Updated on 2022/10/01

NOGAMI Yasuyuki

Organization
Faculty of Natural Science and Technology Professor
Homepage

Degree

• Ph.D (Engineering) ( Shinshu University )

Research Interests

• Intormation Security

• Cryptography

• Information Theory

• Elliptic curve cryptography

• Random Numbers

• Post Quantum Cryptography

• Pairing-based Cryptography

• IoT Security

Research Areas

• Manufacturing Technology (Mechanical Engineering, Electrical and Electronic Engineering, Chemical Engineering) / Communication and network engineering  / Information security

• Informatics / Information security  / Cryptography

Education

• Shinshu University Doctor course

1996.4 - 1999.3

More details

Country： Japan

• Shinshu University (Master course)   Graduate School, Division of Engineering

1994.4 - 1996.3

More details

• Shinshu University   工学部   電気電子工学科

1990.4 - 1994.3

More details

Country： Japan

Research History

• Okayama University   Vice Executive Director for Promotion of Digital Transformation Okayama University

2021.4

More details

• Professor,Graduate School of Natural Science and Technology,Okayama University

2017.4

More details

• Associate Professor,Graduate School of Natural Science and Technology,Okayama University

2010.4 - 2017.3

More details

Professional Memberships

• IEEE

1999.6

More details

• 電子情報通信学会

1996.6

More details

Committee Memberships

• 電子情報通信学会   基礎・境界ソサイエティ 特別委員

2019.6 - 2021.6

• IEICE   基礎・境界ソサイエティ 特別委員

2019.5 - 2021.6

More details

• IEICE   代議員会 代議員

2019.5 - 2020.6

More details

• 電子情報通信学会   代議員会 代議員

2019.4 - 2020.3

• IEICE   HWS technical group member

2018.4

More details

• IEICE   hardware security technical group member

2018.4 - 2022.6

More details

• 電子情報通信学会   著作権管理委員会 委員

2017.5 - 2019.6

• IEICE   ESS

2017.5 - 2019.6

• IEICE   ESS general affair secretary

2017.5 - 2019.6

More details

2017.5 - 2019.6

More details

• IEICE   ESS Finance secretary

2011.5 - 2013.6

More details

• IEICE   ESS

2011.5 - 2013.5

• IEICE   IT technical group member

2007.5 - 2013.6

More details

• IEICE   information theory technical group member

2007.5 - 2013.5

• IEICE   information security technical group member

2006.5 - 2021.6

• IEICE   ISEC technical group member

2006.5 - 2021.6

More details

• 岡山県高度情報化推進協議会   岡山県高度情報化推進協議会幹事

More details

Committee type：Municipal

• NICT テストベッド分科会   NICT テストベッド分科会 委員

More details

• 安全安心インターネット推進協議会   安全安心インターネット推進協議会 会員

More details

• 中国経済連合会SecurityWG   中国経済連合会SecurityWG 委員

More details

Committee type：Other

Papers

• Proposal of Piccolo-CMAC for Sigfox network

Wataru Takehisa, Ryo Fukushima, Ryoichi Sato, Daichi Hattori, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

2021 36th International Technical Conference on Circuits/Systems, Computers and Communications, ITC-CSCC 2021   2021.6

More details

Publishing type：Research paper (international conference proceedings)

We propose a CMAC using Lightweight Blockcipher Piccolo for a well-known LPWA: Sigfox network. Increasing numbers of a device link to the Internet with LPWA, However these devices does not have adequate resources. Our proposal would be an effective security measure for limited resource IoT devices with Sigfox network. Piccolo-CMAC is implemented by employing Piccolo-80 to encrypt message without using extra resources.

• Path Authentication Protocol: Based on a Lightweight MAC and a Nonlinear Filter Generator

Yuki Taketa, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

Communications in Computer and Information Science   1383 CCIS   38 - 48   2021

More details

Publishing type：Research paper (international conference proceedings)

In this research, the authors propose a functionality based on message authentication code (MAC) to ensure the correctness of its path from a source to a destination. It aims to use a controller area network (CAN) over driving system. In the construction, MAC and a pseudorandom number generator having an intentional group structure are employed so that the correct user can authenticate a message and its path. The proposed method is experimentally evaluated by observing the computational time over IoT devices. As a result, it is found that the results show that it is possible to implement as an additional function that gives path authentication with additional time at most 3 times for the corresponding computation.

• Ryoichi Sato, Yuta Kodera, Ali Md. Arshad, Takuya Kusaka, Yasuyuki Nogami, Robert H. Morelos-Zaragoza

Entropy   23 ( 9 )   1168 - 1168   2021

More details

Language：English   Publishing type：Research paper (scientific journal)   Publisher：MDPI

A cloud service to offer entropy has been paid much attention to. As one of the entropy sources, a physical random number generator is used as a true random number generator, relying on its irreproducibility. This paper focuses on a physical random number generator using a field-programmable gate array as an entropy source by employing ring oscillator circuits as a representative true random number generator. This paper investigates the effects of an XOR gate in the oscillation circuit by observing the output signal period. It aims to reveal the relationship between inputs and the output through the XOR gate in the target generator. The authors conduct two experiments to consider the relevance. It is confirmed that combining two ring oscillators with an XOR gate increases the complexity of the output cycle. In addition, verification using state transitions showed that the probability of the state transitions was evenly distributed by increasing the number of ring oscillator circuits.

• NANJO Yuki, SHIRASE Masaaki, KUSAKA Takuya, NOGAMI Yasuyuki

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   104 ( 1 )   315 - 318   2021

More details

Language：English   Publishing type：Research paper (scientific journal)   Publisher：The Institute of Electronics, Information and Communication Engineers

<p>To be suitable in practice, pairings are typically carried out by two steps, which consist of the Miller loop and final exponentiation. To improve the final exponentiation step of a pairing on the BLS family of pairing-friendly elliptic curves with embedding degree 15, the authors provide a new representation of the exponent. The proposal can achieve a more reduction of the calculation cost of the final exponentiation than the previous method by Fouotsa et al.</p>

• Nanjo Yuki, Shirase Masaaki, Kusaka Takuya, Nogami Yasuyuki

International Journal of Networking and Computing   11 ( 2 )   383 - 411   2021

More details

Language：English   Publishing type：Research paper (scientific journal)   Publisher：IJNC Editorial Committee

Pairings are widely used for innovative protocols such as ID-based encryption and group signature authentication. According to the recent works, the Barreto-Lynn-Scott (BLS) family of pairing-friendly elliptic curves is suggested for the pairings at the various security levels. One of the important facts is that the BLS family has fixed polynomial parameters of a field characteristic and group order in terms of an integer x_0. For practical pairing-based protocols, we have to carefully find x_0 which leads to efficient pairings, however, this search of x_0 is typically complicated. Thus, it is desired some convenient ways of finding x_0 which have advantageous for the pairings. For this reason, Costello et al. proposed simple restrictions for finding x_0 that generates the specific BLS subfamilies of curves with embedding degree k = 24 having one of the best field and curve constructions for the pairings. Since there are demands of such restrictions for the other cases of the embedding degrees, the authors extend their work and provide these for the cases of k = 2^m 3 and 3^n with arbitrary integers m, n>0 in this paper. The results will help to find new parameters which lead to one of the best performing pairings with the BLS family of curves with various k. The results also allow us to respond to change in the security levels of the pairings flexibly according to the progress in the security analyses in the future.

• Miura Hiromasa, Kanzawa Syota, Matsumura Rikuya, Kodera Yuta, Kusaka Takuya, Nogami Yasuyuki

International Journal of Networking and Computing   11 ( 2 )   231 - 250   2021

More details

Language：English   Publishing type：Research paper (scientific journal)   Publisher：IJNC Editorial Committee

In this paper, the authors focus on and propose an approach to attack a kind of pairing-friendly curves, the Barreto-Naehring (BN) curve, to accelerate the evaluation of the security level concerning the elliptic curve discrete logarithm problem (ECDLP). More precisely, this paper targets the BN curve, which is known to be a pairing-friendly curve, and Pollard's rho method based on the random-walk is adopted to attack the curve.Though Pollard's rho method with skew Frobenius mapping is known to solve the ECDLP efficiently, this approach sometimes induces the unsolvable cycle, called the fruitless cycle, and such trials must restart with a different starting point. However, any effective method to eliminate such fruitless cycles has not been proposed. Therefore, the authors focus and give the sophisticated analysis to propose an effective approach to eliminate such cycles to optimize Pollard's rho method furthermore. In addition, we confirm the effectiveness of the method by applying it to a BN curve with 12, 17, and 33-bit parameters.

• Daichi Hattori, Yuto Takahashi, Tomoya Tatara, Yuki Nanjo, Takuya Kusaka, Yasuyuki Nogami

IEEE International Conference on Consumer Electronics-Taiwan(ICCE-TW)   1 - 2   2021

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

• Sota Eguchi, Takeru Miyazaki, Satoshi Uehara, Shunsuke Araki, Yasuyuki Nogami

IEEE International Conference on Consumer Electronics-Taiwan(ICCE-TW)   1 - 2   2021

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

• Keiji Yoshimoto, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

IEEE International Conference on Consumer Electronics-Taiwan(ICCE-TW)   1 - 2   2021

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

• Hiroaki Nasu, Yuta Kodera, Yasuyuki Nogami

IEEE International Conference on Consumer Electronics-Taiwan(ICCE-TW)   1 - 2   2021

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

• Taiki Miyamoto, Ryo Fukushima, Kazuaki Harada, Keiji Yoshimoto, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

IEEE International Conference on Consumer Electronics-Taiwan(ICCE-TW)   1 - 2   2021

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

• Kako Takahashi, Takeru Miyazaki, Shunsuke Araki, Satoshi Uehara, Yasuyuki Nogami

IEEE International Conference on Consumer Electronics-Taiwan(ICCE-TW)   1 - 2   2021

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

• Ryoichi Sato, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

IEEE International Conference on Consumer Electronics-Taiwan(ICCE-TW)   1 - 2   2021

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

• Yuta Kodera, Yasuyuki Nogami

Finite Fields and their Applications   71 - 86   2020.10

More details

Publishing type：Part of collection (book)   Publisher：De Gruyter

• Implementation and Evaluation of an Efficient MAC Based on OMAC for CAN on 8-Bit Microcomputer

Yuta Fujioka, Hiroto Ogura, Yuki Ueno, Takuya Kusaka, Yasuyuki Nogami

ITC-CSCC 2020 - 35th International Technical Conference on Circuits/Systems, Computers and Communications   342 - 347   2020.7

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In this study, a new MAC based on OMAC is implemented in Arduino Uno. In addition, a function to update the common key based on pseudo-random numbers is additionally implemented. A re-verification function of the MAC value on the receiving ECU is also implemented. Similarly, these features have been implemented for the Raspberry Pi. Communication with Arduino is possible. The time taken to calculate the MAC and the time required to update the key are measured for the Arduino and Raspberry Pi, respectively. As a result, both of the OMAC processing time and the key update time in both of the microcomputers satisfied a time constraints.

• A Technique for Fast Miller's Algorithm of Ate Pairings on Elliptic Curves with Embedding Degrees of Multiple of Three

Yuki Nanjo, Masaaki Shirase, Takuya Kusaka, Yasuyuki Nogami

ITC-CSCC 2020 - 35th International Technical Conference on Circuits/Systems, Computers and Communications   283 - 287   2020.7

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Bilinear pairings are widely used for innovative protocols such as ID-based encryption and group signature authentication. According to the current research of the pairings, not only families of pairing-friendly elliptic curves with embedding degrees of multiple of four or six but also that of multiple of three can realize efficient pairings. However, the range of the practical choices of the elliptic curves with embedding degrees of multiple of three is more restricted than that of even embedding degrees by an efficiency reason for the computation of Miller's algorithm with a signed binary representation of a loop parameter. To ease the restriction, the authors propose to compute the Miller's algorithm by swapping the sign of the loop parameter without performance degradation for the ate pairing on such the elliptic curves.

• An Explicit Formula of Cyclotomic Cubing Available for Pairings on Elliptic Curves with Embedding Degrees of Multiple of Three

Yuki Nanjo, Masaaki Shirase, Takuya Kusaka, Yasuyuki Nogami

ITC-CSCC 2020 - 35th International Technical Conference on Circuits/Systems, Computers and Communications   288 - 292   2020.7

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Bilinear pairings are widely used for innovative protocols such as ID-based encryption and group signature authentication. According to the current research of the pairings, not only families of pairing-friendly elliptic curves with embedding degrees of multiple of four or six but also that of multiple of three are attractive choices for practical pairings. However, the pairings on such the elliptic curves cannot benefit from an efficient performing squaring available in a cyclotomic subgroup which plays an important role in fast final exponentiation. As one of the candidates of replacements of the squaring, the authors consider an efficient performing cubing available in the cyclotomic subgroup.

• Electrical Falsification of CAN Data by Magnetic Coupling

Hiroto Ogura, Ryunosuke Isshiki, Kengo Iokibe, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

ITC-CSCC 2020 - 35th International Technical Conference on Circuits/Systems, Computers and Communications   348 - 353   2020.7

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Controller Area Network (CAN) is widely employed as an in-vehicle network, and is required for extremely high reliability. CAN uses five mechanisms to detect errors caused by channel noises in CAN frames. However, an adversary can reportedly falsify a CAN frame by tampering with sample points in the frame. In this paper, the effectiveness of a new falsification method that does not require sample point tampering is proposed. In the method, transient electromagnetic pulses are injected into a CAN bus by magnetic coupling that enables falsification at the target CAN node without error detection. The proposed method was examined on a CAN bus which consists of two CAN nodes. As a result, the new falsification method was effective for CAN.

• Implementation and Evaluation of Ate Pairings on Elliptic Curves with Embedding Degree 10 Applied Type-II All-One Polynomial Extension Field of Degree 5

Rikuya Matsumura, Yuto Takahashi, Yuki Nanjo, Takuya Kusaka, Yasuyuki Nogami

ITC-CSCC 2020 - 35th International Technical Conference on Circuits/Systems, Computers and Communications   336 - 341   2020.7

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Pairing-based cryptography has received much attention as an encryption method for realizing advanced cryptography such as ID-based encryption and searchable encryption. In a pairing-friendly elliptic curve of embedding degree 10, calculation cost of multiplication and squaring on extension fields of degree 5 are related to efficiency of pairing. Therefore, it is necessary to select an efficient multiplication and squaring algorithms on the extension field of degree 5. To apply these algorithms, the authors implement a pairing on an elliptic curve of embedding degree 10 with type-II all-one polynomial extension field (AOPF) of degree of 5 and optimal extension field (OEF) of degree of 5. As a result, the computational complexity of pairing with the expanded AOPF of degree 5 are almost 7.4% efficient than that of the expanded OEF of degree 5.

• An Implementation and Evaluation of a Pairing on Elliptic Curves with Embedding Degree 14

Zihao Song, Rikuya Matsumura, Yuto Takahashi, Yuki Nanjo, Takuya Kusaka, Yasuyuki Nogami, Tsutomu Matsumoto

ITC-CSCC 2020 - 35th International Technical Conference on Circuits/Systems, Computers and Communications   293 - 298   2020.7

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

As the computer architecture technology evolves, communication protocols have been demanded not only having reliable security but also flexible functionality. Advanced cryptography has been expected as a new generation cryptography which suffices such the requirements. A pairing is one of the key technologies of the cryptography and the pairing has been known as having a substantial amount of construction parameters. Recently, the elliptic curve with embedding degree 14 is evaluated as one of the efficient curves for pairing. In the paper, we implement an optimal ate pairing on the elliptic curve by applying several variants of multiplication algorithms of extension field of degree 7 on multiple devices. The best multiplication algorithm among the candidates is derived. Besides, for efficient calculations, we propose a pseudo 7-sparse algorithm and a fast calculation method of final exponentiation. As a result, we discover the proper multiplication algorithm bases on the rate of addition and multiplications on several different computer platforms. Our proposed pseudo 7-sparse algorithm is approximately 1.54% faster than a regular algorithm on almost all tested platforms. Eventually, for the total execution time of pairing we record 9.33ms on Corei5-9500.

• An Efficient File Hierarchy Attribute Based Encryption Using Optimized Tate Pairing Construction in Cloud Environment

Balaji Chandrasekaran, Yasuyuki Nogami, Ramadoss Balakrishnan

Journal of Applied Security Research   15 ( 2 )   270 - 278   2020.4

More details

Language：English   Publishing type：Research paper (scientific journal)   Publisher：TAYLOR & FRANCIS INC

One of the most preferred encryption techniques for data sharing in cloud environment is Ciphertext-Policy Attribute Based Encryption (CP-ABE). An efficient File Hierarchy CP-ABE (FH-CP-ABE) scheme using an integrated access structure was proposed by Wang and colleagues. Their working construction was based on symmetric pairing. In this article, we propose an efficient Asymmetric File Hierarchy Ciphertext-Policy Attribute Based Encryption (AFH-CP-ABE) which is based on an asymmetric pairing construction using denominator elimination and twist mapping. We apply this optimized Tate pairing in the proposed AFH-CP-ABE to find out its computational costs for encryption and decryption using gmp 6.0.0 library and then compared with existing schemes.

• Secure Information Transmission Framework in Wireless Body Area Networks

Balaji Chandrasekaran, Ramadoss Balakrishnan, Yasuyuki Nogami

Journal of Applied Security Research   15 ( 2 )   279 - 287   2020.4

More details

Language：English   Publishing type：Research paper (scientific journal)   Publisher：TAYLOR & FRANCIS INC

Secured information transmission is one of the critical challenges in Wireless Body Area Networks (WBAN). The main motivation of this paper is secure transmission of highly sensitive patient information with reduced computation cost and storage requirements. In this paper, we integrate Ciphertext-Policy Attribute Based Encryption (CPABE) with Constant Size Ciphertext (CPABE-CSC) and Blowfish algorithm for secure transmission of sensitive patient information. The experimental results show the efficiency of the proposed scheme in terms of computation cost and ciphertext size when compared with existing schemes.

• Nanjo Yuki, Shirase Masaaki, Kusaka Takuya, Nogami Yasuyuki

International Journal of Networking and Computing   10 ( 2 )   227 - 241   2020

More details

Language：English   Publishing type：Research paper (scientific journal)   Publisher：IJNC Editorial Committee

It is well-known that quadratic extension fields (QEFs) based on optimal extension fields (OEFs) are typically used for supersingular isogeny Diffie-Hellman (SIDH) key exchange protocol. On the other hand, there is a possibility of the performance improvement of SIDH by employing other attractive choices of QEFs with efficient performing arithmetics which are based on all-one polynomial extension fields (AOPFs) and extension fields with normal basis representation (EFNs). Thus, the authors confirm that the applicability of the new candidates of QEFs for SIDH and evaluate SIDH applied the possible choices of QEFs. As a result of the experiment, the authors found that the performances of SIDH applied the QEFs based on AOPF and EFN are comparable to that of the previous QEF. Moreover, one of the QEFs based on EFN result in a new efficient implementation of the SIDH with SIDH-friendly prime given as p= 2^{e_A}3^{e_B}f+1 where e_A, e_B and $f$ are positive integers.

• NANJO Yuki, SHIRASE Masaaki, KUSAKA Takuya, NOGAMI Yasuyuki

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   103 ( 12 )   1403 - 1406   2020

More details

Language：English   Publishing type：Research paper (scientific journal)   Publisher：The Institute of Electronics, Information and Communication Engineers

<p>A quadratic extension field (QEF) defined by F1 = Fp[α]/(α2+1) is typically used for a supersingular isogeny Diffie-Hellman (SIDH). However, there exist other attractive QEFs Fi that result in a competitive or rather efficient performing the SIDH comparing with that of F1. To exploit these QEFs without a time-consuming computation of the initial setting, the authors propose to convert existing parameter sets defined over F1 to Fi by using an isomorphic map F1Fi.</p>

• Keiji Yoshimoto, Yoshinori Uetake, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

International Journal of Networking and Computing   10 ( 2 )   144 - 158   2020

More details

Publishing type：Research paper (scientific journal)   Publisher：IJNC Editorial Committee

• Yuta Kodera, Yuki Taketa, Takuya Kusaka, Yasuyuki Nogami, Satoshi Uehara

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   12231 LNCS   23 - 36   2020

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：SPRINGER INTERNATIONAL PUBLISHING AG

The existence of equivalent keys for a secret key is an inseparable topic in cryptography. Especially for pseudorandom number generators for cryptographic applications, equivalent keys are not only a specific pair of keys that generate the same sequence but includes the one that gives simply the phase-shifted sequence. In this paper, the authors especially focus on a kind of nonlinear filter generator (NLFG) defined by using a power residue calculation over an odd characteristic. Generally speaking, an evaluation of NLFGs has conducted by the randomness of the sequence itself and the security of keys. Though the previous evaluations of the randomness of the target NLFG are studied and proven theoretically, the security aspects as a cryptosystem still have not discussed. Therefore, this paper would like to begin a new security evaluation by focusing on the existence of equivalent keys for the NLFG. As a result, the authors first show that sequences generated by the NLFG are classified into several types of sequences depending on the choice of a certain parameter. Owing to this, it is found that there exist equivalent keys concerning the parameter corresponding to the above. At the same time, we show that the equivalent keys are possible to eliminate by giving the restriction on the corresponding parameter adequately.

• Jianjie Tang, Kengo Iokibe, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020   368 - 372   2020

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In recent years, some lightweight cipher algorithms for IoT devices have been proposed. These algorithms can be applied to a variety of IoT devices without occupying too much memory and power consumption, and compared to traditional ciphers, such as AES, these algorithms have higher efficiency. The Speck algorithm is a lightweight block cipher, proposed by the NSA in June 2013, and it is specifically optimized for IoT microcontrollers. A few previous studies have shown that the Speck algorithm can be attacked through power analysis. Based on Arduino Uno as the implementation platform of the Speck 128/128 algorithm, in this paper, we propose a method to attack the Speck 128/128 algorithm. Our experiment results have shown that when the attack point in the last round of Speck 128/128 XOR operation, the round key can be successfully recovered by the Correlation Power Analysis attack.

• Yuki Nanjo, Masaaki Shirase, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020   348 - 354   2020

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Pairings are widely used for innovative protocols such as ID-based encryption and group signature authentication. According to the recent works, the Barreto-Lynn-Scott (BLS) family of pairing-friendly elliptic curves are suggested for the pairings at the various security levels. The BLS family has specific polynomial parameters in terms of an integer x0 for generating the pairing-friendly elliptic curves with various embedding degrees k, which are called BLS curves. The important fact is that one can find congruence classes of x0 which give rise to the BLS curves having a benefit of an efficient performing field arithmetics. However, except for the BLS curves with k = 24, such the practical usable congruence classes of x0 have not been provided at this time. In this manuscript, the authors provide the specific congruence classes generating the practical subfamilies of the BLS curves with k = 2i • 3 and 3j with arbitrary positive integers i and j.

• Fatema Akhter, Tomoya Tatara, Yasuyuki Nogami, Takuya Kusaka, Nobuo Funabiki

Proceedings - 2020 8th International Symposium on Computing and Networking Workshops, CANDARW 2020   302 - 306   2020

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Pseudo random binary sequences have been widely used in cryptographic applications due to their speedy construction, reproducibility and characteristics like true random sequence. Realization of modern cryptographic application and mathematical tools is inconceivable without random sequences. Previously, we proposed an alternative trace map function for generation of a pseudo random binary sequence that has long period, good correlation characteristics and high linear complexity that are attractive for security applications. However, it was found that the distribution of bits in sequence is not uniform which may lead to failure in randomness. In this paper, we propose a uniformization method using power of primitive root to improve uniformity of bit distribution in the sequence. Sequence of different lengths is generated using proposed sequence to verify the efficiency of the proposed uniformization method. By analyzing the bit distribution of generated sequences for different length of patterns, we show that the proposal achieves bit uniformity while maintaining randomness of the sequence.

• Hiromasa Miura, Rikuya Matsumura, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020   160 - 166   2020

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Pollard’s rho method is one of the most efficient methods for solving elliptic curve discrete logarithm problem (ECDLP) in elliptic curve cryptography. Pollard’s rho method with skew Frobenius mapping can solve ECDLP over a Barreto-Naehrig (BN) curve efficiently. Pollard’s rho method may result in an unsolvable cycle called a fruitless cycle. When a random walk pass results in a fruitless cycle, the random walk pass must restart with a different starting point. However, an effective method for eliminating the fruitless cycle has been not proposed yet. This paper proposes a method for eliminating the fruitless cycle in Pollard’s rho method with skew Frobenius mapping. In addition, the authors apply the proposed method to a BN curve with 17-bit parameters and confirm the effectiveness.

• Sota Eguchi, Takeru Miyazaki, Shunsuke Araki, Satoshi Uehara, Yasuyuki Nogami

Proceedings of 2020 International Symposium on Information Theory and its Applications, ISITA 2020   451 - 455   2020

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

We have been studying a design of the pseudo-random number generator by generated sequences with the logistic map over integers. Although it has already been presented that such properties of the generation sequences are good, the range of control parameters that satisfy the properties is not enough wide. To improve this problem, Wang et al. proposed the piecewise logistic map. It is method for increasing the range of control parameters that can generate good sequences for the pseudorandom number generator. However, it is not suitable for computer implementation, because it is defined over real numbers. In this paper, we will propose a piecewise logistic map over integers that uses an integer arithmetic and computers can calculate the map correctly. We will also show some results of numerical experiments for the sequences generated from this map.

• Yuta Kodera, Tomoya Tatara, Takuya Kusaka, Yasuyuki Nogami, Satoshi Uehara

Proceedings of 2020 International Symposium on Information Theory and its Applications, ISITA 2020   447 - 450   2020

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In this paper, the authors propose an algorithm to generate a sequence of bits in parallel to enhance the generating performance of the Blum-Micali method which is for constructing a pseudorandom number generator. More precisely, since the classical definition needs to refer the previous state to generate the next bit, we modify the generation steps in an alternative way by introducing the feature of the Gauss periods. It gives us a unique representation of elements as if a primitive element generates those elements as the powers and this mechanism realizes the parallel algorithm. As a result, the generator achieves to mimic the main concept of the Blum-Micali method in parallel and it is thought to be secure if the discrete logarithm problem is hard to solve.

• Kasumi Nakano, Kako Takahashi, Satoshi Uehara, Takeru Miyazaki, Shunsuke Araki, Yasuyuki Nogami

Proceedings of 2020 International Symposium on Information Theory and its Applications, ISITA 2020   460 - 464   2020

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

We show some properties of binary sequences located in Hadamard matrices of order 2〈n〉 represented by Sylvester's matrices. The Kronecker product is a method for expanding Hadamard matrix, and a set of sequences with orthogonal properties is extended by concatenation or interleaving. From these expanding methods and properties related to constructions, we discuss the increase of the set of orthogonal sequences. Finally, we show the characteristic polynomials of binary sequences located in Hadamard matrices of order 2〈n〉.

• Yuki Taketa, Yuta Kodera, Shogo Tanida, Takuya Kusaka, Yasuyuki Nogami, Norikazu Takahashi, Satoshi Uehara

Proceedings of the Seventh International Symposium on Computing and Networking Workshops   394 - 400   2019.11

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE COMPUTER SOC

Machine learning (ML) technology has been getting popular in many applications where ML purposes to analyze or classify data, or predicting the phenomenon follows from the previous conditions, for example. However, the spread of ML technologies allows an attacker to use them into the attack for the sake of sniffing secret information. Since the randomness has been used for an inseparable part of the cryptographic applications to ensure the security, the resistance of a random sequence against analysis based on the ML technologies have to be required. The authors anticipate having the mutual relationship between the classical properties of the randomness, linear complexity (LC) in particular, and the structure of a neural network (NN), which is a class of ML. In this research, the authors find that the strength of each connection between nodes in the NN is relevant to the linear recurrence relation of the target sequence by observing parameters after complete learning. In other words, the difficulty of predicting the next bits from a given sequence would be discussed based on the LC of a sequence in most cases. The experimental results are introduced to clarify the black box in this research.

• An Implementation and Evaluation of Pairing Library ELiPS for BLS Curve with Several Techniques

Yuto Takahashi, Yuki Nanjo, Takuya Kusaka, Yasuyuki Nogami, Tadaki Kanenari, Tomoya Tatara

34th International Technical Conference on Circuits/Systems, Computers and Communications, ITC-CSCC 2019   296 - 299   2019.6

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In recent years, pairing encryption is receiving a lot of attention since it enables many innovative and multi-functional cryptographic applications based on pairing e.g. searchable encryption, broadcast encryption and so on. Pairing is a map from two additive rational point groups mathbb{G}{1}, mathrm{G}{2} to a multiplicative group mathbb{G}{3}, however, it requires complexity computation. Therefore, the author tries to develop a 128-bit security level pairing library ELiPS (Efficient Library for Pairing Systems) that incorporates various high-speed methods using BLS curves. As a result, scalar multiplications on mathbb{G}{1} and mathbb{G}{2}, exponentiation on mathbb{G}{3}, and optimal-ate pairing can be computed in 0.42[ms], 0.79[ms], 1.13[ms], and 3.12[ms], respectively.

• A Comparison of Relic-toolkit and ELiPS Libraries for a Pairing-based Homomorphic Encryption

Tadaki Kanenari, Yuto Takahashi, Yuta Hashimoto, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami, Toru Nakanishi

34th International Technical Conference on Circuits/Systems, Computers and Communications, ITC-CSCC 2019   225 - 228   2019.6

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In recent years, the number of companies are adopting cloud computing service for outsourcing is increasing. On the other hand, there are threats that are like falsification or leakage to data to be kept secret. Therefore, the technologies for managing encrypted data are the attractive topics in the cryptographic field. Among them, functional encryption which is constructed with pairing-based cryptography is closing to the practical stage because pairing operation is getting faster by the recent study of pairing. In addition, there are some pairing libraries which allow a user to introduce the pairing-based cryptography to their system. Nevertheless, they have some differences in several operations. In this paper, we reconstruct pairing-based homomorphic encryption by focusing on features of libraries and examine the performance evaluations of them.

• Updating A Secret Key for MAC Implemented on CAN Using Broadcast Encryption Scheme

Tomoya Tatara, Hiroto Ogura, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

34th International Technical Conference on Circuits/Systems, Computers and Communications, ITC-CSCC 2019   275 - 278   2019.6

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In recent years, CAN is spread widely as the in-vehicle network. However, CAN protocol does not guarantee the security for traffics against falsification and spoofing. Therefore, the MAC is required for CAN so as to communicate exactly. MAC is the countermeasure for falsification and spoofing using the secret key. The problem is a method of delivering the secret key securely. This paper proposes a method to update the secret key using broadcast encryption over a non-supersingular elliptic curve. The method is implemented on Raspberry Pi and experimentally find out to be able to update the secret key efficiently.

• Analysis of the fruitless cycle of Pollard's rho method based attack for solving ECDLP over Barreto-Naehrig curves

Hiromasa Miura, Ken Ikuta, Sho Joichi, Takuya Kusaka, Yasuyuki Nogami

34th International Technical Conference on Circuits/Systems, Computers and Communications, ITC-CSCC 2019   237 - 240   2019.6

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

This paper focuses on the computational security of elliptic curve discrete logarithm (ECDLP), which can evaluate by an actual attack. The authors apply Pollard's rho method to a Barreto-Naehrig curve with minimum parameters for solving an ECDLP. An analysis of the structure for all combinations of a select of seed and starting points are given. Then, we propose the method for selecting a set of efficient seed points for a random walk for the rho method.

• A Study on Low Level Quantizers for Block Turbo Decoding for Product Codes of Binary Linear Code

Shinichi Kageyama, Ken Ikuta, Takuya Kusaka, Yasuyuki Nogami

34th International Technical Conference on Circuits/Systems, Computers and Communications, ITC-CSCC 2019   233 - 236   2019.6

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Block Turbo Decodings (BTDs) with Soft-In Soft-Out (SISO) decodings for two dimensional product codes of linear codes can achieve good error performance, however, large computational complexity of the BTDs can be a problem. Therefore, to reduce the computational complexity, quantization methods can be employed for the BTDs by sacrificing the error performance. In this paper, a study on design for low level quantizers for the BTD with S1SO Ordered Statistics Decoding for product codes of binary linear code is shown. From simulation results for a 4-level quantizer, the authors propose a new 5-level quantizer. The proposed 5-level quantizer achieves better error performance than 4-level quantizer.

• NIST Statistical Test for Random Sequence Generated by Möbius Function

Fatema Akhter, Yuta Kodera, Yasuyuki Nogami, Takuya Kusaka

2019 IEEE International Conference on Consumer Electronics - Taiwan, ICCE-TW 2019   2019.5

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Random sequences play important roles in many security applications. Several security protocols have been developed based on random sequences. Hence, their generation is one of the topic of interests among many cryptographic researchers. Previously, the authors proposed a pseudo random sequence over odd characteristic field which is generated by applying primitive polynomial, trace function and Mobius function. Some important properties such as period, autocorrelation and cross-correlation have been presented in previous work. Randomness is generally measured by statistical tests and NIST Statistical Test Suite (NIST STS) is one of the most popular tools for randomness analysis. In this work, the randomness of the generated sequence is investigated by NIST STS.

• Boundary for the Linear Complexity of Well Balanced NTU

Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

2019 IEEE International Conference on Consumer Electronics - Taiwan, ICCE-TW 2019   2019.5

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

A pseudorandom sequence has an inseparable role in various types of security applications. Especially, the linear complexity of a sequence is a measure of the randomness that should be large for secureness of a system. This paper considers the boundary of linear complexity of a geometric sequence called NTU sequence which is generated with a uniformization technique.

• A Consideration on Generating Uniform Binary Sequence with High Linear Complexity

Tomoya Tatara, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

2019 IEEE International Conference on Consumer Electronics - Taiwan, ICCE-TW 2019   2019.5

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Pseudorandom sequences of having a uniform distribution of bit patterns and high linear complexity play a key role in many security applications. However, only a few pseudorandom sequence possesses both of these vital features. In this paper, the authors propose and evaluate a geometric sequence that has a uniform distribution and high linear complexity.

• A Study on the Parameter Size of the Montgomery Trick for ECDLP Reviewed

Ken Ikuta, Sho Joichi, Kazuya Kobayashi, Md Al Amin Khandaker, Takuya Kusaka, Yasuyuki Nogami

Proceedings of 2018 International Symposium on Information Theory and Its Applications, ISITA 2018   623 - 627   2019.3

More details

Publishing type：Research paper (international conference proceedings)

© 2018 IEICE. In this research, the choice of the parameter of the Montgomery trick in Pollard's Rho method to solve the elliptic curve discrete logarithm problem for Barreto-Naehrig (BN) curves is shown. The average number of generated rational points per unit time is chosen as a measure of the effectiveness of the choice of the parameter of the Montgomery trick. The results are derived from a sufficient number of experiments with several BN curves.

• Ken Ikuta, Sho Joichi, Kazuya Kobayashi, Md Al Amin Khandaker, Takuya Kusaka, Yasuyuki Nogami

Proceedings of 2018 International Symposium on Information Theory and Its Applications, ISITA 2018   628 - 632   2019.3

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

© 2018 IEICE. In this research, the choice of the parameter for a method to generate distinguished rational points in Pollard's Rho method to solve the elliptic curve discrete logarithm problem for Barreto-Naehrig (BN) curves is shown. The structures of random walk paths are confirmed by experiments for several BN curves. From the results, the authors clarify the conditions in which the Rho method does not stop during an attack, and the authors also show an indication for the choice of the parameter for the method to generate distinguished points with large bits of ECDLP.

• Development of Practicum in Cryptographic Hard-ware Security Using Commercial Microcontroller Module

Kengo Iokibe, Yoshinori Uetake, Toshiaki Teshima, Akihiro Sanada, Yasuyuki Nogami

Computer Software   36 ( 1 )   30 - 36   2019

More details

Publishing type：Research paper (scientific journal)

The authors developed a practicum in the cryptographic technology, an indispensable technology to guar- A ntee information security in the upcoming IoT era. The practicum is composed of a lecture in a part of algebra and discrete mathematics that founds modern cryptography, hardware implementation of crypto-graphic algorithms, and the side-channel attack on cryptographic hardware. It aimed not only that students learned textbook knowledge of cryptographic algorithms but also they developed their knowledge of imple-menting cryptographic algorithms considering the threat of the side-channel attack through their experience implementing the algorithms on a commercial hardware and attacking them. The practicum was offered to the third- A nd fourth-year students, and most of them achieved the required goal of the practicum. They also realized improving their practical skills in the cryptographic technology according to their responses to the questionnaire.

• Takeru Miyazaki, Shunsuke Araki, Kohei Kawase, Satoshi Uehara, Yasuyuki Nogami

2019 9th International Workshop on Signal Design and its Applications in Communications, IWSDA 2019   1 - 5   2019

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In this paper, we give some important characteristics of Knuth's quadratic congruential sequences with a particular modulus as a pseudorandom number generator. For modulus m = 2W p where p is an odd prime, we derive some periodic relations of the sequence by using analysis results shown by Iwasaki and Umeno for their one-stroke polynomial. Accordingly, we have theoretical analysis for randomness of these sequences and evaluate pseudorandom number outputs by these sequences by the NIST statistical tests.

• Yuta Kodera, Yuki Taketa, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2019 7th International Symposium on Computing and Networking, CANDAR 2019   157 - 163   2019

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE COMPUTER SOC

The increment of opportunities for using machine learning (ML) technologies has brought a new threat to cryptosystems. As a remarkable example, the ML technologies have gradually been employed in the side-channel attack (SCA) to obtain sensitive information. In this paper, the authors focus on the structure of a masked S-Box in AES, which aims to equip the SCA resistance even for the attacks using the ML technologies. More precisely, this paper analyzes the mathematical structure of the inverse operation over F(24)2 which is an isomorphic field for obtaining efficient arithmetic for the AES, so that all functions in the encryption scheme can handle masked data as it is. The mathematical structure is realized by introducing several mathematical tools such as the Gauss periods and the Itoh-Tsujii inversion algorithm, and as a result, we clarified the factors of the coefficients of A-1 for an element A F(24)2. It enables us to generate the corresponding element directly, which allows canceling the mask even after processing the SubBytes.

• Yuta Kodera, Minoru Kuribayashi, Takuya Kusaka, Yasuyuki Nogami

Information Security Applications   11402 LNCS   241 - 252   2019

More details

Publishing type：Part of collection (book)   Publisher：Springer International Publishing

This paper considers a new construction of a keyword search including partial matching on an encrypted document. Typically, an index-based searchable symmetric encryption has been investigated. However, it makes a partial keyword matching difficult without a designated trapdoor. Thus, our objective is to propose a keyword search scheme which enables us to search a part of a keyword only by building trapdoors of each original keyword. The main idea is to insulate each character of a keyword into a bitstream of the sequence generated by a pseudorandom number generator. It achieves a partial search by giving a restriction on the length of a keyword.

• Md. Arshad Ali, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami, Satoshi Uehara, Robert H. Morelos-Zaragoza

Advances in Science, Technology and Engineering Systems Journal   4 ( 2 )   370 - 379   2019

More details

Publishing type：Research paper (scientific journal)   Publisher：ASTES Journal

The distribution of bit patterns is an important measure to check the randomness of a sequence. The authors of this paper observed this crucial property in a binary sequence which generated by using a primitive polynomial, trace function, and Legendre symbol defined over the sub extension field. The authors create a new dimension in the sequence generation research area by considering the sub extension field, whereas all our previous works are focused in the prime field. In terms of distribution of bit patterns property, this research work has notable outcomes more specifically the binary sequence (defined over the sub extension field) holds much better (close to uniform) bit distribution than the previous binary sequence (defined over the prime field). Furthermore, the authors theoretically proved the distribution of bit property in this paper.

• Efficient ate-based pairing over the attractive classes of BN curves Reviewed

Yuki Nanjo, Md Al Amin Khandaker, Masaaki Shirase, Takuya Kusaka, Yasuyuki Nogami

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   11402 LNCS   55 - 67   2019

More details

Publishing type：Research paper (international conference proceedings)

© Springer Nature Switzerland AG 2019. This paper proposes two attractive classes of Barreto-Naehrig curve for ate-based pairing by imposing certain condition χ ≡ 7, 11 (mod 12) on the integer χ that parameterizes the curve settings. The restriction results in an unparalleled way to determine a BN curve, its twisted curve coefficients, and obvious generator points. The proposed χ ≡ 11 (mod 12) are found to be more efficient than χ ≡ 7 (mod 12) together with pseudo 8-sparse multiplication in Miller's algorithm. The authors also provide comparative implementations for the proposal.

• Hiromasa Miura, Rikuya Matsumura, Ken Ikuta, Sho Joichi, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2019 7th International Symposium on Computing and Networking Workshops, CANDARW 2019   353 - 359   2019

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE COMPUTER SOC

This paper discusses the conditions of fruitless cycles for Pollard's rho method with skew Frobenius mapping for elliptic curve discrete logarithm problem (ECDLP) over a Barreto-Naehrig (BN) curve. When a random walk pass achieves a fruitless cycle, the random walk pass must restart with a different starting point. There can be several methods to eliminate fruitless cycles of short lengths for BN curves based on the construction of a random walk table. Therefore, in this research, the authors give an analysis of the previous methods for a BN curve of order 349 with the mapping with experiments. The results show that several fruitless cycles of length two and three cannot be eliminated by the previous methods. The authors investigated the reason for degradation. As a result of the analysis, a new condition where a part of the fruitless cycles of any lengths occur is derived, and a new method to eliminate the fruitless cycles is proposed.

• Keiji Yoshimoto, Yoshinori Uetake, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2019 7th International Symposium on Computing and Networking, CANDAR 2019   245 - 250   2019

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE COMPUTER SOC

Curve25519 has been used in various security protocols for its efficiency and rapidity. However, Curve25519 is known to have rational points whose orders are 2, 4, and 8. In this research, the authors focus on rational points of order 4 and demonstrate a side-channel attack (SCA) against a scalar multiplication algorithm for Curve25519. It purposes to compare two scalar multiplication algorithms in terms of the difficulty of estimating a secret key via the SCA, where the algorithms are differentiated whether it uses a conditional swap function or not. Furthermore, we examine to attack an open-source library for Arduino UNO which includes the scalar multiplication algorithm using a conditional swap function in practice. Since this library takes a countermeasure against the SCA during key exchange, we can use this secure library as a protocol tool. However, there is a threat when we implement a scalar multiplication by using some functions in this library without considering the SCA.

• Yoshinori Uetake, Keiji Yoshimoto, Yuta Kodera, Leo Weissbart, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2019 7th International Symposium on Computing and Networking, CANDAR 2019   225 - 231   2019

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE COMPUTER SOC

Among the increasing evolution of IoT devices, practical applications need reliable secure protocols to communicate with each other. A major issue for modern cryptosystems is an implementation of secure and trustworthy mechanisms to rely on. A side-channel attack against these cryptosystems may overturn the guarantee of security against conventional cyber-attacks. Elliptic curve cryptography is public-key cryptography based on elliptic curves, and one of the well-known curves is Curve25519 which is used for TLS protocols as a recommended curve. This curve is mainly implemented on limited resource devices such as microcontrollers. However, this curve poses a weakness for low-order points during a Diffie-Hellman key exchange is employed. This research demonstrates possible exploitation of a threat of order 8 rational points of Curve25519 and shows results of the side-channel attacks using order 8 rational points on an embedded system. The results indicate the order 8 rational points might be applied to key extraction as attacker sides.

• Yuki Nanjo, Masaaki Shirase, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2019 7th International Symposium on Computing and Networking, CANDAR 2019   178 - 184   2019

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE COMPUTER SOC

It is well-known that the class of binomial extension fields is widely used to construct quadratic extension fields (QEFs) of supersingular isogeny Diffie-Hellman (SIDH) key exchange protocol. There is a possibility to improve the performance of SIDH by employing other classes of QEFs, i.e., extension fields with normal basis and all-one polynomial extension fields, without sacrificing the range of primes. In this paper, the authors confirm that the applicability of the other classes for SIDH and evaluate the computational complexity of the large-degree isogenies required for SIDH. The results of the experiments show that the performances with the classes are comparable to the QEF with a binomial x2+1.

• Sota Eguchi, Takeru Miyazaki, Shunsuke Araki, Satoshi Uehara, Yasuyuki Nogami

2019 9th International Workshop on Signal Design and its Applications in Communications, IWSDA 2019   1 - 5   2019

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In this paper, we focus on binary sequences obtained from piecewise logistic map over integers, and show the relation between the Lyapunov exponents of the maps and results of the NIST tests for the sequences. When the Lyapunov exponent is a negative value, we confirm that the branch diagram is sparse and the bit occurrence rate is also greatly biased. We also give a sample of that the positive/negative signs of the Lyapunov exponents mostly coincide on the evaluations of the NIST tests. From the branching diagram of the piecewise logistic map, we can moreover find that there are many good pseudorandom sequences generated by the individual control parameters of the map.

• Shinichi Kageyama, Ken Ikuta, Yuki Nanjo, Yuta Kodera, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2019 7th International Symposium on Computing and Networking Workshops, CANDARW 2019   425 - 429   2019

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE COMPUTER SOC

Block Turbo Decodings (BTDs) with Soft-In SoftOut (SISO) decodings for two-dimensional product codes of linear codes can achieve good error performance. However, since large computational complexity of the BTDs can be a problem, a method which can reduce average computational complexity is needed. In this research, the authors focus on an early termination condition as the method for the reduction on the computational complexity. From the tendency of the output of SISO ordered statistics decoding, a condition is proposed. Based on simulation results for the two-dimensional product code of the (32,26,4) Reed-Muller code, analysis on a parameter of the condition are given. The results show that the computational complexity can be reduced to more than one fourth at the SN ratios higher than 7[dB] of Eb/No without degradation on error performance by choosing an appropriate parameter.

• Fatema Akhter, Yasuyuki Nogami, Takuya Kusaka, Yuki Taketa, Tomoya Tatara

Proceedings - 2019 7th International Symposium on Computing and Networking Workshops, CANDARW 2019   408 - 411   2019

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE COMPUTER SOC

In this paper, we propose a new pseudo random binary sequence generated from a primitive polynomial over an extension field. The sequence has maximum period and high linear complexity suitable for security applications. While generation, a new mapping function is proposed which is faster than conventional trace map and translates extension field elements to prime field elements. The output of mapping function is a p-ary sequence with elements 0~ (p-1) that is balanced in pattern distribution and has ideal autocorrelation. Then, a binarization method is utilized to derive binary sequence from p-ary sequence. Period, autocorrelation, linear complexity and computation time of the proposed sequence are studied and experimental results are presented. Finally, the efficiency of the proposal is verified by comparing with existing sequences in terms of period, linear complexity and generation time for sequences of different length.

• Tatsuya Kamiyama, Shoichi Maeyama, Kazuya Okawa, Keigo Watanabe, Yasuyuki Nogami

Proceedings of the 2019 IEEE/SICE International Symposium on System Integration, SII 2019   494 - 501   2019

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Research and development of automatic driving technology has been actively conducted in recent years. Under this background, it is considered that the car parking problem is expected to be developed for supporting drivers to complete automatic parking. Many parking lots in an urban area prepare parking spaces with asphalt road surface drawn by white paint. Research to recognize parking spaces using camera images has been conducted so far. However, camera images are known to be not robust to environmental conditions such as nighttime and a backlight. Therefore, a method of recognizing parking spaces is proposed so that it can be used even when the use time is day or night, irrespective of whether the road surface is dry or wet. In the proposed method, the road surface is classified using the statistical model of the received light intensity value of laser range scanner. Then, the target parking position is estimated by Hough transformation.

• Well Balanced Multi-value Sequence and its Properties over Odd Characteristic Field

M. Arshad Ali, Yuta Kodera, M. Fazle Rabbi, Takuya Kusaka, Yasuyuki Nogami, Satoshi Uehara, Robert H. Morelos-Zaragoza

Advances in Science, Technology and Engineering Systems   4 ( 4 )   188 - 196   2019

More details

Publishing type：Research paper (scientific journal)

The authors propose a well balanced multi-value sequence (including a binary sequence). All the sequence coefficients (except the zero) appear almost the same in number, thus, the proposed sequence is so called the well balanced sequence. This paper experimentally describes some prominent features regarding a sequence, for instance, its period, autocorrelation, and cross-correlation. The value of the autocorrelation and cross-correlation can be explicitly given by the authors formulated theorems. In addition, to ensure the usability of the proposed multi-value sequence, the authors introduce its flexibility by making it a binary sequence. Furthermore, this paper also introduces a comparison in terms of the linear complexity and distribution of bit patterns properties with their previous works. According to the comparison results, the proposed sequence holds better properties compared to our previous sequence.

• Md Al Amin Khandaker, Yuki Nanjo, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2018 6th International Symposium on Computing and Networking, CANDAR 2018   106 - 112   2018.12

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

© 2018 IEEE. Pairing-based protocols are getting popular in many cryptographic applications. Pairing algorithms involve computations on elements in all three pairing groups, G 1 , G 2 and G 3 ; however, most protocols usually require additional scalar multiplication and exponentiation in any of these three groups. The Gallant-Lambert-Vanstone (GLV) method is an elegant technique to accelerate the scalar multiplication which can reduce the number of elliptic curve doubling by using Straus-Shamir simultaneous multi-scalar multiplication technique. However, efficiently computable endomorphisms are required to apply GLV for the elliptic curves. This paper shows the GLV technique by deriving efficiently computable endomorphism for Kachisa-Schaefer-Scott (KSS) curve defined over degree 16 extension field. In addition, the authors show explicit formulas to compute the GLV method together with Straus-Shamir simultaneous multi-scalar multiplication technique for 2, 4 and 8 dimensions in G 2 group. The comparative implementation shows that dimension 4 gives faster computational time than dimension 8 and 2.

• Yuki Nanjo, Md Al Amin Khandaker, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   445 - 451   2018.12

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

© 2018 IEEE. In recent years, many innovative cryptography protocols based on the pairing. Finding out an efficient extension field construction is one of the prerequisites for a practical pairing implementation. The author tries to find an elegant extension field construction which will result in efficient pairing over Barreto-Naehrig (BN) curve. In this paper, two construction methods are considered for extension field of degree 12, and one of them results in an efficient exponentiation and the other enables to compute faster Miller loop than the former one. Therefore, a method which uses a basis conversion matrix between the two extension field is proposed. In comparison to the performance of Aranha et al.'s towering, the proposed implementation results in the efficient exponentiation in a multiplicative group, although pairing cost is slightly increased.

• Identification of Dominant ICs for Electromagnetic Emission by Using Noise Source Amplitude Modulation and Correlation Analysis

Shimpei Yoshino, Chiaki Ishida, Kengo Iokibe, Yoshitaka Toyota, Yasuyuki Nogami

IEEE International Symposium on Electromagnetic Compatibility   2018-August   439 - 444   2018.10

More details

Publishing type：Research paper (international conference proceedings)

To identify semiconductor devices that are dominant noise sources at low cost in order to reduce electromagnetic interference (EMI), we propose a method based on a noise source amplitude modulation technique and correlation analysis (NSM-CA). In this study, we applied the NSM-CA method to a printed circuit board (PCB) with multiple integrated circuits (ICs) and identified ICs dominantly contributing to EM emission. The switching currents produced in three of the ICs were modulated in amplitude with three different modulation signals. The noise source amplitude modulation was implemented in an FPGA, mounted on a PCB, by using three pseudorandom binary sequences (PRBSs) as modulation signals. During the modulations, EM emission was measured at frequencies where the emission exceeded the limit of EMI regulation. The temporal variation in the measured emission was correlated with each of the PRBSs. The ranking of the contributions of the ICs to the emission was determined by means of the resultant correlation coefficients. According to the ranking, the dominant ICs to which a combination of EMI reduction techniques should be primarily applied were identified. Moreover, we applied an EMI reduction technique to the dominant ICs and found a larger reduction in emission than when the technique was applied to low priority ICs.

• Randomness of Binary Sequences with Long Period by Combining M-Sequence and Knuth's Quadratic Congruential Sequence

Kohei Kawase, Takeru Miyazaki, Shunsuke Araki, Satoshi Uehara, Yasuyuki Nogami

2018 IEEE International Conference on Consumer Electronics-Taiwan, ICCE-TW 2018   2018.8

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Cryptography is one of the most important elements on the information security. In this paper, we propose a construction method of a long-period binary sequence with good randomness which plays an important role in cryptography. We generate the sequence by combining two types of binary sequences; one is the m-sequence and the other is a quadratic congruential sequence proposed by Knuth. It is well known that the m-sequence has good statistical properties, and Knuth's method can generate a long period sequence. However, both of these sequences cannot pass the almost NIST statistical tests by stand-alone. We derive a binary sequence combining these two sequences. In addition; we also consider the reasons why the proposed sequence has good randomness properties.

• A Construction Method of a Binary Sequence Using a Logistic Map over F<inf>p</inf> for IoT Device

Takato Nagano, Takeru Mitazakit, Satoshi Uehara, Yasuyuki Nogami

2018 IEEE International Conference on Consumer Electronics-Taiwan, ICCE-TW 2018   2018.8

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

With the spread of loT, it is necessary to implement of encryption and decryption in order to secure information handled by each device. We focus on generating a sequence having random number property for a microcomputer with a short available bit length. We propose binary sequences combined from two random number sequences of 16 bits or less, one is an interleaving operation and the other is a combination by using a Gray code. In this paper, we discussed about how to generate a sequence and random number properties.

• A Consideration of an Efficient Arithmetic over the Extension Field of Degree 3 for Elliptic Curve Pairing Cryptography

Xin Li, Yuta Kodera, Yoshinori Uetake, Takuya Kusaka, Yasuyuki Nogami

2018 IEEE International Conference on Consumer Electronics-Taiwan, ICCE-TW 2018   2018.8

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

This paper presents an efficient arithmetic in extension field based on Cyclic Vector Multiplication Algorithm that reduces calculation costs over cubic extension for elliptic curve pairing cryptography. In addition, we evaluate the calculation costs compared to Karatsuba-based method.

• Shunsuke Ueda, Ken Ikuta, Takuya Kusaka, Md Al Amin Khandaker, Md Arshad Ali, Yasuyuki Nogami

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E101A ( 8 )   1235 - 1244   2018.8

More details

Language：English   Publishing type：Research paper (scientific journal)   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

Copyright © 2018 The Institute of Electronics, Information and Communication Engineers. Generalized Minimum Distance (GMD) decoding is a well-known soft-decision decoding for linear codes. Previous research on GMD decoding focused mainly on unquantized AWGN channels with BPSK signaling for binary linear codes. In this paper, a study on the design of a 4-level uniform quantizer for GMD decoding is given. In addition, an extended version of a GMD decoding algorithm for a 4-level quantizer is proposed, and the effectiveness of the proposed decoding is shown by simulation.

• An ECC Implementation with a Twisted Montgomery Curve over Fq32 on an 8-Bit Microcontroller Reviewed

Yuta Hashimoto, Md Al Amin Khandaker, Yuta Kodera, Taehwan Park, Takuya Kusaka, Howon Kim, Yasuyuki Nogami

Proceedings - 2017 5th International Symposium on Computing and Networking, CANDAR 2017   2018-January   445 - 450   2018.4

More details

Publishing type：Research paper (international conference proceedings)

© 2017 IEEE. The security of Internet of Things (IoT) devices is one of the most important problems. The processing ability of IoT devices is limited, therefore a more light-weight and secure cryptography is necessary. This paper shows the implementation of 256-bit Elliptic Curve Cryptography (ECC) on an 8-bit microcontroller by applying towering for extension field of degree 32. The authors use a twisted Montgomery curve with a Montgomery ladder which enables fast calculations without inverse elements. In addition to that, this implementation is considered resistant to the Side Channel Attack (SCA) since it applies the Montgomery ladder for the scalar multiplication (SCM). This ECC implementation on Arduino UNO, an 8-bit microcontroller board, takes 3 seconds for an SCM which can be made faster by careful assembly implementation.

• Yuta Kodera, Takeru Miyazaki, Md. Al-Amin Khandaker, Ali Md. Arshad, Takuya Kusaka, Yasuyuki Nogami, Satoshi Uehara

IEICE Transactions   101-A ( 9 )   1525 - 1536   2018

More details

Language：English   Publishing type：Research paper (scientific journal)   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

The authors have proposed a multi-value sequence called an NTU sequence which is generated by a trace function and the Legendre symbol over a finite field. Most of the properties for NTU sequence such as period, linear complexity, autocorrelation, and cross-correlation have been theoretically shown in our previous work. However, the distribution of digit patterns, which is one of the most important features for security applications, has not been shown yet. In this paper, the distribution has been formulated with a theoretic proof by focusing on the number of 0's contained in the digit pattern.

• A Study on the Parameter of the Distinguished Point Method in Pollard's Rho Method for ECDLP. Reviewed

Ken Ikuta, Sho Joichi, Kazuya Kobayashi, Md. Al-Amin Khandaker, Takuya Kusaka, Yasuyuki Nogami

Proceedings of 2018 International Symposium on Information Theory and Its Applications, ISITA 2018   628 - 632   2018

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In this research, the choice of the parameter for a method to generate distinguished rational points in Pollard's Rho method to solve the elliptic curve discrete logarithm problem for Barreto-Naehrig (BN) curves is shown. The structures of random walk paths are confirmed by experiments for several BN curves. From the results, the authors clarify the conditions in which the Rho method does not stop during an attack, and the authors also show an indication for the choice of the parameter for the method to generate distinguished points with large bits of ECDLP.

• A Study on the Parameter Size of the Montgomery Trick for ECDLP. Reviewed

Ken Ikuta, Sho Joichi, Kazuya Kobayashi, Md. Al-Amin Khandaker, Takuya Kusaka, Yasuyuki Nogami

Proceedings of 2018 International Symposium on Information Theory and Its Applications, ISITA 2018   623 - 627   2018

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In this research, the choice of the parameter of the Montgomery trick in Pollard's Rho method to solve the elliptic curve discrete logarithm problem for Barreto-Naehrig (BN) curves is shown. The average number of generated rational points per unit time is chosen as a measure of the effectiveness of the choice of the parameter of the Montgomery trick. The results are derived from a sufficient number of experiments with several BN curves.

• Efficient Parallel Simeck Encryp tion with GPGPU and OpenCL Reviewed

Park, Taehwan, Seo, Hwajeong, Khandaker, Md. Al-Amin, Nogami, Yasuyuki, Kim, Howon

2018 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS-TAIWAN (ICCE-TW)   2018

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Simeck family block cipher was proposed in CHES 2015. It is a kind of lightweight block cipher provide various block and key size. In this paper, we proposed efficient parallel implementation of Simeck with GPGPU by using OpenCL and present performance of Simeck parallel implementation.

• Efficient Pairing-Based Cryptography on Raspberry Pi. Reviewed

Yuki Nanjo, Md. Al-Amin Khandaker, Takuya Kusaka, Yasuyuki Nogami

JCM   13 ( 2 )   88 - 93   2018

More details

Publishing type：Research paper (scientific journal)

In the age of IoT, pairing-based cryptography (PBC) can play an important role as a public key cryptography since it enables several innovative protocols such as anonymous encryption, certificate less authentication and so on. However, due to the computation complexity, PBC is often regarded computationally unfeasible for IoT devices. Therefore, this paper tries to push that limit by efficiently calculating pairing operation together with scalar multiplication and exponentiation over Barreto-Naehrig (BN) curve by applying the state of art techniques. In addition to the theoretic explanation of the applied techniques, the authors also show a high-level implementation using C programming on a raspberry pi model 3 B, instead of hardware specific implementation.

• Yuta Kodera, Minoru Kuribayashi, Takuya Kusaka, Yasuyuki Nogami

Sixth International Symposium on Computing and Networking, CANDAR Workshops 2018, Takayama, Japan, November 27-30, 2018   292 - 297   2018

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE Computer Society

The recent development of IoT technologies and cloud storages, many types of information including private information have been gradually outsourced. For such a situation, new convenient functionalities such as arithmetic and keyword search on ciphertexts are required to allow users to retrieve information without leaking any information. Especially, searchable encryptions have been paid much attention to realize a keyword search on an encrypted domain. In addition, an architecture of searchable symmetric encryption (SSE) is a suitable and efficient solution for data outsourcing. In this paper, we focus on an SSE scheme which employs a secure index for searching a keyword with optimal search time. In the conventional studies, it has been widely considered that the scheme searches whether a queried keyword is contained in encrypted documents. On the other hand, we additionally take into account the location of a queried keyword in documents by targeting a matrix-type data format. It enables a manager to search personal information listed per line or column in CSV-like format data.

• Kazuyoshi Tsuchiya, Chiaki Ogawa, Yasuyuki Nogami, Satoshi Uehara

CoRR   abs/1809.04957   2018

More details

Publishing type：Research paper (scientific journal)

• Yoshinori Uetake, Akihiro Sanada, Takuya Kusaka, Yasuyuki Nogami, Leo Weissbart, Sylvain Duquesne

Proceedings of 2018 International Symposium on Information Theory and Its Applications, ISITA 2018   618 - 622   2018

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

With the matter of secure communication between devices, and especially for IoT devices, more and more applications need trustful protocols to communicate using public key cryptography. Elliptic curve cryptography is nowadays a very secure and efficient public key cryptography method. One of the most recent and secure curve is Curve25519 and one of its failure is attack on low-order elements during a Diffie-Hellman key exchange. This document demonstrates that an attack using an order 4 point is possible on an embedded system with a simple power analysis, pointing out every IoT using Curve255119 as a cryptographic method, a potential target to side-channel attacks.

• Guillaume Carel, Ryunosuke Isshiki, Takuya Kusaka, Yasuyuki Nogami, Shunsuke Araki

Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018   267 - 271   2018

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

The development of the autonomous driving and the connected services severely increase security threats on old automotive technologies that are still present on-board vehicles since the long incremental process were employed. For example, the Controller Area Network (CAN) bus, which was standardized in 1991, can be connected to modern Linux embedded computer nodes where evil attacker might be able to exploit a vulnerability on the nodes. However, it is not easy to implement countermeasures on the CAN bus, since the strict requirements and limited performances of CAN specification. That is one of the major reason for the new standard CAN Flexible Data-rate (CAN FD) has been released in 2012 by Bosch to fill the gap between these challenges and the CAN protocol. In this research, a new simple authentication protocol for CAN FD is proposed, and the protocol is evaluated by experiments. The results show that the proposed protocol prevents infected nodes from usurping identity of a critical node and forge messages, with practical computational complexity on modern low-power embedding boards.

• Yuki Nanjo, Md. Al-Amin Khandaker, Takuya Kusaka, Yasuyuki Nogami

Sixth International Symposium on Computing and Networking   445 - 451   2018

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE Computer Society

• Masanari Morishita, Shoichi Maeyama, Yasuyuki Nogami, Keigo Watanabe

Proceedings - 2018 IEEE International Conference on Systems, Man, and Cybernetics, SMC 2018   1711 - 1715   2018

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In recent years, with the increase in physical distribution volume, unmanned transportation robots are expected as an alternative means of transporting baggage in factories and warehouses. The development of a control system for cooperative transportation by multiple robots is important when the objects to be transported are long and exceed the size and the weight limit. From this, we develop a control system for cooperative transportation using two robots independently driven by two wheels. In this paper, a communication system between two mobile robots and a host PC is constructed by using ROS, and a sub-goal is generated to each robot to realize a cooperative running with two robots. The effectiveness of the proposed method is verified through an experiment that the controlled point of an object is subject to a movement along the square of 1 m.

• Shunsuke Ueda, Ken Ikuta, Takuya Kusaka, Md. Al-Amin Khandaker, Ali Md. Arshad, Yasuyuki Nogami

IEICE Transactions   101-A ( 8 )   1235 - 1244   2018

More details

Publishing type：Research paper (scientific journal)

• Md. Al-Amin Khandaker, Yuki Nanjo, Takuya Kusaka, Yasuyuki Nogami

Proceedings - 2018 6th International Symposium on Computing and Networking, CANDAR 2018   106 - 112   2018

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE Computer Society

Pairing-based protocols are getting popular in many cryptographic applications. Pairing algorithms involve computations on elements in all three pairing groups, G 1 , G 2 and G 3 ; however, most protocols usually require additional scalar multiplication and exponentiation in any of these three groups. The Gallant-Lambert-Vanstone (GLV) method is an elegant technique to accelerate the scalar multiplication which can reduce the number of elliptic curve doubling by using Straus-Shamir simultaneous multi-scalar multiplication technique. However, efficiently computable endomorphisms are required to apply GLV for the elliptic curves. This paper shows the GLV technique by deriving efficiently computable endomorphism for Kachisa-Schaefer-Scott (KSS) curve defined over degree 16 extension field. In addition, the authors show explicit formulas to compute the GLV method together with Straus-Shamir simultaneous multi-scalar multiplication technique for 2, 4 and 8 dimensions in G 2 group. The comparative implementation shows that dimension 4 gives faster computational time than dimension 8 and 2.

• Identification of Dominant ICs for Electromagnetic Emission by Using Noise Source Amplitude Modulation and Correlation Analysis

Shimpei Yoshino, Chiaki Ishida, Kengo Iokibe, Yoshitaka Toyota, Yasuyuki Nogami

2018 INTERNATIONAL SYMPOSIUM ON ELECTROMAGNETIC COMPATIBILITY (EMC EUROPE)   439 - 444   2018

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

To identify semiconductor devices that are dominant noise sources at low cost in order to reduce electromagnetic interference (EMI), we propose a method based on a noise source amplitude modulation technique and correlation analysis (NSM-CA). In this study, we applied the NSM-CA method to a printed circuit board (PCB) with multiple integrated circuits (ICs) and identified ICs dominantly contributing to EM emission. The switching currents produced in three of the ICs were modulated in amplitude with three different modulation signals. The noise source amplitude modulation was implemented in an FPGA, mounted on a PCB, by using three pseudorandom binary sequences (PRBSs) as modulation signals. During the modulations, EM emission was measured at frequencies where the emission exceeded the limit of EMI regulation. The temporal variation in the measured emission was correlated with each of the PRBSs. The ranking of the contributions of the ICs to the emission was determined by means of the resultant correlation coefficients. According to the ranking, the dominant ICs to which a combination of EMI reduction techniques should be primarily applied were identified. Moreover, we applied an EMI reduction technique to the dominant ICs and found a larger reduction in emission than when the technique was applied to low priority ICs.

• Evaluating the Maximum Order Complexity of a Uniformly distributed Sequence over Odd Characteristic

Yuta Kodera, Takuya Kusaka, Takeru Miyazaki, Yasuyuki Nogami, Satoshi Uehara, Robert H. Morelos-Zaragoza

2018 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS-TAIWAN (ICCE-TW)   2018

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

This paper focuses on the Maximum Order Complexity of a pseudorandom sequence for security applications called NTU sequence. It shows the maximum feature on the nonlinear property and several properties have been theoretically proven. However, the NTU sequence requires a uniformization technique to overcome the drawback on its bits distribution. The technique has already proposed but the non-liear feature still has not investigated. Therefore, this paper evaluates the affects on the non-linear feature of the original NTU sequence by using Maximum Order Complexity.

• Detecting falsification to MP3 audio signals for conference record using digital watermarking Reviewed

Tomoki Yoshida, Takeru Miyazaki, Shunsuke Araki, Satoshi Uehara, Yasuyuki Nogami

2017 IEEE International Conference on Consumer Electronics - Taiwan, ICCE-TW 2017   253 - 254   2017.7

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：Institute of Electrical and Electronics Engineers Inc.

In this paper, we will propose a digital watermarking for voice signals recorded by a digital voice recorder especially in conferences. We will discuss some requirements for detecting falsifications in the voice signal, because the conference record has the probability that a conclusion is changed for only a falsification in a little time interval. Next, we will show a method of locating an altered place in the voice signal and a new idea applying a white Gaussian noise for guarantee of the valid voice signal without falsification. One characteristic of our proposal is an agitation depending on a peak spectrum for making it difficult to illegally change the embedded watermark.

• Distribution of bit patterns on multi-value sequence over odd characteristics field Reviewed

Yuta Kodera, Takeru Miyazaki, Md Al Amin Khandaker, Ali Md Arshad, Yasuyuki Nogami, Satoshi Uehara

2017 IEEE International Conference on Consumer Electronics - Taiwan, ICCE-TW 2017   137 - 138   2017.7

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

© 2017 IEEE. The Internet of Things (IoT) provides much convenient life for us, at the same time it has brought threats for our privacy. In this context, secure and efficient cryptosystem is required to which pseudorandom sequence plays an important role. Especially, the distribution of bit patterns in the pseudorandom sequence is one of important security aspects. This paper especially focuses on the bit patterns and the distribution in an NTU sequence. As a result of a lot of observation, an important assumption about the distribution of bit patterns in an NTU sequence is introduced. It will help to obtain the balanced NTU sequence in order to enhance the security of cryptosystem on IoT communications.

• Security analysis of Raspberry Pi against Side-channel attack with RSA cryptography Reviewed

Akihiro Sanada, Yasuyuki Nogami, Kengo Iokibe, Md Al Amin Khandaker

2017 IEEE International Conference on Consumer Electronics - Taiwan, ICCE-TW 2017   287 - 288   2017.7

More details

Publishing type：Research paper (international conference proceedings)

© 2017 IEEE. In this paper, the authors apply two modular exponentiation algorithms such as left-to-right binary method and Montgomery powering ladder algorithm on Raspberry Pi and evaluate their security against Side-channel attack.

• Multi-value sequence generated by trace function and power residue symbol over proper sub extension field

Ali Md Arshad, Takeru Miyazaki, Yasuyuki Nogami, Satoshi Uehara, Robert Morelos-Zaragoza

2017 IEEE International Conference on Consumer Electronics - Taiwan, ICCE-TW 2017   249 - 250   2017.7

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

The authors in this paper have proposed a multi-value sequence generated by a primitive polynomial, trace function, k-th power residue symbol, and a certain mapping function over the proper sub extension field. Here, the trace function actually maps an element of the extension field to an element of the proper sub extension field, which is actually a vector space. The distribution of numbers within the sequence becomes more balanced by considering the proper sub extension field. In addition, its period and autocorrelation properties also observed in this paper.

• Solving 114-Bit ECDLP for a Barreto-Naehrig Curve. Reviewed

Takuya Kusaka, Sho Joichi, Ken Ikuta, Md. Al-Amin Khandaker, Yasuyuki Nogami, Satoshi Uehara, Nariyoshi Yamai, Sylvain Duquesne

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   10779 LNCS   231 - 244   2017

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：SPRINGER INTERNATIONAL PUBLISHING AG

The security of cryptographic protocols which are based on elliptic curve cryptography relies on the intractability of elliptic curve discrete logarithm problem (ECDLP). In this paper, the authors describe techniques applied to solve 114-bit ECDLP in Barreto-Naehrig (BN) curve defined over the odd characteristic field. Unlike generic elliptic curves, BN curve holds an especial interest since it is well studied in pairing-based cryptography. Till the date of our knowledge, the previous record for solving ECDLP in a prime field was 112-bit by Bos et al. in Certicom curve ‘secp112r1’. This work sets a new record by solving 114-bit prime field ECDLP of BN curve using Pollard’s rho method. The authors utilized sextic twist property of the BN curve to efficiently carry out the random walk of Pollard’s rho method. The parallel implementation of the rho method by adopting a client-server model, using 2000 CPU cores took about 6 months to solve the ECDLP.

• Masahiro Goto, Satoshi Uehara, Yasuyuki Nogami

Eighth International Workshop on Signal Design and Its Applications in Communications, IWSDA 2017, Sapporo, Japan, September 24-28, 2017   182 - 186   2017

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

This paper shows some of fundamental properties of Z4 sequences of combining each element of a preferred pair of binary m-sequences by using the Gray code mapping. The distribution of elements {0,1,2,3} within one period can be exactly derived from auto/cross-correlation values of Gold sequences or Gold-like sequences. In addition, this paper shows properties such that the Z4 sequences have near-optimum correlation properties.

• Ali Md. Arshad, Takeru Miyazaki, Shoji Heguri, Yasuyuki Nogami, Satoshi Uehara, Robert Morelos-Zaragoza

Eighth International Workshop on Signal Design and Its Applications in Communications, IWSDA 2017, Sapporo, Japan, September 24-28, 2017   84 - 88   2017

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

The authors have proposed an approach for generating a pseudo random binary sequence by using primitive polynomial, trace function, and Legendre symbol over the proper sub extension field. There are many uses of pseudo random binary sequence in security applications. The linear complexity of a sequence is considered as the most important property to be analyzed in these types of applications. In this paper, the authors have restricted the discussion on the linear complexity and linear complexity profile properties of the proposed sequence based on some experimental results. According to the results, the proposed sequence always holds a maximum value of the linear complexity.

• Kazuyoshi Tsuchiya, Chiaki Ogawa, Yasuyuki Nogami, Satoshi Uehara

Eighth International Workshop on Signal Design and Its Applications in Communications, IWSDA 2017, Sapporo, Japan, September 24-28, 2017   74 - 78   2017

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Pseudorandom number generators are required to generate pseudorandom numbers which have not only good statistical properties but also unpredictability in cryptography. A geometric sequence is a sequence given by applying a nonlinear feedforward function to an m-sequence. Nogami, Tada and Uehara proposed a geometric sequence whose nonlinear feedforward function is given by the Legendre symbol, and showed the period, periodic autocorrelation and linear complexity of the sequence. Furthermore, Nogami et al. proposed a generalization of the sequence (this sequence is referred to as the generalized NTU sequence), and showed the period and periodic autocorrelation. In this paper, we investigate the linear complexity of the generalized NTU sequences. Under some conditions, we can ensure that generalized NTU sequences have large linear complexity from the results on linear complexity of Sidel'nikov sequences.

• Yuta Kodera, Takuya Kusaka, Takeru Miyazaki, Md. Al-Amin Khandaker, Yasuyuki Nogami, Satoshi Uehara

Fifth International Symposium on Computing and Networking, CANDAR 2017, Aomori, Japan, November 19-22, 2017   2018-January   451 - 455   2017

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE Computer Society

Trace function is a well known index of finite field theory and practically, it is used for some security applications. However, present trace calculation with binary method is far from the practice on an IoT device. This paper considers an efficient trace calculation without vector multiplication by focusing on the matrix representation and the linearity of trace function. By using pre-computation, a trace calculation is executed by m times multiplication and the memory consumption is 4m bytes. This paper especially uses a pseudorandom generator called NTU sequence to show the efficiency because it has paid much attention as a random generator for security applications. When considering 128-bit length of periodic sequence with NTU sequence for security applications, parameters will be p = 7 and m = 50. From the experimental results, a trace calculation with them will be executed within 5[μs], and the memory consumption is 200 bytes which is 0:625% of the storage in Arduino Uno. Therefore, this work contributes to implementing an efficient trace calculation on an IoT device with low memory consumption.

• Khandaker, Md Al-Amin, Ono, Hirotaka, Nogami, Yasuyuki, Shirase, Masaaki, Duquesne, Sylvain

INFORMATION SECURITY AND CRYPTOLOGY - ICISC 2016   10157   208 - 219   2017

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：SPRINGER INTERNATIONAL PUBLISHING AG

Acceleration of a pairing calculation of an Ate-based pairing such as Optimal Ate pairing depends not only on the optimization of Miller algorithm's loop parameter but also on efficient elliptic curve arithmetic operation and efficient final exponentiation. Some recent works have shown the implementation of Optimal Ate pairing over Kachisa-Schaefer-Scott (KSS) curve of embedding degree 18. Pairing over KSS curve is regarded as the basis of next generation security protocols. This paper has proposed a pseudo 12-sparse multiplication to accelerate Miller's loop calculation in KSS curve by utilizing the property of rational point groups. In addition, this papers has showed an enhancement of the elliptic curve addition and doubling calculation in Miller's algorithm by applying implicit mapping of its sextic twisted isomorphic group. Moreover this paper has implemented the proposal with recommended security parameter settings for KSS curve at 192 bit security level. The simulation result shows that the proposed pseudo 12-sparse multiplication gives more efficient Miller's loop calculation of an Optimal Ate pairing operation along with recommended parameters than pairing calculation without sparse multiplication.

• Distribution of Bit Patterns on Multi-value Sequence over Odd Characteristics Field Reviewed

Kodera, Yuta, Miyazaki, Takeru, Khandaker, Md. Al-Amin, Arshad, Ali Md., Nogami, Yasuyuki, Uehara, Satoshi

2017 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS - TAIWAN (ICCE-TW)   137 - 138   2017

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

The Internet of Things (IoT) provides much convenient life for us, at the same time it has brought threats for our privacy. In this context, secure and efficient cryptosystem is required to which pseudorandom sequence plays an important role. Especially, the distribution of bit patterns in the pseudorandom sequence is one of important security aspects. This paper especially focuses on the bit patterns and the distribution in an NTU sequence. As a result of a lot of observation, an important assumption about the distribution of bit patterns in an NTU sequence is introduced. It will help to obtain the balanced NTU sequence in order to enhance the security of cryptosystem on IoT communications.

• Security Analysis of Raspberry Pi Against Side-Channel Attack with RSA Cryptography Reviewed

Sanada, Akihiro, Nogami, Yasuyuki, Iokibe, Kengo, Khandaker, Md. Al-Amin

2017 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS - TAIWAN (ICCE-TW)   287 - 288   2017

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In this paper, the authors apply two modular exponentiation algorithms such as left-to-right binary method and Montgomery powering ladder algorithm on Raspberry Pi and evaluate their security against Side-channel attack.

• Md. Al-Amin Khandaker, Yuki Nanjo, Loubna Ghammam, Sylvain Duquesne, Yasuyuki Nogami, Yuta Kodera

IACR Cryptology ePrint Archive   2017   1174 - 1174   2017

More details

Publishing type：Research paper (scientific journal)

• Parallel Implementations of SIMON and SPECK, Revisited. Reviewed

Taehwan Park, Hwajeong Seo, Garam Lee, Md. Al-Amin Khandaker, Yasuyuki Nogami, Howon Kim

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   10763 LNCS   283 - 294   2017

More details

Publishing type：Research paper (international conference proceedings)   Publisher：Springer

In this paper, we revisited the parallel implementation of SIMON and SPECK block ciphers. The performances of SIMON and SPECK are significantly improved by using ARM NEON SIMD (Single Instruction Multiple Data) parallel computing and OpenMP SIMT (Single Instruction Multiple Thread). We optimized the implementation on ARM NEON architecture. For optimized NEON, we reduced the number of registers for round key and increased the number of registers for plaintexts. Furthermore, we proposed the efficient forward and backward alignment methods. Finally, we maximize the performance by using SIMT (Single Instruction Multiple Threads). In the case of performance of proposed methods and proposed methods with SIMT, SIMON 128/128 encryption within 32.4, 14.3 cycles/byte, SIMON 128/192 encryption within 30.1, 15.9 cycles/byte, SIMON 128/256 encryption within 32.4, 16.9 cycles/byte, SPECK 128/128 encryption within 9.7, 5.1 cycles/byte, SPECK 128/192 encryption within 10.4, 5.6 cycles/byte, SPECK 128/256 encryption within 11.0, and 5.6 cycles/byte respectively on ARM Cortex-A53 environment.

• Khandaker, Md. Al-Amin, Nogami, Yasuyuki, Seo, Hwajeong, Duquesne, Sylvain

INFORMATION SECURITY APPLICATIONS, WISA 2016   10144   221 - 232   2017

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：SPRINGER INTERNATIONAL PUBLISHING AG

Efficiency of the next generation pairing based security protocols rely not only on the faster pairing calculation but also on efficient scalar multiplication on higher degree rational points. In this paper we proposed a scalar multiplication technique in the context of Ate based pairing with Kachisa-Schaefer-Scott (KSS) pairing friendly curves with embedding degree k = 18 at the 192-bit security level. From the systematically obtained characteristics p, order r and Frobenious trace t of KSS curve, which is given by certain integer z also known as mother parameter, we exploit the relation #E(F-p) = p + 1-t mod r by applying Frobenius mapping with rational point to enhance the scalar multiplication. In addition we proposed z-adic representation of scalar s. In combination of Frobenious mapping with multi-scalar multiplication technique we efficiently calculate scalar multiplication by s. Our proposed method can achieve 3 times or more than 3 times faster scalar multiplication compared to binary scalar multiplication, sliding-window and non-adjacent form method.

• Efficient scalar multiplication for ate based pairing over kss curve of embedding degree 18 Reviewed

Md Al Amin Khandaker, Yasuyuki Nogami, Hwajeong Seo, Sylvain Duquesne

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   10144 LNCS   221 - 232   2017

More details

Publishing type：Research paper (international conference proceedings)

© Springer International Publishing AG 2017. Efficiency of the next generation pairing based security protocols rely not only on the faster pairing calculation but also on efficient scalar multiplication on higher degree rational points. In this paper we proposed a scalar multiplication technique in the context of Ate based pairing with Kachisa-Schaefer-Scott (KSS) pairing friendly curves with embedding degree k = 18 at the 192-bit security level. From the systematically obtained characteristics p, order r and Frobenious trace t of KSS curve, which is given by certain integer z also known as mother parameter, we exploit the relation #E(F p) = p+1−t mod r by applying Frobenius mapping with rational point to enhance the scalar multiplication. In addition we proposed z-adic representation of scalar s. In combination of Frobenious mapping with multi-scalar multiplication technique we efficiently calculate scalar multiplication by s. Our proposed method can achieve 3 times or more than 3 times faster scalar multiplication compared to binary scalar multiplication, sliding-window and non-adjacent form method.

• Efficient Optimal Ate Pairing at 128-Bit Security Level. Reviewed

Md. Al-Amin Khandaker, Yuki Nanjo, Loubna Ghammam, Sylvain Duquesne, Yasuyuki Nogami, Yuta Kodera

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   10698 LNCS   186 - 205   2017

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：SPRINGER INTERNATIONAL PUBLISHING AG

Following the emergence of Kim and Barbulescu’s new number field sieve (exTNFS) algorithm at CRYPTO’16 [21] for solving discrete logarithm problem (DLP) over the finite field; pairing-based cryptography researchers are intrigued to find new parameters that confirm standard security levels against exTNFS. Recently, Barbulescu and Duquesne have suggested new parameters [3] for well-studied pairing-friendly curves i.e., Barreto-Naehrig (BN) [5], Barreto-Lynn-Scott (BLS-12) [4] and Kachisa-Schaefer-Scott (KSS-16) [19] curves at 128-bit security level (twist and sub-group attack secure). They have also concluded that in the context of Optimal-Ate pairing with their suggested parameters, BLS-12 and KSS-16 curves are more efficient choices than BN curves. Therefore, this paper selects the atypical and less studied pairing-friendly curve in literature, i.e., KSS-16 which offers quartic twist, while BN and BLS-12 curves have sextic twist. In this paper, the authors optimize Miller’s algorithm of Optimal-Ate pairing for the KSS-16 curve by deriving efficient sparse multiplication and implement them. Furthermore, this paper concentrates on the Miller’s algorithm to experimentally verify Barbulescu et al.’s estimation. The result shows that Miller’s algorithm time with the derived pseudo 8-sparse multiplication is most efficient for KSS-16 than other two curves. Therefore, this paper defends Barbulescu and Duquesne’s conclusion for 128-bit security.

• Yuta Hashimoto, Md. Al-Amin Khandaker, Yuta Kodera, Taehwan Park, Takuya Kusaka, Howon Kim, Yasuyuki Nogami

Proceedings - 2017 5th International Symposium on Computing and Networking, CANDAR 2017   2018-January   445 - 450   2017

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

The security of Internet of Things (IoT) devices is one of the most important problems. The processing ability of IoT devices is limited, therefore a more light-weight and secure cryptography is necessary. This paper shows the implementation of 256-bit Elliptic Curve Cryptography (ECC) on an 8-bit microcontroller by applying towering for extension field of degree 32. The authors use a twisted Montgomery curve with a Montgomery ladder which enables fast calculations without inverse elements. In addition to that, this implementation is considered resistant to the Side Channel Attack (SCA) since it applies the Montgomery ladder for the scalar multiplication (SCM). This ECC implementation on Arduino UNO, an 8-bit microcontroller board, takes 3 seconds for an SCM which can be made faster by careful assembly implementation.

• Kazuyoshi Tsuchiya, Yasuyuki Nogami, Satoshi Uehara

CoRR   abs/1709.05163   2017

More details

Publishing type：Research paper (scientific journal)

• Efficient operation over F<inf>(24)2</inf> for security technologies

Norito Jitsui, Yasuyuki Nogami, Hwajeong Seo, Nasima Begum

2016 IEEE International Conference on Consumer Electronics-Taiwan, ICCE-TW 2016   17 - 18   2016.7

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Binary extension field F28 is recently used for AES encryption and IoT (Internet of Things) security with PUF (Physical Unclonable Function). The calculations over tower field such as F(24)2 or F((22)2)2 become more efficient than that of over F28. This paper focuses on the efficient calculations over F(24)2.

• A dynamic job scheduling method for reliable and high-performance volunteer computing

Shinya Yasuda, Yasuyuki Nogami, Masaru Fukushi

2015 IEEE 2nd International Conference on InformationScience and Security, ICISS 2015   100 - 103   2016.1

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

This paper proposes a dynamic job scheduling method for reliable and high-performance volunteer computing. In volunteer computing, each job is replicated and allocated to multiple participants (workers) to remove incorrect results by a voting mechanism. Hence, the number of workers necessary to complete a job is an important factor for the system performance; however, this is not well-considered in the existing methods. The proposed method defines the expected probability of completion for each job based on the worker's secession probability. By allocating each job so that the expected probability is always greater than a specified value, the proposed method avoids excess job allocation, which leads to the higher performance. The performance of the proposed method is evaluated by computer simulation, under the two scenarios of workers having uniform and different processing speeds. It is found that the performance of the proposed method is higher than the existing method especially under the practical latter scenario.

• An Improvement of Scalar Multiplication on Elliptic Curve Defined over Extension Field F-q(2) Reviewed

Khandaker Md. Al-Amin, Yasuyuki Nogami

2016 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS-TAIWAN (ICCE-TW)   13 - 14   2016

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In elliptic curve cryptography (ECC), a scalar multiplication for rational point is the most time consuming operation. This paper proposes an efficient calculation for a scalar multiplication by applying Frobenious Mapping. Particularly, this paper deals with Barreto-Naehrig curve defined over extension field F-q(2), where q - p(6) and p is a large prime.

• A Consideration of Towering Scheme for Efficient Arithmetic Operation over Extension Field of Degree 18 Reviewed

Khandaker, Md. Al-Amin, Nogami, Yasuyuki

PROCEEDINGS OF THE 2016 19TH INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY (ICCIT)   276 - 281   2016

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Barreto-Naehrig (BN) curve is a well studied pairing friendly curve of embedding degree 12, that uses arithmetic in F-p12. Therefore the arithmetic of F-p12 extension field is well studied. In this paper, we have proposed an efficient approach of arithmetic operation over the extension field of degree 18 by towering. F-p18 extension field arithmetic is considered to be the basis of implementing the next generation pairing based security protocols. We have proposed to use F-p element to construct irreducible binomial for building tower of extension field up to F-p6, where conventional approach uses the root of previous irreducible polynomial to create next irreducible polynomials. Therefore using F-p elements in irreducible binomial construction, reduces the number of multiplications in F-p to calculate inversion and multiplication over F-p18, which effects acceleration in total arithmetic operation over F-p18.

• Khandaker, Md. Al-Amin, Nogami, Yasuyuki

2016 FOURTH INTERNATIONAL SYMPOSIUM ON COMPUTING AND NETWORKING (CANDAR)   629 - 634   2016

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Pairing based cryptography is considered as the next generation of security for which it attracts many researcher to work on faster and efficient pairing to make it practical. Among the several challenges of efficient pairing; efficient scalar multiplication of rational point defined over extension field of degree k >= 12 is important. However, there exists isomorphic rational point group defined over relatively lower degree extension field. Exploiting such property, this paper has showed a mapping technique between isomorphic rational point groups in the context of Ate-based pairing with Kachisa-Schaefer-Scott (KSS) pairing friendly curve of embedding degree k = 18. In the case of KSS curve, there exists sub-field sextic twisted curve that includes sextic twisted isomorphic rational point group defined over F(p)3. This paper has showed the mapping procedure from certain F(p)18 rational point group to its sub-field isomorphic rational point group in F(p)3 and vice versa. This paper has also showed that scalar multiplication is about 20 times faster after applying the proposed mapping which in-turns resembles that the impact of this mapping will greatly enhance the pairing operation in KSS curve.

• Ali Md. Arshad, Yasuyuki Nogami, Chiaki Ogawa, Hiroto Ino, Satoshi Uehara, Robert Morelos-Zaragoza,Kazuyoshi Tsuchiya

2016 International Symposium on Information Theory and Its Applications, ISITA 2016, Monterey, CA, USA, October 30 - November 2, 2016   777 - 780   2016

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In our previous work, pseudo random binary sequence generated by using trace function, Legendre symbol and mapping function has been researched. Our previous sequence generated by applying primitive polynomial over odd characteristics field Fp, trace function, and Legendre symbol. The previous sequence contained only 0 and 1 values. It has some interesting features such as period, periodic autocorrelation, and linear complexity. However, it has a major drawback also that is the appearance of 0 and 1 are inconsistent in each period. For this reason, in the periodic autocorrelation graph except the peak values other parts always consists some values and that is not 0. When we apply this type of binary sequence in any security applications, it will lead some security vulnerabilities. In this paper, the authors have proposed a new approach to generate pseudo random signed binary sequence. An important point about our proposed sequence is, it overcomes the drawback of our previous work. Our proposed sequence includes 0,1, and -1 values. Its features, such as the period and periodic autocorrelation are also explained in this paper. According to the results, this has interesting feature such as the appearance of 0, 1 and - 1 are identical in each period.

• Ali Md. Arshad, Yasuyuki Nogami, Hiroto Ino, Satoshi Uehara

Fourth International Symposium on Computing and Networking, CANDAR 2016, Hiroshima, Japan, November 22-25, 2016   604 - 609   2016

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE Computer Society

In this paper, the authors have proposed a new approach for generating multi-value sequence by utilizing primitive element, trace function, and k-th power residue symbol over odd characteristic field. Let p be an odd prime and Fp be an odd characteristic prime field, m be the degree of the primitive polynomial f(x), and k be a prime factor of p - 1. In details, the procedure for generating multi-value sequence is as follows: primitive polynomial f(x) generates maximum length vector sequence, then trace function Tr(·) maps an element of extension field Fpm to an element of prime field Fp, next non-zero scalar A € Fp is added to the trace value, and finally k-th power residue symbol is utilized to map the scalars into (k + 1) values multi-value sequence. In this method, a certain mapping function Mk(·) is utilized during the autocorrelation calculation. Hence, our proposed multi-value sequence has some parameters such as p, m, k, and A. This paper discusses the period, autocorrelation, and cross-correlation properties of proposed multi-value sequence based on some experimental results.

• Pseudo Random Sequence over Finite Field using Mobius Function Reviewed

Fatema Akhter, Yasuyuki Nogami

2016 INTERNATIONAL WORKSHOP ON COMPUTATIONAL INTELLIGENCE (IWCI)   68 - 72   2016

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Pseudo random sequences play an important role in cryptography and network security system. This paper proposes a new approach for generation of pseudo random sequence over odd characteristic field. The sequence is generated by applying a primitive polynomial over odd characteristic field, trace function and mobius function. Then, some important properties of the newly generated sequence such as period, autocorrelation and cross-correlation have been studied in this work. The properties of the generated sequence are evaluated on various bit length of odd characteristics. Finally, the experimental results are compared with existing works which show the superiority of the proposed sequence over existing ones.

• Linear Complexity of Signed Binary Sequence Over Odd Characteristic Field Reviewed

Ali Md. Arshad, Hiroto Ino, Chiaki Ogawa, Yasuyuki Nogami

PROCEEDINGS OF THE 2016 19TH INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY (ICCIT)   266 - 269   2016

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In our previous work, well balanced pseudo random signed binary sequence generated by using trace function and Legendre symbol has been researched. Our previous sequence generated by applying primitive polynomial over odd characteristic field F-p, trace function and Legendre symbol. The important features such as period, periodic autocorrelation, and cross-correlation have already been well discussed in our previous work. In this paper, the signed binary sequence is generated by utilizing one additional parameter A. Let p be an odd prime and F-p is an odd characteristic prime field and m be the degree of the primitive polynomial f(x). The procedure for generating sequence is as follows: primitive polynomial f (x) generates maximum length vector sequence, then trace function Tr (.) maps an element of extension field F(p)m to an element of prime field F-p, next a non-zero scalar A is an element of F-p is added to the trace value and finally Legendre symbol is used to map the scalars into signed binary sequence. In this paper, the authors have restricted the discussion on linear complexity and linear complexity profile properties of signed binary sequence based on some experimental results.

• Hwajeong Seo, Taehwan Park, Shinwook Heo, Gyuwon Seo, Bongjin Bae, Zhi Hu, Lu Zhou, Yasuyuki Nogami, Youwen Zhu, Howon Kim

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   10144 LNCS   318 - 330   2016

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：SPRINGER INTERNATIONAL PUBLISHING AG

In this paper we revisited the parallel implementations of LEA. By taking the advantages of both the light-weight features of LEA and the parallel computation abilities of ARM-NEON platforms, performance is significantly improved. We firstly optimized the implementations on ARM and NEON architectures. For ARM processor, barrel shifter instruction is used to hide the latencies for rotation operations. For NEON engine, the minimum number of NEON registers are assigned to the round key variables by performing the on-time round key loading from ARM registers. This approach reduces the required NEON registers for round key variables by three registers and the registers and temporal registers are used to retain four more plaintext for encryption operation. Furthermore, we finely transform the data into SIMD format by using transpose and swap instructions. The compact ARM and NEON implementations are combined together and computed in mixed processing way. This approach hides the latency of ARM computations into NEON overheads. Finally, multiple cores are fully exploited to perform the maximum throughputs on the target devices. The proposed implementations achieved the fastest LEA encryption within 3.2 cycle/byte for Cortex-A9 processors.

• Fatema Akhter, Yasuyuki Nogami

IWCI 2016 - 2016 International Workshop on Computational Intelligence   69 - 73   2016

More details

Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Pseudo random sequences play an important role in cryptography and network security system. This paper proposes a new approach for generation of pseudo random sequence over odd characteristic field. The sequence is generated by applying a primitive polynomial over odd characteristic field, trace function and möbius function. Then, some important properties of the newly generated sequence such as period, autocorrelation and cross-correlation have been studied in this work. The properties of the generated sequence are evaluated on various bit length of odd characteristics. Finally, the experimental results are compared with existing works which show the superiority of the proposed sequence over existing ones.

• A Pseudo-random Binary Sequence Generated by Using Primitive Polynomial of Degree 2 over Odd Characteristic Field F-p Reviewed

2016 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS-TAIWAN (ICCE-TW)   15 - 16   2016

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Let p be an odd prime number as the characteristic of finite field, this paper introduces a pseudo random binary sequence generated by a primitive polynomial of degree 2 over F-p, trace function, and Legendre symbol. Then, its period and autocorrelation are introduced with a small example.

• Rei Ueno, Naofumi Homma, Yukihiro Sugawara, Yasuyuki Nogami, Takafumi Aoki

International Conference on Cryptographic Hardware and Embedded Systems   9293 ( 9293 )   63 - 80   2015.9

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：SPRINGER-VERLAG BERLIN

This paper proposes a compact and efficient GF(28) inversion circuit design based on a combination of non-redundant and redundant Galois Field (GF) arithmetic. The proposed design utilizes redundant GF representations, called Polynomial Ring Representation (PRR) and Redundantly Represented Basis (RRB), to implement GF(28) inversion using a tower field GF((24)2). In addition to the redundant representations, we introduce a specific normal basis that makes it possible to map the former components for the 16th and 17th powers of input onto logic gates in an efficient manner. The latter components for GF(24) inversion and GF(24) multiplication are then implemented by PRR and RRB, respectively. The flexibility of the redundant representations provides efficient mappings from/to the GF(28). This paper also evaluates the efficacy of the proposed circuit by means of gate counts and logic synthesis with a 65 nm CMOS standard cell library and comparisons with conventional circuits, including those with tower fields GF(((22)2)2). Consequently, we show that the proposed circuit achieves approximately 40% higher efficiency in terms of area-time product than the conventional best GF(((22)2)2) circuit excluding isomorphic mappings. We also demonstrate that the proposed circuit achieves the best efficiency (i. e., area-time product) for an AES encryption S-Box circuit including isomorphic mappings.

• Efficient implimentation of NTRU over all one polynomial ring with CVMA

Koki Misumi, Yasuyuki Nogami

2015 IEEE International Conference on Consumer Electronics - Taiwan, ICCE-TW 2015   384 - 385   2015.8

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

It is shown that public key cryptosystems based on discrete logarithm probrem can be solved if the quantum computer and Shor's algorithm are realized. Thus a new cryptosystem called post-quantum cryptosystem so as not to be broken by quantum computer is needed. NTRU is proposed by Hoffstein et al. in 1998. It is one of post-quantum cryptosystem. It is based on problems on lattice for which there are no efficient algorithms to solve. In NTRU, using convolution polynomial ring as Zq[X]/(Xn-1). However, (X-1), that is a trivial factor of Xn-1 sometimes make problems. Thus we consider a variant using a quotient polynomial ring such as Zq[X]/(Xn + Xx-1 +...+X + 1) and CVMA: Cyclic Vector Multiplication Algorithm.

• A performance evaluation of Web-based volunteer computing using applications with GMP

Shoma Kajitani, Yasuyuki Nogami, Masaru Fukushi, Noriki Amano

2015 IEEE International Conference on Consumer Electronics - Taiwan, ICCE-TW 2015   41 - 42   2015.8

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

This paper presents the performance evaluations of GMP-based applications on Web-based Volunteer Computing (VC) systems. Web-based VC is expected to gather many volunteer participants (workers) by allowing workers to execute a computation program (job) on Web browsers. On the other hand, the job execution performance on workers degraded because jobs are executed on Web browsers. To reveal the actual performance of Web-based VC, we convert practical applications which use GMP, that is a multi-precision library for scientific computations, and evaluate its performance. The experimental results show that the performance degradation is negligibly small in some cases, e.g. a short bit-length of arguments. This paper also shows a potential for the performance improvement of Web-based VC by substituting GMP functions.

• An implementation of credibility-based job scheduling method in volunteer computing systems

Shun Ichiro Tani, Yasuyuki Nogami, Masaru Fukushi

2015 IEEE International Conference on Consumer Electronics - Taiwan, ICCE-TW 2015   37 - 38   2015.8

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

This paper addresses a job scheduling problem in Volunteer Computing (VC) systems, where some malicious participant may return incorrect results (sabotaging). Credibility-based job scheduling method, namely ENR-ECJ, is a promising approach to realize high-performance and sabotage-tolerant VC systems based on the credibility of each participant (worker). However, managing the credibility values in the management node may cause considerable performance degradation of whole the system. By implementing ENR-ECJ into a small scale VC system, this paper demonstrates the primacy of ENR-ECJ over existing methods and reveals its condition through the performance evaluation for various number of workers. The results show that ENR-EJC improves the overall performance about 10% when the access frequency of workers is less than 2 per second.

• Hwajeong Seo, Zhe Liu 0001, Yasuyuki Nogami, Jongseok Choi, Howon Kim

IACR Cryptol. ePrint Arch.   2015   745 - 745   2015

More details

Publishing type：Research paper (scientific journal)

• Hwajeong Seo, Zhe Liu 0001, Yasuyuki Nogami, Jongseok Choi, Howon Kim

IACR Cryptol. ePrint Arch.   2015   688 - 688   2015

More details

Publishing type：Research paper (scientific journal)

• Hwajeong Seo, Chien-Ning Chen, Zhe Liu 0001, Yasuyuki Nogami, Taehwan Park, Jongseok Choi, Howon Kim

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   9503   161 - 173   2015

More details

Publishing type：Research paper (international conference proceedings)   Publisher：Springer

Binary field multiplication is the most fundamental building block of binary field Elliptic Curve Cryptography (ECC) and Galois/Counter Mode (GCM). Both bit-wise scanning and Look-Up Table (LUT) based methods are commonly used for binary field multiplication. In terms of Side Channel Attack (SCA), bit-wise scanning exploits insecure branch operations which leaks information in a form of timing and power consumption. On the other hands, LUT based method is regarded as a relatively secure approach because LUT access can be conducted in a regular and atomic form. This ensures a constant time solution as well. In this paper, we conduct the SCA on the LUT based binary field multiplication. The attack exploits the horizontal Correlation Power Analysis (CPA) on weights of LUT. We identify the operand with only a power trace of binary field multiplication. In order to prevent SCA, we also suggest a mask based binary field multiplication which ensures a regular and constant time solution without LUT and branch statements.

• Hwajeong Seo, Chien-Ning Chen, Zhe Liu 0001, Yasuyuki Nogami, Taehwan Park, Jongseok Choi, Howon Kim

IACR Cryptol. ePrint Arch.   2015   799 - 799   2015

More details

Publishing type：Research paper (scientific journal)

• Rei Ueno, Naofumi Homma, Yukihiro Sugawara, Yasuyuki Nogami, Takafumi Aoki

IACR Cryptol. ePrint Arch.   2015   763 - 763   2015

More details

Publishing type：Research paper (scientific journal)

• Kazuyoshi Tsuchiya, Yasuyuki Nogami

2015 SEVENTH INTERNATIONAL WORKSHOP ON SIGNAL DESIGN AND ITS APPLICATIONS IN COMMUNICATIONS (IWSDA)   155 - 159   2015

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Recently, binary sequences generated by chaotic maps have been widely studied. In particular, the logistic map is used as one of the chaotic map. However, if the logistic map is implemented by using finite precision computer arithmetic, rounding is required. In order to avoid rounding, Miyazaki, Araki, Uehara and Nogami proposed the logistic map over finite fields, and show some properties of sequences generated by the logistic map over finite fields. In this paper, we show some properties of periods of sequences generated by the logistic map over finite fields with control parameter four. In particular, we show conditions for parameters and initial values to have a long period, and asymptotic properties for periods by numerical experiments.

• Hiroto Ino, Yasuyuki Nogami, Nasima Begum, Satoshi Uehara, Robert Morelos-Zaragoza,Kazuyoshi Tsuchiya

Third International Symposium on Computing and Networking, CANDAR 2015, Sapporo, Hokkaido, Japan, December 8-11, 2015   484 - 486   2015

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE Computer Society

In our previous work, the k-value pseudo random sequence generated by power residue symbol has been researched. The sequence is generated by applying a primitive polynomial over odd characteristics field, trace function, and power residue symbol. And the sequence has some interesting features such as period, periodic autocorrelation, and linear complexity. In this paper, by applying a new step into the process of generating sequence, a new generating method of k-value sequence is derived. As with the previous work, it also has some interesting features such as period, periodic autocorrelation, and periodic crosscorrelation. From the experimental results, these features are examined.

• An Efficiency Improvement in an Anonymous Credential System for CNF Formulas on Attributes with Constant-size Proofs Reviewed

Nasima Begum, Toru Nakanishi, Yasuyuki Nogami

2ND INTERNATIONAL CONFERENCE ON ELECTRICAL ENGINEERING AND INFORMATION COMMUNICATION TECHNOLOGY (ICEEICT 2015)   2015

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

An anonymous credential system allows a user to convince a service provider anonymously that he/she owns certified attributes. Previously, we proposed a paring-based anonymous credential system with constant size of proofs, where the combinations of logical AND and OR relations on user attributes can be proved as CNF formulas. However, this system has a problem of requiring large online computation time during authentication, which depends on the number of AND relations in the proved formula. In this paper, we propose an efficiency improvement of the computational overhead based on online/offline precomputation technique. In our improvement, all exponentiations that can be used for the accumulator and witness computations are executed in advance in the precomputation algorithm. Thus, exponentiations in the online accumulator and witness computations are excluded, and only multiplications are needed. We implemented the system using a fast pairing library, and measured the processing times, while changing the size of the proved CNF formula. The experimental result shows that the computational costs of the proof generation in the case of using lots of AND relations are greatly reduced than the previous system. Hence, it is practical for mobile users.

• Reduction of Authentication Time in an Anonymous Credential System with Proofs for Monotone Formulas on Attributes Reviewed

Nasima Begum, Toru Nakanishi, Yasuyuki Nogami

2015 IEEE INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS - TAIWAN (ICCE-TW)   376 - 377   2015

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

An anonymous credential system allows a user to convince a service provider anonymously that he/she owns certified attributes. Previously, an anonymous credential system was proposed to prove user's attributes to satisfy a monotone formula, i.e., a logic relation with any combination of AND/OR relations. However, this system has a problem of requiring large authentication time which depends on the number of attributes in the proved formula. In this paper, we propose methods to accelerate the authentication time by reducing the exponentiation costs for the calculations of accumulator and the witness which are used in the system. We implemented the accelerated system using a fast pairing library, and measured the authentication times, while changing the size of the proved relation.

• Hwajeong Seo, Zhe Liu 0001, Yasuyuki Nogami, Taehwan Park, Jongseok Choi, Lu Zhou, Howon Kim

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   9558   169 - 181   2015

More details

Publishing type：Research paper (international conference proceedings)   Publisher：Springer

In this paper, we present high speed parallel multiplication and squaring algorithms for the Mersenne prime 2521 − 1. We exploit 1- level Karatsuba method in order to provide asymptotically faster integer multiplication and fast reduction algorithms. With these optimization techniques, ECDH on NIST’s (and SECG’s) curve P-521 requires 8.1/4M cycles on an ARM Cortex-A9/A15, respectively. As a comparison, on the same architecture, the latest OpenSSL 1.0.2d’s ECDH speed test for curve P-521 requires 23.8/18.7M cycles for ARM Cortex-A9/A15, respectively.

• Shoma Kajitani, Yasuyuki Nogami, Shunsuke Miyoshi, Thomas Austin

PROCEEDINGS OF 2015 THIRD INTERNATIONAL SYMPOSIUM ON COMPUTING AND NETWORKING (CANDAR)   122 - 126   2015

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Elliptic curve discrete logarithm problem (ECDLP) is the base of the security of elliptic curve cryptography (ECC). The verification of the security of ECC has been studied by solving an ECDLP. However, we need a large amount of computational resources for the verification. Then, this paper proposes a method gathering computational resources with Web-based Volunteer Computing (Web-based VC). This paper solves 70-bit ECDLP, and evaluates the computational performance of 2 types of the execution clients: Native Client (NaCl) and Portable NaCl (PNaCl). In the case of NaCl, 70-bit ECDLP was solved in 3086 seconds. On the other hand, in the case of PNaCl, 70-bit ECDLP was solved in 6583 seconds.

• Examining the Linear Complexity of Multi-value Sequence generated by Power Residue Symbol Reviewed

Hiroto Ino, Yasuyuki Nogami, Nasima Begum, Satoshi Uehara, Robert Morelos-Zaragoza, Kazuyoshi Tsuchiya

2015 2ND INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND SECURITY (ICISS)   58 - 60   2015

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

In our previous work, k-value pseudo random sequence generated by power residue symbol has been researched. The sequence is generated by applying a primitive polynomial over odd characteristics field, trace function, and power residue symbol. The sequence has some important features such as period, periodic autocorrelation, and linear complexity. In this paper, by applying an additional process to the previous procedure, an extended multi-value sequence is generated. Its features, such as the period, periodic autocorrelation, periodic crosscorrelation, and linear complexity are examined in this paper. According to the results, the new sequence also has some interesting features.

• An Improvement of Tate Paring with Supersingular Curve Reviewed

Akito Kumano, Yasuyuki Nogami

2015 2ND INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND SECURITY (ICISS)   37 - 39   2015

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Vector decomposition problem has been proposed on some supersingular curves whose embedding degree is 2 for example. In order to apply the problem as a trapdoor for some innovative cryptosystems, it is necessary to make pairing-related calculations more efficient. Our previous work has considered an approach for Tate pairing on a supersingular curve of embedding degree 2 over extension field of extension degree 2. It improved both Miller's algorithm and final exponentiation that was required for the Tate pairing. In detail, one multiplication in the calculation of Miller's loop was eliminated by using a twist mapping. This paper shows a more improved calculation of pairing with some experimental result for the efficiency discussion.

• Kazuyoshi Tsuchiya, Yasuyuki Nogami

CoRR   abs/1510.03650   2015

More details

Publishing type：Research paper (scientific journal)

• Analysis on equivalent current source of AES-128 circuit for HD power model verification

Kengo Iokibe, Kazuhiro Maeshima, Hiroto Kagotani, Yasuyuki Nogami, Yoshitaka Toyota, Tetsushi Watanabe

IEEE International Symposium on Electromagnetic Compatibility   2014-December   302 - 305   2014.12

More details

Publishing type：Research paper (international conference proceedings)

We analyzed equivalent current source of cryptographic circuits implemented on a field programmable gate array (FPGA). The equivalent current source represented internal switching current behaviors in the cryptographic circuits during an Advanced Encryption Standard (AES) operation. In this work, the internal current was analyzed for extracting leakage functions and correlation coefficients from scatter diagrams of the Hamming Distance (HD) of AES intermediate values and the current magnitudes. The obtained leakage functions were confirmed a well-known assumption on the HD power model that magnitude of switching current due to transition of register states is proportional to HD of the register. The internal current was also investigated in terms of correlation with the HD model. Correlation coefficients increased as transforming the external power trace in the internal current because two types of noise were reduced by the transform; constant noise and overlap effect of successive rounds. The noise reduction inferred that the use of the internal current source would provide more precise verification of countermeasures.

• Investigation in Burst Pulse Injection Method for Fault Based Cryptanalysis

Kengo Iokibe, Kazuhiro Maeshima, Hiroto Kagotani, Yasuyuki Nogami, Yoshitaka Toyota, Tetsushi Watanabe

2014 IEEE INTERNATIONAL SYMPOSIUM ON ELECTROMAGNETIC COMPATIBILITY (EMC)   743 - 747   2014

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

This paper investigated about introduction of the burst pulse injection method standardized for immunity tests to a cryptanalysis using faulty ciphertexts. We investigated the potential of the burst injection method to induce faulty ciphertexts experimentally. Firstly, the standard burst pulse was injected through the power cable to a cryptographic module implementing the Advanced Encryption Standard (AES) on a field programmable gate array (FPGA). As a result, it was confirmed that the burst pulse injection might cause clock glitches on the module. Secondly, the clock glitch was varied in magnitude and timing by use of two pulse generators and transmitted to the AES circuit to clarify what types of clock glitch induce critical faulty ciphertexts suited for recovering the crypto-key successfully. Results confirmed that the clock glitch had potential to induce faulty ciphertexts when it exceeded the threshold and produced a clock interval shorter than the critical path delay in the target round. The two experimental results suggested that burst pulse injection to cryptographic modules through their power cables is a possible scenario of fault analysis attacks.

• The Pollard's Rho Method with XTR Group on G(3) over Barreto-Naehrig Curve

Yusuke Takai, Kenta Nekado, Yasuyuki Nogami

2012 7TH INTERNATIONAL CONFERENCE ON COMPUTING AND CONVERGENCE TECHNOLOGY (ICCCT2012)   595 - 598   2012

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Pollard's rho method is well-known as an efficient method for solving discrete logarithm problem (DLP). This paper adopts the DLP on the so-denoted G(3) over Barreto-Naehrig curve, together with XTR group. Then, this paper shows this idea with the proposed algorithm, and the experimental computation time of solving the DLP is reduced by about 15%.

• Efficient Non Symmetric Pairing Groups on Ordinary Pairing Friendly Curve of Embedding Degree 1 Reviewed

Tetsuya Izuta, Yasuyuki Nogami, Yoshitaka Morikawa

2011 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC)   2011

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Recently, ordinary pairing-friendly elliptic curves whose embedding degree is 1 have been often focused on, for example some composite order pairing-based cryptographies do. In the case of non-symmetric pairings whose embedding degree is larger than 2, recent efficient pairing techniques such as Rate and Xate pairings adopt a certain special rational point group with an efficient isomorphic mapping and then accelerate pairing-related operations such as a pairing calculation and a scalar multiplication. Based on cubic, quartic, and sextic twists, this paper shows how to activate these efficient techniques together with point compression on pairing-friendly curves of embedding degree 1.

• Tetsuya Izuta, Yasuyuki Nogami, Yoshitaka Morikawa

IEEE International Conference on Communications   1 - 5   2011

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

Recently, ordinary pairing-friendly elliptic curves whose embedding degree is 1 have been often focused on, for example some composite order pairing-based cryptographies do. In the case of non-symmetric pairings whose embedding degree is larger than 2, recent efficient pairing techniques such as Rate and Xate pairings adopt a certain special rational point group with an efficient isomorphic mapping and then accelerate pairing-related operations such as a pairing calculation and a scalar multiplication. Based on cubic, quartic, and sextic twists, this paper shows how to activate these efficient techniques together with point compression on pairing-friendly curves of embedding degree 1. © 2011 IEEE.

• Amang Sudarsono, Toru Nakanishi 0001, Yasuyuki Nogami, Nobuo Funabiki

J. Inf. Process.   18   63 - 76   2010

More details

Publishing type：Research paper (scientific journal)

Recently, ubiquitous Internet-access services have been provided by Internet service providers (ISPs) by deploying wireless local area networks (LANs) in public spaces including stations, hotels, and coffee shops. The IEEE802.1X protocol is usually used for user authentications to allow only authorized users to access services. Then, although user personal information of access locations, services, and operations can be easily collected by ISPs and thus, their strict management has been demanded, it becomes very difficult when multiple ISPs provide roaming services by their corporations. In this paper, we present an anonymous IEEE802.1X authentication system using a group signature scheme to allow user authentication without revealing their identities. Without user identities, ISPs cannot collect personal information. As an efficient revocable group signature scheme, we adopt the verifier-local revocation (VLR) type with some modifications for use of the fast pairing computation. We show the implementation of our proposal and evaluation results where the practicality of our system is confirmed for up to 1,000 revoked users.

• Yumi Sakemi, Shoichi Takeuchi, Yasuyuki Nogami, Yoshitaka Morikawa

INFORMATION SECURITY AND CRYPTOLOGY - ISISC 2009   5984   47 - 64   2010

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：SPRINGER-VERLAG BERLIN

In the case of Barreto-Naehrig pairing-friendly curves of embedding degree 12 of order r, recent efficient Ate pairings such as R-ate, optimal, and Xate pairings achieve Miller loop lengths of (1/4) left perpendicularlog(2) r right perpendicular]. On the other hand, the twisted Ate pairing requires (3/4) left perpendicularlog(2) r right perpendicular] loop iterations, and thus is usually slower than the recent efficient Ate pairings. This paper proposes an improved twisted Ate pairing using Frobenius maps and a small scalar multiplication. The proposal splits the Miller&apos;s algorithm calculation into several independent parts, for which multi-pairing techniques apply efficiently. The maximum number of loop iterations in Miller&apos;s algorithm for the proposed twisted Ate pairing is equal to the (1/4) left perpendicularlog(2) r right perpendicular] attained by the most efficient Ate pairings.

• Two Improvements of Twisted Ate Pairing with Barreto-Naehrig Curve by Dividing Miller&apos;s Algorithm Reviewed

Yumi Sakemi, Hidehiro Kato, Shoichi Takeuchi, Yasuyuki Nogami, Yoshitaka Morikawa

ICCIT: 2009 FOURTH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCES AND CONVERGENCE INFORMATION TECHNOLOGY, VOLS 1 AND 2   1180 - 1186   2009

More details

Language：English   Publishing type：Research paper (international conference proceedings)   Publisher：IEEE

This paper shows two improvements of twisted te pairing with Barreto Naehrig curve so as to be efficiently carried out by dividing the calculation loops of Miller&apos;s algorithm based on divisor theorem. Then, this paper shows some experimental results from which it is shown that each improvements accelerate twisted- te pairing.

• Thread computing for Miller's algorithm of pairing Reviewed

Shoichi Takeuchi, Yumi Sakemi, Yasuyuki Nogami, Yoshitaka Morikawa

Digest of Technical Papers - IEEE International Conference on Consumer Electronics   182 - 186   2009

More details

Language：English   Publishing type：Research paper (international conference proceedings)

This paper shows an improvement of Miller's algorithm so as to be effcient for thread programming by using divisor theorem. Then, this paper implements a thread program of the improved Miller's algorithm by which it is shown that the proposed technique is more ef.cient than ordinary Miller's algorithm. ©2009 IEEE.

• Fast implementation of extension fields with Typell ONB and cyclic vector multiplication algorithm Reviewed

Yasuyuki Nogami, Shigeru Shinonaga, Yoshitaka Morikawa

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E88-A ( 5 )   1200 - 1208   2005

More details

Language：English   Publishing type：Research paper (scientific journal)   Publisher：Institute of Electronics, Information and Communication, Engineers, IEICE

This paper proposes an extension field named TypeII AOPF. This extension field adopts TypeII optimal normal basis, cyclic vector multiplication algorithm, and Itoh-Tsujii inversion algorithm. The calculation costs for a multiplication and inversion in this field is clearly given with the extension degree. For example, the arithmetic operations in TypeII AOPF Fp5 is about 20% faster than those in OFF Fp5, Then, since CVMA is suitable for parallel processing, we show that Typell AOPF is superior to AOPF as to parallel processing and then show that a multiplication in TypeII AOPF becomes about twice faster by parallelizing the CVMA computation in TypeII AOPF. Copyright © 2005 The Institute of Electronics, Information and Communication Engineers.

• TSUGE Koichiro, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

ITE Technical Report   25 ( 83 )   49 - 54   2001.12

More details

Language：Japanese   Publisher：The Institute of Image Information and Television Engineers

In this paper, we propose image digital watermark method which has robustness against image compression and clipping. In this method, we first at first take discrete wavelet transform of original image, and get out multi-resolution approximation (MRA). Next, we spread spectrum of the MRA by Pseudo Noise (PN) sequence, and then take 1D-discrete Fourier transform (DFT) of each column. We vary the DFT coefficients according to each bit of watermark information. This method has the features which the third eavesdropper, who don't know the PN sequence, can not decipher the information data and alter them. In detection process, we take the DFT difference between PT-spread MRA of original image and that of watermark-embedded image and calculate shift of the DFT coefficients. Therefore, this method has the advantage that we can detect the watermark information even from the clipping image.

Books

• （Interface）これからの暗号化技術8＋α

野上保之（ Role： Joint author ,  第5章 通信技術84＋α）

CQ出版  2020.2

More details

• 野上保之（ Role： Joint author）

CQ出版  2020.2

More details

Language：Japanese Book type：General book, introductory book for general audience

• 情報セキュリティ対策の要点

コロナ社  2004

More details

MISC

• Secure Utilization of IoT and AI Tools for Society 5.0

野上保之

電子情報通信学会技術研究報告(Web)   120 ( 268(IT2020 24-62) )   2020

More details

• Proposal of Optimal Curve Parameters for Pairing Computation on BLS12 Curve and Its Evaluation of Implementation

服部大地, 高橋裕人, 多田羅友也, 南條由紀, 小寺雄太, 日下卓也, 野上保之

電子情報通信学会技術研究報告(Web)   120 ( 224(ISEC2020 32-41) )   2020

More details

• ( 2019 )   1543 - 1550   2019.10

More details

Language：English

• ( 2019 )   69 - 74   2019.8

More details

Language：Japanese

• NANJO Yuki, SHIRASE Masaaki, KUSAKA Takuya, NOGAMI Yasuyuki

電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   119 ( 141 )   207 - 214   2019.7

More details

Language：English   Publisher：電子情報通信学会

• NANJO Yuki, SHIRASE Masaaki, KUSAKA Takuya, NOGAMI Yasuyuki

電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   119 ( 142 )   207 - 214   2019.7

More details

Language：English   Publisher：電子情報通信学会

• NANJO Yuki, SHIRASE Masaaki, KUSAKA Takuya, NOGAMI Yasuyuki

電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   119 ( 143 )   207 - 214   2019.7

More details

Language：English   Publisher：電子情報通信学会

• NANJO Yuki, SHIRASE Masaaki, KUSAKA Takuya, NOGAMI Yasuyuki

電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   119 ( 140 )   207 - 214   2019.7

More details

Language：English   Publisher：電子情報通信学会

• Analyzing Final Round Key of AES Implemented on Microcomputer using Neural Network

小杉聡志, 城市翔, 生田健, 日下卓也, 野上保之, 高橋規一

電子情報通信学会技術研究報告   118 ( 478(ISEC2018 81-134) )   2019

More details

• Development of Collision-Based Attack Practicum for Security Evaluation by Using Next Generation Cryptosystem in IoT Era.

野上保之, 日下卓也, 小林航也, 橋本優太

コンピュータソフトウェア   36 ( 1 )   95 - 100   2019

More details

In the IoT era when a device is connected via the Internet, we can enjoy a great deal of convenience with the use of such devices, but a large number of users are not concerned about the attack from a third party. It is also meaningful for the user to have such a consciousness, but the person providing devices needs more specialized knowledge and awareness of the security. For such demands, a special education program called enPiT is held to provide an opportunity for undergraduate students to learn about cutting-edge information technologies and aims to cultivate human resources who have acquired the ability to solve specific problems in society. In this paper, we introduce the contents of \enPiT-Security advanced PBL exercise G" held in Okayama University and describe the helpfulness of the exercise and room for improvement based on the students' comments.

• 一色 竜之介, 五百旗頭 健吾, 日下 卓也, 亀川 哲志, 野上 保之

電気学会研究会資料. EMC = The papers of technical meeting on electromagnetic compatibility, IEE Japan   2018 ( 48 )   23 - 28   2018.11

More details

Language：English   Publisher：電気学会

• 一色 竜之介, 五百旗頭 健吾, 日下 卓也, 亀川 哲志, 野上 保之

電気学会研究会資料. MAG = The papers of technical meeting on magnetics, IEE Japan   2018 ( 120 )   23 - 28   2018.11

More details

Language：English   Publisher：電気学会

• Uniform Binary Sequence Generated over Odd Characteristic Field

Yuta Kodera, Takuya Kusaka, Ali Md. Arshad, Yasuyuki Nogami, Takeru Miyazak, Satoshi Uehara

International Journal of Information and Electronics Engineering   8 ( 1 )   5 - 9   2018.3

More details

Language：English   Publisher：EJournal Publishing

• Uniform Binary Sequence Generated over Odd Characteristic Field

Yuta Kodera, Takuya Kusaka, Ali Md. Arshad, Yasuyuki Nogami, Takeru Miyazak, Satoshi Uehara

International Journal of Information and Electronics Engineering   8 ( 1 )   5 - 9   2018.3

More details

Publisher：EJournal Publishing

• 一色 竜之介, 日下 卓也, 五百旗頭 健吾, 野上 保之

電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   117 ( 384 )   25 - 30   2018.1

More details

Language：English   Publisher：電子情報通信学会

• Yuta Hashimoto, Md. Al-Amin Khandaker, Yuta Kodera, Taehwan Park, Takuya Kusaka, Howon Kim, Yasuyuki Nogami

IJNC   8 ( 2 )   341 - 350   2018

More details

Language：English

• Highly Efficient GF(28) Inversion Circuit Based on Hybrid GF Arithmetic

Rei Ueno, Naofumi Homma, Yasuyuki Nogami, and Takafumi Aoki

Journal of Cryptographic Engineering   2018

More details

Language：English

• An Efficient Hierarchical Multi-Authority Attribute Based Encryption Scheme for Profile Matching using a Fast Ate Pairing in Cloud Environment

Balaji Chandrasekaran, Yasuyuki Nogami, and Ramadoss Balakrishnan

International Journal of Information and Electronics Engineering   14 ( 2 )   151 - 156   2018

More details

Language：English   Publisher：CROATIAN COMMUNICATIONS & INFORMATION SOC

—In cloud environment, profile matching is a key technique in applications such as health care and social networks. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a suitable technique for data sharing in such environments. In this paper, we propose an asymmetric pairing based Hierarchical Multi-Authority CP-ABE (HM-CP-ABE) construction for profile matching. We utilize the fast Ate pairing to make the proposed HM-CP-ABE scheme efficient. The performance analysis of the proposed scheme shows improved efficiency in terms of computational costs for initialization, key generation and encryption using ELiPS library when compared with existing works.

• Secure Data Communication using File Hierarchy Attribute Based Encryption in Wireless Body Area Network

B. Chandrasekaran, R. Balakrishnan, and Y. Nogami

Journal of Communications Software and Systems   14 ( 1 )   75 - 81   2018

More details

Language：English   Publisher：CROATIAN COMMUNICATIONS & INFORMATION SOC

Wireless Body Area Networks (WBANs) play an important role in healthcare system by enabling medical experts to guide patients remotely. The unauthorized access of medical data from WBAN controller as well as the unreliable data communication may leads to risk for patients life. Currently, Chunqiang Hu et al., [1] proposed a data communication protocol by using Ciphertext-Policy Attribute-Based Encryption (CP-ABE) for a single file. The major limitation of Chunqiang Hu et al., [1] is that as the number of files increases, CP-ABE will suffer from parameters such as message size, energy consumption and computation cost. This paper proposes a more secure and efficient data communication scheme for WBANs by using an efficient File Hierarchy CP-ABE (FH-CP-ABE). The proposed scheme uses integrated access structure which is a combination of two or more access structures with hierarchical files encrypted. We evaluate the performance analysis of the proposed data communication protocol in terms of message size, energy consumption, computation cost and compared with Chunqiang Hu et al., [1].

• Yuta Hashimoto, Md. Al-Amin Khandaker, Yuta Kodera, Taehwan Park, Takuya Kusaka, Howon Kim, Yasuyuki Nogami

IJNC   8 ( 2 )   341 - 350   2018

More details

• Highly Efficient GF(28) Inversion Circuit Based on Hybrid GF Arithmetic

Rei Ueno, Naofumi Homma, Yasuyuki Nogami, Takafumi Aoki

Journal of Cryptographic Engineering   2018

More details

• An Efficient Hierarchical Multi-Authority Attribute Based Encryption Scheme for Profile Matching using a Fast Ate Pairing in Cloud Environment

Balaji Chandrasekaran, Yasuyuki Nogami, Ramadoss Balakrishnan

International Journal of Information and Electronics Engineering   2018

More details

• Secure Data Communication using File Hierarchy Attribute Based Encryption in Wireless Body Area Network

B. Chandrasekaran, R. Balakrishnan, Y. Nogami

Journal of Communications Software and Systems   2018

More details

• CVMAを利用した部分体を用いるNTU系列の生成効率化

松本年史, 小寺雄太, ALI Md. Arshad, 日下卓也, 野上保之

情報理論とその応用シンポジウム予稿集(CD-ROM)   41st   2018

More details

• KSS曲線を用いた効率的なペアリング暗号のための18次拡大体構成法の評価

南條由紀, KHANDAKER Md. Al-Amin, 日下卓也, 野上保之

情報処理学会シンポジウムシリーズ(CD-ROM)   2018 ( 2 )   2018

More details

• 線形複雑度が可変なある擬似乱数系列の部分的乱数性に対する評価

武田祐樹, 小寺雄太, 日下卓也, 野上保之

情報理論とその応用シンポジウム予稿集(CD-ROM)   41st   2018

More details

• Kazuyoshi Tsuchiya, Yasuyuki Nogami, Satoshi Uehara

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E100A ( 12 )   2720 - 2727   2017.12

More details

Language：English   Publisher：Institute of Electronics, Information and Communication, Engineers, IEICE

A pseudorandom number generator is widely used in cryptography. A cryptographic pseudorandom number generator is required to generate pseudorandom numbers which have good statistical properties as well as unpredictability. An m-sequence is a linear feedback shift register sequence with maximal period over a finite field. M-sequences have good statistical properties, however we must nonlinearize m-sequences for cryptographic purposes. A geometric sequence is a binary sequence given by applying a nonlinear feedforward function to an m-sequence. Nogami, Tada and Uehara proposed a geometric sequence whose nonlinear feedforward function is given by the Legendre symbol. They showed the geometric sequences have good properties for the period, periodic autocorrelation and linear complexity. However, the geometric sequences do not have the balance property. In this paper, we introduce geometric sequences of two types and show some properties of interleaved sequences of the geometric sequences of two types. These interleaved sequences have the balance property and double the period of the geometric sequences by the interleaved structure. Moreover, we show correlation properties and linear complexity of the interleaved sequences. A key of our observation is that the second type geometric sequence is the complement of the left shift of the first type geometric sequence by half-period positions.

• 117 ( 319 )   35 - 40   2017.11

More details

Language：Japanese

• Kazuyoshi Tsuchiya, Yasuyuki Nogami

IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences   E100A ( 9 )   1816 - 1824   2017.9

More details

Authorship：Lead author   Language：English   Publisher：Institute of Electronics, Information and Communication, Engineers, IEICE

Pseudorandom number generators have been widely used in Monte Carlo methods, communication systems, cryptography and so on. For cryptographic applications, pseudorandom number generators are required to generate sequences which have good statistical properties, long period and unpredictability. ADickson generator is a nonlinear congruential generator whose recurrence function is the Dickson polynomial. Aly and Winterhof obtained a lower bound on the linear complexity profile of a Dickson generator. Moreover Vasiga and Shallit studied the state diagram given by the Dickson polynomial of degree two. However, they do not specify sets of initial values which generate a long period sequence. In this paper, we show conditions for parameters and initial values to generate long period sequences, and asymptotic properties for periods by numerical experiments. We specify sets of initial values which generate a long period sequence. For suitable parameters, every element of this set occurs exactly once as a component of generating sequence in one period. In order to obtain sets of initial values, we consider a logistic generator proposed by Miyazaki, Araki, Uehara and Nogami, which is obtained from a Dickson generator of degree two with a linear transformation. Moreover, we remark on the linear complexity profile of the logistic generator. The sets of initial values are described by values of the Legendre symbol. The main idea is to introduce a structure of a hyperbola to the sets of initial values. Our results ensure that generating sequences of Dickson generator of degree two have long period. As a consequence, the Dickson generator of degree two has some good properties for cryptographic applications.

• Begum Nasima, Yasuyuki Nogami, Satoshi Uehara, Robert H. Moleros-Zaragoza

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E100A ( 4 )   922 - 929   2017.4

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

This paper proposes a new approach for generating pseudo random multi-valued (including binary-valued) sequences. The approach uses a primitive polynomial over an odd characteristic prime field F-p, where p is an odd prime number. Then, for the maximum length sequence of vectors generated by the primitive polynomial, the trace function is used for mapping these vectors to scalars as elements in the prime field. Power residue symbol (Legendre symbol in binary case) is applied to translate the scalars to k-value scalars, where k is a prime factor of p-1. Finally, a pseudo random k-value sequence is obtained. Some important properties of the resulting multi-valued sequences are shown, such as their period, autocorrelation, and linear complexity together with their proofs and small examples.

• A Comparative Study of Twist Property in KSS Curves of Embedding Degree 16 and 18 from the Implementation Perspective.

Md. Al-Amin Khandaker, Taehwan Park, Yasuyuki Nogami, Howon Kim

J. Inform. and Commun. Convergence Engineering   15 ( 2 )   97 - 103   2017

More details

Language：English

Implementation of faster pairing calculation is the basis of efficient pairing-based cryptographic protocol implementation. Generally, pairing is a costly operation carried out over the extension field of degree k ≥ 12. But the twist property of the pairing friendly curve allows us to calculate pairing over the sub-field twisted curve, where the extension degree becomes k/d and twist degree d = 2, 3, 4, 6. The calculation cost is reduced substantially by twisting but it makes the discrete logarithm problem easier if the curve parameters are not carefully chosen. Therefore, this paper considers the most recent parameters setting presented by Barbulescu and Duquesne [1] for pairing-based cryptography; that are secure enough for 128- bit security level; to explicitly show the quartic twist (d = 6) and sextic twist (d = 4) mapping between the isomorphic rational point groups for KSS (Kachisa-Schaefer-Scott) curve of embedding degree k = 16 and k = 18, receptively. This paper also evaluates the performance enhancement of the obtained twisted mapping by comparing the elliptic curve scalar multiplications.

• Md. Al-Amin Khandaker, Yasuyuki Nogami

IEICE Transactions   100-A ( 9 )   1838 - 1845   2017

More details

Authorship：Lead author   Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

Scalar multiplication over higher degree rational point groups is often regarded as the bottleneck for faster pairing based cryp-tography. This paper has presented a skew Frobenius mapping technique in the sub-field isomorphic sextic twisted curve of Kachisa-Schaefer-Scott (KSS) pairing friendly curve of embedding degree 18 in the context of Ate based pairing. Utilizing the skew Frobenius map along with multi-scalar multiplication procedure, an efficient scalar multiplication method for KSS curve is proposed in the paper. In addition to the theoretic proposal, this paper has also presented a comparative simulation of the proposed approach with plain binary method, sliding window method and non-adjacent form (NAF) for scalar multiplication. The simulation shows that the proposed method is about 60 times faster than plain implementation of other compared methods.

• 移動ロボットにおけるCANの脆弱性をついたDOS攻撃となりすましの実証

藤井建人, 亀川哲志, 野上保之, 五福明夫

日本機械学会ロボティクス・メカトロニクス講演会講演論文集(CD-ROM)   2017   2017

More details

• 擬似乱数生成のための効率的なトレース計算法に関する考察

小寺雄太, 小川千晶, 村岡英之, 荒木俊輔, 宮崎武, 上原聡, 日下卓也, 野上保之

情報理論とその応用シンポジウム予稿集(CD-ROM)   40th   2017

More details

• 奇標数体上の原始多項式を用いた多値擬似乱数系列における係数分布

小川千晶, 小寺雄太, 宮崎武, 上原聡, 日下卓也, 野上保之

情報理論とその応用シンポジウム予稿集(CD-ROM)   40th   2017

More details

• Improvement of Noise Source Amplitude Modulation Method to Identify Source Devices of Electromagnetic Interference

石田千晶, 吉野慎平, 小川千晶, 五百旗頭健吾, 豊田啓孝, 野上保之

電子情報通信学会技術研究報告   117 ( 319(EMCJ2017 64-75) )   2017

More details

• Hwajeong Seo, Zhe Liu, Yasuyuki Nogami, Jongseok Choi, Howon Kim

SECURITY AND COMMUNICATION NETWORKS   9 ( 13 )   2051 - 2058   2016.9

More details

Language：English   Publisher：WILEY-HINDAWI

In this paper, we show efficient implementations of binary field multiplication over ARMv8. We exploit an advanced 64-bit polynomial multiplication (PMULL) supported by ARMv8 and conduct multiple levels of asymptotically faster Karatsuba multiplication for polynomial multiplication. Finally, our method completed binary field multiplication within 57 and 153 clock cycles for B-251 and B-571 cases, respectively. Proposed method improves the speed-performance by a factor of 4.5 times than previous techniques on same target platform. Copyright (c) 2016 John Wiley & Sons, Ltd.

DOI： 10.1002/sec.1462

• Hybrid Montgomery Reduction

Hwajeong Seo, Zhe Liu, Yasuyuki Nogami, Jongseok Choi, Howon Kim

ACM TRANSACTIONS ON EMBEDDED COMPUTING SYSTEMS   15 ( 3 )   2016.7

More details

Language：English   Publisher：ASSOC COMPUTING MACHINERY

In this article, we present a hybrid method to improve the performance of the Montgomery reduction by taking advantage of the Karatsuba technique. We divide the Montgomery reduction into two sub-parts, including one for the conventional Montgomery reduction and the other one for Karatsuba-aided multiplication. This approach reduces the multiplication complexity of n-limb Montgomery reduction from theta(n(2) + n) to asymptotic complexity theta(7n(2)/8 + n). Our practical implementation results over an 8-bit microcontroller also show performance enhancements by 11%.

DOI： 10.1145/2890502

• Hwajeong Seo, Zhe Liu, Yasuyuki Nogami, Jongseok Choi, Howon Kim

ACM TRANSACTIONS ON EMBEDDED COMPUTING SYSTEMS   15 ( 3 )   58 - 13   2016.7

More details

Language：English   Publisher：ASSOC COMPUTING MACHINERY

In this article, we present a hybrid method to improve the performance of the Montgomery reduction by taking advantage of the Karatsuba technique. We divide the Montgomery reduction into two sub-parts, including one for the conventional Montgomery reduction and the other one for Karatsuba-aided multiplication. This approach reduces the multiplication complexity of n-limb Montgomery reduction from theta(n(2) + n) to asymptotic complexity theta(7n(2)/8 + n). Our practical implementation results over an 8-bit microcontroller also show performance enhancements by 11%.

DOI： 10.1145/2890502

• Hybrid Montgomery Reduction

Hwajeong Seo, Zhe Liu, Yasuyuki Nogami, Jongseok Choi, Howon Kim

ACM TRANSACTIONS ON EMBEDDED COMPUTING SYSTEMS   15 ( 3 )   2016.7

More details

Language：English   Publisher：ASSOC COMPUTING MACHINERY

In this article, we present a hybrid method to improve the performance of the Montgomery reduction by taking advantage of the Karatsuba technique. We divide the Montgomery reduction into two sub-parts, including one for the conventional Montgomery reduction and the other one for Karatsuba-aided multiplication. This approach reduces the multiplication complexity of n-limb Montgomery reduction from theta(n(2) + n) to asymptotic complexity theta(7n(2)/8 + n). Our practical implementation results over an 8-bit microcontroller also show performance enhancements by 11%.

DOI： 10.1145/2890502

• Yasuyuki Nogami, Hiroto Kagotani, Kengo Iokibe, Hiroyuki Miyatake, Takashi Narita

IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS   E99D ( 4 )   805 - 815   2016.4

More details

Authorship：Lead author   Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

Pairing-based cryptography has realized a lot of innovative cryptographic applications such as attribute-based cryptography and semi homomorphic encryption. Pairing is a bilinear map constructed on a torsion group structure that is defined on a special class of elliptic curves, namely pairing-friendly curve. Pairing-friendly curves are roughly classified into supersingular and non supersingular curves. In these years, non supersingular pairing-friendly curves have been focused on from a security reason. Although non supersingular pairing-friendly curves have an ability to bridge various security levels with various parameter settings, most of software and hardware implementations tightly restrict them to achieve calculation efficiencies and avoid implementation difficulties. This paper shows an FPGA implementation that supports various parameter settings of pairings on non supersingular pairing-friendly curves for which Montgomery reduction, cyclic vector multiplication algorithm, projective coordinates, and Tate pairing have been combinatorially applied. Then, some experimental results with resource usages are shown.

• Successful Attack Detection of Elliptic Curve Cryptography with Dynamic DNS

三好俊介, 山井成良, 野上保之

情報処理学会研究報告(Web)   2016 ( IOT-32 )   2016

More details

• 素体上のロジスティック写像による系列の平均周期・リンク長期待値

宮崎武, 荒木俊輔, 上原聡, 野上保之

日本応用数理学会年会講演予稿集(CD-ROM)   2016   2016

More details

• 同じNTU系列を生成する異なる既約多項式についての考察

平郡聖士, 野上保之, 上原聡, 土屋和由

情報理論とその応用シンポジウム予稿集(CD-ROM)   39th   2016

More details

• A Consideration of an Efficient Calculation over the Extension Field of Degree 4 for Elliptic Curve Pairing Cryptography

眞田晃宏, DUQUESNE Sylvain, 白勢政明, 野上保之

電子情報通信学会技術研究報告   116 ( 163(IT2016 21-33) )   2016

More details

• A Consideration of an Efficient Calculation over the Extension Field of Degree 3 for Elliptic Curve Pairing Cryptography

小寺雄太, DUQUESNE Sylvain, 白勢政明, 野上保之

電子情報通信学会技術研究報告   116 ( 163(IT2016 21-33) )   2016

More details

• Dynamic Job Scheduling Method Based on Expected Probability of Completion of Voting in Volunteer Computing

Yuto Miyakoshi, Shinya Yasuda, Kan Watanabe, Masaru Fukushi, Yasuyuki Nogami

IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS   E98D ( 12 )   2132 - 2140   2015.12

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

This paper addresses the problem of job scheduling in volunteer computing (VC) systems where each computation job is replicated and allocated to multiple participants (workers) to remove incorrect results by a votingmechanism. In the job scheduling of VC, the number of workers to complete a job is an important factor for the system performance; however, it cannot be fixed because some of the workers may secede in real VC. This is the problem that existing methods have not considered in the job scheduling. We propose a dynamic job scheduling method which considers the expected probability of completion (EPC) for each job based on the probability of worker's secession. The key idea of the proposed method is to allocate jobs so that EPC is always greater than a specified value (SPC). By setting SPC as a reasonable value, the proposed method enables to complete jobs without excess allocation, which leads to the higher performance of VC systems. We assume in this paper that worker's secession probability follows Weibull-distribution which is known to reflect more practical situation. We derive parameters for the distribution using actual trace data and compare the performance of the proposed and the previous method under the Weibull-distribution model, as well as the previous constant probability model. Simulation results show that the performance of the proposed method is up to 5 times higher than that of the existing method especially when the time for completing jobs is restricted, while keeping the error rate lower than a required value.

• Yuto Miyakoshi, Shinya Yasuda, Kan Watanabe, Masaru Fukushi, Yasuyuki Nogami

IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS   E98D ( 12 )   2132 - 2140   2015.12

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

This paper addresses the problem of job scheduling in volunteer computing (VC) systems where each computation job is replicated and allocated to multiple participants (workers) to remove incorrect results by a votingmechanism. In the job scheduling of VC, the number of workers to complete a job is an important factor for the system performance; however, it cannot be fixed because some of the workers may secede in real VC. This is the problem that existing methods have not considered in the job scheduling. We propose a dynamic job scheduling method which considers the expected probability of completion (EPC) for each job based on the probability of worker's secession. The key idea of the proposed method is to allocate jobs so that EPC is always greater than a specified value (SPC). By setting SPC as a reasonable value, the proposed method enables to complete jobs without excess allocation, which leads to the higher performance of VC systems. We assume in this paper that worker's secession probability follows Weibull-distribution which is known to reflect more practical situation. We derive parameters for the distribution using actual trace data and compare the performance of the proposed and the previous method under the Weibull-distribution model, as well as the previous constant probability model. Simulation results show that the performance of the proposed method is up to 5 times higher than that of the existing method especially when the time for completing jobs is restricted, while keeping the error rate lower than a required value.

• 野上 保之, 井納 弘人, 土屋 和由

電子情報通信学会技術研究報告 = IEICE technical report : 信学技報   115 ( 214 )   25 - 29   2015.9

More details

Language：English   Publisher：電子情報通信学会

• Hwajeong Seo, Zhe Liu, Yasuyuki Nogami, Jongseok Choi, Howon Kim

COMPUTERS & SECURITY   52   276 - 291   2015.7

More details

Optimal Prime Fields (OPFs) are considered to be one of the best choices for lightweight elliptic curve cryptography implementations on resource-constraint embedded processors. In this paper, we revisit the efficient modular arithmetic over the special prime fields, and present improved implementations of modular multiplication and squaring for OPFs, called Optimal Prime Field Coarsely Integrated Operand Caching (OPF-CIOC) and Coarsely Integrated Sliding Block Doubling (OPF-CISBD) methods. The OPF-CIOC and OPF-CISBD methods follow the general ideas of (consecutive) operand caching and sliding block doubling techniques, respectively. The methods have been carefully optimized and redesigned for Montgomery multiplication and squaring in an integrated fashion. We then evaluate the practical performance of proposed methods on representative 8-bit AVR processor. Experimental results show that the proposed OPF-CIOC and OPF-CISBD methods outperform the previous best known results in ACNS'14 by a factor of 8% and 32%. Furthermore, our methods are implemented in a regular way which helps to reduce the leakage of side-channel information. (C) 2015 Elsevier Ltd. All rights reserved.

• Montgomery multiplication and squaring for Optimal Prime Fields

Hwajeong Seo, Zhe Liu, Yasuyuki Nogami, Jongseok Choi, Howon Kim

COMPUTERS & SECURITY   52   276 - 291   2015.7

More details

Optimal Prime Fields (OPFs) are considered to be one of the best choices for lightweight elliptic curve cryptography implementations on resource-constraint embedded processors. In this paper, we revisit the efficient modular arithmetic over the special prime fields, and present improved implementations of modular multiplication and squaring for OPFs, called Optimal Prime Field Coarsely Integrated Operand Caching (OPF-CIOC) and Coarsely Integrated Sliding Block Doubling (OPF-CISBD) methods. The OPF-CIOC and OPF-CISBD methods follow the general ideas of (consecutive) operand caching and sliding block doubling techniques, respectively. The methods have been carefully optimized and redesigned for Montgomery multiplication and squaring in an integrated fashion. We then evaluate the practical performance of proposed methods on representative 8-bit AVR processor. Experimental results show that the proposed OPF-CIOC and OPF-CISBD methods outperform the previous best known results in ACNS'14 by a factor of 8% and 32%. Furthermore, our methods are implemented in a regular way which helps to reduce the leakage of side-channel information. (C) 2015 Elsevier Ltd. All rights reserved.

• MISUMI Koki, NOGAMI Yasuyuki

Technical report of IEICE. ISEC   114 ( 471 )   5 - 10   2015.3

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Quantum computer will break most of recent public key cryptosystems by Shor's algorithm. Post-quantum cryptosystem which is not broken by them has been studied. NTRU is one of the post-quantum cryptosystems proposed by Hoffstein et al. This work considers a variant of NTRU with All One Polynomial Ring based on All One Polynomial. This work applies CVMA:Cyclic Vector Multiplication Algorithm. For the security evaluation, the same approach of the original NTRU can be applied to the proposed variant.

• KUMANO Akito, NOGAMI Yasuyuki, SHIRASE Masaaki

Technical report of IEICE. ISEC   114 ( 471 )   11 - 17   2015.3

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Yoshida et al. have proposed the vector decomposition problem using supersingular curve whose embedding degree is 2. In order to apply the problem as a trapdoor of cryptosystem, it is necessary to speed up pairing calculations. This paper considers an efficient approach for Tate pairing with a supersingular curve on 2-dimentional extension field. This paper improves both Miller's algorithm and final exponentiation that is required for Tate pairing. In detail, one multiplication in the calculation of Miller's loop is eliminated by using twist map. This paper discusses how efficient the calculation of pairing becomes.

• Associative Rational Points for Improving Random Walkswith Collision-based Attack on Elliptic Curve Discrete Logarithm Problem

Yasuyuki Nogami, Thomas H. Austin

International Journal of Computer and Information Technology   2015

More details

• Associative Rational Points for Improving Random Walkswith Collision-based Attack on Elliptic Curve Discrete Logarithm Problem

Yasuyuki Nogami, Thomas H. Austin

International Journal of Computer and Information Technology   2015

More details

Language：English

• A Relation between Autocorrelations of Sequences Generated by the Logistic Map over Prime Fields and Loops whose Periods are Almost Same as Precisions

宮崎武, 荒木俊輔, 上原聡, 野上保之

電子情報通信学会技術研究報告   114 ( 470(IT2014 62-101) )   2015

More details

• 素体上のロジスティック写像による生成系列の連続増加・減少回数について

宮崎武, 荒木俊輔, 上原聡, 野上保之

情報理論とその応用シンポジウム予稿集(CD-ROM)   38th   2015

More details

• 奇標数体上の多値擬似乱数系列の値の分布について

小池将太, 野上保之, 土屋和由, 上原聡

情報理論とその応用シンポジウム予稿集(CD-ROM)   38th   2015

More details

• 奇標数体上の非原始多項式を用いた擬似乱数系列の生成

小川千晶, 野上保之, 土屋和由, 上原聡

情報理論とその応用シンポジウム予稿集(CD-ROM)   38th   2015

More details

• 逐次拡大体Fx(x=(24)2)における演算の効率化について

實井識人, 野上保之, 日下卓也

情報理論とその応用シンポジウム予稿集(CD-ROM)   38th   2015

More details

• 制御変数が4である有限体上のロジスティック写像による最大周期系列に対する線形複雑度プロファイル

土屋和由, 野上保之

日本応用数理学会年会講演予稿集(CD-ROM)   2015   2015

More details

• HARAMURA Satoshi, KAGOTANI Hiroto, NOGAMI Yasuyuki, SUGIYAMA Yuji

IEICE technical report   113 ( 418 )   109 - 112   2014.1

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Recently, studies on implementation of cryptographical algorithms on GPUs are widely conducted as GPGPU development environment provides easy access to GPUs for non-graphics programming. In this paper, we implement cyclic vector multiplication algorithm, or an efficient multiplication algorithm on extension fields, that will accelerate pairing cryptography. Since we adopt 256-bit characteristic for the base fields, we also implement Montgomery multiplication for 256-bit operands on GPU. As the result of implementation on NVIDIA GeForce GTX680, it is over 10 times slower than implementation on Core i7 3970X.

• HARAMURA Satoshi, KAGOTANI Hiroto, NOGAMI Yasuyuki, SUGIYAMA Yuji

Technical report of IEICE. VLD   113 ( 416 )   109 - 112   2014.1

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Recently, studies on implementation of cryptographical algorithms on GPUs are widely conducted as GPGPU development environment provides easy access to GPUs for non-graphics programming. In this paper, we implement cyclic vector multiplication algorithm, or an efficient multiplication algorithm on extension fields, that will accelerate pairing cryptography. Since we adopt 256-bit characteristic for the base fields, we also implement Montgomery multiplication for 256-bit operands on GPU. As the result of implementation on NVIDIA GeForce GTX680, it is over 10 times slower than implementation on Core i7 3970X.

• HARAMURA Satoshi, KAGOTANI Hiroto, NOGAMI Yasuyuki, SUGIYAMA Yuji

IEICE technical report. Computer systems   113 ( 417 )   109 - 112   2014.1

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Recently, studies on implementation of cryptographical algorithms on GPUs are widely conducted as GPGPU development environment provides easy access to GPUs for non-graphics programming. In this paper, we implement cyclic vector multiplication algorithm, or an efficient multiplication algorithm on extension fields, that will accelerate pairing cryptography. Since we adopt 256-bit characteristic for the base fields, we also implement Montgomery multiplication for 256-bit operands on GPU. As the result of implementation on NVIDIA GeForce GTX680, it is over 10 times slower than implementation on Core i7 3970X.

• Gegerihu, NOGAMI Yasuyuki, SHIRASE Masaaki

IEICE technical report. Information theory   113 ( 411 )   45 - 49   2014.1

More details

Language：English   Publisher：The Institute of Electronics, Information and Communication Engineers

This paper introduces a fast implementation of elliptic curve scalar multiplication with an improved quadrupling in Jacobian coordinates, since one quadrupling is more efficient than two doublings for which the scalar needs to be represented in double-base chains form. For point additions, this paper applies coordinates conversion technique which can save one field multiplication in each term of point addition in Mixed coordinates. After that, some experimental results on 256 bit elliptic curve cryptography are shown.

• 2014 ( 19 )   1 - 4   2014.1

More details

Language：Japanese

• Yuki Mori, Shoichi Akagi, Yasuyuki Nogami, Masaaki Shirase

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)   8365   186 - 198   2014

More details

Language：English   Publisher：Springer

According to some recent implementation reports on Ate-based pairings such as optimal ate pairing with Barreto-Naehrig curve whose embedding degree is 12, sparse multiplication accelerates Miller's loop calculation in a pairing calculation. Especially, 7-sparse multiplication is available when the implementation uses affine coordinates, where 7-sparse means that the multiplicand or multiplier has 7 zeros among 12 coefficients. This paper extends it to pseudo 8-sparse multiplication. Then, some experimental results together with theoretic calculation costs are shown in order to evaluate its efficiency. © 2014 Springer International Publishing.

• 有限体上のロジスティック写像による生成系列に対する長周期を保証するための条件

土屋和由, 野上保之

日本応用数理学会年会講演予稿集(CD-ROM)   2014   2014

More details

• NOGAMI Yasuyuki, UEHARA Satoshi, TADA Kazuki

IEICE technical report. Information theory   113 ( 58 )   5 - 8   2013.5

More details

Language：English   Publisher：The Institute of Electronics, Information and Communication Engineers

Let p be an odd characteristic and m be the degree of primitive polynomial f(x). Let ω be its zero, that is a primitive element in F^*_pm, then the sequence S={s_i}, s_i=Tr(w^i), i=0,1,2,… becomes a maximum length sequence, where Tr(・) is the trace function over F_p. On this fact, this paper proposes to binarize the sequence by using Legendre symbol. Then, it is shown that the obtained binary sequence has the period L=2(p^m-1)/(p-1) and a certain periodic autocorrelation. This paper also shows a small example.

• Yuki Kono, Taichi Sumo, Yasuyuki Nogami

2013 16TH INTERNATIONAL CONFERENCE ON NETWORK-BASED INFORMATION SYSTEMS (NBIS 2013)   518 - 522   2013

More details

Language：English   Publisher：IEEE

This paper shows an approach for reducing the size of the exponent of final exponentiation with multiplying some extra terms. In the case of Tate and Ate pairings with Barreto-Naehrig curve whose embedding degree is 12, the exponent is reduced to (p(4) - p(2) + 1)/r, where p is the characteristic of the base field and r is the order of pairing.

• Yasuyuki Nogami, Kazuki Tada, Satoshi Uehara

SIXTH INTERNATIONAL WORKSHOP ON SIGNAL DESIGN AND ITS APPLICATIONS IN COMMUNICATIONS   28 - 31   2013

More details

Language：English   Publisher：IEEE

Let p be an odd characteristic and m be the degree of primitive polynomial f(x). Let omega be its zero, that is a primitive element in F-pm*, then the sequence S = {s(i)}, s(i) = Tr (omega(i)) for i = 0, 1, 2, ... becomes a maximum length sequence, where Tr (.) is the trace function over F-p. On this fact, this paper proposes to binarize the sequence by using Legendre symbol. It will be a class of geometric sequences but its properties such as the period and autocorrelation has not been discussed. Then, it is shown that the obtained binary sequence (geometric sequence with Legendre symbol) has the period L given by 2 (p(m) - 1)/(p-1) and a certain periodic autocorrelation. After that, this paper also shows the numbers of ones and minus ones in the proposed binary sequence per a period together with some small examples.

• Safe Primeを法とした素体上のロジスティック写像による生成系列に関する一考察

宮崎武, 荒木俊輔, 上原聡, 野上保之

日本応用数理学会年会講演予稿集(CD-ROM)   2013   2013

More details

• 2012 ( 3 )   493 - 500   2012.10

More details

Language：Japanese

• Yasuyuki Nogami, Hidehiro Kato, Kenta Nekado, Satoshi Uehara, Yoshitaka Morikawa

IEEE TRANSACTIONS ON INFORMATION THEORY   58 ( 7 )   4936 - 4947   2012.7

More details

Language：English   Publisher：IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC

Several methods for finding a basis conversion matrix between two different bases in an extension field F-p(m) have been proposed. Among them, the one based on Gauss period normal basis (GNB) is on average the most efficient. However, since it needs to construct a certain tower field F-(pm)n, some inefficient cases in which the towering degree n becomes large have been reported. This paper first determines that such inefficient cases are caused by the GNB condition. In order to overcome this inefficiency, we propose a method that does not use any GNB in the target extension field F-p(m), but instead uses a certain polynomial basis in F-p(m) derived by a certain small cyclic group in F-(pm)n. This causes relaxation of the condition for the towering degree n. In addition, our experimental results show that the proposed method substantially accelerates the computation time for finding a basis conversion matrix.

• Finding a Basis Conversion Matrix Using a Polynomial Basis Derived by a Small Multiplicative Cyclic Group

Yasuyuki Nogami, Hidehiro Kato, Kenta Nekado, Satoshi Uehara, Yoshitaka Morikawa

IEEE TRANSACTIONS ON INFORMATION THEORY   58 ( 7 )   4936 - 4947   2012.7

More details

Authorship：Lead author   Language：English   Publisher：IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC

Several methods for finding a basis conversion matrix between two different bases in an extension field F-p(m) have been proposed. Among them, the one based on Gauss period normal basis (GNB) is on average the most efficient. However, since it needs to construct a certain tower field F-(pm)n, some inefficient cases in which the towering degree n becomes large have been reported. This paper first determines that such inefficient cases are caused by the GNB condition. In order to overcome this inefficiency, we propose a method that does not use any GNB in the target extension field F-p(m), but instead uses a certain polynomial basis in F-p(m) derived by a certain small cyclic group in F-(pm)n. This causes relaxation of the condition for the towering degree n. In addition, our experimental results show that the proposed method substantially accelerates the computation time for finding a basis conversion matrix.

• NOGAMI Yasuyuki, TAKAI Yusuke, KOBAYASHI Shigeki, SUGIMURA Tatsuo, UEHARA Satoshi

Technical report of IEICE. ISEC   112 ( 39 )   19 - 24   2012.5

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

This paper considers an approach to obtain primitive polynomials over odd characteristic field F_p for which a variable transformation x&map;x+αx^<-1> called "self α reciprocal transform" is used, where α is a certain element in F^*_<p^<2^j>> of j<i. Self α reciprocal transforms give irreducible polynomials of degree 2^i under a certain condition to which this paper considers their primitivities. If they are not primitive polynomials over F_p, this paper also touches an efficient approach for translating them to primitive polynomials.

• 2011 ( 3 )   349 - 354   2011.10

More details

Language：Japanese

• 根角 健太, 湯浅 達也, 野上 保之, 森川 良孝

コンピュータセキュリティシンポジウム2009 (CSS2009) 論文集   2009   1 - 6   2011.10

More details

Language：Japanese

• 2011 ( 3 )   343 - 348   2011.10

More details

Language：Japanese

• TAKAHASHI Ryosuke, NEKADO Kenta, TAKAI Yusuke, NOGAMI Yasuyuki, KAGOTANI Hiroto, NARITA Takashi

IEICE technical report   111 ( 125 )   145 - 150   2011.7

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

The authors have proposed a cyclic vector multiplication algorithm abbreviated as CVMA that is flexible to the parameters of extension field, that is extension degree and charasteristic. For the hardware implementation of CVMA, the authors have improved the double loop structure of CVMA to a single loop one, and it has been presented at SITA2010. However, it has a problem that it needs a lot of memory. Thus, this paper proposes a method to save the memory use of the single loop version of CVMA.

• TAKAHASHI Ryosuke, NEKADO Kenta, TAKAI Yusuke, NOGAMI Yasuyuki, KAGOTANI Hiroto, NARITA Takashi

IEICE technical report   111 ( 126 )   145 - 150   2011.7

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

The authors have proposed a cyclic vector multiplication algorithm abbreviated as CVMA that is flexible to the parameters of extension field, that is extension degree and charasteristic. For the hardware implementation of CVMA, the authors have improved the double loop structure of CVMA to a single loop one, and it has been presented at SITA2010. However, it has a problem that it needs a lot of memory. Thus, this paper proposes a method to save the memory use of the single loop version of CVMA.

• TAKAHASHI Ryosuke, NEKADO Kenta, TAKAI Yusuke, NOGAMI Yasuyuki, KAGOTANI Hiroto, NARITA Takashi

IEICE technical report   111 ( 123 )   145 - 150   2011.7

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

The authors have proposed a cyclic vector multiplication algorithm abbreviated as CVMA that is flexible to the parameters of extension field, that is extension degree and charasteristic. For the hardware implementation of CVMA, the authors have improved the double loop structure of CVMA to a single loop one, and it has been presented at SITA2010. However, it has a problem that it needs a lot of memory. Thus, this paper proposes a method to save the memory use of the single loop version of CVMA.

• TAKAHASHI Ryosuke, NEKADO Kenta, TAKAI Yusuke, NOGAMI Yasuyuki, KAGOTANI Hiroto, NARITA Takashi

IEICE technical report   111 ( 124 )   145 - 150   2011.7

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

The authors have proposed a cyclic vector multiplication algorithm abbreviated as CVMA that is flexible to the parameters of extension field, that is extension degree and charasteristic. For the hardware implementation of CVMA, the authors have improved the double loop structure of CVMA to a single loop one, and it has been presented at SITA2010. However, it has a problem that it needs a lot of memory. Thus, this paper proposes a method to save the memory use of the single loop version of CVMA.

• 2011 ( 23 )   1 - 6   2011.7

More details

Language：Japanese

• 2011 ( 23 )   1 - 6   2011.7

More details

Language：Japanese

• TAKAI Yusuke, NEKADO Kenta, NOGAMI Yasuyuki, MORIKAWA Yoshitaka, KAGOTANI Hiroto

IEICE technical report   110 ( 137 )   19 - 24   2010.7

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Cyclic vector multiplication algorithm (CVMA) has been originally proposed as a vector multiplication algorithm for elements in a certain extension field. Recently, Granger et al. have proposed the primes called Minimal Redundancy Cyclotomic Primes (MRCPs) and they have applied CVMA for the modular multiplications with MRCPs. This paper shows that several detailed classes of MRCPs and their customized multiplication algorithms.

• SAKEMI Yumi, IZU Tetsuya, TAKENAKA Masahiko, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report   110 ( 114 )   195 - 201   2010.6

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Specification of EMV signatures is an ISO/IEC 9796-2 compliant format with extra redundancy, and used for certifying credit cards. At CRYPTO 2009, Coron, Naccache, Tibouchi, and Weinmann proposed a new forgery attack against the signature ISO/IEC 9796-2. They also discussed the possibility when the attack is applied to the EMV signatures. As a results, they concluded that the attack can not forge them for operational reason. However, since they estimated the attack's cost under a specific condition, it is difficult to evaluate the attack's threat under other conditions. This paper gives the detailed cost of the attack under all conditions based on the fixed data in a message. Then, the conditions under which the attack can forge EMV signature with low costs are shown.

• SAKEMI Yumi, IZU Tetsuya, TAKENAKA Masahiko, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report   110 ( 113 )   195 - 201   2010.6

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Specification of EMV signatures is an ISO/IEC 9796-2 compliant format with extra redundancy, and used for certifying credit cards. At CRYPTO 2009, Coron, Naccache, Tibouchi, and Weinmann proposed a new forgery attack against the signature ISO/IEC 9796-2. They also discussed the possibility when the attack is applied to the EMV signatures. As a results, they concluded that the attack can not forge them for operational reason. However, since they estimated the attack's cost under a specific condition, it is difficult to evaluate the attack's threat under other conditions. This paper gives the detailed cost of the attack under all conditions based on the fixed data in a message. Then, the conditions under which the attack can forge EMV signature with low costs are shown.

• NEKADO Kenta, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report   109 ( 446 )   403 - 407   2010.2

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Recently, for several pairing-based cryptographic applications, convenient basis which can construct extension field for every pair of characteristic p and extension degree m has been required. Kato et al. have focused on Gauss period normal basis(GNB)as the basis, and proposed cyclic vector multiplication algorithm(CVMA)as an efficient multiplication algorithm in an extension field constructed by GNB. This paper considers how to elicite existing probability of GNB theoretically, and estimates the efficiency of CVMA by using the elicitation method.

• Yasuyuki Nogami, Kenta Nekado, Tetsumi Toyota, Naoto Hongo, Yoshitaka Morikawa

CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS - CHES 2010   6225   234 - 247   2010

More details

Language：English   Publisher：SPRINGER-VERLAG BERLIN

A lot of improvements and optimizations for the hardware implementation of Sub Bytes of Rijndael, in detail inversion in F(28) have been reported. Instead of the Rijndael original F(28) it is known that its isomorphic tower field F(((22)2)2) has a more efficient inversion. For the towerings, several kinds of bases such as polynomial and normal bases can be used in mixture. Different from the meaning of this mixture of bases, this paper proposes another mixture that contributes to the reduction of the critical path delay of SubBytes. To the F((22)2)-inversion architecture, for example, the proposed mixture inputs and outputs elements represented with normal and polynomial bases, respectively.

• Anonymous IEEE802.1X Authentication System Using Group Signatures

A. Sudarsono, T. Nakanishi, Y. Nogami, N. Funabiki

IPSJ Journal   51 ( 3 )   691 - 704   2010

More details

• Mixed Bases for Efficient Inversion in F(((22)2)2) and Conversion Matrices of Sub Bytes of AES

Yasuyuki Nogami, Kenta Nekado, Tetsumi Toyota, Naoto Hongo, Yoshitaka Morikawa

CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS - CHES 2010   6225   234 - 247   2010

More details

A lot of improvements and optimizations for the hardware implementation of Sub Bytes of Rijndael, in detail inversion in F(28) have been reported. Instead of the Rijndael original F(28) it is known that its isomorphic tower field F(((22)2)2) has a more efficient inversion. For the towerings, several kinds of bases such as polynomial and normal bases can be used in mixture. Different from the meaning of this mixture of bases, this paper proposes another mixture that contributes to the reduction of the critical path delay of SubBytes. To the F((22)2)-inversion architecture, for example, the proposed mixture inputs and outputs elements represented with normal and polynomial bases, respectively.

• Anonymous IEEE802.1X Authentication System Using Group Signatures

A. Sudarsono, T. Nakanishi, Y. Nogami, and N. Funabiki

IPSJ Journal   51 ( 3 )   691 - 704   2010

More details

• TAKEUCHI Shoichi, IZUTA Tetsuya, SAKEMI Yumi, NISHII Kazushi, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report   109 ( 337 )   37 - 41   2009.12

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Recently, some pairing-based cryptographies that uses a non-supersingular pairing-friendly curve whose order has large prime factors as RSA does have been proposed. Since it generally takes a lot of calculation time for generating such a composite order pairing-friendly curve, several efficient methods have been also proposed. Then, using such a special pairing-friendly curve, pairing-based cryptographies will be implemented with not only pairing calculations but also scalar multiplications and exponentiations over a certain finite field. This paper first introduces a non-supersingular pairing-friendly curve of embedding degree 1 whose order has two large prime factors as RSA does. Then, it is shown that GLV method and multi scalar multiplication are efficiently applied for accelerating a scalar multiplication. After that, some experimental results are shown.

• KATO Hidehiro, NOGAMI Yasuyuki, UEHARA Satoshi, MORIKAWA Yoshitaka

IEICE technical report   109 ( 337 )   43 - 50   2009.12

More details

Language：English   Publisher：The Institute of Electronics, Information and Communication Engineers

Several methods for finding a basis conversion matrix between two different bases in extension field F_<p^m> have been proposed. Among them, the one based on Gauss period normal basis (GNB-based method) is averagely the most efficient. However, since it needs to construct a certain tower field F_<(p^m)^n, some inefficient cases in which the towering degree becomes relatively large have been reported. It is caused from the condition of GNB. In order to overcome the inefficiency, this paper proposes a method that does not need any GNBs in the target extension field F_<p^m> but uses a certain polynomial basis in F_<p^m> derived by a certain small cyclic group in F_<(p^m)^n. Then, the condition for the towering degree is relaxed, some experimental results show that the proposed method substantially accelerates the average computation time for finding a basis conversion matrix.

• IZUTA Tetsuya, SAKEMI Yumi, NISHII Kazushi, TAKEUCHI Shoichi, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report   109 ( 207 )   59 - 64   2009.9

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Recently, pairing-based cryptographic applications such as ID-based cryptography have received much attention. On the other hand, RSA cryptography has been widely used and it is defined over a certain composite order as the modulus. In detail, it generally needs to be a product of two large prime numbers. In order to apply RSA-based techniques to pairing-based cryptography, pairing friendly curve needs to have such a composite order. This paper focuses on some non-supersingular pairing friendly curves whose order r has two large prime factors and embedding degree k is equal to 1. This paper shows some experimental results on generating such a composite order curve and Tate pairing.

• Integer Variable chi-Based Cross Twisted Ate Pairing and Its Optimization for Barreto-Naehrig Curve

Yasuyuki Nogami, Yumi Sakemi, Hidehiro Kato, Masataka Akane, Yoshitaka Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E92A ( 8 )   1859 - 1867   2009.8

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

It is said that the lower bound of the number of iterations of Miller's algorithm for pairing calculation is log(2) r/phi(k), where phi(.) is the Euler's function, r is the group order, and k is the embedding degree. Ate pairing reduced the number of the loops of Miller's algorithm of Tate pairing from left perpendicularlog(2) right perpendicular to left perpendicularlog(2)(t-1)right perpendicular, where t is the Frobenius trace. Recently, it is known to systematically prepare a pairing-friendly elliptic curve whose parameters are given by a polynomial of integer variable "chi." For such a curve, this paper gives integer variable chi-based Ate (Xate) pairing that achieves the lower bound. In the case of the well-known Barreto-Naehrig pairing-friendly curve. it reduces the number of loops to left perpendicularlog(2)chi right perpendicular. Then, this paper optimizes Xate pairing for Barreto-Naehrig curve and shows its efficiency based on some simulation results.

• Yasuyuki Nogami, Yumi Sakemi, Hidehiro Kato, Masataka Akane, Yoshitaka Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E92A ( 8 )   1859 - 1867   2009.8

More details

Authorship：Lead author   Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

It is said that the lower bound of the number of iterations of Miller's algorithm for pairing calculation is log(2) r/phi(k), where phi(.) is the Euler's function, r is the group order, and k is the embedding degree. Ate pairing reduced the number of the loops of Miller's algorithm of Tate pairing from left perpendicularlog(2) right perpendicular to left perpendicularlog(2)(t-1)right perpendicular, where t is the Frobenius trace. Recently, it is known to systematically prepare a pairing-friendly elliptic curve whose parameters are given by a polynomial of integer variable "chi." For such a curve, this paper gives integer variable chi-based Ate (Xate) pairing that achieves the lower bound. In the case of the well-known Barreto-Naehrig pairing-friendly curve. it reduces the number of loops to left perpendicularlog(2)chi right perpendicular. Then, this paper optimizes Xate pairing for Barreto-Naehrig curve and shows its efficiency based on some simulation results.

• Yasuyuki Nogami, Ryo Namba, Yoshitaka Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E92A ( 6 )   1500 - 1507   2009.6

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

This paper proposes a method to construct a basis conversion matrix between two given bases in F-pm. In the proposed method, Gauss period normal basis (GNB) works as a bridge between the two bases. The proposed method exploits this property and construct a basis conversion matrix mostly faster than EDF-based algorithm on average in polynomial time. Finally, simulation results are reported in which the proposed method compute a basis conversion matrix within 30 msec on average with Celeron (2.00 GHz) when m log p approximate to 160.

• NISHII Kazushi, SAKEMI Yumi, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report   109 ( 42 )   51 - 54   2009.5

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Recently, pairing-based cryptographic applications such as ID-based cryptography have received much attention. On the other hand, RSA cryptography has been widely used and is defined over a certain composite order as the modulus. In detail, it generally needs to be a product of two large prime numbers. In order to apply RSA-based techniques to pairing-based cryptography, pairing-friendly elliptic curve also needs to have such a composite order. This paper proposes a method for generating ordinary pairing-friendly curves of such a composite order especially when the embedding degree k is equal to 3, the discriminant is equal to 3, in addition the elliptic curve is given in the form of y^2=x^3+a, a∈F_p.

• YANAGI Erika, NEKADO Kenta, NOGAMI Yasuyuki, MORIKAWA Yoshiktaka

IEICE technical report   109 ( 42 )   55 - 60   2009.5

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

This paper first introduces cyclic vector multiplication algorithm (CVMA) that is a multiplication algorithm with Gauss period Normal Basis in extension field. Then, it is also introduced that CVMA is useful under the tight restrictions of pairing-based cryptographies. Then, this paper points out a problem about the calculation cost of CVMA. For this problem, this paper proposes an improvement. According to some simulation and experimental results, it is shown that the improvement makes CVMA much more efficient in some cases.

• SUDARSONO Amang, NAKANISHI Toru, SAKEMI Yumi, NOGAMI Yasuyuki, FUNABIKI Nobuo

IEICE technical report   109 ( 42 )   37 - 42   2009.5

More details

Language：English   Publisher：The Institute of Electronics, Information and Communication Engineers

A group signature scheme with efficient verifier-local revocation check has been proposed. This scheme provides a more efficient revocation check, using the multi-pairing technique for a product of pairings. However, this scheme has not been implemented and evaluated. This paper presents an implementation of the group signature scheme and the experimental results.

• Fast Ate Pairing Computation of Embedding Degree 12 Using Subfield-Twisted Elliptic Curve

Masataka Akane, Yasuyuki Nogami, Yoshitaka Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E92A ( 2 )   508 - 516   2009.2

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

This paper presents implementation techniques of fast Ate pairing of embedding degree 12. In this case, we have no trouble in finding a prime order pairing friendly curve E such as the Barreto-Naehrig curve y(2) = x(3) + a, a is an element of F-p. For the curve, an isomorphic substitution from G(2) is an element of E(F-p(12)) into G(2)'in subfield-twisted elliptic curve E'(F-p(2)) speeds up scalar multiplications over G(2) and wipes out denominator calculations in Miller's algorithm. This paper mainly provides about 30% improvement of the Miller's algorithm calculation using proper subfield arithmetic operations. Moreover, we also provide the efficient parameter settings of the BN curves. When p is a 254-bit prime, the embedding degree is 12, and the processor is Pentium4 (3.6 GHz), it is shown that the proposed algorithm computes Ate pairing in 13.3 milli-seconds including final exponentiation.

• Masataka Akane, Yasuyuki Nogami, Yoshitaka Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E92A ( 2 )   508 - 516   2009.2

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

This paper presents implementation techniques of fast Ate pairing of embedding degree 12. In this case, we have no trouble in finding a prime order pairing friendly curve E such as the Barreto-Naehrig curve y(2) = x(3) + a, a is an element of F-p. For the curve, an isomorphic substitution from G(2) is an element of E(F-p(12)) into G(2)'in subfield-twisted elliptic curve E'(F-p(2)) speeds up scalar multiplications over G(2) and wipes out denominator calculations in Miller's algorithm. This paper mainly provides about 30% improvement of the Miller's algorithm calculation using proper subfield arithmetic operations. Moreover, we also provide the efficient parameter settings of the BN curves. When p is a 254-bit prime, the embedding degree is 12, and the processor is Pentium4 (3.6 GHz), it is shown that the proposed algorithm computes Ate pairing in 13.3 milli-seconds including final exponentiation.

• Hidehiro Kato, Yasuyuki Nogami, Tomoki Yoshida, Yoshitaka Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E92A ( 1 )   173 - 181   2009.1

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

In this paper, a multiplication algorithm in extension field F-pm is proposed. Different from the previous works, the proposed algorithm can be applied for an arbitrary pair of characteristic 1) and extension degree in only except for the case when 4p divides m(p-1) and m is an even number. As written in the title, when p &gt; m, 4p does not divice m(p - 1). The proposed algorithm is derived by modifying cyclic vector multiplication algorithm (CVMA). We adopt a special class of Gauss period normal bases. At first in this paper, it is formulated as an algorithm and the calculation cost of the modified algorithm is evaluated. Then, compared to those of the previous works, some experimental results are shown. Finally, it is shown that the proposed algorithm is sufficient practical when extension degree in is small.

• Yasuyuki Nogami, Yumi Sakemi, Takumi Okimoto, Kenta Nekado, Masataka Akane, Yoshitaka Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E92A ( 1 )   182 - 189   2009.1

More details

Authorship：Lead author   Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

For ID-based cryptography, not only pairing but also scalar multiplication must be efficiently computable. In this paper, we propose a scalar multiplication method on the circumstances that we work at Ate pairing with Barreto-Naehrig (BN) curve. Note that the parameters of BN curve are given by a certain integer, namely mother parameter. Adhering the authors' previous policy that we execute scalar multiplication on subfield-twisted curve (E) over tilde (F-p2) instead of doing on the original curve E(F-p12), we at first show sextic twisted subfield Frobenius mapping (ST-SFM) in E(Fp2). On BN curves, note (phi) over tilde is identified with the scalar multiplication by p. However a scalar is always smaller than the order r of BN curve for Ate pairing, so ST-SFM does not directly applicable to the above circumstances. We then exploit the expressions of the curve order r and the characteristic p by the mother parameter to derive some radices such that they are expressed as a polynomial of p. Thus, a scalar multiplication [s] can be written by the series of ST-SFMs (phi) over tilde. In combination with the binary method or multi-exponentiation technique, this paper shows that the proposed method runs about twice or more faster than plain binary method.

• Scalar Multiplication Using Frobenius Expansion over Twisted Elliptic Curve for Ate Pairing Based Cryptography

Yasuyuki Nogami, Yumi Sakemi, Takumi Okimoto, Kenta Nekado, Masataka Akane, Yoshitaka Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E92A ( 1 )   182 - 189   2009.1

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

For ID-based cryptography, not only pairing but also scalar multiplication must be efficiently computable. In this paper, we propose a scalar multiplication method on the circumstances that we work at Ate pairing with Barreto-Naehrig (BN) curve. Note that the parameters of BN curve are given by a certain integer, namely mother parameter. Adhering the authors' previous policy that we execute scalar multiplication on subfield-twisted curve (E) over tilde (F-p2) instead of doing on the original curve E(F-p12), we at first show sextic twisted subfield Frobenius mapping (ST-SFM) in E(Fp2). On BN curves, note (phi) over tilde is identified with the scalar multiplication by p. However a scalar is always smaller than the order r of BN curve for Ate pairing, so ST-SFM does not directly applicable to the above circumstances. We then exploit the expressions of the curve order r and the characteristic p by the mother parameter to derive some radices such that they are expressed as a polynomial of p. Thus, a scalar multiplication [s] can be written by the series of ST-SFMs (phi) over tilde. In combination with the binary method or multi-exponentiation technique, this paper shows that the proposed method runs about twice or more faster than plain binary method.

• Thread Computing for Miller's algorithm of Pairing

Shoichi Takeuchi, Yumi Sakemi, Yasuyuki Nogami, Yoshitaka Morikawa

ISCE: 2009 IEEE 13TH INTERNATIONAL SYMPOSIUM ON CONSUMER ELECTRONICS, VOLS 1 AND 2   587 - 591   2009

More details

Language：English   Publisher：IEEE

This paper shows an improvement of Miller's algorithm so as to be efficient for thread programming by using divisor theorem. Then, this paper implements a thread program of the improved Miller's algorithm by which it is shown that the proposed technique is more efficient than ordinary Miller's algorithm.

• Cost Evaluation of The Improvement of Twisted Ate Pairing That Uses Integer Variable Chi of Small Hamming Weight

Y. Sakemi, H. Kato, Y. Nogami, Y. Morikawa

Memoirs of the Faculty of Engineering, Okayama University   43 ( 15 )   113 - 116   2009

More details

• Kato Hidehiro, Nogami Yasuyuki, Morikawa Yoshitaka

Memoirs of the Faculty of Engineering, Okayama University   43   99 - 107   2009

More details

Language：English   Publisher：Faculty of Engineering, Okayama University

• Inversion with Normal Bases in Tower Field F_{((2^{2})^{2})^2} for S-Box of AES

Y. Nogami, M. Hagio(Oki Network LSI, E. Yanagi, Y. Morikawa

ITC-CSCC2009   1337 - 1338   2009

More details

• Yumi Sakemi, Yasuyuki Nogami, Hidehiro Kato, Yoshitaka Morikawa

2009 IEEE INTERNATIONAL SYMPOSIUM ON INFORMATION THEORY, VOLS 1- 4   2386 - 2390   2009

More details

Language：English   Publisher：IEEE

Recently, efficient pairings such as optimal-ate, R-ate, and Xate pairings have been proposed. On the other hand, some pairing-based cryptographic protocols need several pairing calculations for one procedure. Thus, multi-pairing technique will be efficiently applied. This paper optimizes Xate pairing for multi-pairing and then evaluates its efficiency with comparing to the other efficient pairings. Then, it is shown that the multi-pairing with the optimized Xate pairing is the most efficient.

• Determining Basis Conversion Matrix without Gauss Period Normal Basis

Y.Nogami, E.Yanagi, M.Hagio, Oki Network LSI, Y.Morikawa

ITC-CSCC2009   1331 - 1332   2009

More details

• How to Generate a Secure Composite Order Ordinary Pairing-friendly Curve of Embedding Degree 3

Y.Nogami, K.Nishii, Y.Sakemi, H.Kato, Y.Morikawa

ITC-CSCC2009   1474 - 1447   2009

More details

• Satoshi Uehara, Shuichi Jono, Yasuyuki Nogami

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E91A ( 12 )   3745 - 3748   2008.12

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

A class of zero-correlation zone (ZCZ) sequences constructed by the recursive procedure from a perfect sequence and a unitary matrix was proposed by T, Nakamura, and Suehiro [1]. In the reference [1], three parameters, s.t., the Sequence length, the family size and the length of the ZCZ, were evaluated for a general estimate of the performance of the ZCZ sequences. In this letter, we give more detailed distributions of that correlation values are zero on their ZCZ sequence sets.

• Efficient Exponentiation in Extensions of Finite Fields without Fast Frobenius Mappings

Yasuyuki Nogami, Hidehiro Kato, Kenta Nekado, Yoshitaka Morikawa

ETRI JOURNAL   30 ( 6 )   818 - 825   2008.12

More details

Language：English   Publisher：ELECTRONICS TELECOMMUNICATIONS RESEARCH INST

This paper proposes an exponentiation method with Frobenius mappings. The main target is an exponentiation in an extension field. This idea can be applied for scalar multiplication of a rational point of an elliptic curve defined over an extension field. The proposed method is closely related to so-called interleaving exponentiation. Unlike interleaving exponentiation methods, it can carry out several exponentiations of the same base at once. This happens in some pairing-based applications. The efficiency of using Frobenius mappings for exponentiation in an extension field was well demonstrated by Avanzi and Mihailescu. Their exponentiation method efficiently decreases the number of multiplications by inversely using many Frobenius mappings. Compared to their method, although the number of multiplications needed for the proposed method increases about 20%, the number of Frobenius mappings becomes small. The proposed method is efficient for cases in which Frobenius mapping cannot be carried out quickly.

• Yasuyuki Nogami, Hiroaki Nasu, Yoshitaka Morikawa, Satoshi Uehara

FINITE FIELDS AND THEIR APPLICATIONS   14 ( 4 )   867 - 876   2008.11

More details

Language：English   Publisher：ACADEMIC PRESS INC ELSEVIER SCIENCE

This paper proposes a useful method for constructing a self-dual normal basis in an arbitrary extension field F-p(m) such that 4p does not divide m(p - 1) and m is odd. In detail, when the characteristic p and extension degree in satisfies the following conditions (1) and either (2a) or (2b); (1) 2km + 1 is a prime number, (2a) the order of p in F2km+ 1 is 2km, (2b) 2 dagger km and the order of p in F2km + 1 is km, we can consider a class of Gauss period normal bases. Using this Gauss period normal basis, this paper shows a method to construct a self-dual normal basis in the extension field F-p(m). (C) 2008 Elsevier Inc. All rights reserved.

• A method for constructing a self-dual normal basis in odd characteristic extension fields

Yasuyuki Nogami, Hiroaki Nasu, Yoshitaka Morikawa, Satoshi Uehara

FINITE FIELDS AND THEIR APPLICATIONS   14 ( 4 )   867 - 876   2008.11

More details

Language：English   Publisher：ACADEMIC PRESS INC ELSEVIER SCIENCE

This paper proposes a useful method for constructing a self-dual normal basis in an arbitrary extension field F-p(m) such that 4p does not divide m(p - 1) and m is odd. In detail, when the characteristic p and extension degree in satisfies the following conditions (1) and either (2a) or (2b); (1) 2km + 1 is a prime number, (2a) the order of p in F2km+ 1 is 2km, (2b) 2 dagger km and the order of p in F2km + 1 is km, we can consider a class of Gauss period normal bases. Using this Gauss period normal basis, this paper shows a method to construct a self-dual normal basis in the extension field F-p(m). (C) 2008 Elsevier Inc. All rights reserved.

• YOSHIDA Tomoki, KATO Hidehiro, NEKADO Kenta, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report   108 ( 162 )   101 - 107   2008.7

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

In recent years, pairing-based cryptographies such as ID-base cryptography and group signature have been studied. These cryptographies require exponentiations in multiplicative group G_T. In this paper, the author proposes an efficient exponentiation method for the case of Barreto-Naehrig (BN) curve. Additionally, the author shows implementation results of the proposed method with conventional techniques such as binary method, window method, NAF method and Avanzi method. Then, the author shows the proposed method carries out exponentiation fast.

• YOSHIDA Tomoki, KATO Hidehiro, NEKADO Kenta, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IPSJ SIG Notes   2008 ( 71 )   235 - 241   2008.7

More details

Language：Japanese   Publisher：Information Processing Society of Japan (IPSJ)

In recent years, pairing-based cryptographies [2] such as ID-base cryptography [3] and group signature [1]have been studied. These cryptographies require exponentiations in multiplicative group G_T In this paper, the author proposes an efficient exponentiation method for the case of Barreto-Naehrig (BN) curve [9] . Additionally, the author shows implementation results of the proposed method with conventional techniques such as binary method, window method, NAF method and Avanzi method [12] [15]. Then, the author shows the proposed method carries out exponentiation fast.

• Yasuyuki Nogami, Ryo Namba, Yoshitaka Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E91A ( 4 )   1229 - 1231   2008.4

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

This paper shows a necessary condition for type-&lt; k, m &gt; and &lt; k', m &gt; Gauss period normal bases in F-p(m) to be the same normal basis by using their traces.

• Basis translation matrix between two isomorphic extension fields via optimal normal basis

Yasuyuki Nogami, Ryo Namba, Yoshitaka Morikawa

ETRI JOURNAL   30 ( 2 )   326 - 334   2008.4

More details

Language：English   Publisher：ELECTRONICS TELECOMMUNICATIONS RESEARCH INST

This paper proposes a method for generating a basis translation matrix between isomorphic extension fields. To generate a basis translation matrix, we need the equality correspondence of a basis between the isomorphic extension fields. Consider an extension field F-p(m) where p is characteristic. As a brute force method, when p(m) is small, we can check the equality correspondence by using the minimal polynomial of a basis element; however, when P, is large, it becomes too difficult. The proposed methods are based on the fact that Type I and Type H optimal normal bases (ONBs) can be easily identified in each isomorphic extension field. The proposed methods efficiently use Type I and Type II ONBs and can generate a pair of basis translation matrices within 15 ms on Pentium 4 (3.6 GHz) when mlog(2)p = 160.

• Basis translation matrix between two isomorphic extension fields via optimal normal basis

Yasuyuki Nogami, Ryo Namba, Yoshitaka Morikawa

ETRI Journal   30 ( 2 )   326 - 334   2008

More details

Language：English   Publisher：ETRI

This paper proposes a method for generating a basis translation matrix between isomorphic extension fields. To generate a basis translation matrix, we need the equality correspondence of a basis between the isomorphic extension fields. Consider an extension field Fpm where p is characteristic. As a brute force method, when pm is small, we can check the equality correspondence by using the minimal polynomial of a basis element
however, when pm is large, it becomes too difficult The proposed methods are based on the fact that Type I and Type II optimal normal bases (ONBs) can be easily identified in each isomorphic extension field. The proposed methods efficiently use Type I and Type II ONBs and can generate a pair of basis translation matrices within 15 ms on Pentium 4 (3.6 GHz) when mlog2p = 160.

• Extension Field for Ate Pairing with Freeman Curve

ITC-CSCC2008   653 - 656   2008

More details

• Kato Hidehiro, Nekado Kenta, Nogami Yasuyuki, Morikawa Yoshitaka

Memoirs of the Faculty of Engineering, Okayama University   42 ( 4 )   36 - 43   2008

More details

Language：English   Publisher：Faculty of Engineering, Okayama University

• A Method for Checking the Parity of (#Jc-1)/2 Genus 2 and 3 Hyperelliptic Curves

Y.Nogami, Y.Morikawa

Memoirs of the Faculty of Engineering, Okayama University   42 ( 14 )   110 - 114   2008

More details

• Systematic Generation of An Irreducible Polynomial of An Arbitrary Degree m over F-p Such That p &gt; m

Hiroaki Nasu, Yasuyuki Nogami, Yoshitaka Morikawa, Shigeki Kobayashi, Tatsuo Sugimura

THIRD 2008 INTERNATIONAL CONFERENCE ON CONVERGENCE AND HYBRID INFORMATION TECHNOLOGY, VOL 2, PROCEEDINGS   2   478 - +   2008

More details

Language：English   Publisher：IEEE COMPUTER SOC

This paper proposes a method for generating an irreducible polynomial of an arbitrary degree m over an arbitrary prime field F, such that p &gt; m. The proposed method is closely related to the minimal polynomial determination and therefore it has the following features: its complexity has little dependency on the size of characteristic p, its calculation cost is explicitly given with degree m, and it can generate primitive polynomials when p(m) - 1 is factorized as the product of prime numbers. The restriction p &gt; m comes from using Newton's formula.

• An Implementation of Anonymous IEEE802.1X Authentication System for Wireless Networks

A. Sudarsono, T. Nakanishi, Y. Nogami, N. Funabiki

Proc. the 10th Industrial Electronics Seminar 2008 (IES2008)   2008

More details

• Yumi Sakemi, Yasuyuki Nogami, Katsuyuki Okeya, Hidehiro Kato, Yoshitaka Morikawa

CRYPTOLOGY AND NETWORK SECURITY   5339   226 - +   2008

More details

Language：English   Publisher：SPRINGER-VERLAG BERLIN

This paper considers a new skew Frobenius endomorphism with pairing-friendly elliptic curve E(F-p) defined over prime field F-p. Then, using the new skew Frobenius map, an efficient scalar multiplication method for pairing-friendly elliptic curve E(F-p) is shown. According to the simulation result, a scalar multiplication by the proposed method with multi-exponentiation technique is about 40% faster than that by plain binary method.

• An Improvement of Twisted Ate Pairing with Barreto-Naehrig Curve by using Frobenius Mapping

Yumi Sakemi, Hidehiro Kato, Yasuyuki Nogami, Yoshitaka Morikawa

Third 2008 International Conference on Convergence and Hybrid Information Technology, Vol 2, Proceedings   2   406 - 410   2008

More details

Language：English   Publisher：IEEE COMPUTER SOC

This paper proposes an improvement of twisted-Ate pairing with Barreto-Naehrig curve so as to efficiently use Frobenius mapping with respect to prime field. Then, this paper shows some simulation results by which it is shown that the improvement accelerates twisted-Ate pairing.

• Efficient Pairings on Twisted Elliptic Curve

Yasuyuki Nogami, Masataka Akane, Yumi Sakemi, Yoshitaka Morikawa

THIRD 2008 INTERNATIONAL CONFERENCE ON CONVERGENCE AND HYBRID INFORMATION TECHNOLOGY, VOL 2, PROCEEDINGS   2   430 - +   2008

More details

Language：English   Publisher：IEEE COMPUTER SOC

This paper proposes an efficient implementation of Ate pairing on twisted elliptic curve. Suppose that a pairing-friendly elliptic curve E has a twisted elliptic curve E' of degree d, and let psi(d) be an isomorphic map from E'(F-p(e)) to the corresponding subgroup of E(F-p(k)). Then, consider G' = psi(-1)(d) (G1) and G(2)' = psi(-1)(d) (G(2)) for G(1), G(2) at Ate pairing alpha. Let P is an element of G(1), Q is an element of G(2), P' is an element of G'(1) and Q' is an element of G'(2), the authors have shown alpha(Q,P) = F-t-q,F-Q (P)((pk-1)/r) = f(t-1,Q')(P')((pk-1)/r). This paper shows that this new Ate pairing, namely cross twisted (Xt) Ate pairing, provides an quite efficient implementation.

• An Improvement of Cyclic Vector Multiplication Algorithm

Hidehiro Kato, Yasuyuki Nogami, Tomoki Yoshida, Kenta Nekado, Shoichi Takeuchi, Yoshitaka Morikawa

Third 2008 International Conference on Convergence and Hybrid Information Technology, Vol 2, Proceedings   2   401 - 405   2008

More details

Language：English   Publisher：IEEE COMPUTER SOC

This paper first introduces cyclic vector multiplication algorithm (CVMA) that is a multiplication algorithm in extension field. Then, it is also introduced that CVMA is useful under the tight restrictions of pairing-based cryptographies. Then, this paper points out a problem about the calculation cost of CVMA. For this problem, this paper proposes an improvement. According to some simulation results, it is shown that the improvement makes CVMA much more efficient.

• Hiroaki Nasu, Yasuyuki Nogami, Satoshi Uehara, Ryo Namba, Yoshitaka Morikawa

CYBERNETICS AND SYSTEMS   39 ( 6 )   563 - 582   2008

More details

Language：English   Publisher：TAYLOR & FRANCIS INC

Self-dual normal basis is efficient for the arithmetic operations in extension field and especially trace calculation. However, self-dual normal bases do not exist in [image omitted] when characteristic p is odd and degree m is even. This paper proposes a method to construct an efficient normal basis for trace calculation when extension degree is even. In this paper, we call it pseudo self-dual normal basis.

• Generating Irreducible Self-reciprocal Polynomials by Using Even Polynomial over Fq

Shigeki Kobayashi, Yasuyuki Nogami, Tatsuo Sugimura

The 23rd International Technical Conference on Circuits/Systems, Computers and Communications   121 - 124   2008

More details

• An Improvement of Twisted Ate Pairing Using Integer Variable with Small Hamming Weight

Y. Sakemi, H. Kato, Y. Nogami, Y. Morikawa

The 23rd International Technical Conference on Circuits/Systems, Computers and Communicatio   269 - 272   2008

More details

• Fast Squaring in TypeI All One Polynomial Field

Hidehiro Kato, Yasuyuki Nogami, Yoshitaka Morikawa

The 23rd International Technical Conference on Circuits/Systems, Computers and Communications   273 - 276   2008

More details

• Yasuyuki Nogami, Masataka Akane, Yumi Sakemi, Hidehiro Kato, Yoshitaka Morikawa

PAIRING-BASED CRYPTOGRAPHY - PAIRING 2008   5209   178 - +   2008

More details

Language：English   Publisher：SPRINGER-VERLAG BERLIN

In implementing an efficient pairing calculation, it is said that the lower bound of the number of iterations of Miller's algorithm is log(2)r/phi(k), where phi(.) is the Euler's function. Ate pairing reduced the number of the loops of Miller's algorithm of Tate pairing from left perpendicularlog(2)rright perpendicular to left perpendicularlog(2)(t - 1)right perpendicular. Recently, it is known to systematically prepare a pairing-friendly elliptic curve whose parameters are given by a polynomial of integer variable "chi". For the curve, this paper gives integer variable chi-based Ate pairing that achieves the lower bound by reducing it to left perpendicularlog(2) chi right perpendicular.

• Cyclic vector multiplication algorithm based on a special class of Gauss period normal basis

Hidehiro Kato, Yasuyuki Nogami, Tomoki Yoshida, Yoshitaka Morikawa

ETRI JOURNAL   29 ( 6 )   769 - 778   2007.12

More details

Language：English   Publisher：ELECTRONICS TELECOMMUNICATIONS RESEARCH INST

This paper proposes a multiplication algorithm for F-pm, which can be efficiently applied to many pairs of characteristic p and extension degree m except for the case that 8p divides m(p-1). It uses a special class of type-&lt; k, m &gt; Gauss period normal bases. This algorithm has several advantages: it is easily parallelized; Frobenius mapping is easily carried out since its basis is a normal basis; its calculation cost is clearly given; and it is sufficiently practical and useful when parameters k and m are small.

• HIRA Yuta, KATO Hidehiro, NAKANISHI Toru, NOGAMI Yasuyuki, FUNABIKI Nobuo, MORIKAWA Yoshitaka

IEICE technical report   107 ( 209 )   69 - 76   2007.8

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Group signature scheme is one of signature schemes which keep signer's identity information secret. A pairing-based group signature scheme which can make a signer sign without any revocation information and has the short length of the signature was proposed. However this scheme has a problem that the anonymity cannot be proved in case of using the twisted pairing which is known for an efficient implementation of pairing. Then, in this paper, we extend the previous scheme to have the provable anonymity in case of using twisted pairing. In addition, we efficiently implemented the extended scheme by transforming some equations and introducing parallel processing, and then we show that the extended scheme can be executed for a practical time on a server with multi-core CPU even if about 500 members are revoked.

• SAKEMI Yumi, NASU Hiroaki, NANBA Ryo, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report   107 ( 143 )   23 - 27   2007.7

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

A self-dual normal basis only exists in odd-degree extension field when characteristic p is an odd prime. However, a method to construct it systematically has not been given. In this paper, we show a method for constructing a self-dual normal basis in an arbitrary extension field F_<p^m> such that 4p does not divide m(p-1) and m is odd by using a special class of Gauss period normal bases. Then, it is also shown that the vector representations with the self-dual and Gauss period normal bases are easily translated to each other.

• NEKADO Kenta, NASU Hiroaki, NANBA Ryo, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report   107 ( 143 )   19 - 22   2007.7

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Some public-key cryptographies require an extension field as the definition field. When we implement arithmetic operations in the extension field, we need to prepare an efficient basis. In this paper, we deal with normal bases efficient for trace calculations. First, we go over that there are no self-dual normal bases [2]-[4] in odd characteristic extension fields of even degree. Then, we introduce a normal basis in odd characteristic extension field of degree 2 as efficient as self-dual normal basis.

• 自己相反逆変換を用いたF2上の高次既約多項式の生成法

小林茂樹, 野上保之, 杉村立夫, 難波諒

電子情報通信学会論文誌A   J90-A ( 5 )   460 - 469   2007

More details

• A Multiplication Algorithm in F_{p^m} for An Arbitrary Pair of The Characteristic p and Degree m Such That p>m,

Hidehiro Kato, Yasuyuki Nogami, Yoshitaka Morikawa, Tomoki Yoshida

ETRI journal   採録済み   2007

More details

• Nogami Yasuyuki, Morikawa Yoshitaka

Memoirs of the Faculty of Engineering, Okayama University   41 ( 1 )   11 - 19   2007

More details

Language：English   Publisher：Faculty of Engineering, Okayama University

• Nogami Yasuyuki, Morikawa Yoshitaka

Memoirs of the Faculty of Engineering, Okayama University   41 ( 1 )   1 - 10   2007

More details

Language：English   Publisher：Faculty of Engineering, Okayama University

• A method for constructing an efficient basis for trace calculation

Hiroaki Nasu, Yasuyuki Nogami, Ryo Namba, Yoshitaka Morikawa

2007 International Conference on Convergence Information Technology, ICCIT 2007   229 - 234   2007

More details

Language：English

Self-dual normal basis is efficient for the arithmetic operations in extension field and especially trace calculation. However, self-dual normal bases do not exist in Fpm when characteristic p is odd and degree m is even. This paper proposes a method to construct a normal basis of even degree that is efficient for trace calculation. © 2007 IEEE.

• A multiplication algorithm in F_<p^m> for arbitrary pairs of characteristic p and degree m such that p>m

YOSHIDA T.

Joint Workshop on Information Security, 2007   469 - 483   2007

More details

• A method for distinguishing the two candidate elliptic curves in the complex multiplication method

Yasuyuki Nogami, Mayumi Obara, Yoshitaka Morikawa

ETRI JOURNAL   28 ( 6 )   745 - 760   2006.12

More details

Language：English   Publisher：ELECTRONICS TELECOMMUNICATIONS RESEARCH INST

In this paper, we particularly deal with no F-p-rational two-torsion elliptic curves, where F-p is the prime field of the characteristic p. First we introduce a shift product-based polynomial transform. Then, we show that the parities of (#E - 1)/2 and (#E' - 1)/2 are reciprocal to each other, where #E and #E' are the orders of the two candidate curves obtained at the last step of complex multiplication (CM)-based algorithm. Based on this property, we propose a method to check the parity by using the shift product-based polynomial transform. For a 160 bits prime number as the characteristic, the proposed method carries out the parity check 25 or more times faster than the conventional checking method when 4 divides the characteristic minus 1. Finally, this paper shows that the proposed method can make CM-based algorithm that looks up a table of precomputed class polynomials more than 10 percent faster.

• Extension Fields Efficient for Pairing Operation

OBARA Mayumi, AKANE Masataka, OKIMOTO Takumi, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

29 ( 1 )   391 - 394   2006.11

More details

Language：Japanese

• Representation and multiplication of finite field that used TypeII ONB like normal basis

KOBAYASHI Shigeki, NOGAMI Yasuyuki, SUGIMURA Tatsuo

29 ( 1 )   169 - 172   2006.11

More details

Language：Japanese

• An extension field for variable extension degree and characteristic

NAMBA Ryo, KATOU Hidehiro, YOSHIDA Tomoki, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

29 ( 1 )   395 - 398   2006.11

More details

Language：Japanese

• NAMBA Ryo, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IPSJ SIG Notes   2006 ( 81 )   1 - 6   2006.7

More details

Language：Japanese   Publisher：Information Processing Society of Japan (IPSJ)

Some extension fields efficient for fast implementation have been proposed. Such extension fields adopt unique modular polynomial and basis. Therefore, an element can have some different vector representations in the isomorphic extension fields. This paper proposes a method for generating a basis translation matrix between two isomorphic extension fields. First, this paper shows that the translation matrix can be obtained via TypeI Optimal Normal Basis (ONB). TypeI ONB plays key role since it has the following properties; TypeI ONB is a set of conjugate elements and of course a normal basis, these conjugates have the same order, they are zeros of a certain irreducible all one polynomial. Then, some examples of translation matrix are shown. From the experimental result, it is shown that the proposed method is enough practical.

• KATOU Hidehiro, WANG FENG, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IPSJ SIG Notes   2006 ( 81 )   7 - 12   2006.7

More details

Language：Japanese   Publisher：Information Processing Society of Japan (IPSJ)

The authors proposes a square root (SQRT) algorithm in F_p^m (m = r_0r_1…r_<n-1>2^d,r_2: odd prime, d>0: integer). We compute the inverse SQRT in F_p^2^d using MW-ST algorithm. Then the Frobenius mappings with an addition chain are adopted for this SQRT algorithm, in which a lot of computations in a given extension field F_p^m are also reduce to those in a proper subfield by the norm computations. Those reductions of the field degree increases efficiency in the SQRT implementation. More specifically the Smart algorithm and proposed algorithm in F_p^6, for example, were implemented on a Pentium4 (3.8FHz) computer using the C++ programming language and NTL Library. The computer simulations showed that, on average, the proposed algoithm accelerates the SQRT computation by 3 times in F_p^6, compared to the Smart algorithm.

• AKANE Masataka, OKIMOTO Takumi, NOGAMI Ysuyuki, MORIKAWA Yoshitaka

IPSJ SIG Notes   2006 ( 81 )   13 - 18   2006.7

More details

Language：Japanese   Publisher：Information Processing Society of Japan (IPSJ)

In recent years, many cryptographic applications with bilinear-pairing over elliptic curves have been proposed. The well-known MNT curves, that are non-supersingular elliptic curves, provide bilinear-pairings over extension fields of degree 3, 4, and 6. When the embedding degree is equal to 3, MNT curves cannot be defined over optimal extension field (OEF). Even when the embedding degree is equal to 4 or 6, MNT curves cannot be always defined over OEF. For some of such cases, it can be defined over all one polynomial field (AOPF). Since Frobenius mapping can be fast carried out in the AOPFs, this paper gives considered some improvements for Tate pairing calculation. Then, some examples and simulation results are shown.

• KATOU Hidehiro, WANG FENG, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report   106 ( 174 )   7 - 12   2006.7

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

The authors proposes a square root (SQRT) algorithm in F_<p^m> (m=r_0r_1…r_<n-1>2^d, r_i: odd prime, d>0: integer). We compute the inverse SQRT in F_<p^2^d> using MW-ST algorithm. Then the Frobenius mappings with an addition chain are adopted for this SQRT algorithm, in which a lot of computations in a given extension field F_<p^m> are also reduce to those in a proper sub field by the norm computations. Those reductions of the field degree increases efficiency in the SQRT implementation. More specifically the Smart algorithm and proposed algorithm in F_<p^6>, for example, were implemented on a Pentium4 (3.8FHz) computer using the C++ programming language and NTL Library. The computer simulations showed that, on average, the proposed algoithm accelerates the SQRT computation by 3 times in F_<p^6>, compared to the Smart algorithm.

• Hidehiro Katou, Feng Wang, Yasuyuki Nogami, Yoshitaka Morikawa

INFORMATION SECURITY AND CRYPTOLOGY - ICISC 2006, PROCEEDINGS   4296   94 - +   2006

More details

Language：English   Publisher：SPRINGER-VERLAG BERLIN

A square root (SQRT) algorithm in GF(p(m)) (m = r(0)r(1)center dot center dot center dot r(n-1)2(d), r(i): odd prime, d &gt; 0: integer) is proposed in this paper. First, the Tonelli-Shanks algorithm is modified to compute the inverse SQRT in GF (p(2d)), where most of the computations are performed in the corresponding subfields GF(p(2d)) for 0 &lt;= i &lt;= d-1. Then the Frobenius mappings with an addition chain are adopted for the proposed SQRT algorithm, in which a lot of computations in a given extension field GF(p(m)) are also reduce to those in a proper subfield by the norm computations. Those reductions of the field degree increase efficiency in the SQRT implementation. More specifically the Tonelli-Shanks algorithm and the proposed algorithm in GF(p(22)), GF(P-44) and GF(P-88) were implemented on a Pentium4 (2.6 GHz) computer using the C++ programming language. The computer simulations showed that, on average, the proposed algorithm accelerates the SQRT computation by 25 times in GF (P-22), by 45 times in GF (P-44), and by 70 times in GF(p(88)), compared to the Tonelli-Shanks algorithm, which is supported by the evaluation of the number of computations.

• A high-speed square root algorithm in extension fields

Hidehiro Katou, Feng Wang, Yasuyuki Nogami, Yoshitaka Morikawa

INFORMATION SECURITY AND CRYPTOLOGY - ICISC 2006, PROCEEDINGS   4296   94 - +   2006

More details

Language：English   Publisher：SPRINGER-VERLAG BERLIN

A square root (SQRT) algorithm in GF(p(m)) (m = r(0)r(1)center dot center dot center dot r(n-1)2(d), r(i): odd prime, d &gt; 0: integer) is proposed in this paper. First, the Tonelli-Shanks algorithm is modified to compute the inverse SQRT in GF (p(2d)), where most of the computations are performed in the corresponding subfields GF(p(2d)) for 0 &lt;= i &lt;= d-1. Then the Frobenius mappings with an addition chain are adopted for the proposed SQRT algorithm, in which a lot of computations in a given extension field GF(p(m)) are also reduce to those in a proper subfield by the norm computations. Those reductions of the field degree increase efficiency in the SQRT implementation. More specifically the Tonelli-Shanks algorithm and the proposed algorithm in GF(p(22)), GF(P-44) and GF(P-88) were implemented on a Pentium4 (2.6 GHz) computer using the C++ programming language. The computer simulations showed that, on average, the proposed algorithm accelerates the SQRT computation by 25 times in GF (P-22), by 45 times in GF (P-44), and by 70 times in GF(p(88)), compared to the Tonelli-Shanks algorithm, which is supported by the evaluation of the number of computations.

• A Method for Checking the Parity of (#Jc-1)/2

M.Akane, Y.Nogami, Y.Morikawa

The 2006 International Symposium on Information Theory and its Applications   2006

More details

• The Orders of Elliptic Curves y^2 = x^3 + b, b in Fp

Y.Nogami, Y.Morikawa

Memoirs of the Faculty of Engineering, Okayama University   2006

More details

• Cyclic vector multilication algorithm makes an inversion in F_{p^3} fastest

Yasuyuki Nogami, Hidehiro Katou, Yoshitaka Morik

JWIS2006(Joint workshop on information security)   2006

More details

• Cyclic Vector Multiplication is Efficient for Small Extension Degrees

Hidehiro Katou, Feng Wang, Yasuyuki Nogami, Yoshitaka Morikawa

Second International Congress on Mathematical Software ICMS2006   2006

More details

• A Consideration on Cyclic Vector Multiplication Algorithm

KATOU Hidehiro, NOGAMI Yasuyuki, NANBA Ryou, MORIKAWA Yoshitaka

28 ( 1 )   295 - 298   2005.11

More details

Language：Japanese

• A Consideration on the Order of Genus 2 Hyperelliptic Curve

NOGAMI Yasuyuki, MORIKAWA Yoshitaka

28 ( 2 )   889 - 892   2005.11

More details

Language：English

• F Wang, Y Nogami, Y Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E88A ( 10 )   2792 - 2799   2005.10

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

This paper focuses on developing a square root (SQRT) algorithm in finite fields GF(p(2d)) (d &gt;= 0). Examining the Smart algorithm, a well-known SQRT algorithm, we can see that there is some computation overlap between the Smart algorithm and the quadratic residue (QR) test, which must be implemented before a SQRT computation. It makes the Smart algorithm inefficient. In this paper, we propose a new QR test and a new SQRT algorithm in GF(p(2d)), in which not only there is no computation overlap, but also most of computations required for the proposed SQRT algorithm in GF(p2d) can be implemented in the corresponding subfields GF(p(2d-i)) for 1 &lt;= i &lt;= d, which yields many reductions in the computational time and complexity. The computer simulation also shows that the proposed SQRT algorithm is much faster than the Smart algorithm.

• KOBAYASHI Shigeki, NOGAMI Yasuyuki, SUGIMURA Tatsuo

IEICE technical report. Information theory   105 ( 311 )   25 - 30   2005.9

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

This paper make relation of All One Polynomials and Irreducible Polynomials with TypeIIONB clear, by using polynomial conversion technique from polynomial of degree m to polynomial of degree 2m called self-reciprocal transformation and polynomial conversion technique from polynomial of degree 2m to polynomial of degree m called self-reciprocal reverse transformation. If irreducible polynomial of degree m become All One Polynomial by self-reciprocal traneformation, we show that original irreducible polynomial of degree m is irreducible polynomial with TypeIIONB. When there is TypeIIONB, we show that we can find irreducible polynomial with TypeIIONB by doing self-reciprocal reverse tranceformation for All One Polynomial. As application, we give technique to make an irreducible polynomial of prime degree.

• OBARA Mayumi, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

Technical report of IEICE. ISEC   105 ( 193 )   59 - 66   2005.7

More details

Language：English   Publisher：The Institute of Electronics, Information and Communication Engineers

This paper proposes a new twist technique and then shows some necessary conditions for prime order curves in the form y^2=x^3+a. Then, by combining x-twist and y-twist, we consider six elliptic curves. For these six elliptic curves, when the characteristic p of the definition field F_q satisfies that p>3 and 3|(p-1), we show that it is possible for only two elliptic curves among the six curves defined over F_q, q=p^<2^i3^j> to have prime orders, where i, j are non-negative integers. Then, we show an example of prime order curve. After that, compared to the complex multiplication method, we evaluate the performance of the proposed method.

• Y Nogami, S Shinonaga, Y Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E88A ( 5 )   1200 - 1208   2005.5

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

This paper proposes an extension field named TypeII AOPF. This extension field adopts TypeII optimal normal basis, cyclic vector multiplication algorithm, and Itoh-Tsujii inversion algorithm. The calculation costs for a multiplication and inversion in this field is clearly given with the extension degree. For example, the arithmetic operations in TypeII AOPF F-p5 is about 20% faster than those in OEF F-p5. Then, since CVMA is suitable for parallel processing, we show that TypeII AOPF is superior to AOPF as to parallel processing and then show that a multiplication in TypeII AOPF becomes about twice faster by parallelizing the CVMA computation in TypeII AOPF.

• 野上 保之

数理解析研究所講究録   1420   183 - 192   2005.4

More details

Language：Japanese   Publisher：京都大学

• An algorithm for systematically generating irreducible cubic trinomials over prime field

Yasuyuki Nogami, Yoshitaka Morikawa

Proceeding of The 2005 International Technical Conference on Circuits/Systems, Computers and Communications (ITC-CSCC2005)   2005

More details

• Generating prime degree irreducible polynomials by using irreducible all-one polynomial over F-2

K Makita, Y Nogami, T Sugimura

ELECTRONICS AND COMMUNICATIONS IN JAPAN PART III-FUNDAMENTAL ELECTRONIC SCIENCE   88 ( 7 )   23 - 32   2005

More details

Language：English   Publisher：SCRIPTA TECHNICA-JOHN WILEY & SONS

In most of the methods of public key cryptography devised in recent years, a finite field of a large order is used as the field of definition. In contrast, there are many studies in which a higher-degree extension field of characteristic 2 is fast implemented for easier hardware realization. There are also many reports of the generation of the required higher-degree irreducible polynomial, and of the construction of a basis suited to fast implementation, such as an optimal normal basis (ONB). For generating higher-degree irreducible polynomials, there is a method in which it 2m-th degree self-reciprocal irreducible polynomial is generated from an m-th degree irreducible polynomial by a simple polynomial transformation (called the self-reciprocal transformation). This paper considers this transformation and shows that When the set of zeros of the m-th degree irreducible polynomial forms a normal basis, the set of zeros of the generated 2m-th order self-reciprocal irreducible polynomial also forms a normal base. Then it is clearly shown that there is a one-to-one correspondence between the transformed irreducible polynomial and the generated self-reciprocal irreducible polynomial. Consequently, the inverse transformation of the self-reciprocal transformation (self-reciprocal inverse transformation) can be applied to a self-reciprocal irreducible polynomial. It is shown that an m-th degree irreducible polynomial can always be generated from a 2m-th degree self-reciprocal irreducible polynomial by the self-reciprocal inverse transformation. We can use this fact for generating 1/2-degree irreducible polynomials. As an application of 1/2-degree irreducible polynomial generation, this paper proposes a method which generates a prime degree irreducible polynomial with a Type II ONB as its zeros. (c) 2005 Wiley Periodicals, Inc.

• Generating prime degree irreducible polynomials by using irreducible all-one polynomial over F-2

K Makita, Y Nogami, T Sugimura

ELECTRONICS AND COMMUNICATIONS IN JAPAN PART III-FUNDAMENTAL ELECTRONIC SCIENCE   88 ( 7 )   23 - 32   2005

More details

Language：English   Publisher：SCRIPTA TECHNICA-JOHN WILEY & SONS

In most of the methods of public key cryptography devised in recent years, a finite field of a large order is used as the field of definition. In contrast, there are many studies in which a higher-degree extension field of characteristic 2 is fast implemented for easier hardware realization. There are also many reports of the generation of the required higher-degree irreducible polynomial, and of the construction of a basis suited to fast implementation, such as an optimal normal basis (ONB). For generating higher-degree irreducible polynomials, there is a method in which it 2m-th degree self-reciprocal irreducible polynomial is generated from an m-th degree irreducible polynomial by a simple polynomial transformation (called the self-reciprocal transformation). This paper considers this transformation and shows that When the set of zeros of the m-th degree irreducible polynomial forms a normal basis, the set of zeros of the generated 2m-th order self-reciprocal irreducible polynomial also forms a normal base. Then it is clearly shown that there is a one-to-one correspondence between the transformed irreducible polynomial and the generated self-reciprocal irreducible polynomial. Consequently, the inverse transformation of the self-reciprocal transformation (self-reciprocal inverse transformation) can be applied to a self-reciprocal irreducible polynomial. It is shown that an m-th degree irreducible polynomial can always be generated from a 2m-th degree self-reciprocal irreducible polynomial by the self-reciprocal inverse transformation. We can use this fact for generating 1/2-degree irreducible polynomials. As an application of 1/2-degree irreducible polynomial generation, this paper proposes a method which generates a prime degree irreducible polynomial with a Type II ONB as its zeros. (c) 2005 Wiley Periodicals, Inc.

• A Method for Generating Prime Order Elliptic Curves over F_{q^{2^c } }

Y.Nogami, Y.Morikawa

Memoirs of Faculty of Engineering, Okayama University   2005

More details

• A High-Speed Square Root Computation in Finite Fields with Application to Elliptic Curve Cryptosystem

F.Wang, Y.Nogami, Y.Morikawa

Memoirs of Faculty of Engineering, Okayama University   2005

More details

• HIDAKA Yoshito, OBARA Mayumi, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report. Office Information Systems   104 ( 423 )   1 - 6   2004.11

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

In this paper, we propose a twist technique based on third power residue and non residue. In addition, with the conventional twist technique, we consider the six curves. We show a relation of these curves and the conditions such that they are not super-singular curves.

• WANG Feng, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IPSJ SIG Notes   2004 ( 75 )   7 - 13   2004.7

More details

Language：Japanese   Publisher：Information Processing Society of Japan (IPSJ)

It is well known that quadratic residue (QR) test should be implemented in advance of a square root (SQRT) computation. Smart algorithm, the previously known fastest algorithm for SQRT computation, only got the idea how to compute SQRT through QR test. However there is a lot of computation overlap in QR test and Smart algorithm. The essence of our proposition is thus to present a new QR test and SQRT algorithm to avoid all the overlapping computations. In this paper the authors devised a SQRT algorithm for which most of the data required have been computed in QR test. This yields many reductions in the computational time and amount. In GF(p) and GF(p^2), we implemented Smart algorithm and the proposed algorithm in C++ language on Pentium4 (2.6GHz), where p=2^<16>+1 (4|p-1) and p=2^<16>+3 (4〓p-1). The computer simulations showed that for p=2^16+1 the proposed algorithm on average accelerates the SQRT computation 2 times and 10 times faster than Smart algorithm over GF(p) and GF(p^2), respectively and for p=2^<16>+3 the proposed algorithm on average accelerates the SQRT computation 20 times and 6 times faster than Smart algorithm over GF(p) and GF(p^2), respectively.

• WANG Feng, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

Technical report of IEICE. ISEC   104 ( 199 )   7 - 13   2004.7

More details

Language：English   Publisher：The Institute of Electronics, Information and Communication Engineers

It is well known that quadratic residue (QR) test should be implemented in advance of a square root (SQRT) computation. Smart algorithm, the previously known fastest algorithm for SQRT computation, only got the idea how to compute SQRT through QR test. However there is a lot of computation overlap in QR test and Smart algorithm. The essence of our proposition is thus to present a new QR test and SQRT algorithm to avoid all the overlapping computations. In this paper the authors devised a SQRT algorithm for which most of the data required have been computed in QR test. This yields many reductions in the computational time and amount. In GF(p) and GF(p^2), we implemented Smart algorithm and the proposed algorithm in C++ language on Pentium4 (2.6GHz), where p=2^<16>+1(4|p-1) and p = 2^<16>+3(4&nmid;p-1). The computer simulations showed that for p=2^<16>+1 the proposed algorithm on average accelerates the SQRT computation 2 times and 10 times faster than Smart algorithm over GF(p) and GF(p^2), respectively and for p=2^<16>+3 the proposed algorithm on average accelerates the SQRT computation 20 times and 6 times faster than Smart algorithm over GF(p) and GF(p^2), respectively.

• The number of xs such that x^2+u u\in F_p^* becomes a quadratic power residue in F_p

W.Feng, Y.Nogami, Y.Morikawa

Proc. of Proceeding of The 2005 International Technical Conference on Circuits/Systems, Computers and Communications 2004 (CD-ROM)   2004

More details

• F_2上の既約 All One Polynomial を用いた素数次の既約多項式の組織的な生成法

牧田 慶, 野上 保之, 杉村 立夫

電子情報通信学会論文誌（A)   2004

More details

• Y Nogami, Y Morikawa

INFORMATION SECURITY AND CRYPTOLOGY - ICISC 2004   3506   249 - 260   2004

More details

Language：English   Publisher：SPRINGER-VERLAG BERLIN

In this paper, we first introduce a shift product-based polynomial transformation. Then, we show that the parities of (#E - 1)/2 and (#E' - 1)/2 are reciprocal to each other, where #E and #E' are the orders of the two candidate curves obtained at the last step of CM method algorithm. Based on this property, we propose a method to check the parity by using the shift product-based polynomial transformation. For a 160-bits prime number as the characteristic, the proposed method carries out the parity check about 20 times faster than the conventional method when 4 divides the characteristic minus 1.

• The parity of (#E-1)/2

Y.Nogami, Y.Morikawa

Proc. of The 2004 International Symposium on Information Theory and Its Application (ISITA2004) CD-ROM   2004

More details

• A Classification of Irreducible Cubic Polynomials over Prime Field

Y.Nogami, Y.Morikawa

Proc. of The 2005 International Technical Conference on Circuits/Systems, Computers and Communications 2004 (CD-ROM)   2004

More details

• NAKASHIMA Jun, OKAMURA Masato, NOGAMI Yasuyuki, MORIKAWA Yoshiktaka

Technical report of IEICE. ISEC   103 ( 315 )   89 - 94   2003.9

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

We have researched on the systematic generation of irreducible cubic polynomials for use in elliptic curve cryptosystem. But we couldn't make it clear that the number of irreducible cubic polynomials whose coefficient of degree 1 is a quadratic ersidue. In this paper, we show that this number is given with the number of quadratic residues in the set {X^2+3|X&isins;F_p}, then we give the number of quadratic residues in the set.

• SHINONAGA Shigeru, FUJII Yoshihiro, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

Technical report of IEICE. ISEC   103 ( 315 )   81 - 88   2003.9

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

XTR (Efficient and Compact Subgroup Trace Representation) is a method to efficiently represent elements ina certain multiplicative subgroup of F_<p^6> as elements inF_<p^2> with using the trace function, where p is the characteristic. By applying the XTR onto a certain cryptosystem that uses some multiplicative group in a finite field, we can fast implement the calculations needed for its encryption and decryption processes, moreover the cryptosystem requires a shorter key length for security. And, the generalized XTR which is defined over F_<p^<6m>> has been also proposed. To achieve a fast implementation of the definition field of the cryptosystem using the XTR technique, this paper proposes a method to fast implement an extension field using the successive extension technique.

• Y Nogami, A Saito, Y Morikawa

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES   E86A ( 9 )   2376 - 2387   2003.9

More details

Language：English   Publisher：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG

In many cryptographic applications, a large-order finite field is used as a definition field, and accordingly, many researches on a fast implementation of such a large-order extension field are reported. This paper proposes a definition field F(p)m with its characteristic p a pseudo Mersenne number, the modular polynomial f(x) an irreducible all-one polynomial (AOP), and using a suitable basis. In this paper, we refer to this extension field as an all-one polynomial field (AOPF) and to its basis as pseudo polynomial basis (PPB). Among basic arithmetic operations in AOPF, a multiplication between non-zero elements and an inversion of a non-zero element are especially time-consuming. As a fast realization of the former, we propose cyclic vector multiplication algorithm (CVMA), which can be used for possible extension degree m and exploit a symmetric structure of multiplicands in order to reduce the number of operations. Accordingly, CVMA attains a 50% reduction of the number of scalar multiplications as compared to the usually adopted vector multiplication procedure. For fast realization of inversion, we use the Itoh-Tsujii algorithm (ITA) accompanied with Frobenius mapping (FM). Since this paper adopts the PPB, FM can be performed without any calculations. In addition to this feature, ITA over AOPF can be composed with self reciprocal vectors, and by using CVMA this fact can also save computation cost for inversion.

• W Feng, Y Nogami, Y Morikawa

INFORMATION AND COMMUNICATIONS SECURITY, PROCEEDINGS   2836   1 - 10   2003

More details

Language：English   Publisher：SPRINGER-VERLAG BERLIN

The objective of this paper is to give a fast square root computation method. First the Frobenius mapping is adopted. Then a lot of calculations over an extension field are reduced to that over a proper subfield by the norm computation. In addition a inverse square root algorithm and an addition chain are adopted to save the computation cost. All of the above-mentioned steps have been proven to make the proposed algorithm much faster than the conventional algorithm. From the table which compares the computation between the conventional and the proposed algorithm, it is clearly shown that the proposed algorithm accelerates the square root computation 10 times and 20 times faster than the conventional algorithm in F(p)11 and F(p)22 respectively. At the same time, the proposed algorithm reduces the computation cost 10 times and 20 times less than the conventional algorithm.

• A Fast Square Root Calculation for Elliptic Curve Cryptosystem

Y.Nogami, Y.Morikawa

Proceeding of The 2003 International Technical Conference on Circuits/Systems, Computers and Communications (ITC-CSCC2003)   2003

More details

• Fast generation of elliptic curves with prime order over extension field of even extension degree

Y Nogami, Y Morikawa

2003 IEEE INTERNATIONAL SYMPOSIUM ON INFORMATION THEORY - PROCEEDINGS   18 - 18   2003

More details

Language：English   Publisher：IEEE

• 大学における研究活動と特許

野上保之

日本弁理士会論文誌パテント   2003

More details

• A Fast Implementation of Elliptic Curve Cryptosystem with Prime Order Defined over F_{p^{8 } }

Y.Nogami, Y.Morikawa

MEMOIRS OF THE FACULTY OF ENGINEERING OKAYAMA UNIVERSITY   2003

More details

• Fast Generation of Elliptic Curves with Prime Order over F_{p^{2^c } }

Y.Nogami, Y.Morikawa

Proceeding of The International Workshop on Coding and Cryptography (WCC2003)   2003

More details

• FUJII Yoshihiro, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report. Information theory   102 ( 331 )   37 - 42   2002.9

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Elliptic Curve Cryptosystem has attracted much attentions as a public key cryptosystem in the next generation and an extension field has been uesd as the definition field. When the degree of an extension field is the composition number, fundamental arithmetics in the field can be fast implemented by using successive extensions. On the other hand, a fast implementation of Frobenius Map in such an extension field has not been explicitly presented. In this paper, two successive extension methods, in which a binomial or a trinomial is used as the modular polynomial, are introduced, and then, we evaluate the calculation costs of the Frobenius Maps implemented by these two methods. Finally, it is clearly shown that the method using a binomial as the modular polynomial is suitable for a fast Frobenius Map implementation.

• OKAMURA Masato, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report. Information theory   102 ( 331 )   49 - 54   2002.9

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

The order of elliptic curve which is adopted in the elliptic curve cryptosystem is prefered to be a prime except for the characteristic of the definition field. Accordingly, some algorithms for generating such a prime-order elliptic curve has been proposed. Among these algorithms, there is an algorithm using irreducible polynomials of degree 3 effectively in order to generate no-two torsion elliptic curves in which all prime-order elliptic curves are contained. In this paper, let us consider that an irreducible polynomial of degree 3 is given, an algorithm to generate a lot of irreducible polynomials of degree 3 is proposed by use of a relation between the zeros and the coefficients of the given irreducible polynomial. And then, it is experimentally shown that the preceding algorithm can quickly generate prime order elliptic curves by using this algorithm and some properties between an elliptic curve and its twisted version. In the case of the characteristic p = 2^<24> - 3, for example, the number of possible prime-order elliptic curves for this algorithm is 164, and all kinds of these prime-order elliptic curves are generated within 3 minutes by using 10 processors, such as Pentium4 (1.7GHz).

• IKEDA Takaaki, FUJII Yoshihiro, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report. Information theory   102 ( 331 )   43 - 48   2002.9

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Elliptic Curve Cryptosystem(ECC) has been received much attention, and implemented on a terminal even with scarce computation resources. In this paper, by using a successive extension field as the definition field of ECC, it is shown that a scalar multiplication, which is needed in the encryption/decryption process, can be fast implemented. And, we generate an elliptic curve with a prime order defined over a successive extension field of degree 8, and then a result of an implementation of Elgamal Elliptic Curve Cryptosystem on micro-controller is reported.

• TSUGE Koichiro, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IPSJ SIG Notes   2001 ( 121 )   49 - 54   2001.12

More details

Language：Japanese   Publisher：Information Processing Society of Japan (IPSJ)

In this paper, we propose image digital watermark method which has robustness against image compression and clipping. In this method, we first at first take discrete wavelet transform of original image, and get out multi-resolution approximation (MRA). Next, we spread spectrum of the MRA by Pseudo Noise (PN) sequence, and then take 1D-discrete Fourier transform (DFT) of each column. We vary the DFT coefficients according to each bit of watermark information. This method has the features which the third eavesdropper, who don't know the PN sequence, can not decipher the information data and alter them. IN detection process, we take the DFT difference between PN-spread MRA of original image and that of watermark-embedded image and calculate shift of the DFT coefficients. Therefore, this method has the advantage that we can detect the watermark information even from the clipping image.

• TSUGE Koichiro, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report. Communication systems   101 ( 494 )   49 - 54   2001.12

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

In this paper, we propose image digital watermark method which has robustness against image compression and clipping. In this method, we first at first take discrete wavelet transform of original image, and get out multi-resolution approximation(MRA). Next, we spread spectrum of the MRA by Pseudo Noise(PN)sequence, and then take 1D-discrete Fourier transform(DFT)of each column. We vary the DFT coefficients according to each bit of watermark information. This method has the features which the third eavesdropper, who don't know the PN sequence, can not decipher the information data and alter them. In detection process, we take the DFT difference between PN-spread MRA of original image and that of watermark-embedded image and calculate shift of the DFT coefficients. Therefore, this method has the advantage that we can detect the watermark information even from the clipping image.

• An Image Watermarking Method Using 1-D DFT Phase of Multi-Resolution Approximation

TSUGE Koichiro, NOGAMI Yasuyuki, MORIKAWA Yoshitaka

24 ( 1 )   215 - 218   2001.12

More details

Language：Japanese

• Conditions of Characteristic and Trace for Rank One Elliptic Curve Twisted over F_<p^2^m>

DANNO T., NOGAMI Y., MORIKAWA Y.

SITA2001   24 ( 1 )   355 - 358   2001.12

More details

Language：Japanese

• An Implementation of Elliptic Curve Cryptosystem Using An Extended AOPE

HIRAMOTO T., SAITO A., NOGAMI Y., MORIKAWA Y.

24 ( 1 )   351 - 354   2001.12

More details

Language：Japanese

• NOGAMI Yasuyuki, MORIKAWA Yoshitaka

IEICE technical report. Information theory   101 ( 407 )   7 - 12   2001.11

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

For realization of the elliptic curve cryptosystem(ECC), enough considerations on its cryptological strength and implementation must be done. On cryptological strength, the elliptic curve order must have a prime factor of about 160-bits to be enough safe. In general, the ECC is estimated to be enough safe in the case that the order is a prime number which is not equal to the characteristic. Even if prime, however, it is not always safe, for example super singular elliptic curve, MOV-reduction and FR-reduction work on the elliptic curve of prime order. In this paper, we consider elliptic curve with coefficient over the prime field and defined over its extension field. Then, the parameter conditions for the elliptic curve to be enough safe and with fast implementation are given. Finally, construction examples, which satisfy all of the given conditions, are introduced.

• DANNO T., SAITO A., NOGAMI Y., MORIKAWA Y.

IEICE technical report. Information theory   101 ( 234 )   31 - 36   2001.7

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

ECC(Elliptic Curve Cryptosystem)is expected as a next generation public-key cryptosystem. Four arithmetic operations on finite field including the inverse operation, quadratic residue test, and square root derivation are necessary to implement ECC. These operations must be enough speedy to make ECC practical. In this paper, we propose a high speed algorithm for taking square root in an extension field AOPF(All One Polynomial Field)by using(x^<m+1>-1)/(x-1)as the moduls.

• TSUGE K., NOGAMI Y., MORIKAWA Y.

Technical report of IEICE. SST   100 ( 694 )   35 - 40   2001.3

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

• SAITO A., HIRAMOTO T., DANNO T., NOGAMI Y., MORIKAWA Y.

Technical report of IEICE. SST   100 ( 693 )   129 - 134   2001.3

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Elliptic Curve Cryptosystem has attracted much attentions as a public-key cryptosystem in next generation, and an extension field has been used as the definition field. The arithmetic speed in extension feild is drastically different by the selection of characteristic, extension degree or basis, and therefore, it is necessary to pay the attention to this selection. In such meaning, OEF proposed recently is said that it is optimal. In this paper, we propose a class of finite fields which uses {ω,ω^2,…,ω^m) as a basis in order to execute multiplication and inversion faster than OEF, where ω is a zero of (x^<m+1>-1)/(x+1).

• GF(P)における3次多項式の高速既約判定アルゴリズム

平本琢士, 野上保之, 森川良孝

電子情報通信学会 論文誌A   2001

More details

• Determining Minimal Polynomial of Proper Element by Using Higher Degree Traces

Y.Nogami, Y.Morikawa

MEMOIRS OF THE FACULTY OF ENGINEERING OKAYAMA UNIVERSITY   2001

More details

• NOGAMI Y., MORIKAWA Y.

IEICE technical report. Information theory   99 ( 562 )   31 - 35   2000.1

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

In the area of information communication, Reed Solomon code(RS code)is often used to encode and decode per a byte. Therefore, RS code is defined over GF(2^8), a primitive polynomial of degree 8 over GF(2) is needed, so that a primitive polynomial of degree 2^i over GF(2). In this paper, Fermat prime is generalized into(P^P^<i+1>-1) / (P^P^i-1), where P is an arbitrary prime which includes P=2: Fermat prime. Then a method to derive primitive polynomials of degree P^<i+1>, P^<i+1> in the case of (P^P^<i+1>-1) / (P^P^i-1)prime is proposed. This method uses variable transformation;x:=x^P-x+s, s∈GF(P).

• SAITO A., OKA H., NOGAMI Y., MORIKAWA Y.

IEICE technical report. Information theory   99 ( 562 )   25 - 30   2000.1

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

Two variable transformation methods are known to generate a number of irreducible polynomials; x:=x^k on condition of k-th power residue and x:=x^P-x on condition of trace. Those two transformations might not be consistent with each other owing to each conditions. In this paper, we consider the case of k|(P-1). Then we present a method to derive infinite number of irreducible polynomials of degree mk^jP^i from a irreducible polynomial of degree m by repetition of above variable transformations.

• NOGAMI Y., YAMANE N., MORIKAWA Y.

IEICE technical report. Information theory   99 ( 296 )   7 - 11   1999.9

More details

Language：English   Publisher：The Institute of Electronics, Information and Communication Engineers

• NOGAMI Yasuyuki, TANAKA Kiyoshi, SUGIMURA Tatsuo, OSHITA Shinjiro

The Transactions of the Institute of Electronics,Information and Communication Engineers. A   J82-A ( 4 )   587 - 590   1999

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

• NOGAMI Yasuyuki, TANAKA Kiyoshi, SUGIMURA Tatsuo, OSHITA Shinjiro

THE TRANSACTIONS OF THE INSTITUTE OF ELECTRONICS, INFORMATION AND COMMUNICATION ENGINEERS A   J82-A ( 4 )   587 - 590   1999

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

• 変数変換x^P-x+sによる無限個の既約多項式の導出

野上保之, 田中清, 杉村立夫, 大下眞二郎

電子情報通信学会論文誌(A)   J82-A ( 4 )   587-590   1999

More details

• Deriving Infinite Number of Irreducible Polynomials by Variable Transformation xp-x+s

THE TRANSACTIONS OF THE INSTITUTE OF ELECTRONICS, INFORMATION AND COMMUNICATION ENGINEERS A   J82-A ( 4 )   587 - 590   1999

More details

• A Consideration on Normal Bases over the Extension Fields of Prime Degree by P-Polynomials

NOGAMI Y., TANAKA K., SUGIMURA T., OSHITA S.

IEICE technical report. Information theory   97 ( 80 )   25 - 30   1997.5

More details

Language：Japanese   Publisher：The Institute of Electronics, Information and Communication Engineers

In recent years, in the area of information security many considerations on the base of the finite field theory are proceeded. So considering finite fields into details is very interesting and important. In this paper, we consider on finite fields from the viewpoints of self recursive polynomials and P-polynomials. Consequently, in the extension field whose extension degree is a prime not its characteristic, normal bases and their minimal polynomials are determined uniquely. And the number of the normal bases over such extension fields is obtained. Furthermore, a new method to test for an irreducible polynomial whether a pair of its zeros is a normal base or not.

• Testing and Deriving Primitive Polynomial

THE TRANSACTIONS OF THE INSTITUTE OF ELECTRONICS, INFORMATION AND COMMUNICATION ENGINEERS A   J79-A ( 3 )   761 - 767   1996

More details

• 原始多項式の判定および導出

野上保之, 杉村立夫

電子情報通信学会論文誌(A)   1996

More details

• 原始多項式の判定および導出

電子情報通信学会論文誌   J79-A ( 3 )   761 - 767   1996

More details

• Testing and Deriving Primitive Polynomial

THE TRANSACTIONS OF THE INSTITUTE OF ELECTRONICS, INFORMATION AND COMMUNICATION ENGINEERS A   J79-A ( 3 )   761 - 767   1996

More details

Presentations

• Cryptography-based Security in IoT Era Invited

Yasuyuki NOGAMI

STSS: International Symposium on Socially and Technically Symbiotic Systems  2021.11.16

More details

Event date： 2021.11.15 - 2021.11.17

Presentation type：Oral presentation (invited, special)

• Bit Distribution of Binary Sequence Generated by Trace Function and Legendre Symbol Over Sub Extension Field International conference

M. A. Ali, Y. Kodera, S. Heguri, T. Kusaka, S. Uehara and R. H. M. Zaragoza

Proceedings of the International Conference on Information Technology

More details

Event date： 2018.12

Presentation type：Oral presentation (general)

• Design of a message authentication protocol for CAN FD based on Chaskey lightweight MAC International conference

G. Carel, R. Isshiki, T. Kusaka, Y. Nogami and S. Araki

International Symposium on Computing and Networking

More details

Event date： 2018.11

Presentation type：Oral presentation (general)

• Advanced Searchable Encryption: Keyword Search for Matrix-type Storage International conference

Y. Kodera, M. Kuribayashi, T. Kusaka and Y. Nogami

International Symposium on Computing and Networking

More details

Event date： 2018.11

Presentation type：Oral presentation (general)

• A Comparative Implementation of GLV Technique on KSS-16 Curve International conference

M. A. Khandaker, Y. Nanjo, T. Kusaka and Y. Nogami

International Symposium on Computing and Networking

More details

Event date： 2018.11

Presentation type：Oral presentation (general)

• A Construction of a Keyword Search to Allow a Partial Matching with a Block Cipher International conference

Y. Kodera, M. Kuribayashi, T. Kusaka and Y. Nogami

World Conference on Information Security Applications

More details

Event date： 2018.11

Presentation type：Oral presentation (general)

• A Study on the Parameter Size of the Montgomery Trick for ECDLP International conference

K. Ikuta, S. Joichi, K. Kobayashi, M. A. Khandaker, T. Kusaka and Y. Nogami

International Symposium on Information Theory and Its Applications

More details

Event date： 2018.10

Presentation type：Oral presentation (general)

• Side-Channel Attack using Order 4 Element against Curve25519 on ATmega328P International conference

Y. Uetake, A. Sanada, L. Weissbart, T. Kusaka, S. Dequesne and Y. Nogami

International Symposium on Information Theory and Its Applications

More details

Event date： 2018.10

Presentation type：Oral presentation (general)

• A Study on the Parameter of the Distinguished Point Method in Pollard's Rho Method for ECDLP International conference

K. Ikuta, S. Joichi, K. Kobayashi, M. A. Khandaker, T. Kusaka and Y. Nogami

International Symposium on Information Theory and Its Applications

More details

Event date： 2018.10

Presentation type：Oral presentation (general)

• Linear Complexity of Pseudo-random Binary Sequence Generated Over Proper Sub Extension Field International conference

M. A. Ali, Y. Kodera, T. Kusaka, T. Miyazaki, Y. Nogami, S. Uehara and R. H. M. Zaragoza

International Technical Conference on Circuits/Systems, Computers and Communication

More details

Event date： 2018.7

Presentation type：Oral presentation (general)

• A Construction Method of a Binary Sequence Using a Logistic Map over Fp for IoT Device International conference

T. Nagano, T. Miyazaki, S. Uehara and Y. Nogami

International Conference on Consumer Electronics-Taiwan

More details

Event date： 2018.5

Presentation type：Oral presentation (general)

• Evaluating the Maximum Order Complexity of a Uniformly distributed Sequence over Odd Characteristic International conference

Y. Kodera, T. Kusaka, T. Miyazaki, Y. Nogami, S. Uehara and R. H. M. Zaragoza

International Conference on Consumer Electronics-Taiwan

More details

Event date： 2018.5

Presentation type：Oral presentation (general)

• Efficient Parallel Simeck Encryption with GPGPU and OpenCL International conference

T. Park, H. Seo, Y. Nogami, M. A. Khandaker and H. W. Kim

International Conference on Consumer Electronics-Taiwan

More details

Event date： 2018.5

Presentation type：Oral presentation (general)

• A Consideration of an Efficient Arithmetic over the Extension Field of Degree 3 for Elliptic Curve Pairing Cryptography International conference

X. Li, Y. Kodera, Y. Uetake, T. Kusaka and Y. Nogami

International Conference on Consumer Electronics-Taiwan

More details

Event date： 2018.5

Presentation type：Oral presentation (general)

• Randomness of Binary Sequences with Long Period by Combining m-Sequence and Knuth's Quadratic Congruential Sequence International conference

K. Kawase, T. Miyazaki, S. Araki, S. Uehara and Y. Nogami

International Conference on Consumer Electronics-Taiwan

More details

Event date： 2018.5

Presentation type：Oral presentation (general)

• Study on reduction on average computational complexity of GMD decoding using property of bounded distance decoding International conference

S. Ueda, T. Kusaka

The 8th International Workshop on Advances in Networking and Computing

More details

Event date： 2017.11

Language：English   Presentation type：Oral presentation (general)

• Uniform Binary Sequence Generated over Odd Characteristic Field International conference

Y. Kodera, T. Miyazaki, T. Kusaka, A. Md. Arshad, Y. Nogami, S. Uehara

International Conference on Information Technology

More details

Event date： 2017.11

Language：English   Presentation type：Oral presentation (general)

• An ECC implementation with a twisted Montgomery curve over Fq^32 on an 8-bit microcontroller International conference

Yuta Hashimoto, Md. Al-Amin Khandaker, Yuta Kodera, Taehwan Park, Takuya Kusaka, Howon Kim and Yasuyuki Nogami

The 8th International Workshop on Advances in Networking and Computing

More details

Event date： 2017.11

Language：English   Presentation type：Oral presentation (general)

• An Efficient Implementation of Trace Calculation over Finite Field for a Pseudorandom Sequence International conference

Y. Kodera, T. Kusaka, T. Miyazaki, M. A. Khandaker, Y. Nogami, S. Uehara

The 8th International Workshop on Advances in Networking and Computing

More details

Event date： 2017.11

Language：English   Presentation type：Oral presentation (general)

• Solving 114-bit ECDLP for a Barreto-Naehrig Curve International conference

Takuya Kusaka, Sho Joichi, Ken Ikuta, Md. Al-Amin Khandaker, Yasuyuki Nogami, Satoshi Uehara, Nariyoshi Yamai, and Sylvain Duquesne

The 20th Annual International Conference on Information Security and Cryptology

More details

Event date： 2017.11

Language：English   Presentation type：Oral presentation (general)

• Linear Complexity of Pseudo Random Binary Sequence Generated by Trace Function and Legendre Symbol Over Proper Sub Extension Field International conference

A. M. Arshad, T. Miyazaki, S. Heguri, Y. Nogami, S. Uehara, R. H. Morelos-Zaragoza

IWSDA 2017

More details

Event date： 2017.10

Language：English   Presentation type：Oral presentation (general)

• Effcient Optimal Ate Pairing at 128-bit Security Level International conference

Md. Al-Amin Khandaker, Yuki Nanjo, Loubna Ghammam, Sylvain Duquesne , Yasuyuki Nogami, Yuta Kodera

INDOCRYPT 2017

More details

Event date： 2017.10

Language：English   Presentation type：Oral presentation (general)

• Some Properties of Z_4 Sequences Obtained by Using the Gray Code Mapping from Two Binary M-Sequences International conference

M. Goto, S. Uehara, Y. Nogami

IWSDA 2017

More details

Event date： 2017.10

Language：English   Presentation type：Oral presentation (general)

• Efficient Pairing-based Cryptography on Raspberry pi International conference

Yuki Nanjo, Md. Al-Amin Khandaker, Takuya Kusaka and Yasuyuki Nogami

2017 the 7th International Conference on Communication and Network Security

More details

Event date： 2017.10

Language：English   Presentation type：Oral presentation (general)

• Parallel Implementations of SIMON and SPECK, Revisited International conference

Taehwan Park, Hwajeong Seo, Garam Lee, Md. Al-Amin Khandaker, Yasuyuki Nogami, and Howon Kim

The 18th World Conference on Information Security Applications (WISA 2017)

More details

Event date： 2017.10

Language：English   Presentation type：Oral presentation (general)

• Android上でのモンゴメリ乗算を用いたECDLP攻撃の実装

城市 翔(岡山大学),梶谷翔馬(岡山大学),Sylvain Duquesne(University of Rennes 1),野上保之(岡山大学),Thomas Austin(San Jose State University)

SITA2016

More details

Event date： 2016.11

Language：Japanese   Presentation type：Oral presentation (general)

• 同じNTU系列を生成する異なる既約多項式についての考察

平郡聖士(岡山大学),野上保之(岡山大学),上原 聡(北九州市立大学),土屋和由(光電製作所)

SITA2016

More details

Event date： 2016.11

Language：Japanese   Presentation type：Oral presentation (general)

• An Improvement of Optimal Ate Pairing on KSS Curve with Pseudo 12-Sparse Multiplication. International conference

Md. Al-Amin Khandaker, Hirotaka Ono, Yasuyuki Nogami, Masaaki Shirase, Sylvain Duquesne

International Conference on Information Security and Cryptology 2016

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• Periodic Autocorrelation of a Signed Binary Sequence Additively Generated With Trace Over Odd Characteristic Extension Field International conference

Y. Nogami and S. Uehara

The 31th International Technical Conference on Circuits/Systems, Computers and Communications

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• Efficient Operation over F(2^4)^2 for Security Technologies International conference

N. Jitsui, Y. Nogami, H. Seo, and N. Begum

International Conference on Consumer Electronics – Taiwan 2016

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• Parallel Implementations of LEA, Revisited International conference

H. Seo, Y. Nogami, et al.

The 17th Workshop on Information Security Applications

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• Efficient Scalar Multiplication for Ate Based Pairing over KSS Curve of Embedding Degree 18 International conference

K. Md. Al-Amin, Y. Nogami, H. Seo, and S. Duquesne

The 17th Workshop on Information Security Applications

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• A Pseudo-random Binary Sequence Generated by Using Primitive Polynomial of Degree 2 over Odd Characteristic Field Fp International conference

Ali. Md. Arshad and Y. Nogami

International Conference on Consumer Electronics – Taiwan 2016

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• An Improvement of Scalar Multiplication on Elliptic Curve Defined over Extension Field Fq2 International conference

K. Md. Al-Amin and Y. Nogami

International Conference on Consumer Electronics – Taiwan 2016

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• A New Approach for Generating Well Balanced Pseudo-random Signed Binary Sequence Over Odd Characteristic Field International conference

A. Md. Arshad, Y. Nogami, C. Ogawa, H. Ino, S. Uehara, R. Morelos-Zaragoza, and K. Tsuchiya

International Symposium on Information Theory and its Applications 2016

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• Pseudo Random Binary Sequence Generated by Trace and Legendre Symbol with Non Primitive Element in Fp2 International conference

C. Ogawa, A. Md. Arshad, Y. Nogami, S. Uehara, K. Tsuchiya, and R. Morelos-Zaragoza

2016 International Symposium on Nonlinear Theory and Its Applications

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• Auto and Cross Correlation of Well Balanced Sequence over Odd Characteristic Field International conference

Ali Md. Arshad, Yasuyuki Nogami, Hiroto Ino, Satoshi Uehara

Third International Symposium on Computing and Networking CANDAR2016

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• Isomorphic Mapping for Ate-Based Pairing over KSS Curve of Embedding Degree 18 International conference

Md. Al-Amin Khandaker, Yasuyuki Nogami

Third International Symposium on Computing and Networking CANDAR2016

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• Linear Complexity of Signed Binary Sequence Over Odd Characteristic Field International conference

Ali Md. Arshad, Hiroto Ino, Chiaki Ogawa, and Yasuyuki Nogami

The 19th International Conference on Computer and Information Technology

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• A Consideration of Towering Scheme for Efficient Arithmetic Operation over Extension Field of Degree 18 International conference

Md. Al-Amin Khandaker, Yasuyuki Nogami

The 19th International Conference on Computer and Information Technology (ICCIT)

More details

Event date： 2016.5

Language：English   Presentation type：Oral presentation (general)

• 楕円曲線暗号解読におけるDynamic DNSを用いた解読成功判定

三好 俊介(岡山大)、山井 成良(東京農工大)、野上 保之(岡山大)

平成27年度第4回 (IOT通算第32回)研究会

More details

Event date： 2016.3.4

Language：Japanese   Presentation type：Oral presentation (general)

• 埋め込み次数2 もしくは3 の合成数位数ペアリングに対する計算効率の検討

小野 寛享, 野上 保之, 熊野 晶斗

暗号と情報セキュリティシンポジウム2016

More details

Event date： 2016.3.4

Language：Japanese   Presentation type：Oral presentation (general)

• 楕円曲線暗号解読におけるDynamic DNSを用いた解読成功判定

三好 俊介(岡山大)、山井 成良(東京農工大)、野上 保之(岡山大)

平成27年度第4回 (IOT通算第32回)研究会

More details

Event date： 2016.3

Language：Japanese   Presentation type：Oral presentation (general)

• 冗長表現に基づく高効率ガロア体算術演算回路の設計

上野 嶺、本間 尚文、菅原 幸弘 (東北大学)、 野上保之(岡山大学),青木孝文(東北大学)

第29回多値論理とその応用研究会（仙台）

More details

Event date： 2016.1.9

Language：Japanese   Presentation type：Oral presentation (general)

• 冗長表現に基づく高効率ガロア体算術演算回路の設計

上野 嶺、本間 尚文、菅原 幸弘 (東北大学)、 野上保之(岡山大学),青木孝文(東北大学)

第29回多値論理とその応用研究会（仙台）

More details

Event date： 2016.1

Language：Japanese   Presentation type：Oral presentation (general)

• BN曲線上の楕円離散対数問題の解読におけるモンゴメリ乗算の最適化

三好俊介,野上保之,日下卓也,山井成良(東京農工大)

SCIS2016

More details

Event date： 2016.1

Language：Japanese   Presentation type：Oral presentation (general)

• 二種類の型のNTU系列に関するインターリーブ系列

土屋和由(株式会社光電製作所)、野上保之(岡山大学大学院)、上原聡(北九州市立大学)

SCIS2016

More details

Event date： 2016.1

Language：Japanese   Presentation type：Oral presentation (general)

• 素体上のロジスティック写像の生成系列におけるビット抽出方法と乱数性

宮崎 武(北九州市立大学)、荒木 俊輔(九州工業大学)、上原 聡(北九州市立大学)、野上 保之(岡山大学)

SCIS2016

More details

Event date： 2016.1

Language：Japanese   Presentation type：Oral presentation (general)

• BN曲線上の楕円離散対数問題の解読におけるモンゴメリ乗算の最適化

三好俊介,野上保之,日下卓也,山井成良

SCIS2016

More details

Event date： 2016.1

Language：Japanese   Presentation type：Oral presentation (general)

• 拡大体を用いたRing-LWEの考察

三隅 晃輝,野上保之

SCIS2016

More details

Event date： 2016.1

Language：Japanese   Presentation type：Oral presentation (general)

• 素体上のロジスティック写像の生成系列におけるビット抽出方法と乱数性

宮崎 武(北九州市立大学)、荒木 俊輔(九州工業大学)、上原 聡(北九州市立大学)、野上 保之(岡山大学)

SCIS2016

More details

Event date： 2016.1

Language：Japanese   Presentation type：Oral presentation (general)

• 二種類の型のNTU系列に関するインターリーブ系列

土屋和由(株式会社光電製作所)、野上保之(岡山大学大学院)、上原聡(北九州市立大学)

SCIS2016

More details

Event date： 2016.1

Language：Japanese   Presentation type：Oral presentation (general)

• 埋め込み次数2 もしくは3 の合成数位数ペアリングに対する計算効率の検討

小野 寛享, 野上 保之, 熊野 晶斗

SCIS2016

More details

Event date： 2016.1

Language：Japanese   Presentation type：Oral presentation (general)

• 拡大体を用いたRing-LWEの考察

三隅 晃輝,野上保之

SCIS2016

More details

Event date： 2016.1

Language：Japanese   Presentation type：Oral presentation (general)

• Volunteer Computing for Solving an Elliptic Curve Discrete Logarithm Problem International conference

S.Kajitani, Y.Nogami, S.Miyoshi, T.Austin

The 3rd International Symposium on Computing and Networking

More details

Event date： 2015.12

Language：English   Presentation type：Oral presentation (general)

• Examining the Linear Complexity of Multi-value Sequence generated by Power Residue Symbol International conference

H.Ino, Y.Nogami, N.Begum, S.Uehara, R.Morelos-Zaragoza, K.Tsuchiya

ICISS2015

More details

Event date： 2015.12

Language：English   Presentation type：Oral presentation (general)

• An improvement of Tate Pairing with Supersingular Curve International conference

A.Kumano, Y.Nogami

ICISS2015

More details

Event date： 2015.12

Language：English   Presentation type：Oral presentation (general)

• A Dynamic Job Scheduling Method for Reliable and High-Performance Volunteer Computing International conference

S.Yasuda, Y.Nogami, M.Fukushi

ICISS2015

More details

Event date： 2015.12

Language：English   Presentation type：Oral presentation (general)

• A Consideration on Crosscorrelation of a kind of Trace Sequence over Finite Field International conference

H.Ino, Y.Nogami, N.Begum, S.Uehara, R.Morelos-Zaragoza, K.Tsuchiya

WICS Poster, CANDAR'15

More details

Event date： 2015.12

Language：English   Presentation type：Oral presentation (general)

• 奇標数体上の多値擬似乱数系列の値の分布について

小池 将太,野上 保之,土屋 和由,上原 聡

SITA2015

More details

Event date： 2015.11

Language：Japanese   Presentation type：Oral presentation (general)

• 逐次拡大体F(2^4)^2における演算の効率化について

實井 識人,野上 保之,日下 卓也

SITA2015

More details

Event date： 2015.11

Language：Japanese   Presentation type：Oral presentation (general)

• 奇標数体上の非原始多項式を用いた擬似乱数系列の生成

小川 千晶,野上 保之,土屋 和由,上原 聡

SITA2015

More details

Event date： 2015.11

Language：Japanese   Presentation type：Oral presentation (general)

• 線形複雑度を考慮した乱数系列の生成に関して

野上保之

ホットチャネルWS

More details

Event date： 2015.10.9

Language：Japanese   Presentation type：Oral presentation (general)

• トレースやべき乗剰余性を用いて生成される有限体上の擬似乱数系列の性質

野上保之

第9回シャノン理論ワークショップ (STW2015)

More details

Event date： 2015.9.24

Language：Japanese   Presentation type：Oral presentation (general)

• A Consideration on Trace Sequence over Finite Field International conference

Yasuyuki NOGAMI, Hiroto INO, Kazuyoshi TSUCHIYA, Satoshi UEHARA, ROBERT MORELOS-ZARAGOZA

情報理論研究会2015

More details

Event date： 2015.9.4

Language：Japanese   Presentation type：Oral presentation (general)

• 制御変数が4である有限体上のロジスティック写像による最大周期系列に対する線形複雑度プロファイル

土屋 和由, 野上 保之

JSIAM2015  2015

More details

Event date： 2015.9

Language：Japanese   Presentation type：Oral presentation (general)

• Highly Efficient GF(2^8) Inversion Circuit Based on Redundant GF Arithmetic and Its Application to AES Design International conference

R.Ueno, N.Homma, Y.Sugawara(Tohoku Univ.), Y.Nogam(Okayama Univ.)i, T.Aoki(Tohoku Univ.)

CHES2015  2015

More details

Event date： 2015.9

Presentation type：Oral presentation (general)

• Periods of Sequences Generated by the Logistic Map over Finite Fields with Control Parameter Four International conference

K.Tsuchiya, Y.Nogami

IWSDA2015

More details

Event date： 2015.9

Language：English   Presentation type：Oral presentation (general)

• Secure Binary Field Multiplication International conference

Hwajeong Seo, Chien Ning Chen, Zhe Liu, Yasuyuki Nogami, Taehwan Park, Jongseok Choi, Ho Won Kim

WISA2015

More details

Event date： 2015.8.10

Language：English   Presentation type：Oral presentation (general)

• Faster ECC over F_{2^571} (feat. PMULL) International conference

Hwajeong Seo, Zhe Liu, Yasuyuki Nogami, Jongseok Choi, Howon Kim

ICISC2015

More details

Event date： 2015.8.10

Language：English   Presentation type：Oral presentation (general)

• Solving 94-bit ECDLP with 70 Computers in Parallel International conference

S.Miyoshi, Y.Nogami, T.Kusaka, N.Yamai

ICPBC2015

More details

Event date： 2015.8

Language：English   Presentation type：Oral presentation (general)

• A Performance Evaluation of Web-based Volunteer Computing using Applications with GMP International conference

S.Kajitani, Y.Nogami, M.Fukushi, N.Amano

ICCE-TW2015

More details

Event date： 2015.6

Language：English   Presentation type：Oral presentation (general)

• Reduction of Authentication Time in an Anonymous Credential System with Proofs for Monotone Formulas on Attributes International conference

Nasima Begum, Toru Nakanishi, Yasuyuki Nogami

ICCE-TW2015

More details

Event date： 2015.6

Language：English   Presentation type：Oral presentation (general)

• An Application of Power Residue Symbol for Generating Multi-value Sequence over Odd Characteristic Field International conference

H.Ino, Y.Nogami, S.Uehara

ITCCSCC2015

More details

Event date： 2015.6

Language：English   Presentation type：Oral presentation (general)

• An Implementation of Credibility-based Job Scheduling Method in Volunteer Computing Systems International conference

S.Tani , Y.Nogami, M.Fukushi

ICCE-TW2015

More details

Event date： 2015.6

Language：English   Presentation type：Oral presentation (general)

• Efficient Calculation of Pairing with Supersingular Curve on 2-dimentional Extension Field International conference

A.Kumano, Y.Nogami, M.Shirase

ITCCSCC2015

More details

Event date： 2015.6

Language：English   Presentation type：Oral presentation (general)

• Dynamic Switching of Job Selection Methods in Volunteer Computing International conference

S.Yasuda, Y.Nogami, M.Fukushi

ITCCSCC2015

More details

Event date： 2015.6

Language：English   Presentation type：Oral presentation (general)

• Efficient Implimentation of NTRU over All One Polynomial Ring with CVMA. International conference

K.Misumi, Y.Nogami

ICCE-TW2015

More details

Event date： 2015.6

Language：English   Presentation type：Oral presentation (general)

• An Efficiency Improvement in an Anonymous Credential System for CNF Formulas on Attributes with Constant-size Proofs International conference

Nasima Begum, Toru Nakanishi, Yasuyuki Nogami

ICEEICT2015

More details

Event date： 2015.5

Language：English   Presentation type：Oral presentation (general)

• 2次拡大体上の超特異楕円曲線を用いたペアリングの効率化

熊野晶斗, 野上保之, 白勢政明

ISEC

More details

Event date： 2015.3

Language：Japanese   Presentation type：Oral presentation (general)

• NTRUにAll One Polynomialを適用した方式の検討

三隅晃輝 , 野上 保之

ISEC

More details

Event date： 2015.3

Language：Japanese   Presentation type：Oral presentation (general)

• 超特異楕円曲線とそのツイスト曲線との関係

赤木 晶一 , 野上 保之

SCIS2015

More details

Event date： 2015.1

Language：Japanese   Presentation type：Oral presentation (general)

• 70 台程度の計算機を並列に用いた94bit のECDLPの解読

三好 俊介 , 野上 保之, 日下卓也, 山井成良

SCIS2015

More details

Event date： 2015.1

Language：Japanese   Presentation type：Oral presentation (general)

• 奇標数体上の原始多項式とべき乗剰余性に基づいた多値系列の生成

手邊 啓介 , 野上 保之, 上原 聡

SITA2014

More details

Event date： 2014.12

Language：Japanese   Presentation type：Oral presentation (general)

• ボランティアコンピューティングにおけるジョブ選択方法の動的切り替え手法

安田 真也 , 福士 将, 野上 保之

IEICE DC

More details

Event date： 2014.10

Language：Japanese   Presentation type：Oral presentation (general)

• 有限体上のロジスティック写像による生成系列に対する長周期を保証するための条件

土屋 和由 (株式会社光電製作所), 野上 保之 (岡山大学)

日本応用数理学会2014

More details

Event date： 2014.9

Language：Japanese   Presentation type：Oral presentation (general)

• ボランティアコンピューティングシステムにおける信頼度に基づくジョブスケジューリング法の実装

谷 俊一郎

電子情報通信学会技術研究報告  2014

More details

Event date： 2014.7

Language：Japanese   Presentation type：Oral presentation (general)

• GMPを利用したアプリケーションによるWebベースボランティアコンピューティ ングの性能評価

梶谷 翔馬 , 福士 将, 野上 保之, 天野 憲樹

情報処理学会技術報告  2014

More details

Event date： 2014.7

Language：Japanese   Presentation type：Oral presentation (general)

• ボランティアコンピューティングにおける多数決の完了確率推定に基づくジョブスケジューリ ング法

宮腰 勇人 , 福士 将, 野上 保之

IEICE DC

More details

Event date： 2014.7

Language：Japanese   Presentation type：Oral presentation (general)

• Web ベースボランティアコンピューティングのためのブラウザ間P2P通信機能

工原 誠 , 福士 将, 天野 憲樹, 野上 保之,

HPC研究会

More details

Event date： 2014.5

Language：Japanese   Presentation type：Oral presentation (general)

• Barreto-Naehrig曲線上の変数固定2型ペアリング逆問題から削減されたべき乗根問題に関するある分布

赤木 晶一, 野上保之

電子情報通信学会、信学技報、ISEC研究会  2014

More details

Event date： 2014.3

Language：Japanese   Presentation type：Oral presentation (general)

• 電源線から侵入した外乱に起因するクロックグリッチによる FPGA 誤動作事例

五百旗頭 健吾、前島 一仁、渡辺 哲史、籠谷 裕人、野上 保之、林 優一、豊田 啓孝

エレクトロニクス実装学会  2014

More details

Event date： 2014.3

Language：Japanese   Presentation type：Oral presentation (general)

• Doubly Safe Primeを法とする素体上のロジスティック写像による生成系列の平均周期

宮崎 武, 荒木 俊輔, 上原 聡, 野上 保之

SCIS2014  2014

More details

Event date： 2014.1

Language：Japanese   Presentation type：Oral presentation (general)

• BN曲線上のECDLPに対するRho法のDNSを用いた衝突検出の性能評価

三好 俊介,山井 成良,野上 保之

SCIS2014  2014

More details

Event date： 2014.1

Language：Japanese   Presentation type：Oral presentation (general)

• CUDAを用いた多倍長循環ベクトル乗算アルゴリズムの並列化実装

原村知志、籠谷裕人、野上保之、杉山裕二

IEICE コンピュータシステム研究会  2014

More details

Event date： 2014.1

Language：Japanese   Presentation type：Oral presentation (general)

• AES回路の等価電流源に基づくハミング距離漏えいモデルの検討

前島 一仁、五百旗頭 健吾、籠谷 裕人、野上 保之、渡辺 哲史、豊田 啓孝

SCIS2014  2014

More details

Event date： 2014.1

Language：Japanese   Presentation type：Oral presentation (general)

• 拡大体における巡回ベクトル乗算アルゴリズムとその部分体への効率的な適用

高橋龍介、野上保之,

AC2013  2013

More details

Event date： 2013.12

Language：Japanese   Presentation type：Oral presentation (general)

• 多値M系列からの変換で得られる2値系列に対する考察

多田 和紀,野上 保之,上原 聡,

第36回情報理論とその応用シンポジウム（SITA2013）  2013

More details

Event date： 2013.11

Language：Japanese   Presentation type：Oral presentation (general)

• 楕円曲線暗号におけるDNSを用いた衝突判定

三好 俊介, 野上 保之, 山井 成良,

第36回情報理論とその応用シンポジウム  2013

More details

Event date： 2013.11

Language：Japanese   Presentation type：Oral presentation (general)

• 71 ビット程度までの素数のBN曲線におけるG1上のrho法型の衝突攻撃の効率的な実装

日下卓也,河野祐輝,野上保之,

SITA2013  2013

More details

Event date： 2013.11

Language：Japanese   Presentation type：Oral presentation (general)

• 随伴有理点を考慮したランダムウォーク法の提案

河野 祐輝, 野上 保之, 日下 卓也,

第36回情報理論とその応用シンポジウム（SITA2013）  2013

More details

Event date： 2013.11

Language：Japanese   Presentation type：Oral presentation (general)

• ペアリング暗号に対する攻撃

野上保之,

シャノン理論ワークショップ  2013

More details

Event date： 2013.10

Language：Japanese   Presentation type：Oral presentation (general)

• 高度な認証を実現する並列代数計算アルゴリズムのLSI実装およびサイドチャネル攻撃に対する安全設計手法の研究開発

野上 保之,有井 智紀,高橋 龍介,

コンピュータセキュリティシンポジウム 2013  2013

More details

Event date： 2013.10

Language：Japanese   Presentation type：Oral presentation (general)

• Safe Primeを法とした素体上のロジスティック写像による生成系列に関する一考察

宮崎 武, 荒木 俊輔, 上原 聡, 野上 保之,

応用数理学会2013  2013

More details

Event date： 2013.9

Language：Japanese   Presentation type：Oral presentation (general)

• クラウド時代を担う安全・安心なICT機器の設計手法

野上保之,五百旗頭健吾,

イノベーション・ジャパン2013  2013

More details

Event date： 2013.5

Language：Japanese   Presentation type：Poster presentation

• Legendre シンボルおよび奇標数体上の原始多項式を用いたある二値系列の生成

Yasuyuki NOGAMI, Satoshi UEHARA, and Kazuki TADA,

電子情報通信学会、信学技報、IT研究会  2013

More details

Event date： 2013.5

Language：Japanese   Presentation type：Oral presentation (general)

• BN曲線を用いた場合のペアリング逆問題に対する一考察

Yasuyuki NOGAMI, Yuki KONO, and Shoichi AKAGI,

電子情報通信学会、信学技報、ISEC研究会  2013

More details

Event date： 2013.1

Language：Japanese   Presentation type：Oral presentation (general)

• BN曲線を用いたペアリングのiPhone実装

森 佑樹, 赤木 晶一, 根角 健太, 野上 保之,

第30回 暗号と情報セキュリティシンポジウム  2013

More details

Event date： 2013.1

Language：Japanese   Presentation type：Oral presentation (general)

• Barreto-Naehrig 曲線適用時の G3 を攻撃対象とした Pollard の Rho 法に対して効率の良いものぐさランダムウォーク

根角 健太,高井 悠輔,森 佑樹,野上 保之

情報理論とその応用シンポジウム2012

More details

Event date： 2012.12

Language：Japanese   Presentation type：Oral presentation (general)

• 奇標数上のある原始多項式を用いた2値系列の生成

多田 和紀,高井 悠輔,野上 保之,上原 聡

情報理論とその応用シンポジウム2012

More details

Event date： 2012.12

Language：Japanese   Presentation type：Oral presentation (general)

• Barreto-Neahrig曲線適用時のG2を攻撃対象としたPollardのRho法に対する効率の良い代表元決定法

河野 祐輝,有井 智紀,根角 健太,野上 保之

情報理論とその応用シンポジウム2012

More details

Event date： 2012.12

Language：Japanese   Presentation type：Oral presentation (general)

• OEF を用いた Barreto--Naehrig 曲線上での Xate ペアリング実装

赤木 晶一,森 佑樹,根角 健太,野上 保之

情報理論とその応用シンポジウム2012

More details

Event date： 2012.12

Language：Japanese   Presentation type：Oral presentation (general)

• 最近の暗号技術とその実装手法

野上 保之

情報セキュリティセミナー

More details

Event date： 2012.11.14

Language：Japanese   Presentation type：Oral presentation (general)

• ツイスト曲線上の有理点に対する有理点ノルムの性質とRho法への応用

有井 智紀,根角 健太,野上 保之

コンピュータセキュリティシンポジウム2012

More details

Event date： 2012.10

Language：Japanese   Presentation type：Oral presentation (general)

• 拡大体上乗算アルゴリズムCVMAのFPGA実装とハードウェア設計法

野上 保之,高橋 龍介

コンピュータセキュリティシンポジウム2012

More details

Event date： 2012.10

Language：Japanese   Presentation type：Poster presentation

• BN曲線におけるG2上のρ法に関する効率的な代表元決定法

河野 祐輝,根角 健太,森 佑樹,有井 智紀,野上 保之

IEICE IT

More details

Event date： 2012.7.19

Language：Japanese   Presentation type：Oral presentation (general)

• 奇標数素体上の2^i次原始多項式を構成するための一手法

野上 保之、高井 悠輔、小林 茂樹、杉村 立夫、上原 聡

IEICE ISEC

More details

Event date： 2012.5.18

Language：Japanese   Presentation type：Oral presentation (general)

• オープンソースソフトウェア利用マニュアル管理システムの開発と大学院演習への適用

村上幸一(香川高専)、李 田財、舩曵信生、野上保之

IEICE ET

More details

Event date： 2012.3.10

Language：Japanese   Presentation type：Oral presentation (general)

• BN曲線を用いたペアリングのNTLによるiPhone実装 International conference

森佑樹、根角健太、野上保之

暗号と情報セキュリティシンポジウム2012

More details

Event date： 2012.1.30

Language：Japanese   Presentation type：Oral presentation (general)

• F_{(2^4)^2}上の逆元計算を用いたAES用SubBytes変換回路の小型化 International conference

根角 健太,森岡 恵理,野上 保之

暗号と情報セキュリティシンポジウム2012

More details

Event date： 2012.1.30

Language：Japanese   Presentation type：Oral presentation (general)

• Barreto-Naehrig曲線上のある特殊な巡回群に対するFrobenius写像を用いたRho法による攻撃の実装評価

森 佑樹, 角力 大地, 野上 保之, 松嶋 智子, 上原 聡

第34回情報理論とその応用シンポジウム

More details

Event date： 2011.12.1 - 2011.12.3

Language：Japanese   Presentation type：Oral presentation (general)

• ガウス周期正規基底を用いた循環ベクトル乗算アルゴリズムの省メモリ実装

高橋 龍介,高井 悠輔,根角 健太,野上 保之,籠谷 裕人,成田 隆

第34回情報理論とその応用シンポジウム

More details

Event date： 2011.12.1 - 2011.12.3

Language：Japanese   Presentation type：Oral presentation (general)

• 奇標数素体上の2 のべき乗次原始多項式の生成法

高井 悠輔,野上 保之,小林 茂樹,杉村 立夫,上原 聡

第34回情報理論とその応用シンポジウム

More details

Event date： 2011.12.1 - 2011.12.3

Language：Japanese   Presentation type：Oral presentation (general)

• BW曲線上のある特殊なねじれ群の有理点のノルムに関する一性質

有井 智紀, 角力 大地, 野上 保之, 松嶋 智子, 上原 聡

第34回情報理論とその応用シンポジウム

More details

Event date： 2011.12.1 - 2011.12.3

Language：Japanese   Presentation type：Oral presentation (general)