths are both 2n-1.
Xiaochen LIU Yuanyuan GAO Nan SHA Guozhen ZANG Kui XU
In this letter, we investigate the secure transmission in radio frequency (RF) powered two-hop untrusted relay networks, where the source node and untrusted relay are both wireless powered by an RF power supplier. Specifically, considering the non-linear energy-harvesting (EH) model, the two-process communication protocol is proposed. The secrecy rate is maximized by jointly designing the beamforming vector at source and beamforming matrix at relay, under the constraints of transmit power at RF power supplier and destination. The secrecy rate maximization (SRM) is non-convex, hence we propose an alternative optimization (AO) based iterative algorithm. Numerical results demonstrate that the proposed scheme can significantly increase the secrecy rate compared to the baseline schemes.
Herein, we analytically derive the effective index and field distribution of the LP01 mode of a step-index N-sided regular-polygonal-core fiber. To do this, we utilize the lowest-order non-anomalous approximation of the π/N expansion. These properties are also calculated numerically and the results are compared the with approximations.
We propose a key-policy attribute-based encryption (KP-ABE) scheme with constant-size ciphertexts, whose almost tightly semi-adaptive security is proven under the decisional linear (DLIN) assumption in the standard model. The access structure is expressive, that is given by non-monotone span programs. It also has fast decryption, i.e., a decryption includes only a constant number of pairing operations. As an application of our KP-ABE construction, we also propose an efficient, fully secure attribute-based signatures with constant-size secret (signing) keys from the DLIN. For achieving the above results, we extend the sparse matrix technique on dual pairing vector spaces. In particular, several algebraic properties of an elaborately chosen sparse matrix group are applied to the dual system security proofs.
Kenji KITA Hiroshi GOTOH Hiroyasu ISHIKAWA Hideyuki SHINONAGA
Power line communications (PLC) is a communication technology that uses a power-line as a transmission medium. Previous studies have shown that connecting an AC adapter such as a mobile phone charger to the power-line affects signal quality. Therefore, in this paper, the authors analyze the influence of chargers on inter-computer communications using packet capture to evaluate communications quality. The analysis results indicate the occurrence of a short duration in which packets are not detected once in a half period of the power-line supply: named communication forbidden time. For visualizing the communication forbidden time and for evaluating the communications quality of the inter-computer communications using PLC, the authors propose an instantaneous power-line frequency synchronized superimposed chart and its plotting algorithm. Further, in order to analyze accurately, the position of the communication forbidden time can be changed by altering the initial burst signal plotting position. The difference in the chart, which occurs when the plotting start position changes, is also discussed. We show analysis examples using the chart for a test bed data assumed an ideal environment, and show the effectiveness of the chart for analyzing PLC inter-computer communications.
Toshihiro NIINOMI Hideki YAGI Shigeichi HIRASAWA
In decision feedback scheme, Forney's decision criterion (Forney's rule: FR) is optimal in the sense that the Neyman-Pearson's lemma is satisfied. Another prominent criterion called LR+Th was proposed by Hashimoto. Although LR+Th is suboptimal, its error exponent is shown to be asymptotically equivalent to that of FR by random coding arguments. In this paper, applying the technique of the DS2 bound, we derive an upper bound for the error probability of LR+Th for the ensemble of linear block codes. Then we can observe the new bound from two significant points of view. First, since the DS2 type bound can be expressed by the average weight distribution whose code length is finite, we can compare the error probability of FR with that of LR+Th for the fixed-length code. Second, the new bound elucidates the relation between the random coding exponents of block codes and those of linear block codes.
Tatsuaki OKAMOTO Katsuyuki TAKASHIMA
This paper presents decentralized multi-authority attribute-based encryption and signature (DMA-ABE and DMA-ABS) schemes, in which no central authority exists and no global coordination is required except for the setting of a parameter for a prime order bilinear group and a hash function, which can be available from public documents, e.g., ISO and FIPS official documents. In the proposed DMA-ABE and DMA-ABS schemes, every process can be executed in a fully decentralized manner; any party can become an authority and issue a piece for a secret key to a user without interacting with any other party, and each user obtains a piece of his/her secret key from the associated authority without interacting with any other party. While enjoying such fully decentralized processes, the proposed schemes are still secure against collusion attacks, i.e., multiple pieces issued to a user by different authorities can form a collusion resistant secret key, composed of these pieces, of the user. The proposed ABE scheme is the first DMA-ABE for non-monotone relations (and more general relations), which is adaptively secure under the decisional linear (DLIN) assumption in the random oracle model. This paper also proposes the first DMA-ABS scheme for non-monotone relations (and more general relations), which is fully secure, adaptive-predicate unforgeable and perfect private, under the DLIN assumption in the random oracle model. DMA-ABS is a generalized notion of ring signatures. The efficiency of the proposed DMA-ABE and DMA-ABS schemes is comparable to those of the existing practical ABE and ABS schemes with comparable relations and security.
Group signatures are signatures providing signer anonymity where signers can produce signatures on behalf of the group that they belong to. Although such anonymity is quite attractive considering privacy issues, it is not trivial to check whether a signer has been revoked or not. Thus, how to revoke the rights of signers is one of the major topics in the research on group signatures. In particular, scalability, where the signing and verification costs and the signature size are constant in terms of the number of signers N, and other costs regarding signers are at most logarithmic in N, is quite important. In this paper, we propose a revocable group signature scheme which is currently more efficient compared to previous all scalable schemes. Moreover, our revocable group signature scheme is secure under simple assumptions (in the random oracle model), whereas all scalable schemes are secure under q-type assumptions. We implemented our scheme by employing a Barreto-Lynn-Scott curve of embedding degree 12 over a 455-bit prime field (BLS-12-455), and a Barreto-Naehrig curve of embedding degree 12 over a 382-bit prime field (BN-12-382), respectively, by using the RELIC library. We showed that the online running times of our signing algorithm were approximately 14msec (BLS-12-455) and 11msec (BN-12-382), and those of our verification algorithm were approximately 20msec (BLS-12-455) and 16msec (BN-12-382), respectively. Finally, we showed that our scheme (with a slight extension) is applied to an identity management system proposed by Isshiki et al.
Kaisei KAJITA Kazuto OGAWA Eiichiro FUJISAKI
We present a constant-size signature scheme under the CDH assumption. It has a tighter security reduction than any other constant-size signature scheme with a security reduction to solving some intractable search problems. Hofheinz, Jager, and Knapp (PKC 2012) presented a constant-size signature scheme under the CDH assumption with a reduction loss of O(q), where q is the number of signing queries. They also proved that the reduction loss of O(q) is optimal in a black-box security proof. To the best of our knowledge, no constant-size signature scheme has been proposed with a tighter reduction (to the hardness of a search problem) than that proposed by Hofheinz et al., even if it is not re-randomizable. We remark that our scheme is not re-randomizable. We achieve the reduction loss of O(q/d), where d is the number of group elements in a public key.
Promoting the use of public transport (PT) is considered to be an effective way to reduce the number of passenger cars. The concept of Mobility-as-a-Service (MaaS), which began in Europe and is now spreading rapidly around the world, is expected to help to improve the convenience of PT on the viewpoint of users, using the latest information communication technology and Internet of Things technologies. This paper outlines the concept of MaaS in Europe and the efforts made at the policy level. It also focuses on the development of MaaS from the viewpoint of promoting the use of PT in Japan.
Shu FUJITA Keita TAKAHASHI Toshiaki FUJII
A light field, which is equivalent to a dense set of multi-view images, has various applications such as depth estimation and 3D display. One of the essential problems in light field applications is light field interpolation, i.e., view interpolation. The interpolation accuracy is enhanced by exploiting an inherent property of a light field. One example is that an epipolar plane image (EPI), which is a 2D subset of the 4D light field, consists of many lines, and these lines have almost the same slope in a local region. This structure induces a sparse representation in the frequency domain, where most of the energy resides on a line passing through the origin. On the basis of this observation, we propose a group sparsity prior suitable for light fields to exploit their line structure fully for interpolation. Specifically, we designed the directional groups in the discrete Fourier transform (DFT) domain so that the groups can represent the concentration of the energy, and we thereby formulated an LF interpolation problem as an overlapping group lasso. We also introduce several techniques to improve the interpolation accuracy such as applying a window function, determining group weights, expanding processing blocks, and merging blocks. Our experimental results show that the proposed method can achieve better or comparable quality as compared to state-of-the-art LF interpolation methods such as convolutional neural network (CNN)-based methods.
Takamasa SHIMADA Noriko KONNO Atsuya YOKOI Noriharu MIYAHO
Visible light communication (VLC) will play a wide variety of important roles in future communication services. This paper deals with color shift keying (CSK) for the modulation of visible light communications. There are some previous studies about psychological and physiological effects of colors. These studies implied that color offset CSKs have psychological and physiological effects, which normal CSK doesn't have. This paper evaluates the psychological and physiological effects of color offset CSKs compared with normal CSK based on interviews and electroencephalogram (alpha wave, beta wave, and P300) measurements. This study evaluates the feasibility of visible light communication providing added value by measuring arousal, rest, visual attraction, task performance, capacity of working memory, and response for the CSK codes. The results showed that red-, green- and blue-offset CSK have specific features. Red-offset CSK induces excitement and increasing wakefulness levels, attracts attention, enlarges capacity of working memory, raises task performance, and induces fast responses. Green-offset CSK maintains rest levels, elevates relaxation levels, reduces stress, raises task performance, and induces fast responses. Blue-offset CSK maintains rest levels and induces fast responses. It is thought that we can use color offset CSK appropriately and provide added value to their application by considering the results of psychological and physiological investigations. Red-offset CSK is thought to be suitable for commercial advertisements. Green- and blue-offset CSK are thought to be suitable for wireless communication environments in hospitals. Red- and green-offset CSK are thought to be suitable for wireless communication environments in business. Red-, green- and blue-offset CSK are thought to be suitable for use in intelligent transportation systems (ITS).
Shengnan YAN Mingxin LIU Jingjing SI
In cognitive radio (CR) networks, spectrum sensing is an essential task for enabling dynamic spectrum sharing. However, the problem becomes quite challenging in wideband spectrum sensing due to high sampling pressure, limited power and computing resources, and serious channel fading. To overcome these challenges, this paper proposes a distributed collaborative spectrum sensing scheme based on 1-bit compressive sensing (CS). Each secondary user (SU) performs local 1-bit CS and obtains support estimate information from the signal reconstruction. To utilize joint sparsity and achieve spatial diversity, the support estimate information among the network is fused via the average consensus technique based on distributed computation and one-hop communications. Then the fused result on support estimate is used as priori information to guide the next local signal reconstruction, which is implemented via our proposed weighted binary iterative hard thresholding (BIHT) algorithm. The local signal reconstruction and the distributed fusion of support information are alternately carried out until reliable spectrum detection is achieved. Simulations testify the effectiveness of our proposed scheme in distributed CR networks.
Yuta UKON Koji YAMAZAKI Koyo NITTA
Advanced information-processing services based on cloud computing are in great demand. However, users want to be able to customize cloud services for their own purposes. To provide image-processing services that can be optimized for the purpose of each user, we propose a technique for chaining image-processing functions in a CPU-field programmable gate array (FPGA) coupled server architecture. One of the most important requirements for combining multiple image-processing functions on a network, is low latency in server nodes. However, large delay occurs in the conventional CPU-FPGA architecture due to the overheads of packet reordering for ensuring the correctness of image processing and data transfer between the CPU and FPGA at the application level. This paper presents a CPU-FPGA server architecture with a real-time packet reordering circuit for low-latency image processing. In order to confirm the efficiency of our idea, we evaluated the latency of histogram of oriented gradients (HOG) feature calculation as an offloaded image-processing function. The results show that the latency is about 26 times lower than that of the conventional CPU-FPGA architecture. Moreover, the throughput decreased by less than 3.7% under the worst-case condition where 90 percent of the packets are randomly swapped at a 40-Gbps input rate. Finally, we demonstrated that a real-time video monitoring service can be provided by combining image processing functions using our architecture.
Yuhuan WANG Hang YIN Zhanxin YANG Yansong LV Lu SI Xinle YU
In this paper, we propose an adaptive fusion successive cancellation list decoder (ADF-SCL) for polar codes with single cyclic redundancy check. The proposed ADF-SCL decoder reasonably avoids unnecessary calculations by selecting the successive cancellation (SC) decoder or the adaptive successive cancellation list (AD-SCL) decoder depending on a log-likelihood ratio (LLR) threshold in the decoding process. Simulation results show that compared to the AD-SCL decoder, the proposed decoder can achieve significant reduction of the average complexity in the low signal-to-noise ratio (SNR) region without degradation of the performance. When Lmax=32 and Eb/N0=0.5dB, the average complexity of the proposed decoder is 14.23% lower than that of the AD-SCL decoder.
The spectrum sensing of the orthogonal frequency division multiplexing (OFDM) system in cognitive radio (CR) has always been challenging, especially for user terminals that utilize the full-duplex (FD) mode. We herein propose an advanced FD spectrum-sensing scheme that can be successfully performed even when severe self-interference is encountered from the user terminal. Based on the “classification-converted sensing” framework, the cyclostationary periodogram generated by OFDM pilots is exhibited in the form of images. These images are subsequently plugged into convolutional neural networks (CNNs) for classifications owing to the CNN's strength in image recognition. More importantly, to realize spectrum sensing against residual self-interference, noise pollution, and channel fading, we used adversarial training, where a CR-specific, modified training database was proposed. We analyzed the performances exhibited by the different architectures of the CNN and the different resolutions of the input image to balance the detection performance with computing capability. We proposed a design plan of the signal structure for the CR transmitting terminal that can fit into the proposed spectrum-sensing scheme while benefiting from its own transmission. The simulation results prove that our method has excellent sensing capability for the FD system; furthermore, our method achieves a higher detection accuracy than the conventional method.
Koichi HIRAYAMA Jun-ichiro SUGISAKA Takashi YASUI
We propose the design method of a compact long-wavelength-pass filter implemented in a two-dimensional metal-dielectric-metal (MDM) waveguide with three stubs using a transmission line model based on a low-pass prototype filter, and present the wavelength characteristics for filters in an MDM waveguide based on 0.5- and 3.0-dB equal-ripple low-pass prototype filters.
Ryota KAMINISHI Haruna MIYAMOTO Sayaka SHIOTA Hitoshi KIYA
This study evaluates the effects of some non-learning blind bandwidth extension (BWE) methods on state-of-the-art automatic speaker verification (ASV) systems. Recently, a non-linear bandwidth extension (N-BWE) method has been proposed as a blind, non-learning, and light-weight BWE approach. Other non-learning BWEs have also been developed in recent years. For ASV evaluations, most data available to train ASV systems is narrowband (NB) telephone speech. Meanwhile, wideband (WB) data have been used to train the state-of-the-art ASV systems, such as i-vector, d-vector, and x-vector. This can cause sampling rate mismatches when all datasets are used. In this paper, we investigate the influence of sampling rate mismatches in the x-vector-based ASV systems and how non-learning BWE methods perform against them. The results showed that the N-BWE method improved the equal error rate (EER) on ASV systems based on the x-vector when the mismatches were present. We researched the relationship between objective measurements and EERs. Consequently, the N-BWE method produced the lowest EERs on both ASV systems and obtained the lower RMS-LSD value and the higher STOI score.