We introduce a new type of Montgomery-like square root formulae in GF(2m) defined by an arbitrary irreducible trinomial, which is more efficient compared with classic square root operation. By choosing proper Montgomery factors for different kind of trinomials, the space and time complexities of such square root computations match or outperform the best results. A practical application of the Montgomery-like square root in inversion computation is also presented.

Congestion control is a hot topic in named data networking (NDN). Congestion control methods for NDN are classified into two approaches: the rate-based approach and the window-based approach. In the window-based approach, the optimum window size cannot be determined due to the largely changing round-trip time. Therefore, the rate-based approach is considered to be suitable for NDN and has been studied actively. However, there is still room for improvement in the window-based approach because hop-by-hop control in this approach has not been explored. In this paper, we propose a hop-by-hop widow-based congestion control method for NDN (HWCC). The proposed method introduces a window-size control for per-hop Interest transmission using hop-by-hop acknowledgment. In addition, we extend HWCC so that it can support multipath forwarding (M-HWCC) in order to increase the network resources utilization. The simulation results show that both of HWCC and M-HWCC achieve high throughput performance, as well as the max-min fairness, while effectively avoiding congestion.

In GNSS (Global Navigation Satellite System) Distributed Simulation Environment (GDSE), the simulation task could be designed with the sharing models on the Internet. However, too much information and relation of model need to be managed in GDSE. Especially if there is a large quantity of sharing models, the model retrieval would be an extremely complex project. For meeting management demand of GDSE and improving the model retrieval efficiency, the characteristics of service simulation model are analysed firstly. A semantic management method of simulation model is proposed, and a model management architecture is designed. Compared with traditional retrieval way, it takes less retrieval time and has a higher accuracy result. The simulation results show that retrieval in the semantic management module has a good ability on understanding user needs, and helps user obtain appropriate model rapidly. It improves the efficiency of simulation tasks design.

Handwriting difficulties (HWDs) in children have adverse effects on their confidence and academic progress. Detecting HWDs is the first crucial step toward clinical or teaching intervention for children with HWDs. To date, how to automatically detect HWDs is still a challenge, although digitizing tablets have provided an opportunity to automatically collect handwriting process information. Especially, to our best knowledge, there is no exploration into the potential of combining machine learning algorithms and the handwriting process information to automatically detect Chinese HWDs in children. To bridge the gap, we first conducted an experiment to collect sample data and then compared the performance of five commonly used classification algorithms (Decision tree, Support Vector Machine (SVM), Artificial Neural Network, Naïve Bayesian and k-Nearest Neighbor) in detecting HWDs. The results showed that: (1) only a small proportion (13%) of children had Chinese HWDs and each classification model on the imbalanced dataset (39 children at risk of HWDs versus 261 typical children) produced the results that were better than random guesses, indicating the possibility of using classification algorithms to detect Chinese HWDs; (2) the SVM model had the best performance in detecting Chinese HWDs among the five classification models; and (3) the performance of the SVM model, especially its sensitivity, could be significantly improved by employing the Synthetic Minority Oversampling Technique to handle the class-imbalanced data. This study gains new insights into which handwriting features are predictive of Chinese HWDs in children and proposes a method that can help the clinical and educational professionals to automatically detect children at risk of Chinese HWDs.

In order to improve an imaging performance of a sparse array radar system we propose an optimization method to find a new antenna array layout. The method searches for a minimum of the cost function based on a 3D point spread function of the array. We found a solution for the simulated problem in a form of the new layout for the antenna array with more sparse middle-point distribution comparing with initial one.

Pose estimation is a basic requirement for the autonomous behavior of robots. In this article we present a robust and fast visual odometry method to obtain camera poses by using RGB-D images. We first propose a motion estimation method based on sparse geometric constraint and derive the analytic Jacobian of the geometric cost function to improve the convergence performance, then we use our motion estimation method to replace the tracking thread in ORB-SLAM for improving its runtime performance. Experimental results show that our method is twice faster than ORB-SLAM while keeping the similar accuracy.

It has been said that security of symmetric key schemes is not so much affected by quantum computers, compared to public key schemes. However, recent works revealed that, in some specific situations, symmetric key schemes are also broken in polynomial time by adversaries with quantum computers. These works contain a quantum distinguishing attack on 3-round Feistel ciphers and a quantum key recovery attack on the Even-Mansour cipher by Kuwakado and Morii, in addition to the quantum forgery attack on CBC-MAC which is proposed independently by Kaplan et al., and by Santoli and Schaffner. Iterated Even-Mansour cipher is a simple but important block cipher, which can be regarded as an idealization of AES. Whether there exists an efficient quantum algorithm that can break iterated Even-Mansour cipher with independent subkeys is an important problem from the viewpoint of analyzing post-quantum security of block ciphers. Actually there is an efficient quantum attack on iterated Even-Mansour cipher by Kaplan et al., but their attack can only be applied in the case that all subkeys are the same. This paper shows that there is a polynomial time quantum algorithm that recovers partial keys of the iterated Even-Mansour cipher with independent subkeys, in a related-key setting. The related-key condition is somewhat strong, but our algorithm can recover subkeys with two related oracles. In addition, we also show that our algorithm can recover all keys of the i-round iterated Even-Mansour cipher, if we are allowed to access i related quantum oracles. To realize quantum related-key attacks, we extend Simon's quantum algorithm so that we can recover the hidden period of a function that is periodic only up to constant. Our technique is to take differential of the target function to make a double periodic function, and then apply Simon's algorithm.

Topological inference is the foundation of network performance analysis and optimization. Due to the difficulty of obtaining prior topology information of wireless sensor networks, we propose routing topology inference, RTI, which reconstructs the routing topology from source nodes to sink based on marking packets and probing locally. RTI is not limited to any specific routing protocol and can adapt to a dynamic and lossy networks. We select topological distance and reconstruction time to evaluate the correctness and effectiveness of RTI and then compare it with PathZip and iPath. Simulation results indicate that RTI maintains adequate reconstruction performance in dynamic and packet loss environments and provides a global routing topology view for wireless sensor networks at a lower reconstruction cost.

This paper presents the method of moments based on electric field integral equation which is capable of solving three-dimensional metallic waveguide problem with no use of another method. Metals are treated as perfectly electric conductor. The integral equation is derived in detail. In order to validate the proposed method, the numerical results are compared with those in a published paper. Three types of waveguide are considered: step discontinuity waveguide, symmetrical resonant iris waveguide, and unsymmetrical resonant iris waveguide. The numerical results are also verified by the law of conservation of energy.

A 19.1-to-20.4 GHz sigma-delta fractional-N frequency synthesizer with two-point modulation (TPM) for frequency modulated continuous wave (FMCW) radar applications is presented. The FMCW synthesizer proposes a digital and voltage controlled oscillator (D/VCO) with large continuous frequency tuning range and small digital controlled oscillator (DCO) gain variation to support TPM. By using TPM technique, it avoids the correlation between loop bandwidth and chirp slope, which is beneficial to fast chirp, phase noise and linearity. The start frequency, bandwidth and slope of the FMCW signal are all reconfigurable independently. The FMCW synthesizer achieves a measured phase noise of -93.32 dBc/Hz at 1MHz offset from a 19.25 GHz carrier and less than 10 µs locking time. The root-mean-square (RMS) frequency error is only 112 kHz with 94 kHz/µs chirp slope, and 761 kHz with a fast slope of 9.725 MHz/µs respectively. Implemented in 65 nm CMOS process, the synthesizer consumes 74.3 mW with output buffer.

Bilinear-type conversion is to translate a cryptographic scheme designed over symmetric bilinear groups into one that works over asymmetric bilinear groups with small overhead regarding the size of objects concerned in the target scheme. In this paper, we address scalability for converting complex cryptographic schemes. Our contribution is threefold. Investigating complexity of bilinear-type conversion. We show that there exists no polynomial-time algorithm for worst-case inputs under standard complexity assumption. It means that bilinear-type conversion in general is an inherently difficult problem. Presenting a new scalable conversion method. Nevertheless, we show that large-scale conversion is indeed possible in practice when the target schemes are built from smaller building blocks with some structure. We present a novel conversion method, called IPConv, that uses 0-1 Integer Programming instantiated with a widely available IP solver. It instantly converts schemes containing more than a thousand of variables and hundreds of pairings. Application to computer-aided design. Our conversion method is also useful in modular design of middle to large scale cryptographic applications; first construct over simpler symmetric bilinear groups and run over efficient asymmetric groups. Thus one can avoid complication of manually allocating variables over asymmetric bilinear groups. We demonstrate its usefulness by somewhat counter-intuitive examples where converted DLIN-based Groth-Sahai proofs are more compact than manually built SXDH-based proofs. Though the early purpose of bilinear-type conversion is to save existing schemes from attacks against symmetric bilinear groups, our new scalable conversion method will find more applications beyond the original goal. Indeed, the above computer-aided design can be seen as a step toward automated modular design of cryptographic schemes.

Financial Technology (FinTech) is considered a taxonomy that describes a wide range of ICT (information and communications technology) associated with financial transactions and related operations. Improvement of service quality is the main issue addressed in this taxonomy, and there are a large number of emerging technologies including blockchain-based cryptocurrencies and smart contracts. Due to its innovative nature in accounting, blockchain can also be used in lots of other FinTech contexts where token models play an important role for financial engineering. This paper revisits some of the key concepts accumulated behind this trend, and shows a generalized understanding of the technology using an adapted stochastic process. With a focus on financial instruments using blockchain, research directions toward stable applications are identified with the help of a newly proposed stabilizer: interpretation function of token valuation. The idea of adapted stochastic process is essential for the stabilizer, too.

We propose new key recovery attacks on the two-round single-key n-bit Even-Mansour ciphers (2SEM) that are secure up to 22n/3 queries against distinguishing attacks proved by Chen et al. Our attacks are based on the meet-in-the-middle technique which can significantly reduce the data complexity. In particular, we introduce novel matching techniques which enable us to compute one of the two permutations without knowing a part of the key information. Moreover, we present two improvements of the proposed attack: one significantly reduces the data complexity and the other reduces the time complexity. Compared with the previously known attacks, our attack first breaks the birthday barrier on the data complexity although it requires chosen plaintexts. When the block size is 64 bits, our attack reduces the required data from 245 known plaintexts to 226 chosen plaintexts with keeping the time complexity required by the previous attacks. Furthermore, by increasing the time complexity up to 262, the required data is further reduced to 28, and DT=270, where DT is the product of data and time complexities. We show that our data-optimized attack requires DT=2n+6 in general cases. Since the proved lower bound on DT for the single-key one-round n-bit Even-Mansour ciphers is 2n, our results imply that adding one round to one-round constructions does not sufficiently improve the security against key recovery attacks. Finally, we propose a time-optimized attacks on 2SEM in which, we aim to minimize the number of the invocations of internal permutations.

In cloud computing environments, data processing systems with strong and stochastic stream data processing capabilities are highly desired by multi-service oriented computing-intensive applications. The independeny of different business data streams makes these services very suitable for parallel processing with the aid of multicore processors. Furthermore, for the random crossing of data streams between different services, data synchronization is required. Aiming at the stochastic cross service stream, we propose a hardware synchronization mechanism based on index tables. By using a specifically designed hardware synchronization circuit, we can record the business index number (BIN) of the input and output data flow of the processing unit. By doing so, we can not only obtain the flow control of the job package accessing the processing units, but also guarantee that the work of the processing units is single and continuous. This approach overcomes the high complexity and low reliability of the programming in the software synchronization. As demonstrated by numerical experiment results, the proposed scheme can ensure the validity of the cross service stream, and its processing speed is better than that of the lock-based synchronization scheme. This scheme is applied to a cryptographic server and accelerates the processing speed of the cryptographic service.

An ASIC crypto processor optimized for the 254-bit prime-field optimal-ate pairing over Barreto-Naehrig (BN) curve is proposed. The data path of the proposed crypto processor is designed to compute five Fp2 operations, a multiplication, three addition/subtractions, and an inversion, simultaneously. We further propose a design methodology to automate the instruction scheduling by using a combinatorial optimization solver, with which the total cycle count is reduced to 1/2 compared with ever reported. The proposed crypto processor is designed and fabricated by using a 65nm silicon-on-thin-box (SOTB) CMOS process. The chip measurement result shows that the fabricated chip successfully computes a pairing in 0.185ms when a typical operating voltage of 1.20V is applied, which corresponds to 2.8× speed up compared to the current state-of-the-art pairing implementation on ASIC platform.

Fail-Stop Signature (FSS) scheme is a signature scheme which satisfies unforgeability even against a forger with super-polynomial computational power (i.e. even against a forger who can compute acceptable signatures) and non-repudiability against a malicious signer with probabilistic polynomial time computational power (i.e. a PPT malicious signer). In this paper, under some settings, the equivalence relation has been derived between a set of security properties when single FSS scheme is used singly and a security property called Universally Composable (UC) security when plural FSS schemes are concurrently used. Here, UC security is a security property guaranteeing that even when plural schemes are concurrently used, security properties of each scheme (for single scheme usage) are preserved. The above main settings are as follows. Firstly, H-EUC (Externalized UC) security is introduced instead of “conventional” UC security, where a new helper functionality H is constructed appropriately. It is because that we can derive “conventional” UC security cannot hold for FSS schemes when malicious parties (e.g. a forger and a malicious signer) have super-polynomial computational power. In the environment where the above helper functionality H is used, all parties are PPT, but only a forger may compute acceptable signatures by obtaining some additional information from H. Secondly, the definition of unforgeability (in a set of security properties for single FSS scheme usage) is revised to match the above environment. The above equivalence relation derived under the above settings guarantees that even when plural FSS schemes are concurrently used, those security properties for single scheme usage are preserved, provided that some conditions hold. In particular, the equivalence relation in this paper has originality in terms of guaranteeing that unforgeability is preserved even against a forger who is PPT but may compute acceptable signatures. Furthermore, it has been firstly proved in this paper that H-EUC security holds for an existing instantiation of an FSS scheme by Mashatan et al. From this, it can be said that the equivalence relation shown in this paper is practical.

Dynamic linear feedback shift registers (DLFSRs) are a scheme to transfer from one LFSR to another. In cryptography each LFSR included in a DLFSR should generate maximal-length sequences, and the number of switches transferring LFSRs should be small for efficient performance. This corresponding addresses on searching such conditioned DLFSRs. An efficient probabilistic algorithm is given to find such DLFSRs with two or four switches, and it is proved to succeed with nonnegligible probability.

Unmanned aircraft systems (UASs) have been developed and studied as temporal communication systems for emergency and rescue services during disasters, such as earthquakes and serious accidents. In a typical UAS model, several unmanned aerial vehicles (UAVs) are used to provide services over a large area. The UAV is comprised of a transmitter and receiver to transmit/receive the signals to/from terrestrial stations and terminals. Therefore, the carrier frequencies of the transmitted and received signals experience Doppler shifts due to the variations in the line-of-sight velocity between the UAV and the terrestrial terminal. Thus, by observing multiple Doppler shifts from different UAVs, it is possible to detect the position of a user that possesses a communication terminal for the UAS. This study aims to present a methodology for position detection based on the least-squares method to the Doppler shift frequencies. Further, a positioning accuracy index is newly proposed, which can be used as an index for measuring the position accurately, instead of the dilution-of-precision (DOP) method, which is used for global positioning systems (GPSs). A computer simulation was conducted for two different flight route models to confirm the applicability of the proposed positioning method and the positioning accuracy index. The simulation results confirm that the parameters, such as the flight route, the initial position, and velocity of the UAVs, can be optimized by using the proposed positioning accuracy index.

In this paper, we propose a new asymptotically stabilizing control law for a four-wheeled vehicle with a steering limitation. We adopt a locally semiconcave control Lyapunov function (LS-CLF) for the system. To overcome the nonconvexity of the input-constraint set, we utilize a saturation function and a signum function in the control law. The signum function makes the vehicle velocity nonzero except at the origin so that the angular velocity can be manipulated within the input constraint. However, the signum function may cause a chattering phenomenon at certain points of the state far from the origin. Thus, we integrate a lazy-switching mechanism for the vehicle velocity into the control law. The mechanism makes a sign of the vehicle velocity maintain, and the new control input also decreases the value of the LS-CLF. We confirm the effectiveness of our method by a computer simulation and experiments.

This paper studies synchronization phenomena in a ring-coupled system of digital spiking neurons. The neuron consists of two shift registers connected by a wiring circuit and can generate various spike-trains. Applying a spike based connection, the ring-coupled system is constructed. The ring-coupled system can generate multi-phase synchronization phenomena of various periodic spike-trains. Using a simple dynamic model, existence and stability of the synchronization phenomena are analyzed. Presenting a FPGA based test circuit, typical synchronization phenomena are confirmed experimentally.