As Internet-connected service is emerged, there has been a need for use cases where a lightweight cryptographic primitive meets both of a constrained hardware implementation requirement and a constrained embedded software requirement. One of the examples of these use cases is the PKES (Passive Keyless Entry and Start) system in an automotive domain. From the perspective on these use cases, one interesting direction is to investigate how small the memory (RAM/ROM) requirement of ARM-implementations of hardware-oriented stream ciphers can be. In this paper, we propose implementation techniques for memory-optimized implementations of lightweight hardware-oriented stream ciphers including Grain-128a specified in ISO/IEC 29167-13 for RFID protocols. Our techniques include data-dependency analysis to take a close look at how and in which timing certain variables are updated and also the way taking into account the structure of registers on the target micro-controller. In order to minimize RAM size, we reduce the number of general purpose registers for computation of Grain-128a's update and pre-output values. We present results of our memory-optimized implementations of Grain-128a, one of which requires 84 RAM bytes on ARM Cortex-M3.

To develop countermeasures against fault attacks, it is important to model an attacker's ability. The instruction skip model is a well-studied practical model for fault attacks on software. Contrastingly, few studies have investigated the instruction replacement model, which is a generalization of the instruction skip model, because replacing an instruction with a desired one is considered difficult. Some previous studies have reported successful instruction replacements; however, those studies concluded that such instruction replacements are not practical attacks because the outcomes of the replacements are uncontrollable. This paper proposes the concept of a controllable instruction replacement technique that uses the laser irradiation of flash memory. The feasibility of the proposed technique is demonstrated experimentally using a smartcard-type ARM SC100 microcontroller. Then, practical cryptosystem attacks that exploit the proposed technique are investigated. The targeted cryptosystems employ the AES with software-based anti-fault countermeasures. We demonstrate that an existing anti-instruction-skip countermeasure can be circumvented by replacing a critical instruction, e.g., a branch instruction to detect fault occurrence.

We present an improved constant-round secure two-party protocol for integer comparison functionality, which is one of the most fundamental building blocks in secure computation. Our protocol is in the so-called client-server model, which is utilized in real-world MPC products such as Sharemind, where any number of clients can create shares of their input and distribute to the servers who then jointly compute over the shares and return the shares of the result to the client. In the client-aided client-server model, as mentioned briefly by Mohassel and Zhang (S&P'17), a client further generates and distributes some necessary correlated randomness to servers. Such correlated randomness admits efficient protocols since otherwise, servers have to jointly generate randomness by themselves, which can be inefficient. In this paper, we improve the state-of-the-art constant-round comparison protocols by Damgå rd et al. (TCC'06) and Nishide and Ohta (PKC'07) in the client-aided model. Our techniques include identifying correlated randomness in these comparison protocols. Along the way, we also use tree-based techniques for a building block, which deviate from the above two works. Our proposed protocol requires only 5 communication rounds, regardless of the bit length of inputs. This is at least 5 times fewer rounds than existing protocols. We implement our secure comparison protocol in C++. Our experimental results show that this low-round complexity benefits in high-latency networks such as WAN. We also present secure Min/Argmin protocols using the secure comparison protocol.

Inner product functional encryption (IPFE) is a subclass of functional encryption (FE), whose function class is limited to inner product. We construct an efficient private-key IPFE scheme with full-hiding security, where confidentiality is assured for not only encrypted data but also functions associated with secret keys. Recently, Datta et al. presented such a scheme in PKC 2016 and this is the only scheme that achieves full-hiding security. Our scheme has an advantage over their scheme for the two aspects. More efficient: keys and ciphertexts of our scheme are almost half the size of those of their scheme. Weaker assumption: our scheme is secure under the k-linear (k-Lin) assumption, while their scheme is secure under a stronger assumption, namely, the symmetric external Diffie-Hellman (SXDH) assumption. It is well-known that the k-Lin assumption is equivalent to the SXDH assumption when k=1 and becomes weak as k increases.

This paper presents decentralized multi-authority attribute-based encryption and signature (DMA-ABE and DMA-ABS) schemes, in which no central authority exists and no global coordination is required except for the setting of a parameter for a prime order bilinear group and a hash function, which can be available from public documents, e.g., ISO and FIPS official documents. In the proposed DMA-ABE and DMA-ABS schemes, every process can be executed in a fully decentralized manner; any party can become an authority and issue a piece for a secret key to a user without interacting with any other party, and each user obtains a piece of his/her secret key from the associated authority without interacting with any other party. While enjoying such fully decentralized processes, the proposed schemes are still secure against collusion attacks, i.e., multiple pieces issued to a user by different authorities can form a collusion resistant secret key, composed of these pieces, of the user. The proposed ABE scheme is the first DMA-ABE for non-monotone relations (and more general relations), which is adaptively secure under the decisional linear (DLIN) assumption in the random oracle model. This paper also proposes the first DMA-ABS scheme for non-monotone relations (and more general relations), which is fully secure, adaptive-predicate unforgeable and perfect private, under the DLIN assumption in the random oracle model. DMA-ABS is a generalized notion of ring signatures. The efficiency of the proposed DMA-ABE and DMA-ABS schemes is comparable to those of the existing practical ABE and ABS schemes with comparable relations and security.

We propose a key-policy attribute-based encryption (KP-ABE) scheme with constant-size ciphertexts, whose almost tightly semi-adaptive security is proven under the decisional linear (DLIN) assumption in the standard model. The access structure is expressive, that is given by non-monotone span programs. It also has fast decryption, i.e., a decryption includes only a constant number of pairing operations. As an application of our KP-ABE construction, we also propose an efficient, fully secure attribute-based signatures with constant-size secret (signing) keys from the DLIN. For achieving the above results, we extend the sparse matrix technique on dual pairing vector spaces. In particular, several algebraic properties of an elaborately chosen sparse matrix group are applied to the dual system security proofs.

Public-key encryption with keyword search (PEKS) is a cryptographic primitive that allows us to search for particular keywords over ciphertexts without recovering plaintexts. By using PEKS in cloud services, users can outsource their data in encrypted form without sacrificing search functionality. Concerning PEKS that can specify logical disjunctions and logical conjunctions as a search condition, it is known that such PEKS can be (generically) constructed from anonymous attribute-based encryption (ABE). However, it is not clear whether it is possible to construct this types of PEKS without using ABE which may require large computational/communication costs and strong mathematical assumptions. In this paper, we show that ABE is crucial for constructing PEKS with the above functionality. More specifically, we give a generic construction of anonymous key-policy ABE from PEKS whose search condition is specified by logical disjunctions and logical conjunctions. Our result implies such PEKS always requires large computational/communication costs and strong mathematical assumptions corresponding to those of ABE.

Searchable encryption with advanced query function is an important technique in today's cloud environment. To date, in the public key setting, the best query function supported by the previous schemes are conjunctive or disjunctive keyword search, which are elementary but not enough to satisfy the user's query requirements. In this paper, we make a progress for constructing a searchable public key encryption scheme with advanced query function called simple Boolean keyword search. To create our scheme, we proposed a keywords conversion method that projects the index and query keywords into a group of vectors. Based on a combination of these obtained vectors and an adaptively secure inner product encryption scheme, a public key encryption with simple Boolean keyword search scheme is proposed. We also present both theoretical and experimental analysis to show the effectiveness of this scheme. To the best of our knowledge, it is the first time to give a searchable public key encryption scheme supporting queries like q₁op₁q₂op₂…op_i-1q_iop_i…op_n-1q_n, where op_i is a logical operator which can be and(∨) or or(∧) and q_i is a keyword.

Group signatures are signatures providing signer anonymity where signers can produce signatures on behalf of the group that they belong to. Although such anonymity is quite attractive considering privacy issues, it is not trivial to check whether a signer has been revoked or not. Thus, how to revoke the rights of signers is one of the major topics in the research on group signatures. In particular, scalability, where the signing and verification costs and the signature size are constant in terms of the number of signers N, and other costs regarding signers are at most logarithmic in N, is quite important. In this paper, we propose a revocable group signature scheme which is currently more efficient compared to previous all scalable schemes. Moreover, our revocable group signature scheme is secure under simple assumptions (in the random oracle model), whereas all scalable schemes are secure under q-type assumptions. We implemented our scheme by employing a Barreto-Lynn-Scott curve of embedding degree 12 over a 455-bit prime field (BLS-12-455), and a Barreto-Naehrig curve of embedding degree 12 over a 382-bit prime field (BN-12-382), respectively, by using the RELIC library. We showed that the online running times of our signing algorithm were approximately 14msec (BLS-12-455) and 11msec (BN-12-382), and those of our verification algorithm were approximately 20msec (BLS-12-455) and 16msec (BN-12-382), respectively. Finally, we showed that our scheme (with a slight extension) is applied to an identity management system proposed by Isshiki et al.

We present a constant-size signature scheme under the CDH assumption. It has a tighter security reduction than any other constant-size signature scheme with a security reduction to solving some intractable search problems. Hofheinz, Jager, and Knapp (PKC 2012) presented a constant-size signature scheme under the CDH assumption with a reduction loss of O(q), where q is the number of signing queries. They also proved that the reduction loss of O(q) is optimal in a black-box security proof. To the best of our knowledge, no constant-size signature scheme has been proposed with a tighter reduction (to the hardness of a search problem) than that proposed by Hofheinz et al., even if it is not re-randomizable. We remark that our scheme is not re-randomizable. We achieve the reduction loss of O(q/d), where d is the number of group elements in a public key.

Let us consider a situation where someone wants to encrypt his/her will on an existing blockchain, e.g. Bitcoin, and allow an encrypted will to be decryptable only if designated members work together. At a first glance, such a property seems to be easily provided by using conventional threshold encryption. However, this idea cannot be straightforwardly implemented since key pairs for an encryption mechanism is additionally required. In this paper, we propose a new threshold encryption scheme in which key pairs for ECDSA that are already used in the Bitcoin protocol can be directly used as they are. Namely, a unique key pair can be simultaneously used for both ECDSA and our threshold encryption scheme without losing security. Furthermore, we implemented our scheme on the Bitcoin regtest network, and show that it is fairly practical. For example, the execution time of the encryption algorithm Enc (resp., the threshold decryption algorithm Dec) is 0.2sec. (resp., 0.3sec.), and the total time is just only 3sec. including all the cryptographic processes and network communications for a typical parameter setting. Also, we discuss several applications of our threshold encryption scheme in detail: Claiming priority of intellectual property, sealed-bid auction, lottery, and coin tossing service.

Chosen-ciphertext security is a central goal in designing a secure public-key encryption scheme, and it is also important that the chosen-ciphertext security is tightly reduced to some well-established hard problem. Moreover, it is more important to have a tight reduction in the multi-user multi-challenge setting, since a tight security reduction in the single-user single-challenge setting generally does not imply a tight reduction to the multi-user multi-challenge setting. We propose the first fully tightly secure and practical public-key encryption scheme which is chosen-ciphertext secure in the multi-user multi-challenge setting in the random oracle model. The scheme is proven secure under the decisional Diffie-Hellman assumption in a pairing-free group. The ciphertext overhead of our scheme is two group elements and two exponents.

The Blum-Kalai-Wasserman algorithm (BKW) is an algorithm for solving the learning parity with noise problem, which was then adapted for solving the learning with errors problem (LWE) by Albrecht et al. Duc et al. applied BKW also to the learning with rounding problem (LWR). The number of blocks is a parameter of BKW. By optimizing the number of blocks, we can minimize the time complexity of BKW. However, Duc et al. did not derive the optimal number of blocks theoretically, but they searched for it numerically. Duc et al. also showed that the required number of samples for BKW for solving LWE can be dramatically decreased using Lyubashevsky's idea. However, it is not shown that his idea is also applicable to LWR. In this paper, we theoretically derive the asymptotically optimal number of blocks, and then analyze the minimum asymptotic time complexity of the algorithm. We also show that Lyubashevsky's idea can be applied to LWR-solving BKW, under a heuristic assumption that is regularly used in the analysis of LPN-solving BKW. Furthermore, we derive an equation that relates the Gaussian parameter σ of LWE and the modulus p of LWR. When σ and p satisfy the equation, the asymptotic time complexity of BKW to solve LWE and LWR are the same.

Homomorphic encryption allows computation over encrypted data, and can be used for delegating computation: data providers encrypt their data and send them to an aggregator, who can then perform computation over the encrypted data on behalf of a client, without the underlying data being exposed to the aggregator. However, since the aggregator is merely a third party, it may be malicious, and in particular, may submit an incorrect aggregation result to the receiver. Ohara et al. (APKC2014) studied secure aggregation of time-series data while enabling the correctness of aggregation to be verified. However, they only provided a concrete construction in the smart metering system and only gave an intuitive argument of security. In this paper, we define verifiable homomorphic encryption (VHE) which generalizes their scheme, and introduce formal security definitions. Further, we formally prove that Ohara et al.'s VHE scheme satisfies our proposed security definitions.

In this paper, we propose the decomposition ring homomorphic encryption scheme, that is a homomorphic encryption scheme built on the decomposition ring, which is a subring of cyclotomic ring. By using the decomposition ring the structure of plaintext slot becomes ℤ_p^l, instead of GF(p^d) in conventional schemes on the cyclotomic ring. For homomorphic multiplication of integers, one can use the full of ℤ_p^l slots using the proposed scheme, although in conventional schemes one can use only one-dimensional subspace GF(p) in each GF(p^d) slot. This allows us to realize fast and compact homomorphic encryption for integer plaintexts. In fact, our benchmark results indicate that our decomposition ring homomorphic encryption schemes are several times faster than HElib for integer plaintexts due to its higher parallel computation.

In this paper, we revisit related-key security of TWINE block cipher with 80-bit and 128-bit keys. Using an MILP-aided automatic search algorithm, we point out the previous evaluation of TWINE with a 80-bit key is wrong, and give a corrected evaluation result. Besides, we show a first security evaluation of TWINE with a 128-bit key in the related-key setting, which was infeasible due to the high computation cost in the original proposal.

In this letter, we investigate the secure transmission in radio frequency (RF) powered two-hop untrusted relay networks, where the source node and untrusted relay are both wireless powered by an RF power supplier. Specifically, considering the non-linear energy-harvesting (EH) model, the two-process communication protocol is proposed. The secrecy rate is maximized by jointly designing the beamforming vector at source and beamforming matrix at relay, under the constraints of transmit power at RF power supplier and destination. The secrecy rate maximization (SRM) is non-convex, hence we propose an alternative optimization (AO) based iterative algorithm. Numerical results demonstrate that the proposed scheme can significantly increase the secrecy rate compared to the baseline schemes.

Cloud computing enables computational resource-limited devices to economically outsource much computations to the cloud. Modular exponentiation is one of the most expensive operations in public key cryptographic protocols, and such operation may be a heavy burden for the resource-constraint devices. Previous works for secure outsourcing modular exponentiation which use one or two untrusted cloud server model or have a relatively large computational overhead, or do not support the 100% possibility for the checkability. In this letter, we propose a new efficient and verifiable algorithm for securely outsourcing modular exponentiation in the two untrusted cloud server model. The algorithm improves efficiency by generating random pairs based on EBPV generators, and the algorithm has 100% probability for the checkability while preserving the data privacy.

Promoting the use of public transport (PT) is considered to be an effective way to reduce the number of passenger cars. The concept of Mobility-as-a-Service (MaaS), which began in Europe and is now spreading rapidly around the world, is expected to help to improve the convenience of PT on the viewpoint of users, using the latest information communication technology and Internet of Things technologies. This paper outlines the concept of MaaS in Europe and the efforts made at the policy level. It also focuses on the development of MaaS from the viewpoint of promoting the use of PT in Japan.

Numerous applications such as autonomous driving, satellite imagery sensing, and biomedical imaging use computer vision as an important tool for perception tasks. For Intelligent Transportation Systems (ITS), it is required to precisely recognize and locate scenes in sensor data. Semantic segmentation is one of computer vision methods intended to perform such tasks. However, the existing semantic segmentation tasks label each pixel with a single object's class. Recognizing object attributes, e.g., pedestrian orientation, will be more informative and help for a better scene understanding. Thus, we propose a method to perform semantic segmentation with pedestrian attribute recognition simultaneously. We introduce an attribute-aware loss function that can be applied to an arbitrary base model. Furthermore, a re-annotation to the existing Cityscapes dataset enriches the ground-truth labels by annotating the attributes of pedestrian orientation. We implement the proposed method and compare the experimental results with others. The attribute-aware semantic segmentation shows the ability to outperform baseline methods both in the traditional object segmentation task and the expanded attribute detection task.

There is currently much interest in the development of Optic Wireless and Visible Light Communication (VLC) systems in the ITS field. Research in VLC and boomerang systems in particular often remain at a theoretical or computer-simulated level. This paper reports the 3-stage development of a boomerang prototype communication and ranging system using visible light V2V communication via LEDs and photodiodes, with direct-sequence spread spectrum techniques. The system uses simple and widely available components aiming for a low-cost frugal innovation approach. Results show that while we have to improve the prototype distance measurement unit due to a margin of error, simultaneous communication and ranging is possible with our newly designed prototype. The benefits of further research and development of boomerang technology prototypes are confirmed.

We present an accurate and easy-to-use multi-sensor fusion toolbox for autonomous vehicles. It includes a ‘target-less’ multi-LiDAR (Light Detection and Ranging), and Camera-LiDAR calibration, sensor fusion, and a fast and accurate point cloud ground classifier. Our calibration methods do not require complex setup procedures, and once the sensors are calibrated, our framework eases the fusion of multiple point clouds, and cameras. In addition we present an original real-time ground-obstacle classifier, which runs on the CPU, and is designed to be used with any type and number of LiDARs. Evaluation results on the KITTI dataset confirm that our calibration method has comparable accuracy with other state-of-the-art contenders in the benchmark.

Information and communication technologies have improved the quality of intelligent transportation systems (ITS). By estimating from cellular floating vehicle data (CFVD) is more cost-effective, and easier to acquire than traditional ways. This study proposes a cell probe (CP)-based method to analyse the cellular network signals (e.g., call arrival, handoff, and location update), and regression models are trained for vehicle speed estimation. In experiments, this study compares the practical traffic information of vehicle detector (VD) with the estimated traffic information by the proposed methods. The experiment results show that the accuracy of vehicle speed estimation by CP-based method is 97.63%. Therefore, the CP-based method can be used to estimate vehicle speed from CFVD for ITS.

Because of its high throughput potentiality on short-range communications and inherent superiority of high precision on ranging and localization, ultra-wideband (UWB) technology has been attracting attention continuously in research and development (R&D) as well as in commercialization. The first domestic regulation admitting indoor UWB in Japan was released by the Ministry of Internal Affairs and Communications (MIC) in 2006. Since then, several revisions have been made in conjunction with UWB commercial penetration, emerging new trends of industrial demands, and coexistence evaluation with other wireless systems. However, it was not until May 2019 that MIC released a new revision to admit outdoor UWB. Meanwhile, the IEEE 802 LAN/MAN Standards Committee has been developing several UWB related standards or amendments accordingly for supporting different use cases. At the time when this paper is submitted, a new amendment known as IEEE 802.15.4z is undergoing drafting procedure which is expected to enhance ranging ability for impulse radio UWB (IR-UWB). In this paper, we first review the domestic UWB regulation and some of its revisions to get a picture of the domestic regulation transition from indoor to outdoor. We also foresee some anticipating changes in future revisions. Then, we overview several published IEEE 802 standards or amendments that are related to IR-UWB. Some features of IEEE 802.15.4z in drafting are also extracted from open materials. Finally, we show with our recent research results that time bias internal a transceiver becomes important for increasing localization accuracy.

Visible light communication (VLC) will play a wide variety of important roles in future communication services. This paper deals with color shift keying (CSK) for the modulation of visible light communications. There are some previous studies about psychological and physiological effects of colors. These studies implied that color offset CSKs have psychological and physiological effects, which normal CSK doesn't have. This paper evaluates the psychological and physiological effects of color offset CSKs compared with normal CSK based on interviews and electroencephalogram (alpha wave, beta wave, and P300) measurements. This study evaluates the feasibility of visible light communication providing added value by measuring arousal, rest, visual attraction, task performance, capacity of working memory, and response for the CSK codes. The results showed that red-, green- and blue-offset CSK have specific features. Red-offset CSK induces excitement and increasing wakefulness levels, attracts attention, enlarges capacity of working memory, raises task performance, and induces fast responses. Green-offset CSK maintains rest levels, elevates relaxation levels, reduces stress, raises task performance, and induces fast responses. Blue-offset CSK maintains rest levels and induces fast responses. It is thought that we can use color offset CSK appropriately and provide added value to their application by considering the results of psychological and physiological investigations. Red-offset CSK is thought to be suitable for commercial advertisements. Green- and blue-offset CSK are thought to be suitable for wireless communication environments in hospitals. Red- and green-offset CSK are thought to be suitable for wireless communication environments in business. Red-, green- and blue-offset CSK are thought to be suitable for use in intelligent transportation systems (ITS).

For high transmission efficiency, good modulation schemes are expected. This paper focuses on the enhancement of the modulation scheme of free space optical turbo coded system. A free space optical turbo coded system using a new signaling scheme called hybrid PPM-OOK signaling (HPOS) is proposed and investigated. The theoretical formula of the bit error rate of the uncoded HPOS system is derived. The effective information rate performances (i.e. channel capacity) of the proposed HPOS turbo coded system are evaluated through computer simulation in free space optical channel, with weak, moderate, strong scintillation. The performance of the proposed HPOS turbo coded system is compared with those of the conventional OOK (On-Off Keying) turbo coded system and BPPM (Binary Pulse Position Modulation) turbo coded system. As results, the proposed HPOS turbo coded system shows the same tolerance capability to background noise and atmospheric turbulence as the conventional BPPM turbo coded system, and it has 1.5 times larger capacity.

The paper presents a low power, wideband operational trans-conductance amplifier (OTA) for applications to drive large capacitive loads. In order to satisfy the low static power dissipation, high-speed, while reserving high current driving capability, the complementary slew-rate enhancer in conjunction with a dual class AB input stage to improve the slew-rate of a rail-to-rail two-stage OTA is proposed. The proposed architecture was implemented using 0.5µm CMOS process with a supply voltage of 5V. The slew-rate can achieve 68V/µsec at static power dissipation of 0.9mW, which can be used to efficiently drive larger than 6 nF capacitive load. The measured output has a total harmonic distortion of less than 5%.

In this paper, we propose a new scheme which uses blind detection algorithm for recovering the conventional user signal in a system which the sporadic machine-to-machine (M2M) communication share the same spectrum with the conventional user. Compressive sensing techniques are used to estimate the M2M devices signals. Based on the Hopfield neural network (HNN), the blind detection algorithm is used to recover the conventional user signal. The simulation results show that the conventional user signal can be effectively restored under an unknown channel. Compared with the existing methods, such as using the training sequence to estimate the channel in advance, the blind detection algorithm used in this paper with no need for identifying the channel, and can directly detect the transmitted signal blindly.

Fluctuations in nonlinear systems can enhance the synchronization with weak input signals. These nonlinear synchronization phenomena are classified as stochastic resonance and chaotic resonance. Many applications of stochastic resonance have been realized, utilizing its enhancing effect for the signal sensitivity. However, although some studies showed that the sensitivity of chaotic resonance is higher than that of stochastic resonance, only few studies have investigated the engineering application of chaotic resonance. A possible reason is that, in chaotic resonance, the chaotic state must be adjusted through internal parameters to reach the state that allows resonance. In many cases and especially in biological systems, such adjustments are difficult to perform externally. To overcome this difficulty, we developed a method to control the chaotic state for an appropriate state of chaotic resonance by using an external feedback signal. The method is called reducing the range of orbit (RRO) feedback method. Previously, we have developed the RRO feedback method for discrete chaotic systems. However, for applying the RRO feedback method to actual chaotic systems including biological systems, development of the RRO feedback signals in continuous chaotic systems must be considered. Therefore, in this study, we extended the RRO feedback method to continuous chaotic systems by focusing on the map function on the Poincaré section. We applied the extended RRO feedback method to Chua's circuit as a continuous chaotic system. The results confirmed that the RRO feedback signal can induce chaotic resonance. This study is the first to report the application of RRO feedback to a continuous chaotic system. The results of this study will facilitate further device development based on chaotic resonance.

In this paper, we analyze the security of an end-to-end encryption scheme (E2EE) of LINE, a.k.a Letter Sealing. LINE is one of the most widely-deployed instant messaging applications, especially in East Asia. By a close inspection of their protocols, we give several attacks against the message integrity of Letter Sealing. Specifically, we propose forgery and impersonation attacks on the one-to-one message encryption and the group message encryption. All of our attacks are feasible with the help of an end-to-end adversary, who has access to the inside of the LINE server (e.g. service provider LINE themselves). We stress that the main purpose of E2EE is to provide a protection against the end-to-end adversary. In addition, we found some attacks that even do not need the help of E2E adversary, which shows a critical security flaw of the protocol. Our results reveal that the E2EE scheme of LINE do not sufficiently guarantee the integrity of messages compared to the state-of-the-art E2EE schemes such as Signal, which is used by WhatApp and Facebook Messenger. We also provide some countermeasures against our attacks. We have shared our findings with LINE corporation in advance. The LINE corporation has confirmed our attacks are valid as long as the E2E adversary is involved, and officially recognizes our results as a vulnerability of encryption break.

In DNA data storage and computation, DNA strands are required to meet certain combinatorial constraints. This paper shows how some of these constraints can be achieved simultaneously. First, we use the algebraic structure of irreducible cyclic codes over finite fields to generate cyclic DNA codes that satisfy reverse and complement properties. We show how such DNA codes can meet constant guanine-cytosine content constraint by MacWilliams-Seery algorithm. Second, we consider fulfilling the run-length constraint in parallel with the above constraints, which allows a maximum predetermined number of consecutive duplicates of the same symbol in each DNA strand. Since irreducible cyclic codes can be represented in terms of the trace function over finite field extensions, the linearity of the trace function is used to fulfill a predefined run-length constraint. Thus, we provide an algorithm for constructing cyclic DNA codes with the above properties including run-length constraint. We show numerical examples to demonstrate our algorithms generating such a set of DNA strands with all the prescribed constraints.

In decision feedback scheme, Forney's decision criterion (Forney's rule: FR) is optimal in the sense that the Neyman-Pearson's lemma is satisfied. Another prominent criterion called LR+Th was proposed by Hashimoto. Although LR+Th is suboptimal, its error exponent is shown to be asymptotically equivalent to that of FR by random coding arguments. In this paper, applying the technique of the DS2 bound, we derive an upper bound for the error probability of LR+Th for the ensemble of linear block codes. Then we can observe the new bound from two significant points of view. First, since the DS2 type bound can be expressed by the average weight distribution whose code length is finite, we can compare the error probability of FR with that of LR+Th for the fixed-length code. Second, the new bound elucidates the relation between the random coding exponents of block codes and those of linear block codes.

A light field, which is equivalent to a dense set of multi-view images, has various applications such as depth estimation and 3D display. One of the essential problems in light field applications is light field interpolation, i.e., view interpolation. The interpolation accuracy is enhanced by exploiting an inherent property of a light field. One example is that an epipolar plane image (EPI), which is a 2D subset of the 4D light field, consists of many lines, and these lines have almost the same slope in a local region. This structure induces a sparse representation in the frequency domain, where most of the energy resides on a line passing through the origin. On the basis of this observation, we propose a group sparsity prior suitable for light fields to exploit their line structure fully for interpolation. Specifically, we designed the directional groups in the discrete Fourier transform (DFT) domain so that the groups can represent the concentration of the energy, and we thereby formulated an LF interpolation problem as an overlapping group lasso. We also introduce several techniques to improve the interpolation accuracy such as applying a window function, determining group weights, expanding processing blocks, and merging blocks. Our experimental results show that the proposed method can achieve better or comparable quality as compared to state-of-the-art LF interpolation methods such as convolutional neural network (CNN)-based methods.

In order to improve the noise robustness of automatic speaker recognition, many techniques on speech/feature enhancement have been explored by using deep neural networks (DNN). In this work, a DNN multi-level enhancement (DNN-ME), which consists of the stages of signal enhancement, cepstrum enhancement and i-vector enhancement, is proposed for text-independent speaker recognition. Given the fact that these enhancement methods are applied in different stages of the speaker recognition pipeline, it is worth exploring the complementary role of these methods, which benefits the understanding of the pros and cons of the enhancements of different stages. In order to use the capabilities of DNN-ME as much as possible, two kinds of methods called Cascaded DNN-ME and joint input of DNNs are studied. Weighted Gaussian mixture models (WGMMs) proposed in our previous work is also applied to further improve the model's performance. Experiments conducted on the Speakers in the Wild (SITW) database have shown that DNN-ME demonstrated significant superiority over the systems with only a single enhancement for noise robust speaker recognition. Compared with the i-vector baseline, the equal error rate (EER) was reduced from 5.75 to 4.01.

This letter presents an improved hybrid direction of arrival (DOA) estimation scheme with computational efficiency for massive uniform linear array. In order to enhance the resolution of DOA estimation, the initial estimator based on the discrete Fourier transform is applied to obtain coarse DOA estimates by a virtual array extension for one snapshot. Then, by means of a first-order Taylor series approximation to the direction vector with the one initially estimated in a very small region, the iterative fine estimator can find a new direction vector which raises the searching efficiency. Simulation results are provided to demonstrate the effectiveness of the proposed scheme.

In 2015, Carlet and Tang [Des. Codes Cryptogr. 76(3): 571-587, 2015] proposed a concept called enhanced Boolean functions and a class of such kind of functions on odd number of variables was constructed. They proved that the constructed functions in this class have optimal algebraic immunity if the numbers of variables are a power of 2 plus 1 and at least sub-optimal algebraic immunity otherwise. In addition, an open problem that if there are enhanced Boolean functions with optimal algebraic immunity and maximal algebraic degree n-1 on odd variables n≠2^k+1 was proposed. In this letter, we give a negative answer to the open problem, that is, we prove that there is no enhanced Boolean function on odd n≠2^k+1 variables with optimal algebraic immunity and maximal algebraic degree n-1.

The Galois hull of linear code is defined to be the intersection of the code and its Galois dual. In this paper, we investigate the Galois hulls of cyclic codes over F_q^r. For any integer s≤r, we present some sufficient and necessary conditions that cyclic codes have l-dimensional s-Galois hull. Moreover, we prove that a cyclic code C has l-dimensional s-Galois hull iff C has l-dimensional (r-s)-Galois hull. In particular, we also present the sufficient and necessary condition for cyclic codes with 1-dimensional Galois hulls and the relationship between cyclic codes with 1-dimensional Galois hulls and cyclic codes with Galois complementary duals. Some optimal cyclic codes with Galois hulls are obtained. Finally, we explicitly construct a class of cyclic codes with 1-Galois linear complementary dual over F_q³.

For the frequency-division-duplex (FDD)-based massive multiple-input multiple-output (MIMO) systems, channel state information (CSI) feedback plays a critical role. Although deep learning has been used to compress the CSI feedback, some issues like truncation and noise still need further investigation. Facing these practical concerns, we propose an improved model (called CsiNet-Plus), which includes a truncation process and a channel noise process. Simulation results demonstrate that the CsiNet-Plus outperforms the existing CsiNet. The performance interchangeability between truncated decimal digits and the signal-to-noise-ratio helps support flexible configuration.

In cognitive radio (CR) networks, spectrum sensing is an essential task for enabling dynamic spectrum sharing. However, the problem becomes quite challenging in wideband spectrum sensing due to high sampling pressure, limited power and computing resources, and serious channel fading. To overcome these challenges, this paper proposes a distributed collaborative spectrum sensing scheme based on 1-bit compressive sensing (CS). Each secondary user (SU) performs local 1-bit CS and obtains support estimate information from the signal reconstruction. To utilize joint sparsity and achieve spatial diversity, the support estimate information among the network is fused via the average consensus technique based on distributed computation and one-hop communications. Then the fused result on support estimate is used as priori information to guide the next local signal reconstruction, which is implemented via our proposed weighted binary iterative hard thresholding (BIHT) algorithm. The local signal reconstruction and the distributed fusion of support information are alternately carried out until reliable spectrum detection is achieved. Simulations testify the effectiveness of our proposed scheme in distributed CR networks.