In this paper, we present a new methodology, called a random oracle (RO) transformation, for designing IND-CCA secure PKE schemes in the standard model from schemes in the RO model. Unlike the RO methodology [3], [19], the security of the original scheme in the RO model does not necessarily have to be identical with that of the scheme resulting from the RO transformation. We then introduce a new notion, IND-INS-CCA security, and show how to obtain IND-CCA secure PKE schemes by instantiating ROs in IND-INS-CCA secure PKE schemes. Furthermore, we introduce another new notion, a strong pseudorandom function (PRF) family associated with a trapdoor one-way permutation generator (briefly, -SPRF family), which can be regarded as an enhanced PRF family, so that the resulting PKE scheme becomes quite practical.

Dicode partial response signaling system over inductively-coupled channel has been developed to achieve higher data rate than self-resonant frequencies of inductors. The developed system operates at five times higher data rates than conventional systems with the same inductor. A current-mode equalization in the transmitter designed in a 90-nm CMOS successfully reshapes waveforms to obtain dicode signals at the receiver. For a 5-Gb/s signaling through the coupled inductors with a 120-µm diameter and a 120-µm distance, 20-mV eye opening was observed. The power consumption value of the transmitter was 58 mW at the 5-Gb/s operation.

In this paper, we propose a method for robot self-position identification by active sound localization. This method can be used for autonomous security robots working in room environments. A system using an AIBO robot equipped with two microphones and a wireless network is constructed and used for position identification experiments. Differences in arrival time to the robot's microphones are used as localization cues. To overcome the ambiguity of front-back confusion, a three-head-position measurement method is proposed. The position of robot can be identified by the intersection of circles restricted using the azimuth differences among different sound beacon pairs. By localizing three or four loudspeakers as sound beacons positioned at known locations, the robot can identify its position with an average error of 7 cm in a 2.53.0 m2 working space in the horizontal plane. We propose adjusting the arrival time differences (ATDs) to reduce the errors caused when the sound beacons are high mounted. A robot navigation experiment was conducted to demonstrate the effectiveness of the proposed position-identification system.

A method based on covariance differencing for a uniform linear array is proposed to counter the problem of direction finding of narrowband signals under a colored noise environment. By assuming a Hermitian symmetric Toeplitz matrix for the unknown noise, the array covariance matrix is transformed into a centrohermitian matrix in an appropriate way allowing the noise component to be eliminated. The modified covariance differencing algorithm provides accurate direction of arrival (DOA) estimation when the incident signals are uncorrelated or just two of the signals are coherent. If there are more than two coherent signals, the presented method combined with spatial smoothing (SS) scheme can be used. Unlike the original method, the new approach dispenses the need to determine the true angles and the phantom angles. Simulation results demonstrate the effectiveness of presented algorithm.

In this paper, we introduce a new sequential pattern, the Interactive User Sequence Pattern (IUSP). This pattern is useful for grouping highly interrelated users in one-way communications such as e-mail, SMS, etc., especially when the communications include many spam users. Also, we propose an efficient algorithm for discovering IUSPs from massive one-way communication logs containing only the following information: senders, receivers, and dates and times. Even though there is a difficulty in that our new sequential pattern violates the Apriori property, the proposed algorithm shows excellent processing performance and low storage cost in experiments on a real dataset.

This paper addresses an application of the potential game theory to a power-aware mobile sensor coverage problem where each sensor tries to maximize a probability of target detection in a convex mission space. The probability of target detection depends on a sensing voltage of each mobile sensor as well as its current position. While a higher sensing voltage improves the target detection probability, this requires more power consumption. In this paper, we assume that mobile sensors have different sensing capabilities of detecting a target and they can adaptively change sensing areas by adjusting their sensing voltages. We consider an objective function to evaluate a trade-off between improving the target detection probability and reducing total power consumption of all sensors. We represent a sensing voltage and a position of each mobile sensor using a barycentric coordinate over an extended strategy space. Then, the sensor coverage problem can be formulated as a potential game where the power-aware objective function and the barycentric coordinates correspond to a potential function and players' mixed strategies, respectively. It is known that all local maximizers of a potential function in a potential game are equilibria of replicator dynamics. Based on this property of potential games, we propose decentralized control for the power-aware sensor coverage problem such that each mobile sensor finds a locally optimal position and sensing voltage by updating its barycentric coordinate using replicator dynamics.

This paper proposes a new approach for the joint processing of signal detection and channel estimation based on the expectation-maximization (EM) algorithm in orthogonal frequency division multiplexing (OFDM) mobile communications. Conventional schemes based on the EM algorithm estimate a channel impulse response using Kalman filter, and employ the random walk model or the first-order autoregressive (AR) model to derive the process equation for the filter. Since these models assume that the time-variation of the impulse response is white noise without considering any autocorrelation property, the accuracy of the channel estimation deteriorates under fast-fading conditions, resulting in an increased packet error rate (PER). To improve the accuracy of the estimation of fast-fading channels, the proposed scheme employs a differential model that allows the correlated time-variation to be considered by introducing the first- and higher-order time differentials of the channel impulse response. In addition, this paper derives a forward recursive form of the channel estimation along both the frequency and time axes in order to reduce the computational complexity. Computer simulations of channels under fast multipath fading conditions demonstrate that the proposed method is superior in PER to the conventional schemes that employ the random walk model.

Model-based reinforcement learning uses the gathered information, during each experience, more efficiently than model-free reinforcement learning. This is especially interesting in multiagent systems, since a large number of experiences are necessary to achieve a good performance. In this paper, model-based reinforcement learning is developed for a group of self-interested agents with sequential action selection based on traditional prioritized sweeping. Every single situation of decision making in this learning process, called extensive Markov game, is modeled as n-person general-sum extensive form game with perfect information. A modified version of backward induction is proposed for action selection, which adjusts the tradeoff between selecting subgame perfect equilibrium points, as the optimal joint actions, and learning new joint actions. The algorithm is proved to be convergent and discussed based on the new results on the convergence of the traditional prioritized sweeping.

This letter investigates the effects of spatial correlation on several multiple antenna schemes in multiuser environments. Using an order statistics upper bound on achievable capacity, we quantify the interaction among spatial correlation, spatial diversity, spatial multiplexing and multiuser diversity. Also, it is verified that the upper bound is tighter than asymptotic capacity when the number of users is relatively small.

We demonstrate a single-channel 1.28 Tbit/s-525 km transmission using OTDM of subpicosecond DQPSK signals. In order to cope with transmission impairments due to time-varying higher-order PMD, which is one of the major limiting factors in such a long-haul ultrahigh-speed transmission, we newly developed an ultrafast time-domain optical Fourier transformation technique in a round-trip configuration. By applying this technique to subpicosecond pulses, transmission impairments were greatly reduced, and BER performance below FEC limit was obtained with increased system margin.

Recently enhancing the visual experience of the user has been a new trend for TV displays. This trend comes from the fact that changes of ambient illuminations while viewing a Liquid Crystal Display (LCD) significantly affect human impressions. However, psychological effects caused by the combination of displayed video image and ambient illuminations have not been investigated. In the present research, we clarify the relationship between ambient illuminations and psychological effects while viewing video image displayed on the LCD by using a questionnaire based semantic differential (SD) method and a factor analysis method. Six kinds of video images were displayed under different colors and layouts of illumination conditions and rated by 15 observers. According to the analysis, it became clear that the illumination control around the LCD with displayed video image, the feeling of 'activity' and 'evaluating' were rated higher than the feeling of fluorescent ceiling condition. In particular, simultaneous illumination control around the display and the ceiling enhanced the feeling of 'activity,' and 'evaluating' with keeping 'comfort.' Moreover, the feeling of 'activity' under the illumination control around the LCD and the ceiling condition while viewing music video image was rated clearly higher than that with natural scene video image.

Since the Merkle-Damgård hash function (denoted by MDFH) that uses a fixed input length random oracle as a compression function is not indifferentiable from a random oracle (denoted by RO) due to the extension attack, there is no guarantee for the security of cryptosystems, which are secure in the RO model, when RO is instantiated with MDHF. This fact motivates us to establish a criteria methodology for confirming cryptosystems security when RO is instantiated with MDHF. In this paper, we confirm cryptosystems security by using the following approach: 1.Find a weakened random oracle (denoted by WRO) which leaks values needed to realize the extension attack. 2.Prove that MDHF is indifferentiable from WRO. 3.Prove cryptosystems security in the WRO model. The indifferentiability framework of Maurer, Renner and Holenstein guarantees that we can securely use the cryptosystem when WRO is instantiated with MDHF. Thus we concentrate on such finding WRO. We propose Traceable Random Oracle (denoted by TRO) which leaks values enough to permit the extension attack. By using TRO, we can easily confirm the security of OAEP encryption scheme and variants of OAEP encryption scheme. However, there are several practical cryptosystems whose security cannot be confirmed by TRO (e.g. RSA-KEM). This is because TRO leaks values that are irrelevant to the extension attack. Therefore, we propose another WRO, Extension Attack Simulatable Random Oracle (denoted by ERO), which leaks just the value needed for the extension attack. Fortunately, ERO is necessary and sufficient to confirm the security of cryptosystems under MDHF. This means that the security of any cryptosystem under MDHF is equivalent to that under the ERO model. We prove that RSA-KEM is secure in the ERO model.

This paper describes a modular exponentiation processing method and circuit architecture that can exhibit the maximum performance of FPGA resources. The modular exponentiation architecture proposed by us comprises three main techniques. The first one is to improve the Montgomery multiplication algorithm in order to maximize the performance of the multiplication unit in an FPGA. The second one is to balance and improve the circuit delay. The third one is to ensure scalability of the circuit. Our architecture can perform fast operations using small-scale resources; in particular, it can complete a 512-bit modular exponentiation as fast as in 0.26 ms with the smallest Virtex-4 FPGA, XC4VF12-10SF363. In fact the number of SLICEs used is approx. 4200, which proves the compactness of our design. Moreover, the scalability of our design also allows 1024-, 1536-, and 2048-bit modular exponentiations to be processed in the same circuit.

In this paper we first demonstrate that effective selection functions in power analysis attacks change depending on circuit architectures of a block cipher. We then conclude that the most resistant architecture on its own, in the case of the loop architecture, has two data registers have separate roles: one for storing the plaintext and ciphertext, and the other for storing intermediate values. There, the pre-whitening operation is placed at the output of the former register. The architecture allows the narrowest range of selection functions and thereby has resistance against ordinary CPA. Thus, we can easily defend against attacks by ordinary CPA at the architectural level, whereas we cannot against DPA. Secondly, we propose a new technique called "self-templates" in order to raise the accuracy of evaluation of DPA-based attacks. Self-templates enable to differentiate meaningful selection functions for DPA-based attacks without any strong assumption as in the template attack. We also present the results of attacks to an AES co-processor on an ASIC and demonstrate the effectiveness of the proposed technique.

Device mismatch plays an important role in the design of accurate analog circuits. The common centroid structure is commonly employed to reduce device mismatches caused by symmetrical layouts and processing gradients. Among the candidate placements generated by the common centroid approach, however, whichever achieves better matching is generally difficult to be determined without performing the time-consuming yield evaluation process. In addition, this rule-based methodology makes it difficult to achieve acceptable matching between multiple capacitors and to handle an irregular layout area. Based on a spatial correlation model, this study proposed a design methodology for yield enhancement of analog circuits using switched-capacitor techniques. An efficient and effective placement generator is developed to derive a placement for a circuit to achieve the highest or near highest correlation coefficient and thus accomplishing a better yield performance. A simple yield analysis is also developed to evaluate the achieved yield performance of a derived placement. Results show that the proposed methodology derives a placement which achieves better yield performance than those generated by the common centroid approach.

Spatial encryption is one of the generalized identity based encryption proposed by Boneh and Hamburg in 2008. Spatial encryption provides a framework for generating many identity based cryptosystems such as broadcast encryption, forward secure encryption or ring signature. While this may appear to be an attractive feature, all existing spatial encryption schemes are only selectively secure. In this paper, we present a fully secure spatial encryption scheme based on the three composite order bilinear groups.

Spectrum sensing is a fundamental function for cognitive radio network to protect transmission of primary system. Cooperative spectrum sensing, which can help increasing sensing performance, is regarded as one of the most promising methods in realizing a reliable cognitive network. In such cooperation system, however the communication resources such as sensing time delay, control channel bandwidth and consumption energy for reporting the cognitive radio node's sensing results to the fusion center may become extremely huge when the number of cognitive users is large. In this paper, we propose an ordered sequential cooperative spectrum sensing scheme in which the local sensing data will be sent according to its reliability order to the fusion center. In proposed scheme, the sequential fusion process is sequentially conducted based on Dempster Shafer theory of evidence's combination of the reported sensing results. Above all, the proposed scheme is highly feasible due to the proposed two ordered sequential reporting methods. From simulation results, it is shown that the proposed technique not only keeps the same sensing performance of non-sequential fusion scheme but also extremely reduces the reporting resource requirements.

A design methodology of Random Switching Logic (RSL) using CMOS standard cell libraries is proposed to counter power analysis attacks against cryptographic hardware modules. The original RSL proposed in 2004 requires a unique RSL-gate for random data masking and glitch suppression to prevent secret information leakage through power traces. In contrast, our new methodology enables to use general logic gates supported by standard cell libraries. In order to evaluate its practical performance in hardware size and speed as well as resistance against power analysis attacks, an AES circuit with the RSL technique was implemented as a cryptographic LSI using 130-nm and 90-nm CMOS standard cell library. From the results of attack experiments that used a million traces, we confirmed that the RSL-AES circuit has very high DPA and CPA resistance thanks to the contributions of both the masking function and the glitch suppressing function.

CAST-128 is a block cipher used in a number of products, notably as the default cipher in some versions of GPG and PGP. It has been approved for Canadian government use by the Communications Security Establishment. Haruki Seki et al. found 2-round differential characteristics and they can attack 5-round CAST-128. In this paper, we studied the properties of round functions F1 and F3 in CAST-128, and identified differential characteristics for F1 round function and F3 round function. So we identified a 6-round differential characteristic with probability 2-53 under 2-23.8 of the total key space. Then based on 6-round differential characteristic, we can attack 8-round CAST-128 with key sizes greater than or equal to 72 bits and 9-round CAST-128 with key sizes greater than or equal to 104 bits. We give the summary of attacks on reduced-round CAST-128 in Table 10.

In this paper, we propose an AGC (Automatic Gain Control) algorithm for initial cell search in 3GPP (3rd Generation Partnership Project) LTE (Long Term Evolution) TDD (Time Division Duplex) system. Since the received signal has a large signal power difference between uplink and downlink subframe in wireless communication systems using a TDD scheme, conventional AGC scheme cannot sufficiently adjust the AGC gain because the AGC gain cannot converge fast enough to properly respond. Therefore, conventional AGC scheme leads to increased AGC gain variation, and the received signal will be attenuated by large AGC gain variation. To overcome this limitation, we propose an AGC scheme based on the average amplitude ratio calculation which can not only effectively increase convergence speed of the AGC gain but also maintain the stability of AGC operation in LTE TDD system. Also, it is important for AGC to converge efficiently for the accurate radio frame timing detection during the subsequent initial cell search procedure. Therefore, we also consider the proposed AGC scheme in combination with PSS (Primary Synchronization Signal) detection interface for the first step of initial cell search process in LTE TDD system to obtain both a stable AGC operation and accurate PSS detection performance. By extensive computer simulation in the presence of frequency offset and various channel environments, we verified that the proposed method can obtain a good behavior in terms of demodulation and PSS detection performance in LTE TDD system.