We propose a security model, referred as g-eCK model, for group key exchange that captures essentially all non-trivial leakage of static and ephemeral secret keys of participants, i.e., group key exchange version of extended Canetti-Krawczyk (eCK) model. Moreover, we propose the first one-round tripartite key exchange (3KE) protocol secure in the g-eCK model under the gap Bilinear Diffie-Hellman (gap BDH) assumption and in the random oracle model.

Digital Rights Management (DRM) ensures that the usage of digital media adheres to the intentions of the copyright holder and prevents the unauthorized modification or distribution of media. Due to the widespread adoption of digital content use, DRM has received a fair amount of attention and has seen implementation in many commercial models. Although many DRM schemes have been introduced in the literature, they still suffer from some security issues and may not guarantee the quality of performance. In this paper, we propose a trust-distributed DRM model to provide improvements for realistic DRM environments to bring more functionality to users. We use the features of the smart cards to provide an option of anonymity for the consumer while continuing to protect the rights of the copyright holder and the financial interests of the media industry. We also classify the security criteria of DRM systems and show that our proposed smart card based DRM scheme satisfies all of these criteria.

We introduce an efficient fully simulatable construction of oblivious transfer based on the McEliece assumptions in the common reference string model. This is the first efficient fully simulatable oblivious protocol based on coding assumptions. Moreover, being based on the McEliece assumptions, the proposed protocol is a good candidate for the post-quantum scenario.

The minimized assumption generation has been recognized as an important improvement of the assume-guarantee verification method in order to generate minimal assumptions. The generated minimal assumptions can be used to recheck the whole component-based software at a lower computational cost. The method is not only fitted to component-based software but also has a potential to solve the state space explosion problem in model checking. However, the computational cost for generating the minimal assumption is very high so the method is difficult to be applied in practice. This paper presents an optimization as a continuous work of the minimized assumption generation method in order to reduce the complexity of the method. The key idea of this method is to find a smaller assumption in a sub-tree of the search tree containing the candidate assumptions using the depth-limited search strategy. With this approach, the improved method can generate assumptions with a lower computational cost and consumption memory than the minimized method. The generated assumptions are also effective for rechecking the systems at much lower computational cost in the context of software evolution. An implemented tool supporting the improved method and experimental results are also presented and discussed.

Unlike analogue voice signal-oriented and narrowband-based conventional tactical systems, the future tactical networks will deal with packet-based voice traffic over a wide channel bandwidth. In this paper, a method is proposed to improve the performance of voice packet transmission for MIL-STD-188-220 military standard-based wideband communication systems. By utilizing Bump-Slots for voice packet transmissions, significant improvements are achieved. This is confirmed by extensive simulations.

When computing resources are consolidated in a few huge data centers, a massive amount of data is transferred to each data center over a wide area network (WAN). This results in increased power consumption in the WAN. A distributed computing network (DCN), such as a content delivery network, can reduce the traffic from/to the data center, thereby decreasing the power consumed in the WAN. In this paper, we focus on the energy-saving aspect of the DCN and evaluate its effectiveness, especially considering traffic locality, i.e., the amount of traffic related to the geographical vicinity. We first formulate the problem of optimizing the DCN power consumption and describe the DCN in detail. Then, numerical evaluations show that, when there is strong traffic locality and the router has ideal energy proportionality, the system's power consumption is reduced to about 50% of the power consumed in the case where a DCN is not used; moreover, this advantage becomes even larger (up to about 30%) when the data center is located farthest from the center of the network topology.

We propose a generic conversion from a key encapsulation mechanism (KEM) to an identification (ID) scheme. The conversion derives the security for ID schemes against concurrent man-in-the-middle (cMiM) attacks from the security for KEMs against adaptive chosen ciphertext attacks on one-wayness (one-way-CCA2). Then, regarding the derivation as a design principle of ID schemes, we develop a series of concrete one-way-CCA2 secure KEMs. We start with El Gamal KEM and prove it secure against non-adaptive chosen ciphertext attacks on one-wayness (one-way-CCA1) in the standard model. Then, we apply a tag framework with the algebraic trick of Boneh and Boyen to make it one-way-CCA2 secure based on the Gap-CDH assumption. Next, we apply the CHK transformation or a target collision resistant hash function to exit the tag framework. And finally, as it is better to rely on the CDH assumption rather than the Gap-CDH assumption, we apply the Twin DH technique of Cash, Kiltz and Shoup. The application is not “black box” and we do it by making the Twin DH technique compatible with the algebraic trick. The ID schemes obtained from our KEMs show the highest performance in both computational amount and message length compared with previously known ID schemes secure against concurrent man-in-the-middle attacks.

In this paper, a dual-band bandpass filter (BPF) of multilayer suspended stripline (SSL) structure and an SSL diplexer composed of a low-pass filter (LPF) and a high-pass filter (HPF) are proposed. Bandstop structure creating transmission zeros is adopted in the BPF and diplexer, enhancing the signal selectivity of the former and increasing the isolation between the diverting ports of the latter. The dual-band BPF possesses two distinct bandpass structures and a bandstop circuit, all laid on different metallic layers. The metallic layers together with the supporting substrates are vertically stacked up to save the circuit dimension. The LPF and HPF used in the diplexer structure are designed by a quasi-lumped approach, which the LC lumped-elements circuit models are developed to analyze filters' characteristics and to emulate their frequency responses. Half-wavelength resonating slots are employed in the diplexer's structure to increase the isolation between its two signal diverting ports. Experiments are conducted to verify the multilayer dual-band BPF and the diplexer design. Agreements are observed between the simulation and the measurement.

Ternary content addressable memory (TCAM) is becoming very popular for designing high-throughput forwarding engines on routers. However, TCAM has potential problems in terms of hardware and power costs, which limits its ability to deploy large amounts of capacity in IP routers. In this paper, we propose new hardware architecture for fast forwarding engines, called fast prefix search RAM-based hardware (FPS-RAM). We designed FPS-RAM hardware with the intent of maintaining the same search performance and physical user interface as TCAM because our objective is to replace the TCAM in the market. Our RAM-based hardware architecture is completely different from that of TCAM and has dramatically reduced the costs and power consumption to 62% and 52%, respectively. We implemented FPS-RAM on an FPGA to examine its lookup operation.

A low cost, ultra small Radio Frequency (RF) transceiver module with integrated antenna is one of the key technologies for short range millimeter-wave wireless communication. This paper describes a 60 GHz-band transmitter module with integrated dipole antenna. The module consists of three pieces of low-cost organic resin substrate. These substrates are vertically stacked by employing Cu ball bonding 3-dimensional (3-D) system-in-package (SiP) technology and the MMIC's are mounted on each organic substrates by using Au-stud bump bonding (SBB) technique. The planer dipole antenna is fabricated on the top of the stacked organic substrate to avoid the influence of the grounding metal on the base substrate. At 63 GHz, maximum actual gain of 6.0 dBi is obtained for fabricated planar dipole antenna. The measured radiation patterns are agreed with the electro-magnetic (EM) simulated result, therefore the other RF portion of the 3-D front-end module, such as flip chip mounted IC's on the top surface of the module, does not affect the antenna characteristics. The results show the feasibility of millimeter-wave low cost, ultra small antenna integrated module using stacked organic substrates.

The proposed scheduling scheme minimizes the mean power consumption of real-time tasks with probabilistic computation amounts while meeting their deadlines. Our study formally solves the minimization problem under finitely discrete clock frequencies with irregular power consumptions, whereas state-of-the-arts studies did under infinitely continuous clock frequencies with regular power consumptions.

We herein investigate the operation stability of the single-electron-pump (SEP) refrigerator with respect to thermal and dimensional fluctuations. The SEP refrigerator was found to successfully demonstrate single-electron extraction and injection at temperatures up to 2 K. Although the dimensional fluctuation in junction capacitance will seriously affect operation, the effect of the gate capacitance fluctuation is unlikely to be severe.

To manage limited energy resources efficiently, IEEE 802.16e specifies sleep mode operation. Since there can be no communication between the mobile station (MS) and the serving base station (BS) during the unavailability interval, the MS can power down its physical operation components. We propose an improved power saving mechanism (iPSM) which effectively increases the unavailability interval of Type I and Type II power saving classes (PSCs) activated in an MS. After investigating the number of frames in the unavailability interval of each Type II PSC when used with Type I PSC, the iPSM chooses the Type II PSC that yields the maximum number of frames in the unavailability interval. Performance evaluation confirms that the proposed scheme is very effective.

In IEEE 802.16e, power saving is one of the important issues for battery-powered mobile stations (MSs). We present a performance analysis of power saving class (PSC) of type I in IEEE 802.16e standard for voice over Internet protocol (VoIP) service with silence suppression in two-way communication. On-off pattern of a voice user in two-way communication is characterized by the modified Brady model, which includes short silence gaps less than 200 ms and talkspurt periods shorter than 15 ms, and so differs from the Brady model. Our analysis of PSC I follows the standard-based procedure for the deactivation of the sleep mode, where a uplink packet arrival during a mutual silence period wakes up the MS immediately while a downlink packet arrival waits to be served until the next listening window. We derive the delay distribution of the first downlink packet arriving during a mutual silence period, and find the dropping probability of downlink packets since a voice packet drops if it is not transmitted within maximum delay constraint. In addition, we calculate the average power consumption under the modified Brady model. Analysis and simulation results show that the sleep mode operation for the MS with VoIP service yields 3239% reduction in the power consumption of the MS. Finally we obtain the optimal initial/final-sleep windows that yield the minimum average power consumption while satisfying QoS constraints on the packet dropping probability and the maximum delay.

An FPGA plays an essential role in industrial products due to its fast, stable and flexible features. But the power consumption of FPGAs used in portable devices is one of critical issues. Top-down hierarchical design method is commonly used in both ASIC and FPGA design. But, in the case where plural modules are integrated in an FPGA and some of them might be in sleep-mode, current FPGA architecture cannot be fully effective. In this paper, coarse-grained power gating FPGA architecture is proposed where a whole area of an FPGA is partitioned into several regions and power supply is controlled for each region, so that modules in sleep mode can be effectively power-off. We also propose a region oriented FPGA placement algorithm fitted to this user's hierarchical design based on VPR [1]. Simulation results show that this proposed method could reduce power consumption of FPGA by 38% on average by setting unused modules or regions in sleep mode.

In this paper, the charge pump efficiency is discussed, and a dual charge pump circuit with complementary architecture using charge sharing clock scheme is presented. The proposed charge sharing clock generator is able to recover the charge from parasitic-capacitor charging and discharging, so that the dynamic power loss in the pumping process is reduced by a half. To preserve the overlapping period of the four-phase clock used for threshold cancellation technique, two complementary sets of clocks are generated from the proposed clock generator, and each set feeds a certain branch of the dual charge pump to achieve the between-branch charge sharing. A test chip is fabricated in 0.18 µm process, and the area penalty of the proposed charge sharing clock generator is 1%. From the measurement results, the proposed charge pump shows an overall power efficiency increase with a peak value of 63.7% comparing to 52.3% of a conventional single charge pump without charge sharing, and the proposed clock scheme shows no degradation on the driving capability while the output ripple voltage is reduced by 43%.

A planar high-pass filter (HPF) by using cross-couplings in multi-layer structure is proposed in this paper. The HPF consists of parallel plate and gap type capacitors and inductor lines on the bottom conductor. The one block of the HPF has a ladder T-section in the bridge T configuration. The one block HPF is, thus, coarsely designed in the manner of the proto-type HPF and the performance is optimized by circuit simulator. With the gap capacitor adjusted the proposed HPF illustrates the steep slope characteristics near the cut-off frequency by the attenuation pole. In order to improve the stopband performance, the cascaded two block HPF is examined. Its measured results show the good agreement with the simulated ones giving the second attenuation pole by an inductive cross-coupling.

This paper presents a new non-interactive multi-trapdoor commitment scheme from the standard RSA assumption. Multi-trapdoor commitment is a stronger variant of trapdoor commitment. Its notion was introduced by Gennaro at CRYPTO 2004. Multi-trapdoor commitment schemes are very useful because we can convert a non-interactive multi-trapdoor commitment scheme into a non-interactive and reusable non-malleable commitment scheme by using one-time signature and transform any proof of knowledge into a concurrently non-malleable one (this can be used as concurrently secure identification). Gennaro gave concrete constructions of multi-trapdoor commitment, but its security relies on stronger assumptions, such as the strong RSA assumption and the q-strong Diffie-Hellman assumption as opposed to our construction based on the standard RSA assumption. As a corollary of our results, we constructed a non-interactive and reusable non-malleable commitment scheme from the standard RSA assumption. Our scheme is based on the Hohenberger-Waters (weak) signature scheme presented at CRYPTO 2009. Several non-interactive and reusable non-malleable commitment schemes (in the common reference string model) have been proposed, but they all rely on stronger assumptions (such as the strong RSA assumption). Thus, we give the first construction of a non-interactive and reusable non-malleable commitment scheme from the standard RSA assumption.

In wireless sensor networks constructed from battery driven nodes, it is difficult to supply electric power to the nodes. Because of this, the power consumption must be reduced. To cope with this problem, clustering techniques have been proposed. EACLE is a method that uses a clustering technique. In EACLE, route selection is executed independently after the CH (Cluster Head) selection. This two-phase control approach increases overheads and reduces the battery power, which shortens the lifetime of wireless sensor networks. To cope with this problem, we have proposed a novel routing and clustering method called PARC for wireless sensor networks that reduces these overheads by integrating the cluster selection phase and the route construction phase into a single phase. However, PARC has a weak point in that the batteries of CHs around the sink node are depleted earlier than the other nodes and the sink node cannot collect sensing data. This phenomenon is called the hot spot problem. In order to cope with this problem of PARC, we propose PARC+, which extends the CH selection method of PARC such as more nodes around the sink can be selected as a CH node. We evaluate our proposed methods by simulation experiments and show its effectiveness.

Memory accesses are a major cause of energy consumption for embedded systems. This paper presents the implementation of a fully software technique which places stack and static data into a scratch-pad memory (SPM) in order to reduce the energy consumed by the processor while accessing them. Since an SPM is usually too small to include all these data, some of them must be left into the external main memory (MM). Therefore, further energy reduction is achieved by moving some stack data between both memories at run time. The technique employs integer linear programming in order to find at compile time the optimal placement of static data and management of the stack and implements it by inserting stack operations inside the code. Experimental results show that with an SPM of only 1 KB, our technique is able to exploit it for reducing the energy consumption related to the static and stack data accesses by more than 90% for several applications and on an average by 57% compared to the case where these data are fully placed into the main memory.