The c-Secure CRT code is a collusion-secure fingerprinting code whose code length is reduced by using the Chinese Remainder Theorem. The tracing algorithm for the c-secure CRT code drops its performance of traitor tracing when random errors are added to the codewords. In this paper, we show two approaches to enhance random-error-resilience to the tracing algorithm of the c-secure CRT code. The first approach is introducing thresholds for the distinction of the detected part of the embedded data called detected blocks. We propose a method to derive appropriate values of the thresholds on an assumption that the tracer can estimate the random error rate. This modification extends the capability of traitor tracing to the attacks in which the alteration rate of the detected blocks is not fixed to 0.5. The second approach is extending the scope of the search for the detected blocks. With numerical results by computer simulations, we confirmed an impressive improvement of random-error-resilience of a c-secure CRT code.

This paper investigates the accepting powers of deterministic, Las Vegas, self-verifying nondeterministic, and nondeterministic one-way multi-counter automata with time-bounds. We show that (1) for each k1, there is a language accepted by a Las Vegas one-way k-counter automaton operating in real time, but not accepted by any deterministic one-way k-counter automaton operating in linear time, (2) there is a language accepted by a self-verifying nondeterministic one-way 2-counter automaton operating in real time, but not accepted by any Las Vegas one-way multi-counter automaton operating in polynomial time, (3) there is a language accepted by a self-verifying nondeterministic one-way 1-counter automaton operating in real time, but not accepted by any deterministic one-way multi-counter automaton operating in polynomial time, and (4) there is a language accepted by a nondeterministic one-way 1-counter automaton operating in real time, but not accepted by any self-verifying nondeterministic one-way multi-counter automaton operating in polynomial time.

The achievable rate region related to the problem of generating mutually independent random sequences is determined. Furthermore, it is proved that the output distribution of lossless source encoders with correlated side information is asymptotically independent of the side information. Based on this, we can realize a random number generator that produces mutually asymptotically independent random sequences from random sequences emitted from correlated sources.

The strong RSA assumption is an assumption that the following problem is hard to solve: Given an RSA modulus and a ciphertext, find a pair of plaintext and exponent corresponding to them. It differs from the standard RSA assumption in a sense that in the strong version, no exponent is given as an input. The strong RSA assumption is considered to be stronger than the RSA assumption, but their exact relationship is not known. We investigate the strength of the strong RSA assumption and show that the strong RSA assumption restricted to low exponents is equivalent to the assumption that RSA problem is intractable for any low exponent. We also show that in terms of algebraic computation, the strong RSA assumption is properly stronger than the RSA assumption if there exists an RSA modulus n such that gcd((n),3)=1 and RSA problem is intractable.

We show that a randomized addition-sub-traction chains countermeasure against side channel attacks is vulnerable to an SPA attack, which is a kind of side channel attack, under distinguishability between addition and doubling. The side channel attack takes advantage of information leaked during execution of a cryptographic procedure. The randomized addition-subtraction chains countermeasure was proposed by Oswald-Aigner, and is based on a random decision inserted into computations. However, the question of its immunity to side channel attacks is still controversial. The randomized addition-subtraction chains countermeasure has security flaw in timing attacks, another kind of side channel attack. We have implemented the proposed attack algorithm, whose input is a set of AD sequences, which consist of the characters "A" and "D" to indicate addition and doubling, respectively. Our program has clarified the effectiveness of the attack. The attack algorithm could actually detect secret scalars for given AD sequences. The average time to detect a 160-bit scalar was about 6 milliseconds, and only 30 AD sequences were enough to detect such a scalar. Compared with other countermeasures against side channel attacks, the randomized addition-subtraction chains countermeasure is much slower.

A bent-waveguide-based multimode interference (MMI) demultiplexer is designed for the operation at 0.85- and 1.55-µm wavelengths using the three-dimensional semi-vectorial beam-propagation method. First, it is shown that the use of a straight MMI waveguide results in a long coupler length of more than 1000µm for wavelength demulitplexing. To reduce the coupler length, we next introduce a bent MMI waveguide. Bending with a radius of 1500µm leads to a coupler length of less than 200µm. After designing two output waveguides connected to the MMI section, we finally choose a coupler length to be 175µm for efficient demultiplexing properties. Consequently, an output power of more than 90% can be obtained, leading to a low insertion loss of 0.34dB at both 0.85- and 1.55-µm wavelengths. The demultiplexer achieves small polarization dependence, i.e., less than 2dB difference in contrast and 0.02dB difference in insertion loss.

Advanced optical transmission fibers have enabled 40-Gb/s transmission over distances of up to 5200km with 100-km amplified spans. This paper will discuss a number of the enabling fiber properties including dispersion, dispersion slope, Raman gain efficiency, and polarization mode dispersion.

We propose a new closed-loop power control scheme for wireless mobile communication systems using an adaptive step size. The proposed scheme selects the basic power control step size by considering the speed of the mobile station and a variable step size by using instantaneous companding logic based on power control command bit patterns. We show its improved performance in view of the standard deviation of received power at the base station in consideration of channel BER.

The Another Solution Problem (ASP) of a problem is the following problem: for a given instance x of and a solution s to it, find a solution to x other than s. The notion of ASP as a new class of problems was first introduced by Ueda and Nagao. They also pointed out that parsimonious reductions which allow polynomial-time transformation of solutions can derive the NP-completeness of ASP of a certain problem from that of ASP of another. In this paper we consider n-ASP, the problem to find another solution when n solutions are given, and formalize it to investigate its characteristics. In particular we consider ASP-completeness, the completeness with respect to the reductions satisfying the properties mentioned above. The complexity of ASPs has a relation with the difficulty of designing puzzles. We prove the ASP-completeness of three popular puzzles: Slither Link, Cross Sum, and Number Place. Since ASP-completeness implies NP-completeness, these results can be regarded as new results of NP-completeness proof of puzzles.

In this paper, the efficient structure of an LUT (look-up table) for an asynchronous reconfigurable PCA (Plastic Cell Architecture) device is investigated. A total of 15 types of implementation alternatives for LUTs are evaluated and compared in an empirical manner in which full custom layout design is developed and simulated. The evaluation results show that by introducing transmission gates in memory cells in an LUT, read time can be improved by 14.3% at the cost of 13.6% area increase compared to a conventional speed oriented implementation. It is also shown that use of transmission gates reduces 6.4% of area and 19.2% of read time against a conventional area oriented LUT implementation.

A novel signal processing technique using adaptive neural network algorithm is applied for the on-line detection of harmonic current components generated by nonlinear current loads in the single-phase diode bridge rectifier and it can efficiently determine the harmonic current components in real time. The validity of this active filtering processing system to compensate current harmonics is proved on the basis of simulation results.

Online profiling methodologies are studied for exploiting dynamic optimization. On a dynamic optimizable system with online profilers, it has to get accurate profile in early step of the program execution for effective execution. However, for getting more effective profile by online profiling, it has to satisfy "Rapidness" and "Accuracy". They are conflicted requirements. Therefore, it has to choose trade-off point at implementation. We focused into online Hot Instruction Sequence (HIS) profiler to exploit reconfigurable functional units. To circumstantiate the effectiveness of online HIS profiling, we build some evaluation models for experimental evaluation. Our profiler models are SC/DM, SC/FA and JC/DM. These models have different policy of event counting and table lookup. Our event counting policies are simple-counting or jumble-counting. On the other hand, table lookup policies are direct-map or full-associative. In our experimental evaluation, SC/FA and JC/DM models scored higher accuracy than SC/DM. The JC/DM model is able to implement by lower cost for table lookup, but it scored high accuracy comparable to SC/FA.

Let α and β be polygons with the same area. A Dudeney dissection of α to β is a partition of α into parts which can be reassembled to produce β in the following way. Hinge the parts of α like a chain along the perimeter of α, then fix one of the parts and without turning the pieces over, rotate the remaining parts about the fixed part to form β in such a way that the entire perimeter of α is in the interior of β and the perimeter of β consists of the dissection lines formerly in the interior of α . In this paper we discuss a special type of Dudeney dissection of convex polygons in which α is congruent to β and call it a congruent Dudeney dissection. In particular, we consider the case where all hinge points are interior to the sides of the polygon α. A convex polygon which has a congruent Dudeney dissection is called a chameleon. We determine all convex polygons which are chameleons.

The purpose of this paper is to discuss length estimation based on digitized curves. Information on a curve in the Euclidean plane is lost after digitization. Higher resolution supports a convergence of a digital image towards the original curve with respect to Hausdorff metric. No matter how high resolution is assumed, it is impossible to know the length of an original curve exactly. In image analysis we estimate the length of a curve in the Euclidean plane based on an approximation. An approximate polygon converges to the original curve with an increase of resolution. Several approximation methods have been proposed so far. This paper proposes a new approximation method which generates polygonal curves closer (in the sense of Hausdorff metric) in general to its original curves than any of the previously known methods and discusses its relevance for length estimation by proving a Convergence Theorem.

A configurable device "PCA-Chip2" implements the concept of Plastic Cell Architecture, which is an extension of programmable logic devices. This paper presents basic design tools for the PCA-Chip2 as the first step to develop the total design environment. Given a C description of a target function, configuration data for PCA-Chip2 is automatically generated by the tools. Trial designs by the tools are also presented to demonstrate the practicability of the proposed approach.

Content addressable memory (CAM) is one of the functional memories which realize word-parallel equivalence search. Since a CAM unit is generally used in a particular application program, we consider that appropriate design for CAM units is required depending on the requirements for the application program. This paper proposes a hardware/software cosynthesis system for CAM processors. The input of the system is an application program written in C including CAM functions and a constraint for execution time (or CAM processor area). Its output is hardware descriptions of a synthesized processor and a binary code executed on it. Based on the branch-and-bound method, the system determines which CAM function is realized by a hardware and which CAM function is realized by a software with meeting the given timing constraint (or area constraint) and minimizing the CAM processor area (or execution time of the application program). We expect that we can realize optimal CAM processor design for an application program. Experimental results for several application programs show that we can obtain a CAM processor whose area is minimum with meeting the given timing constraint.

A Fair Queueing Algorithm is proposed for data services in an integrated voice/data CDMA system. We introduce short-term and long-term fairness concepts to allocate data users fairly. Using these concepts, we propose a Weighted Fair Queueing with Status Control (WFQS) in the consideration of a Generalized Processor Sharing (GPS) fluid-flow model. This proposed scheme allocates resources using channel status information. The throughput and delay of data users could be improved when this scheme is applied to wireless channels.

We propose a method for camera calibration based on image registration. This method registers two images; one is a real image captured by a camera with a calibration object with known shape and texture, and the other is a synthetic image containing the object. The proposed method estimates the parameters of the rotation and translation of the object by using the depth information of the synthetic image. The Gauss-Newton method is used to minimize the residuals of intensities of the two images. The proposed method does not depend on initial values of the minimization, and is applicable to images with much noise. Experimental results using real images demonstrate the robustness against initial state and noise on the image.

To an extremely difficult problem of finding the maximum likelihood estimates in a specific mixture regression model, a combination of several optimization techniques is found to be useful. These algorithms are the continuation method, Newton-Raphson method, and simplex method. The simplex method searches for an approximate solution in a wider range of the parameter space, then a combination of the continuation method and the Newton-Raphson method finds a more accurate solution. In this paper, this combination method is applied to find the maximum likelihood estimates in a Weibull-power-law type regression model.

We designed an FPGA-based parallel machine called "RASH"(Reconfigurable Architecture based on Scalable Hardware) for high speed and flexible signal/data processing. Cryptanalysis is one of the killer applications for FPGA-based machines because huge amounts of logical and/or simple arithmetic operations are required and FPGA is suitable for this. One of the well-known activities in cryptanalysis is the DES (Data Encryption Standard) cracking contest conducted by RSA Data Security. TMTO (Time-Memory Trade-Off) Cryptanalysis is a practical method to dramatically shorten the time for key search when plaintext is given in advance. A string of ASCII characters is used as the key much like a password. The ASCII character is 7-bit character and is changed to 96 kinds of value. The 56-bit DES key is given with a string of 8 ASCII characters. Although the DES key has 64 trillion(=256) possibilities, the key that is given with a string has only 6.4 trillion(=968) possibilities. Therefore, we improve TMTO cryptanalysis so that we search only the limited key by ASCII characters and reduce the quantity of computation. In this paper, we demonstrate how TMTO cryptanalysis for limited key is well suited to our FPGA-based RASH machine. By limiting the key to a string, DES key will be found at 80% probability within 45 minutes after ciphertext is given on 10 units of RASH. The precomputation before starting key search takes 3 weeks on the same RASH configuration.