As an increasing number of businesses and services depend on the Internet, protecting them against DDoS (Distributed Denial of Service) attacks becomes a critical issue. A traceback is used to discover technical information concerning the ingress points, paths, partial paths or sources of a packet or packets causing a problematic network event. The traceback mechanism is a useful tool to identify the attack source of the (DDoS) attack, which ultimately leads to preventing against the DDoS attack. There are numerous traceback mechanisms that have been proposed by many researchers. In this paper, we analyze the existing traceback mechanisms, describe the common security capabilities of traceback mechanisms, and evaluate them in terms of the various criteria. In addition, we identify typical application of traceback mechanisms.

Some new generalized cyclotomic sequences defined by C. Ding and T. Helleseth are proven to exhibit a number of good randomness properties. In this paper, we determine the defining pairs of these sequences of length pm (p prime, m ≥ 2) with order two, then from which we obtain their trace representation. Thus their linear complexity can be derived using Key's method.

Pairing-based cryptosystems are generally constructed using many functions such as pairing computation, arithmetic in finite fields, and arithmetic on elliptic curves. MapToPoint, which is a hashing algorithm onto an elliptic curve point, is one of the functions for constructing pairing-based cryptosystems. There are two MapToPoint algorithms on supersingular elliptic curves in characteristic three, which is used by ηT pairing. The first is computed by using a square root computation in F3m, and the computational cost of this algorithm is O(log m) multiplications in F3m. The second is computed by using an (m-1)(m-1) matrix over F3. It can be computed by O(1) multiplications in F3m. However, this algorithm needs the off-line memory to store about m F3m-elements. In this paper, we propose an efficient MapToPoint algorithm on the supersingular elliptic curves in characteristic three by using 1/3-trace over F3m. We propose 1/3-trace over F3m, which can compute solution x of x3 -x = c by using no multiplication in F3m. The proposed algorithm is computed by O(1) multiplications in F3m, and it requires less than m F3-elements to be stored in the off-line memory to efficiently compute trace over F3m. Moreover, in our software implementation of F3509, the proposed MapToPoint algorithm is approximately 35% faster than the conventional MapToPoint algorithm using the square root computation on an AMD Opteron processor (2.2 GHz).

We show a tracking attack against the newest ID-transfer scheme for low-cost RFID tags. In this attack, a wide attacker, i.e. an attacker that can access the verification result of a server, is able to forge a set of specific messages, and to track a tag. The attack is unique as it involves three sessions of the protocol. Finally, a simple feasibility analysis of the attack is given.

In a differential transmission line, a large common-mode radiation is excited due to its asymmetry. In this paper, the imbalance difference model, which was proposed by the authors for estimation of common-mode radiation, is extended to apply to the differential signaling systems. The authors focus on a differential transmission line with asymmetric property, which consists of an adjacent return plane and two signal lines which are placed close to an edge of the return plane. Three orthogonal transmission modes, a normal mode, a primary common mode and a secondary common mode, are defined. Among these transmission modes, the secondary common mode is dominant in radiation, and a mechanism of the secondary common-mode generation is explained. The radiated emission which was calculated using the imbalance difference model was in good agreement with that obtained by full wave calculation.

We propose a novel technique of matching at both ends of the guard trace to suppress resonance. This approach is derived from the viewpoint that the guard trace acts as a transmission line. We examined that matched termination suppresses guard-trace resonance through simulating a circuit and measuring radiation. We found from these results that the proposed method enables guard-trace voltages to remain low and hence avoids increases in radiation. In addition, we demonstrated that "matched termination at the far end of the guard trace" could suppress guard-trace resonance sufficiently at all frequencies. We eventually found that at least two vias at both ends of the guard trace and only one matching resistor at the far end could suppress guard-trace resonance. With respect to fewer vias, the method we propose has the advantage of reducing restrictions in the printed circuit board layout at the design stage.

As the spread of high-speed networks and the development of network technologies, P2P technologies are actively used today for information exchange in the network. While information exchange in a P2P network is quite flexible, there is an important problem--lack of reliability. Since we cannot know the details of how the data was obtained, it is hard to fully rely on it. To ensure the reliability of exchanged data, we have proposed the framework of a traceable P2P record exchange based on database technologies. In this framework, records are exchanged among autonomous peers, and each peer stores its exchange and modification histories in it. The framework supports the function of tracing queries to query the details of the obtained data. A tracing query is described in datalog and executed as a recursive query in the P2P network. In this paper, we focus on the query processing strategies for the framework. We consider two types of queries, ad hoc queries and continual queries, and present the query processing strategies for their executions.

Bugs are becoming unavoidable in complex integrated circuit design. It is imperative to identify the bugs as soon as possible through post-silicon debug. For post-silicon debug, observability is one of the biggest challenges. Scan-based debug mechanism provides high observability by reusing scan chains. However, it is not feasible to scan dump cycle-by-cycle during program execution due to the excessive time required. In fact, it is not necessary to scan out the error-free states. In this paper, we introduce Suspect Window to cover the clock cycle in which the bug is triggered. Then, we present an efficient approach to determine the suspect window. Based on Suspect Window, we propose a novel debug mechanism to locate the bug both temporally and spatially. Since scan dumps are only taken in the suspect window with the proposed mechanism, the time required for locating the bug is greatly reduced. The approaches are evaluated using ISCAS'89 and ITC'99 benchmark circuits. The experimental results show that the proposed mechanism can significantly reduce the overall debug time compared to scan-based debug mechanism while keeping high observability.

Structured light vision systems are based on the fact that the pixel location of light in an image has a unique association with the object depth. However, their applications are mainly limited to the properties of the object surface and the lighting conditions. This paper presents a robust vision system for accurate acquisition of 3-D surface data based on optimal structured light. To achieve depth measurement for a dynamic scene, the data acquisition must be performed with only a single image. Our special arrangement makes the image of the light stripe remaining sharp while the background becomes blurred. Moreover, a dynamic programming approach is proposed to track the optimal path while the laser beam is invisible or divergent under extreme condition. The principle and necessary mathematics for implementing the algorithm are presented. The robustness of the system against uncalibrated errors is demonstrated.

To realize huge-scale information services, many Distributed Hash Table (DHT) based systems have been proposed. For example, there are some proposals to manage item-level product traceability information with DHTs. In such an application, each entry of a huge number of item-level IDs need to be available on a DHT. To ensure data availability, the soft-state approach has been employed in previous works. However, this does not scale well against the number of entries on a DHT. As we expect 1010 products in the traceability case, the soft-state approach is unacceptable. In this paper, we propose Distributed-to-Distributed Data Copy (D3C). With D3C, users can reconstruct the data as they detect data loss, or even migrate to another DHT system. We show why it scales well against the number of entries on a DHT. We have confirmed our approach with a prototype. Evaluation shows our approach fits well on a DHT with a low rate of failure and a huge number of data entries.

Kiyomoto-Fukushima-Tanaka proposed a perfectly anonymous attribute authentication scheme that realizes unidentifiable and untraceable authentication with offline revocation checking. The Kiyomoto-Fukushima-Tanaka scheme uses a self-blindable certificate that a user can change randomly. Thus, the certificate is modified for each authentication and the authentication scheme has the unidentifiable property and the untraceable property. However, in this letter, we show that the Kiyomoto-Fukushima-Tanaka scheme is insecure against the impersonation attack.

Based on trace function over finite field GF(pn ), new construction of generalized Hadamard matrices with order pn is presented, where p is prime and n is even. The rows in new generalized Hadamard matrices are cyclically distinct and have large linear span, which greatly improves the security of the system employing them as spreading sequences.

Placing a guard trace next to a signal line is the conventional technique for reducing the common-mode radiation from a printed circuit board. In this paper, the suppression of common-mode radiation from printed circuit boards having guard traces is estimated and evaluated using the imbalance difference model, which was proposed by the authors. To reduce common-mode radiation further, a procedure for designing a transmission line with guard traces is proposed. Guard traces connected to a return plane through vias are placed near a signal line and they decrease a current division factor (CDF). The CDF represents the degree of imbalance of a transmission line, and a common-mode electromotive force depends on the CDF. Thus, by calculating the CDF, we can estimate the reduction in common-mode radiation. It is reduced not only by placing guard traces, but also by narrowing the signal line to compensate for the variation in characteristic impedance due to the guard traces. Experimental results showed that the maximum reduction in common-mode radiation was about 14 dB achieved by placing guard traces on both sides of the signal line, and the calculated reduction agreed with the measured one within 1 dB. According to the CDF and characteristic impedance calculations, common-mode radiation can be reduced by about 25 dB while keeping the characteristic impedance constant by changing the gap between the signal line and the guard trace and by narrowing the width of the signal line.

A guard trace placed near a signal line reduces common-mode radiation from a printed circuit board. The reduction effect is evaluated by the imbalance difference model, which was proposed by the authors, when the guard trace has exactly the same potential as the return plane. However, depending on interval of ground connection of the guard trace, the radiation can increase when the guard trace resonates. In this paper, the authors show that the increase of radiation is caused by the common mode, and extend the imbalance difference model to explain a mechanism of increase of common-mode radiation. Additionally, the effective via location of the guard trace is proposed to reduce the number of vias. The guard trace voltage due to the resonance excites the common mode at the interface where the cross-sectional structure of the transmission line changes since the common-mode excitation is expressed by the product of the voltage and the difference of current division factors. To suppress the common-mode excitation, the guard trace should be grounded at the point where the cross-sectional structure changes. As a result, the common-mode radiation decreases even when the guard trace resonates.

Privacy remains an issue for IT services. Users are concerned that their history of service use may be traceable since each user is assigned a single identifier as a means of authentication. In this paper, we propose a perfectly anonymous attribute authentication scheme that is both unidentifiable and untraceable. Then, we present the evaluation results of a prototype system using a PC and mobile phone with the scheme. The proposed scheme employs a self-blindable certificate that a user can change randomly; thus the certificate is modified for each authentication, and the authentication scheme is unidentifiable and untraceable. Furthermore, our scheme can revoke self-blindable certificates without leaks of confidential private information and check the revocation status without online access.

A new class of sextic residue sequences of period prime p=4u2+27=6f+1 ≡ 3 ( mod 8) are presented. Their trace function representations are determined. And the exact value of the linear complexity is derived from the trace function representations. The result indicates that the new sextic sequences are quite good from the linear complexity viewpoint.

This paper shows a necessary condition for type- and Gauss period normal bases in Fpm to be the same normal basis by using their traces.

In this letter, we examine the linear complexity of some 3-ary sequences, proposed by No, of period 3n-1(n=3ek, e, k integer) with the ideal autocorrelation property. The exact value of linear complexity k(6e)w is determined when the parameter r =. Furthermore, the upper bound of the linear complexity is given when the other forms of the value r is taken. Finally, a Maple program is designed to illustrate the validity of the results.

The ring signature allows a signer to leak secrets anonymously, without the risk of identity escrow. At the same time, the ring signature provides great flexibility: No group manager, no special setup, and the dynamics of group choice. The ring signature is, however, vulnerable to malicious or irresponsible signers in some applications, because of its anonymity. In this paper, we propose a traceable ring signature scheme. A traceable ring scheme is a ring signature except that it can restrict "excessive" anonymity. The traceable ring signature has a tag that consists of a list of ring members and an issue that refers to, for instance, a social affair or an election. A ring member can make any signed but anonymous opinion regarding the issue, but only once (per tag). If the member submits another signed opinion, possibly pretending to be another person who supports the first opinion, the identity of the member is immediately revealed. If the member submits the same opinion, for instance, voting "yes" regarding the same issue twice, everyone can see that these two are linked. The traceable ring signature can suit to many applications, such as an anonymous voting on a BBS. We formalize the security definitions for this primitive and show an efficient and simple construction in the random oracle model.

Distributed denial-of-service attacks on public servers have recently become more serious. The most effective way to prevent this type of traffic is to identify the attack nodes and detach (or block) attack nodes at their egress routers. However, existing traceback mechanisms are currently not widely used for several reasons, such as the necessity of replacement of many routers to support traceback capability, or difficulties in distinguishing between attacks and legitimate traffic. In this paper, we propose a new scheme that enables a traceback from a victim to the attack nodes. More specifically, we identify the egress routers that attack nodes are connecting to by estimating the traffic matrix between arbitral source-destination edge pairs. By monitoring the traffic variations obtained by the traffic matrix, we identify the edge routers that are forwarding the attack traffic, which have a sharp traffic increase to the victim. We also evaluate the effectiveness of our proposed scheme through simulation, and show that our method can identify attack sources accurately.