Before we gave a fast generalized minimum distance (GMD) decoding algorithm for one-point algebraic-geometry (AG) codes. In this paper, we propose another fast GMD decoding algorithm for these codes, where the present method includes an erasure deletion procedure while the past one uses an erasure addition procedure. Both methods find a minimal polynomial set of a given syndrome array, which is a candidate for an erasure-and-error locator polynomial set constrained with an erasure locator set of each size. Although both erasure addition and deletion GMD decoding algorithms have been established for one-dimensional algebraic codes such as RS codes, nothing but the erasure addition GMD decoding algorithm for multidimensional algebraic codes such as one-point AG codes have been given. The present erasure deletion GMD decoding algorithm is based on the Berlekamp-Massey-Sakata (BMS) algorithm from the standpoint of constrained multidimensional shift register synthesis. It is expected that both our past and present methods play a joint role in decoding for one-point AG codes up to the error correction bound.

Elliptic curves Em: By2 = x3+Ax2+x are suitable for cryptographic use because fast addition operations can be defined over Em. In elliptic curve cryptosystems, encryption/decryption involves multiplying a point P on Em by a large integer n. In this paper, we propose a fast algorithm for computing such scalar multiplication over Em. The new algorithm requires fewer operations than previously proposed algorithms. As a result, elliptic curve cryptosystems based on Em can be speeded up by using the new algorithm.

A fast method for computing a multiple mP for a point P on elliptic curves is proposed. This new method is based on optimal addition sequences and the Frobenius map. The new method can be effectively applied to elliptic curves E(Fqn), where q is a prime power of medium size (e.g., q 128). When we compute mP over curves E(Fqn) with qn of nearly 160-bits and 11 q 128, the new method requires less elliptic curve additions than previously proposed methods. In this case, the average number of elliptic curve additions ranges from 40 to 50.

This paper describes a new algorithm for configuring the array of adders used to add the partial products in a multiplier circuit. The new algorithm reduces not only the number of half adders in an adder tree, but also the number of operands passed to the block generating the final product in a multiplier. The arrays obtained with this algorithm are smaller than Wallace's ones and have fewer outputs than Dadda's arrays. We show some evaluation figures and preliminary simulation results of 4, 8 and 16-bit tree configurations.

The encoding procedure that allows one to represent integers by binary vectors (codewords) in such a way that addition is replaced with the OR operation applied to these vectors is described. The codeword of the sum is constructed using the decoding algorithm. As a result, many of the transformations can be realized using parallel processing, and the method can be considered as a competitor to existing computer arithmetic.

SiO2-added Ba ferrite (BaM:SiO2) films were prepared using BaFe12Si0.18Ox targets. BaM:SiO2 films exhibited perpendicular coercivity Hc⊥ of over 4.2 kOe and squareness ratio of 0.83, although saturation magnetization Ms decreased by about 15%. The angular dependence of coercivity Hc and remanent coercivity Hr were investigated to explain the magnetization reversal mechanism. Intergranular interactions in the films were also evaluated. The magnetization reversal mode of Ba ferrite films with and without SiO2 additives is not coherent rotation but appears to be the curling mode. The origin of the high coercivity of BaM:SiO2 films is different from that of Al-substituted Ba ferrite films. It seemed that SiO2 additives and the defects caused by them decreased Ms and prevented the expansion of reversed domains in the magnetization reversal process, similarly to some pinning effects, and caused high Hc⊥ of 4.2-5.1 kOe in BaM:SiO2 films.

Power exponentiation is an important operation in modern cryptography. This operation can be efficiently calculated using the concept of the addition chain. In this paper, two new systematic methods, a Run-length method and a Hybrid method, are proposed to generate a short addition chain. The performance of these two methods are theoretically analyzed and it is shown that the Hybrid method is more efficient and practical than known methods. The proposed methods can reduce the addition chain length by 8%, in the best case, compared to the Window method.

FIR digital filters composed of parallel multiple subfilters are proposed. A binary expression of an input signal is decomposed into multiple shorter words, which drive the subfilters having different length. The output error is evaluated by mean squared and maximum spectra. A fast algorithm is also proposed to determine optimal filter lengths and coefficients of subfilters. Many examples confirm that the proposed filters generate smaller output errors than conventional filters under the condition of specified number of multiplications and additions in filter operations. Further, multiplier and adder structures (MAS) to perform the operations of the proposed filters are also presented. The number of gates used in the proposed MAS and its critical path are estimated. The effectiveness of the proposed MAS is confirmed.

This letter gives a study of additionY=X+K mod 2w which is used in some cryptosystems as RC5. Our results enables us to express the differential and linear probability of addition as a function of addendK. To detect a good differential characteristics or linear approximation of a cryptosystem in which extended key is used as addend, we need to consider how the characteristics or approximations behave depending upon the value of the addend, which are clarified by our results.

The addition chain (A-chain) and addition-subtraction chain (AS-chain) are efficient tools to calculate power Me (or multiplication eM), where integere is fixed andM is variable. Since the optimization problem to find the shortest A (or AS)-chain is NP-hard, many algorithms to get a sub-optimal A (or AS)-chain in polynomial time are proposed. In this paper, a window method for the AS-chain and an extended window method for the A-chain and AS-chain are proposed and their performances are theoretically evaluated by applying the theory of the optimal variable-to-fixed length code, i. e. , Tunstall code, in data compression. It is shown by theory and simulation that the proposed algorithms are more efficient than other algorithms in practical cases in addition to the asymptotic case.

This study shows the results of evaluating the flux noises at low frequency when the alternating current(AC) bias direct offset integrated technique(DOIT) with additional positive feedback (APF) is used in a high-Tc dc superconducting quantum interference device (SQUID). The AC-bias DOIT can reduce low-frequency noise without increasing the level of white noise because each operating point in the two voltage-flux characteristics with AC bias can always be optimum on the magnetometer in the high-Tc dc-SQUID. APF can improve the effective flux-to-voltage transfer function so that it can reduce the equivalent flux noise due to the voltage noise of the preamplifier in the magnetometer. The use of APF combined with the AC-bias DOIT reduced the noise of the magnetometer by factors of 1.5 (33µΦ0/Hz vs. 50 µΦ0/Hz) at100 Hz, 3.5 (43 µΦ0/Hz vs. 150 µΦ0/Hz) at 10 Hz, and 5.2 (67 µΦ0/Hz vs. 351 µΦ0/Hz) at 1 Hz as compared with the noise levels that were obtained with the static-current-bias DOIT. The contribution of the factors at 1 Hz is about 2 by APF and 2.6 by AC bias. The performance of improving the flux noise in the AC -bias DOIT with APF is almost equal to that of the flux locked loop (FLL) circuits in which the flux modulation uses a coupling system with a transformer and with the AC bias.

The construction of fault-tolerant processor arrays with interconnections of cube-connected cycles (CCCs) by using an advanced spare-connection scheme for k-out-of-n redundancies called "generalized additional bypass linking" is described. The connection scheme uses bypass links with wired OR connections to spare processing elements (PEs) without external switches, and can reconfigure complete arrays by tolerating faulty portions in these PEs and links. The spare connections are designed as a node-coloring problem of a CCC graph with a minimum distance of 3: the chromatic numbers corresponding to the number of spare PE connections were evaluated theoretically. The proposed scheme can be used for constructing various k-out-of-n configurations capable of quick broadcasting by using spare circuits, and is superior to conventional schemes in terms of extra PE connections and reconfiguration control. In particular, it allows construction of optimal r-fault-tolerant configurations that provide r spare PEs and r extra connections per PE for CCCs with 4x PEs (x: integer) in each cycle.

To speed up discrete-log based cryptographic schemes, we propose new methods of computing exponentiations {gx1, gx2, , gxs} simultaneously in combination with precomputation. Two proposed methods, VAS-B and VSS-B, are based on an extension of vector addition chains and an extension of vector addition-subtraction chains, respectively. Analysis of these methods clarifies upper bounds for the number of multiplications required. The VAS-B requires less multiplications than previously proposed methods with the same amount of storage. The VSS-B requires less multiplications than previously proposed methods with less amount of storage. The VSS-B can suitably be applied to schemes over elliptic curves.

We present a 64-b adder having a 2.6-ns delay time at 3.3 V power supply within 0.27 mm2 using 0.5-µm CMOS technology. We derived our adder design from architectural level considerations. The considerations include not only the gate intrinsic delay but also the wiring delay and the gate capacitance delay. As a result, a 64-b adder, (56-b Carry Look-ahead Adder(CLA) +8-b Carry Select Adder (CSA)), was designed. In this design, a new carry select scheme called Modified Carry Select (MCS) is also proposed.

This study shows that using the direct offset integration technique (DOIT) and additional positive feedback (APF) in a high-Tc dc superconducting quantum interference device (SQUID) improves the effective flux-to-voltage transfer function and reduces the flux noise of a magnetometer, thus improving the magnetic field noise. The effective flux-to-voltage transfer function and the flux noise with APF were measured at different values of the positive feedback parameter βa, which depends on the resistance of the APF circuit. These quantities were also compared between conditions with and without APF. This investigation showed that a βa condition the most suitable for minimizing the flux noise of a magnetometer with APF exists and that it is βa=0.77. The effective flux-to-voltage transfer function with APF is about three times what it is without APF (93 µV/Φ0 vs. 32 µV/Φ0). The magnetic field noise of a magnetometer with APF is improved by a factor of about 3 (242 fT/Hz vs. 738 fT/Hz).

In digital control, it is essential to make the delay time for a large number of multiply-additions small because of sensor feedback. To meet the requirement, an architecture of the reconfigurable parallel processor using field-programmable gate arrays (FPGAs) is proposed. Although the performance is drastically increased in the full custom VLSI implementation, even the reconfigurable parallel processor using FPGAs becomes useful for many practical digital control applications. The performance evaluation shows that the delay time for the resolved acceleration cotrol computation of a twelve-degrees-of-freedom (DOF) redundant manipulator becomes about 70 µs which is about seventeen times faster than that of a parallel processor approach using conventional digital signal processors (DSPs).

Server aided secret computation (SASC) protocol also called the verifiable implicit asking protocol, is a protocol such that a powerful untrusted auxiliary device (server) can help a smart card (client) for computing a secret function efficiently. In this paper, we extend the concept of addition sequence to the secure addition sequence and develop an efficient algorithm to construct such sequence. By incorporating the secure addition sequence into the SASC protocol the performance of SASC protocol can be further enhanced.

This paper presents a VLSI-oriented arithmetic design method using a radix-2 redundant number representation with digit set {0, 1, 2} and multiple-valued current-mode (MVCM) circuit technology. We propose a carry-propagation-free (CPF) parallel addition method with redundant digit set {0, 1, 2} which is suitable for the design with MVCM circuits. Several types of CPF parallel adders are compared and the proposed CPF parallel adder with MVCM circuits offers the best total performance with respect to speed, complexity, and power dissipation. The designed basic arithmetic circuits has sufficient noise immunity to the supply voltage fluctuation which is important for stable operations of the VLSI circuits. The CPF parallel adder is effectively used as the reduction scheme of partial products in a high-speed compact multiplier. For example, the designed 3232 bit multiplier reduces the number of active elements to two-third and the number of interconnections to one-fifth of the corresponding binary Wallace tree multiplier, where the speed is almost the same. The structure is simple and regular. The static power dissipation of the designed 32-bit multiplier is estimated to be the mean value of 212 mW and the worst case of 708 mW. The total power including dynamic power dissipation would not be so large compared with that of the 32-bit binary CMOS multiplier reported under 10 MHz operation.

The basic operation in elliptic cryptosystems is the computation of a multiple dP of a point P on the elliptic curve modulo n. We propose a fast and systematic method of reducing the number of operations over elliptic curves. The proposed method is based on pre-computation to generate an adequate addition-subtraction chain for multiplier the d. By increasing the average length of zero runs in a signed binary representation of d, we can speed up the window method. Formulating the time complexity of the proposed method makes clear that the proposed method is faster than other methods. For example, for d with length 512 bits, the proposed method requires 602.6 multiplications on average. Finally, we point out that each addition/subtraction over the elliptic curve using homogeneous coordinates can be done in 3 multiplications if parallel processing is allowed.

A vertex-capacitated network is a graph whose edges and vertices have infinite positive capacities and finite positive capacities, respectively. Such a network is a model of a communication system in which capacities of links are much larger than those of stations. This paper considers a problem of realizing a flow-saturation in an undirected vertex-capacitated network by adding the least number of edges. By defining a set of influenced vertex pairs by adding edges, we show the follwing results.(1) It suffices to add the least number of edges to unsaturated vertex pairs for realizing flow-saturation.(2) An associated graph of a flow-unsaturated network defined in this paper gives us a sufficient condition that flow-saturation is realized by adding a single edge.