The search functionality is under construction.
The search functionality is under construction.

IEICE TRANSACTIONS on Fundamentals

  • Impact Factor

    0.40

  • Eigenfactor

    0.003

  • article influence

    0.1

  • Cite Score

    1.1

Advance publication (published online immediately after acceptance)

Volume E92-A No.1  (Publication Date:2009/01/01)

    Special Section on Cryptography and Information Security
  • FOREWORD

    Kazuo OHTA  

     
    FOREWORD

      Page(s):
    1-2
  • Higher Order Differential Attack on 6-Round MISTY1

    Yukiyasu TSUNOO  Teruo SAITO  Hiroki NAKASHIMA  Maki SHIGERI  

     
    PAPER-Symmetric Cryptography

      Page(s):
    3-10

    MISTY1 is a 64-bit block cipher that has provable security against differential and linear cryptanalysis. MISTY1 is one of the algorithms selected in the European NESSIE project, and it has been recommended for Japanese e-Government ciphers by the CRYPTREC project. This paper reports a previously unknown higher order differential characteristic of 4-round MISTY1 with the FL functions. It also shows that a higher order differential attack that utilizes this newly discovered characteristic is successful against 6-round MISTY1 with the FL functions. This attack can recover a partial subkey with a data complexity of 253.7 and a computational complexity of 264.4, which is better than any previous cryptanalysis of MISTY1.

  • Time-Memory-Data Trade-Off Attack on Stream Ciphers Based on Maiorana-McFarland Functions

    Khoongming KHOO  Guanhan CHEW  Guang GONG  Hian-Kiat LEE  

     
    PAPER-Symmetric Cryptography

      Page(s):
    11-21

    In this paper, we present the time-memory-data (TMD) trade-off attack on stream ciphers filter function generators and filter cominers based on Maiorana-McFarland functions. This can be considered as a generalization of the time-memory-data trade-off attack of Mihaljevic and Imai on Toyocrypt. First, we substitute the filter function in Toyocrypt (which has the same size as the LFSR) with a general Maiorana-McFarland function. This allows us to apply the attack to a wider class of stream ciphers. Second, we highlight how the choice of different Maiorana-McFarland functions can affect the effectiveness of our attack. Third, we show that the attack can be modified to apply on filter functions which are smaller than the LFSR and on filter-combiner stream ciphers. This allows us to cryptanalyze other configurations commonly found in practice. Finally, filter functions with vector output are sometimes used in stream ciphers to improve the throughput. Therefore the case when the Maiorana-McFarland functions have vector output is investigated. We found that the extra speed comes at the price of additional weaknesses which make the attacks easier.

  • Attribute-Based Encryption with Partially Hidden Ciphertext Policies

    Takashi NISHIDE  Kazuki YONEYAMA  Kazuo OHTA  

     
    PAPER-Public Key Cryptography

      Page(s):
    22-32

    We propose attribute-based encryption schemes where encryptor-specified policies (called ciphertext policies) are hidden. By using our schemes, an encryptor can encrypt data with a hidden access control policy. A decryptor obtains her secret key associated with her attributes from a trusted authority in advance and if the attributes associated with the decryptor's secret key do not satisfy the access control policy associated with the encrypted data, the decryptor cannot decrypt the data or guess even what access control policy was specified by the encryptor. We prove security of our construction based on the Decisional Bilinear Diffie-Hellman assumption and the Decision Linear assumption. In our security notion, even the legitimate decryptor cannot obtain the information about the access control policy associated with the encrypted data more than the fact that she can decrypt the data.

  • Small Secret Key Attack on a Takagi's Variant of RSA

    Kouichi ITOH  Noboru KUNIHIRO  Kaoru KUROSAWA  

     
    PAPER-Public Key Cryptography

      Page(s):
    33-41

    For a variant of RSA with modulus N=prq and ed ≡ 1 (mod(p-1)(q-1)), we show that d is to be recovered if d < N(2-)/(r+1). (Note that φ(N) (p-1)(q-1).) Boneh-Durfee's result for the standard RSA is obtained as a special case for r=1. Technically, we develop a method for finding a small root of a trivariate polynomial equation f(x, y,z)=x(y-1)(z-1)+1 ≡ 0 (mod e) under the condition that yrz=N. Our result cannot be obtained from the generic method of Jochemsz-May.

  • Tag-KEM from Set Partial Domain One-Way Permutations

    Masayuki ABE  Yang CUI  Hideki IMAI  Kaoru KUROSAWA  

     
    PAPER-Public Key Cryptography

      Page(s):
    42-52

    Recently a framework called Tag-KEM/DEM was introduced to construct efficient hybrid encryption schemes. Although it is known that generic encode-then-encrypt construction of chosen ciphertext secure public-key encryption also applies to secure Tag-KEM construction and some known encoding method like OAEP can be used for this purpose, it is worth pursuing more efficient encoding method dedicated for Tag-KEM construction. This paper proposes an encoding method that yields efficient Tag-KEM schemes when combined with set partial one-way permutations such as RSA and Rabin's encryption scheme. To our knowledge, this leads to the most practical hybrid encryption scheme of this type. We also present an efficient Tag-KEM which is CCA-secure under general factoring assumption rather than Blum factoring assumption.

  • Formal Security Treatments for IBE-to-Signature Transformation: Relations among Security Notions

    Yang CUI  Eiichiro FUJISAKI  Goichiro HANAOKA  Hideki IMAI  Rui ZHANG  

     
    PAPER-Digital Signature

      Page(s):
    53-66

    In a seminal paper of identity based encryption (IBE), Boneh and Franklin [6] mentioned an interesting transform from an IBE scheme to a signature scheme, which was observed by Moni Naor. In this paper, we give formal security treatments for this transform and discover several implications and separations among security notions of IBE and transformed signature. For example, we show for such a successful transform, one-wayness of IBE is an essential condition. Additionally, we give a sufficient and necessary condition for converting a semantically secure IBE scheme into an existentially unforgeable signature scheme. Our results help establish strategies on design and automatic security proof of signature schemes from (possibly weak) IBE schemes. We also show some separation results which strongly support that one-wayness, rather than semantic security, of IBE captures an essential condition to achieve secure signature.

  • Forgery Attacks on Time-Stamp, Signed PDF and X.509 Certificate

    Kouichi ITOH  Tetsuya IZU  Wakaha OGATA  Takeshi SHIMOYAMA  Masahiko TAKENAKA  

     
    PAPER-Digital Signature

      Page(s):
    67-75

    This paper studies two types of documents in which an adversary can forge a signature on a chosen document. One type is that a nonce is padded on an input document. The time-stamp protocol is a good example of this type. Another is a structured document (such as PS or PDF) whose contents are described in a body part and information (such as generated time and a generator) are in a meta part. In fact, this paper shows how to forge a time-stamp, a signature on a PDF and an X.509 certificate by the extended forgery attack and numerical examples. Forged signature by the original or the extended attacks is only accepted by the clients whose length check of zero-field is loosely implemented. As a result, we found that the latest versions of Adobe's Acrobat and Acrobat Reader accept the forged time-stamp and the forged signature on a PDF document. Target of this attack is RSASSA-PKCS1-v1_5, which does not have provable security. We also show the expanded attack might forge the signature of RSASSA-PSS, which has provable security, when the length check of zero-field is omitted or loosely implemented.

  • Near-Collision Attacks on MD4: Applied to MD4-Based Protocols

    Lei WANG  Kazuo OHTA  Noboru KUNIHIRO  

     
    PAPER-Hash Function

      Page(s):
    76-86

    The most widely used hash functions from MD4 family have been broken, which lead to a public competition on designing new hash functions held by NIST. This paper focuses on one concept called near-collision resistance: computationally difficult to find a pair of messages with hash values differing in only few bits, which new hash functions should satisfy. In this paper, we will give a model of near-collisions on MD4, and apply it to attack protocols including HMAC/NMAC-MD4 and MD4(Password||Challenge). Our new outer-key recovery attacks on HMAC/NMAC-MD4 has a complexity of 272 online queries and 277 MD4 computations, while previous result was 288 online queries and 295 MD4 computations. Our attack on MD4(Password||Challenge) can recover 16 password characters with a complexity of 237 online queries and 221 MD4 computations, which is the first approach to attack such protocols.

  • A Strict Evaluation on the Number of Conditions for SHA-1 Collision Search

    Jun YAJIMA  Terutoshi IWASAKI  Yusuke NAITO  Yu SASAKI  Takeshi SHIMOYAMA  Thomas PEYRIN  Noboru KUNIHIRO  Kazuo OHTA  

     
    PAPER-Hash Function

      Page(s):
    87-95

    This paper proposes a new algorithm for evaluating the number of chaining variable conditions (CVCs) in the selecting step of a disturbance vector (DV) for the analysis of SHA-1 collision search. The algorithm is constructed by combining four strategies, that can evaluate the number of CVCs more strictly compared with the previous approach. By using our method, we found some DVs that have 57 (or 59) essential CVCs for 1st (or 2nd) block in the case if we assume that we can modify messages up to step 25, which we have not confirmed the practicability of the assumption.

  • Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication

    Yu SASAKI  Lei WANG  Kazuo OHTA  Noboru KUNIHIRO  

     
    PAPER-Hash Function

      Page(s):
    96-104

    In this paper, we propose password recovery attacks against challenge-response authentication protocols. Our attacks use a message difference for a MD5 collision attack proposed in IEICE 2008. First, we show how to efficiently find a message pair that collides with the above message difference. Second, we show that a password used in authenticated post office protocol (APOP) can be recovered practically. We also show that the password recovery attack can be applied to a session initiation protocol (SIP) and digest authentication. Our attack can recover up to the first 31 password characters in a short time and up to the first 60 characters faster than the naive search method. We have implemented our attack and confirmed that 31 characters can be successfully recovered.

  • Almost Secure (1-Round, n-Channel) Message Transmission Scheme

    Kaoru KUROSAWA  Kazuhiro SUZUKI  

     
    PAPER-Secure Protocol

      Page(s):
    105-112

    It is known that perfectly secure (1-round, n-channel) message transmission (MT) schemes exist if and only if n ≥ 3t+1, where t is the number of channels that the adversary can corrupt. Then does there exist an almost secure MT scheme for n=2t+1 ? In this paper, we first sum up a number flaws of the previous almost secure MT scheme presented at Crypto 2004. We next show an equivalence between almost secure MT schemes and secret sharing schemes with cheaters. By using our equivalence, we derive a lower bound on the communication complexity of almost secure MT schemes. Finally, we present a near optimum scheme which meets our bound approximately. This is the first construction of provably secure almost secure (1-round, n-channel) MT schemes for n=2t+1.

  • Does Secure Password-Based Authenticated Key Exchange against Leakage of Internal States Exist?

    Kazuki YONEYAMA  

     
    PAPER-Secure Protocol

      Page(s):
    113-121

    In this paper, we raise a question about existence of secure password-based authenticated key exchange against leakage of internal states (i.e., the passwords and session-specific private information). Toward this question, first, we classify six models of adversary's capabilities about leakage. Next, as a result of considerations for 2-party PAKE, we find two negative answers, but also find a positive answer. More specifically, we show that there exists no scheme which is secure in strong leakage models, but we also show that there exists a scheme which is secure in weak leakage models. Also, we consider the case of 3-party setting which is a special setting of password-based authenticated key exchange, and we find similar impossibilities as 2-party setting.

  • A New 'On the Fly' Identification Scheme: An Asymptoticity Trade-Off between ZK and Correctness

    Bagus SANTOSO  Kazuo OHTA  

     
    PAPER-Secure Protocol

      Page(s):
    122-136

    GPS is an efficient identification (ID) scheme based on Schnorr ID scheme designed for applications where low cost devices with limited resources are used and a very-short authentication time is required. Let P and V be a prover and a verifier in GPS and < g > be a multiplicative group. P holds a secret key S∈[0,S) and publishes I=g-s. In each elementary round: (1) P sends to Vx=gr where r is chosen randomly from [0,A), (2) V sends to P a random C∈[0,B), and (3) P sends y=r+cs (no modulus computation). Since there is no modular reduction on y, a key issue is whether GPS leaks information about s. It has been proved that GPS is statistical zero-knowledge, if in asymptotic sense, BS/A is negligible, where is the number of elementary rounds in one complete identification trial. In this paper, first we will show the followings. (1) We can construct a concrete attack procedure which reveals one bit of secret key s from the specified value range of y unless BS/A is negligible. We reconfirm that we must set A extremely large compared to BS. (2) This drawback can be avoided by modifying GPS into a new scheme, GPS+, in which P does not send the value of y in the specified range where y reveals some information about s. GPS+ ensures perfect ZK only by requiring both A > BS and A being a multiple of the order of g, while it allows an honest P to be rejected with probability at most BS/(2A) in one elementary round. Under the standard recommended parameters for 80-bit security where =1, |S|=160, and |B|=35, |A|=275 is recommended for GPS in GPS' paper. On the other hand, GPS+ can guarantee 80-bit security and less than one false rejection on average in 100 identifications with only |A|=210 with the same parameters as above. In practice, this implies 275-210=65 bits (≈24%) reductions on storage requirement. We have confirmed that the reduce of A also reduces approximately 4% of running time for online response using a certain implementation technique for GPS+ by machine experiment.

  • Multiparty Computation from El Gamal/Paillier Conversion

    Koji CHIDA  Hiroaki KIKUCHI  Keiichi HIROTA  Gembu MOROHASHI  

     
    PAPER-Secure Protocol

      Page(s):
    137-146

    We propose a protocol for converting the encryption function of a ciphertext into another encryption function while keeping the corresponding message secret. The proposed protocol allows conversions of the El Gamal and Paillier cryptosystems and has the potential to design an efficient multiparty protocol intended for circuits consisting of arithmetic and logical operations. We clarify the condition of circuits such that the multiparty protocol based on the proposed protocol provides better performance than previous approaches. In addition, we introduce some privacy-preserving statistical computations as an effective application of the proposed protocol.

  • k-Times Anonymous Authentication

    Isamu TERANISHI  Jun FURUKAWA  Kazue SAKO  

     
    PAPER-Secure Protocol

      Page(s):
    147-165

    We propose an authentication scheme in which users can be authenticated anonymously so long as times that they are authenticated is within an allowable number. The proposed scheme has two features: 1) no one, not even an authority, can identify users who have been authenticated within the allowable number, 2) anyone can trace, without help from the authority, dishonest users who have been authenticated beyond the allowable number by using the records of these authentications. Our scheme can be applied to e-voting, e-cash, electronic coupons, and trial browsing of content. In these applications, our scheme, unlike the previous one, conceals users' participation from protocols and guarantees that they will remain anonymous to everyone.

  • A New Randomness Test Based on Linear Complexity Profile

    Kenji HAMANO  Fumio SATO  Hirosuke YAMAMOTO  

     
    PAPER-Mathematics

      Page(s):
    166-172

    Linear complexity can be used to detect predictable nonrandom sequences, and hence it is included in the NIST randomness test suite. But, as shown in this paper, the NIST test suite cannot detect nonrandom sequences that are generated, for instance, by concatenating two different M-sequences with low linear complexity. This defect comes from the fact that the NIST linear complexity test uses deviation from the ideal value only in the last part of the whole linear complexity profile. In this paper, a new faithful linear complexity test is proposed, which uses deviations in all parts of the linear complexity profile and hence can detect even the above nonrandom sequences. An efficient formula is derived to compute the exact area distribution needed for the proposed test. Furthermore, a simple procedure is given to compute the proposed test statistic from linear complexity profile, which requires only O(M) time complexity for a sequence of length M.

  • A Multiplication Algorithm in Fpm Such That p>m with a Special Class of Gauss Period Normal Bases

    Hidehiro KATO  Yasuyuki NOGAMI  Tomoki YOSHIDA  Yoshitaka MORIKAWA  

     
    PAPER-Mathematics

      Page(s):
    173-181

    In this paper, a multiplication algorithm in extension field Fpm is proposed. Different from the previous works, the proposed algorithm can be applied for an arbitrary pair of characteristic p and extension degree m only except for the case when 4p divides m(p-1) and m is an even number. As written in the title, when p>m, 4p does not divide m(p-1). The proposed algorithm is derived by modifying cyclic vector multiplication algorithm (CVMA). We adopt a special class of Gauss period normal bases. At first in this paper, it is formulated as an algorithm and the calculation cost of the modified algorithm is evaluated. Then, compared to those of the previous works, some experimental results are shown. Finally, it is shown that the proposed algorithm is sufficient practical when extension degree m is small.

  • Scalar Multiplication Using Frobenius Expansion over Twisted Elliptic Curve for Ate Pairing Based Cryptography

    Yasuyuki NOGAMI  Yumi SAKEMI  Takumi OKIMOTO  Kenta NEKADO  Masataka AKANE  Yoshitaka MORIKAWA  

     
    PAPER-Mathematics

      Page(s):
    182-189

    For ID-based cryptography, not only pairing but also scalar multiplication must be efficiently computable. In this paper, we propose a scalar multiplication method on the circumstances that we work at Ate pairing with Barreto-Naehrig (BN) curve. Note that the parameters of BN curve are given by a certain integer, namely mother parameter. Adhering the authors' previous policy that we execute scalar multiplication on subfield-twisted curve (Fp2) instead of doing on the original curve E(Fp12), we at first show sextic twisted subfield Frobenius mapping (ST-SFM) in (Fp2). On BN curves, note is identified with the scalar multiplication by p. However a scalar is always smaller than the order r of BN curve for Ate pairing, so ST-SFM does not directly applicable to the above circumstances. We then exploit the expressions of the curve order r and the characteristic p by the mother parameter to derive some radices such that they are expressed as a polynomial of p. Thus, a scalar multiplication [s] can be written by the series of ST-SFMs . In combination with the binary method or multi-exponentiation technique, this paper shows that the proposed method runs about twice or more faster than plain binary method.

  • The Unknown Computer Viruses Detection Based on Similarity

    Zhongda LIU  Naoshi NAKAYA  Yuuji KOUI  

     
    PAPER-Application

      Page(s):
    190-196

    New computer viruses are continually being generated and they cause damage all over the world. In general, current anti-virus software detects viruses by matching a pattern based on the signature; thus, unknown viruses without any signature cannot be detected. Although there are some static analysis technologies that do not depend on signatures, virus writers often use code obfuscation techniques, which make it difficult to execute a code analysis. As is generally known, unknown viruses and known viruses share a common feature. In this paper we propose a new static analysis technology that can circumvent code obfuscation to extract the common feature and detect unknown viruses based on similarity. The results of evaluation experiments demonstrated that this technique is able to detect unknown viruses without false positives.

  • An Efficient 2-Secure and Short Random Fingerprint Code and Its Security Evaluation

    Koji NUIDA  Satoshi FUJITSU  Manabu HAGIWARA  Hideki IMAI  Takashi KITAGAWA  Kazuto OGAWA  Hajime WATANABE  

     
    PAPER-Application

      Page(s):
    197-206

    The code length of Tardos's collusion-secure fingerprint code is of theoretically minimal order with respect to the number of adversarial users (pirates). However, the constant factor should be further reduced for practical implementation. In this article, we improve the tracing algorithm of Tardos's code and propose a 2-secure and short random fingerprint code, which is secure against collusion attacks by two pirates. Our code length is significantly shorter than that of Tardos's code and its tracing error probability is practically small.

  • Fingerprinting Codes for Multimedia Data against Averaging Attack

    Hideki YAGI  Toshiyasu MATSUSHIMA  Shigeichi HIRASAWA  

     
    PAPER-Application

      Page(s):
    207-216

    Code construction for digital fingerprinting, which is a copyright protection technique for multimedia, is considered. Digital fingerprinting should deter collusion attacks, where several fingerprinted copies of the same content are mixed to disturb their fingerprints. In this paper, we consider the averaging attack, which is known to be effective for multimedia fingerprinting with the spread spectrum technique. We propose new methods for constructing fingerprinting codes to increase the coding rate of conventional fingerprinting codes, while they guarantee to identify the same number of colluders. Due to the new fingerprinting codes, the system can deal with a larger number of users to supply digital contents.

  • Symmetricity of the Protocols Related to Oblivious Transfer

    Daisuke INOUE  Keisuke TANAKA  

     
    LETTER

      Page(s):
    217-221

    In this paper, we show that each of the special cases of strong conditional oblivious transfer can be obtained from only one instance of its inverse. Each of our constructions is simple and efficient, and preserves the same security level of its inverse.

  • Flexible Timed-Release Encryption

    Maki YOSHIDA  Toru FUJIWARA  

     
    LETTER

      Page(s):
    222-225

    This paper presents a new scheme for Timed-Release Encryption (TRE), which is mainly designed for global use. TRE aims to control the timing of disclosing information. The major approach to TRE assumes that any participants can receive a time token broadcasted by a trusted agent, called a time server. Our scheme is based on this approach and allows participants to generate an encrypted message that can be decrypted using designated or any authenticated time servers including even those which are authenticated after encryption. In this sense, our scheme has a more flexible framework in terms of message decryption.

  • Regular Section
  • A Subtractive-Type Speech Enhancement Using the Perceptual Frequency-Weighting Function

    Seiji HAYASHI  Hiroyuki INUKAI  Masahiro SUGUIMOTO  

     
    PAPER-Speech and Hearing

      Page(s):
    226-234

    The present paper describes quality enhancement of speech corrupted by an additive background noise in a single-channel system. The proposed approach is based on the introduction of a perceptual criterion using a frequency-weighting filter in a subtractive-type enhancement process. Although this subtractive-type method is very attractive because of its simplicity, it produces an unnatural and unpleasant residual noise. Thus, it is difficult to select fixed optimized parameters for all speech and noise conditions. A new and effective algorithm is thus developed based on the masking properties of the human ear. This newly developed algorithm allows for an automatic adaptation in the time and frequency of the enhancement system and determines a suitable noise estimate according to the frequency of the noisy input speech. Experimental results demonstrate that the proposed approach can efficiently remove additive noise related to various kinds of noise corruption.

  • High-Accuracy Estimation of Image Rotation Using 1D Phase-Only Correlation

    Sei NAGASHIMA  Koichi ITO  Takafumi AOKI  Hideaki ISHII  Koji KOBAYASHI  

     
    PAPER-Digital Signal Processing

      Page(s):
    235-243

    This paper presents a technique for high-accuracy estimation of image rotation using 1D Phase-Only Correlation (POC). The rotation angle between two images is estimated as follows: (i) compute the amplitude spectra of the given images, (ii) transform the coordinate system of amplitude spectra from Cartesian coordinates to polar coordinates, and (iii) estimate the translational displacement between the polar-mapped amplitude spectra to obtain the rotation angle. While the conventional approach is to employ 2D POC for high-accuracy displacement estimation in (iii), this paper proposes the use of 1D POC with an adaptive line selection scheme. The proposed technique makes possible to improve the accuracy of rotation estimation for low contrast images of artificial objects with regular geometric shapes and to reduce the total computation cost by 50%.

  • A Variable Step Size Algorithm for Speech Noise Reduction Method Based on Noise Reconstruction System

    Naoto SASAOKA  Masatoshi WATANABE  Yoshio ITOH  Kensaku FUJII  

     
    PAPER-Digital Signal Processing

      Page(s):
    244-251

    We have proposed a noise reduction method based on a noise reconstruction system (NRS). The NRS uses a linear prediction error filter (LPEF) and a noise reconstruction filter (NRF) which estimates background noise by system identification. In case a fixed step size for updating tap coefficients of the NRF is used, it is difficult to reduce background noise while maintaining the high quality of enhanced speech. In order to solve the problem, a variable step size is proposed. It makes use of cross-correlation between an input signal and an enhanced speech signal. In a speech section, a variable step size becomes small so as not to estimate speech, on the other hand, large to track the background noise in a non-speech section.

  • Sliding Mode Control of a Class of Uncertain Nonlinear Time-Delay Systems Using LMI and TS Recurrent Fuzzy Neural Network

    Tung-Sheng CHIANG  Chian-Song CHIU  

     
    PAPER-Systems and Control

      Page(s):
    252-262

    This paper proposes the sliding mode control using LMI techniques and adaptive recurrent fuzzy neural network (RFNN) for a class of uncertain nonlinear time-delay systems. First, a novel TS recurrent fuzzy neural network (TS-RFNN) is developed to provide more flexible and powerful compensation of system uncertainty. Then, the TS-RFNN based sliding model control is proposed for uncertain time-delay systems. In detail, sliding surface design is derived to cope with the non-Isidori-Bynes canonical form of dynamics, unknown delay time, and mismatched uncertainties. Based on the Lyapunov-Krasoviskii method, the asymptotic stability condition of the sliding motion is formulated into solving a Linear Matrix Inequality (LMI) problem which is independent on the time-varying delay. Furthermore, the input coupling uncertainty is also taken into our consideration. The overall controlled system achieves asymptotic stability even if considering poor modeling. The contributions include: i) asymptotic sliding surface is designed from solving a simple and legible delay-independent LMI; and ii) the TS-RFNN is more realizable (due to fewer fuzzy rules being used). Finally, simulation results demonstrate the validity of the proposed control scheme.

  • Link of Data Synchronization to Self-Organizing Map Algorithm

    Takaya MIYANO  Takako TSUTSUI  

     
    PAPER-Nonlinear Problems

      Page(s):
    263-269

    We have recently developed a method for feature extraction from multivariate data using an analogue of Kuramoto's dynamics for modeling collective synchronization in a network of coupled phase oscillators. In our method, which we call data synchronization, phase oscillators carrying multivariate data in their natural and updated rhythms achieve partial synchronizations. Their common rhythms are interpreted as the template vectors representing the general features of the data set. In this study, we discuss the link of data synchronization to the self-organizing map algorithm as a popular method for data mining and show through numerical experiments how our method can overcome the disadvantages of the self-organizing map algorithm in that unintentional selections of inappropriate reference vectors lead to false feature patterns.

  • Transitional Dynamics and Quasi-Periodic Solution Observed in Two Asymmetrical Coupled Oscillators

    Kuniyasu SHIMIZU  Tetsuro ENDO  Takuya YOSHIMURA  

     
    PAPER-Nonlinear Problems

      Page(s):
    270-278

    In this paper, we investigate the transitional dynamics and quasi-periodic solution appearing after the Saddle-Node (SN) bifurcation of a periodic solution in an inductor-coupled asymmetrical van der Pol oscillators with hard-type nonlinearity. In particular, we elucidate, by investigating global bifurcation of unstable manifold (UM) of saddles, that transitional dynamics and quasi-periodic solution after the SN bifurcation appear based on different structure of UM.

  • VLSI Implementation of a VC-1 Main Profile Decoder for HD Video Applications

    Jinhyun CHO  Doowon LEE  Sangyong YOON  Sanggyu PARK  Soo-Ik CHAE  

     
    PAPER-VLSI Design Technology and CAD

      Page(s):
    279-290

    In this paper, we present a high-performance VC-1 main-profile decoder for high-definition (HD) video applications, which can decode HD 720p video streams with 30 fps at 80 MHz. We implemented the decoder with a one-poly eight-metal 0.13 µm CMOS process, which contains about 261,900 logic gates and on-chip memories of 13.9 KB SRAM and 13.1 KB ROM and occupies an area of about 5.1 mm2. In designing the VC-1 decoder, we used a template-based SoC design flow, with which we performed the design space exploration of the decoder by trying various configurations of communication channels. Moreover, we also describe architectures of the computation blocks optimized to satisfy the requirements of VC-1 HD applications.

  • New Families of Binary Sequences with Low Correlation and Large Size

    Zhengchun ZHOU  Xiaohu TANG  

     
    PAPER-Coding Theory

      Page(s):
    291-297

    In this paper, for odd n and any k with gcd(n,k) = 1, new binary sequence families Sk of period 2n-1 are constructed. These families have maximum correlation , family size 22n+2n+1 and maximum linear span . The correlation distribution of Sk is completely determined as well. Compared with the modified Gold codes with the same family size, the proposed families have the same period and correlation properties, but larger linear span. As good candidates with low correlation and large family size, the new families contain the Gold sequences and the Gold-like sequences. Furthermore, Sk includes a subfamily which has the same period, correlation distribution, family size and linear span as the family So(2) recently constructed by Yu and Gong. In particular, when k=1, is exactly So(2).

  • Interference Canceller Based on Cycle-and-Add Property for Single User Detection in DS-CDMA

    Ranga HETTIARACHCHI  Mitsuo YOKOYAMA  Hideyuki UEHARA  Takashi OHIRA  

     
    PAPER-Spread Spectrum Technologies and Applications

      Page(s):
    298-306

    In this paper, performance of a novel interference cancellation technique for the single user detection in a direct-sequence code-division multiple access (DS-CDMA) system has been investigated. This new algorithm is based on the Cycle-and-Add property of PN (Pseudorandom Noise) sequences and can be applied for both synchronous and asynchronous systems. The proposed strategy provides a simple method that can delete interference signals one by one in spite of the power levels of interferences. Therefore, it is possible to overcome the near-far problem (NFP) in a successive manner without using transmit power control (TPC) techniques. The validity of the proposed procedure is corroborated by computer simulations in additive white Gaussian noise (AWGN) and frequency-nonselective fading channels. Performance results indicate that the proposed receiver outperforms the conventional receiver and, in many cases, it does so with a considerable gain.

  • A Design Method for Separable-Denominator 2D IIR Filters with a Necessary and Sufficient Stability Check

    Toma MIYATA  Naoyuki AIKAWA  Yasunori SUGITA  Toshinori YOSHIKAWA  

     
    LETTER-Digital Signal Processing

      Page(s):
    307-310

    In this paper, we propose designing method for separable-denominator two-dimensional Infinite Impulse Response (IIR) filters (separable 2D IIR filters) by Successive Projection (SP) methods using the stability criteria based on the system matrix. It is generally known that separable 2D IIR filters are stable if and only if each of the denominators is stable. Therefore, the stability criteria of 1D IIR filters can be used for separable 2D IIR filters. The stability criteria based on the system matrix are a necessary and sufficient condition to guarantee stability in 1D IIR filters. Therefore, separable 2D IIR filters obtained by the proposed design method have a smaller error ripple than those obtained by the conventional design method using the stability criterion of Rouche's theorem.

  • A Variable Error Data Normalized Step-Size LMS Adaptive Filter Algorithm: Analysis and Simulations

    Chee-Hyun PARK  Kwang-Seok HONG  

     
    LETTER-Digital Signal Processing

      Page(s):
    311-314

    This paper investigates noise reduction performance and performs convergence analysis of a Variable Error Data Normalized Step-Size Least Mean Square (VEDNSS LMS) algorithm. Adopting VEDNSS LMS provides fast convergence at early stages of adaptation while ensuring small final misadjustment. An analysis of convergence and steady-state performance for zero-mean Gaussian inputs is provided. Simulation results comparing the proposed algorithm to existing algorithms indicate its superior performance under various noise and frequency environments.

  • A New Steering Law with Designated Direction Escape (DDE) for Control Moment Gyros

    Seung-Mok LEE  Seung-Wu RHEE  

     
    LETTER-Systems and Control

      Page(s):
    315-317

    In this letter we provide a steering law for redundant single-gimbal control moment gyros. The proposed steering law is an extended version of the singular direction avoidance (SDA) steering law based on the singular value decomposition (SVD). All internal singularities are escapable for any non-zero constant torque command using the proposed steering law.

  • Serial-Parallel Content Addressable Memory with a Conditional Driver (SPCwCD)

    Mingu KANG  Seong-Ook JUNG  

     
    LETTER-Circuit Theory

      Page(s):
    318-321

    In this paper, a novel content addressable memory (CAM) structure is proposed to improve the performance of a static divided word matching (SDWM) CAM. In the SDWM CAM, a small pmos has to be used to keep a noise margin, but it degrades performance significantly. To resolve this problem, a conditional driver is introduced in the proposed serial-parallel CAM. Performance is improved by 28.0% without additional power consumption at a cost of about 5.6% increased area when the total bit number is 32 with four series bits and 30% of VDD is allowed as noise.

  • Analysis of Revocable-iff-Linked Ring Signature Scheme

    Ik Rae JEONG  Jeong Ok KWON  Dong Hoon LEE  

     
    LETTER-Cryptography and Information Security

      Page(s):
    322-325

    In a linkable ring signature scheme, a signer himself selects a set of parties called a "ring" and signs the messages on behalf of the ring. Any party can know whether or not the ring signatures are made by the same signer, although the party cannot know the identity of the actual signer. Au, Liu, Susilo, and Yuen proposed an ID-based linkable ring signature scheme and an ID-based revocable-iff-linked ring signature scheme. With a revocable-iff-linked ring signature scheme, any party can recover the identity of the signer, if the signer makes two or more ring signatures. In this paper, we show that Au et al.'s revocable-iff-linked ring signature scheme does not provide anonymity, even if the signer makes only one ring signature. Anonymity is one of the most basic security requirements of ring signatures.

  • Simple Remarks on Carmichael Numbers

    Shigenori UCHIYAMA  

     
    LETTER-Cryptography and Information Security

      Page(s):
    326-328

    An odd composite number n for which an-1 ≡ 1 (mod n) for all integers a coprime to n is called a Carmichael number. This paper shows that some class of Carmichael numbers which have relatively large prime factors can be recognized in deterministic polynomial time under the assumption of the Extended Riemann Hypothesis (ERH). Also some related problems are discussed.

  • Security Analysis of a Multi-Receiver Identity-Based Key Encapsulation Mechanism

    Jong Hwan PARK  Dong Hoon LEE  

     
    LETTER-Cryptography and Information Security

      Page(s):
    329-331

    In INDOCRYPT 2006, Chatterjee and Sarkar suggested a multi-receiver identity-based key encapsulation mechanism that is secure in the full model without random oracles. Until now, it has been believed that their scheme is the only one to provide such a security feature, while achieving sub-linear size ciphertext. In this letter, we show that their scheme is insecure in the sense that any revoked user can retrieve a message encryption key, even without colluding with other revoked users. Our attack comes from an analysis of a publicly computable surjective function used in the scheme.

  • A Simple Expression of BER Performance in COFDM Systems over Fading Channels

    Fumihito SASAMORI  Yuya ISHIKAWA  Shiro HANDA  Shinjiro OSHITA  

     
    LETTER-Communication Theory and Signals

      Page(s):
    332-336

    Both adaptive modulation and diversity combining are attractive techniques to combat fading and these two can be applicable to each digital-modulated symbol in OFDM transmission. In this letter, aiming to combat severe fading more effectively than the adaptive modulation, we theoretically analyze the benefit of a frequency diversity scheme within one OFDM symbol, which is a simple kind of coded OFDM (COFDM) based on IEEE 802.16 protocols. A simple closed form equation of bit error rate (BER) is derived, and then the advantages of correlated diversity gain and interference suppression by the diversity scheme are verified by both theoretical analysis and Monte Carlo simulation.

  • A Robust Detection in the Case of Strong Narrowband Jammer with Unknown Nonstationary Power

    Victor GOLIKOV  Olga LEBEDEVA  

     
    LETTER-Communication Theory and Signals

      Page(s):
    337-341

    We present likelihood-ratio test (LRT) for detecting a signal in the presence of a known colored clutter, a white noise and a strong jammer with unknown nonstationary power. We have suggested the test allowing to remove completely all components of the jammer. It has been obtained the asymptotic inverse covariance matrix of the clutter with the jammer when the jammer power tends to infinite. Using this formula we developed the asymptotic LRT detection test. The performance of the new test statistic is analyzed and compared with well known eigencanceler-based detector. The effect of the jammer removing on the performance is evaluated for an example scenario.

  • On Some Properties of M-Ary Sidel'nikov Sequences

    Jung-Soo CHUNG  Young-Sik KIM  Tae-Hyung LIM  Jong-Seon NO  Habong CHUNG  

     
    LETTER-Spread Spectrum Technologies and Applications

      Page(s):
    342-345

    In this letter, we enumerate the number of cyclically inequivalent M-ary Sidel'nikov sequences of given length as well as the number of distinct autocorrelation distributions that they can have, while we change the primitive element for generating the sequence.