The processing of noise-corrupted signals is a common problem in signal processing applications. In most of the cases, it is assumed that the additive noise is white Gaussian and that the constant noise variance is either available or can be easily measured. However, this may not be the case in practical situations. We present a new approach to additive white Gaussian noise variance estimation. The observations are assumed to be from an autoregressive process. The method presented here is iterative, and uses low-order Yule-Walker equations (LOYWEs). The noise variance is obtained by minimizing the difference in the second norms of the noisy Yule-Walker solution and the estimated noise-free Yule-Walker solution. The noise-free solution is constrained to match the observed autocorrelation sequence. In the iterative noise variance estimation method, a variable step-size update scheme for the noise variance parameter is utilized. Simulation results are given to confirm the effectiveness of the proposed method.

The new concept of ES (Encryption-Signature) schemes which realize an encryption scheme and a signature scheme with a unique padding technique and key pair, was proposed by Coron et al. They also gave a proof of PSS-ES. In this paper, first, we discuss the methodology for the construction for ES schemes by using padding techniques of encryption schemes, and propose a new ES scheme, OAEP-ES, adopting this methodology. It is proven that OAEP-ES scheme can be constructed under the assumption of the one-wayness of the encryption permutation, while the security of PSS-ES utilized as an encryption scheme is based on the partial-domain one-wayness; which is a theoretical progress since the one-wayness is more general assumption than the partial-domain one-wayness. It is shown that OAEP-ES attains tighter security than PSS-ES, which is a practical interest.

A new approach for electronic sealed-bid auctions that preserve the privacy of losing bids is presented. It reduces the number of operations performed by the auctioneers to O(log ); previous protocols require O(N ) or O(N log ) where the number of bidders is N and that of available bidding prices is . Namely, the number of auctioneers' operations in our auction protocol is independent of the number of bidders. This feature offers strong advantages in massive auctions. We also propose a new scheme that checks the equality of two values without disclosing them. The scheme enhances our basic auction protocol, in terms of security and communication costs.

Secure distribution of digital goods is now a significantly important issue for protecting publishers' copyrights. In this paper, we study a useful primitive for constructing a secure and efficient digital rights management system (DRM) where a server which encrypts digital content and one which issues the corresponding decryption key works independently, and existing schemes lack this property. We first argue the desired property necessary of an encryption scheme for constructing an efficient DRM, and formally define an encryption scheme as split encryption scheme containing such property. Also, we show that an efficient split encryption scheme can be constructed from any identity-based scheme. More precisely, we show an equivalence result implying that a split encryption scheme for some system parameter setting and an identity-based encryption scheme have the same primitives but for different uses. Since currently there is no identity-based encryption scheme which is based on well-known computational assumption and/or provably secure in the standard model (i.e. without the random oracle model), by reasonably tuning the system parameter, we show another construction of split encryption which is secure against chosen ciphertext attacks in the standard model assuming that decision Diffie-Hellman problem is hard to solve.

Linking schemes have been proposed assuming the model where the time-stamp issuer need not be trusted. However, in that environment, a fake chain attack and forward or backward dating attacks are still a residual risk in Time-Stamping services (TSS). In this paper, we propose a new time-stamping scheme that focuses on these problems. In our scheme, we use pseudonyms to prevent the time-stamp issuer from dating the time that the specific entity requests. Our scheme doesn't rely on only one trustworthy entity, and uses mutual communication between each entity. Two types of entities, server and clients without any trustworthy entities are configured in our system. The server provides an anonymous communication channel, but doesn't provide TSS, and the clients are not only time-stamp requesters but also issuers. So, when a client requests a time-stamp from the system, it is issued by one of the other clients.

The Single Instruction, Multiple Data (SIMD) architecture enables computation in parallel on a single processor. The SIMD operations are implemented on some processors such as Pentium 3/4, Athlon, SPARC, or even on smart cards. This paper proposes efficient algorithms for assembling an elliptic curve addition (ECADD), doubling (ECDBL), and k-iterated ECDBL (k-ECDBL) with SIMD operations. We optimize the number of auxiliary variables and the order of basic field operations used for these addition formulas. If an addition chain has k-bit zero run, we can replace k-time ECDBLs to the proposed faster k-ECDBL and the total efficiency of the scalar multiplication can be improved. Using the singed binary chain, we can compute a scalar multiplication about 10% faster than the previously fastest algorithm proposed by Aoki et al. Combined with the sliding window method or the width-w NAF window method, we also achieve about 10% faster parallelized scalar multiplication algorithms with SIMD operations. For the implementation on smart cards, we establish two fast parallelized scalar multiplication algorithms with SIMD resistant against side channel attacks.

This paper proposes a robust method for estimating the fundamental frequency (F0) in real environments. It is assumed that the spectral structure of real environmental noise varies momentarily and its energy does not distribute evenly in the time-frequency domain. Therefore, segmenting a spectrogram of speech mixed with environmental noise into narrow time-frequency regions will produce low-noise regions in which the signal-to-noise ratio is high. The proposed method estimates F0 from the periodic and harmonic features that are clearly observed in the low-noise regions. It first uses two kinds of spectrogram, one with high frequency resolution and another with high temporal resolution, to represent the periodic and harmonic features corresponding to F0. Next, the method segments these two kinds of feature plane into narrow time-frequency regions, and calculates the probability function of F0 for each region. It then utilizes the entropy of the probability function as weight to emphasize the probability function in the low-noise region and to enhance noise robustness. Finally, the probability functions are grouped in each time, and F0 is obtained as the frequency with the highest probability of the function. The experimental results showed that, in comparison with other approaches such as the cepstrum method and the autocorrelation method, the developed method can more robustly estimate F0s from speech in the presence of band-limited noise and car noise.

This paper describes the design, fabrication, and measurement of a multiple U-shaped slot antenna for Hiper-LAN. The prototype consists of a U-shaped slot and two inverted U-shaped slot. To obtain sufficient bandwidth, a foam layer is inserted between the ground plane and substrate. A measured bandwidth of approximately 7.6% (VSWR 1.5) and gain of 2.9-5.3 dBi are obtained. The experimental far-field patterns are shown to be stable across the pass band, with the 3 dB beam width in azimuth and elevation at 50and 62, respectively.

We present a new keystream generator (KSG) MUGI, which is a variant of PANAMA proposed at FSE '98. MUGI has a 128-bit secret key and a 128-bit initial vector as parameters and generates a 64-bit string per round. The design is particularly suited for efficient hardware implementations, but the software performance of MUGI is excellent as well. A speed optimized implementation in hardware achieves about 3 Gbps with 26 Kgates, which is several times faster than AES. On the other hand, the security of MUGI has been evaluated by analyzing the applicability of re-synchronization attacks, related-key attacks, and attacks that exploit the linear correlation of an output sequence. Our analysis confirms that MUGI is a secure KSG.

This paper investigates the performance of an integrated voice/data wireless mobile network where a finite buffer is provided for voice calls since they can endure a tolerable time, or the reneging time, for service. Based on a given humanistic reneging time, we analyze the voice traffic blocking probability. The probability distribution of receiving service within the reneging time is obtained for each buffered voice call and based on this result, an appropriate amount of voice buffer is obtained. To alleviate the impact on data blocking probability caused by the voice buffer and to enhance the efficiency of data service, a dynamic multi-channel allocation scheme with channel de-allocation and guard channels is proposed for data traffic. Compared with the conventional method where the system adopts a single-channel allocation scheme without guard channel for data users, the proposed scheme shows significant improvement in data blocking probability, throughput and the mean service time. Furthermore, a system with an appropriate size of buffer for voice traffic can receive good improvement in voice blocking probability.

A new robust extended Kalman filter is proposed for the discrete-time nonlinear systems with norm-bounded parameter uncertainties. After linearization of the nonlinear systems, the uncertainties described by the energy bounded constraint can be converted into an indefinite quadratic cost function to be minimized. The solution to the minimization problem is given by the extended Kalman filter derived in a Krein space, which leads to a robust version of the extended Kalman filter. Since the resulting robust filter has the same structure as a standard extended Kalman filter, the proposed filter can be readily designed by simply including the uncertainty terms in its formulas. The results of simulations are presented to demonstrate that the proposed filter achieves the robustness against parameter variation and performs better than the standard extended Kalman filter.

The present paper introduces a new construction of a class of binary sequence set having a zero-correlation zone (hereafter binary zcz sequence set). The cross-correlation function and the side-lobe of the auto-correlation function of the proposed sequence set is zero for the phase shifts within the zero-correlation zone. This paper shows that such a construction generates a binary zcz sequence set from an arbitrary pair of Hadamard matrices of common size. Since the proposed sequence construction generates a sequence set from an arbitrary pair of Hadamard matrices, many more types of sequence sets can be generated by the proposed sequence construction than is possible by a sequence construction that generates sequence sets from a single arbitrary Hadamard matrix.

IEEE 802.11 standard and the enhanced amendments have defined several transmission rates for mobile stations to transmit and receive data frames. With the characteristic of modulation schemes, a higher network throughput can be expected by using higher level modulation scheme, but frame error probability will also become higher. Doubtlessly, it is an open issue of selecting a proper modulation scheme for a pair of mobile stations in time-varying indoor environment. This paper proposes a safe multiple access-rates transmission (SMART) scheme to enhance the reliability of data transmission in IEEE 802.11 multi-rate infrastructure wireless networks. SMART scheme provides reliable transmission by reserving a retransmission period which immediately follows the transmitted frame and is estimated by a lower transmission rate according to the transmitted frame. The performance of SMART scheme is evaluated by analytical model and simulation experiment, which show that the proposed scheme is significantly better than the IEEE 802.11 standard under the real environment with asymmetric traffic load. An enhanced SMART (ESMART) scheme is also proposed especially to improve bandwidth waste for long packet length at access point (AP). The performance measurements, such as goodput, throughput, average access delay, and service rate, are obtained and compared for the different schemes.

The recent development of network technology has enabled us to access various information sources easily, and their integration has been studied intensively by the data engineering research community. Although technological advancement has made it possible to integrate existing heterogeneous information sources, we still have to deal with information sources of a new kind--dissemination-based information sources. They actively and autonomously deliver information from server sites to users. Integration of dissemination-based information sources is one of the popular research topics. We have been developing an information integration system in which we employ ECA rules to enable users to define new information delivery services integrating multiple existing dissemination-based information sources. However, it is not easy for users to directly specify ECA rules and to verify them. In this paper, we propose a scheme to specify new dissemination-based information delivery services using the framework of relational algebra. We discuss some important properties of the specification, and show how we can derive ECA rules to implement the services.

In this paper, a process is described for analysing the motion of a human target in a video stream. Moving targets are detected and their boundaries extracted. From these, a "star" skeleton is produced. Two motion cues are determined from this skeletonization: body posture, and cyclic motion of skeleton segments. These cues are used to determine human activities such as walking or running, and even potentially, the target's gait. Unlike other methods, this does not require an a priori human model, or a large number of "pixels on target". Furthermore, it is computationally inexpensive, and thus ideal for real-world video applications such as outdoor video surveillance.

The electromagnetic scattering of a plane wave by an inhomogeneous plane whose surface impedance changes locally on the plane is treated. A boundary-value problem is formulated to describe the scattering phenomenon, in which the boundary condition depends on the surface impedance of the plane. Application of the Fourier transform derives an integral equation, which is approximately solved by the method of least-squares. From the solution of the equation, the scattered field is obtained by the inverse Fourier transform. By the use of the incomplete Lipschitz-Hankel integral for the computation of the field, numerical examples are given and the scattering phenomenon is discussed.

It is inevitable for driver assist and warning systems to consider the drivers' state of consciousness. Drowsiness is one of the important factors in estimating the drivers' state of consciousness. A Method to extract the driver's initial stage of drowsiness was developed by means of the eyelid's opening relevant to each various characteristic of objects with motion pictures processing in the actual driving environment. The result was that an increase of the long eyelid closure time was the key factor in estimating the initial stage of drivers' drowsiness while driving. And the state of drowsiness could be presumed by checking the frequencies of long eyelid closure time per unit period.

In this paper, we first show a multiple-use protocol under the Diffie-Hellman assumption such that the initialization phase is much more efficient than the previous one. We next present an efficient multiple-use protocol whose security is equivalent to breaking RSA. The securities of our protocols are all formally proved.

A new method to extract retinal blood vessels from a colour fundus image is described. Digital colour fundus images are contrast enhanced in order to obtain sharp edges. The green bands are selected and transformed to correlation coefficient images by using two sets of Gaussian kernel patches of distinct scales of resolution. Blood vessels are then extracted by means of a new algorithm, directional recursive region growing segmentation or D-RRGS. The segmentation results have been compared with clinically-generated ground truth and evaluated in terms of sensitivity and specificity. The results are encouraging and will be used for further application such as blood vessel diameter measurement.

The side channel attack (SCA) is a serious attack on wearable devices that have scarce computational resources. Cryptographic algorithms on them should be efficient using small memory--we have to make efforts to optimize the trade-off between efficiency and memory. In this paper we present efficient SCA-resistant scalar multiplications based on window method. Moller proposed an SPA-resistant window method based on 2w-ary window method, which replaces w-consecutive zeros to 1 plus w-consecutive and it requires 2w points of table (or 2w-1 + 1 points if the signed 2w-ary is used). The most efficient window method with small memory is the width-w NAF, which requires 2w-2 points of table. In this paper we convert the width-w NAF to an SPA-resistant addition chain. Indeed we generate a scalar sequence with the fixed pattern, e.g. |00x|00x||00x|, where x is positive odd points < 2w. Thus the size of the table is 2w-1, which is optimal in the construction of the SPA-resistant chain based on width-w NAF. The table sizes of the proposed scheme are 6% to 50% smaller than those of Moller's scheme for w = 2,3,4,5, which are relevant choices in the sense of efficiency for 160-bit ECC.