To prove the graph relations such as the connectivity and isolation for a certified graph, a system of a graph signature and proofs has been proposed. In this system, an issuer generates a signature certifying the topology of an undirected graph, and issues the signature to a prover. The prover can prove the knowledge of the signature and the graph in the zero-knowledge, i.e., the signature and the signed graph are hidden. In addition, the prover can prove relations on the certified graph such as the connectivity and isolation between two vertexes. In the previous system, using integer commitments on RSA modulus, the graph relations are proved. However, the RSA modulus needs a longer size for each element. Furthermore, the proof size and verification cost depend on the total numbers of vertexes and edges. In this paper, we propose a graph signature and proof system, where these are computed on bilinear groups without the RSA modulus. Moreover, using a bilinear map accumulator, the prover can prove the connectivity and isolation on a graph, where the proof size and verification cost become independent from the total numbers of vertexes and edges.

In Bitcoin and Ethereum, nodes require a large storage capacity to maintain all of the blockchain data such as transactions. As of September 2021, the storage size of the Bitcoin blockchain has expanded to 355 GB, and it has increased by approximately 50 GB every year over the last five years. This storage requirement is a major hurdle to becoming a block proposer or validator. We propose an architecture called Trail that allows nodes to hold all blocks in a small storage and to generate and validate blocks and transactions. A node in Trail holds all blocks without transactions, UTXOs or account balances. The block size is approximately 8 kB, which is 100 times smaller than that of Bitcoin. On the other hand, a client who issues transactions needs to hold proof of its assets. Thus, compared to traditional blockchains, clients must store additional data. We show that proper data archiving can keep the account device storage size small. Then, we propose a method of executing smart contracts in Trail using a threshold signature. Trail allows more users to be block proposers and validators and improves the decentralization and security of the blockchain.

To enhance the user's privacy in electronic ID, anonymous credential systems have been researched. In the anonymous credential system, a trusted issuing organization first issues a certificate certifying the user's attributes to a user. Then, in addition to the possession of the certificate, the user can anonymously prove only the necessary attributes. Previously, an anonymous credential system was proposed, where CNF (Conjunctive Normal Form) formulas on attributes can be proved. The advantage is that the attribute proof in the authentication has the constant size for the number of attributes that the user owns and the size of the proved formula. Thus, various expressive logical relations on attributes can be efficiently verified. However, the previous system has a limitation: The proved CNF formulas cannot include any negation. Therefore, in this paper, we propose an anonymous credential system with constant-size attribute proofs such that the user can prove CNF formulas with negations. For the proposed system, we extend the previous accumulator for the limited CNF formulas to verify CNF formulas with negations.

In this letter, we present a novel single-precision floating-point multiply-accumulator (FNA-MAC) to achieve lower hardware resource, reduced computing latency and improved computing accuracy for continuous dot product operations. By further fusing the normalization and alignment in the traditional FMA algorithm, the proposed architecture eliminates the first N-1 normalization and rounding operations for an N-point dot product, and preserves the precision of interim results in a significant bit size that is twice of that in the traditional methods. The normalization and rounding of the final result is processed at the cost of consuming an additional multiply-add operation. The simulation results show that the improvement in computational accuracy is significant. Meanwhile, when comparing to a recently published FMA design, the proposed FNA-MAC can reduce the slice look-up table/flip-flop resource and computing latency by a fact of 18%, 33.3%, respectively.

In this paper, we propose a novel gate delay time mismatch tolerant time-mode signal accumulator whose input and output are represented by a time difference of two digital signal transitions. Within the proposed accumulator, the accumulated value is stored as the time difference between the two pulses running around the same ring of a delay line, so that there is no mismatch between the periods of the two pulses, thus the output drift of the accumulator is suppressed in principle without calibrating mismatch of two rings, which is used to store the accumulated value in the conventional one. A prototype of the proposed accumulator was fabricated in 180nm CMOS. The accumulating operation is confirmed by both time and frequency domain experiments. The standard deviation of the error of the accumulating operation is 9.8ps, and compared with the previous work, the peak error over full-scale is reduced by 46% without calibrating the output drift.

This work presents a novel counter-based randomization method for use in a flying-adder frequency synthesizer with a cost-effective structure that can replace the fractional accumulator. The proposed technique involves a counter, a comparator and a modified linear feedback shift register. The power consumption and speed bottleneck of the conventional flying-adder are significantly reduced. The modified linear shift feedback register is used as a pseudo random data generator, suppressing the spurious tones arise from the periodic carry sequences that is generated by the fractional accumulator. Furthermore, the proposed counter-based randomization method greatly reduces the large memory size that is required by the conventional approach to carry randomization. A test chip for the proposed counter-based randomization method is fabricated in the TSMC 0.18,$mu $m 1P6M CMOS process, with the core area of 0.093,mm$^{mathrm{2}}$. The output frequency had a range of 43.4,MHz, extasciitilde 225.8,MHz at 1.8,V with peak-to-peak jitter (Pk-Pk) jitter 139.2,ps at 225.8,MHz. Power consumption is 2.8,mW @ 225.8,MHz with 1.8 supply voltage.

A group signature scheme allows a group member to anonymously sign a message on behalf of the group. One of the important issues is the member revocation, and lots of revocable schemes have been proposed so far. A scheme recently proposed by Libert et al. achieves that O(1) or O(log N) efficiency of communication and computation except for the revocation list size (also the revocation cost), for the total number of members N and the number of revoked members R. However, since a signature is required for each subset separated from the set of non-revoked members, the size is about 900R Bytes in the 128-bit security. In the case of R=100,000, it amounts to about 80MB. In this paper, we extend the scheme to reduce the revocation list (also the revocation cost), by accumulating T subsets, which is signed for the revocation list. The revocation list size is reduced by 1/T. Unfortunately, the public key size, membership certificate size and the cost of a witness computation needed for signing increase related to T.

In this work, a simple doped accumulator (DACC)-assisted relay system is proposed by using bit-interleaved coded modulation with iterative decoding (BICM-ID). An extrinsic information transfer (EXIT) chart analysis shows that DACC keeps the convergence tunnel of the EXIT curves open until almost the (1, 1) point of the mutual information, which avoids the error floor. In the relay system, errors may happen in the source-relay link (intra-link), however, they are allowed in our proposed technique where the correlation knowledge between the source and the relay is exploited at the destination node. Strong codes are not needed and even the systematic source bits can be simply extracted at the relay even though the systematic part may contain some errors. Hence, the complexity of the relay can be significantly reduced, and thereby the proposed system is energy-efficient. Furthermore, the error probability of the intra-link can be estimated at the receiver by utilizing the a posteriori log-likelihood ratios (LLRs) of the two decoders, and it can be further utilized in the iterative processing. Additionally, we provide the analysis of different relay location scenarios and compare the system performances by changing the relay's location. The transmission channels in this paper are assumed to suffer from additive white Gaussian noise (AWGN) and block Rayleigh fading. The theoretical background of this technique is the Slepian-Wolf/Shannon theorem for correlated source coding. The simulation results show that the bit-error-rate (BER) performances of the proposed system are very close to theoretical limits supported by the Slepian-Wolf/Shannon theorem.

The charge-redistribution low-swing differential logic (CLDL) circuits are presented in this work. It can implement a complex function in a single gate. The CLDL circuits utilizes the charge-redistribution and reduced-swing schemes to reduce the power dissipation and enhance the operation speed. In addition, a pipeline structure is formed by a series connection structure controlled by a true-single-phase clock, thereby achieving high-speed operation. The CLDL circuits perform more than 25% speedup and 31% in power-delay product compared to other differential circuits with true-single-phase clock. A pipelined multiplier-accumulator (MAC) using CLDL structure is fabricated in 0.35 µm single-poly four-metal CMOS process. The test chip is successfully verified to operate at 900-MHz.

This paper presents a well-structured modified Booth encoding (MBE) multiplier which is applied in the design of a reconfigurable multiply-accumulator (MAC) core. The multiplier adopts an improved Booth encoder and selector to achieve an extra-row-removal and uses a hybrid approach in the two's complementation circuit to reduce the area and improve the speed. The multiplier is used to form a 32-bit reconfigurable MAC core which can be flexibly configured to execute one 3232, two 1616 or four 88 signed multiply-accumulation. Experimentally, when implemented with a 130 nm CMOS single-Vt standard cell library, the multiplier achieved a 15.8% area saving and 11.7% power saving over the classical design, and the reconfigurable MAC achieved a 4.2% area and a 7.4% power saving over the MAC design published so far if implemented with a mixed-Vt standard cell library.

Configurable clock is necessary for many applications such as digital communication systems, however, using the conventional direct digital frequency synthesizer (DDS) as a pulse or clock generator may cause jitter problems. People usually employ phase-interpolation approaches to generate a pulse or clock with correct time intervals. This work proposes a new phase-interpolation DDS scheme, which uses the output of the phase accumulator to provide an initial voltage on an integration capacitor by pre-charging in the first phase, and then performs integration operation on the same integration capacitor in the second phase. By using single capacitor integration, the instability of the delay generator existed in the phase-interpolation DDS can be avoided, and the impact caused by capacitance error in the circuit implementation also can be reduced. Furthermore, without ROM tables, the proposed DDS using pre-charging integration not only reduces the spurious level of the clock output, but also has a low hardware complexity.

The accumulator was introduced as a decentralized alternative to digital signatures. While most of accumulators are based on number theoretic assumptions and require time-consuming modulo exponentiations, Nyberg's combinatoric accumulator dose not depend on any computational assumption and requires only bit operations and hash function evaluations. In this article, we present a generalization of Nyberg's combinatoric accumulator, which allows a lower false positive rate with the same output length. Our generalization also shows that the Bloom filter can be used as a cryptographic accumulator and moreover excels the Nyberg's accumulator.

This paper presents novel phase-continuous frequency hopping (FH) control for a direct frequency synthesizer (DFS) using a quadrature mixer driven by two direct digital synthesizers (DDSs). To achieve wideband FH in both of the lower and the upper sidebands of a local frequency in a quadrature mixer, the proposed DFS decreases or increases the phase of DDS output signals corresponding to frequency offset from a local frequency of the quadrature mixer. To realize phase decrement, the proposed method adds a complement number in a phase accumulator of a DDS, while a conventional DDS does not use phase decrement but uses a switchable combiner. In addition, as the phase accumulator output changes continuously by summing phase increment, the proposed method always assures phase continuity of a DFS output signal, which ends up suppressing sidelobe level of frequency hopped signals. The calculation and measurement results indicate that a sidelobe of a signal spectrum using the proposed phase continuous method is approximately 10 dB better than that using a conventional phase discontinuous method.

In this paper, a cell-driven multiplier generator is developed that can produce high-performance gate-level netlists for multiplier-related arithmetic functional units, including multipliers, multiplier and accumulators (MAC) and dot product calculator. The generator optimizes the speed/area performance both in the partial product compression and in the final addition stage for the specified process technology. In addition to the conventional CMOS full adder cells, we have also designed fast compression elements based on pass-transistor logic for further performance improvement of the generated multipliers. Simulation results show that our proposed generator could produce better multiplier-related functional units compared to those generated using Synopsys Designware library or other previously proposed approaches.

This paper presents high-speed low-power small-area accumulator designs to be used in DDFS systems. To reduce the Numerically Controlled Oscillator (NCO) design complexity and size, only the most significant bits of the accumulator drive the phase to amplitude mapping block. Those bits need to be updated on every sampling clock, while the least significant bits of the accumulator are not visible to the rest of the DDFS design and can be updated less frequently, which motivated the development of new accumulator designs. Without performance degradation, the proposed designs relieve constraints in implementation, and hence they can be employed for GHz-range DDFS, reduce power consumption up to 82% compared to standard accumulator design, and minimize chip area. For further power reduction, the proposed designs place the phase modulation adder at the front of the accumulator.

High-speed, area-efficient, and low-power Montgomery modular multipliers for RSA algorithm have been developed for digital signature and user authentication in high-speed network systems and smart card LSIs. The multiplier-accumulators (MAC) in the developed Montgomery modular multipliers have a non-identical multiplicand/multiplier word length organization. This organization can eliminate the bandwidth bottleneck associated with a data memory, and enables to use a single-port memory for area and power reductions. The developed MAC is faster than the conventional identical word length organization due to the shortened critical path. For smart card applications, an area-efficient architecture with 42 kgates can produce 1.2 digital signatures in a second for 2,048-bit key length with the power consumption of 6.8 mW.

A unified polyphase representation of analysis and synthesis filter banks is introduced in this paper, and then the efficient implementation on digital signal processors (DSP) is investigated. Especially, the number of memory accesses, power consumption, processing accuracy and the required instruction cycles are discussed. Firstly, a unified representation is given, and then two types of procedures, SIMO system-based and MISO system-based procedures, are shown, where SIMO and MISO are abbreviations for single-input/multiple-output and multiple-input/single-output, respectively. These procedures are compared to each other. It is shown that the number of data load in SIMO system-based procedure is a half of that in MISO system-based procedure for two-channel filter banks. The implementation of M-channel filter banks is also discussed.

It is important to know phase offsets of a binary code in the field of mobile communications because different phase offsets of the same code are used to distinguish signals received at a mobile station from those of different base stations. When the period of the code is not very long, the relative phase offset between the code and its shifted code can be found by counting the number of bits delayed from the code of the same bit streams. But as the period of the code increases, it becomes difficult to find the phase offset. This paper proposes a new method to calculate the phase offset of a binary code. We define an accumulator function, which is used to calculate the phase offsets between the code and its shifted code. Also the properties of the accumulator function are investigated. This number theoretical approach and its results show that this method is very easy for the phase offset calculation. Its application to the code division multiple access (CDMA) system to define a reference code is given. The simple circuit realization of the accumulator function to calculate the phase offset between the received code and receiver stored replica code is described.

Multiplication-accumulation is the basic computation required for image filtering operations. For real-time image filtering, very high throughput computation is essential. This work proposes a hardware algorithm for an application-specific VLSI architecture which realizes an area-efficient high throughput multiplier-accumulator. The proposed algorithm utilizes a priori knowledge of filter mask coefficients and optimizes number of basic hardware components (e.g., full adders, pipeline latches, etc.). This results in the minimum area VLSI architecture under certain input/output constraints.