We consider the bisimilarity control problem for partially observed nondeterministic discrete event systems with deterministic specifications. This problem requires us to synthesize a supervisor that achieves bisimulation equivalence of the supervised system and the deterministic specification under partial observation. We present necessary and sufficient conditions for the existence of such a deterministic supervisor and show that these conditions can be verified polynomially.

Two structural coverage criteria, toggle coverage and modified condition/decision coverage, for FBD (Function Block Diagram) simulation are proposed in the previous study. This paper empirically evaluates how effective the coverage criteria are to detect faults in an FBD program using the mutation analysis.

In this paper, we investigate the subcarriers combination selection and the subcarriers activation of OFDM-IM system. Firstly, we propose an algorithm to solve the problem of subcarriers combination selection based on the transmission rate and diversity gain. Secondly, we ropose a more concise algorithm to solve the problem of power allocation and carrier combination activation probability under this combination to improve system capacity. Finally, we verify the robustness of the algorithm and the superiority of the system scheme in the block error rate (BLER) and system capacity by numerical results.

In this paper, we propose a robust output feedback control method for nonlinear systems with uncertain time-varying parameters associated with diagonal terms and there are additional external disturbances. First, we provide a new practical guidance of obtaining a compact set which contains the allowed time-varying parameters by utilizing a Lyapunov equation and matrix inequalities. Then, we show that all system states and observer errors of the controlled system remain bounded by the proposed controller. Moreover, we show that the ultimate bounds of some system states and observer errors can be made (arbitrarily) small by adjusting a gain-scaling factor depending on the system nonlinearity. With an application example, we illustrate the effectiveness of our control scheme over the existing one.

In this paper, we consider interference suppression for a full-duplex (FD) multiuser system based on single-carrier transmission in frequency-selective channels where a FD base-station (BS) simultaneously communicates with half-duplex (HD) uplink and downlink mobile users. We propose a design method for time-domain filtering where the filters in the BS transmitter suppress inter-symbol interference (ISI) and downlink inter-user interference (IUI); those in the BS receiver, self-interference, ISI, and uplink IUI; and those in the downlink mobile users, co-channel interference (CCI) without the channel state information of the CCI channels. Simulation results indicate that the FD system based on the proposed method outperforms the conventional HD system and FD system based on multicarrier transmission.

This paper presents a low profile high-efficiency transmitarray (TA) antenna based on a hybrid frequency selective surface (FSS). The hybrid FSS consists of two types of unit cells that have different incident angles and TE/TM polarization. This design minimizes the performance degradation caused by the oblique incident angle when designing a low profile TA antenna. In addition, the set of transmission phases to minimize transmission loss is selected by employing the optimal output phase reference. To verify its feasibility, a low profile TA (focal length/diameter of FSS =0.24) antenna that employs a unit patch antenna with a low gain and wide beamwidth as a feed antenna without an additional structure is designed. The simulated and measured results are in good agreement. In particular, the high simulated and measured aperture efficiencies of 42.7% and 41.9%, respectively, are obtained at 10GHz, respectively.

Bluetooth is a common wireless technology that is widely used as a connection medium between various consumer electronic devices. The receivers mostly adopt the Viterbi algorithm to improve a bit error rate performance but are hampered by heavy hardware complexity and computational load due to a coherent detection and searching for the unknown modulation index. To address these challenges, a non-coherent maximum likelihood estimation detector with an eight-state Viterbi is proposed for Gaussian frequency-shift keying symbol detection against an irrational modulation index, without any knowledge of prior information or assumptions. The simulation results showed an improvement in the performance compared to other ideal approaches.

This paper presents new key correlations of the keystream bytes generated from RC4 and their application to plaintext recovery on WPA-TKIP. We first observe new key correlations between two bytes of the RC4 key pairs and a keystream byte in each round, and provide their proofs. We refer to these correlations as iterated RC4 key correlations since two bytes of the RC4 key pairs are iterated every 16 rounds. We then extend the existing attacks by Isobe et al. at FSE 2013 and AlFardan et al. at USENIX Security 2013, 0and finally propose an efficient attack on WPA-TKIP. We refer to the proposed attack as chosen plaintext recovery attack (CPRA) since it chooses the best approach for each byte from a variety of the existing attacks. In order to recover the first 257 bytes of a plaintext on WPA-TKIP with success probability of at least 90%, CPRA requires approximately 230 ciphertexts, which are approximately half the number of ciphertexts for the existing attack by Paterson et al. at FSE 2014.

In this short note, we formally show that Keyed-Homomorphic Public Key Encryption (KH-PKE) is secure against key recovery attacks and ciphertext validity attacks that have been introduced as chosen-ciphertext attacks for homomorphic encryption.

Aiming at the problems of traditional algorithms that require high prior knowledge and weak timeliness, this paper proposes an emergency communication network topology planning method based on deep reinforcement learning. Based on the characteristics of the emergency communication network, and drawing on chess, we map the node layout and topology planning problems in the network planning to chess game problems; The two factors of network coverage and connectivity are considered to construct the evaluation criteria for network planning; The method of combining Monte Carlo tree search and self-game is used to realize network planning sample data generation, and the network planning strategy network and value network structure based on residual network are designed. On this basis, the model was constructed and trained based on Tensorflow library. Simulation results show that the proposed planning method can effectively implement intelligent planning of network topology, and has excellent timeliness and feasibility.

The residue number system (RNS) is a method for representing an integer x as an n-tuple of its residues with respect to a given set of moduli. In RNS, addition, subtraction, and multiplication can be carried out by independent operations with respect to each modulus. Therefore, an n-fold speedup can be achieved by parallel processing. The main disadvantage of RNS is that we cannot efficiently compare the magnitude of two integers or determine the sign of an integer. Two general methods of comparison are to transform a number in RNS to a mixed-radix system or to a radix representation using the Chinese remainder theorem (CRT). We used the CRT to derive an equation approximating a value of x relative to M, the product of moduli. Then, we propose two algorithms that efficiently evaluate the equation and output a sign bit. The expected number of steps of these algorithms is of order n. The algorithms use a lookup table that is (n+3) times as large as M, which is reasonably small for most applications including cryptography.

Pseudorandom sequences with low autocorrelation magnitude play important roles in various environments. Let N be a prime with N=Mf+1, where M and f are positive integers. A new method to construct M-sequences of period 4N is given. We show that these new sequences have low autocorrelation magnitude.

This paper presents the first attribute-based signature (ABS) scheme in which the correspondence between signers and signatures is captured in an arithmetic model of computation. Specifically, we design a fully secure, i.e., adaptively unforgeable and perfectly signer-private ABS scheme for signing policies realizable by arithmetic branching programs (ABP), which are a quite expressive model of arithmetic computations. On a more positive note, the proposed scheme places no bound on the size and input length of the supported signing policy ABP's, and at the same time, supports the use of an input attribute for an arbitrary number of times inside a signing policy ABP, i.e., the so called unbounded multi-use of attributes. The size of our public parameters is constant with respect to the sizes of the signing attribute vectors and signing policies available in the system. The construction is built in (asymmetric) bilinear groups of prime order, and its unforgeability is derived in the standard model under (asymmetric version of) the well-studied decisional linear (DLIN) assumption coupled with the existence of standard collision resistant hash functions. Due to the use of the arithmetic model as opposed to the boolean one, our ABS scheme not only excels significantly over the existing state-of-the-art constructions in terms of concrete efficiency, but also achieves improved applicability in various practical scenarios. Our principal technical contributions are (a) extending the techniques of Okamoto and Takashima [PKC 2011, PKC 2013], which were originally developed in the context of boolean span programs, to the arithmetic setting; and (b) innovating new ideas to allow unbounded multi-use of attributes inside ABP's, which themselves are of unbounded size and input length.

There are some technologies like QR codes to obtain digital information from printed matters. Digital watermarking is one of such techniques. Compared with other techniques, digital watermarking is suitable for adding information to images without spoiling their design. For such purposes, digital watermarking methods for printed matters using detection markers or image registration techniques for detecting watermarked areas are proposed. However, the detection markers themselves can damage the appearance such that the advantages of digital watermarking, which do not lose design, are not fully utilized. On the other hand, methods using image registration techniques are not able to work for non-registered images. In this paper, we propose a novel digital watermarking method using deep learning for the detection of watermarked areas instead of using detection markers or image registration. The proposed method introduces a semantic segmentation based on deep learning model for detecting watermarked areas from printed matters. We prepare two datasets for training the deep learning model. One is constituted of geometrically transformed non-watermarked and watermarked images. The number of images in this dataset is relatively large because the images can be generated based on image processing. This dataset is used for pre-training. The other is obtained from actually taken photographs including non-watermarked or watermarked printed matters. The number of this dataset is relatively small because taking the photographs requires a lot of effort and time. However, the existence of pre-training allows a fewer training images. This dataset is used for fine-tuning to improve robustness for print-cam attacks. In the experiments, we investigated the performance of our method by implementing it on smartphones. The experimental results show that our method can carry 96 bits of information with watermarked printed matters.

Collecting and analyzing personal data is important in modern information applications. Though the privacy of data providers should be protected, the need to track certain data providers often arises, such as tracing specific patients or adversarial users. Thus, tracking only specific persons without revealing normal users' identities is quite important for operating information systems using personal data. It is difficult to know in advance the rules for specifying the necessity of tracking since the rules are derived by the analysis of collected data. Thus, it would be useful to provide a general way that can employ any data analysis method regardless of the type of data and the nature of the rules. In this paper, we propose a privacy-preserving data analysis construction that allows an authority to detect specific users while other honest users are kept anonymous. By using the cryptographic techniques of group signatures with message-dependent opening (GS-MDO) and public key encryption with non-interactive opening (PKENO), we provide a correspondence table that links a user and data in a secure way, and we can employ any anonymization technique and data analysis method. It is particularly worth noting that no “big brother” exists, meaning that no single entity can identify users who do not provide anomaly data, while bad behaviors are always traceable. We show the result of implementing our construction. Briefly, the overhead of our construction is on the order of 10 ms for a single thread. We also confirm the efficiency of our construction by using a real-world dataset.

This paper proposes iterative carrier frequency offset (CFO) compensation for spatially multiplexed Bluetooth Low Energy (BLE) signals using independent component analysis (ICA). We apply spatial division multiple access (SDMA) to BLE system to deal with massive number of connection requests of BLE devices expected in the future. According to specifications, each BLE peripheral device is assumed to have CFO of up to 150 [kHz] due to hardware impairments. ICA can resolve spatially multiplexed signals even if they include independent CFO. After the ICA separation, the proposed scheme compensates for the CFO. However, the length of the BLE packet preamble is not long enough to obtain accurate CFO estimates. In order to accurately conduct the CFO compensation using the equivalent of a long pilot signal, preamble and a part of estimated data in the previous process are utilized. In addition, we reveal the fact that the independent CFO of each peripheral improves the capability of ICA blind separation. The results confirm that the proposed scheme can effectively compensate for CFO in the range of up to 150[kHz], which is defined as the acceptable value in the BLE specification.

Knowledge distillation approaches can transfer information from a large network (teacher network) to a small network (student network) to compress and accelerate deep neural networks. This paper proposes a novel knowledge distillation approach called multi-knowledge distillation (MKD). MKD consists of two stages. In the first stage, it employs autoencoders to learn compact and precise representations of the feature maps (FM) from the teacher network and the student network, these representations can be treated as the essential of the FM, i.e., EFM. In the second stage, MKD utilizes multiple kinds of knowledge, i.e., the magnitude of individual sample's EFM and the similarity relationships among several samples' EFM to enhance the generalization ability of the student network. Compared with previous approaches that employ FM or the handcrafted features from FM, the EFM learned from autoencoders can be transferred more efficiently and reliably. Furthermore, the rich information provided by the multiple kinds of knowledge guarantees the student network to mimic the teacher network as closely as possible. Experimental results also show that MKD is superior to the-state-of-arts.

Knowledge-of-exponent assumptions (KEAs) are a somewhat controversial but nevertheless commonly used type of cryptographic assumptions. While traditional cryptographic assumptions simply assert that certain tasks (like factoring integers or computing discrete logarithms) cannot be performed efficiently, KEAs assert that certain tasks can be performed efficiently, but only in certain ways. The controversy surrounding those assumptions is due to their non-falsifiability, which is due to the way this idea is formalised, and to the general idea that these assumptions are “strong”. Nevertheless, their relationship to existing assumptions has not received much attention thus far. In this paper, we show that the first KEA (KEA1), introduced by Damgård in 1991, implies that computing discrete logarithms is equivalent to solving the computational Diffie-Hellman (CDH) problem. Since showing this equivalence in the standard setting (i.e., without the assumption that KEA1 holds) is a longstanding open question, this indicates that KEA1 (and KEAs in general) are indeed quite strong assumptions.

The term “flash crowd” describes a situation in which a large number of users access a Web service simultaneously. Flash crowds, in particular, constitute a critical problem in e-commerce applications because of the potential for enormous economic damage as well as difficulty in management. Flash crowds can become more serious depending on users' behavior. When a flash crowd occurs, the delay in server response may cause users to retransmit their requests, thereby adding to the server load. In the present paper, we propose to use the psychological factors of the users for flash crowd mitigation. We aim to analyze changes in the user behavior by presenting feedback information. To evaluate the proposed method, we performed subject experiments and stress tests. Subject experiments showed that, by providing feedback information, the average number of request retransmissions decreased from 1.33 to 0.09, and the subjects that abandoned the service decreased from 81% to 0%. This confirmed that feedback information is effective in influencing user behavior in terms of abandonment and retransmission of requests. Stress tests showed that the average number of retransmissions decreased by 41%, and the proportion of abandonments decreased by 30%. These results revealed that the presentation of feedback information could mitigate the damage caused by flash crowds in real websites, although the effect is limited. The proposed method can be used in conjunction with conventional methods to handle flash crowds.

The hardness in solving the shortest vector problem (SVP) is a fundamental assumption for the security of lattice-based cryptographic algorithms. In 2010, Micciancio and Voulgaris proposed an algorithm named the Gauss Sieve, which is a fast and heuristic algorithm for solving the SVP. Schneider presented another algorithm named the Ideal Gauss Sieve in 2011, which is applicable to a special class of lattices, called ideal lattices. The Ideal Gauss Sieve speeds up the Gauss Sieve by using some properties of the ideal lattices. However, the algorithm is applicable only if the dimension of the ideal lattice n is a power of two or n+1 is a prime. Ishiguro et al. proposed an extension to the Ideal Gauss Sieve algorithm in 2014, which is applicable only if the prime factor of n is 2 or 3. In this paper, we first generalize the dimensions that can be applied to the ideal lattice properties to when the prime factor of n is derived from 2, p or q for two primes p and q. To the best of our knowledge, no algorithm using ideal lattice properties has been proposed so far with dimensions such as: 20, 44, 80, 84, and 92. Then we present an algorithm that speeds up the Gauss Sieve for these dimensions. Our experiments show that our proposed algorithm is 10 times faster than the original Gauss Sieve in solving an 80-dimensional SVP problem. Moreover, we propose a rotation-based Gauss Sieve that is approximately 1.5 times faster than the Ideal Gauss Sieve.